Standard Privacy Report Questions

What’s an SPR?

The Common Sense Standard Privacy Report (SPR) displays the most important privacy practices from a product’s policies in a single easy-to-read outline. The SPR indicates whether or not a product’s policies disclose that they engage in each particular privacy practice and displays an alert when a particular detail is risky, unclear, or not evaluated. This alert indicates that users should investigate these particular details prior to use.

What Questions Does the SPR Cover?

The SPR is comprised of the following 80 core questions. You can view all of the SPR core questions below with each of their possible answers for yes, no, unclear, and not evaluated. In addition, you can navigate the privacy evaluation questions which include additional background information and relevant citations to help understand each possible answer in the SPR.

Assessment:

0.1.1: (Policy Available) Are the privacy policies for the specific product (vs. the company website) made publicly available?

Statements:

  • Unanswered: Did not evaluate the availability of privacy policies.
  • Non-Transparent: Unable to determine the availability of privacy policies.
  • 'Yes' response: Privacy policies are available.
  • 'No' response: Privacy policies are not available.

0.1.3: (Default Encryption) Does the login page use encryption with HTTPS?

Statements:

  • Unanswered: Did not evaluate whether or not this product requires encryption.
  • Non-Transparent: Unable to observe whether or not this product requires encryption.
  • 'Yes' response: Site uses encryption.
  • 'No' response: Site does not use encryption.

0.1.4: (Encryption Required) Are HTTP requests made to the login page redirected to HTTPS?

Statements:

  • Unanswered: Did not evaluate whether or not encryption is forced.
  • Non-Transparent: Unable to observe whether or not encryption is forced.
  • 'Yes' response: Site forces the use of encryption.
  • 'No' response: Site does not force the use of encryption.

1: Transparency

1.1: Policy Version

1.1.1: (Effective Date) Do the policies clearly indicate the version or effective date of the policies?

Statements:

  • Unanswered: Did not evaluate whether privacy polices do indicate a version or effective date.
  • Non-Transparent: Privacy policies do not indicate a version or effective date.
  • Transparent: Privacy polices do indicate a version or effective date.

1.2: Policy Notice

1.3: Policy Changes

1.4: Policy Coverage

1.5: Policy Contact

1.6: Policy Principles

1.7: Policy Language

1.8: Intended Use

1.8.1: (Children Intended) Do the policies clearly indicate whether or not the product is intended to be used by children under the age of 13?

Statements:

  • Unanswered: Did not evaluate whether intended for children under 13.
  • Non-Transparent: Unclear whether intended for children under 13.
  • Does: Intended for children under 13.
  • Does Not: Not intended for children under 13.

1.8.2: (Teens Intended) Do the policies clearly indicate whether or not the product is intended to be used by teens 13 to 18 years of age?

Statements:

  • Unanswered: Did not evaluate whether intended for teens.
  • Non-Transparent: Unclear whether intended for teens.
  • Does: Intended for teens.
  • Does Not: Not intended for teens.

1.8.3: (Adults Intended) Do the policies clearly indicate whether or not the product is intended to be used by adults over the age of 18?

Statements:

  • Unanswered: Did not evaluate whether intended for adults over 18.
  • Non-Transparent: Unclear whether intended for adults over 18.
  • Does: Intended for adults over 18.
  • Does Not: Not intended for adults over 18.

1.8.4: (Parents Intended) Do the policies clearly indicate whether or not the product is intended to be used by parents or guardians?

Statements:

  • Unanswered: Did not evaluate whether intended for parents or guardians.
  • Non-Transparent: Unclear whether intended for parents or guardians.
  • Does: Intended for parents or guardians.
  • Does Not: Not intended for parents or guardians.

1.8.5: (Students Intended) Do the policies clearly indicate whether or not the product is intended to be used by students in preschool or K-12?

Statements:

  • Unanswered: Did not evaluate whether intended for students.
  • Non-Transparent: Unclear whether intended for students.
  • Does: Intended for students.
  • Does Not: Not intended for students.

1.8.6: (Teachers Intended) Do the policies clearly indicate whether or not the product is intended to be used by teachers?

Statements:

  • Unanswered: Did not evaluate whether intended for teachers.
  • Non-Transparent: Unclear whether intended for teachers.
  • Does: Intended for teachers.
  • Does Not: Not intended for teachers.

2: Focused Collection

2.1: Data Collection

2.1.1: (Collect PII) Do the policies clearly indicate whether or not the vendor collects Personally Identifiable Information (PII)?

