Duration of Agreement and Protected Data Upon Termination or Expiration. The Master Agreement commences on July 1, 2020 and expires on termination of agreement. • Upon expiration of the Master Agreement without renewal, or upon termination of the Master Agreement prior to its expiration, Vendor will securely delete or otherwise destroy any and all Protected Data remaining in the possession of Vendor or any of its subcontractors or other authorized persons or entities to whom it has disclosed Protected Data. If requested by the District, Vendor will 2 Each educational agency, including a school district, is required to publish a “Xxxx of Rights for Data Security and Privacy” on its website. See, Education Law Section 2-d(3)(a) and Part 121.3(a). The Xxxx of Rights [that is posted on a district’s website] must also include “supplemental information” for each contract that the school district enters into with a third-party contractor where the third-party contractor receives student data or teacher or principal data [protected by Education Law Section 2-d]. See, Education Law Section 2-d(3)(c) and Part 121.3(c). Nothing in Education Law Section 2-d or Part 121 requires an educational agency to post its third-party contracts on its website in their entirety. In addition, nothing in Education Law Section 2-d or Part 121 requires an educational agency to include the “supplemental information” about each contract, within the contract itself. However, many school districts and other educational agencies have considered it a best practice to include most or all of the required elements of “supplemental information” within each applicable contract, and have complied with the obligation to include the “supplemental information” for each applicable contract with their Xxxx of Rights, by posting the text from this page of this Exhibit from each applicable contract (or a link to this text) on their website in proximity to their Xxxx of Rights. assist the District in exporting all Protected Data previously received back to the District for its own use, prior to deletion, in such formats as may be requested by the District. • In the event the Master Agreement is assigned to a successor Vendor (to the extent authorized by the Master Agreement), the Vendor will cooperate with the District as necessary to transition Protected Data to the successor Vendor prior to deletion. • Neither Vendor nor any of its subcontractors or other authorized persons or entities to whom it has disclosed Protected Data will retain any Protected Data, copies, summaries or extracts of the Protected Data, or any de-identified Protected Data, on any storage medium whatsoever. Upon request, Vendor and/or its subcontractors or other authorized persons or entities to whom it has disclosed Protected Data, as applicable, will provide the District with a certification from an appropriate officer that these requirements have been satisfied in full. Challenging Accuracy of Protected Data: Parents or eligible students can challenge the accuracy of any Protected Data provided by the District to Vendor, by contacting the District regarding procedures for requesting amendment of education records under the Family Educational Rights and Privacy Act (FERPA). Teachers or principals may request to challenge the accuracy of APPR data provided to Vendor by following the appeal process in the District’s applicable APPR Plan. Data Storage and Security Protections: Any Protected Data that Vendor receives will be stored on systems maintained by Vendor, or by a subcontractor under the direct control of Vendor, in a secure data center facility located within the United States. The measures that Vendor (and, if applicable, its subcontractors) will take to protect Protected Data include adoption of technologies, safeguards and practices that align with the NIST Cybersecurity Framework, and safeguards associated with industry standards and best practices including, but not limited to, disk encryption, file encryption, firewalls, and password protection. Encryption of Protected Data: Vendor (and, if applicable, its subcontractors) will protect Protected Data in its custody from unauthorized disclosure while in motion or at rest, using a technology or methodology that complies with Section 2-d of the New York Education Law. BY THE VENDOR: Xxxxx Xxxxxx Name (Print) Signature Title Date Senior Manger, Sales
Appears in 1 contract
Duration of Agreement and Protected Data Upon Termination or Expiration. The Master Agreement commences on July 1, 2020 7/1/22 and expires on termination of agreement6/30/23. • Upon expiration of the Master Agreement without renewal, or upon termination of the Master Agreement prior to its expiration, Vendor will securely delete or otherwise destroy any and all Protected Data remaining in the possession of Vendor or any of its subcontractors or other authorized persons or entities to whom it has disclosed Protected Data. If requested by the District, Vendor will 2 Each educational agency, including a school district, is required to publish a “Xxxx Bill of Rights for Data Security and Privacy” on its website. See, Education Law Section 2-d(3)(a) and Part 121.3(a). The Xxxx Bill of Rights [that is posted on a district’s website] must also include “supplemental information” for each contract that the school district enters into with a third-party contractor where the third-party contractor receives student data or teacher or principal data [protected by Education Law Section 2-d]. See, Education Law Section 2-d(3)(c) and Part 121.3(c). Nothing in Education Law Section 2-d or Part 121 requires an educational agency to post its third-party contracts on its website in their entirety. In addition, nothing in Education Law Section 2-d or Part 121 requires an educational agency to include the “supplemental information” about each contract, within the contract itself. However, many school districts and other educational agencies have considered it a best practice to include most or all of the required elements of “supplemental information” within each applicable contract, and have complied with the obligation to include the “supplemental information” for each applicable contract with their Xxxx Bill of Rights, by posting the text from this page of this Exhibit from each applicable contract (or a link to this text) on their website in proximity to their Xxxx Bill of Rights. assist the District in exporting all Protected Data previously received back to the District for its own use, prior to deletion, in such formats as may be requested by the District. • In the event the Master Agreement is assigned to a successor Vendor (to the extent authorized by the Master Agreement), the Vendor will cooperate with the District as necessary to transition Protected Data to the successor Vendor prior to deletion. • Neither Vendor nor any of its subcontractors or other authorized persons or entities to whom it has disclosed Protected Data will retain any Protected Data, copies, summaries or extracts of the Protected Data, or any de-identified Protected Data, on any storage medium whatsoever. Upon request, Vendor and/or its subcontractors or other authorized persons or entities to whom it has disclosed Protected Data, as applicable, will provide the District with a certification from an appropriate officer that these requirements have been satisfied in full. Challenging Accuracy of Protected Data: Parents or eligible students can challenge the accuracy of any Protected Data provided by the District to Vendor, by contacting the District regarding procedures for requesting amendment of education records under the Family Educational Rights and Privacy Act (FERPA). Teachers or principals may request to challenge the accuracy of APPR data provided to Vendor by following the appeal process in the District’s applicable APPR Plan. Data Storage and Security Protections: Any Protected Data that Vendor receives will be stored on systems maintained by Vendor, or by a subcontractor under the direct control of Vendor, in a secure data center facility located within the United States. The measures that Vendor (and, if applicable, its subcontractors) will take to protect Protected Data include adoption of technologies, safeguards and practices that align with the NIST Cybersecurity Framework, and safeguards associated with industry standards and best practices including, but not limited to, disk encryption, file encryption, firewalls, and password protection. Encryption of Protected Data: Vendor (and, if applicable, its subcontractors) will protect Protected Data in its custody from unauthorized disclosure while in motion or at rest, using a technology or methodology that complies with Section 2-d of the New York Education Law. BY THE VENDOR: Xxxxx Xxxxxx Xxxxx Name (Print) Signature Sales Operations Manager Title Date Senior Manger, Sales7/11/2022
Appears in 1 contract
Duration of Agreement and Protected Data Upon Termination or Expiration. The Master Agreement commences on July 1, 2020 2021 and expires on termination of agreementJune 30, 2022. • Upon expiration of the Master Agreement without renewal, or upon termination of the Master Agreement prior to its expiration, Vendor will securely delete or otherwise destroy any and all Protected Data remaining in the possession of Vendor or any of its subcontractors or other authorized persons or entities to whom it has disclosed Protected Data. If requested by the District, Vendor will 2 Each educational agency, including a school district, is required to publish a “Xxxx Bill of Rights for Data Security and Privacy” on its website. See, Education Law Section 2-d(3)(a) and Part 121.3(a). The Xxxx Bill of Rights [that is posted on a district’s website] must also include “supplemental information” for each contract that the school district enters into with a third-party contractor where the third-party contractor receives student data or teacher or principal data [protected by Education Law Section 2-d]. See, Education Law Section 2-d(3)(c) and Part 121.3(c). Nothing in Education Law Section 2-d or Part 121 requires an educational agency to post its third-party contracts on its website in their entirety. In addition, nothing in Education Law Section 2-d or Part 121 requires an educational agency to include the “supplemental information” about each contract, within the contract itself. However, many school districts and other educational agencies have considered it a best practice to include most or all of the required elements of “supplemental information” within each applicable contract, and have complied with the obligation to include the “supplemental information” for each applicable contract with their Xxxx Bill of Rights, by posting the text from this page of this Exhibit from each applicable contract (or a link to this text) on their website in proximity to their Xxxx Bill of Rights. assist the District in exporting all Protected Data previously received back to the District for its own use, prior to deletion, in such formats as may be requested by the District. • In the event the Master Agreement is assigned to a successor Vendor (to the extent authorized by the Master Agreement), the Vendor will cooperate with the District as necessary to transition Protected Data to the successor Vendor prior to deletion. • Neither Vendor nor any of its subcontractors or other authorized persons or entities to whom it has disclosed Protected Data will retain any Protected Data, copies, summaries or extracts of the Protected Data, or any de-identified Protected Data, on any storage medium whatsoever. Upon request, Vendor and/or its subcontractors or other authorized persons or entities to whom it has disclosed Protected Data, as applicable, will provide the District with a certification from an appropriate officer that these requirements have been satisfied in full. Challenging Accuracy of Protected Data: Parents or eligible students can challenge the accuracy of any Protected Data provided by the District to Vendor, by contacting the District regarding procedures for requesting amendment of education records under the Family Educational Rights and Privacy Act (FERPA). Teachers or principals may request to challenge the accuracy of APPR data provided to Vendor by following the appeal process in the District’s applicable APPR Plan. Data Storage and Security Protections: Any Protected Data that Vendor receives will be stored on systems maintained by Vendor, or by a subcontractor under the direct control of Vendor, in a secure data center facility located within the United States. The measures that Vendor (and, if applicable, its subcontractors) will take to protect Protected Data include adoption of technologies, safeguards and practices that align with the NIST Cybersecurity Framework, and safeguards associated with industry standards and best practices including, but not limited to, disk encryption, file encryption, firewalls, and password protection. Encryption of Protected Data: Vendor (and, if applicable, its subcontractors) will protect Protected Data in its custody from unauthorized disclosure while in motion or at rest, using a technology or methodology that complies with Section 2-d of the New York Education Law. BY THE VENDOR: Xxxx X. Xxxxx Xxxxxx Name (Print) Signature CFO Title Date Senior Manger, Sales08/11/2021
Appears in 1 contract
Duration of Agreement and Protected Data Upon Termination or Expiration. The Master Agreement commences on July 1, 2020 August 2021 and expires on termination of agreementJuly 2022. • Upon expiration of the Master Agreement without renewal, or upon termination of the Master Agreement prior to its expiration, Vendor will securely delete or otherwise destroy any and all Protected Data remaining in the possession of Vendor or any of its subcontractors or other authorized persons or entities to whom it has disclosed Protected Data. If requested by the District, Vendor will 2 Each educational agency, including a school district, is required to publish a “Xxxx Bill of Rights for Data Security and Privacy” on its website. See, Education Law Section 2-d(3)(a) and Part 121.3(a). The Xxxx Bill of Rights [that is posted on a district’s website] must also include “supplemental information” for each contract that the school district enters into with a third-party contractor where the third-party contractor receives student data or teacher or principal data [protected by Education Law Section 2-d]. See, Education Law Section 2-d(3)(c) and Part 121.3(c). Nothing in Education Law Section 2-d or Part 121 requires an educational agency to post its third-party contracts on its website in their entirety. In addition, nothing in Education Law Section 2-d or Part 121 requires an educational agency to include the “supplemental information” about each contract, within the contract itself. However, many school districts and other educational agencies have considered it a best practice to include most or all of the required elements of “supplemental information” within each applicable contract, and have complied with the obligation to include the “supplemental information” for each applicable contract with their Xxxx Bill of Rights, by posting the text from this page of this Exhibit from each applicable contract (or a link to this text) on their website in proximity to their Xxxx Bill of Rights. assist the District in exporting all Protected Data previously received back to the District for its own use, prior to deletion, in such formats as may be requested by the District. • In the event the Master Agreement is assigned to a successor Vendor (to the extent authorized by the Master Agreement), the Vendor will cooperate with the District as necessary to transition Protected Data to the successor Vendor prior to deletion. • Neither Vendor nor any of its subcontractors or other authorized persons or entities to whom it has disclosed Protected Data will retain any Protected Data, copies, summaries or extracts of the Protected Data, or any de-identified Protected Data, on any storage medium whatsoever. Upon request, Vendor and/or its subcontractors or other authorized persons or entities to whom it has disclosed Protected Data, as applicable, will provide the District with a certification from an appropriate officer that these requirements have been satisfied in full. Challenging Accuracy of Protected Data: Parents or eligible students can challenge the accuracy of any Protected Data provided by the District to Vendor, by contacting the District regarding procedures for requesting amendment of education records under the Family Educational Rights and Privacy Act (FERPA). Teachers or principals may request to challenge the accuracy of APPR data provided to Vendor by following the appeal process in the District’s applicable APPR Plan. Data Storage and Security Protections: Any Protected Data that Vendor receives will be stored on systems maintained by Vendor, or by a subcontractor under the direct control of Vendor, in a secure data center facility located within the United States. The measures that Vendor (and, if applicable, its subcontractors) will take to protect Protected Data include adoption of technologies, safeguards and practices that align with the NIST Cybersecurity Framework, and safeguards associated with industry standards and best practices including, but not limited to, disk encryption, file encryption, firewalls, and password protection. Encryption of Protected Data: Vendor (and, if applicable, its subcontractors) will protect Protected Data in its custody from unauthorized disclosure while in motion or at rest, using a technology or methodology that complies with Section 2-d of the New York Education Law. BY THE VENDOR: Xxxxx Xxxxxx Pivot Interactives SBC Xxxx Xxxx Name (Print) Signature Title Date Senior Manger, Sales_Chief Science Officer Title
