Privacy Policy

Privacy Policy

Effective Date: April 1, 2026  ·  Last Updated: April 1, 2026

1. Who This Policy Covers

ZeroBlue, LLC (“ZeroBlue,” “we,” “us,” or “our”) operates zeroblueai.com and provides AI literacy education, certification programs, and a community platform. This Privacy Policy describes how we collect, use, share, and protect personal information from:

  • Visitors to zeroblueai.com
  • K–12 educators and students accessing through district licenses or individual purchases
  • College and university students accessing independently or through university/professor licenses
  • Professors and higher education faculty
  • General community members participating in platform features
  • School district and university institutional contacts

2. Information We Collect

2.1 Information You Provide

  • Account registration: Name, email address, username, password, and role (educator, student, professional, community member)
  • District/institutional signup: School or organization name, job title, state, and district contact information
  • Purchases: Billing information processed by Stripe, Inc. ZeroBlue does not store full payment card data.
  • Community participation: Posts, comments, guides, prompts, and other content you submit to the platform
  • Certifications: Assessment responses, module completions, and certificate issuance records
  • Communications: Emails, support requests, and other messages you send us

2.2 Information Collected Automatically

  • Usage data: Pages visited, features used, time on platform, and navigation paths
  • Device and browser information: IP address, browser type, operating system, and referring URLs
  • Cookies and tracking technologies: See Section 5 for full details

2.3 Information from Third Parties

We may receive limited information from payment processors (Stripe) and, where applicable, from the district or institution that has licensed ZeroBlue on your behalf.

3. How We Use Your Information

3.1 To Operate the Platform. Authenticate your account, deliver course content, process payments, issue certificates, and provide community features.

3.2 To Communicate with You. Send transactional emails (receipts, certificate notices, password resets), platform updates, and, where you have opted in, marketing communications. You may opt out of marketing emails at any time.

3.3 To Improve the Platform. Analyze usage patterns, troubleshoot issues, and develop new features.

3.4 For Safety and Legal Compliance. Detect fraud, enforce our Terms of Service, respond to legal requests, and comply with applicable law.

3.5 For Institutional Reporting. Provide district administrators and university administrators with aggregated and individual progress reports for users under their license.

4. Community Platform and Public Content

4.1 Public by Default. Content you post to ZeroBlue’s community — including guides, prompts, discussion posts, and comments — is visible to other registered platform users. Do not post content you wish to remain private.

4.2 Leaderboard and Points. Your username and points total may appear on public leaderboards. You can review your privacy settings to understand what information is displayed.

4.3 Think Before You Post. Do not post sensitive personal information — including your real name (if you prefer anonymity), location, financial information, health information, or information about minors — in public community areas. ZeroBlue cannot guarantee the confidentiality of information you voluntarily make public.

4.4 Prompt Playground Inputs. Text you enter into the AI prompt playground is transmitted to third-party AI providers to generate a response. ZeroBlue does not independently store playground inputs. Do not enter sensitive personal information, confidential data, or protected health information into the prompt playground.

4.5 Account Portability and Departure. Your personal ZeroBlue account, community contributions, and earned certificates are associated with you personally, not with any employer or institution. See Terms of Service Section 9 for the complete IP and account ownership policy that applies when a professor or educator leaves an institution.

5. Cookies and Tracking Technologies

ZeroBlue uses cookies and similar technologies to keep you logged in, remember your preferences, process payments securely, and understand how the Platform is used.

5.1 What Are Cookies?

Cookies are small text files stored on your device by your browser when you visit a website. They help websites remember information about your visit so you do not have to re-enter it every time.

