Common use of GENERAL OFFER OF TERMS Clause in Contracts

GENERAL OFFER OF TERMS. Provider may, by signing the attached Form of General Offer of Privacy Terms (General Offer, attached hereto as Exhibit “E”), be bound by the terms of this to any other school district who signs the acceptance in said Exhibit. [Signature Page Follows] Xxxxx X. Xxxxxxx Xxxxx X. Xxxxxxx (Jun 8, 2020 12:46 EDT) Xxxxx X. Xxxxxxx Director of Technology E XHIBIT “A” DESCRIPTION OF SERVICES Brainingcamp manipulatives 1166732v1 E XHIBIT “C” DEFINITIONS De-Identifiable Information (DII): De-Identification refers to the process by which the Vendor removes or obscures any Personally Identifiable Information (“PII”) from student records in a way that removes or minimizes the risk of disclosure of the identity of the individual and information about them. The Provider’s specific steps to de-identify the data will depend on the circumstances, but should be appropriate to protect students. Some potential disclosure limitation methods are blurring, masking, and perturbation. De-identification should ensure that any information when put together cannot indirectly identify the student, not only from the viewpoint of the public, but also from the vantage of those who are familiar with the individual. NIST 800-63-3: Draft National Institute of Standards and Technology (“NIST”) Special Publication 800-63-3 Digital Authentication Guideline. Personally Identifiable Information (PII): The terms “Personally Identifiable Information” or “PII” shall include, but are not limited to, student data, metadata, and user or pupil-generated content obtained by reason of the use of Provider’s software, website, service, or app, including mobile apps, whether gathered by Provider or provided by LEA or its users, students, or students’ parents/guardians. PII includes, without limitation, at least the following: First Name Home Address Last Name Subject Telephone Number Email Address Discipline Records Test Results Special Education Data Juvenile Dependency Records Grades Evaluations Criminal Records Medical Records Health Records Social Security Number Biometric Information Disabilities Socioeconomic Information Food Purchases Political Affiliations Religious Information Text Messages Documents Student Identifiers Search Activity Photos Voice Recordings Videos Date of Birth Grade Classes Place of birth Social Media Address Unique pupil identifier Credit card account number, insurance account number, and financial services account number Name of the student's parents or other family members General Categories:

GENERAL OFFER OF TERMS. Provider may, by signing the attached Form of General Offer of Privacy Terms (General Offer, attached hereto as Exhibit “E”), be bound by the terms of this to any other school district who signs the acceptance in said Exhibit. [Signature Page Follows] Xxxxx X. Xxxxxxx Xxxxx X. Xxxxxxx Xxxxxxxx Xxxxxx Xxxxxxxx Xxxxxx (Jun 8Jul 21, 2020 12:46 05:30 EDT) Xxxxx X. Xxxxxxx Jul 21, 2020 Xxxxxxxx Xxxxxx Technology Director of Technology E XHIBIT “A” DESCRIPTION OF SERVICES Brainingcamp manipulatives 1166732v1 E XHIBIT EXHIBIT “C” DEFINITIONS De-Identifiable Information (DII): De-Identification refers to the process by which the Vendor removes or obscures any Personally Identifiable Information (“PII”) from student records in a way that removes or minimizes the risk of disclosure of the identity of the individual and information about them. The Provider’s specific steps to de-identify the data will depend on the circumstances, but should be appropriate to protect students. Some potential disclosure limitation methods are blurring, masking, and perturbation. De-identification should ensure that any information when put together cannot indirectly identify the student, not only from the viewpoint of the public, but also from the vantage of those who are familiar with the individual. Information cannot be de-identified if there are fewer than twenty (20) students in the samples of a particular field or category, i.e., twenty students in a particular grade or less than twenty students with a particular disability. NIST 800-63-3: Draft National Institute of Standards and Technology (“NIST”) Special Publication 800-63-3 Digital Authentication Guideline. Personally Identifiable Information (PII): The terms “Personally Identifiable Information” or “PII” shall include, but are not limited to, student data, metadata, and user or pupil-generated content obtained by reason of the use of Provider’s software, website, service, or app, including mobile apps, whether gathered by Provider or provided by LEA or its users, students, or students’ parents/guardians. PII includes, without limitation, at least the following: First Name Home Address Last Name Subject Telephone Number Email Address Discipline Records Test Results Special Education Data Juvenile Dependency Records Grades Evaluations Criminal Records Medical Records Health Records Social Security Number Biometric Information Disabilities Socioeconomic Information Food Purchases Political Affiliations Religious Information Text Messages Documents Student Identifiers Search Activity Photos Voice Recordings Videos Date of Birth Grade Classes Place of birth Social Media Address Unique pupil identifier Credit card account number, insurance account number, and financial services account number Name of the student's parents or other family members General Categories:

