Privacy & Data Handling
A plain-English explanation of what happens to the text you type into Your Staff Room. Written for teachers, school leadership, IT procurement officers and state education departments.
Last updated: 22 April 2026
What Your Staff Room is
Your Staff Room is an AI-assisted planning and drafting tool for Australian educators. It helps teachers draft lesson plans, term plans, report comments, behaviour support plans, learner profiles, parent communications and other professional documents. It is a thinking partner, not a student records system.
Think of it the way teachers already use ChatGPT, Google, or Notion at home — on a personal device, with pseudonyms and generic descriptors.
What happens when you click "Generate"
- The text you type into any form field is assembled into a prompt by JavaScript running in your browser.
- That prompt is sent over an encrypted HTTPS connection to a serverless function hosted on Netlify (a content delivery platform used by millions of websites).
- The function forwards the prompt to Anthropic's Claude API (Anthropic, PBC — a US-based AI safety company). Anthropic receives the request, generates a response, and returns it.
- The response is streamed back to your browser and rendered on the page.
- Once the response is shown, nothing is stored on our servers. The request and response are not written to any Your Staff Room database.
Anthropic API data handling
Your Staff Room uses the Anthropic Claude API under a commercial agreement. Under Anthropic's standard commercial API terms:
- API inputs and outputs are not used to train Anthropic's models.
- Requests are retained by Anthropic for a limited operational window (abuse detection and debugging), after which they are deleted.
- Anthropic's privacy policy is available at anthropic.com/legal/privacy and their commercial terms at anthropic.com/legal/commercial-terms.
Anthropic's infrastructure operates in US and EU regions. This is one of the reasons we ask you not to enter student data — a request containing student information would leave Australian jurisdiction.
What information you should never enter
- Real student first names, surnames, or full names
- Dates of birth or ages attached to a name
- Unique Pupil Numbers (UPN), Student Reference Numbers (SRN), or any student identifier
- Email addresses or phone numbers of students or parents
- Medical diagnoses attached to a named student
- Disciplinary incidents attached to a named student
- Family circumstances attached to a named student
- Photographs, file attachments, or documents containing any of the above
What you can enter safely
- Pseudonyms or placeholders: Student A, Noah (if not a real student), Learner 1
- Role descriptors: a Year 5 student with ADHD, an EAL/D learner in Stage 3
- Generic class context: mixed-ability Year 5 class of 24 students
- Curriculum outcome codes, syllabus references, teaching strategies
- Your own observations in general, unattributed terms
- Anything you'd say aloud in a staff meeting without naming a specific child
Automatic detection
Every form on Your Staff Room includes a client-side identifier scrubber that scans your input before it is sent anywhere. If it detects anything that looks like a name, a date of birth, or a student identifier, it pauses the request and asks you to check. This detection runs entirely in your browser — nothing leaves your machine until you confirm.
The scrubber is a safety net, not a substitute for your own care. False negatives (missed identifiers) and false positives (flagged non-identifiers) both occur. You remain responsible for the content you submit.
Teacher attestation
Every tool form asks you to tick a checkbox confirming that you have not entered student-identifying information before you can generate content. This is not a bureaucratic box-tick — it is a deliberate pause to make the privacy choice explicit.
Member accounts and saved content
If you log in as an Inner Sanctum member and choose to save a generated document to your account, that document is stored in a Memberstack-managed user profile under your email address. You can delete saved items at any time from your My Account page. Saved documents are stored encrypted at rest and are accessible only to you.
Cookies and analytics
Your Staff Room uses Google Analytics to measure anonymous page views and understand which tools are used. This is covered in our main Privacy Policy. Analytics do not receive the text you enter into tool forms.
For school leadership and IT procurement
A short summary you can paste into a procurement form:
- Vendor
- Your Staff Room — yourstaffroom.com.au — ABN 38 234 407 780 — contact: hello@yourstaffroom.com
- Data flow
- Browser → Netlify Function (HTTPS) → Anthropic Claude API (HTTPS). No data stored on Your Staff Room infrastructure beyond the active request.
- Data residency
- Netlify: global CDN with EU and US regions. Anthropic: US primary with EU availability. Therefore student-identifying data must not be entered — this tool is not an approved vendor for on-network student data in most Australian state education departments.
- Use case
- Teacher professional drafting tool, analogous to personal use of ChatGPT or Google search, on personal devices.
- Controls
- (1) Prominent on-page privacy banner, (2) client-side identifier scrubber, (3) teacher attestation checkbox on every form, (4) this page explaining the full data flow.
- Certifications
- Safer Technologies 4 Schools (ST4S) assessment is in progress. Updates will be published here and linked from the main Privacy Policy.
Questions, feedback or a data-handling concern?
Email hello@yourstaffroom.com. We respond within 2 business days. If you believe you have entered student data in error, email us immediately and we will liaise with Anthropic to request expedited purge of that specific request from their operational retention window.
This document is a companion to our formal Privacy Policy. In the event of conflict, the Privacy Policy prevails.