FERPA, COPPA and GDRP Compliance

FERPA, COPPA, and GDPR Compliance Statement for Graded.pro
Effective as of 23rd March 2025

Introduction

Graded.pro is dedicated to protecting the privacy and security of our users’ personal information. This statement explains our compliance with the Family Educational Rights and Privacy Act (FERPA), the Children’s Online Privacy Protection Act (COPPA), and the General Data Protection Regulation (GDPR). It should be read alongside our full Privacy Policy, which offers more details on our data-handling practices and security measures.

FERPA Compliance

1. Education Records
   Graded.pro recognises that student records are sensitive and must be protected under FERPA. We only process and store information that is necessary for legitimate educational purposes, such as grading and providing feedback.

2. Access and Control
   We restrict access to student educational records to authorised personnel (e.g., teachers, administrative staff) and utilise robust security measures to ensure these records remain confidential.

3. Legitimate Educational Interests
   Graded.pro collects and processes data exclusively to support the educational objectives of schools and teachers. We do not disclose or use educational records for any unauthorised purpose.

COPPA Compliance

1. Data Collection for Children Under 13
   We abide by COPPA regulations when collecting and processing data belonging to children under 13. Where necessary, we obtain verifiable parental or guardian consent before collecting personal information.

2. Limited Data Use
   Any personal information collected from children is used solely to provide educational services, such as marking and feedback. We do not use children’s data for marketing or advertising purposes.

3. Parental Rights
   Parents or guardians have the right to review, correct, or delete their children’s personal information and can contact us at any time to request changes or additional details about how their children’s data is handled.

GDPR Compliance

1. Lawful Bases for Processing
   Graded.pro processes personal data under lawful bases such as consent and legitimate interest, which may include names, email addresses, and temporary storage of student work for grading.

2. Data Subject Rights
   Individuals in the European Union have specific rights under the GDPR, including:

   • Access: Request copies of personal data.
   • Rectification: Correct or update inaccurate information.
   • Erasure (“Right to be Forgotten”): Request deletion of personal data.
   • Restriction/Objection: Limit or object to certain processing activities.
   • Data Portability: Obtain a transferable copy of personal data for use elsewhere.

   To exercise any of these rights, please contact us using the methods provided on our website.

3. Data Protection Measures
   We employ strong security protocols, including SSL encryption for data in transit, and maintain secure databases to protect personal information. Our processes are validated by CASA Tier 2 certification from TAC Security, underscoring our commitment to high-level data protection.

4. Data Transfers
   Personal data may be transferred outside the European Economic Area (EEA), particularly via our servers hosted by Digital Ocean or through the OpenAI API. All such transfers comply with GDPR requirements to ensure an appropriate level of data protection.

Contact Information

If you have any questions or concerns about how Graded.pro complies with FERPA, COPPA, or GDPR - or if you wish to exercise your data protection rights - please contact us using the details provided on our website. We are committed to addressing any enquiries promptly and transparently.

Amendments to This Statement

We may update this statement from time to time to reflect changes in our practices or in relevant regulations. In the event of significant changes, we will notify users by posting the revised statement on our website. We encourage you to review this document periodically to stay informed about our ongoing commitment to privacy and data protection.