GENERAL OFFER OF TERMS. Provider may, by signing the attached Form of General Offer of Privacy Terms (General Offer, attached hereto as Exhibit “E”), be bound by the terms of this to any other school district who signs the acceptance in said Exhibit. [Signature Page Follows] Xxxxxxx X. Xxxxx Xxxxxxx X. Xxxxx (Apr 28, 2020) 4-28-2020 Xxxxxxx X. Xxxxx X. Xxxxxxx (Jun 8, 2020 12:46 EDT) Xxxxx X. Xxxxxxx Director of Technology Superintendent E XHIBIT “A” DESCRIPTION OF SERVICES Brainingcamp manipulatives 1166732v1 Math League is a Math competition for elementary, middle, and high school students. 1081011v1 E XHIBIT “C” DEFINITIONS De-Identifiable Information (DII): De-Identification refers to the process by which the Vendor removes or obscures any Personally Identifiable Information (“PII”) from student records in a way that removes or minimizes the risk of disclosure of the identity of the individual and information about them. The Provider’s specific steps to de-identify the data will depend on the circumstances, but should be appropriate to protect students. Some potential disclosure limitation methods are blurring, masking, and perturbation. De-identification should ensure that any information when put together cannot indirectly identify the student, not only from the viewpoint of the public, but also from the vantage of those who are familiar with the individual. Information cannot be de-identified if there are fewer than twenty (20) students in the samples of a particular field or category, i.e., twenty students in a particular grade or less than twenty students with a particular disability. NIST 800-63-3: Draft National Institute of Standards and Technology (“NIST”) Special Publication 800-63-3 Digital Authentication Guideline. Personally Identifiable Information (PII): The terms “Personally Identifiable Information” or “PII” shall include, but are not limited to, student data, metadata, and user or pupil-generated content obtained by reason of the use of Provider’s software, website, service, or app, including mobile apps, whether gathered by Provider or provided by LEA or its users, students, or students’ parents/guardians. PII includes, without limitation, at least the following: First Name Home Address Last Name Subject Telephone Number Email Address Discipline Records Test Results Special Education Data Juvenile Dependency Records Grades Evaluations Criminal Records Medical Records Health Records Social Security Number Biometric Information Disabilities Socioeconomic Information Food Purchases Political Affiliations Religious Information Text Messages Documents Student Identifiers Search Activity Photos Voice Recordings Videos Date of Birth Grade Classes Place of birth Social Media Address Unique pupil identifier Credit card account number, insurance account number, and financial services account number Name of the student's parents or other family members General Categories:

GENERAL OFFER OF TERMS. Provider may, by signing the attached Form of General Offer of Privacy Terms (General Offer, attached hereto as Exhibit “E”), be bound by the terms of this to any other school district who signs the acceptance in said Exhibit. [Signature Page Follows] Xxxxx X. Xxxxxxx Xxxxxx Xxxxx X. Xxxxxxx Xxxxxx (Jun 8Jan 29, 2020 12:46 EDT2020) 01/29/20 Xxxxx X. Xxxxxxx Xxxxxx Director of Technology Digital Learning E XHIBIT “A” DESCRIPTION OF SERVICES Brainingcamp manipulatives 1166732v1 Online and mobile educational applications xxx.XxxxxxxxXxxxxxxxx.xxx xxx.XxxxXxxx.xxx xxx.XxxxXxxxxxxxx.xxx xxx.XxxxxXxxxxxxx.xxx 1081011v1 Category of Data Elements Check if used by your system Other transcript data -Please specify: Transportation Student bus assignment Student pick up and/or drop off location Student bus card ID number Category of Data Elements Check if used by your system Other transportation data - Please specify: Other Please list each additional data element used, stored or collected by your application E XHIBIT “C” DEFINITIONS De-Identifiable Information (DII): De-Identification refers to the process by which the Vendor removes or obscures any Personally Identifiable Information (“PII”) from student records in a way that removes or minimizes the risk of disclosure of the identity of the individual and information about them. The Provider’s specific steps to de-identify the data will depend on the circumstances, but should be appropriate to protect students. Some potential disclosure limitation methods are blurring, masking, and perturbation. De-De- identification should ensure that any information when put together cannot indirectly identify the student, not only from the viewpoint of the public, but also from the vantage of those who are familiar with the individual. Information cannot be de-identified if there are fewer than twenty (20) students in the samples of a particular field or category, i.e., twenty students in a particular grade or less than twenty students with a particular disability. NIST 800-63-3: Draft National Institute of Standards and Technology (“NIST”) Special Publication 800-63-3 Digital Authentication Guideline. Personally Identifiable Information (PII): The terms “Personally Identifiable Information” or “PII” shall include, but are not limited to, student data, metadata, and user or pupil-generated content obtained by reason of the use of Provider’s software, website, service, or app, including mobile apps, whether gathered by Provider or provided by LEA or its users, students, or students’ parents/guardians. PII includes, without limitation, at least the following: First Name Home Address Last Name Subject Telephone Number Email Address Discipline Records Test Results Special Education Data Juvenile Dependency Records Grades Evaluations Criminal Records Medical Records Health Records Social Security Number Biometric Information Disabilities Socioeconomic Information Food Purchases Political Affiliations Religious Information Text Messages Documents Student Identifiers Search Activity Photos Voice Recordings Videos Date of Birth Grade Classes Place of birth Social Media Address Unique pupil identifier Credit card account number, insurance account number, and financial services account number Name of the student's parents or other family members General Categories:

