FERPA Compliance
POINT Technologies' Compliance with FERPA:
POINT Technologies services adhere to all relevant provisions of the Family Educational Rights and Privacy Act (FERPA) (20 U.S.C. § 1232g; 34 CFR Part 99). We obtain Student Data from our School Partners, serving as a “school official” under FERPA, and solely process this data for educational objectives. For additional information on FERPA, please visit the U.S. Department of Education’s Privacy Technical Assistance Center.
-
Parental Rights to Records: We recognize the right of parents to request their student's volunteer records. However, we require joint requests from a school administrator due to our lack of data on student familial relationships. It ensures that we maintain the privacy and security of the student's data.
-
Directory Information: We only solicit "Directory Information" from school administrations and students, which encompasses the student's first name, last name, school email, date of birth, and zip code.
-
Subpoenas or Judicial Orders: Should we receive a subpoena or a judicial order demanding the disclosure of educational records, the related School Partner will be informed before any action is taken, in accordance with §99.31(a)(9).
For further details on FERPA, kindly refer to the U.S. Department of Education’s Privacy Technical Assistance Center.
COPPA Compliance
POINT Technologies' Adherence to COPPA:
Our services are fully compliant with the stipulations of the Children’s Online Privacy Protection Act (COPPA) (15 USC 6501 et seq.). When COPPA pertains to the information we acquire, such data is processed exclusively for academic reasons, under the direction of our partnering School and with the consent of the educational institution. For a deeper understanding of COPPA and the consent of educational institutions, you can refer to the Federal Trade Commission’s Complying with COPPA: Frequently Asked Questions.
Our COPPA & POINT Technologies' Data Privacy Measures:
POINT Technologies values the privacy of student data. Aligned with U.S. Federal Law, we commit to the following actions:
-
Limited Access: Access to students' educational records is restricted to educators and administrators who are officially recognized employees of our partnering institutions. Such access is granted exclusively for legitimate educational purposes.
-
No Unauthorized Use: We ensure that the educational records are not utilized for any motive other than those explicitly specified in our agreement.
-
Disclosure Limitations: Apart from our authorized representatives, who are fulfilling the terms of our contract, we refrain from disclosing any personally identifiable information to any other entity unless we are obligated by law or court order. In such cases, the institution providing the data will be informed at the time of the disclosure, unless the law or court order expressly prohibits such notification.
-
Safeguarding Data: We uphold rigorous administrative, technical, and physical measures to safeguard the confidentiality, integrity, and security of the personally identifiable student information in our possession.
-
Background or Reference Checks: On rare occasions, minors might be asked to undergo a background or reference check to apply for specific volunteer roles. These checks are always conducted with full consent, disclosure and are processed and stored securely through our partner Checkr, the leading background check company in the U.S. POINT does not store background check results or gather information to run the screening. The Fair Credit Reporting Act (FCRA) requires requesting organizations to follow the steps outlined in Checkr’s “Disclosure and Consent for Background Check” article to order a background check.
-
Data Encryption: We use encryption technology to ensure the protection of data while it's in transit from unauthorized disclosure. As of the current state of our system, data at rest (when stored) is not encrypted. However, we maintain rigorous administrative, technical, and physical measures to safeguard the confidentiality, integrity, and security of the personally identifiable student information in our possession. We are committed to continually assessing and improving our security protocols in line with industry standards and best practices.