Privacy Policy

This Privacy Policy (the “Policy”) explains how Close the Gap Foundation, a California 501(c)(3) nonprofit corporation (“CTG,” “we,” “our,” or “us”), handles information when you use Spark Poll (the “Service”).

The Service has two kinds of users, and we treat their data differently:

• Presenters create an account, build presentations, and run sessions. We need a small amount of account information from them.
• Respondents join a session by entering a 6-digit code or scanning a QR link. They do not create an account, and we do not ask them for a name, email, phone number, or government identifier.

This Policy is part of and is governed by our Terms of Use. Capitalized terms not defined here have the meaning given to them in the Terms.

From Presenters

• Email address.Required to sign in via our passwordless “magic link” flow. Stored by our authentication provider, Supabase.
• Optional display name. If you choose to set one in your profile. Otherwise we default to your email as the display name for in-product UI; you may change this at any time.
• Organization and role. A pointer to the organization your account belongs to and a role (owner, editor, presenter) that determines what you can do in the dashboard. Today, most accounts belong to a single default organization.
• Content you create. Presentations and slides you build, including titles, questions, configuration (such as choices, scale bounds, map scope), and theme metadata (such as a cover emoji and short description).
• Session metadata. When you start a session, we store the 6-digit join code, status (active, ended, expired), the current slide pointer, and timestamps for creation, start, end, and automatic expiration.

From Respondents

• An opaque per-device token.When you first join a session from a given browser, the Service generates a random identifier (a version-4 UUID) and stores it in your browser's local storage under the key sp.anon_token. The same identifier is stored in our database against your participation in that session and is used to (a) prevent duplicate submissions, (b) reconnect you to a session if you refresh the page, and (c) queue offline submissions when your network is briefly unavailable (key sp.session.<sessionId>.queue, retained for up to 5 minutes). This token is not linked to your name, email, account, or any other identifier we hold; you can clear it from your browser at any time.
• Your answers. The content of the responses you submit. The exact shape depends on the slide type:
  • Multiple choice: the option IDs you selected.
  • Word cloud: the words you entered (subject to a profanity filter the Presenter may have enabled).
  • Open-ended: the free-text answer you submitted.
  • Scales: the numeric ratings you chose for each statement.
  • Ranking: the order in which you ranked the items.
  • Pin on map: the longitude and latitude of the point you placed on the map, ora marker indicating you chose an “off-map” location. Coordinates are stored at the precision the map control returns (typically several decimal places). Where you click on the map is your choice; the Service does not derive your location from your device, browser, or IP address.
• Nickname (optional, currently not collected). Our database schema includes an optional nickname field for future use. Our current user interface does not ask Respondents for a nickname, and the field is therefore left empty for every Respondent today. We will update this Policy before changing that.

Automatically, in limited circumstances

• Hashed IP address for abuse prevention. When we enable a per-session rate limit (for example, to mitigate an active flood of spam submissions), our database may record a one-way SHA-256 hashof the first IP address in the request's forwarding header for each anonymous join or submission. These hash rows are automatically deleted on an hourly cadence and never live longer than approximately five minutes. We do not store the raw IP address in our application database, and we cannot reverse the hash to identify you.
• Session cookies for Presenters. When you sign in, our authentication provider sets cookies in your browser that keep you signed in across page loads. These cookies are necessary for the dashboard to work.
• Aggregate page-view analytics in production. When the Service is running in production (e.g. on sparkpoll.app) we use Vercel Analytics, a privacy-friendly, cookie-less analytics service operated by Vercel Inc., to count page views and measure aggregate performance (such as which pages load slowly). Vercel Analytics does not, to our knowledge, identify you personally; see Vercel's public documentation for details. We do not run Google Analytics, Meta Pixel, third-party advertising trackers, session-replay, or heatmap tools.
• Infrastructure logs from our service providers. Supabase and Vercel, in their roles as our hosting and authentication providers, generate operational logs (request metadata, error traces, IP addresses) on our behalf. We do not write IP addresses to our own application logs, but those providers may retain them according to their own published policies and our agreements with them.

