Gaggle

Student and Staff Data Privacy Notice

Add Comment

Powered by Cookiebot<ul> <li>Consent</li> <li>Details</li> <li>[#IABV2SETTINGS#]</li> <li>About</li> </ul>This website uses cookiesWe use cookies to offer you a better, more relevant experience and improve site performance. By clicking Accept All, you acknowledge and agree to our use of cookies. If you Decline, your information won’t be tracked when you visit this website. A single cookie will be used in your browser to remember your preference not to be tracked. Consent SelectionNecessary Preferences Statistics Marketing View Preferences<ul> <li>Necessary 21 Necessary cookies help make a website usable by enabling basic functions like page navigation and access to secure areas of the website. The website cannot function properly without these cookies.<ul> <li>Amazon1Learn more about this providercookies.jsDetermines whether the visitor has accepted the cookie consent box. This ensures that the cookie consent box will not be presented again upon re-entry. Expiry: SessionType: HTTP</li> <li>Cookiebot1Learn more about this providerCookieConsentStores the user's cookie consent state for the current domainExpiry: 1 yearType: HTTP</li> <li>Google6Learn more about this provider_GRECAPTCHAThis cookie is used to distinguish between humans and bots. This is beneficial for the website, in order to make valid reports on the use of their website.Expiry: 180 daysType: HTTPrc::aThis cookie is used to distinguish between humans and bots. This is beneficial for the website, in order to make valid reports on the use of their website.Expiry: PersistentType: HTMLrc::bThis cookie is used to distinguish between humans and bots. Expiry: SessionType: HTMLrc::cThis cookie is used to distinguish between humans and bots. Expiry: SessionType: HTMLrc::d-15#This cookie is used to distinguish between humans and bots. Expiry: PersistentType: HTMLrc::fThis cookie is used to distinguish between humans and bots. Expiry: PersistentType: HTML</li> <li>LinkedIn2Learn more about this providerli_gcStores the user's cookie consent state for the current domainExpiry: 180 daysType: HTTPbscookieThis cookie is used to identify the visitor through an application. This allows the visitor to login to a website through their LinkedIn application for example.Expiry: 1 yearType: HTTP</li> <li>Poptin2Learn more about this providerlaravel_sessionThis cookie is used internally by the website’s owners, when uploading or renewing website content.Expiry: 1 dayType: HTTPXSRF-TOKENEnsures visitor browsing-security by preventing cross-site request forgery. This cookie is essential for the security of the website and visitor. Expiry: 1 dayType: HTTP</li> <li>Salesforce2Learn more about this providerCookieConsentPolicyStores the user's cookie consent state for the current domainExpiry: 1 yearType: HTTPLSKey-c$CookieConsentPolicyDetermines whether the user has accepted the cookie consent box. Expiry: 1 yearType: HTTP</li> <li>YouTube1Learn more about this providerCONSENTUsed to detect if the visitor has accepted the marketing category in the cookie banner. This cookie is necessary for GDPR-compliance of the website. Expiry: 2 yearsType: HTTP</li> <li>hubspot.com pages.gaggle.net www.gaggle.net 3__cf_bm [x3]This cookie is used to distinguish between humans and bots. This is beneficial for the website, in order to make valid reports on the use of their website.Expiry: 1 dayType: HTTP</li> <li>pages.gaggle.net www.gaggle.net 2__cfruid [x2]This cookie is a part of the services provided by Cloudflare - Including load-balancing, deliverance of website content and serving DNS connection for website operators. Expiry: SessionType: HTTP</li> <li>www.gaggle.net1test_cookieUsed to check if the user's browser supports cookies.Expiry: 1 dayType: HTTP</li> </ul> </li> <li>Preferences 6 Preference cookies enable a website to remember information that changes the way the website behaves or looks, like your preferred language or the region that you are in.<ul> <li>Amazon1Learn more about this providerreduxPersistIndexMaintains website settings across multiple visits. Expiry: 7 daysType: HTTP</li> <li>Poptin3Learn more about this providera/n (40)Detects how many times a user has visited the website in order to determine whether an on-page notification should be displayed.Expiry: 1 dayType: HTTPpoptin_previous_urlDetermines whether the user has made any subscriptions on the website, so that the website does not show subscription forms to the user, which already have been filled out. Expiry: 1 dayType: HTTPpoptin_user_country_codeDesignates the country code that is calculated based on the user's IP address. Used to determine what language should be used for the visitor.Expiry: 1 yearType: HTTP</li> <li>Salesforce1Learn more about this providerX-Salesforce-CHATNecessary for the functionality of the website's chat-box function. Expiry: SessionType: HTTP</li> <li>www.gaggle.net1loglevelMaintains settings and outputs when using the Developer Tools Console on current session.Expiry: PersistentType: HTML</li> </ul> </li> <li>Statistics 29 Statistic cookies help website owners to understand how visitors interact with websites by collecting and reporting information anonymously.