STUDENT DATA PRIVACY
For Genuine Digital School (hereinafter “GDS”, “we”, “us”)privacy and safety of our community is hold in highest regard. For this reason, it is important that parents, students, interested families and our collaborators are aware of the types of personal data we collect and process, why we need it, who it may be disclosed or released to and under what circumstances, and rights regarding personal information.
OVERVIEW OF PRIVACY LAWS
Genuine Digital School is a private school registered in the State of Florida aligned with federal and state privacy and education laws. This includes the Family Education Rights Privacy Act (FERPA), the Protection of Pupil Rights Amendment (PPRA), the Children’s Online Privacy Protection Rule (COPPA) and Florida statues for privacy and education. That said, we recognize that the strength of privacy laws varies from state to state, and closely follow new and emerging privacy legislation in other states and in Europe and Latin America that significantly improve privacy rights and protections for you. We have adopted and incorporated guidance from the most progressive privacy laws, including the General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA) as part of our ongoing commitment to the privacy and security protection of data you entrust to us.
Date of Last Update. 1 September 2022
PERSONAL DATA DEFINITIONS AND TERMS
Data Privacy terms and definitions may vary from state to state. For GDS, the term Personal Data is defined as:
“Personal Data” means any information that identifies, relates to, describes or is reasonably capable of being associated with or linked, directly or indirectly with an individual.
Personal Data includes, but is not limited to: your name, phone number, email address, your physical or postal address, student ID numbers, accounts and passwords, social security number, date of birth, place of birth, your device IP address, biometric information such as your photograph or fingerprint, education records and any data associated with health or family financial information.
We also use the terms aggregated data and de-identified data when we discuss educational reporting requirements, statistics, and research.
“Aggregated information” means that data that could directly or indirectly identify an individual student has been removed (de-identified) and the remaining data has been combined with multiple records to use for statistical information and summaries.
For example, information about the graduation rate for a graduating class or school is combined with graduation rates for other schools and districts across Florida for statewide statistical reporting. Statistics on the percentages of students by outcomes and student subgroups is publicly posted to demonstrate school, school district and state educational performance and accountability, but cannot identify an individual student, either directly or indirectly.
SOURCES OF DATA
Personal Data includes data that is collected:
We obtain and strictly enforce Parent or Guardian Consent prior to setting up any accounts or services for all children, specifically including children under the age of 13 in accordance with the Children’s Online Privacy and Protection Act (COPPA) as well as for students under 18 years of age or are otherwise not legally “eligible” by federal education privacy laws to provide consent on their own behalf as explained below.
Under the Family Educational Rights Privacy Act (FERPA), an “eligible” student is a student who has turned 18 years of age or a student who has not yet turned 18 but who has graduated from high school and attends a postsecondary institution. Eligible students may also include emancipated minors regardless of whether the student has turned 18 years of age. Upon reaching “eligible” status, all rights transfer from the Parent to the student.
By accepting this Student Data Privacy we understand that you accept and consent the creation of accounts and services for the children you represent.
WE DO NOT
WHAT WE COLLECT AND WHY
We have organized the types of data we process by overall subject areas detailed below to give you a meaningful context of what the data is why we need it, and how it is used. Please contact us using a method in the ‘How to Contact Us’ section if you would like to know more about any type of personal data we process that may not be described here.
Cookies. When visitors or users connect to an GDS website, application or technology within our environment, we automatically send “cookies” to your device. Cookies are small data files our servers send to your device, referred to as “session cookies” and persistent cookies”. Session cookies are removed when you close your browser or session. Persistent cookies are stored on your device and are used to remember your preferences and settings, enable and optimize site navigation and function, and collect statistical information from your device on how the application or service is performing and enables us to monitor performance, administer and troubleshoot any service or functionality problems.
Persistent cookies used for statistics and analytics may contain information about your device and browser, such as your device ID and IP address, your browser type and version, and your device Operating System, On a case by case basis, we may need to combine this information with additional logs, such as your account login and session information if we need to assist you to troubleshoot and resolve technical problems. We do not use, disclose or share any of our cookies or analytics data for behavioral targeting of advertising to students.
Do Not Track Signals. Do Not Track (DNT) is a privacy preference you can set in your web browser, which allows you to opt out of tracking by websites and online services. GDS does perform tracking for advertising or marketing purposes but respects DNT signals.
