Last updated: 22 April 2026
ProofReady is an AI-powered formative feedback tool for NSW secondary school assessment drafts. This policy explains what information we collect, how we use and store it, who can access it, and the choices you have. We handle personal information in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).
Because ProofReady is used by students — including students under 18 — this policy gives particular attention to the handling of minors' data and the role of schools as the authorising body.
ProofReady is operated by the ProofReady team (the "we", "us", or "our" referred to in this policy). For any privacy question, data request, or concern, contact help@proofready.app.
| Category | Examples | Why we collect it |
|---|---|---|
| Account information | Name, email address, role (student or teacher), hashed password | To create your account, authenticate you, and keep submissions tied to the right user |
| Task information (teachers) | Task titles, question text, marking criteria, teacher notes, task codes | To deliver tasks to students and provide context to the feedback engine |
| Submission content (students) | The text of the draft response you submit | To generate formative feedback and allow you and your teacher to review earlier drafts |
| Generated feedback | AI-generated feedback, inline annotations, criteria commentary | To display feedback to you and persist it for later review |
| Technical information | IP address, browser type, timestamps of requests, error logs | Security, abuse prevention, and diagnosing problems |
We do not intentionally collect sensitive information as defined by the Privacy Act (such as health, racial or ethnic origin, or sexual orientation). Please do not include sensitive information about yourself or others in your drafts beyond what the academic task strictly requires.
We do not use your information for advertising and we do not sell your personal information to any third party.
Where ProofReady is used in a school setting, the school is the body that authorises student use and is the entity that determines (in consultation with parents or guardians where appropriate) whether student accounts should be created. By using ProofReady under a school's authorisation:
Drafts and task context are sent to an AI model (provided by Anthropic) to generate feedback. Specifically:
Tasks where students don't see AI feedback. Teachers can set a task so that students submit once and the teacher marks it directly, without any AI feedback returned to the student. On these tasks, ProofReady still performs a short AI pass over the submission. The output is never shown to the student. It is used only to extract aggregate, anonymous patterns (e.g. recurring weaknesses across the cohort) that feed school-level analytics for teaching and leadership teams. The student's individual writing is not used to train AI models, is not shared outside the school, and is not retained beyond the school's normal data-retention settings.
We use the following providers to deliver ProofReady. Each handles only the data necessary for their role.
| Provider | Role | Location |
|---|---|---|
| Anthropic | AI feedback generation | United States |
| Supabase | Authentication and database hosting | Your project region — Australia where available |
| Vercel | Hosting and content delivery | Global edge network |
Because some sub-processors operate outside Australia, using ProofReady involves overseas disclosure of personal information within the meaning of APP 8. We take reasonable steps to ensure that these providers handle data consistently with the Australian Privacy Principles.
We take reasonable steps to protect the information we hold, including:
No internet-based system is completely secure. You should use a strong, unique password and tell us immediately at help@proofready.app if you suspect your account has been accessed without your permission.
We retain your account and assessment data for as long as your account is active. When an account is deleted (by you, by your school, or by us at the end of a pilot period) we will delete or de-identify personal information within 30 days, except where we are required by law to retain it or where a limited retention period is needed for security, abuse prevention, or dispute resolution.
Short-term operational logs (error logs, access logs) are retained for up to 90 days and then deleted or aggregated.
You can, at any time, contact help@proofready.app to:
We will respond to requests within a reasonable time (usually within 30 days). For students under 18, we may verify requests through the student's school or parent/guardian.
If you believe we have not handled your personal information properly, you can contact us first so we can try to resolve it. You may also lodge a complaint with the Office of the Australian Information Commissioner (oaic.gov.au).
We use session tokens (provided by Supabase) so that you stay logged in between page loads. We do not use third-party advertising or tracking cookies.
If a data breach that is likely to result in serious harm occurs, we will notify affected users and, where required, the Office of the Australian Information Commissioner, consistent with the Notifiable Data Breaches scheme under the Privacy Act.
We may update this Privacy Policy from time to time. Material changes will be announced on the platform. The date at the top of this page tells you when it was last revised.
For any privacy question, data access request, correction or deletion request, or complaint, email help@proofready.app.