<ul> <li>Amazon1Learn more about this providerreduxPersist%3AlocalStorageUsed to implement audio-content from Spotify on the website. Can also be used to register user interaction and preferences in context with audio-content - This can serve statistics and marketing purposes. Expiry: 7 daysType: HTTP</li> <li>Google5Learn more about this provider_gaRegisters a unique ID that is used to generate statistical data on how the visitor uses the website.Expiry: 2 yearsType: HTTP_ga_#Used by Google Analytics to collect data on the number of times a user has visited the website as well as dates for the first and most recent visit. Expiry: 2 yearsType: HTTP_gatUsed by Google Analytics to throttle request rateExpiry: 1 dayType: HTTP_gidRegisters a unique ID that is used to generate statistical data on how the visitor uses the website.Expiry: 1 dayType: HTTPcollectUsed to send data to Google Analytics about the visitor's device and behavior. Tracks the visitor across devices and marketing channels.Expiry: SessionType: Pixel</li> <li>Hotjar10Learn more about this provider_hjAbsoluteSessionInProgressThis cookie is used to count how many times a website has been visited by different visitors - this is done by assigning the visitor an ID, so the visitor does not get registered twice.Expiry: 1 dayType: HTTP_hjFirstSeenThis cookie is used to determine if the visitor has visited the website before, or if it is a new visitor on the website.Expiry: 1 dayType: HTTP_hjIncludedInSessionSample_#Collects statistics on the visitor's visits to the website, such as the number of visits, average time spent on the website and what pages have been read.Expiry: 1 dayType: HTTP_hjSession_#Collects statistics on the visitor's visits to the website, such as the number of visits, average time spent on the website and what pages have been read.Expiry: 1 dayType: HTTP_hjSessionUser_#Collects statistics on the visitor's visits to the website, such as the number of visits, average time spent on the website and what pages have been read.Expiry: 1 yearType: HTTP_hjTLDTestRegisters statistical data on users' behaviour on the website. Used for internal analytics by the website operator. Expiry: SessionType: HTTP_hjRecordingEnabledCollects data on the user’s navigation and behavior on the website. This is used to compile statistical reports and heatmaps for the website owner.Expiry: SessionType: HTML_hjRecordingLastActivitySets a unique ID for the session. This allows the website to obtain data on visitor behaviour for statistical purposes.Expiry: SessionType: HTMLhjActiveViewportIdsThis cookie contains an ID string on the current session. This contains non-personal information on what subpages the visitor enters – this information is used to optimize the visitor's experience.Expiry: PersistentType: HTMLhjViewportIdSaves the user's screen size in order to adjust the size of images on the website.Expiry: SessionType: HTML</li> <li>Hubspot4Learn more about this provider__hsscIdentifies if the cookie data needs to be updated in the visitor's browser.Expiry: 1 dayType: HTTP__hssrcUsed to recognise the visitor's browser upon reentry on the website.Expiry: SessionType: HTTP__hstcSets a unique ID for the session. This allows the website to obtain data on visitor behaviour for statistical purposes.Expiry: 180 daysType: HTTPhubspotutkSets a unique ID for the session. This allows the website to obtain data on visitor behaviour for statistical purposes.Expiry: 180 daysType: HTTP</li> <li>LinkedIn1Learn more about this providerAnalyticsSyncHistoryUsed in connection with data-synchronization with third-party analysis service. Expiry: 30 daysType: HTTP</li> <li>Salesforce6Learn more about this providerBrowserIdRegisters a unique ID that identifies the user's device for return visits.Expiry: 1 yearType: HTTPBrowserId_secRegisters statistical data on users' behaviour on the website. Used for internal analytics by the website operator. Expiry: 1 yearType: HTTPsnapinsPage_#PendingExpiry: PersistentType: HTMLsnapinsPageTime_#PendingExpiry: PersistentType: HTMLsnapinsPcDetermines when the visitor last visited the different subpages on the website, as well as sets a timestamp for when the session started.Expiry: PersistentType: HTMLsnapinsStartDetermines when the visitor last visited the different subpages on the website, as well as sets a timestamp for when the session started.Expiry: PersistentType: HTML</li> <li>Twitter Inc.1Learn more about this providerpersonalization_idThis cookie is set by Twitter - The cookie allows the visitor to share content from the website onto their Twitter profile. Expiry: 400 daysType: HTTP</li> <li>www.gaggle.net1tdRegisters statistical data on users' behaviour on the website. Used for internal analytics by the website operator. Expiry: SessionType: Pixel</li> </ul> </li> <li>Marketing 59 Marketing cookies are used to track visitors across websites. The intention is to display ads that are relevant and engaging for the individual user and thereby more valuable for publishers and third party advertisers.