Appears in 1 contract
Duration of Agreement and Protected Data Upon Termination or Expiration. � The Master Agreement commences on July 1, 2020 07/01/2020 and expires on termination Termination of agreementAgreement. • � Upon expiration of the Master Agreement without renewal, or upon termination of the Master Agreement prior to its expiration, Vendor will securely delete or otherwise destroy any and all Protected Data remaining in the possession of Vendor or any of its subcontractors or other authorized persons or entities to whom it has disclosed Protected Data. If requested by the District, Vendor will 2 Each educational agency, including a school district, is required to publish a “Xxxx of Rights for Data Security and Privacy” on its website. See, Education Law Section 2-d(3)(a) and Part 121.3(a). The Xxxx of Rights [that is posted on a district’s website] must also include “supplemental information” for each contract that the school district enters into with a third-party contractor where the third-party contractor receives student data or teacher or principal data [protected by Education Law Section 2-d]. See, Education Law Section 2-d(3)(c) and Part 121.3(c). Nothing in Education Law Section 2-d or Part 121 requires an educational agency to post its third-party contracts on its website in their entirety. In addition, nothing in Education Law Section 2-d or Part 121 requires an educational agency to include the “supplemental information” about each contract, within the contract itself. However, many school districts and other educational agencies have considered it a best practice to include most or all of the required elements of “supplemental information” within each applicable contract, and have complied with the obligation to include the “supplemental information” for each applicable contract with their Xxxx of Rights, by posting the text from this page of this Exhibit from each applicable contract (or a link to this text) on their website in proximity to their Xxxx of Rights. assist the District in exporting all Protected Data previously received back to the District for its own use, prior to deletion, in such formats as may be requested by the District. • � In the event the Master Agreement is assigned to a successor Vendor (to the extent authorized by the Master Agreement), the Vendor will cooperate with the District as necessary to transition Protected Data to the successor Vendor prior to deletion. • � Neither Vendor nor any of its subcontractors or other authorized persons or entities to whom it has disclosed Protected Data will retain any Protected Data, copies, summaries or extracts of the Protected Data, or any de-identified Protected Data, on any storage medium whatsoever. Upon request, Vendor and/or its subcontractors or other authorized persons or entities to whom it has disclosed Protected Data, as applicable, will provide the District with a certification from an appropriate officer that these requirements have been satisfied in full. Challenging Accuracy of Protected Data: Parents or eligible students can challenge the accuracy of any Protected Data provided by the District to Vendor, by contacting the District regarding procedures for requesting amendment of education records under the Family Educational Rights and Privacy Act (FERPA). Teachers or principals may request to challenge the accuracy of APPR data provided to Vendor by following the appeal process in the District’s applicable APPR Plan. Data Storage and Security Protections: Any Protected Data that Vendor receives will be stored on systems maintained by Vendor, or by a subcontractor under the direct control of Vendor, in a secure data center facility located within the United States. The measures that Vendor (and, if applicable, its subcontractors) will take to protect Protected Data include adoption of technologies, safeguards and practices that align with the NIST Cybersecurity Framework, and safeguards associated with industry standards and best practices including, but not limited to, disk encryption, file encryption, firewalls, and password protection. Encryption of Protected Data: Vendor (and, if applicable, its subcontractors) will protect Protected Data in its custody from unauthorized disclosure while in motion or at rest, using a technology or methodology that complies with Section 2-d of the New York Education Law. BY THE VENDOR: Xxxxx Xxxxxx Ma_rk L_._H_am_mons Signature Name (Print) Signature VP Operations Title Date Senior Manger, Sales12 / 03 / 2020
Appears in 1 contract
Duration of Agreement and Protected Data Upon Termination or Expiration. The Master Agreement commences on July 1, 2020 2021 and expires on termination of agreementJune 30, 2022. • Upon expiration of the Master Agreement without renewal, or upon termination of the Master Agreement prior to its expiration, Vendor will securely delete or otherwise destroy any and all Protected Data remaining in the possession of Vendor or any of its subcontractors or other authorized persons or entities to whom it has disclosed Protected Data. If requested by the District, Vendor will 2 Each educational agency, including a school district, is required to publish a “Xxxx Bill of Rights for Data Security and Privacy” on its website. See, Education Law Section 2-d(3)(a) and Part 121.3(a). The Xxxx Bill of Rights [that is posted on a district’s website] must also include “supplemental information” for each contract that the school district enters into with a third-party contractor where the third-party contractor receives student data or teacher or principal data [protected by Education Law Section 2-d]. See, Education Law Section 2-d(3)(c) and Part 121.3(c). Nothing in Education Law Section 2-d or Part 121 requires an educational agency to post its third-party contracts on its website in their entirety. In addition, nothing in Education Law Section 2-d or Part 121 requires an educational agency to include the “supplemental information” about each contract, within the contract itself. However, many school districts and other educational agencies have considered it a best practice to include most or all of the required elements of “supplemental information” within each applicable contract, and have complied with the obligation to include the “supplemental information” for each applicable contract with their Xxxx Bill of Rights, by posting the text from this page of this Exhibit from each applicable contract (or a link to this text) on their website in proximity to their Xxxx Bill of Rights. assist the District in exporting all Protected Data previously received back to the District for its own use, prior to deletion, in such formats as may be requested by the District. • In the event the Master Agreement is assigned to a successor Vendor (to the extent authorized by the Master Agreement), the Vendor will cooperate with the District as necessary to transition Protected Data to the successor Vendor prior to deletion. • Neither Vendor nor any of its subcontractors or other authorized persons or entities to whom it has disclosed Protected Data will retain any Protected Data, copies, summaries or extracts of the Protected Data, or any de-identified Protected Data, on any storage medium whatsoever. Upon request, Vendor and/or its subcontractors or other authorized persons or entities to whom it has disclosed Protected Data, as applicable, will provide the District with a certification from an appropriate officer that these requirements have been satisfied in full. Challenging Accuracy of Protected Data: Parents or eligible students can challenge the accuracy of any Protected Data provided by the District to Vendor, by contacting the District regarding procedures for requesting amendment of education records under the Family Educational Rights and Privacy Act (FERPA). Teachers or principals may request to challenge the accuracy of APPR data provided to Vendor by following the appeal process in the District’s applicable APPR Plan. Data Storage and Security Protections: Any Protected Data that Vendor receives will be stored on systems maintained by Vendor, or by a subcontractor under the direct control of Vendor, in a secure data center facility located within the United States. The measures that Vendor (and, if applicable, its subcontractors) will take to protect Protected Data include adoption of technologies, safeguards and practices that align with the NIST Cybersecurity Framework, and safeguards associated with industry standards and best practices including, but not limited to, disk encryption, file encryption, firewalls, and password protection. Encryption of Protected Data: Vendor (and, if applicable, its subcontractors) will protect Protected Data in its custody from unauthorized disclosure while in motion or at rest, using a technology or methodology that complies with Section 2-d of the New York Education Law. BY THE VENDOR: Xxxxx Xxxxxx Xxxxxxx Name (Print) Signature COO Title Date Senior Manger, Sales9/3/2021
Appears in 1 contract
Duration of Agreement and Protected Data Upon Termination or Expiration. The Master Agreement commences on July 1Feb. 9, 2020 2022 and expires on termination of agreementJune 30, 2027. • Upon expiration of the Master Agreement without renewal, or upon termination of the Master Agreement prior to its expiration, Vendor will securely delete or otherwise destroy any and all Protected Data remaining in the possession of Vendor or any of its subcontractors or other authorized persons or entities to whom it has disclosed Protected Data. If requested by the District, Vendor will 2 Each educational agency, including a school district, is required to publish a “Xxxx Bill of Rights for Data Security and Privacy” on its website. See, Education Law Section 2-d(3)(a) and Part 121.3(a). The Xxxx Bill of Rights [that is posted on a district’s website] must also include “supplemental information” for each contract that the school district enters into with a third-party contractor where the third-party contractor receives student data or teacher or principal data [protected by Education Law Section 2-d]. See, Education Law Section 2-d(3)(c) and Part 121.3(c). Nothing in Education Law Section 2-d or Part 121 requires an educational agency to post its third-party contracts on its website in their entirety. In addition, nothing in Education Law Section 2-d or Part 121 requires an educational agency to include the “supplemental information” about each contract, within the contract itself. However, many school districts and other educational agencies have considered it a best practice to include most or all of the required elements of “supplemental information” within each applicable contract, and have complied with the obligation to include the “supplemental information” for each applicable contract with their Xxxx Bill of Rights, by posting the text from this page of this Exhibit from each applicable contract (or a link to this text) on their website in proximity to their Xxxx Bill of Rights. • Upon expiration of the Master Agreement without renewal, or upon termination of the Master Agreement prior to its expiration, Vendor will securely delete or otherwise destroy any and all Protected Data remaining in the possession of Vendor or any of its subcontractors or other authorized persons or entities to whom it has disclosed Protected Data. If requested by the District, Vendor will assist the District in exporting all Protected Data previously received back to the District for its own use, prior to deletion, in such formats as may be requested by the District. • In the event the Master Agreement is assigned to a successor Vendor (to the extent authorized by the Master Agreement), the Vendor will cooperate with the District as necessary to transition Protected Data to the successor Vendor prior to deletion. • Neither Vendor nor any of its subcontractors or other authorized persons or entities to whom it has disclosed Protected Data will retain any Protected Data, copies, summaries or extracts of the Protected Data, or any de-identified Protected Data, on any storage medium whatsoever. Upon request, Vendor and/or its subcontractors or other authorized persons or entities to whom it has disclosed Protected Data, as applicable, will provide the District with a certification from an appropriate officer that these requirements have been satisfied in full. Challenging Accuracy of Protected Data: Parents or eligible students can challenge the accuracy of any Protected Data provided by the District to Vendor, by contacting the District regarding procedures for requesting amendment of education records under the Family Educational Rights and Privacy Act (FERPA). Teachers or principals may request to challenge the accuracy of APPR data provided to Vendor by following the appeal process in the District’s applicable APPR Plan. Data Storage and Security Protections: Any Protected Data that Vendor receives will be stored on systems maintained by Vendor, or by a subcontractor under the direct control of Vendor, in a secure data center facility located within the United StatesCanada. The measures that Vendor (and, if applicable, its subcontractors) will take to protect Protected Data include adoption of technologies, safeguards and practices that align with the NIST Cybersecurity Framework, and safeguards associated with industry standards and best practices including, but not limited to, disk encryption, file encryption, firewalls, and password protection. Encryption of Protected Data: Vendor (and, if applicable, its subcontractors) will protect Protected Data in its custody from unauthorized disclosure while in motion or at rest, using a technology or methodology that complies with Section 2-d of the New York Education Law. BY THE VENDOR: Xxxxx Xxxxxx Name (Print) Signature Title Date Senior Manger, Sales.
