Engineered into the substrate. Not bolted on.
ArthurAI™ ships across four institutional buyer types, each with its own statutory overlay. This page documents the posture per statute and per edition. Eve-Education, LLC, the operating entity, is the data processor; the institution remains the data controller. Eve-Grid™ is the underlying Azure-native infrastructure substrate against which every claim below is engineered.
FERPA — Family Educational Rights and Privacy Act
Applies to: SLE · ULE · CLE workforce education at FERPA-receiving institutions
ArthurAI™ operates as a school official under FERPA when deployed inside an institution that receives U.S. Department of Education funds. Education records are processed under direction from the institution; we do not redisclose personally identifiable information from education records to third parties without institutional authorization. Eve-Education, LLC executes Data Privacy Agreements at institutional onboarding and supports parental and student access requests through the institution's registrar of record.
COPPA — Children's Online Privacy Protection Act
Applies to: SLE
For deployments serving children under 13, ArthurAI™ School Learning Edition relies on the school-as-agent model permitted by the Federal Trade Commission, in which the school provides verifiable parental consent on behalf of the parent for educational purposes. No personal information collected from a child is used for behavioral advertising, profile-building outside the educational context, or third-party marketing. Parents may inspect, correct, or delete their child's information through the institution's registrar.
ADA · Section 504 · Section 508
Applies to: every edition
ArthurAI™ is built to the WCAG 2.1 AA technical specification, which is the standard cited by Section 508 of the Rehabilitation Act and by the Title II ADA Web Rule (28 CFR Part 35). Section 504 obligations of the educational institution are met by the institution; ArthurAI™ supports those obligations with accessible interfaces, screen-reader-compatible output, keyboard-navigable workflows, and alternative text on educator-uploaded content where the educator provides it.
WCAG 2.1 AA
Applies to: every edition · marketing site
The marketing site arthurgrid.ai and every ArthurAI™ shipping surface targets the WCAG 2.1 AA conformance standard from day one. Accessibility is a launch criterion, not a roadmap item. Conformance is verified at build time via automated checks and at release time via manual review across keyboard navigation, screen-reader behavior, color contrast, focus management, and text alternatives. We do not claim AAA conformance.
AI Disclosure — California AB-1791 and analogous state laws
Applies to: SLE (mandatory at California school districts effective Jan 1, 2026); other states tracked
California AB-1791 (signed September 2024, effective January 1, 2026) requires schools to disclose to students and parents when artificial intelligence is used in instruction. ArthurAI™ ships with a configurable district-disclosure block that satisfies the AB-1791 notice requirement on instruction surfaces. Districts may customize the disclosure language and the notification cadence. Equivalent statutes in other states are tracked as they enact; districts in Tennessee (HB 1630), Utah (HB 251), and other jurisdictions deploying new AI-disclosure regimes receive parallel disclosure surfaces with the corresponding statutory language.
GDPR — General Data Protection Regulation
Applies to: any deployment processing personal data of EU/EEA learners or educators
For deployments inside the European Economic Area or processing personal data of EU/EEA data subjects, Eve-Education, LLC operates as a data processor under Article 28 GDPR with the institution as data controller. A Data Processing Agreement is executed at onboarding and incorporates the European Commission's Standard Contractual Clauses for international transfers. Sub-processor engagement is disclosed and gated by the controller. Data-subject rights (access, rectification, erasure, restriction, portability, objection) are supported through the institution.
CCPA / CPRA — California Consumer Privacy Act
Applies to: California consumers interacting with the marketing site or a public-tier deployment
For California residents whose personal information is collected by the marketing site or by a non-school deployment, MindHYVE.ai operates as a covered business under the CCPA as amended by the CPRA. We disclose the categories of personal information collected and the purposes for collection in the privacy policy. California residents have rights to know, delete, correct, and opt out of the sale or sharing of personal information; the analytics consent banner on this site implements opt-in for Microsoft Clarity. Education-record deployments are exempt from the CCPA personal-information definition where the institution is a public agency.
Kenya Data Protection Act (2019) and equivalent national regimes
Applies to: African deployments — Daystar University, OUK, Kadisco, KEPSA, Craft Silicon, IUCEA, TechMindset Africa, SO TECHAFRICA Nigeria
For deployments inside Kenya, processing complies with the Data Protection Act 2019 and the regulations issued by the Office of the Data Protection Commissioner. Equivalent compliance posture is maintained for Nigerian deployments under the Nigeria Data Protection Act 2023, Ethiopian deployments under the Personal Data Protection Proclamation, and the East African Community member-state regimes engaged through the IUCEA partnership. Data-subject rights, breach notification, and cross-border transfer obligations are honored through the institutional partnership.
Pakistan and other South Asian regimes
Applies to: Pakistan deployments — KPSIAJ, AI Future Lab, FDE, GIKI, KUST, PIHS, PEC, COTHM, ICS+NEI, Alkhidmat KP, Smart Learnify
For Pakistani deployments, ArthurAI™ processes data under the Personal Data Protection Bill regime as adopted, plus sector-specific obligations from the Federal Directorate of Education, the Higher Education Commission, and the Pakistan Engineering Council where applicable. Government-of-Pakistan partnerships under the National AI Policy are governed by the policy framework and the relevant ministry's data-handling guidance.