<ul> <li> Meta Platforms, Inc.1Learn more about this provider_fbpUsed by Facebook to deliver a series of advertisement products such as real time bidding from third party advertisers.Expiry: 3 monthsType: HTTP</li> <li>Amazon3Learn more about this provideranchor-website#keyvaluepairsUsed to implement audio-content from Spotify on the website. Can also be used to register user interaction and preferences in context with audio-content - This can serve statistics and marketing purposes. Expiry: PersistentType: IDBanchor-website#local-forage-detect-blob-supportUsed to implement audio-content from Spotify on the website. Can also be used to register user interaction and preferences in context with audio-content - This can serve statistics and marketing purposes. Expiry: PersistentType: IDBreduxPersist%3AvoiceMessageCreationModalScreenTargets ads based on behavioural profiling and geographical location.Expiry: 7 daysType: HTTP</li> <li>Google6Learn more about this providerIDEUsed by Google DoubleClick to register and report the website user's actions after viewing or clicking one of the advertiser's ads with the purpose of measuring the efficacy of an ad and to present targeted ads to the user.Expiry: 1 yearType: HTTPpagead/landingCollects data on visitor behaviour from multiple websites, in order to present more relevant advertisement - This also allows the website to limit the number of times that they are shown the same advertisement. Expiry: SessionType: Pixel_gcl_auUsed by Google AdSense for experimenting with advertisement efficiency across websites using their services. Expiry: 3 monthsType: HTTPads/ga-audiencesUsed by Google AdWords to re-engage visitors that are likely to convert to customers based on the visitor's online behaviour across websites.Expiry: SessionType: Pixel5_p4CLjWlOQDENvGpakC,8002887750PendingExpiry: PersistentType: HTML5_p4CLjWlOQDENvGpakC,8002887750_expiresAtPendingExpiry: PersistentType: HTML</li> <li>Hubspot1Learn more about this provider__hmplCollects information on user preferences and/or interaction with web-campaign content - This is used on CRM-campaign-platform used by website owners for promoting events or products.Expiry: PersistentType: HTML</li> <li>LinkedIn4Learn more about this providerbcookieUsed by the social networking service, LinkedIn, for tracking the use of embedded services.Expiry: 1 yearType: HTTPli_sugrCollects data on user behaviour and interaction in order to optimize the website and make advertisement on the website more relevant. Expiry: 3 monthsType: HTTPlidcUsed by the social networking service, LinkedIn, for tracking the use of embedded services.Expiry: 1 dayType: HTTPUserMatchHistoryEnsures visitor browsing-security by preventing cross-site request forgery. This cookie is essential for the security of the website and visitor. Expiry: 30 daysType: HTTP</li> <li>Poptin9Learn more about this providerpoptin_client_idUsed in context with pop-up advertisement-content on the website. The cookie determines which ads the visitor should be shown, as well as ensuring that the same ads does not get shown more than intended.Expiry: SessionType: HTMLpoptin_every_visit_sessionImplements pop-up advertisement on the website. Expiry: SessionType: HTMLpoptin_new_userImplements pop-up advertisement on the website. Expiry: SessionType: HTMLpoptin_origin_landing_pageImplements pop-up advertisement on the website. Expiry: SessionType: HTMLpoptin_c_visitorUsed in context with pop-up advertisement-content on the website. The cookie determines which ads the visitor should be shown, as well as ensuring that the same ads does not get shown more than intended.Expiry: 30 daysType: HTTPpoptin_old_userUsed in context with pop-up advertisement-content on the website. The cookie determines which ads the visitor should be shown, as well as ensuring that the same ads does not get shown more than intended.Expiry: 2 daysType: HTTPpoptin_sessionImplements pop-up advertisement on the website. Expiry: 1 dayType: HTTPpoptin_user_idUsed in context with pop-up advertisement-content on the website. The cookie determines which ads the visitor should be shown, as well as ensuring that the same ads does not get shown more than intended.Expiry: 1 yearType: HTTPpoptin_user_ipSets a unique ID for a specific visitor. This ID can be used to recognize the visitor upon re-entry and implement any preference choices made. The cookie also allows the website to track the visitor on multiple websites for marketing purposes. Expiry: 1 yearType: HTTP</li> <li>StackAdapt9Learn more about this providersa-user-idUsed to track visitors on multiple websites, in order to present relevant advertisement based on the visitor's preferences. Expiry: PersistentType: HTMLsa-user-id [x2]Used to track visitors on multiple websites, in order to present relevant advertisement based on the visitor's preferences. Expiry: 1 yearType: HTTPsa-user-id-v2 [x2]Used to track visitors on multiple websites, in order to present relevant advertisement based on the visitor's preferences. Expiry: 1 yearType: HTTPsa-user-id-v2Used to track visitors on multiple websites, in order to present relevant advertisement based on the visitor's preferences. Expiry: PersistentType: HTMLsa-user-id-v3PendingExpiry: PersistentType: HTMLsa-user-id-v3 [x2]PendingExpiry: 1 yearType: HTTP</li> <li>Twitter Inc.3Learn more about this provideri/adsct [x2]The cookie is used by Twitter.com in order to determine the number of visitors accessing the website through Twitter advertisement content. Expiry: SessionType: Pixelmuc_adsCollects data on user behaviour and interaction in order to optimize the website and make advertisement on the website more relevant. Expiry: 400 daysType: HTTP</li> <li>YouTube20Learn more about this providerLAST_RESULT_ENTRY_KEYUsed to track user’s interaction with embedded content.Expiry: SessionType: HTTPLogsDatabaseV2:V#||LogsRequestsStorePendingExpiry: PersistentType: IDBnextIdUsed to track user’s interaction with embedded content.Expiry: SessionType: HTTPremote_sidNecessary for the implementation and functionality of YouTube video-content on the website. Expiry: SessionType: HTTPrequestsUsed to track user’s interaction with embedded content.Expiry: SessionType: HTTPServiceWorkerLogsDatabase#SWHealthLogNecessary for the implementation and functionality of YouTube video-content on the website. Expiry: PersistentType: IDBTESTCOOKIESENABLEDUsed to track user’s interaction with embedded content.Expiry: 1 dayType: HTTPVISITOR_INFO1_LIVETries to estimate the users' bandwidth on pages with integrated YouTube videos.Expiry: 180 daysType: HTTPVISITOR_PRIVACY_METADATAPendingExpiry: 180 daysType: HTTPYSCRegisters a unique ID to keep statistics of what videos from YouTube the user has seen.Expiry: SessionType: HTTPyt.innertube::nextIdRegisters a unique ID to keep statistics of what videos from YouTube the user has seen.Expiry: PersistentType: HTMLytidb::LAST_RESULT_ENTRY_KEYStores the user's video player preferences using embedded YouTube videoExpiry: PersistentType: HTMLYtIdbMeta#databasesUsed to track user’s interaction with embedded content.Expiry: PersistentType: IDByt-remote-cast-availableStores the user's video player preferences using embedded YouTube videoExpiry: SessionType: HTMLyt-remote-cast-installedStores the user's video player preferences using embedded YouTube videoExpiry: SessionType: HTMLyt-remote-connected-devicesStores the user's video player preferences using embedded YouTube videoExpiry: PersistentType: HTMLyt-remote-device-idStores the user's video player preferences using embedded YouTube videoExpiry: PersistentType: HTMLyt-remote-fast-check-periodStores the user's video player preferences using embedded YouTube videoExpiry: SessionType: HTMLyt-remote-session-appStores the user's video player preferences using embedded YouTube videoExpiry: SessionType: HTMLyt-remote-session-nameStores the user's video player preferences using embedded YouTube videoExpiry: SessionType: HTML</li> <li>cdn.mailfloss.io1#URL#Necessary for the implementation of Instagram picture-gallery onto the website. Expiry: PersistentType: HTML</li> <li>www.gaggle.net2pagead/1p-user-list/#Tracks if the user has shown interest in specific products or events across multiple websites and detects how the user navigates between sites. This is used for measurement of advertisement efforts and facilitates payment of referral-fees between websites.Expiry: SessionType: Pixel__ptq.gifSends data to the marketing platform Hubspot about the visitor's device and behaviour. Tracks the visitor across devices and marketing channels.Expiry: SessionType: Pixel</li> </ul> </li> <li>Unclassified 12Unclassified cookies are cookies that we are in the process of classifying, together with the providers of individual cookies.<ul> <li>Amazon1Learn more about this providerreduxPersist%3AtutorialPendingExpiry: 7 daysType: HTTP</li> <li>Poptin8Learn more about this providerfirst_visit_3a74a77445626PendingExpiry: SessionType: HTMLfirst_visit_748d3b58a63e3PendingExpiry: SessionType: HTMLpoptin_pageviews_3a74a77445626PendingExpiry: SessionType: HTMLpoptin_pageviews_748d3b58a63e3PendingExpiry: SessionType: HTMLpoptin_d_r_v_3a74a77445626PendingExpiry: 1 yearType: HTTPpoptin_d_r_v_748d3b58a63e3PendingExpiry: 1 yearType: HTTPpoptin_o_v_3a74a77445626PendingExpiry: 1 dayType: HTTPpoptin_session_account_9b8631901f413PendingExpiry: 30 daysType: HTTP</li> <li>Salesforce1Learn more about this providerwww.gaggle.netLA_VISITOR_INFOPendingExpiry: SessionType: HTML</li> <li>www.gaggle.net2lastExternalReferrerPendingExpiry: PersistentType: HTMLlastExternalReferrerTimePendingExpiry: PersistentType: HTML</li> </ul> </li> </ul>Cross-domain consent[#BULK_CONSENT_DOMAINS_COUNT#] [#BULK_CONSENT_TITLE#]List of domains your consent applies to: [#BULK_CONSENT_DOMAINS#]Cookie declaration last updated on 10/5/23 by Cookiebot[#IABV2_TITLE#][#IABV2_BODY_INTRO#][#IABV2_BODY_LEGITIMATE_INTEREST_INTRO#][#IABV2_BODY_PREFERENCE_INTRO#][#IABV2_LABEL_PURPOSES#][#IABV2_BODY_PURPOSES_INTRO#][#IABV2_BODY_PURPOSES#][#IABV2_LABEL_FEATURES#][#IABV2_BODY_FEATURES_INTRO#][#IABV2_BODY_FEATURES#][#IABV2_LABEL_PARTNERS#][#IABV2_BODY_PARTNERS_INTRO#][#IABV2_BODY_PARTNERS#]Cookies are small text files that can be used by websites to make a user's experience more efficient. The law states that we can store cookies on your device if they are strictly necessary for the operation of this site. For all other types of cookies we need your permission. This site uses different types of cookies. Some cookies are placed by third party services that appear on our