We use the information described above to:

• Provide the Service. Authenticate Presenters, run sessions, deliver responses to the Presenter in real time, compute and display aggregate results, generate join codes and QR images, and remember which slides you have already submitted to.
• Keep the Service safe. Prevent abuse, duplicate-submission attacks, and floods; enforce our Acceptable Use rules; and investigate suspected violations.
• Maintain and improve the Service. Diagnose errors, measure performance, understand which features are used, and prioritize what to build next.
• Communicate with Presenters. Send transactional emails (such as your magic-link sign-in messages) and, where you have a Presenter account, occasional product or policy announcements. We do not send marketing email to Presenters without first asking and offering an easy way to opt out.
• Comply with law. Respond to lawful requests from public authorities, enforce our agreements, and protect the rights, property, or safety of CTG, our users, or others.
• Advance Close the Gap Foundation's charitable and educational mission. Use aggregate and de-identified information for educational research, program evaluation, statistical publications, and the development of free or low-cost tools for first-generation and low-income students and the educators who serve them.
• Develop, train, evaluate, and operate analytic and machine-learning features. For example, summarization of open-ended answers, profanity detection, language detection, accessible chart layouts, anti-spam, and similar features built into or on top of the Service. We use aggregate or de-identified data for this wherever possible. We do not use the content of an individually identifiable response to train a general-purpose system that produces outputs identifying you.

We do not sell your personal information for money, and we do not share it for cross-context behavioral advertising. We do not allow any third party to use information you provide to the Service to target you with advertising on our behalf or theirs.

We share information only as described below. Where a service provider acts on our behalf, it is contractually bound to handle information consistent with this Policy and applicable law.

With other participants in your session

When you submit an answer as a Respondent, that answer is delivered to the Presenter of the session and may be displayed on a shared screen. For some slide types (for example, open-ended), the Presenter can choose to make individual answers visible to everyone in the session. For others (for example, multiple choice, scales, ranking, pin on map), everyone in the session typically sees only aggregated results. We do not display the device token or any technical metadata to other participants.

With our service providers (sub-processors)

The Service is built on the following providers:

• Supabase, Inc.— managed PostgreSQL database, authentication (magic-link email delivery), realtime messaging, and related infrastructure. Supabase processes account email addresses, content, response data, session metadata, the hashed-IP rate-limit log, and operational logs.
• Vercel Inc.— application hosting, edge runtime, scheduled jobs, and aggregate page-view analytics. Vercel processes web traffic and operational logs.

These providers are responsible for the security of their own infrastructure and for handling the data we entrust to them in accordance with their published terms and our agreements with them. We do not currently use a third-party email-sending service of our own (such as SendGrid or Resend) for magic-link delivery; transactional sign-in email is sent by Supabase as part of its authentication service.

For legal reasons

We may disclose information if we believe in good faith that disclosure is reasonably necessary to (a) comply with applicable law, regulation, legal process, or governmental request; (b) enforce our Terms, including investigation of potential violations; (c) detect, prevent, or otherwise address fraud, security, or technical issues; or (d) protect against harm to the rights, property, or safety of CTG, our users, or the public.

In a corporate transaction

CTG is a nonprofit and does not anticipate a sale of the organization. However, if CTG is involved in a merger, reorganization, asset transfer, dissolution, or other change of control or ownership, we may transfer information as part of that transaction. We will require any successor to honor this Policy with respect to information collected before the transfer, or to give affected users notice and a meaningful opportunity to choose otherwise.

With your consent

We will share information for any other purpose with your consent.

As a nonprofit focused on education, learning from how the Service is used is part of how we improve it. This section explains, in one place, how we treat data for those purposes and what limits we place on ourselves.

Aggregate and de-identified information is information that does not, and cannot reasonably be used to, identify a particular individual. Examples include counts of responses per option, distributions of ratings on a scale, regional clusters of pins on a world map, totals of how many sessions used each slide type, and feature-usage telemetry. Once data has been aggregated or de-identified, we may use, retain, publish, and share it freely, including for research publications, fundraising materials, statistical reports, and product development. We commit to taking reasonable steps to ensure that aggregated and de-identified data is not re-identified and not to attempt to re-identify it.

Machine-learning features.We may use information collected through the Service to develop, train, evaluate, and run machine-learning models that power features such as open-ended-response summarization, profanity and spam detection, language detection, accessibility helpers, and similar functionality. We will rely on aggregate or de-identified data wherever possible. Where individual responses are processed by such a system, the system's output is designed to serve the session in which the response was given, not to generate content that would identify the person who submitted it.

