PULL ME
Style Selector
Layout Style
Boxed Background Patterns
Boxed Background Images
Color Scheme
Reset Styles

iSTEEP Privacy and Data Security Policy

iSTEEP Privacy Policy

iSTEEP PRIVACY STATEMENT

At ISTEEP, Inc. (“ISTEEP”), user privacy is important to us. We want you to feel ascomfortable as possible visiting iSTEEP.com and other websites and using ISTEEP products. This Privacy Statement will tell you what information ISTEEP collects, how we use that information, what choices you have concerning how such information is used and how we protect your information. We urge you to read our Privacy Statement so that you willunderstand both our commitment to you and your privacy, and how you can participate in that commitment. You can always e-mail us at Support@isteep.com if you have questions or concerns about this Privacy Statement.

FERPA (Family Educational Rights and Privacy Act)

iSTEEP operates under FERPA’s “school official” exception [34 CFR § 99.31(a)(1)], which allows districts to use educational technology providers without requiring individual parental or caregiver consent when:

  • The provider has a legitimate educational interest.
  • The provider is under the direct control of the district.
  • The provider adheres to FERPA’s redisclosure limitations.

iSTEEP meets all three requirements. This ensures districts can roster students and share necessary educational records, like reading performance data and voice recordings, without additional consent.

PRIVACY POLICY

Student Assessment Data

Except as specifically set forth herein, ISTEEP will not access your Student Data nor will wedisclose your Student Data to any third parties.

ISTEEP will not access Student Data entered by you in the course of using the assessment and reporting services except in the following limited circumstances: (i) to provide you with technical support, solely at your request and with your permission; (ii) on a limited-access basis to install updates or produce regular backups.

ISTEEP will not provide your ISTEEP Student Data to any third party or permit any third party to access your ISTEEP Student Data, except by your permission or to comply with valid legal requirements such as a law, regulation, search warrant, subpoena or court order.

In addition, if at any time you decide to discontinue your use of the ISTEEP Service, your ISTEEP Student Data will be destroyed and removed from all servers. You will be offered the option of receiving a copy of all such data prior to its destruction.

Data is Retained only for Education Purposes

Student data is retained by iSTEEP only for educational purposes.  Student data is never retained for non-educational purposes.

Educational Use Only

Personal student data is used only for educational purposes.  Student never is never shared or used for commercial, non-educational purposes.

Restrictions on Use

 ISTEEP shall not use the data for any purpose not expressly permitted in this Agreement.  ISTEEP cannot disclose any document, whether in hard copy or electronic form, or otherwise disclose to any third party any student-level data or information in any form whatsoever or under any circumstances which would directly or indirectly make a student’s identity traceable.

Ownership

Any data delivered or transmitted to ISTEEP by your district or the Board (“Board”) and/or obtained or prepared by ISTEEP for the Board shall become the property of the Board, and shall, upon request, be provided or returned by ISTEEP to the Board.

No records, reports, documents, materials or products created or developed under this contract can be distributed free or for profit.

Parental Review/Deletion

The school and/or parents can request deletion/review of student data.

 Security Breach Policy

As used in this Agreement “Security Breach” means any act or omission that compromises either the security, confidentiality or integrity of personally-identifiable student information or the physical, technical, administrative or organizational safeguards put in place by ISTEEP that relate to the protection of the security, confidentiality or integrity of personally-identifiable student information, or receipt of a complaint in relation to the privacy practices of ISTEEP or a breach or alleged breach of this Agreement relating to such privacy practices.

ISTEEP shall take commercially reasonable steps and best efforts, in accordance with industry standards, to prevent security breaches.  ISTEEP shall also take commercially reasonable steps, in accordance with industry standards, to immediately remedy any security breach and prevent any further security breach at ISTEEP’s expense in accordance with standard industry practices and applicable law.

ISTEEP shall:(i) provide the Board with the name and contact information for an employee of ISTEEP who shall serve as the Board’s primary security contact and shall be available to assist the Board as a contact in resolving issues and fulfilling obligations associated with a security breach; (ii) immediately notify the Board via email, SMS text, and telephone once the ISTEEP becomes aware of a security breach.

Immediately following ISTEEP’s notification to the Board of a security breach, ISTEEP and the Board shall coordinate with each other to investigate the security breach. ISTEEP agrees to fully cooperate with Board in their handling of the matter, including, without limitation: (i) assisting with any investigation; (ii) providing physical access to the facilities and operations affected;(iii) facilitating interviews with ISTEEP’s employees and others involved in the matter; and (iv) making available all relevant records, logs, files, data reporting and other materials required to comply with applicable law or industry standards and as otherwise required by the Board  and; (v) providing any notices to persons or organizations affected by the security breach as required by law and as required by the Board.

 

How ISTEEP Protects Your Privacy Internally

ISTEEP wants student and district information to remain as secure as reasonably possible. We combine industry-standard technical safeguards with a code of conduct for thoseemployees that are permitted to access our customers’ business information.

ISTEEP is hosted on servers with enhanced security. These measures include:

  • 24/7/365 Manned Facilities
  • CCTV Security Cameras Covering Inside, Outside and All Entrances of Data Centers
  • Site Entrance Controlled by Electronic Perimeter Access Card System
  • Sites Remotely Monitored by 3rd Party Security Company
  • Entrances Secured by Mantraps with Interlocking Doors
  • SSAE-16 & HIPAA Compliant, Safe Harbor Certified

ISTEEP Student Data will be submitted via SSL encryption and stored on a server equipped with industry standard firewalls. On the employee side, every ISTEEP employee is trained on our privacy and security procedures. Only authorized ISTEEP employees are permittedto access your Business Information or Student Data, and all such employees, agents or independent iSTEEP contractors must agree in writing to abide by our Privacy Statement. Those employees that violate our Privacy Statement are subject to disciplinary action, up to and including termination.

Data Securely Protected

Student data is protected by industry standard security measures.

Personal Data Encrypted

Encryption is used during the transfer of student data over the internet