5.2 Cookies ZeroBlue Sets

Cookie / Technology Set by Purpose Can be disabled?
wordpress_logged_in_* WordPress Keeps you logged in to your account No — breaks login
wordpress_sec_* WordPress Security token for authenticated sessions No — breaks login
woocommerce_session_* WooCommerce Tracks your cart and checkout progress No — breaks checkout
woocommerce_items_in_cart WooCommerce Indicates whether your cart has items No — breaks checkout
bp-activity-* BuddyPress Stores community activity session state No — breaks community features
__stripe_mid, __stripe_sid Stripe, Inc. Fraud prevention and payment security No — required for payment processing
_ga, _ga_* Google Analytics 4 Anonymized usage analytics. No personal data sold. Yes — via browser settings or opt-out
wp-settings-* WordPress Stores admin UI preferences (logged-in users only) Yes — no functional impact for most users

5.3 Your Cookie Choices

You can manage or delete cookies through your browser settings:

  • Chrome: Settings → Privacy and Security → Cookies and other site data
  • Firefox: Settings → Privacy & Security → Cookies and Site Data
  • Safari: Preferences → Privacy → Manage Website Data
  • Edge: Settings → Cookies and Site Permissions
Important: Disabling essential cookies (WordPress session, WooCommerce, Stripe) will prevent you from logging in, completing purchases, or accessing your courses and certificates. Analytics cookies (Google Analytics 4) can be disabled without affecting platform functionality.

5.4 Do Not Track

Some browsers send a “Do Not Track” (DNT) signal. ZeroBlue does not currently respond to DNT signals, as there is no uniform industry standard for doing so. We will update this section if our practices change.

5.5 No Advertising Cookies

ZeroBlue does not use cookies for advertising, remarketing, or cross-site tracking. We do not share cookie data with advertising networks. ZeroBlue products are ad-free.

6. How We Share Your Information

ZeroBlue does not sell your personal information. We share information only as follows:

6.1 Service Providers. We share information with vendors who help us operate the Platform under contractual data protection obligations: Stripe, Inc. (payment processing); Google LLC (email via Google Workspace, analytics via GA4); web hosting provider (WP Engine or equivalent); email marketing platform (Kit/ConvertKit or Mailchimp); learning management system (LearnDash); and third-party AI providers (prompt playground functionality). ZeroBlue does not independently retain playground inputs; they are processed by the AI provider subject to that provider’s own privacy terms.

6.2 Institutional Administrators. If you access the Platform through a K–12 district or university site license, your enrollment status, course progress, completion records, certificate issuance, and points may be visible to your institution’s designated administrator. Institutions are responsible for their own use of this data consistent with applicable law.

6.3 Other Community Users. Your username, profile, public posts, guides, prompts, and reputation data are shared with other Platform users as part of the community features you use. See Section 4.

6.4 Legal Requirements. We may disclose personal information when required by law, court order, or governmental authority, or when we believe disclosure is necessary to protect the safety or rights of ZeroBlue, our users, or the public.

6.5 Business Transfers. In the event of a merger, acquisition, or sale of ZeroBlue or its assets, personal information may be transferred. We will notify affected users of any such change.

6.6 With Your Consent. We may share your information for any other purpose with your explicit prior consent.

7. Student Data, FERPA, University Data Handling, and COPPA

7.1 K–12 Student Data and FERPA

When ZeroBlue provides services to a K–12 district or school, we may receive and process student education records as defined by FERPA (20 U.S.C. § 1232g).

What we collect from or about K–12 students: Name, school-assigned email address, grade level or teacher designation, course enrollment and progress records, assessment responses, certificate issuance records, and platform engagement data.

How we use K–12 student data: Solely to deliver the educational services purchased by the district, generate completion records and certificates, provide district administrators with usage and progress reports, and comply with legal obligations.

What we do not do with K–12 student data: We do not sell K–12 student data. We do not use K–12 student data for targeted advertising. We do not build profiles of K–12 students for purposes beyond educational service delivery.

Retention: K–12 student data is retained for the duration of the district’s active license plus one (1) year for certificate verification. Upon written request from the district, K–12 student data will be deleted within thirty (30) days.

Data Processing Agreements: K–12 districts requiring a formal FERPA data processing agreement (DPA) should contact privacy [at] zeroblueai.com.

7.2 Higher Education Student Data — University-Specific Terms

ZeroBlue applies heightened data handling standards when serving colleges and universities under a site license, recognizing the unique privacy interests of higher education students and the FERPA obligations applicable in the university context.

What we collect from or about higher education students: Name, institutional email address, university or college affiliation, course or program enrollment, module completion and progress records, assessment responses, certificate issuance records, and platform engagement data.

