Seesaw and GDPR
On May 25, 2018, the EU General Data Protection Regulation (GDPR) went into effect in all EU Member States. The GDPR strengthens the rights that individuals have regarding personal data relating to them and creates consistent data protection rules across Europe. Seesaw is compliant with GDPR.
OUR PRIVACY PROMISES
Protecting your privacy is fundamental to our mission and business. The following summarize our promises to you.
- We never sell your data or student data.
- We never advertise in Seesaw.
- We don’t own the content you add to Seesaw.
- Student work is private to the classroom by default.
- We use the latest security industry best practices to protect you.
- We are transparent about our practices and will notify you if things change.
- We are compliant with FERPA, COPPA, and GDPR.
You can read more about our Privacy Principles and our commitment to privacy here.
DATA PROTECTION COMMITMENTS
- All employees undergo a background check before beginning employment at Seesaw, sign a nondisclosure agreement, and immediately lose access to all internal systems and data when terminated. No customer information is stored on individual employee computers.
- All employees receive regular GDPR-focused security training.
- All of our contracts with third-party vendors are compliant with GDPR.
- Seesaw has a designated Data Protection Officer.
WHO ARE SEESAW'S SUBPROCESSORS?
Seesaw uses a handful of third-party subprocessors - other companies that provide software services that help us do business. See a full list of our subprocessors here.
HOW DOES SEESAW KEEP STUDENT DATA SAFE?
Seesaw takes protecting your security and privacy seriously and we've put a number of measures in place to protect the integrity of your information, including:
- Use of highly secure, access-controlled data centers
- Routine third-party security audits
- Data encryption in transit
- Encryption of Journal Content at rest
For more information, please read this article.
HOW TO VIEW, CORRECT, EDIT, PORT, OR UPDATE YOUR PERSONAL INFORMATION
We have a number of tools and options in place today to protect the integrity of teachers, students and parents’ information globally. These tools for control and transparency address the goals of the GDPR.
- If you are a parent or teacher, you can update the information associated with your Seesaw account directly by logging into your Seesaw account and viewing the Account Settings tab on your profile.
- If you are a parent and want to correct, edit, download, or update information about a student, please work directly with your teacher or school, or you can contact us at firstname.lastname@example.org.
- Students can export their journals at any time from their Seesaw account.
HOW TO DELETE YOUR SEESAW ACCOUNT
If you would like to delete your Seesaw account or any content submitted to Seesaw, please send an email to email@example.com. If you request that your account or any content submitted to Seesaw be deleted, Seesaw may still retain information for up to 60 days to provide customer support and prevent accidental deletion.
DOES THE GDPR REQUIRE STORAGE OF PERSONAL DATA IN THE EU?
No, the GDPR does not require storage of personal data in the EU. The GDPR does have specific requirements regarding the transfer of data out of the EU and Seesaw complies with those requirements.
Seesaw participates in the EU-US Privacy Shield, an agreement that allows for the transfer of data outside of the EU and meets the GDPR requirements for an adequate level of protection.
WHAT ARE YOUR RESPONSIBILITIES AS A TEACHER OR SCHOOL?
Under GDPR you need to get parental consent to process personal data for children under the age of 16. Since we don't always have a direct relationship with parents, we ask that teachers and schools do this either as part of a school wide consent that includes Seesaw, or through this sample consent form.