We do not train models for third parties. We do not provide your User Content to third parties to train their own commercial machine-learning systems, and we do not sell User Content to data brokers, model trainers, or advertisers.

You can request that we exclude your account or a specific session from future training data sets by writing to info@closethegapfoundation.org. We will make reasonable efforts to honor opt-outs going forward; we cannot un-train models already produced from earlier training sets.

We use a small set of technologies in your browser. This section describes each of them and what it does.

• Authentication cookies (Presenters only). When you sign in, our authentication provider sets cookies that keep your session active. These are necessary for the dashboard to function and cannot be disabled while you are signed in.
• Local storage sp.anon_token (Respondents). A random per-device identifier described in Section 2. Used to dedupe and reconnect; cleared if you clear your browser's local storage.
• Local storage sp.session.<sessionId>.submitted (Respondents). A short list of slides you have already answered in a given session, so we do not show the input form for a slide twice.
• Local storage sp.session.<sessionId>.queue (Respondents). A short-lived buffer (up to 5 minutes) used to retry submissions if the network drops out briefly.

We do not use third-party advertising cookies, cross-site tracking pixels, session-replay scripts, or fingerprinting libraries. Aggregate analytics is provided by Vercel Analytics, which is cookie-less to our knowledge.

We retain information for as long as we need it to provide the Service and to satisfy the purposes described in this Policy, unless a longer retention period is required or permitted by law. In particular:

• Sessionsbecome inactive (status “expired”) approximately two days after they are created, which frees the 6-digit join code for reuse. The session record itself, the participant records, and the response records remain in the database after that, so that Presenters can revisit results, until you delete them or you request deletion.
• Hashed-IP rate-limit logs, when present, are pruned automatically every hour and never live longer than approximately five minutes.
• Account information (email, profile, content) is retained while your account is active and for a commercially reasonable period after deletion to allow for account recovery, billing reconciliation (where applicable), and compliance with our legal obligations.
• Backups. Aggregate database backups generated by our hosting provider may retain deleted records for a limited period before being overwritten.
• Aggregate and de-identified data generated from your use of the Service may be retained indefinitely, because it no longer identifies you.

When we delete information, we use commercially reasonable measures to ensure it is removed from active systems on a schedule that reflects the sensitivity of the data.

We design the Service with security in mind. Highlights of what we do today:

• Passwordless authentication. We do not store passwords. Presenters sign in via a one-time link sent to their email by our authentication provider.
• Row-level access controls in the database. Every table in our application database has row-level security enabled. Respondents and unauthenticated visitors cannot read or write data directly; they interact through a limited set of server-defined functions (for example, join a session by code, submit a response, fetch aggregate results) that enforce business rules and rate limits.
• Encryption in transit. Traffic between your device and the Service is protected with industry-standard TLS.
• Minimal personal data. Respondents do not create accounts. We do not collect names, emails, phone numbers, or government identifiers from Respondents.
• Operational separation. Server-only secrets (such as the service-role database key) are never bundled into client-side code; they are scoped to server-side runtimes.

No system is perfectly secure. We cannot guarantee absolute security of information you submit or that we hold, and you provide information at your own risk. If we learn of a security incident that materially affects your information, we will notify you and any applicable authorities consistent with our legal obligations.

Depending on where you live, you may have the following rights:

• Access. Request a copy of the personal information we hold about you.
• Correction. Ask us to correct inaccurate or incomplete information.
• Deletion. Ask us to delete personal information about you, subject to limitations (for example, information we need to retain for legal or security reasons).
• Portability. Ask for a copy of certain information in a portable format.
• Objection / restriction. Object to or ask us to restrict certain processing, including by asking us to exclude your data from machine-learning training sets going forward as described in Section 5.
• Withdrawal of consent. Where we rely on consent to process information, withdraw that consent at any time without affecting the lawfulness of earlier processing.
• Complaint. Lodge a complaint with a data protection authority where you live.

To exercise any of these rights, email us at info@closethegapfoundation.org. We may need to verify your identity before acting on a request. We will respond within the time frame required by applicable law.

For Respondents:because we do not have a name or email tied to your participation, the most straightforward ways to exercise your rights are (a) to clear your browser's local storage to remove the per-device token from your device, and (b) to ask the Presenter of the session you participated in to delete that session's responses. You may also contact us directly with enough detail (such as the session join code, approximate time of participation, and the slide question) for us to locate the relevant records.