Statements:

  • Unanswered: Did not evaluate whether this product collects personally identifiable information.
  • Non-Transparent: Unclear whether this product collects personally identifiable information.
  • Does: Personally identifiable information (PII) is collected.
  • Does Not: Personally identifiable information (PII) is not collected.

2.1.3: (Geolocation Data) Do the policies clearly indicate whether or not precise geolocation data are collected?

Statements:

  • Unanswered: Did not evaluate whether this product collects geolocation data.
  • Non-Transparent: Unclear whether this product collects geolocation data.
  • Does: Geolocation data are collected.
  • Does Not: Geolocation data are not collected.

2.1.4: (Health Data) Do the policies clearly indicate whether or not any health or biometric data are collected?

Statements:

  • Unanswered: Did not evaluate whether this product collects biometric or health data.
  • Non-Transparent: Unclear whether this product collects biometric or health data.
  • Does: Biometric or health data are collected.
  • Does Not: Biometric or health data are not collected.

2.1.5: (Behavioral Data) Do the policies clearly indicate whether or not any behavioral data are collected?

Statements:

  • Unanswered: Did not evaluate whether this product collects behavioral data.
  • Non-Transparent: Unclear whether this product collects behavioral data.
  • Does: Behavioral data are collected.
  • Does Not: Behavioral data are not collected.

2.1.7: (Usage Data) Do the policies clearly indicate whether or not the product automatically collects any information?

Statements:

  • Unanswered: Did not evaluate whether this product collects non-personally identifiable information.
  • Non-Transparent: Unclear whether this product collects non-personally identifiable information.
  • Does: Non-personally identifiable information is collected.
  • Does Not: Non-personally identifiable information is not collected.

2.2: Data Source

2.3: Data Exclusion

2.4: Data Limitation

2.4.1: (Collection Limitation) Do the policies clearly indicate whether or not the vendor limits the collection or use of information to only data that are specifically required for the product?

Statements:

  • Unanswered: Did not evaluate if collection or use of data is limited to product requirements.
  • Non-Transparent: Unclear if collection or use of data is limited to product requirements.
  • Does: Collection or use of data is limited to product requirements.
  • Does Not: Collection or use of data is not limited to product requirements.

3: Data Sharing

3.1: Data Shared With Third Parties

3.2: Data Use by Third Parties

3.2.2: (Third-Party Analytics) Do the policies clearly indicate whether or not collected information is shared with third parties for analytics and tracking purposes?

Statements:

  • Unanswered: Did not evaluate whether data are shared for analytics.
  • Non-Transparent: Unclear whether data are shared for analytics.
  • Does: Data are shared for analytics.
  • Does Not: Data are not shared for analytics.

3.2.3: (Third-Party Research) Do the policies clearly indicate whether or not collected information is shared with third parties for research or product improvement purposes?

Statements:

  • Unanswered: Did not evaluate whether data are shared for research and/or product improvement.
  • Non-Transparent: Unclear whether data are shared for research and/or product improvement.
  • Does: Data are shared for research and/or product improvement.
  • Does Not: Data are not shared for research and/or product improvement.

3.2.4: (Third-Party Marketing) Do the policies clearly indicate whether or not personal information is shared with third parties for advertising or marketing purposes?

Statements:

  • Unanswered: Did not evaluate whether data are shared for advertising and/or marketing.
  • Non-Transparent: Unclear whether data are shared for advertising and/or marketing.
  • Does: Data are shared for advertising or marketing.
  • Does Not: Data are not shared for advertising or marketing.

3.3: Data Not Shared With Third Parties

3.4: Data Sold to Third Parties

3.4.1: (Data Sold) Do the policies clearly indicate whether or not a user's personal information is sold or rented to third parties?

Statements:

  • Unanswered: Did not evaluate whether data are sold or rented to third parties.
  • Non-Transparent: Unclear whether data are sold or rented to third parties.
  • Does: Data are sold or rented to third parties.
  • Does Not: Data are not sold or rented to third parties.

3.5: Third-Party Data Acquisition

3.6: Third-Party Links

3.7: Third-Party Data Access

3.8: Third-Party Data Collection

3.9: Third-Party Data Misuse

3.10: Third-Party Service Providers

3.10.1: (Third-Party Providers) Do the policies clearly indicate whether or not third-party services are used to support the internal operations of the vendor's product?

Statements:

  • Unanswered: Did not evaluate whether data are shared with third-party service providers.
  • Non-Transparent: Unclear whether data are shared with third-party service providers.
  • Does: Data are shared with third-party service providers.
  • Does Not: Data are not shared with third-party service providers.