Appears in 1 contract
Duration of Agreement and Protected Data Upon Termination or Expiration. The Master Agreement commences on July [November 1, 2020 2020] and expires on termination of agreement[August 1, 2021]. • Upon expiration of the Master Agreement without renewal, or upon termination of the Master Agreement prior to its expiration, Vendor will securely delete or otherwise destroy any and all Protected Data remaining in the possession of Vendor or any of its subcontractors or other authorized persons or entities to whom it has disclosed Protected Data. If requested by the District, Vendor will 2 Each educational agency, including a school district, is required to publish a “Xxxx of Rights for Data Security and Privacy” on its website. See, Education Law Section 2-d(3)(a) and Part 121.3(a). The Xxxx of Rights [that is posted on a district’s website] must also include “supplemental information” for each contract that the school district enters into with a third-party contractor where the third-party contractor receives student data or teacher or principal data [protected by Education Law Section 2-d]. See, Education Law Section 2-d(3)(c) and Part 121.3(c). Nothing in Education Law Section 2-d or Part 121 requires an educational agency to post its third-party contracts on its website in their entirety. In addition, nothing in Education Law Section 2-d or Part 121 requires an educational agency to include the “supplemental information” about each contract, within the contract itself. However, many school districts and other educational agencies have considered it a best practice to include most or all of the required elements of “supplemental information” within each applicable contract, and have complied with the obligation to include the “supplemental information” for each applicable contract with their Xxxx of Rights, by posting the text from this page of this Exhibit from each applicable contract (or a link to this text) on their website in proximity to their Xxxx of Rights. assist the District in exporting all Protected Data previously received back to the District for its own use, prior to deletion, in such formats as may be requested by the District. • In the event the Master Agreement is assigned to a successor Vendor (to the extent authorized by the Master Agreement), the Vendor will cooperate with the District as necessary to transition Protected Data to the successor Vendor prior to deletion. • Neither Vendor nor any of its subcontractors or other authorized persons or entities to whom it has disclosed Protected Data will retain any Protected Data, copies, summaries or extracts of the Protected Data, or any de-identified Protected Data, on any storage medium whatsoever. Upon request, Vendor and/or its subcontractors or other authorized persons or entities to whom it has disclosed Protected Data, as applicable, will provide the District with a certification from an appropriate officer that these requirements have been satisfied in full. Challenging Accuracy of Protected Data: Parents or eligible students can challenge the accuracy of any Protected Data provided by the District to Vendor, by contacting the District regarding procedures for requesting amendment of education records under the Family Educational Rights and Privacy Act (FERPA). Teachers or principals may request to challenge the accuracy of APPR data provided to Vendor by following the appeal process in the District’s applicable APPR Plan. Data Storage and Security Protections: Any Protected Data that Vendor receives will be stored on systems maintained by Vendor, or by a subcontractor under the direct control of Vendor, in a secure data center facility located within the United States. The measures that Vendor (and, if applicable, its subcontractors) will take to protect Protected Data include adoption of technologies, safeguards and practices that align with the NIST Cybersecurity Framework, and safeguards associated with industry standards and best practices including, but not limited to, disk encryption, file encryption, firewalls, and password protection. Encryption of Protected Data: Vendor (and, if applicable, its subcontractors) will protect Protected Data in its custody from unauthorized disclosure while in motion or at rest, using a technology or methodology that complies with Section 2-d of the New York Education Law. BY THE VENDOR: Xxxx Xxxxx Xxxxxx Name (Print) Signature Senior Sales Manager Title Date Senior MangerOctober 23, Sales2020
Appears in 1 contract
Duration of Agreement and Protected Data Upon Termination or Expiration. The Master Agreement commences on July September 1, 2020 2021 and expires on termination of agreementJune 30, 2023. • Upon expiration of the Master Agreement without renewal, or upon termination of the Master Agreement prior to its expiration, Vendor will securely delete or otherwise destroy any and all Protected Data remaining in the possession of Vendor or any of its subcontractors or other authorized persons or entities to whom it has disclosed Protected Data. If requested by the District, Vendor will assist the District in exporting all Protected Data previously received back to the District for its own use, prior to deletion, in such formats as may be requested by the District. • In the event the Master Agreement is assigned to a successor Vendor (to the extent authorized by the Master Agreement), the Vendor will cooperate with the District as necessary to transition Protected Data to the successor Vendor prior to deletion. 2 Each educational agency, including a school district, is required to publish a “Xxxx Bill of Rights for Data Security and Privacy” on its website. See, Education Law Section 2-d(3)(a) and Part 121.3(a). The Xxxx Bill of Rights [that is posted on a district’s website] must also include “supplemental information” for each contract that the school district enters into with a third-party contractor where the third-party contractor receives student data or teacher or principal data [protected by Education Law Section 2-d]. See, Education Law Section 2-d(3)(c) and Part 121.3(c). Nothing in Education Law Section 2-d or Part 121 requires an educational agency to post its third-party contracts on its website in their entirety. In addition, nothing in Education Law Section 2-d or Part 121 requires an educational agency to include the “supplemental information” about each contract, within the contract itself. However, many school districts and other educational agencies have considered it a best practice to include most or all of the required elements of “supplemental information” within each applicable contract, and have complied with the obligation to include the “supplemental information” for each applicable contract with their Xxxx Bill of Rights, by posting the text from this page of this Exhibit from each applicable contract (or a link to this text) on their website in proximity to their Xxxx Bill of Rights. assist the District in exporting all Protected Data previously received back to the District for its own use, prior to deletion, in such formats as may be requested by the District. • In the event the Master Agreement is assigned to a successor Vendor (to the extent authorized by the Master Agreement), the Vendor will cooperate with the District as necessary to transition Protected Data to the successor Vendor prior to deletion. • Neither Vendor nor any of its subcontractors or other authorized persons or entities to whom it has disclosed Protected Data will retain any Protected Data, copies, summaries or extracts of the Protected Data, or any de-identified Protected Data, on any storage medium whatsoever. Upon request, Vendor and/or its subcontractors or other authorized persons or entities to whom it has disclosed Protected Data, as applicable, will provide the District with a certification from an appropriate officer that these requirements have been satisfied in full. Challenging Accuracy of Protected Data: Parents or eligible students can challenge the accuracy of any Protected Data provided by the District to Vendor, by contacting the District regarding procedures for requesting amendment of education records under the Family Educational Rights and Privacy Act (FERPA). Teachers or principals may request to challenge the accuracy of APPR data provided to Vendor by following the appeal process in the District’s applicable APPR Plan. Data Storage and Security Protections: Any Protected Data that Vendor receives will be stored on systems maintained by Vendor, or by a subcontractor under the direct control of Vendor, in a secure data center facility located within the United States. The measures that Vendor (and, if applicable, its subcontractors) will take to protect Protected Data include adoption of technologies, safeguards and practices that align with the NIST Cybersecurity Framework, and safeguards associated with industry standards and best practices including, but not limited to, disk encryption, file encryption, firewalls, and password protection. Encryption of Protected Data: Vendor (and, if applicable, its subcontractors) will protect Protected Data in its custody from unauthorized disclosure while in motion or at rest, using a technology or methodology that complies with Section 2-d of the New York Education Law. BY THE VENDOR: Xxxxxxx Xxxxx Xxxxxx Name (Print) Signature VP, Frame Title Date Senior Manger, SalesDate
Appears in 1 contract
Samples: dpitfilestore.s3.amazonaws.com
Duration of Agreement and Protected Data Upon Termination or Expiration. The Master Agreement commences on July 1September, 2020 2021 and expires on termination expiration of agreementlicense. • Upon expiration of the Master Agreement without renewal, or upon termination of the Master Agreement prior to its expiration, Vendor will securely delete or otherwise destroy any and all Protected Data remaining in the possession of Vendor or any of its subcontractors or other authorized persons or entities to whom it has disclosed Protected Data. If requested by the District, Vendor will 2 Each educational agency, including a school district, is required to publish a “Xxxx Bill of Rights for Data Security and Privacy” on its website. See, Education Law Section 2-d(3)(a) and Part 121.3(a). The Xxxx Bill of Rights [that is posted on a district’s website] must also include “supplemental information” for each contract that the school district enters into with a third-party contractor where the third-party contractor receives student data or teacher or principal data [protected by Education Law Section 2-d]. See, Education Law Section 2-d(3)(c) and Part 121.3(c). Nothing in Education Law Section 2-d or Part 121 requires an educational agency to post its third-party contracts on its website in their entirety. In addition, nothing in Education Law Section 2-d or Part 121 requires an educational agency to include the “supplemental information” about each contract, within the contract itself. However, many school districts and other educational agencies have considered it a best practice to include most or all of the required elements of “supplemental information” within each applicable contract, and have complied with the obligation to include the “supplemental information” for each applicable contract with their Xxxx Bill of Rights, by posting the text from this page of this Exhibit from each applicable contract (or a link to this text) on their website in proximity to their Xxxx Bill of Rights. assist the District in exporting all Protected Data previously received back to the District for its own use, prior to deletion, in such formats as may be requested by the District. • In the event the Master Agreement is assigned to a successor Vendor (to the extent authorized by the Master Agreement), the Vendor will cooperate with the District as necessary to transition Protected Data to the successor Vendor prior to deletion. • Neither Vendor nor any of its subcontractors or other authorized persons or entities to whom it has disclosed Protected Data will retain any Protected Data, copies, summaries or extracts of the Protected Data, or any de-identified Protected Data, on any storage medium whatsoever. Upon request, Vendor and/or its subcontractors or other authorized persons or entities to whom it has disclosed Protected Data, as applicable, will provide the District with a certification from an appropriate officer that these requirements have been satisfied in full. Challenging Accuracy of Protected Data: Parents or eligible students can challenge the accuracy of any Protected Data provided by the District to Vendor, by contacting the District regarding procedures for requesting amendment of education records under the Family Educational Rights and Privacy Act (FERPA). Teachers or principals may request to challenge the accuracy of APPR data provided to Vendor by following the appeal process in the District’s applicable APPR Plan. Data Storage and Security Protections: Any Protected Data that Vendor receives will be stored on systems maintained by Vendor, or by a subcontractor under the direct control of Vendor, in a secure data center facility located within the United States. The measures that Vendor (and, if applicable, its subcontractors) will take to protect Protected Data include adoption of technologies, safeguards and practices that align with the NIST Cybersecurity Framework, and safeguards associated with industry standards and best practices including, but not limited to, disk encryption, file encryption, firewalls, and password protection. Encryption of Protected Data: Vendor (and, if applicable, its subcontractors) will protect Protected Data in its custody from unauthorized disclosure while in motion or at rest, using a technology or methodology that complies with Section 2-d of the New York Education Law. BY THE VENDOR: Xxxxx Xxxxxx Name (Print) Signature Senior Manager, Sales Title Date Senior Manger, Sales9/8/2021
Appears in 1 contract