Spark Poll is designed to support classrooms, clubs, and mentorship programs, including those that serve students under 18.

Children under 13.The Service is not directed to children under 13 for the purpose of creating an account. Presenter accounts are intended for educators, mentors, club leaders, and other adults (or for students 13 and older with appropriate parental or institutional supervision). Children under 13 may participate as Respondents in a session run by an adult Presenter, but only where the Presenter and their school or organization have obtained any required parental consent and provided required notices under applicable law (such as the Children's Online Privacy Protection Act in the United States).

To support educational use, the Service is designed so that Respondent participation does not require the collection of personally identifiable student information: there is no Respondent account, no name field in our user interface, no email field, no demographic questions, and no advertising. The opaque per-device token described in Section 2 is used only for deduplication and reconnection within the Service and is not combined with information about you outside the Service.

Schools and educational institutions. When a school, district, or other educational institution uses Spark Poll with students, the institution is responsible for compliance with the Family Educational Rights and Privacy Act (FERPA), state student-privacy laws, and equivalent obligations in other jurisdictions. CTG acts as a service provider to the institution with respect to any student data and uses such data only to provide and improve the Service in accordance with this Policy and the Terms.

If you believe a child under 13 has provided us with personal information without proper parental consent, please contact us at info@closethegapfoundation.org and we will take appropriate steps to delete the information.

This Section provides additional disclosures for residents of U.S. states with comprehensive privacy laws, including California (under the California Consumer Privacy Act and California Privacy Rights Act, collectively the “CCPA”), Colorado, Connecticut, Texas, Virginia, and similar states.

Categories of personal information we collect. The categories described in Section 2 correspond to the following CCPA categories: identifiers (account email, hashed IP for abuse prevention, per-device token), commercial information (none collected from Respondents; account/usage information for Presenters), internet or other network activity (operational logs handled by our service providers), geolocation (only the pin coordinates a Respondent chooses to place on a map), professional or employment-related information (only if a Presenter voluntarily provides it as part of their organization name or display name), and inferences (only those derived from aggregate use of the Service to improve it).

Sources. We collect this information directly from you when you sign in, build content, run a session, or submit a response; from your device automatically as described above; and from our service providers in the course of operating the Service.

Sale and sharing. We do not sell personal information for monetary or other valuable consideration, and we do not share personal information for cross-context behavioral advertising as those terms are defined under the CCPA. We do not knowingly sell or share personal information of minors under 16.

Your rights. California and similar-state residents have the rights described in Section 9, including the right to know, correct, delete, and opt out of any sale or share. Submit requests to info@closethegapfoundation.org. We do not discriminate against you for exercising your rights. You may designate an authorized agent to make a request on your behalf; we may require reasonable verification that the agent has been authorized.

Shine the Light (California Civil Code § 1798.83). We do not disclose personal information to third parties for their own direct-marketing purposes.

CTG is based in the United States, and the Service's infrastructure is provided by U.S.-headquartered companies (Supabase and Vercel). If you access the Service from outside the United States, you understand that your information will be transferred to, stored, and processed in the United States and other countries where our service providers operate. The data-protection laws of those countries may differ from the laws of your home jurisdiction.

Where required by law (for example, the European Economic Area, the United Kingdom, or Switzerland), we rely on appropriate transfer mechanisms (such as the European Commission's Standard Contractual Clauses) implemented through our agreements with our service providers, and we take additional measures consistent with applicable guidance.

Some browsers offer a “Do Not Track” (DNT) signal. There is no industry consensus on how to interpret DNT, and the Service therefore does not respond differently to it. We do, however, honor the Global Privacy Control (GPC) signal as an opt-out request under U.S. state privacy laws where applicable. Because we do not sell or share personal information for cross-context behavioral advertising in the first place, this signal does not change our practices in practice.

We may update this Policy from time to time. When we make material changes, we will revise the “Last updated” date at the top and, where appropriate, provide additional notice (for example, an in-product banner or an email to registered Presenters). Your continued use of the Service after the updated Policy takes effect constitutes acceptance of the updated Policy.

For privacy questions, complaints, or requests, please email info@closethegapfoundation.orgwith the subject line “Privacy Request — Spark Poll.”

Close the Gap Foundation
Attn: Spark Poll Privacy
Email: info@closethegapfoundation.org