3.10.2: (Third-Party Roles) Do the policies clearly indicate the role of third-party service providers?

Statements:

  • Unanswered: Did not evaluate the roles of third-party service providers.
  • Non-Transparent: The roles of third-party service providers are unclear.
  • Transparent: The roles of third-party service providers are indicated.

3.11: Third-Party Affiliates

3.12: Third-Party Policies

3.13: Third-Party Data Combination

3.14: Third-Party Authentication

3.14.1: (Social Login) Do the policies clearly indicate whether or not social or federated login is supported to use the product?

Statements:

  • Unanswered: Did not evaluate whether this product supports social or federated login.
  • Non-Transparent: Unclear whether this product supports social or federated login.
  • Does: Social or federated login is supported.
  • Does Not: Social or federated login is not supported.

3.15: De-identified or Anonymized Data

3.16: Third-Party Contractual Obligations

4: Respect for Context

4.1: Data Use

4.1.1: (Purpose Limitation) Do the policies clearly indicate whether or not the vendor limits the use of data collected by the product to the educational purpose for which it was collected?

Statements:

  • Unanswered: Did not evaluate whether use of information is limited to the purpose for which it was collected.
  • Non-Transparent: Unclear whether use of information is limited to the purpose for which it was collected.
  • Does: Use of information is limited to the purpose for which it was collected.
  • Does Not: Use of information is not limited to the purpose for which it was collected.

4.2: Data Combination

4.3: Data Notice

4.4: Data Changes

4.5: Policy Enforcement

5: Individual Control

5.1: User Content

5.1.1: (User Submission) Do the policies clearly indicate whether or not a user can create or upload content to the product?

Statements:

  • Unanswered: Did not evaluate whether users can create or upload content.
  • Non-Transparent: Unclear whether users can create or upload content.
  • Does: Users can create or upload content.
  • Does Not: Users cannot create or upload content.

5.2: User Consent

5.3: Remedy Process

5.4: Data Settings

5.5: Data Disclosure

5.6: Intellectual Property

6: Access and Accuracy

6.1: Data Access

6.1.1: (Access Data) Do the policies clearly indicate whether or not the vendor provides authorized individuals a method to access a user's personal information?

Statements:

  • Unanswered: Did not evaluate whether this product provides processes to access and review user data.
  • Non-Transparent: Unclear whether this product provides processes to access and review user data.
  • Does: Processes to access and review user data are available.
  • Does Not: Processes to access and review user data are not available.

6.1.3: (Review Data) Do the policies clearly indicate whether or not the vendor provides a process available for the school, parents, or eligible students to review student information?

Statements:

  • Unanswered: Did not evaluate whether the school, parents, or students can review data.
  • Non-Transparent: Unclear whether the school, parents, or students can review data.
  • Does: Processes to review data are available for the school, parents, or students.
  • Does Not: Processes to review data are not available for the school, parents, or students.

6.2: Data Integrity

6.3: Data Correction

6.3.1: (Data Modification) Do the policies clearly indicate whether or not the vendor provides authorized individuals with the ability to modify a user's inaccurate data?

Statements:

  • Unanswered: Did not evaluate whether this product provides processes to modify inaccurate information.
  • Non-Transparent: Unclear whether this product provides processes to modify inaccurate information.
  • Does: Processes to modify inaccurate information are available.
  • Does Not: Processes to modify inaccurate information are not available.

6.3.2: (Modification Process) Do the policies clearly indicate whether or not the vendor provides a process for the schools, parents, or eligible students to modify inaccurate student information?

Statements:

  • Unanswered: Did not evaluate whether the school, parents, or students can modify data.
  • Non-Transparent: Unclear whether the school, parents, or students can modify data.
  • Does: Processes for the school, parents, or students to modify data are available.
  • Does Not: Processes for the school, parents, or students to modify data are not available.

6.4: Data Retention

6.4.1: (Retention Policy) Do the policies clearly indicate the vendor's data retention policy, including any data sunsets or any time-period after which a user's data will be automatically deleted if they are inactive on the product?

Statements:

  • Unanswered: Did not evaluate whether this product provides a data-retention policy.
  • Non-Transparent: Unclear whether this product provides a data-retention policy.
  • Transparent: A data-retention policy is available.

6.5: Data Deletion

6.5.1: (Deletion Purpose) Do the policies clearly indicate whether or not the vendor will delete a user's personal information when the data are no longer necessary to fulfill its intended purpose?

