Trust

Plain answers before you trust Greta with the details.

Last updated: July 15, 2026

Greta is a personal teacher tool. This page gathers the controls and provider commitments that support that promise, with a date and source for each pass-through claim.

What Greta commits to today

Security controls

Service providers

These providers help Greta operate features a teacher requests. Optional connectors and text messaging are not required for core use. Provider claims are attributed and dated; the source links open their documentation.

Anthropic

Purpose: Claude drafts and other language-model features

Data touched: Teacher-provided notes, memos, and the minimum context needed for the requested draft

Provider note: Per Anthropic's commercial documentation, as of 2026-07-15, API inputs and outputs are not used to train models by default.

Verified 2026-07-15 · Source

OpenAI

Purpose: Whisper transcription and text embeddings for search

Data touched: Voice recordings for transcription and the text needed to create search embeddings

Provider note: Per OpenAI's API data-controls documentation, as of 2026-07-15, API inputs and outputs are not used to train models by default; default abuse-monitoring logs may be retained for up to 30 days.

Verified 2026-07-15 · Source

Convex

Purpose: Database, file storage, and backend functions

Data touched: Teacher account data, notes, records, drafts, and files stored for the teacher

Provider note: Convex is an infrastructure provider; encryption and storage controls are attributed to the provider rather than presented as a Greta-operated facility.

Verified 2026-07-15 · Source

Vercel

Purpose: Web application hosting and delivery

Data touched: Requests needed to serve the Greta web application

Provider note: Vercel hosts and delivers the web application; infrastructure encryption is attributed to Greta's infrastructure providers.

Verified 2026-07-15 · Source

Twilio and participating mobile carriers

Purpose: Optional SMS/MMS capture, verification, and compliance messages

Data touched: Verified teacher phone number, message text, images, delivery metadata, and consent signals

Provider note: SMS/MMS content and phone numbers pass through Twilio and downstream carriers; carrier retention, inspection, and jurisdictional handling are outside Greta's control.

Verified 2026-07-15 · Source

Composio

Purpose: Optional Gmail, Calendar, Drive, Outlook, and OneDrive connector actions

Data touched: Only the connector context and permissions needed for the action a teacher requests

Provider note: Connector data passes through Composio only when a teacher connects a service and requests that action; Greta does not require connectors for core use.

Verified 2026-07-15 · Source

Postmark

Purpose: Inbound email capture

Data touched: Inbound message metadata and message content sent to a teacher's Greta capture address

Provider note: Postmark receives inbound email needed for the capture path; Greta records provider authentication results and avoids putting raw message bodies in application logs.

Verified 2026-07-15 · Source

Sentry

Purpose: Error tracking and performance monitoring

Data touched: Scrubbed error metadata, stack traces, and performance measurements

Provider note: Greta scrubs classroom content before Sentry receives error events.

Verified 2026-07-15 · Source

PostHog

Purpose: Privacy-conservative product analytics

Data touched: Allowlisted operational fields such as source, surface, status, counts, booleans, and latency

Provider note: Greta sends only allowlisted operational fields; autocapture and session replay are off.

Verified 2026-07-15 · Source

What Greta does not have yet

Greta is not currently SOC 2 certified and does not hold district-specific NDPA or DPA agreements. Those are future work if Greta begins pursuing school-purchased deals. Greta does not publish an AFT-alignment claim while the reference standard is unpublished.

Greta also does not publish a breach-notification or subprocessor-change time promise yet. Those commitments wait for a written notification runbook and a monitored channel that can actually deliver them.

For the exact language on teacher-kept observational notes and the FERPA posture, read the FERPA page. For administrator-facing categories and retention, read the Data Processing Summary.

Contact

Trust and privacy questions: privacy@teachgreta.com. General questions: hello@teachgreta.com.