Duration of Agreement and Protected Data Upon Termination or Expiration. The Master Agreement commences on July 1, 2020 7/1/22 and expires on termination of agreement6/30/23. • Upon expiration of the Master Agreement without renewal, or upon termination of the Master Agreement prior to its expiration, Vendor will securely delete or otherwise destroy any and all Protected Data remaining in the possession of Vendor or any of its subcontractors or other authorized persons or entities to whom it has disclosed Protected Data. If requested by the District, Vendor will 2 Each educational agency, including a school district, is required to publish a “Xxxx Bill of Rights for Data Security and Privacy” on its website. See, Education Law Section 2-d(3)(a) and Part 121.3(a). The Xxxx Bill of Rights [that is posted on a district’s website] must also include “supplemental information” for each contract that the school district enters into with a third-party contractor where the third-party contractor receives student data or teacher or principal data [protected by Education Law Section 2-d]. See, Education Law Section 2-d(3)(c) and Part 121.3(c). Nothing in Education Law Section 2-d or Part 121 requires an educational agency to post its third-party contracts on its website in their entirety. In addition, nothing in Education Law Section 2-d or Part 121 requires an educational agency to include the “supplemental information” about each contract, within the contract itself. However, many school districts and other educational agencies have considered it a best practice to include most or all of the required elements of “supplemental information” within each applicable contract, and have complied with the obligation to include the “supplemental information” for each applicable contract with their Xxxx Bill of Rights, by posting the text from this page of this Exhibit from each applicable contract (or a link to this text) on their website in proximity to their Xxxx Bill of Rights. assist the District in exporting all Protected Data previously received back to the District for its own use, prior to deletion, in such formats as may be requested by the District. • In the event the Master Agreement is assigned to a successor Vendor (to the extent authorized by the Master Agreement), the Vendor will cooperate with the District as necessary to transition Protected Data to the successor Vendor prior to deletion. • Neither Vendor nor any of its subcontractors or other authorized persons or entities to whom it has disclosed Protected Data will retain any Protected Data, copies, summaries or extracts of the Protected Data, or any de-identified Protected Data, on any storage medium whatsoever. Upon request, Vendor and/or its subcontractors or other authorized persons or entities to whom it has disclosed Protected Data, as applicable, will provide the District with a certification from an appropriate officer that these requirements have been satisfied in full. Challenging Accuracy of Protected Data: Parents or eligible students can challenge the accuracy of any Protected Data provided by the District to Vendor, by contacting the District regarding procedures for requesting amendment of education records under the Family Educational Rights and Privacy Act (FERPA). Teachers or principals may request to challenge the accuracy of APPR data provided to Vendor by following the appeal process in the District’s applicable APPR Plan. Data Storage and Security Protections: Any Protected Data that Vendor receives will be stored on systems maintained by Vendor, or by a subcontractor under the direct control of Vendor, in a secure data center facility located within the United States. The measures that Vendor (and, if applicable, its subcontractors) will take to protect Protected Data include adoption of technologies, safeguards and practices that align with the NIST Cybersecurity Framework, and safeguards associated with industry standards and best practices including, but not limited to, disk encryption, file encryption, firewalls, and password protection. Encryption of Protected Data: Vendor (and, if applicable, its subcontractors) will protect Protected Data in its custody from unauthorized disclosure while in motion or at rest, using a technology or methodology that complies with Section 2-d of the New York Education Law. BY THE VENDOR: Xxxxx Xxxxxx Name (Print) Signature Title Date Senior Manger, SalesTitle
Appears in 1 contract
Duration of Agreement and Protected Data Upon Termination or Expiration. The Master Agreement commences on July 1, 2020 Begin Date and expires on termination of agreementEnd Date. • Upon expiration of the Master Agreement without renewal, or upon termination of the Master Agreement prior to its expiration, Vendor will securely delete or otherwise destroy any and all Protected Data remaining in the possession of Vendor or any of its subcontractors or other authorized persons or entities to whom it has disclosed Protected Data. If requested by the District, Vendor will 2 Each educational agency, including a school district, is required to publish a “Xxxx Bill of Rights for Data Security and Privacy” on its website. See, Education Law Section 2-d(3)(a) and Part 121.3(a). The Xxxx Bill of Rights [that is posted on a district’s website] must also include “supplemental information” for each contract that the school district enters into with a third-party contractor where the third-party contractor receives student data or teacher or principal data [protected by Education Law Section 2-d]. See, Education Law Section 2-d(3)(c) and Part 121.3(c). Nothing in Education Law Section 2-d or Part 121 requires an educational agency to post its third-party contracts on its website in their entirety. In addition, nothing in Education Law Section 2-d or Part 121 requires an educational agency to include the “supplemental information” about each contract, within the contract itself. However, many school districts and other educational agencies have considered it a best practice to include most or all of the required elements of “supplemental information” within each applicable contract, and have complied with the obligation to include the “supplemental information” for each applicable contract with their Xxxx Bill of Rights, by posting the text from this page of this Exhibit from each applicable contract (or a link to this text) on their website in proximity to their Xxxx Bill of Rights. • Upon expiration of the Master Agreement without renewal, or upon termination of the Master Agreement prior to its expiration, Vendor will securely delete or otherwise destroy any and all Protected Data remaining in the possession of Vendor or any of its subcontractors or other authorized persons or entities to whom it has disclosed Protected Data. If requested by the District, Vendor will assist the District in exporting all Protected Data previously received back to the District for its own use, prior to deletion, in such formats as may be requested by the District. • In the event the Master Agreement is assigned to a successor Vendor (to the extent authorized by the Master Agreement), the Vendor will cooperate with the District as necessary to transition Protected Data to the successor Vendor prior to deletion. • Neither Vendor nor any of its subcontractors or other authorized persons or entities to whom it has disclosed Protected Data will retain any Protected Data, copies, summaries or extracts of the Protected Data, or any de-identified Protected Data, on any storage medium whatsoever. Upon request, Vendor and/or its subcontractors or other authorized persons or entities to whom it has disclosed Protected Data, as applicable, will provide the District with a certification from an appropriate officer that these requirements have been satisfied in full. Challenging Accuracy of Protected Data: Parents or eligible students can challenge the accuracy of any Protected Data provided by the District to Vendor, by contacting the District regarding procedures for requesting amendment of education records under the Family Educational Rights and Privacy Act (FERPA). Teachers or principals may request to challenge the accuracy of APPR data provided to Vendor by following the appeal process in the District’s applicable APPR Plan. Data Storage and Security Protections: Any Protected Data that Vendor receives will be stored on systems maintained by Vendor, or by a subcontractor under the direct control of Vendor, in a secure data center facility located within the United States. The measures that Vendor (and, if applicable, its subcontractors) will take to protect Protected Data include adoption of technologies, safeguards and practices that align with the NIST Cybersecurity Framework, and safeguards associated with industry standards and best practices including, but not limited to, disk encryption, file encryption, firewalls, and password protection. Encryption of Protected Data: Vendor (and, if applicable, its subcontractors) will protect Protected Data in its custody from unauthorized disclosure while in motion or at rest, using a technology or methodology that complies with Section 2-d of the New York Education Law. BY THE VENDOR: Xxxxx Xxxxxx Name (Print) Signature Title Date Senior Manger, Sales.
Appears in 1 contract
Duration of Agreement and Protected Data Upon Termination or Expiration. The Master Agreement commences on July 1[August 8, 2020 2022 and expires on termination of agreementAugust 8, 2023. • Upon expiration of the Master Agreement without renewal, or upon termination of the Master Agreement prior to its expiration, Vendor will securely delete or otherwise destroy any and all Protected Data remaining in the possession of Vendor or any of its subcontractors or other authorized persons or entities to whom it has disclosed Protected Data. If requested by the District, Vendor will 2 Each educational agency, including a school district, is required to publish a “Xxxx Bill of Rights for Data Security and Privacy” on its website. See, Education Law Section 2-d(3)(a) and Part 121.3(a). The Xxxx Bill of Rights [that is posted on a district’s website] must also include “supplemental information” for each contract that the school district enters into with a third-party contractor where the third-party contractor receives student data or teacher or principal data [protected by Education Law Section 2-d]. See, Education Law Section 2-d(3)(c) and Part 121.3(c). Nothing in Education Law Section 2-d or Part 121 requires an educational agency to post its third-party contracts on its website in their entirety. In addition, nothing in Education Law Section 2-d or Part 121 requires an educational agency to include the “supplemental information” about each contract, within the contract itself. However, many school districts and other educational agencies have considered it a best practice to include most or all of the required elements of “supplemental information” within each applicable contract, and have complied with the obligation to include the “supplemental information” for each applicable contract with their Xxxx Bill of Rights, by posting the text from this page of this Exhibit from each applicable contract (or a link to this text) on their website in proximity to their Xxxx Bill of Rights. • Upon expiration of the Master Agreement without renewal, or upon termination of the Master Agreement prior to its expiration, Vendor will securely delete or otherwise destroy any and all Protected Data remaining in the possession of Vendor or any of its subcontractors or other authorized persons or entities to whom it has disclosed Protected Data. If requested by the District, Vendor will assist the District in exporting all Protected Data previously received back to the District for its own use, prior to deletion, in such formats as may be requested by the District. • In the event the Master Agreement is assigned to a successor Vendor (to the extent authorized by the Master Agreement), the Vendor will cooperate with the District as necessary to transition Protected Data to the successor Vendor prior to deletion. • Neither Vendor nor any of its subcontractors or other authorized persons or entities to whom it has disclosed Protected Data will retain any Protected Data, copies, summaries or extracts of the Protected Data, or any de-identified Protected Data, on any storage medium whatsoever. Upon request, Vendor and/or its subcontractors or other authorized persons or entities to whom it has disclosed Protected Data, as applicable, will provide the District with a certification from an appropriate officer that these requirements have been satisfied in full. Challenging Accuracy of Protected Data: Parents or eligible students can challenge the accuracy of any Protected Data provided by the District to Vendor, by contacting the District regarding procedures for requesting amendment of education records under the Family Educational Rights and Privacy Act (FERPA). Teachers or principals may request to challenge the accuracy of APPR data provided to Vendor by following the appeal process in the District’s applicable APPR Plan. Data Storage and Security Protections: Any Protected Data that Vendor receives will be stored on systems maintained by Vendor, or by a subcontractor under the direct control of Vendor, in a secure data center facility located within the United States. The measures that Vendor (and, if applicable, its subcontractors) will take to protect Protected Data include adoption of technologies, safeguards and practices that align with the NIST Cybersecurity Framework, and safeguards associated with industry standards and best practices including, but not limited to, disk encryption, file encryption, firewalls, and password protection. Encryption of Protected Data: Vendor (and, if applicable, its subcontractors) will protect Protected Data in its custody from unauthorized disclosure while in motion or at rest, using a technology or methodology that complies with Section 2-d of the New York Education Law. BY THE VENDOR: Xxxxx Xxxxxx Name (Print) Signature Title Date Senior Manger, Sales.
