èAV Student Data Privacy and Security
A pioneer in K–12 education since 2000, èAV is leading the way in next-generation curriculum and assessment, with our programs providing teachers with powerful tools that help them understand and respond to the needs of every student. Central to that work is building trusting partnerships with school districts and the parents and students we collectively serve, and supporting educators in using data in a way that is safe, secure, and effective. We demonstrate that commitment in part through the robust data privacy and security practices we maintain to protect student data entrusted to our care.
Core Principles:
These core principles guide our operations, employee behavior and product development:
- Customer Control: We help school districts securely manage their personally identifiable student information. The districts direct our use of the data, and control who has access to that data and with whom it is shared.
- Educational Purpose: Personal student information can only be used for customer-authorized purposes to support student learning through the secure and effective operation of our educational tools.
- Transparency: School districts, teachers, parents and students have the right to know what information is collected by school technology, how it is used and by whom, as clearly described in our .
- Commitment: Privacy and security are thoroughly embedded into our organizational practices. We dedicate substantial resources to systems, processes and personnel required to protect student information.
èAV Data Privacy and Security Practices:
èAV maintains a customer data privacy policy that explains our data collection, handling and use practices. In addition, èAV is a proud signatory of the , an industry initiative aimed at clearly and concisely stating school service provider commitment to safeguarding student data. |
èAV also maintains a that explains how student data is protected from unauthorized access. Data security practices at èAV are developed and maintained in accordance with the internationally recognized ISO27002 security standards. In addition, èAV has successfully completed the SOC 2 Type 2 examination of controls relevant to security and conducts such examination on an annual basis.
For more information, please review our and . If you have additional questions, please contact us at privacy@amplify.com.
State Law Compliance
èAV has entered into Data Privacy Agreements (DPAs) with districts across the country to facilitate compliance with applicable laws governing student data privacy. Unless otherwise noted, the DPAs are based on the Student Data Privacy Consortium’s (SDPC) model agreement which was created to streamline and simplify privacy contracting between providers and local education agencies (LEAs). For additional information please visit the and select your state.
General Offer of Privacy Terms:
To expedite your district’s need for student data protection agreement and speed up the contracting process, we have compiled the following DPAs, listed by state. By executing the General Offer of Privacy Terms, your LEA can “piggy back” off an existing DPA that other LEAs in your state have already agreed to. If you do not see your state below, please contact privacy@amplify.com.
Instructions:
Please download the General Offer of Privacy Terms, return an executed copy to your account representative, and retain a copy for your records. If you have any questions please reach out to privacy@amplify.com.
*Please note, states marked with an asterisk do not have a General Offer of Privacy Terms; however, please review the instructions below on how to quickly implement a DPA in compliance with your LEA’s state law.
Arkansas: and
California: and
Connecticut*
- To facilitate your district’s compliance with the requirements of Connecticut’s student data privacy law (Connecticut General Statutes §§ 10-234aa through 10-234dd), èAV is proud to offer our “Connecticut Terms of Service Addendum” linked below. This Addendum supplements èAV’s Terms and Conditions for use of èAV products licensed by the district available at /customer-terms.
- Addendum:
- Instructions: Please retain a copy for your records – no further action is required.
Florida: and
Illinois: and
Hawaii*
- èAV has entered into a with the Hawaii State Department of Education (HIDOE) which applies to any LEA associated with HIDOE. If your LEA is not a part of the HIDOE and you require a data privacy agreement, please reach out to privacy@amplify.com.
Maine: and
Massachusetts: and
Missouri: and
Montana: and
New York*
- To facilitate your district’s compliance with the requirements of New York State Education Law § 2-D and regulations promulgated thereunder, èAV is proud to offer our “New York Data Privacy and Security Addendum” linked below. This Addendum supplements èAV’s Terms and Conditions for use of èAV products licensed by the educational agency available at /customer-terms.
- Addendum:
- Instructions: Please retain a copy for your records- no further action is required.
New Hampshire: and
North Carolina*
- The issued by the North Carolina Department of Public Instruction (NCDPI) is not applicable to èAV’s services given èAV does not have a direct integration to any state system via API/plugin. You can review the NCDPI guidance here: . However, èAV can sign this form with some revisions. As such, we have prepared an which supplements the Data Confidentiality and Security Agreement.
- Instructions: Please download a copy of the , return an executed copy to your account executive, and retain a copy for your records.
Ohio: and
Oregon: and
Rhode Island: and
Tennessee: and
Texas: and
Utah: and
Vermont: and
Virginia: and
Washington: and
Wisconsin: and
Wyoming: and