top of page

Privacy Policy


The BLAST Assessment Platform (“BLAST”) takes data security and user privacy very seriously, and recognizes the importance of protecting personally identifiable student information gathered through its services. 


This Privacy Policy applies to the BLAST Website, to the BLAST Mobile and WebApp Applications (the “Service”), and to BLAST content, such as text, graphics, videos, images, information, and other material (“Content”). It describes how we use, secure, collect, and share the information of our users, the students, educators, and administrators who use the Service (“Users”). It also establishes our obligations and duties in order to comply with applicable laws and regulations, such as the Family Educational Rights and Privacy Act (“FERPA”) at 20 U.S.C. § 1232g (34 CFR Part 99); and the Children’s Online Privacy Protection Act (“COPPA”) at 15 U.S.C. § 6501-6506 (16 CFR Part 312).


If you have any questions about our collection and use of your information, please contact us at

1. The Information We Collect

We only collect information provided by the users. When you sign a service agreement with the BLAST Assessment Platform, we may ask for information to process the registration, including email addresses of users (educators, principals, and district administrators) and we will generate individual passwords. These initial passwords will be reset by the users upon first-time use, and they cannot and will not be accessed or stored by BLAST. Furthermore, our Service uses two-factor authentication to verify users, as well as session timeouts on the WebApp to prevent unauthorized access to student data. 


To help personalize your experience and ensure data accuracy, we may also ask for information including your name, role within your educational institution, children’s names, their student ID, their gender, their age, and their home language. However, providing personally-identifiable information is not a requirement in order to use our Services, i.e. users can choose to opt out of providing certain information, such as student IDs. 


If you connect or sign in to our Service or Content using a third-party service, we will use that third-party service to authenticate you. We may also use, collect or access other information that you have agreed may be provided by that third party, such as your username, name, e-mail address, date of birth and gender. We collect this information so that it can be used for the purposes explained in this Privacy Policy. All collected information is stored on Google Cloud Platform, a secure, HIPPA- AND FERPA-compliant platform that provides backend cloud computing and application development services.


Non-Personally Identifiable Information. When you use the Service, we may also collect and store information about the mobile, computer or other devices you use to access our Service and about how you use them. We may also collect and store information such as your browser type, IP address, language, operating system, unique device identifier, mobile network information including phone number, the date and time of your usage, the content and pages you view and the websites you visited immediately before and after visiting our Service. 


2. Protection of Data at Rest and In Transit

All the data collected for use on the BLAST Assessment Platform, including data in transit and data at rest, has end-to-end encryption through the Google Cloud Platform. For more information on how Google encrypts data and employs security measures to protect data, visit


3. How We Use That Information

We use the information we collect to operate and provide you with BLAST’s Service and Content. This includes, but is not limited to:

Authenticating your login;

Personalizing your BLAST experience and customizing your child’s activities;

Allowing you to monitor your child’s progress in BLAST;

Protecting our intellectual property or other rights; and

Managing and improving our business, Service and Content.


You can opt out of receiving most emails by selecting the “unsubscribe” link on our emails, but we reserve the right to email you (i) to confirm transactions, (ii) to address account issues, or to request a reset password or (iii) as required by law.


We also reserve the right to use or share non-personal information (e.g., de-identified or aggregate data) for research purposes.


4. Scope of User Access of the Service and Content

To protect other users’ information, each user––depending on their assigned role––only has access to the classroom and student information that they are responsible for. For instance, users who are district leaders are limited to accessing the school, grade, classroom and student information belonging to their district; users who are teachers are limited to accessing their respective classroom and student information in that classroom.

5. Sharing Your Information With Third Parties



Compliance with law and law enforcement requests, and protection of our rights. We may disclose your information when we have a good faith belief it is reasonably necessary to (i) meet any applicable law, regulation, legal process, court order, governmental request or other legal mechanism, (ii) enforce applicable Terms of Service, including investigation of potential violations, (iii) detect, prevent, or otherwise address fraud, security or technical issues, (iv) protect against harm to the rights, property, safety of BLAST, our users, or the public.


Consent. We may disclose your information when we believe we have your consent to do so, such as when you contact customer service and ask us about your account, or when we have the consent of someone we believe is authorized to consent on behalf of you, such as the individual named in the service agreement for your account.


6. Use of Cookies

We and our partners use various technologies to collect and store information when you use our Service or Content, and this may include sending one or more cookies or anonymous identifiers to your device. Cookies are small text files placed on the browser of your computer or mobile device when you visit a website or use an application.


We may use cookies (or clear gifs, web beacons or similar devices, including devices that function in the mobile environment) to collect information from users for purposes such as tracking Service visits and to measure visitor patterns.


This information is not personally identifiable and is used only to improve the Service or Content and enhance your experience. Cookies are not used to retrieve PII from your computer or device, or to retrieve other information from your computer or device for purposes that are unrelated to the Service or your interaction with the Service. We reserve the right to disclose or utilize any of this information in aggregate form, for any purpose, in our sole judgment. 


You may stop or restrict the placement of cookies on your computer or remove them from your browser by adjusting your web browser preferences. Note that this may cause some features of the Service to work incorrectly. Please note that cookie-based opt-outs are not effective on mobile applications. However, on many mobile devices, applications users may opt out of certain mobile tracking activities via their device settings.


7. Accessing, Reviewing, and Deleting Your Information

You may access or delete information we have collected about you by contacting us using the contact information listed under #11 at the end of this Privacy Policy.


8. Keeping Your Personal Information Secure

We have implemented and maintained commercially reasonable security practices to protect against the unauthorized access, use, modification, destruction or disclosure of your personal information. We do not collect users’ login information to the Service, except for email addresses for the purposes of creating new user accounts. To increase account security, two-factor authentication is required upon logging in to the BLAST App and WebApp Applications.

9. Employee Obligations to Protect Student Data

Each employee at BLAST is required to strictly comply with the obligations and duties as outlined in this Data Security and Privacy Policy and in their employee contracts in order to protect student information during and after their employment. Employees are, under no circumstances, permitted to disclose, share, disseminate, or make public any student data to persons or entities outside BLAST. Upon the conclusion of their employment or upon BLAST’s request, employees will promptly return or destroy all physical and electronic copies of student data in their possession or control. Employees are expected to comply with all applicable laws and regulations governing the privacy and security of student data, including, but not limited to, the Family Educational Rights and Privacy Act (FERPA) in the United States. Any violation of the terms set forth in the Privacy Policy and their employee contracts will result in disciplinary action, up to and including termination of employment, and may also subject the employee to legal liabilities. 

10. Changes to Privacy Policy

This Privacy Policy may be updated by BLAST from time to time. If BLAST makes material changes, we will provide notice to you by email or by uploading the latest version of the Privacy Policy on the BLAST website. Please note that unless otherwise provided by applicable law, your continued use of our Service or Content means that you agree with, and consent to be bound by, the updated Privacy Policy.

11. Contact Information

We welcome inquiries or comments about our Privacy Policy by emailing us at,

or by sending a letter to the following address:


157 Bowery, Suite 2B,

New York, NY 10002

Last updated on December 18, 2023

bottom of page