Your partner in privacy and compliance

Effective Date: March 17, 2021

Clever is compliant with important federal and state regulations designed to safeguard data.

Clever is committed to being a trusted partner to help schools meet their compliance obligations under applicable laws. On this page you’ll find a summary of our third-party certifications and special efforts to comply with certain state laws.

Clever works hard to meet or exceed legal compliance requirements and to stay abreast of the fast-changing privacy law landscape. Additional information is contained in our Terms of Use and our Additional Terms of Use for Schools. To learn more about how we prevent unauthorized access or disclosure, see our security protocols. If you have any questions, please contact: trust@clever.com.

CERTIFICATIONS AND PLEDGES

The Student Privacy Pledge

Clever was one of the first signatories of the Student Privacy Pledge, an industry standard of high privacy principles for providers of K–12 educational services. As part of our commitment to The Pledge, we are committed to the following core principles with respect to our collection and use of Student Data through the provision of the Clever service:

  • We do not collect, maintain, use, or share Student Data other than as needed for an authorized educational or school purpose, or as authorized by our agreement with a school.
  • We do not use or disclose Student Data collected through the Clever service for behavioral targeting of advertisements to students.
  • We do not build or create a personal profile of a student other than in furtherance of a K–12 school purpose, or as authorized by a parent.
  • We do not knowingly retain Student Data beyond the time period required to support the school's purpose, unless authorized by the parent.
  • We will maintain a comprehensive data security program that is reasonably designed to protect the security, privacy, confidentiality, and integrity of Student Data against risk through the use of administrative, technological, and physical safeguards appropriate to the sensitivity of the information.
  • We clearly and transparently explain our data policies and practices in our agreements and in our Privacy Policy.
  • We support access to and correction of Student Data by the student or parent by assisting the school in meeting these requirements.
  • We require that our vendors and service providers are bound through a written contract to maintain the same level of privacy protections as we do in our agreements.

Clever’s collection and use of Student Data is governed by our Terms of Service and/or any other agreement with a school, the Family Educational Rights and Privacy Act (FERPA), the Children’s Online Privacy Protection Act (COPPA), and other applicable state laws that relate to the privacy of Student Data.

IMS Global TrustEd Apps Certified

IMS Global is a leading non-profit collaborative advancing edtech interoperability, innovation, and learning impact. Its membership includes educational institutions, suppliers, and government organizations. The IMS TrustEd Apps Program uses member-established criteria for evaluating apps that encompass data privacy, information security, accessibility, and more. Clever is committed to advancing the privacy and security of student data in edtech and is proud to be the first recipient of the TrustEd Apps Seal.

IMS Global TrustEd Apps

Clever is certified by the IMS TrustEd Apps Program.

Student Data Privacy Consortium Member (SDPC)

The Student Data Privacy Consortium is a collaboration of schools, districts, local authorities, states, US and international ministries of education, software vendors and consultants who collectively address all aspects of learning information management and access to support learning. It has created the National Data Privacy Agreement (NDPA), of which Clever is a signatory. If you’d like Clever to sign an NDPA for your state, please reach out to legal@clever.com.

FEDERAL LAW

Family Educational Rights and Privacy Act (FERPA)—United States

Clever’s Privacy Policy and our services are designed to meet our responsibilities under FERPA to protect personal information from students' educational records. We collect, receive and use student personal information as a “School Official” that performs an outsourced institutional function, subject to the direction and control of the school. We agree to work with each school to jointly ensure compliance with the FERPA regulations to protect the confidentiality of educational records, provide parents and eligible students the opportunity to access and review such records, and limit further disclosure of personal information only as necessary to support the school's educational purposes. Learn more.

iKeepSafe FERPA

Clever is FERPA certified by iKeepSafe.

