Platform Privacy Policy

Effective September 29, 2016
Adobe_PDF_file_icon_24x24 Download Platform Privacy Policy

IO Education, LLC (“IO Education,” “we,” or “us”) understands that privacy is tremendously important to school districts and schools who purchase or subscribe to our Services (defined below) (“Clients”) and to educators and students whose information we may access on behalf of a Client (“Educators” and “Students”). Among other products, IO Education provides a platform that enables Clients to integrate data from their various solutions and products and securely store and use that data in one consolidated location. Educators and school administrators can then more efficiently use this data to analyze performance and assist them with personalized plans to drive achievement and performance. As we describe below, Clients decide which data is integrated with IO Education, and Clients are responsible for determining whether data are ever shared with the IO Education performance management platform.

This privacy policy applies to all of our products and services (collectively, the “Services”) and will help you understand how we collect, use and safeguard the personal information provided to us through the Services.  This Privacy Policy (the “Policy”) is incorporated into the services agreement (or related terms of use) between IO Education and its Clients or their users of our Services (the “Services Agreement”).  By using the Services, you acknowledge that you have read and agree to this Policy.  If you do not agree with this Policy, you may not use or access the Services.

This privacy policy does not apply to our marketing website, www.ioeducation.com.  Please visit https://ioeducation.com/privacy-policy/ to view the terms applicable to that website.

A Special Note for International Users of the Services:  Much of our computer systems are currently based in the United States, so your personally identifiable information will be processed by us in the United States, where data protection and privacy regulations may be different than other parts of the world, such as the European Union.  If you use the Services as a visitor from outside the United States, you are agreeing to the terms of this Policy and, if applicable, the end user terms of use posted in association with the Services, and you will have consented to the transfer and processing of all such information in the United States, which may not offer an equivalent level of protection of that in the European Union or certain other countries.

This Policy provides the following information:

  1. How We Collect and Use Information
  2. How We Share Information
  3. How We Protect Your Information
  4. Choices About Your Information
  5. Compliance with Student Data Privacy Laws
  6. Student Data Privacy Policies, Practices and Procedures
  7. Children’s Privacy
  8. Links to Other Websites and Services
  9. How to Contact Us
  10. Changes to Our Privacy Policy

Transparency. We will always be transparent with the methods we use to collect data and describe exactly how we will use it to the benefit and strict direction of our Clients and their users.

1. HOW WE COLLECT AND USE INFORMATION

We collect the following types of information:
Information about Clients and Their Users: We ask for certain information when a Client administrator, Educator or other user registers with IO Education, or if the user corresponds with us online, which may include a name, school name, school district name, school email address and/or account name and password, phone number, and/or message content. We may also retain information provided by a Client if the Client sends us a message, posts content to one of our websites or through our Services, or responds to emails or surveys. Once a Client begins using the Services, we will keep records of activities related to the Services. We use this information to operate, maintain, and provide the features and functionality of the Services, to monitor our service offerings and functionality, and to communicate with our Clients and their users.

We may also use general information we collect from Clients and their employee users to periodically send information that we think our Clients might find of interest from IO Education such as new services, special offers, or other important service changes. You may choose not to receive these communications by contacting us at unsubscribe@ioeducation.com or by following the opt-out procedure outlined in such communications.  Please note that opting out of receiving these communications will not remove your personal information from our files, and we will still contact you as necessary to provide the Services at your request.  We do not rent or sell Client or employee user contact information to third parties for marketing purposes.  We do not use Student Data for marketing purposes, and we do not send marketing communications to students or parents.