Application Use Statistics. We collect general usage data about the number of visitors that visit our site and internal environment to see infrastructure and application performance trends, load times, errors and slow transactions. We use this data to ensure our infrastructure and applications are sized effectively for performance during peak usage times and the overall traffic volume, monitoring and troubleshooting of any issues that would degrade student LMS performance, and improve our education applications, products and services This data may include the connecting device vendor, device types and versions such as IOS 13.6.1 or Android 10, session identifiers, device IP addresses, browser types and version information.
Application Licensing Data. For our LMS system users, we collect license usage logs showing per-seat and per course license usage data. The License usage data includes the student’s first and last name, LMS ID, email address and course usage information. We use this data for license and course statistics and analysis, to ensure students have the access needed for their courses and troubleshoot any license problems preventing course accessibility and usage.
Application and Security Logging. When you are connected to an GDS website, application or technology within our learning environment, we automatically collect information about your device, which may include; your IP address, your Operating System information, your browser information and version, your site interaction and usage activity. We may correlate this information with other security relevant logs if we need to investigate security incidents, protect against malicious, deceptive, fraudulent, or illegal activity and remove or prosecute those responsible for that activity. We keep security relevant logging data for at least one year but may keep for longer periods if needed for security events and incident investigations. Logs associated with security incidents or illegal activity may be shared with GDS Incident Response service partners, law enforcement and legal personnel to investigate and prosecute illegal activity.
Assessments. We create, administer and record information related to student assessment, including; discussion based assessments, module exams, quizzes, segment exams, observation data and statewide assessments such as Florida Standards Assessments (FSA), End-Of-Course (EOC) Assessments, Advanced Placement (AP) exams, and related statewide assessment data. The amount of personal data needed will be dependent on the type of assessment, but generally includes; the student first and last name, grade-level, gender, Student ID(s), the test date, the course subject, the school and school district ID, and performance scores. Other exams, such as the Scholastic Achievement Test (SAT) will need the student to supply significantly more information, including; race and ethnicity, social security number, full mailing address, email address and phone number. We use assessment information to determine student progress and needs, aid in placement determinations, record student achievement, and maintain accountability and performance reporting required by the FL State Board of Education.
Attendance. For our students, we record daily and cumulative attendance. Attendance Reporting data includes the student’s first and last name, Student ID, birthdate, gender, grade-level, daily and the annual cumulative days present, daily, and cumulative days absent, prior school, enrollment entry date with GDS and withdrawal date if applicable. The FL Department of Education requires all schools to maintain and report a register of attendance and enrollment showing the absence or attendance for each student enrolled during the prescribed time. Attendance data is used to confirm the student has met the minimum number of days with the required instructional hours by grade-level to receive credit.
Communications. When visitors and guests that are not registered with GDS yet contact us by phone, email, Facebook or twitter message, we ask for your first and last name, your email address and/or phone number to respond and maintain contact with you until your question is answered or assistance is completed to your satisfaction. If you contact us using the ‘Request Info’ link to request information about our educational offerings, we also ask whether you are a parent, student, teacher, school administrator or other interested visitor, which educational offerings you would like to know more about, and what Country and State you are located in to determine what educational offerings are right for you.
Conduct and Discipline. This subject area contains data related to student conduct, disciplinary and behavioral information, from minor infractions up to major incidents including suspensions and expulsions. Data associated with minor infractions includes the student’s name. grade-level, course, teacher names and incident details. As described in Florida Statute 1006.13, FL has a zero-tolerance policy for crime and victimization. These incidents must be reported to the FL Department of Education for each occurrence anytime of the day or year. Consultation with and reporting to law enforcement may also be required for incidents involving crimes or injuries. School Environmental Safety Incident Reports (SESIR) include; the student(s) first and last name, gender, birthdate, grade-level, student IDs, date and time of incident, name of the official reporting the incident, the incident identifier, incident details and codes, discipline action and duration, the incident type, case number, report, affidavit or arrest details, and victim names or student identifiers if the incident involved victims. GDS strictly adheres to the code of conduct following Florida Statutes 1006.13 and F.S. 1006.07(2) to provide a safe and supportive learning environment for all students and staff, regardless of economic status, race, or disability.
Demographics. We collect student demographics information that may indicate highly sensitive information about the student and their family. This information is strictly controlled and limited to a minimum number of staff needed to administer these educational programs and services. Demographic data includes the student’s legal first and last name, birthdate, grade level, gender, race and ethnicity, state local student identifier numbers, Florida education identifier, state and county resident status, district and school numbers, the school year, the student’s native language, the primary language in the student’s home, the student English Language Learner (ELL) proficiency status, the student country of birth, the date the student entered a United States school, migrant program eligibility, the student graduation options (standard, accelerated, or option curriculum). The U.S. Department of Education, federal and state laws and boards of education require us to collect this information for school, district, state and federal education program and funding eligibility and accountability reporting. This information is used to evaluate and ensure students are being treated equitability regardless of race, ethnicity, or economic status and to extend program improvements to underserved and vulnerable populations.
