Skip to main content

Privacy Policy

Last updated: February 1, 2026

Introduction

EdLoop, Inc. ("EdLoop," "we," "us," or "our") is committed to protecting the privacy of our users, including students, educators, parents, and district administrators. This Privacy Policy describes how we collect, use, disclose, and safeguard information when you use our platform and services.

EdLoop provides feedback infrastructure for K-12 school districts. We understand the sensitivity of student data and have designed our platform with privacy and compliance as foundational principles, not afterthoughts.

Information We Collect

We collect information in the following categories:

  • Account Information: Name, email address, role, and district affiliation provided during registration or by your district administrator.
  • Student Education Records: Student work samples, feedback data, and learning profiles provided by educators through normal instructional use. This data is classified as education records under FERPA.
  • Usage Data: Information about how you interact with our platform, including pages visited, features used, and session duration. This data is collected in aggregate and is not linked to student education records.
  • Inquiry Data: Information you voluntarily provide when contacting us, such as your name, email, role, and message content.

How We Use Your Information

We use collected information solely to provide and improve our services:

  • To operate and deliver the EdLoop platform, including generating Student Learning Profiles, PLC reports, and family narratives.
  • To communicate with educators and administrators about their accounts, support requests, and product updates.
  • To improve platform performance, reliability, and user experience through aggregated, de-identified analytics.
  • To respond to inquiries and demo requests submitted through our website.

FERPA Compliance

EdLoop operates as a "school official" under FERPA (Family Educational Rights and Privacy Act) when processing student education records on behalf of a school district. We adhere to the following principles:

  • We access student education records only as authorized by the contracting school district and only for the purposes specified in our data processing agreement.
  • We do not use student education records for any purpose other than providing the contracted services to the district.
  • We do not sell, rent, or share student data with third parties for advertising, marketing, or any non-educational purpose.
  • Student data is never used to train machine learning models or AI systems beyond the scope of services provided to the specific district.
  • Parents and eligible students may request access to their education records through their school district, which will coordinate with EdLoop to fulfill such requests.

Data Security

All data is encrypted at rest using AES-256 and in transit using TLS 1.3. Our infrastructure is hosted in SOC 2 Type II certified data centers located exclusively within the United States. We implement role-based access controls, maintain comprehensive audit logs, and conduct regular third-party security assessments. Our incident response procedures include notification to affected districts within 72 hours of discovering a confirmed breach.

Data Retention and Deletion

We retain student education records only for the duration of our agreement with the contracting district. Upon contract termination or at the district's request, we will delete or return all student education records within 60 days and provide written certification of data destruction. Aggregated, de-identified data that cannot be linked to any individual student may be retained for product improvement purposes.

Third-Party Services

EdLoop uses a limited number of third-party services to operate our platform. All sub-processors who may access student data are bound by data processing agreements that meet or exceed our own privacy commitments. A current list of sub-processors is available upon request to contracting districts.

Children's Privacy (COPPA)

EdLoop does not collect personal information directly from children under 13. All student data is provided by educators and district administrators acting in their professional capacity. We comply with the Children's Online Privacy Protection Act (COPPA) through our reliance on school consent mechanisms as permitted under COPPA regulations.

Cookies and Tracking

Our marketing website uses Plausible Analytics, a privacy-first analytics tool that does not use cookies or collect personally identifiable information. Our application platform uses only essential cookies required for authentication and session management. We do not use advertising cookies, tracking pixels, or third-party analytics within the student-facing application.

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify contracting districts of any material changes at least 30 days before they take effect. The updated policy will be posted on this page with a revised "Last updated" date.

Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us at privacy@edloop.com or write to us at: EdLoop, Inc., Privacy Team, PO Box 4521, Austin, TX 78765.