| Data Security | |
| Implement and maintain reasonable security procedures and practices to protect covered information from unauthorized access, destruction, use, modification, or disclosure. | See Information Security Policy (AUP), Access Control Policy, Cryptography Policy, and Operations Security Policy; Security Statement, Section 5; Privacy Policy, How We Store and Protect Your Information |
| Data Use and Disclosure Limitations | |
| Prohibit the use of covered information for targeted advertising. | See Security Statement, Section 2; Terms Of Use, School Addendum, Section 3 |
| Prohibit the sale or rental of a student's information. | See Privacy Policy, How We Share Your Information |
| Prohibit the creation of a student profile for any purpose other than K-12 school purposes. | See Privacy Policy, How We Collect and Use Information; Security Statement, Section 2 |
| Parental Rights | |
| Provide parents the right to inspect and review their child's covered information. | See Security Statement, Section 6, "Viewing of RECORDS"; Privacy Policy, Access to Individual Data |
| Provide parents the right to request corrections to factually inaccurate information. | See Security Statement, Section 6, "Correction of RECORDS" |
| Data Deletion | |
| Delete covered information within a reasonable time frame at the request of the school district. | See Security Statement, Section 6, "Removal of RECORDS"; Terms Of Use, School Addendum, Section 4 |
| Breach Notification | |
| Notify the school district of any breach of covered information. | See Privacy Policy, In the event of a data breach; Incident Response Plan |
| Subcontractor Agreements | |
| Ensure that any subcontractors with access to covered information are contractually bound to comply with SOPPA. | See Third-Party Management Policy |
| Data Transparency | |
| Publicly disclose the categories of data collected and the purposes for which the data is used. | See Privacy Policy, How We Collect and Use Information; |
