SOPIPA compliance

SOPIPA and our pledge to safeguard Student privacy

Skipper is compliant with the Student Online Personal Information Protection Act (SOPIPA). The Act is a California Senate Bill No. 1177, CHAPTER 839, which prohibits an operator of an Internet Web site or online service from knowingly using, disclosing, compiling, or allowing a 3rd party to use, disclose, or compile the personal information of a minor for the purpose of marketing or advertising specified types of products or services. It also makes this prohibition applicable to an advertising service that is notified by an operator of an Internet Web site, online service, online application, or mobile application that the site, service, or application is directed to a minor.

This bill would prohibit an operator of an Internet Web site, online service, online application, or mobile application from knowingly engaging in targeted advertising to students or their parents or legal guardians, using covered information to amass a profile about a K–12 student, selling a student’s information, or disclosing covered information, as provided. 

Skipper has taken the K-12 School Service Provider Pledge to Safeguard Student Privacy; as such, we pledge to carry out responsible stewardship and appropriate use of student personal information gathered in our role as school service providers according to the commitments below and in adherence to all laws applicable to us as school service providers.

We commit to:
  1. Not collect, maintain, use or share student personal information beyond that needed for authorized educational/school purposes, or as authorized by the parent/student.
  2. Not sell student personal information.
  3. Not use or disclose student information collected through an educational/school service (whether personal information or otherwise) for behavioral targeting of advertisements to students.
  4. Not build a personal profile of a student other than for supporting authorized educational/school purposes or as authorized by the parent/student.
  5. Not make material changes to school service provider consumer privacy policies without first providing prominent notice to the account holder(s) (i.e., the educational institution/agency, or the parent/student when the information is collected directly from the student with student/parent consent) and allowing them choices before data is used in any manner inconsistent with terms they were initially provided; and not make material changes to other policies or practices governing the use of student personal information that are inconsistent with contractual requirements.
  6. Not knowingly retain student personal information beyond the time period required to support the authorized educational/school purposes, or as authorized by the parent/student.
  7. Collect, use, share, and retain student personal information only for purposes for which we were authorized by the educational institution/agency, teacher or the parent/student.
  8. Disclose clearly in contracts or privacy policies, including in a manner easy for parents and teachers to understand, what types of student personal information we collect, if any, and the purposes for which the information we maintain is used or shared with third parties.
  9.  Support access to and correction of student personally identifiable information by the student or their authorized parent, either by assisting the educational institution in meeting its requirements or directly when the information is collected directly from the student with student/parent consent.
  10. Maintain a comprehensive security program that is reasonably designed to protect the security, privacy, confidentiality, and integrity of student personal information against risks – such as unauthorized access or use, or unintended or inappropriate disclosure – through the use of administrative, technological, and physical safeguards appropriate to the sensitivity of the information.
  11. Require that our vendors with whom student personal information is shared in order to deliver the educational service, if any, are obligated to implement these same commitments for the given student personal information.
  12. Allow a successor entity to maintain the student personal information, in the case of our merger or acquisition by another entity, provided the successor entity is subject to these same commitments for the previously collected student personal information.

About the information and how it is collected or processed by Skipper

Covered information means personally identifiable information or materials, in any media or format that meets any of the following:
  1. Is created or provided by a student, or the student’s parent or legal guardian, to an operator in the course of the student’s, parent’s, or legal guardian’s use of the operator’s site, service, or application for K–12 school purposes - Skipper neither requests nor receives any information
  2. Is created or provided by an employee or agent of the K–12 school, school district, local education agency, or county office of education, to an operator - Skipper neither requests nor receives any information
  3. Is gathered by an operator through the operation of a site, service, or application described in subdivision (a) and is descriptive of a student or otherwise identifies a student, including, but not limited to, information in the student’s educational record or email, first and last name, home address, telephone number, email address, or other information that allows physical or online contact, discipline records, test results, special education data, juvenile dependency records, grades, evaluations, criminal records, medical records, health records, social security number, biometric information, disabilities, socioeconomic information, food purchases, political affiliations, religious information, text messages, documents, student identifiers, search activity, photos, voice recordings, or geolocation information - Skipper neither requests nor receives any information