Student Data: IO Education may have access to personally identifiable information about Students (“Student Data”) in the course of providing the Services to a Client. We consider Student Data to be confidential and do not use such data for any purpose other than to provide the Services on the Client’s behalf as agreed in the Services Agreement. In most instances, IO Education receives Student Data only from the Client and never interacts with the Student directly. In some instances, depending on the level of Services selected by the Client, the Client may allow Students to log into the Services to provide data as authorized and directed by the Client. In that instance, the Client provides each Student with login credentials and confirms that it has obtained appropriate parental consents, as needed, before the Student is permitted to access the Service. IO Education has access to Student Data only as requested by the Client and only for the purposes of performing Services on the Client’s behalf.

Student privacy is very important to us. Student Data is used only for educational purposes at the discretion of the applicable Client.

Information Collected through Technology: We automatically collect certain types of usage information when visitors use the Services. We may send one or more cookies — a small text file containing a string of alphanumeric characters — to your computer that uniquely identifies your browser and lets IO Education help you log in faster and enhance your navigation through the Services. A cookie may also convey information to us about how you use the Services (e.g., the pages you view, the links you click and other actions you take on the Services), and allow us to track your usage of the Services over time. We may collect log file information from your browser or mobile device each time you access the Services. Log file information may include anonymous information such as your web request, Internet Protocol (“IP”) address, browser type, information about your mobile device, number of clicks and how you interact with links on the Service, pages viewed, and other such information. We may employ clear gifs (also known as web beacons), which are used to anonymously track the online usage patterns of our Users. The information allows for more accurate reporting and improvement of the Services. We may also collect analytics data, or use third-party analytics tools, to help us measure traffic and usage trends for the Services. We do not allow third party advertising networks to collect information about the users of our Services.

We use or may use the data collected through cookies, log files, device identifiers, and clear gifs information to: (a) remember information so that a user will not have to re-enter it during subsequent visits; (b) provide custom, personalized content and information; (c) to provide and monitor the effectiveness of our Services; (d) monitor aggregate metrics such as total number of visitors, traffic, and usage on our website and our Services; (e) diagnose or fix technology problems; and (f) help users efficiently access information after signing in.

Other non-public information or data received from Clients that constitutes “confidential information” under the terms of the applicable Services Agreement will be subject to the confidentiality terms outlined in that Services Agreement.

2. HOW WE SHARE INFORMATION

IO Education only shares personal information in a few limited circumstances, described below. We do not rent or sell information for marketing purposes.

  • We may share information (including Student Data) with certain third-party providers whose software or services interface with or otherwise may receive information from, or provide information to, the Services, but only as directed or approved by our Clients. We do not release Student Data to any third party without the prior written consent of the Client or the affected Student (if he or she 18 years of age or older) or his or her parent or legal guardian, as applicable.
  • We may share information with those that provide us with technology services (e.g. web hosting and analytics services), but strictly for the purpose of carrying out their work for us.
  • We may be required to share information with law enforcement or other third parties when compelled to do so by court order or other legal process, to comply with statutes or regulations, to enforce our Services Agreements, or if we believe in good faith that the disclosure is necessary to protect the rights, property or personal safety of our users.
  • If we sell, divest or transfer the business or a portion of our business, we may transfer information, provided that the new provider has agreed to data privacy standards no less stringent than our own. We may also transfer personal information – under the same conditions – in the course of mergers, acquisitions, bankruptcies, dissolutions, reorganizations, liquidations, similar transactions or proceedings involving all or a portion of our business.

3. HOW WE PROTECT YOUR INFORMATION

We store our data in the United States and we take strong measures to keep data safe and secure.
Storage and Processing: Any information collected through the Service is stored and processed in the United States. If you use our Service outside of the United States, you consent to have your data transferred to the United States.

Keeping Your Information Safe: IO Education maintains strict administrative, technical and physical procedures to protect information stored in our servers, which are located in the United States. While no service provider can guarantee absolute security when communicating over the internet or wireless networks, we are committed to taking steps to help secure any personal information that may be in our possession.  Access to information is limited (through user/password credentials and two factor authentication) to those employees who require it to perform their job functions. We use industry-standard Secure Socket Layer (SSL) encryption technology to safeguard the account registration process and sign-up information. We provide encrypted channels for our Clients to send data (and we do not have direct access to district systems). We secure our system against external hacking and attacks with firewalls and restricted access protocols.