FERPA in higher education: When ZeroBlue provides services to a college or university under a site license, we may receive and process student education records as defined by FERPA. In such cases, ZeroBlue acts under the direction and control of the institution. We do not disclose higher education student education records to third parties except as permitted by FERPA and the applicable institutional agreement.

What we do not do: We do not sell higher education student data. We do not use it for targeted advertising. We do not share it with third parties other than our service providers as described in Section 6.1.

Institutional administrator access: Professors and university administrators with access under a site license may view the enrollment status, course progress, completion records, and certificate issuance of students in their designated course or program. This access is limited to the scope of the institutional license.

Student directory information: ZeroBlue does not treat any student information as freely shareable “directory information” without appropriate institutional authorization.

Data Processing Agreements for Universities: Colleges and universities that require a formal FERPA DPA, data use agreement (DUA), or vendor security assessment should contact privacy [at] zeroblueai.com.

Retention: Higher education student data is retained for the duration of the university’s active license plus one (1) year. Upon written request from the institution or, where FERPA permits, from the student directly, ZeroBlue will delete applicable records within thirty (30) days.

7.3 Individual College Student Access — Privacy

College students who purchase ZeroBlue access independently (not through a university site license) are treated as individual adult users under this Privacy Policy. Their data is not shared with any institution unless the student independently provides consent or the student later enrolls in a university-licensed program.

7.4 Children Under 13 — COPPA

ZeroBlue does not knowingly collect personal information from children under 13 without verifiable parental consent, as required by COPPA (15 U.S.C. § 6501 et seq.). K–12 districts that onboard students under 13 do so under their district license agreement, which allocates COPPA compliance responsibility to the district as the school official acting in loco parentis.

If you believe ZeroBlue has collected information from a child under 13 without appropriate consent, contact us immediately at privacy [at] zeroblueai.com and we will delete such information promptly.

8. Your Rights and Choices

8.1 Access and Correction. You may access and update your account information at any time through your profile settings.

8.2 Deletion. You may request deletion of your account and personal data by contacting privacy [at] zeroblueai.com. We will process deletion requests within thirty (30) days, subject to legal retention requirements and certificate verification obligations.

8.3 Marketing Opt-Out. You may unsubscribe from marketing emails at any time using the unsubscribe link included in every marketing email. Transactional emails (receipts, certificate notices, password resets) cannot be opted out of while your account is active.

8.4 Cookie Management. See Section 5.3.

8.5 California Residents (CCPA). California residents have the right to know what personal information ZeroBlue collects, the right to request deletion, and the right not to be discriminated against for exercising these rights. ZeroBlue does not sell personal information. To exercise your rights, contact privacy [at] zeroblueai.com.

8.6 Other State Privacy Rights. Residents of states with comprehensive privacy laws (Virginia, Colorado, Connecticut, Texas, and others) may have similar rights. Contact privacy [at] zeroblueai.com to make a request.

9. Data Security

ZeroBlue implements reasonable technical, administrative, and physical safeguards to protect your personal information, including:

  • HTTPS encryption for all data in transit
  • Password hashing — passwords are never stored in plain text
  • Access controls limiting employee and contractor access to personal data
  • Reputable third-party processors (Stripe, Google, WP Engine) with their own security certifications

No method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security. In the event of a data breach that affects your personal information, we will notify you as required by applicable law.

10. Third-Party Links and Services

zeroblueai.com may contain links to third-party websites or integrate with third-party services. This Privacy Policy does not apply to those third parties. We encourage you to review the privacy policies of any third-party services you use.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated Policy at zeroblueai.com/privacy and updating the “Last Updated” date at the top of this document. For significant changes affecting student data or FERPA obligations, we will also notify registered users and institutional contacts by email. Your continued use of the Platform after the effective date of the revised Policy constitutes acceptance of the changes.

12. Contact Us

For questions, concerns, or requests regarding this Privacy Policy or your personal information, contact:

ZeroBlue, LLC
Cary, NC
privacy [at] zeroblueai.com
zeroblueai.com/privacy

We will respond to all privacy-related inquiries within fifteen (15) business days.

© 2026 ZeroBlue, LLC  ·  All rights reserved  ·  zeroblueai.com

Scroll to Top