Appears in 1 contract
Duration of Agreement and Protected Data Upon Termination or Expiration. The Master Agreement commences on July 1, 2020 2022 and expires on termination of agreement. June 30, 2023 • Upon expiration of the Master Agreement without renewal, or upon termination of the Master Agreement prior to its expiration, Vendor will securely delete or otherwise destroy any and all Protected Data remaining in the possession of Vendor or any of its subcontractors or other authorized persons or entities to whom it has disclosed Protected Data. If requested by the District, Vendor will 2 Each educational agency, including a school district, is required to publish a “Xxxx Bill of Rights for Data Security and Privacy” on its website. See, Education Law Section 2-d(3)(a) and Part 121.3(a). The Xxxx Bill of Rights [that is posted on a district’s website] must also include “supplemental information” for each contract that the school district enters into with a third-party contractor where the third-party contractor receives student data or teacher or principal data [protected by Education Law Section 2-d]. See, Education Law Section 2-d(3)(c) and Part 121.3(c). Nothing in Education Law Section 2-d or Part 121 requires an educational agency to post its third-party contracts on its website in their entirety. In addition, nothing in Education Law Section 2-d or Part 121 requires an educational agency to include the “supplemental information” about each contract, within the contract itself. However, many school districts and other educational agencies have considered it a best practice to include most or all of the required elements of “supplemental information” within each applicable contract, and have complied with the obligation to include the “supplemental information” for each applicable contract with their Xxxx Bill of Rights, by posting the text from this page of this Exhibit from each applicable contract (or a link to this text) on their website in proximity to their Xxxx Bill of Rights. assist the District in exporting all Protected Data previously received back to the District for its own use, prior to deletion, in such formats as may be requested by the District. • In the event the Master Agreement is assigned to a successor Vendor (to the extent authorized by the Master Agreement), the Vendor will cooperate with the District as necessary to transition Protected Data to the successor Vendor prior to deletion. • Neither Vendor nor any of its subcontractors or other authorized persons or entities to whom it has disclosed Protected Data will retain any Protected Data, copies, summaries or extracts of the Protected Data, or any de-identified Protected Data, on any storage medium whatsoever. Upon request, Vendor and/or its subcontractors or other authorized persons or entities to whom it has disclosed Protected Data, as applicable, will provide the District with a certification from an appropriate officer that these requirements have been satisfied in full. Challenging Accuracy of Protected Data: Parents or eligible students can challenge the accuracy of any Protected Data provided by the District to Vendor, by contacting the District regarding procedures for requesting amendment of education records under the Family Educational Rights and Privacy Act (FERPA). Teachers or principals may request to challenge the accuracy of APPR data provided to Vendor by following the appeal process in the District’s applicable APPR Plan. Data Storage and Security Protections: Any Protected Data that Vendor receives will be stored on systems maintained by Vendor, or by a subcontractor under the direct control of Vendor, in a secure data center facility located within the United States. The measures that Vendor (and, if applicable, its subcontractors) will take to protect Protected Data include adoption of technologies, safeguards and practices that align with the NIST Cybersecurity Framework, and safeguards associated with industry standards and best practices including, but not limited to, disk encryption, file encryption, firewalls, and password protection. Encryption of Protected Data: Vendor (and, if applicable, its subcontractors) will protect Protected Data in its custody from unauthorized disclosure while in motion or at rest, using a technology or methodology that complies with Section 2-d of the New York Education Law. BY THE VENDOR: Xxxxx Xxxxxx Xxxxxxx Name (Print) Signature COO Title Date Senior Manger, Sales6/8/2022
Appears in 1 contract
Duration of Agreement and Protected Data Upon Termination or Expiration. The Master Agreement commences on July 1May 15, 2020 and expires on termination of agreementMay 14, 2023. • Upon expiration of the Master Agreement without renewal, or upon termination of the Master Agreement prior to its expiration, Vendor will securely delete or otherwise destroy any and all Protected Data remaining in the possession of Vendor or any of its subcontractors or other authorized persons or entities to whom it has disclosed Protected Data. If requested by the District, Vendor will 2 Each educational agency, including a school district, is required to publish a “Xxxx of Rights for Data Security and Privacy” on its website. See, Education Law Section 2-d(3)(a) and Part 121.3(a). The Xxxx of Rights [that is posted on a district’s website] must also include “supplemental information” for each contract that the school district enters into with a third-party contractor where the third-party contractor receives student data or teacher or principal data [protected by Education Law Section 2-d]. See, Education Law Section 2-d(3)(c) and Part 121.3(c). Nothing in Education Law Section 2-d or Part 121 requires an educational agency to post its third-party contracts on its website in their entirety. In addition, nothing in Education Law Section 2-d or Part 121 requires an educational agency to include the “supplemental information” about each contract, within the contract itself. However, many school districts and other educational agencies have considered it a best practice to include most or all of the required elements of “supplemental information” within each applicable contract, and have complied with the obligation to include the “supplemental information” for each applicable contract with their Xxxx of Rights, by posting the text from this page of this Exhibit from each applicable contract (or a link to this text) on their website in proximity to their Xxxx of Rights. assist the District in exporting all Protected Data previously received back to the District for its own use, prior to deletion, in such formats as may be requested by the District. • In the event the Master Agreement is assigned to a successor Vendor (to the extent authorized by the Master Agreement), the Vendor will cooperate with the District as necessary to transition Protected Data to the successor Vendor prior to deletion. • Neither Vendor nor any of its subcontractors or other authorized persons or entities to whom it has disclosed Protected Data will retain any Protected Data, copies, summaries or extracts of the Protected Data, or any de-identified Protected Data, on any storage medium whatsoever. Upon request, Vendor and/or its subcontractors or other authorized persons or entities to whom it has disclosed Protected Data, as applicable, will provide the District with a certification from an appropriate officer that these requirements have been satisfied in full. Challenging Accuracy of Protected Data: Parents or eligible students can challenge the accuracy of any Protected Data provided by the District to Vendor, by contacting the District regarding procedures for requesting amendment of education records under the Family Educational Rights and Privacy Act (FERPA). Teachers or principals may request to challenge the accuracy of APPR data provided to Vendor by following the appeal process in the District’s applicable APPR Plan. Data Storage and Security Protections: Any Protected Data that Vendor receives will be stored on systems maintained by Vendor, or by a subcontractor under the direct control of Vendor, in a secure data center facility located within the United States. The measures that Vendor (and, if applicable, its subcontractors) will take to protect Protected Data include adoption of technologies, safeguards and practices that align with the NIST Cybersecurity Framework, and safeguards associated with industry standards and best practices including, but not limited to, disk encryption, file encryption, firewalls, and password protection. Encryption of Protected Data: Vendor (and, if applicable, its subcontractors) will protect Protected Data in its custody from unauthorized disclosure while in motion or at rest, using a technology or methodology that complies with Section 2-d of the New York Education Law. BY THE VENDOR: Xxxxx Xxxxxx Xxxx Xxxxxxxxx Name (Print) Signature General Counsel Title Date Senior Manger, Sales11/9/2020
Appears in 1 contract
Duration of Agreement and Protected Data Upon Termination or Expiration. ● The Master Agreement commences on July 1, 2020 even date herewith and expires on termination of agreementas defined in Vendor’s attached Data Privacy and Security Plan . • ● Upon expiration of the Master Agreement without renewal, or upon termination of the Master Agreement prior to its expiration, Vendor will will, upon written request by the District, securely delete or otherwise destroy any and all Protected Data remaining in the possession of Vendor or any of its subcontractors or other authorized persons or entities to whom it has disclosed Protected Data. If requested by the District, Vendor will except 2 Each educational agency, including a school district, is required to publish a “Xxxx of Rights for Data Security and Privacy” on its website. See, Education Law Section 2-d(3)(a) and Part 121.3(a). The Xxxx of Rights [that is posted on a district’s website] must also include “supplemental information” for each contract that the school district enters into with a third-party contractor where the third-party contractor receives student data or teacher or principal data [protected by Education Law Section 2-d]. See, Education Law Section 2-d(3)(c) and Part 121.3(c). Nothing in Education Law Section 2-d or Part 121 requires an educational agency to post its third-party contracts on its website in their entirety. In addition, nothing in Education Law Section 2-d or Part 121 requires an educational agency to include the “supplemental information” about each contract, within the contract itself. However, many school districts and other educational agencies have considered it a best practice to include most or all of the required elements of “supplemental information” within each applicable contract, and have complied with the obligation to include the “supplemental information” for each applicable contract with their Xxxx of Rights, by posting the text from this page of this Exhibit from each applicable contract (or a link to this text) on their website in proximity to their Xxxx of Rights. for data backups that are part of Vendor’s disaster recovery storage system, which may be kept for an additional term of thirteen (13) months after termination of the Agreement. If requested by the District, Vendor will assist the District in exporting all Protected Data Student Gradebooks3 previously received back to the District for its own use, prior to deletion, in such formats as may be requested by the Districta standard exportation format . • ● In the event the Master Agreement is assigned to a successor Vendor (to the extent authorized by the Master Agreement), the Vendor will will, upon written request by the District, cooperate with the District as necessary to transition Protected Data to the successor Vendor prior to deletion. • ● Vendor may use De-identified data for purposes of research, improvement of Vendor’s product or services, and/or development of new products and services. In no event shall Vendor or any of its subcontractors or assignees re-identify or try to re-identify any De-identified data or use De-identified data in combination with other data elements possessed by Vendor or any third-party affiliate, posing risk of re-identification. ● Neither Vendor nor any of its subcontractors or other authorized persons or entities to whom it has disclosed Protected Data will retain any Protected Data, copies, summaries or extracts of the Protected Data, or any de-identified Protected Data, on any storage medium whatsoever, except for the aforementioned data backups. Upon request, Vendor and/or its subcontractors or other authorized persons or entities to whom it has disclosed Protected Data, as applicable, will provide the District with a certification from an appropriate officer that these requirements have been satisfied in full. Challenging Accuracy of Protected Data: Parents or eligible students can challenge the accuracy of any Protected Data provided by the District to Vendor, by contacting the District regarding procedures for requesting amendment of education records under the Family Educational Rights and Privacy Act (FERPA). Teachers or principals may request to challenge the accuracy of APPR data provided to Vendor by following the appeal process in the District’s applicable APPR Plan. Data Storage and Security Protections: Any Protected Data that Vendor receives will be stored on systems maintained by Vendor, or by a subcontractor under the direct control of Vendor, in a secure data center facility located within the United States. Notwithstanding any of the foregoing, user-generated content (which may or may not include Protected Data) may be temporarily copied and stored in other countries in order for Vendor to provide a better service. Concretely, uploaded videos, audios or images may have a copy temporarily stored in other regions to reduce the time of load. The measures that Vendor (and, if applicable, its subcontractors) will take to protect Protected Data include adoption of technologies, safeguards and practices that align with the NIST Cybersecurity Framework, and safeguards associated with industry standards and best practices including, but not limited to, disk encryption, file encryption, firewalls, and password protection. Encryption of Protected Data: Vendor (and, if applicable, its subcontractors) will protect Protected Data in its custody from unauthorized disclosure while in motion or at rest, using a technology or methodology that complies with Section 2-d of the New York Education Law. 3 Names, responses, results and grades obtained by students in their assignments. BY THE VENDOR: Xxxxx Xxxxxx _J_ulia T_rius Name (Print) Signature _Hea_d_o_f Le_gal Title 01 / 15 / 2021 Date Senior MangerEDpuzzle, SalesInc. 000 Xxxxxx Xx. (Xxxxx 000) Xxx Xxxxxxxxx, XX 00000 xxxxxxx@xxxxxxxx.xxx DATA PRIVACY AND SECURITY PLAN FOR EDPUZZLE AND SUPPLEMENTAL INFORMATION The technical and organizational measures provided in this Data Privacy and Security Plan and Supplemental Information (hereinafter, “DPSP”) apply to EDpuzzle, Inc. (hereinafter, “Edpuzzle”) in the processing of Personally Identifiable Information (“PII”) that is the subject matter of the Agreement entered into with Briarcliff Manor Union Free School District (“District”) (the “Agreement”), including any underlying applications, platforms, and infrastructure components operated and managed by Edpuzzle in providing its services.