Enrollment and Registration. When a parent/guardian or eligible student registers and enrolls with us, we collect data including; the Parent/Guardian and Student’s contact information described below, the student demographics information, prior school transcripts, birth certificates or other evidence for verifying the student’s birth per Florida Statute 1003.21, FL county proof of residency verification per Florida Statute 1009.21, immunization certifications if required, entry dates and enrollment status, Special Indicator information needed to provide tailored education services or provide accommodations, as well as student course selections and preference information. This information is needed to meet verification and reporting requirements specified by Florida Statutes and ensure we can meet the student’s education needs, course preferences and requirements.
Media Consent. Names, images and/or course work of GDS students will not be published in print video/form, or on our website without the written student and guardian consent. We will specifically request your consent to use your student’s name, photos or video for internal GDS media and events, such as the yearbook, Honor Roll, and associated school publications and marketing or educational promotional materials.
Please note, the Family Educational Rights Privacy Act (FERPA) defines ‘Directory Information’ as “information that is generally not considered harmful or an invasion of privacy if released and can also be disclosed to outside organizations without a parent’s prior written consent”. We do not release directory information to any non GDS affiliated external entities, including military recruiters and universities.
Parent/Guardian and Student Contact Information. When a parent/guardian or eligible student registers with us, we collect; the student’s first and last name, email address, phone number, home or postal address and username for initial student account setup, grade-level, student-type, school district; parent or guardian full name, username for initial parent/guardian account creation tied to the student account, relationship to student, email, phone and contact preferences, including text message Opt-In preferences to receive school communications over text. We use this information to: respond to questions or assistance tickets when you contact us, facilitate communications between students, parents, educators and support staff to facilitate your student’s personalized learning, relay school communications and announcements, notify you of school sponsored events, activities and educational services, grants and scholarships opportunities that you may be interested in; features and updates to our learning environment platforms, applications or educational content.
Parent/Guardian IDs. This data category refers to the GDS Learning Management System (LMS) Parent/Guardian account identifiers that are tied to the student’s LMS account. Data associated with the Parent/Guardian ID includes the parent contact information, email address, account name, password and security questions. These accounts are used for Parent/Guardian login to monitor the student’s progress, communicate with teachers and staff to support their student’s learning needs.
Schedules. We collect information on student requested courses by grade-level and term to match the courses needed with teachers for the required courses. This data includes the student first and last name, FL education ID, course code, section/classroom, course term, period, the corresponding teacher identification, and student final grades.
Special Indicator information. We collect Special Indicator information that may contain highly sensitive information about the student /or their family. This information is strictly controlled and limited to a minimum number of staff needed to administer these educational programs and services. This subject area may contain information such as English Language Learner (ELL) status level and progress, low income status, student disability information, data associated with Individual Education Plans (IEP) or Section 504 plans that may contain medical conditions or health data, living situations such as Hospital/Homebound, homeless/foster care, migrant status or similar indicators. This information is essential for education officials and teaching staff to ensure we can provide accommodations and tailor education plans to meet student needs. Aggregated data reporting on Special Indicator information is required to the Florida Department of Education for audit and accountability reporting under Every Student Succeeds Act (ESSA) to improve education outcomes, programs and services for students with unique needs and/or disabilities, disadvantaged and underserved student population subgroups.
Student Identifiers. This subject category includes student numbers that directly identifies the student. Each identifier number is needed to uniquely associate the student to their enrollments, schedules and courses, attendance, assessments and transcripts within the Learning Management System, at the GDS school, district and state levels.
Student Program Membership. This category contains information related to the student’s participation in clubs or activities the student may belong to or participate in, such as Maths Clubs, Literary Clubs, Musical Band, Gdreams incubator, or many others from multiple GDS clubs. Data in this category includes the student’s full name, parent guardian names, parent/guardian signed consent forms for club participation, field trips and events detailing the consent purpose, activity details, dates and locations, emergency contact and medical treatment authorizations. Medical approval forms may also be included if needed for sports or other physical activities. Although club participation is entirely voluntary, students repeatedly respond that club and activity participation has enhanced their educational experience. Personal data in this subject group is deleted at the end of club participation or when it is no longer needed.