pages. You can at any time change or withdraw your consent from the Cookie Declaration on our website. Learn more about who we are, how you can contact us and how we process personal data in our Privacy Policy. Please state your consent ID and date when you contact us regarding your consent. Do not sell or share my personal informationDecline Allow Selection Manage Cookies Accept AllPowered by Cookiebot by Usercentrics <ul> <li> LOGIN &nbsp. |  </li> <li>(800) 288-7750</li> </ul> Gaggle Logo Created with Snap Solutions Solutions Our solutions help K-12 districts manage student safety and well-being on school-provided technology. <ul> <li> Safety Management </li> <li> After Hours Support </li> <li> Therapy &amp. Coaching </li> <li> Professional Development </li> <li> Safety Tipline </li> <li> Web Filter Support </li> <li> Crisis Line </li> <li> Archiving and Backup </li> </ul> Resources Resources Access Gaggle’s library of resources on student safety, SEL, cyberbullying, student mental health, and other topics in education. <ul> <li> Case Studies </li> <li> Podcasts </li> <li> Content </li> <li> Events </li> <li> App Watchlist </li> <li> Videos </li> <li> Student Support </li> </ul> Blog Media About Us About Us Learn about our mission, how we’ve been supporting student safety for more than 20 years, the latest company updates, and how to contact us. <ul> <li> Who We Are </li> <li> Careers </li> <li> Find Your Rep </li> <li> Contact Us </li> <li> Press Releases </li> <li> Privacy Center </li> <li> FAQs </li> <li> AI Ethics </li> </ul> Get a Demo LOGIN Search Student and Staff Data Privacy Notice Last Updated: July 17, 2023 Gaggle.Net, Inc. (Gaggle) has been working with K-12 schools and school districts since 1998 and has always maintained clear terms regarding how we treat student and staff data. We reinforce our commitment through participation in a pledge created by the Future of Privacy Forum (FPF) and the Software &amp. Information Industry Association (SIIA) to advance data privacy protection regarding the collection, maintenance, and use of personal information. We will: <ul> <li>Not sell student or staff information</li> <li>Not behaviorally target advertising nor show advertising to any user</li> <li>Use data for authorized education purposes only</li> <li>Enforce strict limits on data retention</li> <li>Support parental access to, and correction of errors in, their children’s information</li> <li>Provide comprehensive security standards</li> <li>Be transparent about the collection and use of data </li> </ul> Definition of Data Data includes all personally identifiable information (PII) and other non-public information. Data includes, but is not limited to, student data, staff data, metadata, and user content. See Data Collection section for specific data types. Scope of Policy This Policy describes the types of information we may collect, or that you may provide, when registering with, accessing, or using Gaggle solutions. This Policy does not apply to information we collect offline or on Gaggle websites (such as our company website) or to information that you may provide to, or is collected by, third parties. Purpose of Data Collection and Ownership We consider all school and district data to be confidential and do not use such data for any purpose other than to provide services on your behalf and as outlined in your service level agreement or contract. Student data is the property of the school or district and remains in the school or district’s control throughout the duration of any agreement/contract. Role of School and School Officials Although this Policy will focus mainly on what we do, and what we confirm we will not do, with student and staff data, we believe that schools and school officials are critical partners in our collective efforts to protect and ensure only appropriate use of student-related information entrusted to them and us. In that regard, schools and school officials using Gaggle solutions should be mindful that in granting or allowing access to Gaggle solutions, they are controlling who has access to student and staff information. When we reference “granting or allowing access,” we are referring to both intentional actions, such as an administrator authorizing a Gaggle account for a teacher, as well as unintentional actions and consequences that may flow from, for example, a school’s failure to maintain sufficient data governance or security practices. In cases where the Family Educational Rights and Privacy Act (FERPA) applies, access to certain student information remains the legal responsibility of the applicable school. In all situations, it is incumbent upon our customers to make an affirmative determination before furnishing access to anyone that the party has a legitimate need for access to Gaggle solutions and the sensitive information that may be accessible to that party through Gaggle solutions. Information About Students FERPA and Education Records Although FERPA was enacted decades ago, and certainly well before internet-based services became ubiquitous in academic settings, one of its core tenets was and remains the protection of the privacy of PII in students’ education records. As defined