Appears in 1 contract
Duration of Agreement and Protected Data Upon Termination or Expiration. ● The Master Agreement commences on July 1, 2020 2022 and expires on termination of agreement. • Upon expiration of the Master Agreement without renewalJune 30, or upon termination of the Master Agreement prior to its expiration, Vendor will securely delete or otherwise destroy any and all Protected Data remaining in the possession of Vendor or any of its subcontractors or other authorized persons or entities to whom it has disclosed Protected Data. If requested by the District, Vendor will 2 2023 1 Each educational agency, including a school district, is required to publish a “Xxxx Bill of Rights for Data Security and Privacy” on its website. See, Education Law Section 2-d(3)(a) and Part 121.3(a). The Xxxx Bill of Rights [that is posted on a district’s website] must also include “supplemental information” for each contract that the school district enters into with a third-party contractor where the third-party contractor receives student data or teacher or principal data [protected by Education Law Section 2-d]. See, Education Law Section 2-d(3)(c) and Part 121.3(c). Nothing in Education Law Section 2-d or Part 121 requires an educational agency to post its third-party contracts on its website in their entirety. In addition, nothing in Education Law Section 2-d or Part 121 requires an educational agency to include the “supplemental information” about each contract, within the contract itself. However, many school districts and other educational agencies have considered it a best practice to include most or all of the required elements of “supplemental information” within each applicable contract, and have complied with the obligation to include the “supplemental information” for each applicable contract with their Xxxx Bill of Rights, by posting the text from this page of this Exhibit from each applicable contract (or a link to this text) on their website in proximity to their Xxxx Bill of Rights. ● Upon expiration of the Master Agreement without renewal, or upon termination of the Master Agreement prior to its expiration, Vendor will securely delete or otherwise destroy any and all Protected Data remaining in the possession of Vendor or any of its subcontractors or other authorized persons or entities to whom it has disclosed Protected Data. If requested by the District, Vendor will assist the District in exporting all Protected Data previously received back to the District for its own use, prior to deletion, in such formats as may be requested by the District. • ● In the event the Master Agreement is assigned to a successor Vendor (to the extent authorized by the Master Agreement), the Vendor will cooperate with the District as necessary to transition Protected Data to the successor Vendor prior to deletion. • ● Neither Vendor nor any of its subcontractors or other authorized persons or entities to whom it has disclosed Protected Data will retain any Protected Data, copies, summaries or extracts of the Protected Data, or any de-identified Protected Data, on any storage medium whatsoever. Upon request, Vendor and/or its subcontractors or other authorized persons or entities to whom it has disclosed Protected Data, as applicable, will provide the District with a certification from an appropriate officer that these requirements have been satisfied in full. Challenging Accuracy of Protected Data: Parents or eligible students can challenge the accuracy of any Protected Data provided by the District to Vendor, by contacting the District regarding procedures for requesting amendment of education records under the Family Educational Rights and Privacy Act (FERPA). Teachers or principals may request to challenge the accuracy of APPR data provided to Vendor by following the appeal process in the District’s applicable APPR Plan. Data Storage and Security Protections: Any Protected Data that Vendor receives will be stored on systems maintained by Vendor, or by a subcontractor under the direct control of Vendor, in a secure data center facility located within the United States. The measures that Vendor (and, if applicable, its subcontractors) will take to protect Protected Data include adoption of technologies, safeguards and practices that align are comparable with the NIST Cybersecurity FrameworkFramework and ISO 27001, and safeguards associated with industry standards and best practices including, but not limited to, disk encryption, file encryption, firewalls, and password protection. Encryption of Protected Data: Vendor (and, if applicable, its subcontractors) will protect Protected Data in its custody from unauthorized disclosure while in motion or at rest, using a technology TLS L1.2 or methodology that complies with Section 2-d higher for data transmitted between the District and Vendor and the product over public networks; and AES 256 or stronger for data stored on Vendor’s servers. Canva for Education Order Form This Order Form sets forth the services ordered by the educational institution identified below (“Educational Institution”) to be provided by Canva US, Inc. (“Canva”) and is effective as of the New York Education Law. BY THE VENDOR: Xxxxx Xxxxxx Name date of Educational Institution’s signature below (Print) Signature Title Date Senior Manger, Sales“Effective Date”).
Appears in 1 contract
Duration of Agreement and Protected Data Upon Termination or Expiration. The Master Agreement commences on July 1, 2020 2021 and expires on termination of agreementJune 30, 2022. • Upon expiration of the Master Agreement without renewal, or upon termination of the Master Agreement prior to its expiration, Vendor will securely delete or otherwise destroy any and all Protected Data remaining in the possession of Vendor or any of its subcontractors or other authorized persons or entities to whom it has disclosed Protected Data. If requested by the District, Vendor will 2 Each educational agency, including a school district, is required to publish a “Xxxx Bill of Rights for Data Security and Privacy” on its website. See, Education Law Section 2-d(3)(a) and Part 121.3(a). The Xxxx Bill of Rights [that is posted on a district’s website] must also include “supplemental information” for each contract that the school district enters into with a third-party contractor where the third-party contractor receives student data or teacher or principal data [protected by Education Law Section 2-d]. See, Education Law Section 2-d(3)(c) and Part 121.3(c). Nothing in Education Law Section 2-d or Part 121 requires an educational agency to post its third-party contracts on its website in their entirety. In addition, nothing in Education Law Section 2-d or Part 121 requires an educational agency to include the “supplemental information” about each contract, within the contract itself. However, many school districts and other educational agencies have considered it a best practice to include most or all of the required elements of “supplemental information” within each applicable contract, and have complied with the obligation to include the “supplemental information” for each applicable contract with their Xxxx Bill of Rights, by posting the text from this page of this Exhibit from each applicable contract (or a link to this text) on their website in proximity to their Xxxx Bill of Rights. assist the District in exporting all Protected Data previously received back to the District for its own use, prior to deletion, in such formats as may be requested by the District. • In the event the Master Agreement is assigned to a successor Vendor (to the extent authorized by the Master Agreement), the Vendor will cooperate with the District as necessary to transition Protected Data to the successor Vendor prior to deletion. • Neither Vendor nor any of its subcontractors or other authorized persons or entities to whom it has disclosed Protected Data will retain any Protected Data, copies, summaries or extracts of the Protected Data, or any de-identified Protected Data, on any storage medium whatsoever. Upon request, Vendor and/or its subcontractors or other authorized persons or entities to whom it has disclosed Protected Data, as applicable, will provide the District with a certification from an appropriate officer that these requirements have been satisfied in full. Challenging Accuracy of Protected Data: Parents or eligible students can challenge the accuracy of any Protected Data provided by the District to Vendor, by contacting the District regarding procedures for requesting amendment of education records under the Family Educational Rights and Privacy Act (FERPA). Teachers or principals may request to challenge the accuracy of APPR data provided to Vendor by following the appeal process in the District’s applicable APPR Plan. Data Storage and Security Protections: Any Protected Data that Vendor receives will be stored on systems maintained by Vendor, or by a subcontractor under the direct control of Vendor, in a secure data center facility located within the United States. The measures that Vendor (and, if applicable, its subcontractors) will take to protect Protected Data include adoption of technologies, safeguards and practices that align with the NIST Cybersecurity Framework, and safeguards associated with industry standards and best practices including, but not limited to, disk encryption, file encryption, firewalls, and password protection. Encryption of Protected Data: Vendor (and, if applicable, its subcontractors) will protect Protected Data in its custody from unauthorized disclosure while in motion or at rest, using a technology or methodology that complies with Section 2-d of the New York Education Law. BY THE VENDOR: Xxxxx Xxxxxx X Xxxxxxx Signature Name (Print) Signature Chief Financial Officer Title Date Senior Manger, Sales9/3/2021
Appears in 1 contract
Duration of Agreement and Protected Data Upon Termination or Expiration. The Master Agreement commences on [July 1, 2020 2020] and expires on termination of agreement[June 30, 2021]. • Upon expiration of the Master Agreement without renewal, or upon termination of the Master Agreement prior to its expiration, Vendor will securely delete or otherwise destroy any and all Protected Data remaining in the possession of Vendor or any of its subcontractors or other authorized persons or entities to whom it has disclosed Protected Data. If requested by the District, Vendor will 2 Each educational agency, including a school district, is required to publish a “Xxxx Bill of Rights for Data Security and Privacy” on its website. See, Education Law Section 2-d(3)(a) and Part 121.3(a). The Xxxx Bill of Rights [that is posted on a district’s website] must also include “supplemental information” for each contract that the school district enters into with a third-party contractor where the third-party contractor receives student data or teacher or principal data [protected by Education Law Section 2-d]. See, Education Law Section 2-d(3)(c) and Part 121.3(c). Nothing in Education Law Section 2-d or Part 121 requires an educational agency to post its third-party contracts on its website in their entirety. In addition, nothing in Education Law Section 2-d or Part 121 requires an educational agency to include the “supplemental information” about each contract, within the contract itself. However, many school districts and other educational agencies have considered it a best practice to include most or all of the required elements of “supplemental information” within each applicable contract, and have complied with the obligation to include the “supplemental information” for each applicable contract with their Xxxx Bill of Rights, by posting the text from this page of this Exhibit from each applicable contract (or a link to this text) on their website in proximity to their Xxxx Bill of Rights. assist the District in exporting all Protected Data previously received back to the District for its own use, prior to deletion, in such formats as may be requested by the District. • In the event the Master Agreement is assigned to a successor Vendor (to the extent authorized by the Master Agreement), the Vendor will cooperate with the District as necessary to transition Protected Data to the successor Vendor prior to deletion. • Neither Vendor nor any of its subcontractors or other authorized persons or entities to whom it has disclosed Protected Data will retain any Protected Data, copies, summaries or extracts of the Protected Data, or any de-identified Protected Data, on any storage medium whatsoever. Upon request, Vendor and/or its subcontractors or other authorized persons or entities to whom it has disclosed Protected Data, as applicable, will provide the District with a certification from an appropriate officer that these requirements have been satisfied in full. Challenging Accuracy of Protected Data: Parents or eligible students can challenge the accuracy of any Protected Data provided by the District to Vendor, by contacting the District regarding procedures for requesting amendment of education records under the Family Educational Rights and Privacy Act (FERPA). Teachers or principals may request to challenge the accuracy of APPR data provided to Vendor by following the appeal process in the District’s applicable APPR Plan. Data Storage and Security Protections: Any Protected Data that Vendor receives will be stored on systems maintained by Vendor, or by a subcontractor under the direct control of Vendor, in a secure data center facility located within the United States. The measures that Vendor (and, if applicable, its subcontractors) will take to protect Protected Data include adoption of technologies, safeguards and practices that align with the NIST Cybersecurity Framework, and safeguards associated with industry standards and best practices including, but not limited to, disk encryption, file encryption, firewalls, and password protection. Encryption of Protected Data: Vendor (and, if applicable, its subcontractors) will protect Protected Data in its custody from unauthorized disclosure while in motion or at rest, using a technology or methodology that complies with Section 2-d of the New York Education Law. BY THE VENDOR: Xxxxx Xxxxxx Name (Print) Signature Title Date Senior Manger, Sales.