GENERAL OFFER OF TERMS. Provider may, by signing the attached Form of General Offer of Privacy Terms (General Offer, attached hereto as Exhibit “E”), be bound by the terms of this to any other school district who signs the acceptance in said Exhibit. [Signature Page Follows] Xxxxx X. Xxxxxxx Xxxxx X. Xxxxxxx 5/21/2020 Xxxx Xxxxxx Xxxx Xxxxxx (Jun 8May 22, 2020 12:46 10:06 EDT) Xxxxx X. Xxxxxxx Director Xxxx Xxxxxx Director, Dept of Innovation & Technology E XHIBIT “A” DESCRIPTION OF SERVICES Brainingcamp manipulatives 1166732v1 FOCUS 2 EXPLORE, a Career Exploration and College Selection System. 1135664v1 E XHIBIT “C” DEFINITIONS De-Identifiable Information (DII): De-Identification refers to the process by which the Vendor removes or obscures any Personally Identifiable Information (“PII”) from student records in a way that removes or minimizes the risk of disclosure of the identity of the individual and information about them. The Provider’s specific steps to de-identify the data will depend on the circumstances, but should be appropriate to protect students. Some potential disclosure limitation methods are blurring, masking, and perturbation. De-identification should ensure that any information when put together cannot indirectly identify the student, not only from the viewpoint of the public, but also from the vantage of those who are familiar with the individual. NIST 800-63-3: Draft National Institute of Standards and Technology (“NIST”) Special Publication 800-63-3 Digital Authentication Guideline. Personally Identifiable Information (PII): The terms “Personally Identifiable Information” or “PII” shall include, but are not limited to, student data, metadata, and user or pupil-generated content obtained by reason of the use of Provider’s software, website, service, or app, including mobile apps, whether gathered by Provider or provided by LEA or its users, students, or students’ parents/guardians. PII includes, without limitation, at least the following: First Name Home Address Last Name Subject Telephone Number Email Address Discipline Records Test Results Special Education Data Juvenile Dependency Records Grades Evaluations Criminal Records Medical Records Health Records Social Security Number Biometric Information Disabilities Socioeconomic Information Food Purchases Political Affiliations Religious Information Text Messages Documents Student Identifiers Search Activity Photos Voice Recordings Videos Date of Birth Grade Classes Place of birth Social Media Address Unique pupil identifier Credit card account number, insurance account number, and financial services account number Name of the student's parents or other family members General Categories:

