FERPA Compliance

Please read this document carefully.

Last Updated: December 1, 2024

Calimatic EdTech is committed to helping educational institutions maintain compliance with the Family Educational Rights and Privacy Act (FERPA). This page explains our FERPA compliance practices.

What is FERPA?

The Family Educational Rights and Privacy Act (FERPA) is a federal law that protects the privacy of student education records. FERPA applies to all schools that receive funds from the U.S. Department of Education.

Our Role Under FERPA

When educational institutions use Calimatic to manage student information, we act as a "school official" with a "legitimate educational interest" as defined by FERPA. We provide services that the school would otherwise use its own employees to perform.

Our Commitments

Direct Control

  • You maintain direct control over all student education records
  • We only access records as directed by you or as necessary to provide our services
  • We do not use student data for our own purposes

    • Data Security

    We implement comprehensive security measures including:

  • Encryption of data in transit and at rest
  • Access controls and authentication
  • Regular security audits and testing
  • Employee background checks and training
  • Secure data centers with physical security

    • Data Minimization

  • We only collect data necessary to provide our services
  • We help you identify and manage personally identifiable information (PII)
  • We support data retention policies you establish

    • Breach Notification

    In the event of a data breach affecting student records:

  • We will notify you promptly
  • We will cooperate with your investigation
  • We will take immediate steps to mitigate harm

    • Data Access and Correction

    We support your obligations to:

  • Provide parents/students access to their records
  • Allow amendment of inaccurate records
  • Maintain accurate education records

    • Re-disclosure Limitations

  • We do not disclose student information to third parties without your consent
  • We maintain records of disclosures as required
  • Our subprocessors are contractually bound to FERPA compliance

    • Your Responsibilities

    As the educational institution, you are responsible for:

  • Determining what information to store in Calimatic
  • Managing user access and permissions
  • Responding to parent/student record requests
  • Providing required FERPA notices to parents and students
  • Ensuring consent is obtained when required

    • Data Processing Agreement

    We offer a FERPA-compliant Data Processing Agreement (DPA) that includes:

  • Designation of Calimatic as a school official
  • Permitted uses and restrictions on student data
  • Security requirements
  • Breach notification procedures
  • Data retention and deletion terms

    • Contact us to request a DPA for your institution.

    Security Practices

    Technical Safeguards

  • TLS/SSL encryption for all data transmission
  • AES-256 encryption for stored data
  • Multi-factor authentication support
  • Regular penetration testing
  • Automated security monitoring

    • Administrative Safeguards

  • Employee background checks
  • Annual security training
  • Access based on job function
  • Incident response procedures
  • Regular policy reviews

    • Physical Safeguards

  • SOC 2 Type II certified data centers
  • 24/7 physical security monitoring
  • Biometric access controls
  • Environmental controls

    • Audit and Compliance

  • Annual SOC 2 Type II audits
  • Regular internal compliance reviews
  • Third-party security assessments
  • Documented policies and procedures

    • Student Data Pledge

    Calimatic has signed the Student Privacy Pledge, committing to:

  • Not sell student personal information
  • Not use student data for targeted advertising
  • Support parental access to student data
  • Maintain comprehensive security standards
  • Use data only for authorized purposes

    • Resources

    For more information about FERPA:

  • [U.S. Department of Education FERPA Page](https://www2.ed.gov/policy/gen/guid/fpco/ferpa/index.html)
  • [FERPA General Guidance](https://studentprivacy.ed.gov)

    • Contact Us

    For FERPA-related inquiries or to request our DPA:

    Caliber Technologies Inc

    445 Minnesota Street, Suite 1500

    St. Paul, MN 55101, USA

    Email: compliance@calimaticedtech.com

    Phone: +1 612-605-8567