Privacy and Security Policy

1. Introduction
StudyForge is a non-profit, mission-driven organization dedicated to protecting the privacy of our users, including students, teachers, and administrators, in compliance with applicable student privacy laws and regulations. Our commitment to education and the community allows us to prioritize user privacy and avoid potential conflicts of interest that may arise in profit-driven companies. This privacy policy outlines our data collection, use, and protection practices to ensure transparency and trust with our users and educational institutions. By using the StudyForge platform, users agree to the collection, use, and disclosure of their information as described in this policy. Please review the policy carefully to understand how we handle personal information and safeguard users’ privacy.

2. Scope
This privacy policy applies to all users of the StudyForge platform, including students, teachers, and administrators. The policy outlines the types of data collected by StudyForge, how the data is used, and the measures taken to protect users’ privacy in compliance with applicable laws and regulations.

User categories: The StudyForge platform is designed to serve students, teachers, and administrators within educational institutions. The privacy policy covers the data collection, use, and protection practices relevant to each of these user categories.

Data types: StudyForge collects various types of data from its users, including Personally Identifiable Information (PII), engagement data, and performance data, as well as technical information related to platform usage. The policy provides details on how each type of data is collected, used, and protected.

Data usage: StudyForge uses the collected data primarily to support teachers in their educational efforts, generate reports for teachers and administrators, and improve the overall user experience. The policy outlines the specific uses of the collected data and provides assurances regarding the avoidance of unauthorized purposes, such as targeted advertising or selling student data.

3. Compliance with Applicable Laws

StudyForge is committed to complying with all applicable federal, state, and local laws and regulations pertaining to the protection of student privacy. This includes, but is not limited to, the Family Educational Rights and Privacy Act (FERPA), the Protection of Pupil Rights Amendment (PPRA), General Data Protection Regulation(GDPR), and the Children’s Online Privacy Protection Act (COPPA).

As an edtech service provider, StudyForge acknowledges its responsibility to protect student education records and data in accordance with FERPA and other relevant laws. We will work closely with educational institutions to ensure that our data handling practices comply with their obligations under FERPA and other applicable regulations.

4. Data Collection
StudyForge collects various types of information from its users, which include students, teachers, and administrators. The categories of data collected are as follows:

Personally Identifiable Information (PII): While not mandatory, StudyForge may collect users’ first name, last name, and email address when provided by users or shared by the educational institution through their Learning Management System.

Engagement Data: StudyForge tracks user interactions with the content on our platform. Our content consists of lessons made up of “learning objects.” We collect information about users’ progress through these learning objects and lessons.

Performance Data: StudyForge collects users’ scores on quizzes taken within the platform.

In addition to the data provided by users or educational institutions, StudyForge may also collect certain technical information automatically, such as IP addresses, device types, and browser types, to help improve the functionality of our platform, and to publish issues.

5. Data Use

StudyForge uses the collected data for various purposes, including:

Supporting teachers: Engagement and performance data are primarily collected to provide teachers with valuable insights into their students’ learning progress, helping them better support their students and adjust their teaching strategies as needed.

Analyzing platform usage: We use engagement data, performance data, and technical information to better understand how users interact with our platform, identify trends, and improve the overall user experience.

Generating reports: StudyForge generates aggregate reports on user progress and performance for teachers and administrators to support their educational and administrative tasks.

Providing support and communication: PII may be used to communicate with teachers and administrators, provide support, or respond to inquiries. We do not contact students directly.

Maintaining and improving our platform or content: We may use collected data to maintain and improve the functionality, security, and overall quality of our platform or content.

StudyForge will never sell student data, nor use any student data for targeted advertising.

6. Data Retention and Deletion

Retention period: StudyForge retains student data for the duration of the client relationship with the educational institution. As long as the institution continues to use StudyForge’s services, we will maintain the student data to support the platform’s educational and administrative functions.

De-identification upon termination: When an educational institution provides written notice that it will no longer use StudyForge’s services, we will de-identify the student data, removing any Personally Identifiable Information (PII) and retaining only anonymized data for product improvement purposes.

Data deletion upon request: If an educational institution requests the deletion of student data upon termination of the client relationship, StudyForge will comply with the request and securely delete the relevant data in accordance with applicable laws and regulations.

Secure data disposal: StudyForge will take appropriate measures to ensure the secure disposal of student data when it is no longer needed or upon request, using methods that prevent unauthorized access, disclosure, or reconstruction of the data.

7. Data Security
StudyForge is committed to safeguarding the security of the data we collect and store. As a leading edtech service provider, we understand the importance of implementing robust security measures to protect the privacy and integrity of our users’ information. To that end, we have established the following practices:

Industry-standard encryption: We employ industry-standard encryption technologies, such as Secure Socket Layer (SSL) or Transport Layer Security (TLS), to protect data during transmission and storage.

Access controls: StudyForge restricts access to user data on a need-to-know basis. Only authorized employees and contractors with specific job functions requiring access to the data are granted access, and they are bound by confidentiality obligations.

Regular security assessments: We conduct security assessments, including penetration testing and vulnerability scanning, to identify and remediate potential risks and vulnerabilities in our systems and processes.

Incident response plan: StudyForge has a comprehensive incident response plan in place to effectively address any security incidents. In the event of a data breach, we will notify affected users and educational institutions as required by applicable laws and regulations.

Ongoing security improvements: We are dedicated to staying informed about the latest security best practices and continually updating our security measures to ensure the ongoing protection of user data.

8. Educational Institution Rights
StudyForge recognizes the importance of granting educational institutions control over the data they input into our platform, as well as the data created by teachers and students within the platform. We aim to empower educational institutions to manage and protect their data in accordance with applicable laws and regulations. To that end, we have established the following rights for educational institutions:

Data ownership: Educational institutions retain ownership of the data they input into the StudyForge platform, as well as the data created by teachers and students using the platform. StudyForge does not claim ownership of this data and will treat it as the property of the respective educational institution.

Data access, editing, and retrieval: Educational institutions have the right to access, edit, and retrieve their data stored on the StudyForge platform at any time. Upon request, StudyForge will provide the institution with a copy of their data in a commonly used, machine-readable format within 30 days of the request.

Data deletion: Educational institutions have the right to request the deletion of their data from the StudyForge platform, subject to the conditions outlined in the section on “Data Retention and Deletion.”

9. 3rd Party Vendors
StudyForge requires that all vendors it makes use of will comply with the requirements of this privacy policy.

10. Successor entity
In the case that StudyForge is acquired or merged with any other entity, the successor entity is subject to these same commitments for the previously collected Student PII.

11. Contact Information
If you have any questions, concerns, or requests pertaining to this privacy policy, please direct your inquiries to the appropriate contact as detailed below. StudyForge is committed to addressing your inquiries in a timely and professional manner.
Please submit your questions, concerns, or requests via email to, and our team will respond accordingly.

12. StudyForge will not make material changes to this privacy policy without first providing prominent notice to the users and allowing them choices before data is used in any manner inconsistent with the terms they were initially provided.