Children’s Online Privacy Protection Act (COPPA)—United States

Clever complies with COPPA. We do not knowingly collect personal information from a child under 13 unless and until a school has authorized us to collect such information through the provision of services on the school’s behalf. Consistent with COPPA, we rely on the school to provide appropriate consent and authorization for a student under 13 to use our services and for Clever to collect personal information from each student. We use and process Student Data for the purpose of providing the educational services to the school and do not collect or retain Student Data for longer than is necessary to provide the services. We provide the school the opportunity to review and delete the personal information collected from their students, and we work with schools to provide parents the same level of access, upon request. Learn more.

iKeepSafe COPPA

Clever is COPPA Safe Harbor certified by iKeepSafe.

Section 508 and ADA Compliance, Web Content Accessibility Guidelines—United States

The Web Content Accessibility Guidelines (WCAG) contain criteria for designers and developers to follow in making a website or mobile app accessible to people with disabilities. We strive to substantially conform our websites and applications to WCAG 2.0 (or higher) Level AA to provide all students access to Clever. Learn more.

STATE LAWS

California Student Online Personal Information Protection Act (SOPIPA)

Clever complies with SOPIPA, a California law that protects the privacy and security of Student Data. We do not use Student Data for targeted advertising purposes. We do not use collected information to amass a profile of a K–12 student except in furtherance of K–12 school purposes. We never sell Student Data unless the sale is part of a corporate transaction, such as a merger, acquisition, bankruptcy, or other sale of assets, in which case we make efforts to ensure the successor entity honors the privacy commitments made in this policy and/or we will notify you of such a sale and provide you an opportunity to opt out by deleting your account before the data transfer occurs. We will not sell students' personal information to third parties other than in the context of a business transaction. Learn more.

iKeepSafe CSPC

Clever is California Student Privacy certified by iKeepSafe.

California Assembly Bill 1584 (AB 1584)

Clever’s Additional Terms for Schools and Privacy Policy and our services are designed to comply with AB 1584. Pupil records obtained by Clever from a local educational agency (LEA) continue to be the property of and under the control of the LEA. Parents, legal guardians, or eligible pupils may review personally identifiable information in the pupil’s records and correct erroneous information by contacting their LEA directly, which shall in turn contact Clever for assistance if needed. In the event of an unauthorized disclosure of a pupil’s records, Clever will notify the LEA and will provide the LEA with a report to be shared with the affected parent(s), legal guardians(s), or eligible pupil(s). Pupil records will be deleted promptly after termination of our agreement with the School or upon request from the school.

Connecticut Conn. Gen. Stat. Ann. § 10-234aa-dd

Clever’s Connecticut Addendum to the Terms of Service, available upon request, is designed to comply with the requirements of the Connecticut Act Concerning Student Data Privacy, Conn. Gen. Stat. Ann. § 10-234aa-dd. If you are a school located in Connecticut, please contact legal@clever.com to incorporate the Connecticut Addendum into your agreement.

Illinois Student Online Personal Protection Act - 105 ILCS 85

Clever is compliant with the Illinois Student Online Personal Protection Act (SOPPA). Clever has also signed the SDPC National Data Privacy Agreement with the Illinois exhibit (IL-NDPA). If you are a school located in Illinois, please contact legal@clever.com to sign onto the IL-NPDA with Clever.

  • Our third party data processors can be found here.
  • Our allocation of costs and deletion policy are compliant with SOPPA and can be found in our Terms of Use.
  • Clever will notify districts within 30 days if there is a “Breach” (as defined in SOPPA).

New York Education Law §2-d

Clever's practices are in alignment with the finalized provisions of New York Education Law §2-d, and Clever agrees to the NY State model Parent’s Bill of Rights. Clever has a data sharing agreement that covers most* districts in New York State through the Regional Information Centers (RIC-035-2021). If a district would like or needs an individual agreement in place with Clever, please email legal@clever.com for Clever’s 2-d specific data sharing agreement.

* The new data sharing agreement does not apply to the largest five districts in the state, private schools, and charter schools, many of which have entered into separate data sharing agreements with Clever. If you fall into one of these categories and do not already have an agreement with Clever, please reach out to legal@clever.com to get an individual data sharing agreement in place.

This page was last updated 3/17/2021.