in FERPA, “education records” are “those records, files, documents, and other materials which (i) contain information directly related to a student. and (ii) are maintained by an educational agency or institution or by a person acting for such agency or institution.” PII from education records includes information such as a student’s name or identification number, which can be used to distinguish or trace an individual’s identity, either directly or indirectly through linkages with other information. FERPA requires that educational institutions and agencies that receive certain federal funds (for example, public schools) get prior consent from a parent or legal guardian before disclosing any education records regarding that student to a third party. Consequently, before you enter, upload, or access any data concerning a minor student, you must confirm that your agency or institution has (1) obtained appropriate consent from the parent or guardian of that student or (2) determined that one of the limited exceptions to the consent requirement applies. Gaggle only uses PII from students’ education records to enable the use of Gaggle solutions to promote school safety and the physical security of students. Unless a school official expressly instructs otherwise, we will not share or reuse PII from education records for any other purpose. While we think those statements are clear, to avoid any doubt, we will not use student PII to target students or their families for advertising or marketing efforts or sell rosters of student PII to third parties. FERPA (§ 99.31(a)(1)(i)(B)) permits schools to outsource institutional services or functions that involve the disclosure of education records to contractors, consultants, volunteers, or other third parties provided that the outside party: Performs an institutional service or function for which the agency or institution would otherwise use employees. Is under the direct control of the agency or institution with respect to the use and maintenance of education records. Is subject to the requirements in § 99.33(a) that the personally identifiable information (PII) from education records may be used only for the purposes for which the disclosure was made, e.g., to promote school safety and the physical security of students, and governing the redisclosure of PII from education records. and Meets the criteria specified in the school or local educational agency’s (LEA’s) annual notification of FERPA rights for being a school official with a legitimate educational interest in the education records. COPPA and Children Under the Age of 13 The Children’s Online Privacy Protection Act (COPPA) is a federal law designed to protect the privacy of children under 13 years old. Gaggle’s services are in compliance with the Children’s Online Privacy Protection Act of 1998. Gaggle Services participates in the iKeepSafe Safe Harbor program. If you have any questions or need to file a complaint related to our privacy policy and practices, please do not hesitate to contact the iKeepSafe Safe Harbor program at COPPAprivacy@ikeepsafe.org <ol> <li>Individual children are not allowed to sign up for any Gaggle solutions. The only way a child may obtain access to a Gaggle solution is through their school. </li> <li>Each school is responsible for creating student accounts for any Gaggle solution. For example, schools may choose to list students’ full names, grade level, and ID number in the record for each user. Entering data in these fields is optional and is intended for administrative purposes only.</li> <li>The schoolwide data collected by Gaggle is the school’s address, grade levels, and other aggregate information about the school’s internet connection, computers, and the likelihood of students having devices such as smartphones or tablets.</li> </ol> Disclosure and Retention of PII Gaggle will not distribute to third parties any staff data or student data without the consent of either a parent/guardian or a qualified educational institution except in cases of Possible Student Situations (PSS), which may be reported to law enforcement. To protect your students, the school or the district against the risks involved in handling sexually explicit content involving minors, Gaggle registers incidents containing explicit videos and images of possible minors with the CyberTipline at the National Center for Missing and Exploited Children (NCMEC). It is NCMEC’s mission to prevent the spread of these materials, as well as to prevent the sexual exploitation of children. We may also disclose student or staff data to comply with a court order, law, or legal process (including a government or regulatory request), but before doing so, we will provide the applicable school with notice of the requirement so that, if the school so chooses, it could seek a protective order or another remedy. If after providing that notice we remain obligated to disclose the demanded student or staff data, we will disclose no more than that portion of data which, on the advice of our legal counsel, the order, law, or process specifically requires us to disclose. If a third party purchases all or most of our ownership interests or assets, or we merge with another