We take student privacy very seriously, continuously working with schools to make sure student data is kept safe and secure. These days, understanding you and your students’ privacy rights can be incredibly confusing with legal terms and clauses, so we tried to simplify things.
When a School registers for our Services, they provide information regarding the School, students, and faculty. This includes data from Google’s G Suite for Education platform including email addresses, student names, student IDs, organizational units, and groups.
Users of the Site may submit information in accordance with our described Services, including pass creation, administrator room set-up, and other information that is inputted by users.
We have access to Student Data only for the purposes of performing Services on the School’s behalf.
We use the information we collect to operate and improve our Site, Services, and their functionality.
SmartPass uses the services of one or more third parties to create and maintain our Site and Services, and non-identifying and aggregated information which you submit may be shared with them and may be shared with other parties. We ensure that third parties used are consistent with principles listed in this policy, including security and data retention principles.
Student and School personal information will not be retained for longer than necessary to deliver services or for school purposes. This means that personal information cannot be kept in backups or not be deleted because of data commingling.
In accordance with the Children’s Online Privacy and Protection Act (“COPPA”), SmartPass does not and will not knowingly collect any information from children under the age of 13. We will never sell personal information, collect, use, or share such information for any purposes beyond the authorized educational or school purposes, or as authorized by the student or parent. In addition, we will never permit behavioral targeting of advertisements.
SmartPass maintains a comprehensive security program that is reasonably designed to protect the security, privacy, confidentiality, and integrity of student personal information against risks – such as unauthorized access or use, or unintended or inappropriate disclosure – through the use of administrative, technological, and physical safeguards appropriate to the sensitivity of the information.
Data in-transit uses standard SSL encryption with a digital certificate. Data at rest is securely hosted by Google Cloud and is encrypted when it is stored on disk. User roles are clearly defined to manage the access level, restricted to administrators directly managing a customer’s registration for the use of Services and accessing the Site.
While SmartPass believes and intends that its information security practices reflect good practice, there is no such thing as perfect information security. As such, users assume the risk of security breaches and all consequences resulting from them. In furtherance of the foregoing, users must safeguard their credentials. Unauthorized entry or use, hardware or software failure, and other factors may compromise the security of user information at any time.
To learn more about our many safeguards to protect your information, please contact us at firstname.lastname@example.org.
We reserve the right to collect various information about you and your computer or mobile device, in accordance with other information collected, through the use of computer “cookies” or data files which recognize your computer when you return to our site or re-use our mobile application. You may instruct your computer to refuse these cookies, but this may impair or impede the Services we are able to provide you.
In the event that our business is acquired in whole or part by another company, your personal information may be disclosed to them, but that disclosure will be subject to this policy. Successor entities will contract with future companies that are consistent with our privacy principles or allow users a choice to send information to the future entity.
Our Site may contain links to other websites. We have no control over their operation and/or the accuracy of any statements made on them and assume no responsibility with respect to them.
Any disputes regarding this Policy shall be resolved in accordance with Pennsylvania law.