GoGuardian & the GDPR & the E.U. - U.S. Privacy Shield
What is the GDPR?
The General Data Protection Regulation or “GDPR” (Regulation (EU) 2016/679) is a new European Union regulation defining the rights and responsibilities of both controllers and processors of personal data of members of the European Economic Area.
What does GDPR mean for GoGuardian?
When GoGuardian collects data through its products (such as GoGuardian Admin™ and GoGuardian Teacher™) on behalf of its school customers, GoGuardian generally acts as a “processor” of the school’s personal data under the GDPR.
When using GoGuardian’s products, GoGuardian’s school customers act as data controllers of their school’s own personal data under the GDPR. For example, GoGuardian’s school customers determine whether to use GoGuardian, which GoGuardian products and features to utilize, which school-managed accounts to apply GoGuardian to, and when GoGuardian is operational.
Does GoGuardian offer a Data Processing Addendum for Its School Customers?
Yes, GoGuardian has a Data Processing Addendum for its school customers’ review that will be posted both on our Website by May 25th, 2018 and in our Products by May 25th, 2018.
I’m a current customer of GoGuardian in a region affected by the GDPR, what will change?
- Customer Data Processing Addendum - GoGuardian developed a customer Data Processing Addendum to address the GDPR requirements for GoGuardian’s school customers located in the European Economic Area.
- Internal Procedures- In addition to the new and updated information we are making available, GoGuardian developed and refined its internal policies and procedures to continue to take account for changes in the legal landscape. For example, although GoGuardian has experience handling data deletion requests with its United States-based school customers, GoGuardian revisited its internal data request policy to better support data requests from residents of the European Economic Area.
Because GoGuardian cares about the privacy and trust of all of its school customers and their communities, here is what is NOT changing:
- GoGuardian does not sell Personal Student Information. We do not use Personal Student Information to target advertisements or market to students or anyone else, to amass a profile about a K-12 educational student for a non-educational purpose, or for any purposes prohibited by the Family Educational and Privacy Rights Act (20 U.S.C. § 1232g; 34 CFR Part 99.3) ("FERPA"), California Business & Professions Code section 22584 (“SOPIPA”), and California Education Code section 49073.1.
How does GoGuardian comply with the EU - U.S. and Swiss-U.S. Privacy Shield?
GoGuardian has certified with the E.U.-U.S. and Swiss U.S. Privacy Shield. Here’s a link to the Privacy Shield website if you want to learn more.
Does GoGuardian agree to “Standard Contractual Clauses”?
The “Standard Contractual Clauses” or “model clauses” are contractual language approved by the European Commission allowing personal data to be transferred from the European Economic Area outside to a non-European Area (e.g. the United States).
GoGuardian has certified with the E.U.-U.S. And E.U.-Swiss Safe Harbor Privacy Shield, which authorizes the transfer of personal data outside of the European Economic Area to the United States. Because of this, it is not necessary for GoGuardian to agree to the standard contractual clauses to legalize the transfer of personal data to the United States.
As always, we are here to help and answer any questions! Please contact firstname.lastname@example.org