COA - Commitment of Academia is a student workspace for organizing school work and study activity. This policy explains what data COA requests, why it is requested, how it is used, and how COA protects user information, including Google user data.
COA stores the account and workspace data needed to run the app, including username, display name, school name, password hash, profile fields, homework, reminders, notes, flashcards, schedules, grades, budget entries, public posts, friend requests, private messages, reports, moderation records, and locally saved synced item copies.
Google connection is optional. COA requests Google data only after a user chooses to connect Google and approves the OAuth consent screen. COA uses Google data for the following purposes:
COA uses user data to authenticate accounts, save student workspace content, display assignments and events, support social study features, deliver private messages between accepted friends, handle safety reports, and operate moderation tools. COA uses Google user data only to provide the user-facing features that the user requested by connecting Google.
Security procedures are in place to protect the confidentiality, integrity, and availability of user data, including Google user data. COA applies the following data protection mechanisms:
COA's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. COA does not use Google user data for advertising, does not sell Google user data, and does not allow humans to read Google user data except when necessary for security, legal compliance, abuse investigation, or user-requested support.
COA does not sell user data. User data is not shared with advertisers. Google user data is not shared with third parties except when necessary to provide the requested COA feature, comply with law, protect against abuse or security threats, or respond to a user-requested support issue. User-created public posts and basic public profile details may be visible to other COA users. Private messages are visible only to the message participants and to authorized moderation workflows when needed for safety reports or abuse review.
Workspace data remains stored while the account is active. Private chat history remains saved to the user's account unless removed by the user or moderation workflow. Locally saved Google sync copies may remain in the user's COA workspace so assignments, events, and message metadata can be displayed in the dashboard. Users can disconnect Google access from their Google Account permissions page and can stop using Google sync at any time.
COA stores passwords as salted hashes, uses session tokens for signed-in app access, and is intended to run over HTTPS in production. We use encryption in transit to protect information sent between the user, COA, and Google APIs. Users should avoid adding sensitive personal, financial, health, or identity information to homework notes, posts, chats, or profile fields unless it is necessary for their own school organization.
The public homepage should be hosted at https://commitmentofacademia.com. This privacy policy should be hosted at https://commitmentofacademia.com/privacy, is available without logging in, and should match the privacy-policy URL configured on the OAuth consent screen.