Table of Contents
Last modified: November 16, 2023
Using the Services, you authorize us to access your SIS or receive Student Data or other information via SIS, Secure File Transfer Protocol (“SFTP”), Google Classroom integration, or any other secure transfer method to provide software integration services.
Keeping Student Data Confidential And Complying With Applicable Laws
In compliance with FERPA 34 CFR Part 99.31(a)(1), we provide the Services under the school’s official exception of FERPA, ensuring the privacy and confidentiality of student information.
Under COPPA, online service providers are required to obtain explicit and verifiable parental consent before collecting personal information from children under 13. By accessing our Services, you represent and warrant that you have the authority to provide consent on behalf of parents, allowing us to collect information from students to provide the Services as described in these Terms.
Authorization To Access Your Student Data
By agreeing to these terms, you authorize P2C to access Student Data. You will provide a means for us to access the information stored in your Student Information System (SIS), such as using Secure File Transfer Protocol (SFTP), Google Classroom integration, or any other secure transfer method that allows us to provide software integration services.
Please note that we will only access and process Student Data for the sole purpose of providing the Services. As the owner of all rights, titles, and interests to all Student Data, you bear full responsibility for all Student Data, whether provided by you, students, or others. It’s important to understand that we do not own, control, or license Student Data except for the purpose of delivering the Services.
Certain Pathway2Career services provide the functionality of single sign-on access or data integrations with third-party education technology providers or developers (“Developers”) that you designate to access Student Data through our API securely. It is important to note that we will not send Student Data to any third-party Developer without your explicit authorization.
If you wish to revoke any Developer’s ongoing access to Student Data via the API, you can do so at any time by contacting our Technical Services at 833-265-6313.
We ensure that access to Student Data is granted only to authorized employees and trusted service providers who have a legitimate need to access such information to provide the Services to you. All individuals involved in handling Student Data are required to treat it as strictly confidential and are prohibited from redisclosing the data except when necessary for the provision of the Services.
To maintain transparency, we maintain access logs that record all disclosures of or access to Student Data within our possession. Upon your request, we will provide you copies of these access logs.
Schools control access to Student Data. Parents, legal guardians, and students can request their Student Data via their Schools. If any changes need to be made in P2C, the district will upload the new Student Data.
How We Use Your Student Data
This license allows us to use, transmit, distribute, modify, reproduce, display, and store the Student Data solely for the following purposes:
Maintaining, supporting, evaluating, diagnosing, and developing our Services.
By agreeing to our terms, you acknowledge that we may collect and utilize De-Identified Data for various purposes. De-Identified Data refers to information from which all personally identifiable details have been permanently removed or obscured, making it impossible to identify individuals. We may use this data to operate, analyze, improve, market, or develop educational sites, services, or applications. Additionally, we may share or publicly disclose De-Identified Data in aggregated or anonymized forms to protect the privacy of schools and students. For example, we may track the number of users on a school level without revealing specific details. Furthermore, we reserve the right to use, store, transmit, distribute, modify, copy, display, sublicense, and create derivative works of De-Identified Data even after our agreement has expired or been terminated.
RESTRICTIONS ON THE USE OF STUDENT DATA FOR ADVERTISING
To ensure clarity and transparency, we want to clarify that we will not use Student Data for specific purposes. These include using the data to advertise or market to students or engage in targeted online advertising toward them. We also will not use Student Data to promote or market educational products and services to parents or guardians unless we have obtained consent from the parent/guardian and/or School.
Furthermore, we will not develop profiles of students, parents/guardians, or groups except for the purpose of providing educational services or as authorized by the School or a parent/guardian. We will also not use Student Data for any other commercial purpose unless specifically authorized by the School or permitted by applicable law.
However, there are some exceptions to these limitations. P2C may still engage in marketing educational products and services directly to parents, guardians, or School employees if this marketing does not result from the use of Student Data obtained through our Services. Additionally, we may use Student Data to recommend educational products or services to parents/guardians or School employees, as long as these recommendations are not influenced by payment or consideration from a third party.