Appears in 1 contract
Samples: core-docs.s3.amazonaws.com
Duration of Agreement and Protected Data Upon Termination or Expiration. The Master Agreement commences on July 1, 2020 11/1/2022 and expires on termination of agreement6/30/2025. • Upon expiration of the Master Agreement without renewal, or upon termination of the Master Agreement prior to its expiration, Vendor will securely delete or otherwise destroy any and all Protected Data remaining in the possession of Vendor or any of its subcontractors or other authorized persons or entities to whom it has disclosed Protected Data. If requested by the District, Vendor will 2 Each educational agency, including a school district, is required to publish a “Xxxx Bill of Rights for Data Security and Privacy” on its website. See, Education Law Section 2-d(3)(a) and Part 121.3(a). The Xxxx Bill of Rights [that is posted on a district’s website] must also include “supplemental information” for each contract that the school district enters into with a third-party contractor where the third-party contractor receives student data or teacher or principal data [protected by Education Law Section 2-d]. See, Education Law Section 2-d(3)(c) and Part 121.3(c). Nothing in Education Law Section 2-d or Part 121 requires an educational agency to post its third-party contracts on its website in their entirety. In addition, nothing in Education Law Section 2-d or Part 121 requires an educational agency to include the “supplemental information” about each contract, within the contract itself. However, many school districts and other educational agencies have considered it a best practice to include most or all of the required elements of “supplemental information” within each applicable contract, and have complied with the obligation to include the “supplemental information” for each applicable contract with their Xxxx Bill of Rights, by posting the text from this page of this Exhibit from each applicable contract (or a link to this text) on their website in proximity to their Xxxx Bill of Rights. whom it has disclosed Protected Data. If requested by the District, Vendor will assist the District in exporting all Protected Data previously received back to the District for its own use, prior to deletion, in such formats as may be requested by the District. • In the event the Master Agreement is assigned to a successor Vendor (to the extent authorized by the Master Agreement), the Vendor will cooperate with the District as necessary to transition Protected Data to the successor Vendor prior to deletion. • Neither Vendor nor any of its subcontractors or other authorized persons or entities to whom it has disclosed Protected Data will retain any Protected Data, copies, summaries or extracts of the Protected Data, or any de-identified Protected Data, on any storage medium whatsoever. Upon request, Vendor and/or its subcontractors or other authorized persons or entities to whom it has disclosed Protected Data, as applicable, will provide the District with a certification from an appropriate officer that these requirements have been satisfied in full. Challenging Accuracy of Protected Data: Parents or eligible students can challenge the accuracy of any Protected Data provided by the District to Vendor, by contacting the District regarding procedures for requesting amendment of education records under the Family Educational Rights and Privacy Act (FERPA). Teachers or principals may request to challenge the accuracy of APPR data provided to Vendor by following the appeal process in the District’s applicable APPR Plan. Data Storage and Security Protections: Any Protected Data that Vendor receives will be stored on systems maintained by Vendor, or by a subcontractor under the direct control of Vendor, in a secure data center facility located within the United States. The measures that Vendor (and, if applicable, its subcontractors) will take to protect Protected Data include adoption of technologies, safeguards and practices that align with the NIST Cybersecurity Framework, and safeguards associated with industry standards and best practices including, but not limited to, disk encryption, file encryption, firewalls, and password protection. Encryption of Protected Data: Vendor (and, if applicable, its subcontractors) will protect Protected Data in its custody from unauthorized disclosure while in motion or at rest, using a technology or methodology that complies with Section 2-d of the New York Education Law. BY THE VENDOR: Xxxxx Xxxxxx Xxxxxxx Name (Print) Signature CEO Title Date Senior MangerOct 21, Sales2022
Appears in 1 contract
Duration of Agreement and Protected Data Upon Termination or Expiration. The Master Agreement commences on July 1, 2020 when the applicable subscription or services begin and expires on expiration or termination of agreementapplicable subscription or services. • Upon expiration of the Master Agreement without renewal, or upon termination of the Master Agreement prior to its expiration, Vendor will within sixty (60) days securely delete or otherwise destroy any and all Protected Data remaining in the possession of Vendor or any of its subcontractors or other authorized persons or entities to whom it has disclosed Protected Data. If requested by the DistrictDistrict prior to termination or expiration, Vendor will 2 Each educational agency, including a school district, is required to publish a “Xxxx Bill of Rights for Data Security and Privacy” on its website. See, Education Law Section 2-d(3)(a) and Part 121.3(a). The Xxxx Bill of Rights [that is posted on a district’s website] must also include “supplemental information” for each contract that the school district enters into with a third-party contractor where the third-party contractor receives student data or teacher or principal data [protected by Education Law Section 2-d]. See, Education Law Section 2-d(3)(c) and Part 121.3(c). Nothing in Education Law Section 2-d or Part 121 requires an educational agency to post its third-party contracts on its website in their entirety. In addition, nothing in Education Law Section 2-d or Part 121 requires an educational agency to include the “supplemental information” about each contract, within the contract itself. However, many school districts and other educational agencies have considered it a best practice to include most or all of the required elements of “supplemental information” within each applicable contract, and have complied with the obligation to include the “supplemental information” for each applicable contract with their Xxxx Bill of Rights, by posting the text from this page of this Exhibit from each applicable contract (or a link to this text) on their website in proximity to their Xxxx Bill of Rights. assist the District in District, such as with instructions for exporting all Protected Data previously received back to the District for its own use, prior to deletion, in such formats as may be requested by the Districtusing standard product functionality. • In the event the Master Agreement is assigned to a successor Vendor (to the extent authorized by the Master Agreement), the Vendor will cooperate with the District as necessary to transition Protected Data to the successor Vendor prior to deletion. • Neither Vendor nor any of its subcontractors or other authorized persons or entities to whom it has disclosed Protected Data will retain any Protected Data, copies, summaries or extracts of the Protected Data, or any de-identified Protected Data, on any storage medium whatsoever. Upon request, Vendor and/or its subcontractors or other authorized persons or entities to whom it has disclosed Protected Data, as applicable, will provide the District with a certification from an appropriate officer that these requirements theserequirements have been satisfied in full. Challenging Accuracy of Protected Data: Parents or eligible students can challenge the accuracy of any Protected Data provided by the District to Vendor, by contacting the District regarding procedures for requesting amendment of education records under the Family Educational Rights and Privacy Act (FERPA). Teachers or principals may request to challenge the accuracy of APPR data provided to Vendor by following the appeal process in the District’s applicable APPR Plan. Data Storage and Security Protections: Any Protected Data that Vendor receives will be stored on systems maintained by Vendor, or by a subcontractor under the direct control of Vendor, in a secure data center facility located within the United States. The measures that Vendor (and, if applicable, its subcontractors) will take to protect Protected Data include adoption of technologies, safeguards and practices that align with the NIST Cybersecurity Framework, and safeguards associated with industry standards and best practices including, but not limited to, disk encryption, file encryption, firewalls, and password protection. Encryption of Protected Data: Vendor (and, if applicable, its subcontractors) will protect Protected Data in its custody from unauthorized disclosure while in motion or at rest, using a technology or methodology that complies with Section 2-d of the New York Education Law. BY THE VENDOR: Xxxxx Xxxxxx SAVVAS LEARNING COMPANY LLC Xxxx Xxxxxxxx Name (Print) Xxxx Xxxxxxxx Xxxx Xxxxxxxx (Aug 11, 2022 08:28 CDT) Signature VP Operations Title Date Senior Manger, Sales08/11/2022
Appears in 1 contract
Duration of Agreement and Protected Data Upon Termination or Expiration. The Master Agreement commences on July 1, 2020 2022 and expires on termination of agreementJune 30, 2023. • Upon expiration of the Master Agreement without renewal, or upon termination of the Master Agreement prior to its expiration, Vendor will securely delete or otherwise destroy any and all Protected Data remaining in the possession of Vendor or any of its subcontractors or other authorized persons or entities to whom it has disclosed Protected Data. If requested by the District, Vendor will 2 Each educational agency, including a school district, is required to publish a “Xxxx Bill of Rights for Data Security and Privacy” on its website. See, Education Law Section 2-d(3)(a) and Part 121.3(a). The Xxxx Bill of Rights [that is posted on a district’s website] must also include “supplemental information” for each contract that the school district enters into with a third-party contractor where the third-party contractor receives student data or teacher or principal data [protected by Education Law Section 2-d]. See, Education Law Section 2-d(3)(c) and Part 121.3(c). Nothing in Education Law Section 2-d or Part 121 requires an educational agency to post its third-party contracts on its website in their entirety. In addition, nothing in Education Law Section 2-d or Part 121 requires an educational agency to include the “supplemental information” about each contract, within the contract itself. However, many school districts and other educational agencies have considered it a best practice to include most or all of the required elements of “supplemental information” within each applicable contract, and have complied with the obligation to include the “supplemental information” for each applicable contract with their Xxxx Bill of Rights, by posting the text from this page of this Exhibit from each applicable contract (or a link to this text) on their website in proximity to their Xxxx Bill of Rights. assist the District in exporting all Protected Data previously received back to the District for its own use, prior to deletion, in such formats as may be requested by the District. • In the event the Master Agreement is assigned to a successor Vendor (to the extent authorized by the Master Agreement), the Vendor will cooperate with the District as necessary to transition Protected Data to the successor Vendor prior to deletion. • Neither Vendor nor any of its subcontractors or other authorized persons or entities to whom it has disclosed Protected Data will retain any Protected Data, copies, summaries or extracts of the Protected Data, or any de-identified Protected Data, on any storage medium whatsoever. Upon request, Vendor and/or its subcontractors or other authorized persons or entities to whom it has disclosed Protected Data, as applicable, will provide the District with a certification from an appropriate officer that these requirements have been satisfied in full. Challenging Accuracy of Protected Data: Parents or eligible students can challenge the accuracy of any Protected Data provided by the District to Vendor, by contacting the District regarding procedures for requesting amendment of education records under the Family Educational Rights and Privacy Act (FERPA). Teachers or principals may request to challenge the accuracy of APPR data provided to Vendor by following the appeal process in the District’s applicable APPR Plan. Data Storage and Security Protections: Any Protected Data that Vendor receives will be stored on systems maintained by Vendor, or by a subcontractor under the direct control of Vendor, in a secure data center facility located within the United States. The measures that Vendor (and, if applicable, its subcontractors) will take to protect Protected Data include adoption of technologies, safeguards and practices that align with the NIST Cybersecurity Framework, and safeguards associated with industry standards and best practices including, but not limited to, disk encryption, file encryption, firewalls, and password protection. Encryption of Protected Data: Vendor (and, if applicable, its subcontractors) will protect Protected Data in its custody from unauthorized disclosure while in motion or at rest, using a technology or methodology that complies with Section 2-d of the New York Education Law. BY THE VENDOR: Xxxxx Xxxxxx Name (Print) Signature Title Date Senior Manger, SalesTitle
Appears in 1 contract
Duration of Agreement and Protected Data Upon Termination or Expiration. The Master Agreement commences on July 1, 2020 7/1/2020 and expires on termination at Termination of agreement. Agreement • Upon expiration of the Master Agreement without renewal, or upon termination of the Master Agreement prior to its expiration, Vendor will securely delete or otherwise destroy any and all Protected Data remaining in the possession of Vendor or any of its subcontractors or other authorized persons or entities to whom it has disclosed Protected Data. If requested by the District, Vendor will 2 Each educational agency, including a school district, is required to publish a “Xxxx of Rights for Data Security and Privacy” on its website. See, Education Law Section 2-d(3)(a) and Part 121.3(a). The Xxxx of Rights [that is posted on a district’s website] must also include “supplemental information” for each contract that the school district enters into with a third-party contractor where the third-party contractor receives student data or teacher or principal data [protected by Education Law Section 2-d]. See, Education Law Section 2-d(3)(c) and Part 121.3(c). Nothing in Education Law Section 2-d or Part 121 requires an educational agency to post its third-party contracts on its website in their entirety. In addition, nothing in Education Law Section 2-d or Part 121 requires an educational agency to include the “supplemental information” about each contract, within the contract itself. However, many school districts and other educational agencies have considered it a best practice to include most or all of the required elements of “supplemental information” within each applicable contract, and have complied with the obligation to include the “supplemental information” for each applicable contract with their Xxxx of Rights, by posting the text from this page of this Exhibit from each applicable contract (or a link to this text) on their website in proximity to their Xxxx of Rights. assist the District in exporting all Protected Data previously received back to the District for its own use, prior to deletion, in such formats as may be requested by the District. • In the event the Master Agreement is assigned to a successor Vendor (to the extent authorized by the Master Agreement), the Vendor will cooperate with the District as necessary to transition Protected Data to the successor Vendor prior to deletion. • Neither Vendor nor any of its subcontractors or other authorized persons or entities to whom it has disclosed Protected Data will retain any Protected Data, copies, summaries or extracts of the Protected Data, or any de-identified Protected Data, on any storage medium whatsoever. Upon request, Vendor and/or its subcontractors or other authorized persons or entities to whom it has disclosed Protected Data, as applicable, will provide the District with a certification from an appropriate officer that these requirements have been satisfied in full. Challenging Accuracy of Protected Data: Parents or eligible students can challenge the accuracy of any Protected Data provided by the District to Vendor, by contacting the District regarding procedures for requesting amendment of education records under the Family Educational Rights and Privacy Act (FERPA). Teachers or principals may request to challenge the accuracy of APPR data provided to Vendor by following the appeal process in the District’s applicable APPR Plan. Data Storage and Security Protections: Any Protected Data that Vendor receives will be stored on systems maintained by Vendor, or by a subcontractor under the direct control of Vendor, in a secure data center facility located within the United States. The measures that Vendor (and, if applicable, its subcontractors) will take to protect Protected Data include adoption of technologies, safeguards and practices that align with the NIST Cybersecurity Framework, and safeguards associated with industry standards and best practices including, but not limited to, disk encryption, file encryption, firewalls, and password protection. Encryption of Protected Data: Vendor (and, if applicable, its subcontractors) will protect Protected Data in its custody from unauthorized disclosure while in motion or at rest, using a technology or methodology that complies with Section 2-d of the New York Education Law. BY THE VENDOR: Xxxxx Xxxxxx Xxxxx Signature Name (Print) Signature IT Director Title Date Senior Manger, Sales2020/10/28
