Skip to main content

FERPA

The Family Educational Rights and Privacy Act of 1974

Provide the Proposer's policies and procedures for compliance with the Family Education Rights and Privacy Act of 1974 (20 U.S.C. § 1232g) (FERPA). In addition to making technical changes to our websites to provide greater accessibility, we continually test with multiple assistive technologies such as screen readers and screen enlarging software to analyze and modify our pages accordingly. Additionally, we also engage accessibility experts and those with disabilities to further test and modify our platform for optimal usability.

Definition of Data

Data include all Personally Identifiable Information (PII) and other non-public information. Data include, but are not limited to, student data, metadata, and user content.

Data De-Identification

Portfolium may use de-identified Data for product development, research, or other purposes. De-identified Data will have all direct and indirect personal identifiers removed. This includes, but is not limited to, name, ID numbers, date of birth, demographic information, location information and school ID. Furthermore, Portfolium agrees not to attempt to re-identify de-identified Data and not to transfer de-identified Data to any party unless that party agrees not to attempt re-identification.

Marketing and Advertising

Portfolium will not use any Data to advertise or market to students or their parents. Data may not be used for any purpose other than the specific purpose(s) outlined in the agreement between the institution and Portfolium.

Data Use

Portfolium will use Data only for the purpose of fulfilling its duties and providing and improving services under the agreement.

Data Mining

Data mining for scanning of user content for the purpose of advertising or marketing to students or their parents is prohibited.

Data Sharing

Data will not be shared with any additional parties without prior written consent of the User except as required by law.

Data Transfer or Destruction

Portfolium ensures that, at the request of the institution, all Data in its possession are destroyed or transfered to the institution when the Data are no longer needed for their specified purpose.

Rights and License in and to Data

All rights, including all intellectual property rights, shall remain the exclusive property of the institution, and Portfolium has limited, non-exclusive license solely for the purpose of performing its obligations as outlined in the agreement. The agreement does not give Portfolium any rights to Data, content, or intellectual property, except as expressly stated in the agreement. This includes the right to sell or trade Data.

Security Controls

Portfolium stores and processes Data in accordance with industry best practices. This includes appropriate administrative, physical, and technical safeguards to secure Data from unauthorized access, disclosure, and use. Portfolium conducts periodic risk assessments and remediates any identified security vulnerabilities in a timely manner. Portfolium maintains a written incident response plan, including prompt notification of the institution in the event of a security or privacy incident, as well as best practices for responding to a breach of PII.