Privacy policy

How Canvascope handles your data.

This Privacy Policy explains how the Canvascope application and website (collectively, “Canvascope,” the “Service”), operated by Canvascope Inc., accesses, uses, stores, shares, retains, and protects your data, including data obtained from your Google Account. Canvascope is local-first where that matters most: course indexing, fast search, and day-to-day retrieval. Connected web and document workflows exist to support you, not to turn academic behavior into an analytics funnel.

Last updated: July 2, 2026

Local-first stays the default

Canvascope stores its core LMS search index in browser-local storage. The website reflects synced data only after you explicitly sign in or sync a document through connected product flows.

Connected data is product data, not ad-tech data

When you sign in, the web app reads shared records such as course snapshots, document handoff metadata, Course Brain artifacts, and student profile facts. These records support the product itself rather than a tracking or advertising business model.

AI is local-first, with explicit fallback

The extension tries Chrome's on-device model first. If cloud fallback is used, retrieved prompt context is sent through authenticated Canvascope endpoints only to generate the requested answer.

Shared identity, scoped access

The website uses the same shared account system as Canvascope and Lectra. Access to synced records stays scoped to the signed-in user, protected by secure access controls, and hardened by cross-account protection events.

Calendar access is optional

If you use syllabus or planner calendar sync, Canvascope may request Google Calendar event access so selected course dates can be written to your calendar. Core search does not require it.

Who we are

Canvascope is developed and operated by Canvascope Inc. This policy applies to the Canvascope browser extension, the Canvascope website and web app, the Lectra Notes app distributed on the Apple App Store, and the Lectra-connected workflows that share the same account system. If you have any questions about this policy or your data, contact us at canvascopeextension@gmail.com.

What Google user data we collect

When you choose to sign in with Google for account-linked product features, we request the limited OpenID Connect scopes openid, email, and profile. Through these scopes we access and collect the following Google user data:

  • Your Google Account unique identifier (the “sub” claim)
  • Your email address
  • Your basic profile information, such as your name
  • Your Google profile picture (if available)

If you choose to use Canvascope's syllabus or planner calendar sync features, we may also request https://www.googleapis.com/auth/calendar.events so Canvascope can create selected course schedule events in Google Calendar. For that feature, we may store Google OAuth tokens needed to keep calendar writes working until you disconnect access or the tokens expire.

We do not request or access your Gmail messages, Google Drive files, Google Classroom data, contacts, or broad calendar read/write scopes beyond the event-level access described above. We only receive data you explicitly authorize during the Google consent flow.

How we use Google user data

We use the Google user data described above solely to provide and improve user-facing features of Canvascope. Specifically, we use it to:

  • Authenticate you and create or restore your Canvascope account session
  • Identify you across the shared Canvascope and Lectra account system so your synced course snapshots, documents, and Course Brain artifacts are scoped to you
  • Personalize Canvascope AI responses when you save or allow Canvascope to auto-capture student profile facts such as current courses, study preferences, or pending todo count
  • Display your name, email, and profile picture in the signed-in interface
  • Create selected Google Calendar events when you explicitly run a calendar sync workflow
  • Contact you about your account or provide support when needed

We do not use Google user data for advertising, targeted or personalized ads, retargeting, profiling, selling to data brokers or information resellers, determining credit-worthiness, lending, building independent databases, or training, developing, or improving generalized artificial intelligence or machine learning models. Canvascope’s use of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

Canvascope browser extension and clipboard data

To support connected study workflows, help you organize assignments, and build your Student Profile, the Canvascope browser extension reads, stores, and syncs clipboard activity.

Specifically, when you copy, cut, or paste content on Canvas, Brightspace, or other sites and applications, or when you load a page, the extension may capture the raw text currently in your clipboard (capped at 4,000 characters per entry for storage and sync limits). This raw text is stored securely in your browser-local storage and synced to our database under the same secure sync path used for your grades, notes, and tasks.