Statements:

  • Unanswered: Did not evaluate whether this product deletes data when no longer necessary.
  • Non-Transparent: Unclear whether this product deletes data when no longer necessary.
  • Does: Data are deleted when no longer necessary.
  • Does Not: Data are not deleted when no longer necessary.

6.5.3: (User Deletion) Do the policies clearly indicate whether or not a user can delete all of their personal and non-personal information from the vendor?

Statements:

  • Unanswered: Did not evaluate whether a user can delete all their data.
  • Non-Transparent: Unclear whether a user can delete all their data.
  • Does: Processes to delete user data are available.
  • Does Not: Processes to delete user data are not available.

6.5.4: (Deletion Process) Do the policies clearly indicate whether or not the vendor provides a process for the school, parent, or eligible student to delete a student's personal information?

Statements:

  • Unanswered: Did not evaluate whether the school, parents, or students can delete data.
  • Non-Transparent: Unclear whether the school, parents, or students can delete data.
  • Does: Processes for the school, parents, or students to delete data are available.
  • Does Not: Processes for the school, parents, or students to delete data are not available.

6.6: Data Portability

6.6.1: (User Export) Do the policies clearly indicate whether or not a user can export or download their data, including any user created content on the product?

Statements:

  • Unanswered: Did not evaluate whether this product provides users the ability to download their data.
  • Non-Transparent: Unclear whether this product provides users the ability to download their data.
  • Does: Processes to download user data are available.
  • Does Not: Processes to download user data are not available.

7: Data Transfer

7.1: Data Handling

7.1.1: (Transfer Data) Do the policies clearly indicate whether or not the vendor can transfer a user's data in the event of the vendor's merger, acquisition, or bankruptcy?

Statements:

  • Unanswered: Did not evaluate whether user information can be transferred to a third party.
  • Non-Transparent: Unclear whether user information can be transferred to a third party.
  • Does: User information can be transferred to a third party.
  • Does Not: User information cannot be transferred to a third party.

7.2: Transfer Request

7.3: Onward Contractual Obligations

8: Security

8.1: User Identity

8.2: User Account

8.2.1: (Account Required) Do the policies indicate whether or not the vendor requires a user to create an account with a username and password in order to use the product?

Statements:

  • Unanswered: Did not evaluate whether this product requires account creation.
  • Non-Transparent: Unclear whether this product requires account creation.
  • Does: Account creation is required.
  • Does Not: Account creation is not required.

8.3: Third-party Security

8.4: Data Confidentiality

8.4.1: (Reasonable Security) Do the policies clearly indicate whether or not reasonable security standards are used to protect the confidentiality of a user's personal information?

Statements:

  • Unanswered: Did not evaluate whether this product uses industry best practices to protect data.
  • Non-Transparent: Unclear whether this product uses industry best practices to protect data.
  • Does: Industry best practices are used to protect data.
  • Does Not: Industry best practices are not used to protect data.

8.4.2: (Employee Access) Do the policies clearly indicate whether or not the vendor implements physical access controls or limits employee access to user information?

Statements:

  • Unanswered: Did not evaluate whether this product limits employee access to user information.
  • Non-Transparent: Unclear whether this product limits employee access to user information.
  • Does: Employee access to user information is limited.
  • Does Not: Employee access to user information is not limited.

8.5: Data Transmission

8.5.1: (Transit Encryption) Do the policies clearly indicate whether or not all data in transit is encrypted?

Statements:

  • Unanswered: Did not evaluate whether this product encrypts all data in transit.
  • Non-Transparent: Unclear whether this product encrypts all data in transit.
  • Does: All data in transit are encrypted.
  • Does Not: All data in transit are not encrypted.

8.6: Data Storage

8.6.1: (Storage Encryption) Do the policies clearly indicate whether or not all data at rest is encrypted?

Statements:

  • Unanswered: Did not evaluate whether this product encrypts all data at rest.
  • Non-Transparent: Unclear whether this product encrypts all data at rest.
  • Does: All data at rest are encrypted.
  • Does Not: All data at rest are not encrypted.

8.7: Data Breach

8.7.1: (Breach Notice) Do the policies clearly indicate whether or not the vendor provides notice in the event of a data breach to affected individuals?

Statements:

  • Unanswered: Did not evaluate whether this product provides notice in the event of a data breach.
  • Non-Transparent: Unclear whether this product provides notice in the event of a data breach.
  • Does: Notice is provided in the event of a data breach.
  • Does Not: Notice is not provided in the event of a data breach.

