Privacy Statement for ExploreLearning Data Management System
Updated: February 13, 2020
ExploreLearning is committed to protecting your online privacy. Science4Us is certified COPPA, FERPA & CSPC compliant.
This site provides you with access to ExploreLearning’s Data Management System. This system is an integral component of ExploreLearning’s curriculum products and provides valuable reporting, instructional recommendations, and other resources used by teachers and other instructional leaders in conjunction with ExploreLearning’s curriculum with the goal of improving student performance.
This statement describes the privacy and security practices ExploreLearning employs for this site. We have adopted these practices to protect you, the students, and the school district, and to enable each of us to comply with applicable legal requirements. Use of this site requires district acceptance of the practices outlined in this statement.
Two types of personally identifiable information are used on this site: your personal data and student data.
Your Personal Data
ExploreLearning collects information from you as you use this site. For example, you must enter certain personally identifiable information, including your name, e-mail address, and phone number. We use this information to verify your identity and prevent unauthorized access to your account and to contact you in connection with your use of this site.
Because you enter your personal data, you control its accuracy. If you discover that your personal data is inaccurate or if it changes or if you want to retain possession of it, you may make corrections by notifying us at [email protected] or call 888-399-1995. We will not share your personal data collected through this site with third persons without your consent. However, your personal data will be available to authorized users from your school district who have permission from the school district to access it. We will not use your personal data collected through this site for any purpose other than providing you with access to this site and the associated services. We will use the same security to protect your personal data that we use to protect student data collected through this site.
As you use this site, you will enter student data or interact with student data that has already been entered. Federal law (the Family Educational Rights and Privacy Act, “FERPA”) allows a school district to release student records to an organization that is “conducting studies for, or on behalf of, educational agencies or institutions for the purpose of developing, validating, or administering predictive tests… [or] improving instruction.”
However, FERPA requires limitations on disclosure of those records and implementation of appropriate security measures to protect those records. To help your school district comply with FERPA, ExploreLearning has adopted certain practices, and requires that educators using this site fulfill certain responsibilities to safeguard student data. Additionally, ExploreLearning operates in compliance with the Children’s Online Privacy Protection Act (“COPPA”) and obtains consent when necessary to collect information from children under 13 years of age.
The following statement explains our practices and your responsibilities regarding the student data you enter on this site.
Student Data Security and Confidentiality Statement
Purposes of Data Entry
You control what student data is entered on this site and you retain ownership of the student data at all times. Student data entered on this site should be limited to information that is relevant to the legitimate educational purpose of improving student performance. We will not ask you to enter, and you are instructed not to enter, data about students that is not relevant to this legitimate educational purpose.
Therefore, only a minimum amount of personally identifiable student data required for the setup of the system is requested. We require student first name, student last name, and student identification number. Additional data, not specific to the student, is also required to complete system setup, including the teacher’s first and last name, class name, grade level, and school name. Student demographic data, for the purposes of optional disaggregated reporting, is requested separately from the initial setup data and is obtained only with written permission from your district.
Use, Disclosure, and Storage
We will use the student data to provide the services to your school district. We will not keep the student data after you or the school district instructs us to delete it. You may not disclose or otherwise use the student data entered on this site for any unauthorized purposes.
We will only disclose student data to authorized employees or representatives of the school district, and will not knowingly disclose the student data to any third person without express written authorization. When, at the request of the district, we acquire assessment or other information, including personally identifiable student data, from a third party source we treat that information with the same confidentiality and security safeguards as though it were provided directly by the district. Additional agreements may be required by the third party to authorize transmission of data to ExploreLearning.
Your district may from time to time request that ExploreLearning provide student data to third parties of its choosing. We will do so with written authorization, which acknowledges that ExploreLearning is providing that data as your district’s agent and that once the data is received by the third party, ExploreLearning no longer has any control over the use or disposition of the data.
We may also use aggregated data in our research, product development, and marketing. That aggregated, non-personally identifiable data (e.g., summary or statistical data) may be shared with third parties. However, we do not use personally identifiable student data to market any products or services directly to students or their parents.
In the event that ExploreLearning wishes, from time to time, to release aggregated data that identifies your school or school district by name, ExploreLearning will enter into a separate agreement with you to authorize release and publication.
ExploreLearning does not utilize third parties to provide products and does not share your student data with any third parties.
You are responsible for keeping the student data that you enter accurate, complete and up-to-date. If you recognize that student data is inaccurate, incomplete, or out-of-date, you are responsible for correcting it. If you experience problems making corrections to student data, please notify us at [email protected] and we will assist you with making corrections.
We are committed to protecting student data against unauthorized access, destruction, use, modification or disclosure. Protecting student data requires efforts from us and from you. We will implement reasonable and appropriate safeguards when collecting student data from you and when storing that student data in our database and you will observe our security safeguards and exercise reasonable caution when using this site.
Specific institutional and technological security safeguards include:
- Only ExploreLearning employees who are authorized to handle student data are able to access the Data Management System.
- Only school district employees and representatives that the district authorizes as school officials are permitted to access the system. It has a hierarchical permissions system.
- A teacher will only be able to see data for his/her class.
- A Principal, Coach, or other authorized School User will be able to view all data at a given school.
- An authorized district-level employee, such as an Instructional Coordinator or Superintendent, will be able to see all data across the district.
- Each authorized school official is given a User ID and Password valid only for the duration of the academic year, including a summer program if applicable. You must safeguard your User ID and Password, and not permit any unauthorized access to student data entered or kept in ExploreLearning’s system.
- Upon written request by the district, ExploreLearning will destroy any student data for districts who no longer participate in an ExploreLearning program. ExploreLearning will provide written verification that the data has been destroyed as requested.
- If a district has not used any ExploreLearning product for a period of two years, ExploreLearning will provide written notice that the student data pertaining to their district will be destroyed, unless the district requests the records be kept. Upon destruction, ExploreLearning will provide written verification that the data has been destroyed.
- ExploreLearning uses industry standard server and network hardware and software to ensure that data is protected from unauthorized access or disclosure.
Although we make concerted good faith efforts to maintain the security of personal information, and we work hard to ensure the integrity and security of our systems, no practices are 100% immune, and we can’t guarantee the security of information. Outages, attacks, human error, system failure, unauthorized use or other factors may compromise the security of user information at any time. If we learn of a security breach or other unauthorized disclosure of your Personally Identifiable Information (PII), we will attempt to notify you so that you can take appropriate protective steps by posting a notice on our homepage (www.explorelearning.com) or elsewhere in our Service and we will send email to you at the email address you have provided to us. Additionally, we will notify the primary administrative contact at your school or district by email and telephone and assist with their efforts to ensure your notification.
Any such notice will include:
- The date of the breach.
- The type of information that was subject to breach.
- General description of what occurred.
- Steps we are taking to address the breach.
- The contact person with our Company who you can contact regarding the breach.
If you are a parent, legal guardian or eligible student and an unauthorized disclosure of your student’s PII records occurs, we will notify you by email at the email address we have on record for you or through notice to your school or district’s primary administrative contact in the event that we do not have an email address on record for you.
When you use this site, you consent to our privacy practices and agree to accept the responsibilities outlined in this statement.