Lastly, we may use aggregate information to inform, influence, or enable marketing, advertising, or other commercial efforts in a general sense, without compromising the privacy and confidentiality of individual student data.
Deleting Student Data And Terminating Your Access To The Services
DELETING STUDENT DATA
According to legal requirements, students and parents may have the right to request modifications or deletion of Student Data. However, it is important to note that these requests should be directed to the student’s School rather than P2C. Upon receiving a written request from a School, we will delete a student’s Student Data (excluding De-Identified Data) in our possession within a commercially reasonable time, at most ten (10) business days. Please keep in mind that data stored in backups or internal logs may take up to sixty (60) days to be entirely removed. It’s important to note that information previously shared with others through the Service, such as message content, may not be able to be deleted.
TERMINATING YOUR ACCESS TO THE SERVICES
Upon receiving a confirmed notice of termination, we will promptly cease accessing your SIS (Student Information System). Within seventy-two (72) hours of receiving the termination notice, we will automatically delete or de-identify all Student Data, except for any data stored in backups or internal logs, which will be removed within sixty (60) days. It is important to note that since the Student Data accessed by P2C is already present in the School’s SIS system, we do not offer a mechanism to return the Student Data upon termination. Rest assured that we take the necessary steps to ensure the secure and timely deletion or de-identification of Student Data in compliance with our policies.
Privacy And Security
Our servers, where the data is stored, are located in the United States. Access to Student Data is restricted only to authorized employees or service providers who require such access for their job responsibilities.
In the event of an unauthorized release, disclosure, or acquisition of Student Data that compromises its security, confidentiality, or integrity (referred to as a “Security Incident”), we will promptly notify the account owner of any affected Schools via email. We will also cooperate with their investigations of the incident, taking reasonable steps to address the situation. The notification regarding the Security Incident will include information about the nature of the incident, our investigative actions, the type of Student Data affected, the known cause of the incident, actions taken or planned to mitigate any negative impact, and any preventive measures implemented to avoid future incidents.
If a Security Incident occurs due to the actions or negligence of P2C or its agents, and if applicable privacy laws require notification to individuals, organizations, or government entities, you, as the owner of the Student Data, agree to assume responsibility for the timing, content, cost, and method of the required notice, as well as compliance with the relevant laws. P2C will provide indemnification to Schools for reasonable costs associated with legally mandated notifications. P2C will be responsible for the timing, content, cost, and method of notice, as well as compliance with applicable laws, in relation to users who are not associated with a School account.
Fees And Payment Terms
The School agrees to pay all fees specified a Purchase Order or Contract that is entered into between you and P2C per the payment schedule set forth in such document. Unless specified in the purchase order or contract, all payment obligations are non-cancelable, and fees paid are non-refundable. The products available for purchase from P2C are proprietary, customized, and fully functional. Online demos and sample deliverables allow you to evaluate products before you make a purchase decision fully. If a product doesn’t have a demo, additional resources such as image previews and video materials are available to help you better understand how it works and if it will fit your needs.
You will provide us with valid credit card information, a valid purchase order, or an alternative payment document reasonably acceptable to us. If you provide us with a credit card, you authorize us to charge such a credit card for all purchased products and services listed in the Order Form(s). Such charges will be made in advance, either annually or in accordance with any different billing frequency stated in the applicable Order Form. If the Order Form specifies that payment will be by a method other than a credit card, then we will invoice you in advance and accordance with the relevant Order Form(s). Unless otherwise stated in the Order Form, invoiced charges are due net 30 days from the invoice date. You are responsible for providing complete and accurate billing and contact information and notifying us of any changes to such information. If any amount you owe under this Agreement or any other agreement is 30 or more days overdue, then we may suspend our Services to you without limiting our other rights and remedies until such amounts are paid in full. Prices and fees are exclusive of any federal, state, local, or other taxes, which will be your responsibility unless you provide us with proof of your tax-exempt status. Taxes, if any, will be listed separately on the invoice. You will provide us with a certificate or other evidence documenting your tax-exempt status upon our request.