You are solely responsible for maintaining the secrecy of any password used to log in to the Services, if any, and you should always be mindful and responsible whenever disclosing information online that the information is potentially accessible to the public, and consequently, could be collected and used by others without your consent.

4. CHOICES ABOUT YOUR INFORMATION

Account Information and Settings: Clients may update account information and modify Services by signing into the administrator account. Clients can opt-out of receiving promotional email from us by contacting us at unsubscribe@ioeducation.com  or by following the opt-out procedure outlined in such communications. You cannot unsubscribe from Service-related messaging.

If you have any questions about reviewing or modifying account information, contact us directly at support@ioeducation.com.

Access to Student Data: Student Data is provided and controlled by our Clients. Clients have access to their Student Data via the Services.  If you have any questions about reviewing, modifying, or deleting personal information of a Student, please contact your school district directly.

Deleting or Disabling Cookies: You may be able to disallow cookies to be set on your browser. Please look for instructions on how to delete or disable cookies and other tracking/recording tools on your browser’s technical settings. You may not be able to delete or disable cookies on certain mobile devices and/or certain browsers. For more information on cookies, visit www.allaboutcookies.org. Remember, disabling cookies may disable some of the features available on the Service, so we recommend you leave cookies enabled.

If you have any questions about data retention or deletion, please contact support@ioeducation.com.

5. COMPLIANCE WITH STUDENT DATA PRIVACY LAWS

With over 18 years of experience, IO Education provides the secure and private platform that enables Clients to integrate data from various sources and securely store that data in one place.

All interactions with Student Data are handled with attention to accuracy and protecting Student privacy.  Once Student Data is provided to us, we treat it as if it were our own children’s information.

Protecting the confidentiality, integrity, and availability of our Clients’ systems and data is of the utmost importance to us, as is maintaining Client trust and confidence. To that end, we ensure that our staff is trained and systems are in place to provide required security and confidentiality of Student Data. We have implemented training on the federal and state laws, regulations and policies governing confidentiality of Student Data and any PII (defined below) included in such Student Data for any IO Education officers and employees who will have access to Student Data and PII under the Client’s Services Agreement.  We also conduct background checks and  require that our employees and agents sign secure data handling signed prior to receiving such access.

IO Education has implemented practices and procedures designed  to meet or exceed applicable requirements in federal and state laws and regulations, school district policies, as well as private industry best practices, regarding the proper handling  and security of student information; these practices and procedures are described in further detail below.  Our use and maintenance of PII from Student Data is subject to the direct provision and control of our Clients.  Third parties and contractors that work with IO Education are subject to the same policies, requirements and security protocols as the internal IO Education team.

Different levels of access in our hosted data Services require different permissions, and we look to the Client to designate such permissions. System administrators assigned by the Client will have the ability (independently of IO Education) to enable or disable access by any given Client user to various portions of the hosted data Services, and if a Client desires to have us disable access by any previously-authorized Client user, an authorized official of the Client must notify us in writing, and we will take reasonably prompt measures to disable access for that user as requested.

IO Education has a designated Privacy Officer who ensures policies, practices, and procedures are followed with fidelity. Our current Privacy Officer, Peter Bencivenga, can be reached at pbencivenga@ioeducation.com or 866-817-0726.

