NameCoach Student Records Privacy Statement & Security Plan
NameCoach takes the privacy of our customers and users seriously, and we understand the need to safeguard personally identifiable information in records ("Student Records") of students who access and use our web-based products and services from educational institutions, schools and school districts that we serve (our "Education Clients").
We are committed to working with our Education Clients to comply with laws, rules and regulations governing the use and protection of Student Records, including the Family Educational Rights and Privacy Act (FERPA), 20 U.S.C. §1232g and its implementing regulations, and applicable state laws and statutes governing Student Records that we receive from our Education Clients. As such, NameCoach is committed to maintaining this data Security Plan designed to protect the security, confidentiality, and integrity of Student Records that we receive from our Education Clients, as well as to protect against unauthorized access or other anticipated threats.
In connection with this Security Plan, NameCoach maintains reasonable administrative, technical and physical safeguards to secure Student Records, both during transmission and while in our custody. These safeguards may include firewalls, routers, encryption, passwords, protection of off-site records, and limitations of access to Student Records to authorized staff, contractors and agents that have a legitimate need to access such data for purposes of delivering and supporting our products and services to our Education Clients, and that are under appropriate contractual obligations of confidentiality, data protection and security.
Training on NameCoach’s information security and data policies and procedures is provided to employees and other individuals who are responsible for, or have access to, Student Records.
Student Records are used by NameCoach only for the purpose(s) for which they were provided to us, or as otherwise authorized in applicable law and any agreement with the Education Client. NameCoach does not sell Student Records or use them for targeted marketing or other commercial purposes. Student Records will not be disclosed by NameCoach to unauthorized third parties except in compliance with applicable law and any agreement with the Education Client unless required by statute, agency or court order, subpoena or similar compulsory legal process.
If a parent, legal guardian or student contacts NameCoach with a request to review Student Records or correct erroneous information, or if an agency, court, law enforcement or other entity contacts us and requests access to Student Records, we will (unless prohibited by writ or compulsory legal process) promptly notify an authorized representative of the applicable Education Customer, and will use reasonable and good faith efforts to assist the Education Customer in fulfilling such requests, as directed by the Education Customer.
If NameCoach determines that a breach or unauthorized release of Student Records that would be subject to reporting under applicable federal or state law has occurred, NameCoach will take prompt and appropriate steps to mitigate further breach or release of Student Records; provide notice to the affected Education Client promptly and without unreasonable delay; and work with the affected Education Client to provide information and assistance necessary to comply with any notification to parents, legal guardians or students, as required under applicable law.
Following expiration or termination of the agreement under which the Education Client purchased access to the NameCoach web-based products or services, and upon receipt of written request from the Education Client, NameCoach will destroy or, if agreed, return to the Education Client, the Student Records in its possession within a commercially reasonable period of time. For clarity, data generated by NameCoach or our products, that is in aggregate, or that is anonymized (i.e, personally identifiable information has been removed), may be retained by NameCoach and used for product and service improvement purposes or other purposes consistent with applicable law and any agreement with an Education Client.
This Student Records Privacy Statement is effective April 1, 2017. From time to time we may make changes to this Privacy Statement to reflect changes to our privacy practices in accordance with changes in legislation, best practice or product enhancements. We may notify our Education Clients about material changes to this Privacy Statement by email to the address we have on file for the account, or by placing a prominent notice within our web-based products, or on our website.
For questions or further information on our data privacy and security practices with respect to Student Records, please contact firstname.lastname@example.org.