Extras — Security, Privacy, Standards
The Standards We Hold Ourselves To
Running an ESL platform means handling student data responsibly and being honest about where AI sits in the workflow. A few concrete commitments.
Tutor approval architecture
Every AI-drafted artefact in Mission English is reviewed and approved by the tutor before any student-facing use, but the type of approval depends on the artefact:
- Student profile creation: the tutor confirms a transparency consent that is recorded as a separate database row (PENDING → CONFIRMED) before the profile is saved.
- Trial lessons, courses, regular lessons: the tutor explicitly clicks Save on the preview screen. The lesson record persists who-and-when audit columns (tutor identity + timestamp) for accountability.
- Lesson notes & homework: the tutor explicitly clicks Finalize. That click flips the content's status from
drafttofinalized— and that flip is the gate that makes the content visible to the student. Until finalize, the student sees nothing.
Privacy and PII
- PII anonymization. Before any text reaches an LLM, names are anonymized to a "Student" placeholder via Microsoft Presidio plus organization and location deny-lists. Our AI never sees actual student identifiers.
- LGPD posture. We operate under Brazil's ATPP bucket (Res. 2/2022). Public contact for data-subject-rights requests goes through our Canal de Privacidade — not a "DPO"/"Encarregado" label we cannot legally claim. Every consent acceptance is versioned and audit-logged.
AI transparency
AI in Mission English is labeled support material, per ANPD guidance. Final pedagogical decisions always sit with you, the tutor. Regular lessons additionally carry a per-pipeline-run technical audit record that tracks the multi-agent generation, separate from the legal consent layer above.
AI in Mission English drafts; tutors approve. The tutor is the author of record for every lesson the student receives.