Family Educational Rights and Privacy Act: IO Education understands and is compliant with all applicable aspects of the federal Family Educational Rights and Privacy Act, 20 USC § 1232(g) et seq. (“FERPA”), and associated regulations regarding “personally identifiable information” (“PII”), as such term is defined in FERPA, and IO Education follows federal guidelines in regard to the collection, production, and distribution of PII included in Student Data we receive.  For more information regarding FERPA, see http://www2.ed.gov/policy/gen/guid/fpco/ferpa/index.html .  We agree that we will manage and use such PII in accordance with FERPA and applicable state statutes, regulations, and policies.  We rely on our Clients’ proper compliance with FERPA provisions regarding the release of PII from education records by (a) Clients’ obtaining parental consent to share PII with appropriately approved or contracted third parties such as IO Education, or (b) Clients’ use of the “School Official” exception under FERPA (See http://ptac.ed.gov/sites/default/files/FERPA%20Exceptions_HANDOUT_horizontal_0.pdf and 34 CFR §§ 99.31(a)(1) and 99.7(a)(3)(iii)).

Compliance with State Student Data Privacy Laws: Our Services comply with specific state statutes, regulations, and policies regarding student data privacy and security.  To the extent a state has requirements not otherwise covered by these policies, please contact our Privacy Officer, Peter Bencivenga, at pbencivenga@ioeducation.com or 866-817-0726..

6. STUDENT DATA PRIVACY POLICIES, PRACTICES AND PROCEDURES

IO Education has implemented the following specific policies, practices and procedures with respect to Student Data:

  • Prohibition against using Personally Identifiable Information (PII) in student records to engage in targeted advertising. We do not sell, trade, or rent PII in Student Data to anyone outside the organization. We strictly limit internal access to Student Data and PII to those individuals who have a legitimate need for such access in order for us to perform our obligations under the Services Agreement with our Client. We do not use any PII for our own purposes and do not use any PII for the purposes of selling or marketing any product to any person or third party, whether such person or party is the subject of the applicable PII or otherwise.
  • Prohibition against using any PII in the student record for any purpose other than those required or specifically permitted by the contract. IO Education prohibits using any PII in Student Data for any purpose outside those required or permitted by the Services Agreement with the applicable Client. Any PII in Student Data to which we have possession or access will be used by us solely for the purposes of providing the Services to the Client, and for providing such information through the Services to those persons or parties to whom the Client has provided access to the applicable portion of the Services. We hold Client data in strictest confidence and do not disclose it to any third parties, unless such third parties are required to fulfill the contract, nor make use of such data for our own benefit or for the benefit of another, or for any use other than the purpose(s) agreed upon in the services Agreement. If third parties have access to Student Data as required by the Services Agreement with the Client, such access is only allowed through IO Education systems and process.
  • Collection of data and information from student records. IO Education does not collect any information separately from that which is provided by or through an educational institution that is within the scope of an approved and legally binding contract.
  • Description of the procedures by which a parent, legal guardian, or eligible student may review personally identifiable information in the student’s records and correct erroneous information. In general, the Client has the capability to provide any such person with access to the applicable data by means of the Services without the involvement of IO Education, and if deemed appropriate, the Client has the capability to revise such Student Data to address any inaccuracy without the involvement of IO Education. However, in the event our participation is necessary or useful to enabling access or addressing any inaccuracy that the Client or an adjudicatory body deems to be required, we will provide cooperation to enable such access or to address such inaccuracy. Importantly, only parents or guardians with FERPA rights may review or correct PII; Client must make such determination and communicate the same to us in the event our cooperation is needed. However, since all Student Data is provided to IO Education by the Client, any parent or Student request to correct data must come directly from the Client through regular Student Data updates or by utilizing specific management tools of the Services.
  • Description of the procedures for notifying the affected parent, legal guardian, or eligible student in the event of an unauthorized disclosure of the student’s records. In the unlikely case of an unauthorized disclosure of Student Data, we will make every effort to assist the Client in notifying the affected parents or legal guardian. We will notify the Client within 24 hours of becoming aware of any breach of our security system that reasonably could compromise any Student Data or PII.
  • Certification that a student’s records shall not be retained upon completion of the terms of the contract and a description of how that certification will be enforced. IO Education certifies that upon termination of the applicable Services Agreement with the Client, we will delete, in a secure manner, any and all Student Data or PII disclosed to us by Client under the applicable Services Agreement. However, at the Client’s request, we will provide the Client with exclusive, but limited access to its account for a period of ninety (90) days after the date of expiration or termination of the Services Agreement for the sole purpose of permitting Client to retrieve Student Data or PII, following which we will disable Client’s account and delete all Student Data or PII. Following termination or deactivation of a Client account, IO Education may retain non-PII Client information for a commercially reasonable time for backup, archival, or audit purposes. We may maintain anonymized or aggregated data, including usage data, for analytics purposes.
  • Student records continue to be the property of and under the control of the school district. IO Education ensures that Student Data is the property of and under the control of our Client. The Services only contains Student Data provided to it from the Client either through direct secure data transfer from Client servers or via Client controlled data gathering methods. We may be required to disclose PII to comply with a court order, law or legal process (including a government or regulatory request).  However, in advance of such agency request, we will provide the Client with notice of the requirement so that the Client may seek a protective order or other remedy if it so chooses. If, after providing such notice, IO must disclose the required PII, IO will only disclose that portion of the PII which, on the advice of our legal counsel, the order, law or process specifically requires us to disclose.

