We are constantly looking to improve our policies. Please contact us at Contact-Us@StoryboardThat.com if you feel we need further clarification, or are missing something.
Although no system is 100% perfect, we have designed our system and taken reasonable precautions and then some to follow these policies to address concerns of FERPA, CCPA, GDPR, and COPPA. We have also signed the Student Privacy Pledge.
Our business model in the education space is to provide an amazing product leveraging the power of digital storytelling to positively improve Critical Thinking, Communication, Collaboration, and Creativity. We sell this product directly to teachers and schools, and all of our marketing efforts are centered on this objective.
We do not market to kids and students, since they are not a target purchaser and as a result we have no need to collect, mine, or advertise to them. We do not show any advertisements within the educational version to students.
In order to provide recommended resources we may look at data a teacher has generated to recommend activities/content to the teacher. An example would be if we detect a teacher is teaching Romeo and Juliet, we might recommend other activities for Shakespeare. This is only internal to Storyboard That, and not based on any student data, and designed specifically for the teachers.
There are some small advertisements on the site to order school-related supplies off of Amazon, Teachers Pay Teachers, or similar websites, but these are targeted towards Adults.
We want to know as little as possible about our student users as we can to protect their privacy. We do not ask for email addresses when signing up in the educational version, nor is there a place to add it later.
User names and display names (friendly human readable name) are shown internally within your educational account and appear in URLs for user created content. If a student has PII in their user name, either an account admin or a member of the Storyboard That staff can delete their account, or change the user name.
Due to the nature of Storyboard That, students every day create absolutely amazing original and creative content. By default all storyboards created under an educational account are private.
At the sole discretion of the account administrator this security can be removed allowing the storyboard to be shared which will expose the user name and display name of a user to the internet. There is a reminder that this should only be done after verifying with your own policies and the security requirements of your students / school.
We know some schools require the ownership of their data per their policies. If you require this please write in and we will mark your data as owned by you
Since we collect minimal PII, we have no way to contact users outside of the admin. We will happily work with a school admin to provide any and all data that is relative to their account. We will also provide any data to any valid legal, regulatory, or judicial request.
We will respond to the best of our abilities to basic customer service inquiries initiated by a student/parent, but we strongly prefer to work directly with the school. Basic inquiries are typically limited to “how do I do X in the storyboard creator?” Requests for more detailed information must come through the school directly.
If a student wishes to transfer their data to a personal account the process is as follows:
A student may also download their data – see (download section)
At any time, any school administrator can delete students and their storyboards off of our systems. We can also delete all of your data upon explicit request. After 4 years (or less at our discretion) of inactivity we will delete student data. If a parent would like their child's data deleted, that request must come through the school to verify authenticity of the request. Due to the interactive and user generated content nature of Storyboard That, user data needs to be retained for the duration of a user wanting their content. Per notes below the data is used for educational purposes, improving the product, and supporting customer support needs. We do not use student data for advertising or marketing
Storyboard That is a very complicated program and uses a number of industry standard backup policies as well as maintaining error and audit logs. After deleting your data there may be historical remnants in backups that due to their snapshot nature cannot be scrubbed. The majority of these systems are automatically deleted on a regular basis, and the remainder are manually deleted on a regular basis as part of our ongoing site maintenance policies.
In the event of a data breach, we will notify school admins within a reasonable time period after we fully understand the impact and can effectively communicate the situation. Since we do not have contact information for students it will be up to the school/admin to notify parents.
We use Microsoft Azure for all of our hosting and as their customer we get world class security – see for full details Azure Security. Among other protections, they provide physical security of our servers.
Answers to Common IT Security Questions
If you are subject to SOPIPA you may write into Contact-Us@StoryboardThat.com to:
New York - We are Ed 2D Compliant
Washington State - We are SUPER Act (Senate Bill 5419) Compliant