We capture the actual text so that future features can reason over how you copy and study (such as which excerpts or phrasing you reference) to suggest similar resources later. The raw text is processed locally on your device to derive a content-light, privacy-preserving assignment_engagement summary for your Student Profile. This derived summary itself never contains the raw clipboard text. We do not use the raw clipboard text or any other user content to train, develop, or improve generalized AI or machine learning models.

How we share, transfer, or disclose data

We do not sell your Google user data or any other personal data, and we do not transfer or disclose it to third parties for purposes other than providing or improving the Service. We share data only in the following limited circumstances:

  • Service providers / subprocessors: We use trusted infrastructure providers, including Supabase (database and authentication) and our hosting provider, to store and process data strictly on our behalf and under contractual confidentiality and security obligations. These providers may not use your data for their own purposes.
  • AI fallback providers: Canvascope tries Chrome's on-device model first. If you use cloud AI fallback, or if a full-course context question needs a larger cloud route, retrieved prompt context may be sent through authenticated Canvascope Supabase Edge Functions to Google Gemini or Anthropic Claude APIs solely to generate the requested answer. This does not change the local-first search index, and we do not use this data to train generalized AI models.
  • Legal requirements: We may disclose data if required to do so by law, regulation, legal process, or enforceable governmental request.
  • With your direction: We share data when you explicitly direct us to, such as syncing a document between connected Canvascope and Lectra workflows.

How we protect your data

Security procedures are in place to protect the confidentiality of your data. We use encryption in transit (HTTPS/TLS) for all data exchanged with Google and our servers, and your session is carried in a signed, secure, HTTP-only cookie. Access to synced records is scoped to the authenticated user and protected by secure access controls. When Google Cross-Account Protection sends a valid account-risk event, Canvascope can revoke affected sessions and, for disabled accounts, block future token issuance until the account is re-enabled. We restrict internal access to personal data to what is necessary to operate and support the Service.

Lectra Notes and the Apple App Store

Lectra Notes is the Apple App Store app from Canvascope for iPhone and iPad. You sign in to Lectra with the same Canvascope account, using Sign in with Apple or Google, and Lectra lets you receive course PDFs, read them, annotate them by hand with Apple Pencil, and use a local Projects workspace with an editor, terminal, Git, Python, optional GitHub linking, and optional SSH connections that you start yourself. The sections below describe Lectra’s data practices specifically and map them to the data types Apple uses in App Store privacy (“Nutrition”) labels. Lectra contains no third-party advertising, analytics, or tracking SDKs.

Data Lectra collects on Apple devices

Consistent with Apple’s App Store privacy categories, Lectra collects the following data, and only to operate the app’s features (“App Functionality”). Each type is linked to your identity because it is stored under your authenticated account:

  • Contact Info - Name and Email Address: When you sign in, we receive your name and email address from Sign in with Apple or Google so we can create and restore your account. If you use Apple’s Hide My Email, we only receive the private relay address Apple provides.
  • User Content - Files and handwritten annotations: The course PDFs you send to Lectra, the highlights, underlines, ink strokes, and handwritten notes you add with Apple Pencil, and the notebooks, project files, code files, and GitHub repository content you choose to open or clone are stored so your work stays available inside the product and across your devices when sync is enabled.
  • Identifiers - User ID and Device ID: We store your account user ID, GitHub account linkage metadata if you connect GitHub, and a per-install device identifier (a random ID generated on your device) so documents and projects can be delivered to the right Apple device and scoped to the right account.

To deliver documents in near real time, Lectra also registers an Apple Push Notification service (APNs) device token, your device’s name (for example, “Jordan’s iPad”), and the device identifier above with our Supabase backend. These are used solely to wake the app and fetch your pending documents.

Lectra does not request or collect your precise or coarse location, contacts, photo library, camera, microphone, health or fitness data, financial information, Safari/browser browsing history, or advertising data. Lectra does not include in-app purchases or collect purchase history.

How Lectra uses your data

Under Apple’s data-use definitions, Lectra uses the data above for App Functionality only: authenticating you, delivering and syncing your documents and annotations, registering your device for notifications, letting you edit local project files, connecting to GitHub when you choose to link it, and providing support. Some on-device study features personalize what you see (for example, generating a summary of the document in front of you), but this personalization happens on your device, as described below.