8.8: Data Oversight

8.8.1: (Security Audit) Do the policies clearly indicate whether or not the data privacy or security practices of the vendor are internally or externally audited to ensure compliance?

Statements:

  • Unanswered: Did not evaluate whether this product performs data-privacy and security-compliance audits.
  • Non-Transparent: Unclear whether this product performs data-privacy and security-compliance audits.
  • Does: Data-privacy and security-compliance audits are performed.
  • Does Not: Data-privacy and security-compliance audits are not performed.

9: Responsible Use

9.1: Social Interactions

9.1.1: (Safe Interactions) Do the policies clearly indicate whether or not a user can interact with trusted users?

Statements:

  • Unanswered: Did not evaluate whether this product supports interactions between trusted users and/or students.
  • Non-Transparent: Unclear whether this product supports interactions between trusted users and/or students.
  • Does: Users can interact with trusted users and/or students.
  • Does Not: Users cannot interact with trusted users and/or students.

9.1.2: (Unsafe Interactions) Do the policies clearly indicate whether or not a user can interact with untrusted users?

Statements:

  • Unanswered: Did not evaluate whether users can interact with untrusted users, including strangers and/or adults.
  • Non-Transparent: Unclear whether users can interact with untrusted users, including strangers and/or adults.
  • Does: Users can interact with untrusted users, including strangers and/or adults.
  • Does Not: Users cannot interact with untrusted users, including strangers and/or adults.

9.1.3: (Share Profile) Do the policies clearly indicate whether or not information must be shared or revealed by a user in order to participate in social interactions?

Statements:

  • Unanswered: Did not evaluate whether profile information is shared for social interactions.
  • Non-Transparent: Unclear whether profile information is shared for social interactions.
  • Does: Profile information is shared for social interactions.
  • Does Not: Profile information is not shared for social interactions.

9.2: Data Visibility

9.2.1: (Visible Data) Do the policies clearly indicate whether or not a user's personal information can be displayed publicly in any way?

Statements:

  • Unanswered: Did not evaluate whether this product displays personal information publicly.
  • Non-Transparent: Unclear whether this product displays personal information publicly.
  • Does: Personal information is displayed publicly.
  • Does Not: Personal information is not displayed publicly.

9.2.2: (Control Visibility) Do the policies clearly indicate whether or not a user has control over how their personal information is displayed to others?

Statements:

  • Unanswered: Did not evaluate whether this product allows users to control how their data are displayed.
  • Non-Transparent: Unclear whether this product allows users to control how their data are displayed.
  • Does: Users can control how their data are displayed.
  • Does Not: Users cannot control how their data are displayed.

9.3: Monitor and Review

9.3.1: (Monitor Content) Do the policies clearly indicate whether or not the vendor reviews, screens, or monitors user-created content?

Statements:

  • Unanswered: Did not evaluate whether content is reviewed, screened, or monitored by the vendor.
  • Non-Transparent: Unclear whether content is reviewed, screened, or monitored by the vendor.
  • Does: Content is reviewed, screened, or monitored by the vendor.
  • Does Not: Content is not reviewed, screened, or monitored by the vendor.

9.3.3: (Moderating Interactions) Do the policies clearly indicate whether or not social interactions between users of the product are moderated?

Statements:

  • Unanswered: Did not evaluate whether social interactions between users are moderated.
  • Non-Transparent: Unclear whether social interactions between users are moderated.
  • Does: Social interactions between users are moderated.
  • Does Not: Social interactions between users are not moderated.

9.4: Report Content

9.4.1: (Block Content) Do the policies clearly indicate whether or not an educator, parent, or a school has the ability to filter or block inappropriate content or social interactions?

Statements:

  • Unanswered: Did not evaluate whether users can filter or block inappropriate content.
  • Non-Transparent: Unclear whether users can filter or block inappropriate content.
  • Does: Users can filter or block inappropriate content.
  • Does Not: Users cannot filter or block inappropriate content.

9.4.2: (Report Abuse) Do the policies clearly indicate whether or not a user can report abusive behavior, or cyberbullying?

Statements:

  • Unanswered: Did not evaluate whether users can report abuse or cyberbullying.
  • Non-Transparent: Unclear whether users can report abuse or cyberbullying.
  • Does: Users can report abuse or cyberbullying.
  • Does Not: Users cannot report abuse or cyberbullying.

