-
Notifications
You must be signed in to change notification settings - Fork 1
Data and Privacy
By default, Rubric Maker stores all data locally in the browser's localStorage. Nothing is transmitted to any external server. There is no telemetry, no analytics, and no user accounts unless you opt in.
When Supabase sync is enabled (Settings → Database → Connect & Sync), data is additionally mirrored to the configured Supabase instance. The localStorage copy is kept in sync and remains the offline-capable primary store.
Network requests at runtime:
- Supabase — only if you connect a Supabase instance in Settings. Opt-in.
- Common Standards Project API — only if you use the standards picker. Opt-in.
- Microsoft Graph API — only if you connect a Microsoft 365 account. Opt-in.
| Data category | Description | Contains PII? |
|---|---|---|
| Rubrics | Rubric definitions (criteria, levels, scoring mode) | No |
| Students | Student names, email addresses, class assignments | Yes |
| Graded rubrics | Scores and feedback per student per rubric | Yes (linked to student) |
| Comment bank | Reusable feedback snippets | No |
| Attachments | Uploaded student work (PDF, DOCX, images) stored as base64 | Potentially |
| Essay submissions | Student essay text submitted via share code | Yes |
| Peer reviews | Peer scores and comments | Yes |
| Self-assessments | Student self-scores | Yes |
| Speaking sessions | Session notes and scores for oral assessments | Yes |
| Settings | Language, theme, and other preferences | No |
| CEFR descriptors | Locally cached CEFR level reference data | No |
| Standards favourites | Saved standard codes and titles | No |
| Backup timestamp | Date of the last exported backup | No |
| Speaking recordings | Audio/video blobs (IndexedDB, not localStorage) for oral assessment | Yes |
| Tests & results | Test definitions, student responses, proctoring telemetry | Yes |
| Audit log (Supabase only) | Role changes, deletions, grade saves, exports, auth events — admin-only | Yes (actor identity) |
Browsers impose a limit of roughly 5–10 MB per origin on localStorage. Attachments stored as base64-encoded strings are the biggest consumers. A single 1 MB PDF becomes approximately 1.3 MB after base64 encoding.
The app displays a warning when storage is running low. If you hit the limit:
- Export a backup from Settings → Data Management.
- Remove attachments from old or completed grading sessions.
Regular backups are strongly recommended, especially on shared or managed devices where browser storage can be cleared by IT policy, browser updates, or a cache wipe.
Export a backup:
- Go to Settings → Data Management.
- Click Export backup.
- A
rubricmaker-backup-<date>.jsonfile is downloaded to your device.
Restore from backup:
- Go to Settings → Data Management.
- Click Import backup and select the JSON file.
- All existing data is replaced with the backup contents.
The JSON file is human-readable and can be opened in any text editor.
Without Supabase sync enabled, the only way to move data between devices is a manual backup/restore:
- Export a backup on the source device.
- Open Rubric Maker on the target device.
- Import the backup file.
If Supabase sync is enabled (see Supabase Sync), signing in to the same account on a second device pulls the data automatically — no manual export/import needed.
Because student data (names, emails, submitted work) may be stored in localStorage and/or Supabase, the institution running the application is the data controller.
localStorage-only mode:
- Data never leaves the device unless the operator exports a backup.
- Ensure the device is secured (password-protected, full-disk encryption).
Supabase sync enabled:
- For EU institutions, use the eu-central-1 (Frankfurt) Supabase region to keep data within the EU.
- A self-hosted Supabase instance on school infrastructure gives maximum control.
- Document the Supabase instance as a sub-processor in your school's data processing register.
- A
pg_cronretention job automatically purges admin/audit logs (3yr), grade data (1yr), and export/auth logs (1mo) — see Admin → Audit in Features. - Students can be soft-deleted then anonymized from Admin → Archive, scrubbing PII while preserving aggregate grade history for school reporting.
General guidance:
- At the end of an assessment cycle, export a backup and clear browser site data to remove student records from the device.
- Attachments (student work) may contain sensitive information — treat exported backup files with the same care as physical student records.
- The app includes an in-app Privacy page (
/privacy) documenting all data categories, legal basis, and student rights (erasure, portability) in both English and Dutch.
For the full data inventory and GDPR article references, see PRIVACY.md in the repository.
To remove all application data from the browser:
- Open the browser's developer tools (F12).
- Go to Application → Storage → localStorage.
- Select the Rubric Maker origin and click Clear.
Or use the browser's Clear site data option under Site settings. This is irreversible — export a backup first if you want to keep the data.