AI Data Privacy Statement

Lessi AI is dedicated to responsibly developing and deploying AI-powered educational tools that respect user privacy, promote ethical outcomes, and remain transparent and accountable. By leveraging Microsoft Azure AI services and aligning with Microsoft's Responsible AI Principles, we ensure fairness, reliability, security, inclusiveness, transparency, and accountability, all while fully complying with the Family Educational Rights and Privacy Act (FERPA) and other applicable legal requirements.

Foundational Models

We host pretrained foundation models operated within Microsoft's Azure AI Foundry environment. While such models may originate from third-party providers (OpenAI, Hugging Face, Meta, etc.), all processing occurs within Microsoft's secure Azure infrastructure.

AI Inference Data Use & Retention

Student and teacher interaction data provided to AI-enabled features is processed solely to generate requested outputs and is not used to train, fine-tune, or improve any large language model. Prompts and responses are processed in real time and are not retained or repurposed beyond the requested interaction.

Data Isolation & Control

Customer data processed through Lessi's platform remains within Lessi's Azure environment, and each customer's data is stored separately from that of other customers. Microsoft's Azure OpenAI Service does not share customer content with external model providers, and data is processed in a manner designed to prevent unauthorized access, cross-customer use, or secondary use beyond the requested service. All data is processed within the United States.

Encryption & Security Controls

Lessi encrypts all data both in transit (TLS/SSL) and at rest (AES-256). Keys are managed in Azure Key Vault, and network isolation is enforced via Azure Private Link. Lessi AI's access is governed by Azure Active Directory and role-based access control (RBAC).

Auditability & Traceability

Azure Monitor and built-in audit logs capture every access and modification event. Detailed traceability ensures accountability in data processing and supports FERPA's right to review and amend records.

Data Retention & Deletion

Lessi retains customer and student data only as necessary to provide its AI-powered educational tools and to comply with applicable legal or contractual requirements. Lessi supports customer-directed deletion or return of such data in accordance with applicable law and agreement terms.

Upon receipt of a request for deletion, Lessi will respond within ten (10) business days to confirm receipt of the request and, where applicable, provide information regarding the scope and timing of the deletion. If Lessi is unable to fulfill a deletion request in whole or in part due to legal requirements, technical limitations, or data retention obligations, Lessi will notify the requesting party of the reason and, where feasible, the anticipated timeline for completion or alternative disposition consistent with applicable law.

We follow Microsoft's Responsible AI Standard to guide our design, development, and deployment practices.

Fairness

Lessi recognizes the risk of bias in AI-enabled systems and implements safeguards designed to mitigate such risks, including the use of Azure AI's fairness assessment tools to detect and mitigate bias in training data and AI outputs. AI-generated outputs are intended to support educators and administrators, who remain responsible for reviewing, validating, and applying outputs in appropriate educational contexts.

Datasets are continually refined to represent diverse student populations and learning styles. Any refinement of models or supporting datasets is performed using publicly available, synthetic, or vendor-generated data and does not involve the use of customer-provided data.

Educators and domain experts review AI-generated recommendations to support equitable application.

Reliability & Safety

• Automated testing, continuous monitoring, and validation processes ensure high availability and correct behavior.
• Human oversight is applied to high-impact decisions, giving educators final control.
• Threat detection and cybersecurity protocols protect against malicious actions and unintended AI behaviors.

Privacy & Security

• Data Minimization: We collect only essential data and anonymize PII wherever possible.
• Encryption: All data is encrypted in transit and at rest; keys stored in Azure Key Vault.
• Access Controls: Strict RBAC policies limit data access to authorized personnel and access is audited to validate the same.
• Compliance: Lessi complies with the Family Educational Rights and Privacy Act (FERPA) and other laws and regulations governing student data privacy and government data practices, to the extent such requirements apply to Lessi by law or by contract as a service provider to educational institutions.
• Incident Response: We maintain a formal plan to detect, investigate, and remediate security incidents.

Inclusiveness

• AI-powered accessibility features support users with impairments.
• Compliance with WCAG 2.1 ensures an equitable digital learning experience.
• Collaboration with educators tailors recommendations for neurodiverse and special-needs learners.

Transparency

• We provide clear explanations of how AI recommendations are generated.
• Decision-making processes and limitations are documented and accessible to stakeholders.
• Audit logs and reports are available for review by educators and administrators.

Accountability

• Routine audits verify adherence to responsible AI and FERPA requirements.
• User feedback channels allow reporting of AI concerns or unexpected behaviors.
• Escalation procedures ensure timely investigation and resolution of issues.
• All staff receive training on AI ethics, bias mitigation, and data privacy protocols.

Lessi AI integrates Microsoft Responsible AI Principles with rigorous FERPA compliance to deliver a safe, fair, and transparent AI platform for educators. We never use student data for model training, all operations occur within Azure's secure environment, and robust controls ensure privacy, security, and accountability. For more information, please contact our compliance team or review Microsoft's documentation on Azure AI and data privacy.

• Azure OpenAI Data Privacy Policy
• Content Filter
• Default Safety Policies