Appears in 1 contract
Duration of Agreement and Protected Data Upon Termination or Expiration. ● The Master Agreement (Purchase Order) commences on July 1, 2020 8/1/2019 and expires on termination 7/31/2025. ● Without undue delay following Vendor’s receipt of agreement. • Upon a written request from District after the expiration of the Master Agreement without renewal, or upon termination of terminationof the Master Agreement prior to its expiration, Vendor will securely delete or otherwise destroy any and all Protected Data remaining in the possession of Vendor or any of its subcontractors or other authorized persons or entities to whom it has disclosed Protected Data. If requested by the District, Vendor will 2 1 Each educational agency, including a school district, is required to publish a “Xxxx Bill of Rights for Data Security and Privacy” on its website. See, Education Law Section 2-d(3)(a) and Part 121.3(a). The Xxxx Bill of Rights [that is posted on a district’s website] must also include “supplemental information” for each contract that the school district enters into with a third-party contractor where the third-party contractor receives student data or teacher or principal data [protected by Education Law Section 2-d]. See, Education Law Section 2-d(3)(c) and Part 121.3(c). Nothing in Education Law Section 2-d or Part 121 requires an educational agency to post its third-party contracts on its website in their entirety. In addition, nothing in Education Law Section 2-d or Part 121 requires an educational agency to include the “supplemental information” about each contract, within the contract itself. However, many school districts and other educational agencies have considered it a best practice to include most or all of the required elements of “supplemental information” within each applicable contract, and have complied with the obligation to include the “supplemental information” for each applicable contract with their Xxxx Bill of Rights, by posting the text from this page of this Exhibit from each applicable contract (or a link to this text) on their website in proximity to their Xxxx Bill of Rights. assist otherwise destroy any and all personally identifiable information in the District in exporting all Protected Data previously received back remaining in the possession of Vendor or any of its subcontractors or other authorized persons or entities to the District for its own use, prior to deletion, in such formats as may be requested by the District. • whom it has disclosed Protected Data.. ● In the event the Master Agreement is assigned to a successor Vendor (to the extent authorized by the Master Agreement), the Vendor will cooperate with the District as necessary to transition Protected Data to the successor Vendor prior to deletion. • ● Neither Vendor nor any of its subcontractors or other authorized persons or entities to whom it has disclosed Protected Data will retain any Protected Data, copies, summaries or extracts of the Protected Data, or any de-identified Protected Data, on any storage medium whatsoever. Upon requestWithout undue delay following Vendor’s receipt of a written request from the District, Vendor and/or its subcontractors or other authorized persons or entities to whom it has disclosed Protected Data, as applicable, will provide the District with a certification from an appropriate officer that these requirements have been satisfied in full. Challenging Accuracy of Protected Data: Parents or eligible students can challenge the accuracy of any Protected Data provided by the District to Vendor, by contacting the District regarding procedures for requesting amendment of education records under the Family Educational Rights and Privacy Act (FERPA). Teachers or principals may request to challenge the accuracy of APPR data provided to Vendor by following the appeal process in the District’s applicable APPR Plan. Data Storage and Security Protections: Any Protected Data that Vendor receives will be stored on systems maintained by Vendor, or by a subcontractor under the direct control of Vendor, in a secure data center facility located within the United States. The measures that Vendor (and, if applicable, its subcontractors) will take to protect Protected Data include adoption of technologies, safeguards and practices that align with the NIST Cybersecurity Framework, and safeguards associated with industry standards and best practices including, but not limited to, disk encryption, file encryption, firewalls, and password protection. Encryption of Protected Data: Vendor (and, if applicable, its subcontractors) will protect Protected Data in its custody from unauthorized disclosure while in motion or at rest, using a technology or methodology that complies with Section 2-d of the New York Education Law. BY THE VENDOR: Xxxxx Xxxxxx Name (Print) Signature Title Date Senior Manger, Sales.
Appears in 1 contract
Duration of Agreement and Protected Data Upon Termination or Expiration. The Master Agreement commences on July 1, 2020 7/1/23 and expires on termination of agreement6/30/24. • Upon expiration of the Master Agreement without renewal, or upon termination of the Master Agreement prior to its expiration, Vendor will securely delete or otherwise destroy any and all Protected Data remaining in the possession of Vendor or any of its subcontractors or other authorized persons or entities to whom it has disclosed Protected Data. If requested by the District, Vendor will 2 Each educational agency, including a school district, is required to publish a “Xxxx Bill of Rights for Data Security and Privacy” on its website. See, Education Law Section 2-d(3)(a) and Part 121.3(a). The Xxxx Bill of Rights [that is posted on a district’s website] must also include “supplemental information” for each contract that the school district enters into with a third-party contractor where the third-party contractor receives student data or teacher or principal data [protected by Education Law Section 2-d]. See, Education Law Section 2-d(3)(c) and Part 121.3(c). Nothing in Education Law Section 2-d or Part 121 requires an educational agency to post its third-party contracts on its website in their entirety. In addition, nothing in Education Law Section 2-d or Part 121 requires an educational agency to include the “supplemental information” about each contract, within the contract itself. However, many school districts and other educational agencies have considered it a best practice to include most or all of the required elements of “supplemental information” within each applicable contract, and have complied with the obligation to include the “supplemental information” for each applicable contract with their Xxxx Bill of Rights, by posting the text from this page of this Exhibit from each applicable contract (or a link to this text) on their website in proximity to their Xxxx Bill of Rights. assist the District in exporting all Protected Data previously received back to the District for its own use, prior to deletion, in such formats as may be requested by the District. • In the event the Master Agreement is assigned to a successor Vendor (to the extent authorized by the Master Agreement), the Vendor will cooperate with the District as necessary to transition Protected Data to the successor Vendor prior to deletion. • Neither Vendor nor any of its subcontractors or other authorized persons or entities to whom it has disclosed Protected Data will retain any Protected Data, copies, summaries or extracts of the Protected Data, or any de-identified Protected Data, on any storage medium whatsoever. Upon request, Vendor and/or its subcontractors or other authorized persons or entities to whom it has disclosed Protected Data, as applicable, will provide the District with a certification from an appropriate officer that these requirements have been satisfied in full. Challenging Accuracy of Protected Data: Parents or eligible students can challenge the accuracy of any Protected Data provided by the District to Vendor, by contacting the District regarding procedures for requesting amendment of education records under the Family Educational Rights and Privacy Act (FERPA). Teachers or principals may request to challenge the accuracy of APPR data provided to Vendor by following the appeal process in the District’s applicable APPR Plan. Data Storage and Security Protections: Any Protected Data that Vendor receives will be stored on systems maintained by Vendor, or by a subcontractor under the direct control of Vendor, in a secure data center facility located within the United States. The measures that Vendor (and, if applicable, its subcontractors) will take to protect Protected Data include adoption of technologies, safeguards and practices that align with the NIST Cybersecurity Framework, and safeguards associated with industry standards and best practices including, but not limited to, disk encryption, file encryption, firewalls, and password protection. Encryption of Protected Data: Vendor (and, if applicable, its subcontractors) will protect Protected Data in its custody from unauthorized disclosure while in motion or at rest, using a technology or methodology that complies with Section 2-d of the New York Education Law. BY THE VENDOR: Xxxx Xxxxx Xxxxxx Name (Print) Xxxx Xxxxx (Aug 8, 2023 11:58 PDT) Signature Chief Executive Officer Title August 7, 2023 Date Senior Manger, SalesBoom Learning PBOR 23-24 Final Audit Report 2023-08-08 "Boom Learning PBOR 23-24" History Document created by Xxxxxxx Xxxxxxx (xxxxxxx@xxxxxxxxxxxx.xxx) 2023-08-07 - 4:01:31 PM GMT- IP address: 24.18.32.67 Document emailed to Xxxx Xxxxx (xxxx@xxxxxxxxxxxx.xxx) for signature 2023-08-07 - 4:02:13 PM GMT Email viewed by Xxxx Xxxxx (xxxx@xxxxxxxxxxxx.xxx) 2023-08-08 - 6:57:57 PM GMT- IP address: 50.35.65.35 Document e-signed by Xxxx Xxxxx (xxxx@xxxxxxxxxxxx.xxx) Signature Date: 2023-08-08 - 6:58:04 PM GMT - Time Source: server- IP address: 50.35.65.35 Agreement completed. 2023-08-08 - 6:58:04 PM GMT Created: 2023-08-07 By: Status: Transaction ID: Xxxxxxx Xxxxxxx (xxxxxxx@xxxxxxxxxxxx.xxx) Signed
Appears in 1 contract
Duration of Agreement and Protected Data Upon Termination or Expiration. The Master Agreement commences on July 1, 2020 and 7/1/2022and expires on termination of agreement6/30/2025. • Upon expiration of the Master Agreement without renewal, or upon termination of the Master Agreement prior to its expiration, Vendor will securely delete or otherwise destroy any and all Protected Data remaining in the possession of Vendor or any of its subcontractors or other authorized persons or entities to whom it has disclosed Protected Data. If requested by the District, Vendor will 2 Each educational agency, including a school district, is required to publish a “Xxxx Bill of Rights for Data Security and Privacy” on its website. See, Education Law Section 2-d(3)(a) and Part 121.3(a). The Xxxx Bill of Rights [that is posted on a district’s website] must also include “supplemental information” for each contract that the school district enters into with a third-party contractor where the third-party contractor receives student data or teacher or principal data [protected by Education Law Section 2-d]. See, Education Law Section 2-d(3)(c) and Part 121.3(c). Nothing in Education Law Section 2-d or Part 121 requires an educational agency to post its third-party contracts on its website in their entirety. In addition, nothing in Education Law Section 2-d or Part 121 requires an educational agency to include the “supplemental information” about each contract, within the contract itself. However, many school districts and other educational agencies have considered it a best practice to include most or all of the required elements of “supplemental information” within each applicable contract, and have complied with the obligation to include the “supplemental information” for each applicable contract with their Xxxx Bill of Rights, by posting the text from this page of this Exhibit from each applicable contract (or a link to this text) on their website in proximity to their Xxxx Bill of Rights. whom it has disclosed Protected Data. If requested by the District, Vendor will assist the District in exporting all Protected Data previously received back to the District for its own use, prior to deletion, in such formats as may be requested by the District. • In the event the Master Agreement is assigned to a successor Vendor (to the extent authorized by the Master Agreement), the Vendor will cooperate with the District as necessary to transition Protected Data to the successor Vendor prior to deletion. • Neither Vendor nor any of its subcontractors or other authorized persons or entities to whom it has disclosed Protected Data will retain any Protected Data, copies, summaries or extracts of the Protected Data, or any de-identified Protected Data, on any storage medium whatsoever. Upon request, Vendor and/or its subcontractors or other authorized persons or entities to whom it has disclosed Protected Data, as applicable, will provide the District with a certification from an appropriate officer that these requirements have been satisfied in full. Challenging Accuracy of Protected Data: Parents or eligible students can challenge the accuracy of any Protected Data provided by the District to Vendor, by contacting the District regarding procedures for requesting amendment of education records under the Family Educational Rights and Privacy Act (FERPA). Teachers or principals may request to challenge the accuracy of APPR data provided to Vendor by following the appeal process in the District’s applicable APPR Plan. Data Storage and Security Protections: Any Protected Data that Vendor receives will be stored on systems maintained by Vendor, or by a subcontractor under the direct control of Vendor, in a secure data center facility located within the United States. The measures that Vendor (and, if applicable, its subcontractors) will take to protect Protected Data include adoption of technologies, safeguards and practices that align with the NIST Cybersecurity Framework, and safeguards associated with industry standards and best practices including, but not limited to, disk encryption, file encryption, firewalls, and password protection. Encryption of Protected Data: Vendor (and, if applicable, its subcontractors) will protect Protected Data in its custody from unauthorized disclosure while in motion or at rest, using a technology or methodology that complies with Section 2-d of the New York Education Law. BY THE VENDOR: Xxxxx Xxxxxx Name (Print) Signature Title Date Senior Manger, SalesTitle
Appears in 1 contract