Student Survey Responses. Student questionnaires are conducted multiple times per semester to obtain student feedback and gauge the student’s course and instructor experience. The completed data includes the course name and course ID, course term, period, the teacher, questions and responses. All surveys are anonymous and aggregated to ensure the individual students cannot be identified. We utilize this information to gauge the students experience for course improvement and instruction development.
Student work products. This category consists of information such as homework, notes or comments on classroom activity, study materials, papers and essays, video or audio recordings, or other information created by the student. This material can be retrieved by the student or parent/guardian in the current year but GDS deletes this data at the end of every year when no longer needed.
Transcripts. We produce and mantain transcripts. Permanent transcript data elements include; the student’s full legal name and any known changes due to marriage or adoption, authenticated birthdate, place of birth, last known address, names of student’s parents/guardians, names and location of last school attended, number of days present and absent, date enrolled, date withdrawn, the Student’s education IDs and local identifier numbers, term, grade-level, course number, course sequence number, courses taken, record of achievement, final grade, credit earned, test performance scores, degrees or certifications, honors received, school year, school number where the credit was earned, district number where credit was earned. This information is used to measure progress, demonstrate student completion and achievement towards their goals. FL statute 1002.42(3)(a)2.a. designates this information to be of clear educational importance and must be maintained as a permanent record. This information applies to the student’s cumulative record, either before or after graduation or withdrawal.
WHO HAS ACCESS
In accordance with federal and state laws, access to student records is limited to:
CONDITIONS FOR RELEASE OR DISCLOSURE
Parents of Eligible Students. Under the Family Educational Rights Privacy Act, parents can request and access the records of the “eligible student” without the student’s consent if the student is a dependent for tax purposes.
Transcripts to Schools. When GDS parents/guardians or eligible students send us a signed Transcript request, we will forward your transcripts to the destination school or agency you identified in your request. Please be aware that the email for transcripts requests is email@example.com
Legal Obligations. We may be required to disclose information about education records, including discipline records in response to subpoenas, court orders, ongoing legal action or litigation, the Department of Juvenile Justice, and law enforcement authorities with legal orders or interagency agreements. We will make a reasonable effort to notify the parent (or school of record if applicable) prior to complying with the subpoena or court order, unless the legal order specifies not to disclose or notify the parent.
Cyber Security Incidents. We monitor GDS system and application logs to prevent, detect and investigate security events and incidents, protect against malicious, deceptive, fraudulent, or illegal activity and remove or prosecute those responsible for that activity. We may provide evidence from incident investigations to law enforcement officials, including the local police or the Federal Bureau of Investigation (FBI) and legal counsel to facilitate criminal investigations and prosecution.
Emergencies. In emergencies, school officials can provide information from education records to Law Enforcement, Medical personnel, or other state designated Health and Safety officials in response to an extremely time sensitive and specific threat or emergency effecting the health or safety of the student or others.
Financial Aid. If the parent/guardian or student has applied for or receives financial aid or assistance, officials associated with the financial assistance programs may need to review student records to determine aid eligibility, the amount, audit and verify any conditions for the aid, and enforce terms and conditions or determine continued eligibility associated with the assistance program.
Auditing and Evaluations. Auditing officials for the federal or state government and board of education authorities, and also organizations that accredits primary and secondary schools throughout the United States and internationally, such as Cognia may need to view student records to complete audits and evaluations. Auditors can only request access to the required records needed to evaluate education and only for the duration needed to complete the audit.
State Accountability Reporting. We report information during FL Department of Education designated times or survey periods. This may include; the student first and last name, Student Identifiers, grade-level, projected graduation dates, student demographics, enrollments and withdrawals, schedules and transcript information. We also report attendance information, assessment information, conduct and discipline information, Special Indicator information, federal aid assistance information, final grades and assessment scores. This information, either in full or in aggregated form is required for statewide performance and accountability statutes.
The State of Florida Department of Education uses this information for auditing, monitoring and evaluating school, school district and state level education programs and reporting of federal statistics and information under the Federal Educational Rights Privacy Act (FERPA) statute. These records are maintained by the FL Department of Education for five years or until federal or state audit and evaluation functions are completed.
De-Identified Data for Research. We receive requests from Colleges and associated educational research partners for educator, class and student data to evaluate and improve the effectiveness of class content, instruction approaches, learning applications and technologies. Our Research team uses a comprehensive process to evaluate these requests and ensure privacy is strictly maintained for our students and teaching staff. This includes verifying the data requested is anonymous or de-identified, meaning it cannot be associated or linked to you, either directly or indirectly.