Different levels of access in our hosted data Services require different permissions, and we look to the Client to designate such permissions. System administrators assigned by the Client will have the ability (independently of IO Education) to enable or disable access by any given Client user to various portions of the hosted data Services, and if a Client desires to have us disable access by any previously-authorized Client user, an authorized official of the Client must notify us in writing, and we will take reasonably prompt measures to disable access for that user as requested.

  • De-identified personally identifiable information. The above outlines IO Education’s treatment of PII, but it is also very important to be clear what type of information is not PII. Once PII has been de-identified, that information is no longer PII. PII may be de-identified through aggregation or other appropriate means. The U.S. Department of Education has issued guidance on de-identifying PII in education records, available at http://ptac.ed.gov/sites/default/files/data_deidentification_terms.pdf. In order to allow IO Education to proactively address client needs, we anticipate using de-identified information to improve IO Education products and services generally. This does not mean we will market to you, necessarily, but that we may use de-identified data for general marketing to our Clients and prospective Clients. IO uses reasonable de-identification methods that avoid compromising the privacy or security of the PII provided to us.

7. CHILDREN’S PRIVACY

The intent of the Children’s Online Privacy Protection Act (“COPPA”) is to give parents control over commercial websites’ and online services’ collection, use and disclosure of information from children under the age of 13. COPPA does not apply to all internet-based services; when Services are used as intended and as contracted by the Client, such use may involve data from students under 13, but the student is not the end user and COPPA does not apply.

8. LINKS TO OTHER WEB SITES AND SERVICES

Please remember that this Policy applies to the IO Education Services  only, and not other websites or third party applications that may be linked via our Services, which may have their own privacy policies. You should carefully read the privacy practices of each third party application before agreeing to engage with the application through the Services. We assume no responsibility or liability for the privacy practices of any vendor or operator of third party sites or applications.

9. HOW TO CONTACT US

If you have any questions about this Policy or the Services, please contact us at privacy@ioeducation.com.  You may also contact our Privacy Officer, Peter Bencivenga, at pbencivenga@ioeducation.com or 866-817-0726.

10. CHANGES TO THIS POLICY

We reserve the right to change this Policy at any time by posting revised Policy on this webpage, and we will notify Clients of such posting via the most recent Client email address on file with us.  We encourage you to review this webpage periodically. The changes will be effective immediately upon notice or posting, and we will update the effective date of this Policy upon such posting. Your use or continued use of the Services following the posting or email notification (as applicable) of any changes to the Policy will be deemed to be your acceptance of the changed Policy.

Are You Ready To Improve Educational Outcomes?

Ask us about our products, pricing, implementation, or anything else!

Get Started: