Data Security

We are unique and pride ourselves in the fact that our apps do not collect any student data at all, ever. Please see our current Terms of Service and Privacy Policy for reference.

GradeTransferer was developed from the ground-up to work such that student data can remain locally on the user's computer, or in an already school-approved secure environment (such as their G Suite for Education or district Google Chrome account). The GradeTransferer extension has access to data on the page where it is activated (by clicking the user interface icon). Data falls into the following two categories:

Teacher (user) Data:

We rely on OAuth2.0 security protocols handled by Google, Microsoft, and Google’s Firebase Cloud platform to handle the login and user authentication for our users. All data transmitted to and from our servers is always via modern cryptography over a secure connection using SSL/TSL. Once authenticated, we store the name, email, and usage analytics (number of data points transferred, last login, access information, etc.) at rest encrypted using AES-128-CTR in our cloud distributed system managed by Google’s Firebase Cloud platform (you may view their privacy and security measures here). We never see or handle any passwords of teachers (users), however can send password reset emails and email verification requests to accounts.

Student (grabbed) Data:

The app itself is similar to the ‘copy’ and ‘paste’ functions of the OS. Student data, once grabbed consists of “name” and “grade” for a set of students for a particular assignment. GradeTransferer can hold one set of data (one assignment) at a time. This data is stored encrypted in the authenticated user’s Chrome browser's storage compartment under the GradeTransferer extension until the data is ‘filled’ into a gradebook, at which point the storage is purged. Furthermore, for the brief time the data is in the storage compartment, it is local to the computer, so unlike bookmarks, the grabbed student data does not follow the user (teacher) to the next computer; it would need to be re-grabbed locally on the next machine if the workflow was interrupted. GradeTransferer has recently taken security even further by encrypting the student data using a unique key from our servers that is only accessible to registered users.

Student data never leaves the user’s (teacher’s) computer. It is not sent to our servers, and we never even see the data that is being transferred. GradeTransferer was designed around this critical student data security constraint to ensure ease-of-adaptation by districts.

GradeTransferer is vetted to meet or exceed Google’s strict data privacy standards for extensions and is therefore available in the Google Chrome Web Store here. Any use of information received from Google APIs utilized adheres to the Chrome Web Store User Data Policy, including the Limited Use requirements.

If your district requires further information or needs a separate DPA signed (or would like to piggy-back on an already existing DPA using an Exhibit-E) please reach out using this form and select "Legal / Privacy paperwork" as the "Category".


We are FERPA, COPPA, CIRPA, NYS Ed Law 2-d, and SOPPA compliant. Our service does not collect any student data (this is a fundamental cornerstone of our service and will not change).

We also have several additional DPAs with districts as well as several Exhibit-E's signed in various states. If your BOE requires additional/custom privacy declarations in addition to what's above, please contact us.

Hundreds of schools and districts nationwide use GradeTransferer to give their teachers time to do what they're actually hired to do – teach! Join them and help your teachers be more productive today.