DrawSplatTM Compliance Console

Internal Terms & Privacy Open Board

Admin Access

Enter the DrawSplatTM admin password to use internal compliance and reviewer tools.

Request Access

Preview mode — you're looking at the admin layout in read-only form. No backend data is loaded and every Save / Load / Edit control is disabled. Click Lock Admin in the header to exit and sign in with the real admin password.

Compliance Console

Internal compliance and reviewer tools. This page is intentionally not linked from the teacher-facing admin workflow.

Google Drive + Sheets Backend

Paste the deployed Google Apps Script Web App URL for the deployment you are reviewing or maintaining.

Compliance Console

Phased rollout of safety, parent-access, age-lock, and district-readiness features. Each subsection is filled in as the corresponding day in COMPLIANCE-ROADMAP.md is completed.

Safety Review (text filter, link control, board freeze)

Text keyword filter and link allowlist are enforced server-side on every Save to Google and Cloud Sync. Hits are recorded as TEXT_FILTER_HIT in Activity Records. Freeze a board to block all future writes until you unfreeze it.

Filter configuration


Board / room freeze

Image Approval Queue (Days 1.3 / 1.4)

Student image uploads land here as pending until a teacher approves them. Approved images appear on the student's board the next time their browser polls (within ~8 seconds). Rejected images are trashed in Drive and replaced with a "rejected" placeholder on the student board.


Review queue

Family Access Tools (request center, verification, deletion)

Parents submit requests at /parents/. Verified requests appear here. Click Issue Parent Code on a student in Age Lock below to give a parent a one-time verification code (valid 14 days).

Parent controls configuration


Request queue

Student Age Band Lock

Each student record carries one of: under_13, 13_to_17, 18_plus, unknown_minor. The band is server-locked; only the admin can override, with reason + audit trail. Rows auto-populate when students submit turn-ins; you can also add students manually below.

Roster CSV columns (header row required): studentName (required), className, email, ageBand (under_13 / 13_to_17 / 18_plus / unknown_minor), ageSource, notes. Existing students (same name + class) are updated; new ones are created. Idempotent.

Use Limits (time-of-day, daily, session)

Enforcement code (browser timer + Apps Script save/load gate) ships in Days 2.8 – 2.9. The configuration switches below are read by both the client and the server, so you can pre-stage values now.

Privacy Settings (storage, AI, third-party services)

Read-only declarations the District Privacy Packet reports to district reviewers. Edit values in compliance.config.json at the repo root or in the JSON Editor below; they are stored in COMPLIANCE_CONFIG on the Apps Script side.

Retention Policy & Cleanup

Boards older than the archive threshold are moved to an Archive folder. Boards older than the delete threshold are trashed and the row removed. Activity Records older than the keep window are pruned. A daily Apps Script trigger runs the cleanup at 02:00 server time; you can also run it on demand.

Activity Records (audit log)

Filter by action, actor, and date range. Download as CSV or JSON for reviewer evidence.

Connect a Web App URL above to load Activity Records.
District Privacy Packet

One-click ZIP with Terms & Privacy, District Addendum, the current compliance config, the last 90 days of Activity Records, and the Compliance Roadmap.

Compliance config (raw JSON)

Edits write to the COMPLIANCE_CONFIG script property on save. Only the known top-level sections (safety, parentAccess, ageLock, timeLimits, retention, audit, privacy) are persisted; anything else is silently dropped.

Admin passcode

Enter the ADMIN_PASSCODE set in your Apps Script Script Properties. It's stored in this browser only (localStorage) and used for Activity Records and the District Privacy Packet.