top of page

Privacy Policy
Streamline by Better Speech
Effective Date: 10/24/2025
 
1. Introduction
Streamline by Better Speech (“Streamline,” “we,” “us,” or “our”) is a software-as-a-service (SaaS) platform designed for educational institutions, administrators, educators, related service providers, students, and families. Protecting your privacy and data is fundamental to our mission. This Privacy Policy describes the categories of data we collect, how we use and share that data, and the rights available to you.
By using Streamline, you acknowledge and consent to the practices outlined in this policy, subject to institutional agreements and applicable law.
 
2. Scope
This policy applies to all users of Streamline, including:

  • Institutions / School Districts that license the platform
     

  • Administrators, educators, and related service providers who use Streamline to manage and deliver services
     

  • Students and families whose information may be entered into the system
     

Streamline is governed primarily by FERPA for student education records, with certain data also subject to HIPAA, COPPA, CCPA/CPRA, and other applicable state and federal privacy laws.
 
3. Information We Collect
We collect and process the following categories of data:

  1. Account Information – Names, roles, institutional affiliation, email, phone, credentials (for staff and providers).
     

  2. Student/Education Records – Student ID, demographic details, attendance, IEP/504/service plans, assessments, progress notes, therapy session data, academic interventions, communications.
     

  3. Health-Related Information – Certain therapy or clinical notes, diagnostic codes, progress toward treatment goals. Where information meets the definition of Protected Health Information (PHI) under HIPAA, we apply HIPAA-aligned safeguards.
     

  4. Usage Data – Log files, IP address, device/browser data, error reports, activity within the platform.
     

  5. Payment/Billing Data – Institution billing details, invoices, payment methods (processed via PCI-compliant vendors).
     

  6. Communications – Messages between educators, providers, families, or students.
     

  7. Support and Onboarding Data – Setup information, helpdesk tickets, training requests.
     

  8. Optional/Consent-Based Data – Surveys, optional integrations, or add-on services.
     

 
4. Legal and Regulatory Framework
We comply with multiple laws and regulations, including:

  • FERPA (Family Educational Rights and Privacy Act): Governs student education records. Institutions retain primary control of these records. Streamline acts as a "school official" with legitimate educational interest.
     

  • HIPAA (Health Insurance Portability and Accountability Act): Certain therapy, counseling, or medical-adjacent data may constitute PHI. Where applicable, we apply HIPAA-aligned administrative, physical, and technical safeguards. Generally, FERPA takes precedence for school-based records, but HIPAA may apply when data is created or maintained outside FERPA-covered environments.
     

  • COPPA (Children’s Online Privacy Protection Act): Applies to data from children under 13. Parental consent is required for collection and use beyond what is strictly necessary for educational services.
     

  • State Data Privacy Laws: Including but not limited to CCPA/CPRA (California), SOPPA (Illinois), NY Ed Law 2-d, and others. We meet or exceed these obligations through institutional contracts and this policy.
     

  • Other Applicable Laws: GDPR (if serving EU institutions), Canadian PIPEDA, etc., where relevant.
     

 
5. How We Use Information
We use personal and institutional information for:

  • Delivering and improving the Streamline platform
     

  • Managing user accounts and institutional settings
     

  • Supporting scheduling, service delivery, IEP/504 management, and reporting
     

  • Facilitating secure communications between educators, providers, students, and families
     

  • Meeting legal and contractual obligations
     

  • Conducting audits, research, and analytics (de-identified or aggregated where possible)
     

  • Security, fraud prevention, and regulatory compliance
     

  • Processing payments and institutional billing
     

We do not use student or PHI data for targeted advertising.
 
6. Data Sharing & Disclosure
We share data only in the following circumstances:

  • With authorized institutional users (administrators, educators, providers) to fulfill educational/therapeutic purposes
     

  • With students/families for their own information and services
     

  • With service providers/vendors (cloud hosting, billing processors, analytics) under binding data protection agreements
     

  • As required by law (e.g., subpoenas, mandated reporting, regulatory requests)
     

  • During corporate transactions (e.g., merger or acquisition) subject to continuity of protections
     

We do not sell personal data.
 
7. Institutional Control and User Rights

  • Institutions retain primary control over education records and PHI entered into Streamline.
     

  • Students and families may exercise rights (access, correction, deletion) through their institution, in line with FERPA/HIPAA.
     

  • Educators and providers may access their account data and request correction or deletion consistent with institutional requirements.
     

  • Institutions may request export, deletion, or return of data at contract termination.
     

 
8. Data Retention

  • Education and PHI records are retained according to institutional agreements, legal requirements, and applicable retention schedules.
     

  • At contract end or request of the institution, data will be securely returned or destroyed, unless law requires longer retention.
     

  • Support, log, and diagnostic data may be retained for limited periods to ensure platform security and performance.
     

 
9. Security
We use industry-standard safeguards to protect education records and PHI:

  • Encryption in transit (TLS 1.2+) and at rest (AES-256)
     

  • Access controls with role-based permissions
     

  • HIPAA-aligned audit logging and monitoring
     

  • Regular penetration testing and vulnerability scanning
     

  • Secure data centers with SOC 2, ISO 27001, or equivalent certifications
     

  • Incident response protocols, including notification to institutions (and individuals if required by law) in the event of a breach
     

 
10. International Transfers
If data is transferred outside its country of origin, we apply appropriate legal safeguards (e.g., Standard Contractual Clauses for EU data).
 
11. Cookies & Tracking
We use cookies and tracking technologies only for:

  • Authentication and session management
     

  • Platform performance and analytics
     

  • User preferences
     

We do not use behavioral advertising or sell cookie data. Users may opt out of non-essential cookies in compliance with applicable law.
 
12. Children’s Privacy
Streamline is used by educational institutions to support students, including children under 13. We rely on institutions to obtain necessary parental consent under COPPA. Streamline itself does not knowingly collect personal data directly from children without such consent.
 
13. Changes to this Policy
We may revise this Privacy Policy from time to time. Material changes will be communicated to institutions in advance. Continued use of the platform after changes take effect constitutes acceptance.
 
14. Contact Us
For questions or to exercise your privacy rights:
Privacy Office
Streamline by Better Speech
500 Westover Drive #11458, Sanford, NC 27330
Email: info@betterspeech.com
Phone: +1-919-589-7941

bottom of page