MyDashBorg builds and hosts dashboards for organizations — including schools and education programs. To do that, we handle two kinds of information: a little about you (our customers and visitors), and the data you put into your dashboards (which may include information about the people you serve, such as students). This page explains what we collect, why, how we protect it, and your choices — in plain language, on purpose. We never sell your data.
Who we are, and the two roles we play
MyDashBorg is a venture of TSYBORG. Contact: admin@mydashborg.com.
- For information about our own customers and site visitors, we are the data controller — we decide how it's used.
- For the data you load into your dashboards (including student information), you are the controller and we are your processor — we only handle that data on your instructions, to provide the service. We don't decide to use it for our own purposes.
What we collect
- Account & contact data: your name, email, organization, role, team size, optional phone, and what you tell us you need.
- Customer-provided data: whatever you upload, type in, or connect to your dashboards. This is yours. For education customers it may include student names, emails, phone numbers, GED/testing IDs, attendance, exam results, and program notes.
- Student-provided data (registration): when a student uses your registration link, they give us — directly and with their own consent — their name, email, phone, and (optionally) GED number. See "Student & education data" below.
- Technical data: your IP address and browser type when you submit a form or sign in, used only for security and debugging. Bot protection (Cloudflare Turnstile) and a single sign-in session cookie. No cross-site tracking cookies, no Google Analytics, no ad pixels.
How we use your information
- To respond to you and to build, host, and maintain your dashboards.
- To keep the service secure — rate limits, bot protection, and new-device sign-in notifications.
- To improve the product using aggregated, non-identifiable usage statistics.
- AI features: some features use AI to process the data you provide — for example, answering questions about your own data, or reading a file you upload. That processing runs through our providers (Cloudflare Workers AI, Google) under terms that prohibit using your data to train their models. We do not use your data — or your students' data — to train AI.
What we don't do
- We don't sell your data, or your students' data. Ever.
- We don't share your contact details with third parties for marketing.
- We don't run cross-site trackers (Google Analytics, Facebook Pixel, etc.) on this site.
- We don't use the content of your dashboards for anything beyond delivering the service to you.
- We don't train AI models on your data or your students' data.
Student & education data
We handle student information under whichever of these applies:
- As your processor / "school official" (FERPA): when an institution loads or records student data, we act only on the institution's instructions, solely to operate that institution's dashboards. We don't re-use or disclose it.
- By the student's own direct consent: our GED registration tool collects only information a student volunteers themselves — name, email, phone, GED number — after they read and agree to a clear consent notice and confirm they are 18 or older. This data comes from the student, not from the institution's records.
For student data we specifically commit:
- Purpose limitation. We use it only to run the program: attendance, exam scheduling, exam tracking, and progress charts. Nothing else.
- No sale, no advertising, no model training. Never.
- Originated in the product. Attendance and exam results are recorded inside MyDashBorg; we don't pull from an institution's student-records system.
- New York Education Law §2-d: for New York institutions, we will sign a Data Privacy Agreement, support your Parents' Bill of Rights, and align our safeguards with the NIST Cybersecurity Framework. Ask us at admin@mydashborg.com.
- Deletion & correction on request by the institution or the student.
Sub-processors
We rely on a small set of vetted providers, each under contractual data-protection terms:
- Cloudflare — hosting, database (D1), file storage (R2), and security. US/global edge; SOC 2 and ISO 27001 certified; GDPR- and CCPA-compliant.
- Resend — transactional email (sign-in links, notifications).
- Stripe — billing and payment processing.
- Google — Google Sheets connections and Google sign-in, only if you choose to use them.
Where your data lives & how we protect it
- In transit: all traffic is encrypted over HTTPS/TLS.
- At rest: databases and file storage are encrypted on disk, on Cloudflare's infrastructure. We don't store copies anywhere else.
- Isolation: each customer's data is separated by workspace, so one customer can't see another's.
- Access: role-based permissions within your workspace; our staff access is limited to what's needed to operate the service.
Keeping and deleting data
We keep data for as long as your account is active or as needed to provide the service. You — or an institution, or a student about their own record — can ask us to delete it, and we will (subject to any legal retention duties). If you cancel, we keep your data for 30 days in case you change your mind, then permanently delete it. If a breach affects your data, we will notify you promptly and work with you on next steps.
Your rights
Email admin@mydashborg.com to do any of the following, and we'll respond within 7 days:
- Show you the data we have on you
- Correct anything that's wrong
- Delete your account and all associated data
- Export your data in a portable format
- Opt out of any non-essential email
Cookies
We use a single session cookie (once you sign in) so we know it's you. We do not use tracking cookies.
Children
The GED registration tool is for adults (18 or older). MyDashBorg is a service for organizations; we don't knowingly collect data directly from children under 13. Where an institution uses us for data about minors, the institution is the data controller and is responsible for the required parental consent under COPPA/FERPA; we act as its processor.
Changes to this policy
If we make a material change, we'll post a notice at the top of this page and (for paying customers) email you. The "Last updated" date at the top will always reflect the most recent revision.
Contact
Questions? Email admin@mydashborg.com. We answer real emails from real humans. See also our Terms of Service.