Revision date: August 5, 2020
The Family Educational Rights and Privacy Act (FERPA) was enacted by Congress to protect the privacy of students and their parents. The act is designed to ensure that students and parents of students may obtain access to the student’s educational records and challenge the content or release of such records to third parties. Activate Learning is fully compliant with FERPA. To learn more about FERPA please go to http://www2.ed.gov/policy/gen/guid/fpco/ferpa/index.html
The Children’s Online Privacy Protection Act (COPPA) was enacted by Congress to put parents in control of the information websites collect about their children under 13. Activate Learning is fully compliant with COPPA. To learn more about COPPA, please go to: http://www.ftc.gov/privacy/privacyinitiatives/childrens.html.
INFORMATION PROVIDED BY USERS
The Site is directed at teachers and school administrators, is not targeted toward children, and does not knowingly collect personal information from children under 13 years of age. General visitors may provide us with PII such as their name and email address when contacting us to learn more about our products. Registered users of our online services, such as schools and school districts, may provide us with roster data, which includes the names of teachers, the relevant classes and the names of students in each of those classes. Activate Learning does not receive other forms of PII. The site does not request or require email addresses from students using our online application. In the course of using our application, registered student users may provide us with answers to investigations and quizzes in the form of written text, drawings, links to images or links to videos (collectively, “Student Data"). Access to Student Data is controlled by the school or district. Teachers and administrators are allowed to access student responses. Student responses cannot be shared with other students. Activate Learning helps schools to securely manage and store Student Data on behalf of our school customers. Activate Learning never shares Student Data with third-parties, nor does it market products or services directly to students.
Activate Learning does not collect, maintain, use, or share student personal information beyond that needed for authorized educational/school purposes, or as authorized by the parent/student. We do not sell student data under any circumstance, even with consent. We do not create or keep student profiles for non-educational purposes.
INFORMATION COLLECTED THROUGH TECHNOLOGY
LINKS TO OTHER WEBSITES
The Site may include links to other websites, however by doing so we assume no responsibility for the information practices of those websites. Links to other sites do not imply affiliation or endorsement of any kind. This Policy does not address, and Activate Learning is not responsible for, the privacy, information or other practices of such third parties, including any third party operating any service which links to an Activate Learning product or service.
DISCLOSURE OF INFORMATION
Activate Learning takes user privacy and data security seriously. We use commercially reasonable, industry standard measures to safeguard personal information in its possession against loss, theft, unauthorized use, or disclosure. Steps taken to secure student data include the following: Any sensitive online information is transmitted over secure, encrypted channels via HTTPS. Sensitive information is not transmitted over email. All student data are stored on secure servers utilizing firewall technology and are only accessible via HTTPS and with proper authentication. If student data needs to be copied to a local machine for providing customer support, the data is always password protected, and is immediately deleted from the local machine upon completion of the support task. Activate Learning does not share student information with any third parties. If a school requests that student data should be sent to a third party, Activate Learning sends the data to the school and never directly to the third party. Activate Learning will not retain student data after 90 days past the completion of services, including production and backup data repositories.
DATA BREACH RESPONSE
In the event Activate Learning discovers or is notified of a data breach, we will, as required by applicable federal and state laws, investigate, take steps to mitigate the potential impact, and provide notice of the breach to applicable agencies, and customers. However, despite our efforts, no security measures are perfect and we assume no responsibility for any breaches. Activate Learning maintains a written Information Security Policy which details specific steps the company will take in the event of a data breach to validate the breach, end the breach, and notify affected parties, as appropriate.
SAFE USE OF TECHNOLOGY
School districts play an important role in ensuring a secure learning environment for students. The following is a list of practices a school district can undertake to secure their learning environment.
- Closely Manage Access – Activate Learning relies on staff and student directories managed by the district. Districts then determine which staff members can access student rosters. To maintain proper control, districts need to keep this information up-to-date.
- Maintain Password Security – Like most online systems, Activate Learning is accessed with a password. Students and teachers need to choose secure passwords, and should never share their passwords with others.
- Properly Secure Devices – Computer devices that lack up-to-date anti-virus software can pose security risks for student PII. Such devices could contain malware that steals user credentials and exposes student PII.