organization, it is possible that we would need to disclose data to the other organization following the transaction. for example, were we to integrate Gaggle with the other organization’s product offerings. To the extent any such transaction would alter our practices relative to this Policy, we will give schools or school districts notice of those changes and any choices they may have regarding student or staff data. Notwithstanding the foregoing, in the event of a merger, acquisition, or substantial transfer of assets, we will provide you with notice within thirty (30) days following the completion of such a transaction, by posting on our homepage and by email to your email address that you provided to us. If you do not consent to the use of your information by such a successor company, subject to applicable law, you may request its deletion from the company. Finally, although we outlined earlier in this Policy what constitutes student or staff data, we also want to be clear about what information is not student or staff data or PII. Once PII, whether relating to a school or district employee or student, has been de-identified, that information is no longer PII. PII may be de-identified through aggregation or various other means. The U.S. Department of Education has issued guidance on de-identifying PII in education records. In order to allow us to proactively address customer needs, we anticipate using de-identified information to improve Gaggle solutions and services. That said, we would use reasonable de-identification approaches to ensure that, in doing so, we are not compromising the privacy or security of the PII you entrust to us. We will not attempt to re-identify de-identified data and will not transfer de-identified data to any party unless that party agrees not to attempt re-identification. Data Security and Protection of Data, Including PII We have implemented measures designed to secure PII from accidental loss and unauthorized access, use, alteration, and disclosure. Among other things, PII is encrypted in transit to and from Gaggle using SSL technology. In addition, all PII is stored in multiple databases with extensive redundancy and failover maintained at data centers located in two geographically dispersed states, consistent with guidance from the U.S. Department of Education that storing sensitive education records within the United States is a “best practice.” That said, unfortunately, the transmission of information via the internet is not completely secure and, although we do our best to protect PII, neither we nor any other hosted service provider can guarantee the security of all personally identifiable information. Data integrity and accuracy are achieved through strict restrictions on how data may be accessed and by whom. Audit logs are kept to be able to track data modification. Additional security measures are in place to prevent and identify data tampering. In the extremely rare case of a data breach, we will immediately notify all customers affected using the primary email address specified in their accounts. It is the responsibility of our customers to contact parents or legal guardians regarding a data breach. Gaggle has completed a SOC 2 Type 2 audit of the Trust Service Principles: Security, Availability, and Privacy. Our assessors’ review of our technology and practices resulted in a final SOC 2 report free of any disclosures, which evidences Gaggle’s unwavering commitment to information security and keeping our customers’ data safe. According to the American Institute of CPAs: “A Software-as-a-Service (SaaS) or Cloud Service Organization that offers virtualized computing environments or services for user entities and wishes to assure its customers that the service organization maintains the confidentiality of its customers’ information in a secure manner and that the information will be available when it is needed. A SOC 2 report addressing security, availability, and confidentiality provides user entities with a description of the service organization’s system and the controls that help achieve those objectives.” Expiration of Agreement and Disposal of Data, Including PII Upon the expiration or termination of any agreement/contract between a school or school district and Gaggle, we keep customer data for up to 30 days except in cases where state laws require a specific shorter or longer duration. Any retained data will, of course, remain subject to the restrictions on disclosure and use outlined in this policy for as long as it resides with us. Correction of Data We only accept requests to change data from main contacts and administrators. Parents or legal guardians who request changes to student data should go through a school- or district-authorized main contact or administrator. Focused Collection <ul> <li>Geolocation data is not collected.</li> <li>Gaggle does not collect biometric data.</li> <li>No sensitive data is intentionally collected.</li> </ul> Data Collection <ul> <li>Types of Data we can collect: Student first and last name, Student Physical Address, Student ID, Parent/Guardian First and last name, Parent/Guardian Physical address, Parent/Guardian Phone/Mobile Number, and Parent/Guardian Email Address. While Gaggle can collect this data if provided by the district, the student email is the only required data point for Gaggle Services to be enabled.