Bellplan

Data Processing Addendum

Effective: April 27, 2026· Last updated: April 27, 2026

This Data Processing Addendum (“DPA”) supplements the Bellplan Terms of Service and applies whenever Bellplan, Inc. (“Bellplan,” “we,” or “us”) processes personal data on behalf of a school or district (“Customer”). It describes our role as a service provider / processor, the safeguards we maintain, and the rights and obligations of each party.

1. Roles

For purposes of applicable data-protection law (including the FTC Act, state student-privacy laws, and the EU GDPR / UK GDPR where they apply by extension), the Customer is the controller and Bellplan is the processor. We process Customer data only on documented instructions from the Customer, which the Terms of Service and this DPA constitute.

2. Scope of processing

Bellplan processes the following categories of data:

  • School operational data: school name and address, academic-calendar dates, departments, internal channels, settings.
  • Staff identity data: name, work email, role, hire dates, profile photo (if provided).
  • Operational content created by staff: tasks, events, comments, notification preferences, attachments.
  • Authentication metadata: IP address, user-agent, sign-in timestamps.

Bellplan does not process student personally identifiable information, FERPA-covered education records, or COPPA-covered data. Customer agrees not to upload such data and to promptly notify Bellplan if any is uploaded inadvertently so we can purge it.

3. Subprocessors

Bellplan engages the following subprocessors to deliver the service. Each is contractually bound to data-protection terms equivalent to this DPA and processes data only on Bellplan’s documented instructions.

  • Supabase— database, authentication, file storage. Region: United States (East).
  • Vercel— web hosting and edge delivery. Region: global edge with primary in United States.
  • Resend— transactional email delivery for task assignments, kickoff reminders, and overdue alerts.
  • Stripe— subscription billing and customer portal. Stripe processes only billing-contact data and payment method tokens; it does not access school operational data.
  • Sentry— error reporting. Sentry receives stack traces and request metadata when an error occurs; PII in error reports is filtered before send.
  • PostHog— product analytics on a hashed user identifier. No raw email or name is sent.

We will provide thirty (30) days’ notice before adding or materially changing the subprocessor list. School administrators may object via the contact below; objection rights and dispute resolution follow the Terms of Service.

4. Security measures

Bellplan maintains the following technical and organizational measures, reviewed annually:

  • Encryption in transit (TLS 1.2+) and at rest (AES-256).
  • Row-Level Security on every multi-tenant table, enforced at the database layer rather than the application layer.
  • Least-privilege access controls for production systems; access is logged and audited.
  • Daily automated backups with documented restore procedures rehearsed at least annually.
  • Vulnerability scanning on dependencies; security patches applied within thirty (30) days of disclosure for high-severity issues.
  • Background checks on personnel with production access; written confidentiality obligations.

5. Incident response

Bellplan will notify affected school administrators by email without undue delay, and in any event within seventy-two (72) hours, after becoming aware of a personal-data breach affecting their data. The notice will include the categories of data affected, the approximate number of records, the steps taken to mitigate, and a contact for further inquiry.

6. Data subject requests

Bellplan will assist Customer in responding to requests from individual data subjects (access, correction, deletion). The fastest path is in-product: Customer administrators have direct access to all school data and can fulfill most requests without Bellplan involvement. For requests that require backend access, contact the address below.

7. International transfers

Bellplan’s primary data hosting region is the United States. Where Customer data is transferred outside the United States to a subprocessor (e.g., Vercel’s global edge), Bellplan relies on the Standard Contractual Clauses or an equivalent lawful transfer mechanism.

8. Audits

On reasonable notice and no more than once per twelve-month period (except where required by a regulator or following a breach), Customer may request a written summary of Bellplan’s security controls and the most recent independent third-party assessment, where one has been completed. Customer may not access Bellplan’s production systems directly.

9. Return and deletion

On termination of the service relationship, Bellplan will, at Customer’s option, return Customer data in a machine-readable format or delete it. The default is a ninety (90) day retention window after termination during which Customer may export. After the retention window, Bellplan will delete all Customer data from production systems and confirm the deletion in writing. Backups containing Customer data will cycle out within thirty (30) additional days.

10. Liability

The liability provisions of the Terms of Service apply to this DPA and are not duplicated here. Nothing in this DPA limits any statutory rights of data subjects.

11. Term and amendment

This DPA takes effect when the Customer first uses the service and continues until the service relationship ends. Bellplan may amend this DPA from time to time with thirty (30) days’ notice to school administrators. Material changes require Customer acknowledgment.

12. Contact

Notices, requests, or concerns under this DPA should be directed to garrett.coughlin.001+bellplan@gmail.com.

Beta notice: Bellplan is in early access. The text above is provisional. Final, lawyer-reviewed terms will be posted before general availability (Q3 2026). Beta schools sign a parallel DPA outside the app — email garrett.coughlin.001+bellplan@gmail.com for a copy.
Back to sign in

Bellplan, Inc. · bellplan.app