Privacy & data practices
Effective date: set at launch. Operated by Andersen Labs LLC. Written to be read, not skimmed past — if anything here is unclear, email hello@trymorningbell.com and a human (Luke) answers.
The short version
Morning Bell reads your school's LMS with the access token you give us, builds one email every morning, and keeps almost nothing. Your token is encrypted the moment it arrives. We are read-only — provably, not just as a promise. One click deletes everything, immediately. Your data is never sold or shared. Period.
What we access
With your access token we read, and only read: your active courses and official course grades, assignments and due dates, your own submission records (so we never call something overdue without checking), and professor announcements from the last 24 hours. The complete list of API calls we make is published below in the API calls section and generated from our actual code. The token you create cannot submit, post, message, or change anything on your behalf through our code: we make zero write calls.
What we store
The minimum that a "what changed since yesterday" email requires:
- Your account: email address you signed up with, the address you want the brief sent to, your send hour, your school.
- Your access token: encrypted at rest in a secrets vault the moment you paste it, with keys managed outside the database. It is never written to logs, never present in our website code, and no one — including us — can read it through the normal database.
- Course snapshot: your current courses (code, name, grading type).
- Grade history, 14 days: one number per course per day, kept exactly 14 days so we can compute day-over-day movement, then deleted. We are not building an archive of your academic record.
- Assignment status: the current verified state of recent assignments (submitted / open / overdue / can't-verify) — status flags, not your work. We never store the content of anything you submitted.
- Announcement IDs only: a numeric ID per announcement we've already told you about, so you're not told twice. The text of announcements is not stored.
- Send log: which days we sent you a brief, so you get exactly one.
What we never store
Announcement bodies. Submission content. Files. Discussion posts. Messages. Classmates' anything. Your LMS password (we never see it — a token is not a password and cannot log in as you).
Deletion — real, immediate
Deleting your account is one click. It deletes your encrypted token from the vault, every row of your data, and the account itself, immediately — no 30-day retention, no soft delete, no "processing period." Independently of us, you can revoke the token in your LMS settings at any time and Morning Bell is locked out on the spot.
Every brief also carries a one-tap unsubscribe that stops all sending instantly (your account pauses; deletion is the bigger hammer, also one click).
Selling, sharing, advertising
Your data will never be sold, shared, rented, or used for advertising. There are no third-party analytics on your LMS data. If Morning Bell ever costs money, it will be a price you see and choose — never your data behind your back.
Who processes what
- Supabase hosts our database and runs our code (US region).
- Resend delivers the email (the brief's content passes through them to reach your inbox, as with any email provider).
- Vercel hosts this website (the site itself holds no LMS data).
That's the whole list. No data brokers, no ad networks, no analytics companies with access to academic data.
Security honesty
Tokens encrypted at rest with managed keys separate from the database; read-only API usage; deny-by-default access rules on every table; secrets never in code or logs. If we ever have a breach affecting your data, we will tell you directly and promptly — not in a footnote.
Email practices
Every brief includes a working one-tap unsubscribe and our physical mailing address (CAN-SPAM). Subject lines say what the email is. We monitor complaint rates and stop sending to anyone who marks us as spam.
Changes
If these practices ever change materially, you get an email before the change takes effect, written in the same plain English.
Every API call Morning Bell makes — the complete list
This list is published here ("Read-only, provably"). It is generated
from the actual client code
(supabase/functions/_shared/lms/client.ts); any
code change that adds an endpoint must update this list in the same commit,
and vice versa. All calls are HTTP GET — the token we ask for is used
exclusively to read. Morning Bell makes zero write calls of any kind.
| # | Endpoint | Why we call it |
|---|---|---|
| 1 | GET /api/v1/users/self |
Validating that your token works (at connect time, and a daily infrastructure health check) |
| 2 | GET /api/v1/courses?enrollment_state=active&include[]=total_scores |
Your active courses and each course's official current grade |
| 3 | GET /api/v1/courses/:id/assignments?include[]=submission |
Assignments and due dates for each course, with your submission status |
| 4 | GET /api/v1/courses/:id/assignments/:id/submissions/self |
Verifying YOUR submission record for a specific assignment before we ever use the word "overdue" |
| 5 | GET /api/v1/announcements?context_codes[]=... |
Professor announcements from the last 24 hours |
What these calls can never do: submit an assignment, post or reply to a discussion, message anyone, change a setting, delete anything, or see other students' work. Those operations require write scopes and different endpoints that Morning Bell does not call and has no code for.
Morning Bell is not affiliated with Instructure, Canvas, or BYU–Idaho.