Lectra does not use your data for Third-Party Advertising, for our own Advertising or Marketing, or for cross-app/cross-site Analytics, and we do not sell your data or share it with data brokers.

On-device intelligence on Apple devices

Lectra’s study tools, summaries, flashcards, tags, and answers, run on-device using Apple’s on-device Foundation Models (Apple Intelligence) when your device supports them. The text of your documents is processed privately on your device to generate these results. Lectra does not send your document contents to Canvascope servers or to any third party to power these features, and your content is not used to train, develop, or improve any generalized AI or machine-learning models. If a device or OS does not support Apple Intelligence, these features are simply unavailable rather than routed off device.

Lectra Projects, GitHub, terminal, and SSH

Lectra Projects is an optional local developer workspace inside the app. Project files, terminal history, Git metadata, and notebooks stay inside Lectra’s app sandbox unless you explicitly sync, export, or push them somewhere else.

If you connect GitHub, Lectra uses GitHub OAuth through the shared Canvascope account system or a personal access token you enter. The resulting GitHub token is stored in the iOS Keychain and attached only to requests made to GitHub so you can browse repositories, clone, pull, commit, and push. You can disconnect GitHub from Lectra, and GitHub access is also subject to GitHub’s own terms and privacy policy.

If you use SSH in the terminal, you enter the host, username, and credentials yourself. SSH passwords are used for the connection attempt and are not stored by Lectra. Known-host records are stored locally to warn if a host key changes. When you connect to a local network host, iPadOS may ask for local network permission; Lectra uses that access only for the user-entered development host or local service.

Sign in with Apple, iCloud, and notifications

Sign in with Apple. Lectra offers Sign in with Apple and requests only your name and email. You may choose to hide your email with Apple’s private relay; we never receive more than what you authorize during the Apple sign-in flow.

iCloud. If you enable cloud sync or backup, Lectra can store recovery snapshots of your documents in your own private iCloud (CloudDocuments) container. This data lives in your personal iCloud account under Apple’s control; we do not separately collect or read your iCloud backups.

Push notifications. Lectra uses Apple Push Notification service to know when new documents are waiting. You can turn notifications off at any time in iOS Settings; document delivery then falls back to checking when you open the app.

Tracking and App Tracking Transparency

Lectra does not track you as Apple defines tracking. We do not link your data with third-party data for targeted advertising or advertising measurement, we do not share your data with data brokers, and Lectra contains no advertising identifier (IDFA) usage and no third-party advertising or analytics SDKs. Because Lectra does not track you, it does not present the App Tracking Transparency prompt.

Deleting your account from within Lectra

In line with Apple’s account-deletion requirement, Lectra lets you permanently delete your account directly in the app from Account Settings. Account deletion runs a secure server-side function that removes your account and the associated server-side data, then signs you out and clears Lectra’s on-device data for that account. You can also sign out to clear the active session, or email us to request deletion, as described next.

Data retention and deletion

We retain your account and Google user data only for as long as needed to provide the Service and fulfill the purposes described in this policy, unless a longer retention period is required or permitted by law. When the retention period expires, or when data is no longer needed, we delete or anonymize it.

You may sign out at any time to clear your active session. You may also request access to, correction of, or deletion of your personal data, including the Google user data, Google Calendar tokens, and synced product data associated with your account, by emailing us at canvascopeextension@gmail.com. Upon a verified request, we will delete your account data within a reasonable period, except where retention is required by law. You can also revoke Canvascope’s access to your Google Account at any time from your Google Account permissions page.

Changes to this policy

We may update this Privacy Policy from time to time. If we change how we use Google user data, we will update this page and revise the “Last updated” date above, and where appropriate we will notify you within the product. Your continued use of the Service after changes take effect constitutes acceptance of the updated policy.

Contact us

For any questions, concerns, or requests regarding this Privacy Policy or your data, contact Canvascope Inc. at canvascopeextension@gmail.com.