Privacy

Privacy Policy

How we collect and use information on boardops.org and across the BoardOps family of applications.

Last updated: July 16, 2026

This policy explains how CMJ Consulting LLC d/b/a BoardOps (“BoardOps,” “we,” “us”) collects and uses information on boardops.org and in the BoardOps family of applications (Parley, Sunshine, SuptEval, Quorum, AgendaIQ, and BoardEval). If your school district has signed a Master Subscription Agreement and Data Privacy Agreement with us, those signed agreements control how we handle your district’s data; this policy supplements them and governs our public websites and hub accounts.

Information we collect

  • Website analytics. On our public websites we use Google Analytics 4 and Microsoft Clarity to understand how visitors use the site — pages viewed, links clicked, device and browser type, approximate location, and, for Clarity, interaction heatmaps and session replays with sensitive form fields masked. This data is pseudonymous and we do not attempt to identify individual visitors from it, though a session replay can show how a particular visit unfolded.
  • Account information. When you create a BoardOps hub account, or an account in one of our applications, we collect your name, email address, role, and district affiliation.
  • Customer-relationship records. When someone at a district signs up for one of our applications, requests access, or is provisioned into one, that product sends us the signup contact details (name, email, district) so we can administer the district’s account and follow up. We use this for account management and sales. We do not sell this information or use it for third-party advertising.
  • Single sign-on. When you launch an application from your BoardOps dashboard, we pass your identity to that application to sign you in.
  • Contact forms and email. Messages you send us, including through contact forms, are delivered and stored through our email providers.

How we use information

To provide and improve the services, administer accounts and subscriptions, respond to inquiries, and understand website usage. We do not sell personal information, and we do not use customer content to train AI models (see below).

AI features

Several of our applications include AI-assisted features (branded “Sage” in some products) that process content you submit to generate drafts, summaries, and suggestions. These features run on third-party model providers — currently Anthropic and Google (Gemini / Vertex AI) — under commercial terms that prohibit using your data to train their models. AI output is assistive only and should be reviewed by a person before it is relied on.

Service providers

We rely on third-party providers to operate the services, all processing data in the United States, including Google LLC (hosting, database, authentication, and business email), Anthropic and Google (AI model providers), transactional email providers, Stripe, Inc. (billing), and Google and Microsoft (website analytics). The current list of subprocessors for district customer data is maintained at boardops.org/legal/subprocessors.

Your choices

You can block analytics cookies through your browser settings or a browser extension, and Google offers an opt-out at tools.google.com/dlpage/gaoptout. Blocking analytics does not affect your ability to use the site.

Students and children

Our services are built for school-district governance and administration, not for use by students, and we do not knowingly collect information from children. Districts control the data they submit; our handling of district data, including any student information a district submits, is governed by our Data Privacy Agreement.

Retention and security

We use administrative, technical, and physical safeguards designed to protect the information we hold, and we limit access to authorized personnel. Account and customer-relationship records are kept for as long as needed to provide the services and administer accounts, then deleted or de-identified. For school districts, retention, export, deletion, and security-incident notification for District Data are governed by our Data Privacy Agreement; if we become aware of a confirmed security incident affecting a district’s data, we notify the district as required by that agreement.

Contact

CMJ Consulting LLC d/b/a BoardOps · boardops.org. Questions or requests about your information? Email contact@boardops.org.