Privacy Policy

Effective: August 25, 2025

1) Who we are & our role

SmartCampus Attendance is provided to Local Education Agencies (LEAs) as a school official with a legitimate educational interest under FERPA. The LEA owns and controls student data. We process student data only on the LEA’s documented instructions and under the executed Data Privacy Agreement (DPA/NDPA).

2) Scope

This policy covers data processed when authorized LEA staff use the service for attendance, hall-pass/call-down workflows, staff dashboards, and emergency accounting that identifies a student’s last-known location and time from scan/attendance events. It does not cover third-party systems the LEA uses outside this service (e.g., SIS websites).

3) What we collect (student data)

We follow data-minimization principles. By default we collect and process:

Student identifiers needed for operations (e.g., name, student ID) with school/grade or roster context.
Attendance events such as scan or entry timestamps, status (present/tardy/absent), class/period/term, and the staff actor who performed the action.
Operational status limited to school workflows (e.g., temporary hall-pass or call-down state) visible to authorized staff only.
Security/audit logs of administrative actions (including export attempts and outcomes).

We do not conduct continuous device/geolocation tracking and we do not use student data for targeted advertising.

4) What we collect (staff user data)

For authorized staff accounts we process: staff name, work email/ID, role (e.g., teacher, secretary, admin, district admin), and activity logs necessary to provide and secure the service.

5) How we collect

Staff-initiated entries during school operations (attendance scans, call-downs).
Roster/schedule context supplied by the LEA (e.g., teacher ↔ class ↔ student mappings).
No student-facing accounts are created in this service.

6) How we use data

To operate attendance, hall-pass/call-down workflows, and staff dashboards.
To support emergency accounting for authorized staff by showing a student’s last-known location and time from scan/attendance events.
To support lawful parent/eligible-student access to records through the LEA (see §10).
To protect the service (authentication, authorization, audit logging, abuse prevention).
To produce aggregate, de-identified service metrics for reliability and planning (never for advertising).

7) Legal authority

Processing is performed as a school official under FERPA and is aligned with Utah’s Student Data Protection Act (Utah Code Title 53E-9) and USBE Rule R277-487. The executed DPA/NDPA governs if any terms conflict.

8) Sharing & disclosure

No sale of student data. No targeted advertising.
Within the LEA: data is visible only to authorized staff with a legitimate educational need (role-based access).
Service providers: vetted providers are used only as needed to deliver the service (e.g., hosting, authentication, database). Each provider acts as a sub-processor under written terms consistent with the DPA/NDPA. A current list is available on request.
Legal compliance & safety: we may disclose information if required by law, court order, or to protect the safety of students/staff; the LEA will be notified where permitted.

9) Cookies & tracking

We do not use third-party advertising cookies. Essential cookies or local storage may be used for secure sessions and core functionality.

10) Parent/eligible-student rights (access & copies)

Under FERPA and Utah law, parents/eligible students may request to inspect and obtain copies of education records through the LEA. When the LEA approves a request, an authorized District Admin may perform a single-student export. Exports are policy-controlled (default off), role-restricted, and audited.

Secure Delivery & Communications

We do not email student PII or place records in personal cloud drives. When the LEA lawfully authorizes a single-student record copy, delivery occurs through a district-approved secure method (for example, a secure portal or SFTP). The service does not require vendor access to district internal networks/VPN.

11) Security

Encrypted transport (HTTPS); authentication and role-based authorization.
Defense-in-depth: server-side policy checks (e.g., exportsEnabled), Firestore security rules, and restricted client access to configuration.
Audit logging of export attempts and administrative actions.
Audit retention: Administrative and export audit logs are retained for at least 180 days (not fewer than 90 days) and are available to authorized district personnel upon request.
Hosting hardening with strict security headers; minimized third-party calls.

12) Retention & deletion

We follow LEA retention schedules. Upon an LEA’s written instruction, we delete or return student data within agreed timelines, subject to legal requirements.

13) Incident response

We promptly investigate suspected security incidents and notify the LEA without undue delay once confirmed. We support the LEA’s obligations under USBE Rule R277-487 for incident reporting and communications.

14) Children’s privacy

Students do not create accounts directly with this service; access is mediated by the LEA for school purposes. The service is not used for targeted advertising or marketing to students.

15) International transfers

Data is processed in regions selected by the LEA’s configuration and provider defaults. We do not intentionally transfer student data outside approved regions specified by the LEA’s agreements.

16) Changes to this policy

We may update this policy to reflect legal or operational changes. Material changes will be communicated to the LEA and the effective date above will be updated.

17) Contact

For privacy questions or requests, please use the Contact link in this site’s footer to reach our security/privacy team.