</li> <li>Gaggle does not combine personally identifiable information except for data produced by the school or district.</li> <li>All data collected will be used solely for the stated purpose of ensuring student safety as required by the product. All data is used only for the purpose for which it was collected for product requirements to ensure student safety.</li> <li>No user personal information is acquired from third parties.</li> <li>The product does not provide any links to external websites.</li> <li>Third parties are not allowed to access user information.</li> </ul> Data Sharing <ul> <li>No data is shared with unrelated third parties unless requested by a customer or as required by law.</li> <li>All data collected will be used solely for the stated purpose of ensuring student safety as required by the product.</li> <li>Data is never shared with unrelated third parties for research, although de-identified data is used to improve the product.</li> </ul>   Data Storage <ul> <li> While aggregate data is maintained, none is shared with unrelated third parties. <ul> <li> Third-Party Subprocessors &nbsp. <ul> <li> AWS (Amazon Web Services) - for providing servers, databases and network infrastructure for storage, service delivery and other related services.</li> <li> Quadranet - Physical Data Center that houses IT infrastructure for delivering applications and services. This location/Infrastructure is also used as a failsafe to provide 24/7 security and access control to our services.</li> </ul> </li> </ul> </li> </ul>   Data Security <ul> <li>User identity is not linked to other sources, except student information systems as provided by the school or district.</li> <li>Gaggle and our sub processing partners have completed a SOC 2 Type 2 audit of the Trust Service Principles: Security, Availability, and Privacy of all services and systems.</li> </ul> Data Rights <ul> <li>Schools and districts operating in loco parentis control all student information and privacy settings.</li> <li>Users do not create or upload data on Gaggle but may do so via the platforms being monitored.</li> <li>Schools and districts may download data from the system.</li> </ul> Data Sold <ul> <li> No user data is ever sold to third parties. As such, an opt out is unnecessary. </li> <li>User information is never transferred to a third party.</li> <li>Data is not shared with third parties for research or product improvement.</li> </ul> Data Safety <ul> <li>Users cannot communicate with untrusted users via Gaggle. No communication via Gaggle is enabled for Gaggle Safety Management.</li> <li> Users do not create profiles on Gaggle, nor do they engage in social interactions in the safety management system. </li> <li>No personal information is displayed publicly.</li> <li>All user-created data is content filtered and none is displayed publicly.</li> <li>All interactions between users, social or otherwise, and administrator activities are logged.</li> <li>Users can report abuse or cyberbullying either directly in content, via the SpeakUp for Safety tipline, or by contacting Customer Support.</li> </ul> Ads and Tracking <ul> <li>No marketing messages are ever sent to end users.</li> <li>Gaggle does not engage in sweepstakes, contests, or surveys with end users.</li> <li> Gaggle does not engage in contextual or behavioral marketing. </li> </ul> Parental Consent <ul> <li>Gaggle is only provided to schools and districts operating in loco parentis. Students are subject to the school’s acceptable use policy.</li> <li>COPPA parental consent is provided via the school or district operating in</li> <li>Parental consent with respect to third parties does not apply as there are no third-party relationships and</li> <li>Parental consent can be withdrawn via arrangements with the school or district.</li> <li> Parental consent notice and submission methods are provided via the school or the district. </li> </ul> School Purpose <ul> <li>Gaggle is designed and built for K-12 students, schools, and districts but is not marketed to students.</li> <li>Gaggle does not publish or disclose directory information.</li> </ul> Changes to This Policy We may update this Policy from time to time. If we make material changes, we will post the updated policy on this page (with a notice that the policy has been updated) and notify all customers, within 30 days by email using the primary email address specified in their accounts. Contact Information You can, and should, ask questions about this Policy and our privacy practices. You should always feel free to contact us at: Gaggle.net, Inc. 5050 Quorum Drive Suite 700 Dallas, TX 75254 Phone:  (800) 288-7750 Email: support@gaggle.net   <ul> <li>Contact Us</li> <li>Find Your Rep</li> <li>Press</li> <li>Contract Vehicles</li> </ul> <ul> <li>800-288-7750</li> </ul> <ul> <li> </li> <li> </li> <li> </li> <li> </li> <li> </li> </ul> <ul> <li> </li> <li> </li> <li> </li> <li> </li> <li> </li> </ul> Website Privacy Policy | Student and Staff Data Privacy Notice | Copyright © 2023 Gaggle.Net, Inc.