‘SchoolParency’; ‘we’; ‘us’; and ‘our’; means SchoolParency of North Massapequa, New York State, US.
SchoolParency is a platform designed for the communications and transparency between Home (Parent and Student) and School (Teachers and Administrators). SchoolParency has been designed for the adoption and use by administrators, teachers, parents, and students who fall within the demographics of pre-K-12 school ages. Those who utilize SchoolParency can share messages about school logistics, school functions, school calendars, classroom learning, directory information, files, and media files.
To provide our services to you, we must process personal data, or Personally Identifiable Information (PII). We are committed to maintaining the highest standards of compliance with regulatory environments.
State and federal laws such as Education Law § 2-d; the Commissioner of Education’s Regulations at 8 NYCRR Part 121, the Family Educational Rights and Privacy Act (“FERPA”) at 12 U.S.C. 1232g (34 CFR Part 99); Children’s Online Privacy Protection Act (“COPPA”) at 15 U.S.C. 6501-6502 (16 CFR Part 312); Protection of Pupil Rights Amendment (“PPRA”) at 20 U.S.C. 1232h (34 CFR Part 98); the Individuals with Disabilities Education Act (“IDEA”) at 20 U.S.C. 1400 et seq. (34 CFR Part 300); protect the confidentiality of a student’s identifiable information.
This Privacy Policy aims to explain to the Users of our Service and Website how we process personal data so that you can make well-informed decisions regarding your legal rights. The Policy also aims to outlay our duties and responsibilities to process Student, Parent, and School Staff Data securely, including but not limited to the transfer and storage of PII from you, the LEA (Local Education Authority).
All documents and data transferred belonging to students, teachers, or principals are done within the scope and according to the New York State Education Law 2-d.
This Policy applies to the personal information that we collect, use or ask you to provide to help us establish and manage your SchoolParency account through your applicable LEA. Where you contact our team by email, we are the Data Controller of the data being processed. This Privacy Policy applies as soon as you access our Services, visit our Website, contact or engage with us.
Without affecting your rights under any current applicable legislation, this Privacy Statement is not contractual by nature and does not form part of your contract with us. By using our services or products, you are presumed to have read and understood this Privacy Statement.
We strive to be transparent about our practices concerning the collection and usage of personal data, or PII (Personally Identifiable Information).
Student Data or any other Education Records transmitted to the Provider pursuant to this Agreement is and will continue to be the property of and under the control of the LEA or to the party who provided such data (such as the student or parent.) All intellectual property rights, in and to Student Data or Education Records shall remain the exclusive property of the LEA or the party who provided such data.
Depending on your relationship with us, we may use your data to:
The General Data Protection Regulations (GDPR) of Europe forbids personal data processing unless we are collecting and using it in line with one of 6 lawful bases. The lawful bases we rely on are:
NYS Education Law 2-D sets our specific standards to be met when processing student, teacher, or principal data. For more information on how we comply, please see Schedule A below.
We process your personal data only for as long as necessary to achieve the purposes for which it was initially collected. After a student graduates or withdraws from attendance at their School, the School will delete their SchoolParency account and the data involved, as appropriate. Please note that account deletions can with reversed if needed within 30 days from closure.
Please note that we may have the retain elements of your personal information on some occasions after our relationship has ended. We are required to keep this data for as long as necessary to comply with our legal and regulatory obligations, including possible claims relating to the services we offer and the use of our Website.
We may share your data with the following third parties to fulfill our commitment to you. The PII that we collect and receive from a student, parent or educational institution, or agency is solely processed for service provision within this Policy’s scope. Please note that we will never share or sell your data to a third party:
In line with COPPA rules, all third-party service providers/operators, including name and contact information (address, telephone number, and/or email address), will be made available on request.
As per draw 2-D(b)(3), all applicable state and federal laws and regulations pertaining to data privacy and security. Within the scope of Service provision, safeguards considered to meet industry standards are; encryption, firewalls, and password protection
SchoolParency has incorporated technical and organizational security measures in protecting PII. When student data is transferred, it is done so in an encrypted fashion and transmitted securely. Access to the SchoolParency site is only through authentication of one’s username and password, which should remain confidential to the user. It is the responsibility of the LEA to ensure that unauthorized person(s) do not gain access to the Service, your school account, or any parent, student, or teacher PII. If a breach has occurred, the LEA should notify SchoolParency without undue delay and, where possible, within 72 hours (including weekends and non-business days).
Your information is protected on a server that is behind a firewall; while utilizing security software to maintain the confidentiality of the personal information we have accumulated. In the unlikely event of a security breach of a user’s personal information, we shall notify all users whose information may
[1] FERPA (§ 99.31(a)(1)(i)(B)) permits schools to outsource institutional services or functions that involve the disclosure of education records to contractors, consultants, volunteers, or other third parties provided that the outside party:
have been comprised to both the data subject and the LEA, in accordance with all applicable laws and regulations and their capacity as the data controller. We will also post a notice on our site of such a potential breach.
In line with NYS ED Law 2-D, in the case of a Security Incident or Data Breach involving Student Data, the LEA shall notify the parent or eligible student of any authorized release of Student Data involving Personally Identifiable Information from the student records in the most practical way possible and without undue delay.
In any notification to a parent, guardian, or eligible student due to a Security Incident by SchoolParency or any of our providers or sub-contractors, or if the Security Incident is unrelated to the LEA actions or omissions, SchoolParency, if so requested, shall reimburse the LEA for the full cost of such notification.
Our Website may contain links to other third-party websites and services. This Privacy Policy does not apply to any links provided to you by anyone other than us. Third parties will appoint their privacy policies, and these should be consulted should you have any queries about how they process your data. We have no control over such third-party Website and have no responsibility for their actions.
Any personal information you supply will be treated in accordance with applicable data protection laws, including the GDPR (EU) and any other applicable or superseding laws. We are committed to delivering the rights individuals are entitled to and upholding a transparent approach to processing data. These are:
However, you have the right to lodge a complaint with a supervisory authority – particularly the supervisory authority of the State of your habitual residence or place of the alleged infringement – if you believe that the processing of your Personal Data does not comply with legal requirements.
Provider | What they do for SchoolParency | Data involved in this processing |
Digital Ocean provides SchoolParency with servers, databases, analytics, and network infrastructure. | All user personal information and uploaded content, device ID, request data, and all logs are stored on Digital Ocean. Passwords are stored as one-way hashes. All personal data is encrypted at rest. | |
Google Inc. (G Suite) | Utilized for SchoolParency internal emails, docs, slides, spreadsheets, etc. | SchoolParency stores its own emails and files using Google services. SchoolParency may share personal information with Google in the course of utilizing Google services, for example, if a user emails an employee for support. |