9.5: Internet Safety

10: Advertising

10.1: Vendor Communications

10.2: Traditional Advertising

10.2.1: (Traditional Ads) Do the policies clearly indicate whether or not traditional advertisements are displayed to a user based on a webpage's content, and not that user's data?

Statements:

  • Unanswered: Did not evaluate whether this product displays traditional advertisements.
  • Non-Transparent: Unclear whether this product displays traditional advertisements.
  • Does: Traditional advertisements are displayed.
  • Does Not: Traditional advertisements are not displayed.

10.3: Behavioral Advertising

10.3.1: (Behavioral Ads) Do the policies clearly indicate whether or not behavioral advertising based on a user's personal information are displayed?

Statements:

  • Unanswered: Did not evaluate whether this product displays behavioral or contextual advertising.
  • Non-Transparent: Unclear whether this product displays behavioral or contextual advertising.
  • Does: Behavioral or contextual advertising is displayed.
  • Does Not: Behavioral or contextual advertising is not displayed.

10.4: Ad Tracking

10.4.1: (Third-Party Tracking) Do the policies clearly indicate whether or not third-party advertising services or tracking technologies collect any information from a user of the product?

Statements:

  • Unanswered: Did not evaluate whether this product allows data collection by third-party advertising or tracking services.
  • Non-Transparent: Unclear whether this product allows data collection by third-party advertising or tracking services.
  • Does: Data are collected by third-party advertising or tracking services.
  • Does Not: Data are not collected by third-party advertising or tracking services.

10.4.2: (Track Users) Do the policies clearly indicate whether or not a user's information is used to track users and display target advertisements on other third-party websites or services?

Statements:

  • Unanswered: Did not evaluate whether this product uses data to track and target advertisements on other third-party websites or services.
  • Non-Transparent: Unclear whether this product uses data to track and target advertisements on other third-party websites or services.
  • Does: Data are used to track and target advertisements on other third-party websites or services.
  • Does Not: Data are not used to track and target advertisements on other third-party websites or services.

10.4.3: (Data Profile) Do the policies clearly indicate whether or not the vendor allows third parties to use a student's data to create an automated profile, engage in data enhancement, conduct social advertising, or target advertising to students, parents, teachers, or the school?

Statements:

  • Unanswered: Did not evaluate whether this product allows third parties to use data to create ad profiles, data enhancement, and/or targeted advertisements.
  • Non-Transparent: Unclear whether this product allows third parties to use data to create ad profiles, data enhancement, and/or targeted advertisements.
  • Does: Third parties can use data to create ad profiles, data enhancement, and/or targeted advertisements.
  • Does Not: Third parties cannot use data to create ad profiles, data enhancement, and/or targeted advertisements.

10.5: Filtered Advertising

10.6: Marketing Communications

10.6.1: (Marketing Messages) Do the policies clearly indicate whether or not the vendor may send marketing emails, text messages, or other related communications that may be of interest to a user?

Statements:

  • Unanswered: Did not evaluate whether this vendor can send marketing messages.
  • Non-Transparent: Unclear whether this vendor can send marketing messages.
  • Does: Vendor can send marketing messages.
  • Does Not: Vendor cannot send marketing messages.

10.6.2: (Third-Party Promotions) Do the policies clearly indicate whether or not the vendor may ask a user to participate in any sweepstakes, contests, surveys, or other similar promotions?

Statements:

  • Unanswered: Did not evaluate whether this product provides promotional sweepstakes, contests, or surveys.
  • Non-Transparent: Unclear whether this product provides promotional sweepstakes, contests, or surveys.
  • Does: Vendor does provide promotional sweepstakes, contests, or surveys.
  • Does Not: Vendor does not provide promotional sweepstakes, contests, or surveys.

10.7: Unsubscribe

10.7.1: (Unsubscribe Ads) Do the policies clearly indicate whether or not a user can opt-out of traditional, or behavioral advertising?

Statements:

  • Unanswered: Did not evaluate whether this product provides users the ability to opt out of traditional, contextual, or behavioral advertising.
  • Non-Transparent: Unclear whether this product provides users the ability to opt out of traditional, contextual, or behavioral advertising.
  • Does: Users can opt out of traditional, contextual, or behavioral advertising.
  • Does Not: Users cannot opt out of traditional, contextual, or behavioral advertising.

10.7.2: (Unsubscribe Marketing) Do the policies clearly indicate whether or not a user can opt-out or unsubscribe from a vendor or third party marketing communication?

