FERPA notice

SafeGuideEd operates as a school-official designee under the Family Educational Rights and Privacy Act (FERPA, 20 U.S.C. § 1232g) and the Texas Student Privacy Act (Tex. Educ. Code § 32.151 et seq.) for each district that licenses the Service. This notice describes which student education records we process, why, and what rights parents and eligible students retain.

1. Our role

The school district is the data controller for student education records. SafeGuideEd acts as a school official with a legitimate educational interest in those records, performing a function the district would otherwise perform with its own staff. We process student data under the written direction of the district and the signed Data Processing Agreement (see /dpa).

2. What student data we process

When a district connects a roster source (Clever, ClassLink, or an LMS roster sync) we receive: student names, district-issued student IDs, grade and section enrollments, and the relationships between students, teachers, and classes. We do not collect student grades, behavioral records, health records, or biometric data unless your district explicitly enables a feature that requires them. We do not surveil student activity. Students do not create SafeGuideEd accounts.

3. How we use it

Roster data is used to: (a) attach teacher-authored lessons to the correct class section; (b) generate accommodation variants when a teacher requests them; (c) render the HB 1605 parent preview for the right cohort. We do not use student personal information for advertising, profiling, AI model training, or any purpose unrelated to the educational service the district authorizes.

4. Sharing

Student personal information is shared only with sub-processors that are contractually bound to the same protections in this notice. The current list is published at /sub-processors. Generative-AI providers in our roster receive only the minimum content necessary to draft an output, never raw roster records, and are bound by no-training contracts verified at the Portkey gateway.

5. Security

Student personal data is row-level-security-scoped to the teacher who owns the roster; another teacher in another classroom cannot read it. Direct identifiers (TSDS unique IDs, dates of birth) are encrypted application-side with rotation-safe Fernet keys. Audit logs are append-only at the database level via Postgres triggers. Hosting is in the Supabase us-tx primary region.

6. Parent and eligible-student rights

Parents (and students 18 or older, or attending a post-secondary institution) retain all FERPA and Texas Student Privacy Act rights, including the right to:

Inspect and reviewthe student's education records held by SafeGuideEd, through the district.
Request correction of a record believed to be inaccurate, misleading, or in violation of privacy rights, through the district.
Consent or refuse consentto disclosures of personally identifiable information except as permitted by FERPA without consent (the school-official exception applies to SafeGuideEd's service).
File a complaint with the U.S. Department of Education Student Privacy Policy Office concerning alleged failures by the district or SafeGuideEd to comply with FERPA.

To exercise these rights, contact your district's data privacy or records office. SafeGuideEd will fulfill district-issued requests within 30 days.

7. Retention and deletion

Roster data is refreshed each sync and superseded records age out within 30 days. On termination of the district agreement, all student personal information is deleted or returned per the signed Data Processing Agreement. Deletion propagates across primary records, encrypted backups (within the next rotation window), and any AI provider caches that hold derived content.

8. Breach notice

If SafeGuideEd confirms unauthorized exposure of student personal information, we notify the district within 72 hours and provide a full incident report within 30 days. The district directs parent and eligible-student notification consistent with Texas Education Code requirements.

9. Contact

FERPA questions: privacy@safeguided.com. District procurement and DPA requests: districts@safeguided.com. To file a complaint with the federal office, see studentprivacy.ed.gov.