Privacy Policy

Last updated: 13 June 2026

How Lorikeet collects, uses and protects personal information, student information and account data.

This policy is written for Lorikeet's current Australian beta/early paid launch. It is not legal advice. Schools or organisations with procurement requirements can contact [email protected].

Summary

Lorikeet helps teachers, homeschool parents and education professionals create classroom-ready resources using AI. To provide the service, we collect account, usage, support, payment and content information. Some tools may involve student information if a user chooses to enter it. Users should only enter student personal or sensitive information where they have authority to do so.

What we collect How we use it Student information Service providers Overseas processing Access, correction and deletion

1. What we collect

Account information: name, email address, login identifiers and authentication/session information.
Subscription and billing information: plan, subscription status, Stripe customer identifiers and payment records. Full card details are handled by Stripe, not stored by Lorikeet.
Content information: prompts, generated teaching resources, saved lessons, uploaded or pasted text, feedback and edits.
Optional student information entered by users: student names, report comments, support needs, IEP goals, social story scenarios, behaviour or learning notes.
Usage and technical information: pages used, tools used, generation counts, browser/device information, IP address, logs, errors and security events.
Support information: emails, messages and any information you send when asking for help.

2. How we use information

Provide the app, generate resources and save/export user content.
Create and manage accounts, sessions, billing, usage limits and subscriptions.
Improve reliability, security, abuse prevention and customer support.
Understand which features are useful and improve Lorikeet.
Comply with legal, tax, accounting, payment and security obligations.

3. Student information and sensitive information

Lorikeet is intended for teachers, homeschool parents and education professionals, not for unsupervised direct use by children. Some tools, including Report Writer, Support Profile, Social Story and IEP Goal Generator, may process student-related information if a user enters it.

Only enter student personal or sensitive information where you have authority from your school, organisation, parent/guardian or applicable law/policy.
Use initials, pseudonyms or general descriptions where full names are not necessary.
Do not enter child protection, safeguarding, medical, psychological or highly sensitive information unless it is necessary and authorised.
AI-generated outputs must be reviewed by a qualified adult before use with students or families.

4. Service providers and subprocessors

We use trusted service providers to operate Lorikeet. These may include:

Netlify for hosting and serverless functions.
Supabase for authentication, database and user profiles.
Stripe for checkout, subscriptions, invoices and payment processing.
OpenAI, OpenRouter or similar AI model providers to generate content from prompts.
Email, support, analytics or monitoring providers if enabled.

We do not sell student personal information.

5. AI model training

Lorikeet's current policy is not to use customer prompts, generated content or student information to train Lorikeet-owned models without clear opt-in consent. Third-party AI providers may process prompts to provide the requested output under their API terms and data handling settings. We aim to use API configurations that do not use customer data to train public models where available.

6. Overseas storage and processing

Cloud, payment and AI providers may store or process information outside Australia, including in the United States, European Union or other regions. By using Lorikeet, you understand that information may be processed by these providers where needed to deliver the service.

7. Security and retention

We use reasonable technical and organisational measures to protect information, including HTTPS, hosted authentication, role-based access controls and limited access to production systems. No online service is completely risk-free. We keep information only for as long as needed to provide the service, meet legal obligations, resolve disputes, enforce agreements and maintain security.

8. Access, correction and deletion

You can request access to, correction of or deletion of your information by emailing [email protected]. We may need to verify your identity and may need to retain certain records for legal, security, accounting or dispute reasons.

9. Privacy complaints

Email [email protected] with the subject “Privacy complaint”. We will investigate and respond as soon as practicable. If Australian privacy law applies and you are not satisfied with our response, you may be able to contact the Office of the Australian Information Commissioner.

10. Changes

We may update this policy as Lorikeet changes. The latest version will always be posted on this page.