Statements:

  • Unanswered: Did not evaluate whether this product provides users the ability to opt out of or unsubscribe from marketing communications.
  • Non-Transparent: Unclear whether this product provides users the ability to opt out of or unsubscribe from marketing communications.
  • Does: Users can opt out of or unsubscribe from marketing communications.
  • Does Not: Users cannot opt out of or unsubscribe from marketing communications.

10.8: Do Not Track

10.8.1: (DoNotTrack Response) Do the policies clearly indicate whether or not the vendor responds to a "Do Not Track" signal or other opt-out mechanisms from a user?

Statements:

  • Unanswered: Did not evaluate whether this product responds to Do Not Track or other opt-out mechanisms.
  • Non-Transparent: Unclear whether this product responds to Do Not Track or other opt-out mechanisms.
  • Does: Vendor does respond to Do Not Track or other opt-out mechanisms.
  • Does Not: Vendor does not respond to Do Not Track or other opt-out mechanisms.

11: Compliance

11.1: Children Under 13

11.1.1: (Actual Knowledge) Do the policies clearly indicate whether or not the vendor has actual knowledge that personal information from children under 13 years of age is collected by the product?

Statements:

  • Unanswered: Did not evaluate whether vendor has actual knowledge that PII from users under 13 years of age is collected.
  • Non-Transparent: Unclear whether vendor has actual knowledge that PII from users under 13 years of age is collected.
  • Does: Vendor does have actual knowledge that PII from users under 13 years of age is collected.
  • Does Not: Vendor does not have actual knowledge that PII from users under 13 years of age is collected.

11.1.2: (COPPA Notice) Do the policies clearly indicate whether or not the vendor describes: (1) what information is collected from children under 13 years of age, (2) how that information is used, and (3) its disclosure practices for that information?

Statements:

  • Unanswered: Did not evaluate whether children's privacy is applicable.
  • Non-Transparent: Unclear whether children's privacy is applicable.
  • Does: Children's privacy is applicable.
  • Does Not: Children's privacy is not applicable.

11.1.3: (Restrict Account) Do the policies clearly indicate whether or not the vendor prohibits creating an account for a child under 13 years of age?

Statements:

  • Unanswered: Did not evaluate whether this product restricts account creation for users under 13 years of age.
  • Non-Transparent: Unclear whether this product restricts account creation for users under 13 years of age.
  • Does: Account creation is restricted for users under 13 years of age.
  • Does Not: Account creation is not restricted for users under 13 years of age.

11.1.4: (Restrict Purchase) Do the policies clearly indicate whether or not the vendor restricts in-app purchases for a child under 13 years of age?

Statements:

  • Unanswered: Did not evaluate whether this product restricts in-app purchases for users under 13 years of age.
  • Non-Transparent: Unclear whether this product restricts in-app purchases for users under 13 years of age.
  • Does: Vendor does restrict in-app purchases for users under 13 years of age.
  • Does Not: Vendor does not restrict in-app purchases for users under 13 years of age.

11.2: Students in K–12

11.2.1: (School Purpose) Do the policies clearly indicate whether or not the product is primarily used, designed, and marketed for preschool or K-12 school purposes?

Statements:

  • Unanswered: Did not evaluate whether this product is primarily used by, designed for, and marketed toward students in grades pre-K–12.
  • Non-Transparent: Unclear whether this product is primarily used by, designed for, and marketed toward students in grades pre-K–12.
  • Does: Product is primarily used by, designed for, and marketed toward students in grades pre-K–12.
  • Does Not: Product is not primarily used by, designed for, and marketed toward students in grades pre-K–12.

11.2.2: (Education Records) Do the policies clearly indicate the process by which education records are entered into the product? For example, are data entered by district staff, school employees, parents, teachers, students, or some other person?

Statements:

  • Unanswered: Did not evaluate whether product creates education records.
  • Non-Transparent: Unclear whether product creates education records.
  • Transparent: Product does create education records.

11.2.3: (School Contract) Do the policies clearly indicate whether or not the vendor provides a contract to a Local Educational Agency (LEA) or otherwise provides notice to users of additional rights?

Statements:

  • Unanswered: Did not evaluate whether this product provides notification of a contract or additional rights.
  • Non-Transparent: Unclear whether this product provides notification of a contract or additional rights.
  • Does: Notification of a contract or additional rights is provided.
  • Does Not: Notification of a contract or additional rights is not provided.

11.2.4: (School Official) Do the policies clearly indicate whether or not the vendor is under the direct control of the educational institution and designates themselves a 'school official' under FERPA?