Research involving personal data. In accordance with FERPA guidance and state statutes for the Studies Exception, we also receive research proposals requesting data about individual student or educator information, or requests to survey our students or staff. These proposals are thoroughly reviewed for several factors, specifically including privacy considerations and requirements as well as the potential resource impacts on our students or staffs. Compelling requests that show clear benefit to our student educational outcomes may be forwarded to our GDS Research Committee for additional review and consideration. If the Committee approves a proposal involving potentially sensitive student personally identifiable information or student survey requests, we will contact you with details about the proposal to request your consent. If the proposal is approved, we will enter into a Data Sharing Agreement with the Researcher to confirm they will comply with all requirements for security and privacy protections, including; verifying all research participants have completed background checks and fingerprinting in accordance with Florida statutes, they agree to provide security protections to secure and restrict access to your data, and to securely delete or destroy the data upon completion of the research study.
HOW WE PROTECT PERSONAL DATA
GDS uses industry standards and best practices policies, procedures and techniques to provide defense in depth protection for our systems and your data. This includes, but is not limited to:
RIGHT TO ACCESS. You have the right to access, inspect and review your personal data. For GDS Full Time parents/guardians and eligible students, your personal data is accessible from your GDS account home and student records tab. If you have any problems or need assistance to access your records, please contact us using one of the contact options below for assistance.
RIGHT TO CORRECT. You have the right to request correction or amendment to the content of your student education record on the grounds that it is inaccurate, misleading, or in violation of your privacy rights. Please contact us using one of the contact options below to request corrections or amendments, with a clear description of the record and why it should be changed. If GDS decides not to amend your personal data, we will notify you of the decision and reasons, as well as your right to request a hearing regarding the request for amendment. Additional information regarding the hearing procedures will be provided to the parent/guardian or eligible student when notified of the right to a hearing. If the hearing results in a decision not to correct the requested record, you have the right to place a statement in the record commenting on the contested information and why you disagree with the decision.
RIGHT TO WITHDRAW CONSENT. You have the right to provide written consent before a school discloses personally identifiable information from your education record except for the legally authorized purposes discussed in the disclosures section above. We follow a do-not-disclose by default policy. Parents/guardians and eligible students may choose to Opt-In and consent to disclose for specific purposes, such as our Media Consent Form. You have the right to change your consent choices or preferences at any time. Please contact us using one of the contact options below for assistance.
RIGHT TO TRANSFER. You have the right to transfer your information. When parents/guardians or eligible students send us a signed Transcript request, we will forward your transcripts to the destination school or agency you identified in your request.
RIGHT TO ERASURE. We are obligated to retain personal data contained in your education records in accordance with Florida General Records schedules. This includes student transcript information defined by Florida statute 1002.42(3)(a)(2) that must be maintained as a permanent record. For Global students that reside outside the United States or in the European Union (EU), please contact us if you have a specific question or concern about our data retention requirements if you believe it conflicts with your right to request erasure, under certain circumstances as defined by the EU General Data Protection Regulation (GDPR).
EXERCISE YOUR RIGHTS. We encourage Parents/Guardians and eligible students to not only understand your rights concerning your personal data, but to exercise your rights without fear of discrimination or reprisal. We will not reduce, degrade or deny any of the existing education services or protections we provide when you exercise your privacy rights.
ACCOMMODATIONS AND ALTERNATE LANGUAGE SUPPORT. GDS staff members are available to assist any accommodations necessary for Students and parents such as alternate language support or verbal review and discussion between parents/students and instructors or staff members to review this policy and understand their rights. Please contact us for any support you or your student may require.
We want to connect you the best resources and subject area experts to assist you. If you have questions or concerns that is not related to your privacy, we have included contact information for other teams that are also here to help.
Privacy Contacts. If you have any questions or would like to know more about our privacy practices or your privacy rights, please contact us at firstname.lastname@example.org
Please note, Florida law identifies email addresses as public records. If you do not want your email address released in response to a public records request, do not send your request over email. Contact us by phone or in writing using an option listed below.
You can also submit questions and Privacy Rights Requests to our address at: 980 North Federal Highway, Suite 110, Boca Ratón, Florida 33432.
Education Records Resources. If you have questions about your Education Record that is not related to privacy question or concern, please contact our Records Management subject matter experts at email@example.com
Other Ways to contact us. We have multiple ways to contact using your preferred method, including Facebook and Twitter. You can review our contact options on the GDS site contact page studyatgenuine.com or call a customer care representative at USA +1 786 789 0299, and ask to be connected with an Information Security and Privacy team member.