Statements:

  • Unanswered: Did not evaluate whether this product designates the vendor as a school official.
  • Non-Transparent: Unclear whether this product designates the vendor as a school official.
  • Does: Vendor is designated as a school official.
  • Does Not: Vendor is not designated as a school official.

11.3: Parental Consent

11.3.1: (Parental Consent) Do the policies clearly indicate whether or not the vendor or third party obtains verifiable parental consent before they collect or disclose personal information?

Statements:

  • Unanswered: Did not evaluate whether this product requires parental consent.
  • Non-Transparent: Unclear whether this product requires parental consent.
  • Does: Parental consent is required.
  • Does Not: Parental consent is not required.

11.3.2: (Limit Consent) Do the policies clearly indicate whether or not a parent can consent to the collection and use of their child's personal information without also consenting to the disclosure of the information to third parties?

Statements:

  • Unanswered: Did not evaluate whether this product limits parental consent with respect to third parties.
  • Non-Transparent: Unclear whether this product limits parental consent with respect to third parties.
  • Does: Parental consent is limited with respect to third parties.
  • Does Not: Parental consent is not limited with respect to third parties.

11.3.3: (Withdraw Consent) Do the policies clearly indicate whether or not the vendor responds to a request from a parent or guardian to prevent further collection of their child's information?

Statements:

  • Unanswered: Did not evaluate whether this product allows parents to withdraw consent for the further collection of their child's information.
  • Non-Transparent: Unclear whether this product allows parents to withdraw consent for the further collection of their child's information.
  • Does: Parents can withdraw consent for the further collection of their child's information.
  • Does Not: Parents cannot withdraw consent for the further collection of their child's information.

11.3.4: (Delete Child-PII) Do the policies clearly indicate whether or not the vendor deletes personal information from a student or child under 13 years of age if collected without parental consent?

Statements:

  • Unanswered: Did not evaluate whether this product deletes children's personal information if collected without parental consent.
  • Non-Transparent: Unclear whether this product deletes children's personal information if collected without parental consent.
  • Does: Children's personal information is deleted if collected without parental consent.
  • Does Not: Children's personal information is not deleted if collected without parental consent.

11.3.5: (Consent Method) Do the policies clearly indicate whether or not the vendor provides notice to parents or guardians of the methods to provide verifiable parental consent under COPPA?

Statements:

  • Unanswered: Did not evaluate whether this product provides parental consent notice and method for submission.
  • Non-Transparent: Unclear whether this product provides parental consent notice and method for submission.
  • Does: Parental consent notice and method for submission are provided.
  • Does Not: Parental consent notice and method for submission are not provided.

11.3.7: (COPPA Exception) Do the policies clearly indicate whether or not the vendor collects personal information from children without verifiable parental consent for the sole purpose of trying to obtain consent under COPPA?

Statements:

  • Unanswered: Did not evaluate whether this product discloses COPPA parental consent exceptions.
  • Non-Transparent: Unclear whether this product discloses COPPA parental consent exceptions.
  • Does: COPPA parental consent exceptions are disclosed.
  • Does Not: COPPA parental consent exceptions are not disclosed.

11.3.8: (FERPA Exception) Do the policies clearly indicate whether or not the vendor may disclose personal information without verifiable parental consent under a FERPA exception?

Statements:

  • Unanswered: Did not evaluate whether this product discloses COPPA parental consent exceptions.
  • Non-Transparent: Unclear whether this product discloses FERPA parental consent exceptions.
  • Does: FERPA parental consent exceptions are disclosed.
  • Does Not: FERPA parental consent exceptions are not disclosed.

11.3.9: (Directory Information) Do the policies clearly indicate whether or not the vendor discloses student information as 'Directory Information' under a FERPA exception?

Statements:

  • Unanswered: Did not evaluate whether this product discloses directory information.
  • Non-Transparent: Unclear whether this product discloses directory information.
  • Does: Directory information is disclosed.
  • Does Not: Directory information is not disclosed.

11.3.10: (School Consent) Do the policies clearly indicate whether or not responsibility or liability for obtaining verified parental consent is transferred to the school or district?

Statements:

  • Unanswered: Did not evaluate whether this product transfers parental consent obligations to the school or district.
  • Non-Transparent: Unclear whether this product transfers parental consent obligations to the school or district.
  • Does: Parental consent obligations are transferred to the school or district.
  • Does Not: Parental consent obligations are not transferred to the school or district.

11.4: Legal Requirements

11.5: Certification

11.6: International Laws