GENERAL OFFER OF TERMS. Provider may, by signing the attached Form of General Offer of Privacy Terms (General Offer, attached hereto as Exhibit “E”), be bound by the terms of this to any other school district who signs the acceptance in said Exhibit. [Signature Page Follows] Xxxxx X. Xxxxxxx Xxxxx X. Xxxxxxx Xxxxxxxx Xxxxxx Xxxxxxxx Xxxxxx (Jun 8Jan 9, 2020) Jan 9, 2020 12:46 EDT) Xxxxx X. Xxxxxxx Xxxxxxxx Xxxxxx Technology Director of Technology E XHIBIT EXHIBIT “A” DESCRIPTION OF SERVICES Brainingcamp manipulatives 1166732v1 E XHIBIT TCI provides online science and social studies curriculum to enable educators to engage students in a diverse classroom. Our K-12 curriculum and services for educators are based on proven teacher strategies and practices that bring education to life in order to achieve consistent and positive classroom results. TCI’s curriculum has been specially curated to meet state standards, create engagement in lessons and help students better understand the content through hands-on and experiential exercise. Our online subscriptions include lesson guides delivered in a presentation format, assessments, lesson games, and online student text to support learning. Our product lines include: Social Studies Alive! History Alive! Geography Alive! Econ Alive! Government Alive! Bring Science Alive! 1105227v1 EXHIBIT “C” DEFINITIONS De-Identifiable Information (DII): De-Identification refers to the process by which the Vendor removes or obscures any Personally Identifiable Information (“PII”) from student records in a way that removes or minimizes the risk of disclosure of the identity of the individual and information about them. The Provider’s specific steps to de-identify the data will depend on the circumstances, but should be appropriate to protect students. Some potential disclosure limitation methods are blurring, masking, and perturbation. De-identification should ensure that any information when put together cannot indirectly identify the student, not only from the viewpoint of the public, but also from the vantage of those who are familiar with the individual. Information cannot be de-identified if there are fewer than twenty (20) students in the samples of a particular field or category, i.e., twenty students in a particular grade or less than twenty students with a particular disability. NIST 800-63-3: Draft National Institute of Standards and Technology (“NIST”) Special Publication 800-63-3 Digital Authentication Guideline. Personally Identifiable Information (PII): The terms “Personally Identifiable Information” or “PII” shall include, but are not limited to, student data, metadata, and user or pupil-generated content obtained by reason of the use of Provider’s software, website, service, or app, including mobile apps, whether gathered by Provider or provided by LEA or its users, students, or students’ parents/guardians. PII includes, without limitation, at least the following: First Name Home Address Last Name Subject Telephone Number Email Address Discipline Records Test Results Special Education Data Juvenile Dependency Records Grades Evaluations Criminal Records Medical Records Health Records Social Security Number Biometric Information Disabilities Socioeconomic Information Food Purchases Political Affiliations Religious Information Text Messages Documents Student Identifiers Search Activity Photos Voice Recordings Videos Date of Birth Grade Classes Place of birth Social Media Address Unique pupil identifier Credit card account number, insurance account number, and financial services account number Name of the student's parents or other family members General Categories:

GENERAL OFFER OF TERMS. Provider may, by signing the attached Form of General Offer of Privacy Terms (General Offer, attached hereto as Exhibit “E”), be bound by the terms of this to any other school district who signs the acceptance in said Exhibit. [Signature Page Follows] Xxxxx X. Xxxxxxx Xxxxx X. Xxxxxxx Xxxxxx Xxxxxx Xxxxxx Xxxxxx (Jun 8May 25, 2020 12:46 20:28 EDT) Xxxxx X. Xxxxxxx May 25, 2020 Xxxxxx Xxxxxx Director of Technology E XHIBIT EXHIBIT “A” DESCRIPTION OF SERVICES Brainingcamp manipulatives 1166732v1 E XHIBIT Enriching Students School Scheduling Software, a Response to Intervention (RTI) tool for scheduling middle and high school students for regular RTI sessions 1182185v1 EXHIBIT “C” DEFINITIONS De-Identifiable Information (DII): De-Identification refers to the process by which the Vendor removes or obscures any Personally Identifiable Information (“PII”) from student records in a way that removes or minimizes the risk of disclosure of the identity of the individual and information about them. The Provider’s specific steps to de-identify the data will depend on the circumstances, but should be appropriate to protect students. Some potential disclosure limitation methods are blurring, masking, and perturbation. De-identification should ensure that any information when put together cannot indirectly identify the student, not only from the viewpoint of the public, but also from the vantage of those who are familiar with the individual. Information cannot be de-identified if there are fewer than twenty (20) students in the samples of a particular field or category, i.e., twenty students in a particular grade or less than twenty students with a particular disability. NIST 800-63-3: Draft National Institute of Standards and Technology (“NIST”) Special Publication 800-63-3 Digital Authentication Guideline. Personally Identifiable Information (PII): The terms “Personally Identifiable Information” or “PII” shall include, but are not limited to, student data, metadata, and user or pupil-generated content obtained by reason of the use of Provider’s software, website, service, or app, including mobile apps, whether gathered by Provider or provided by LEA or its users, students, or students’ parents/guardians. PII includes, without limitation, at least the following: First Name Home Address Last Name Subject Telephone Number Email Address Discipline Records Test Results Special Education Data Juvenile Dependency Records Grades Evaluations Criminal Records Medical Records Health Records Social Security Number Biometric Information Disabilities Socioeconomic Information Food Purchases Political Affiliations Religious Information Text Messages Documents Student Identifiers Search Activity Photos Voice Recordings Videos Date of Birth Grade Classes Place of birth Social Media Address Unique pupil identifier Credit card account number, insurance account number, and financial services account number Name of the student's parents or other family members General Categories:

GENERAL OFFER OF TERMS. Provider may, by signing the attached Form of General Offer of Privacy Terms (General Offer, attached hereto as Exhibit “E”), be bound by the terms of this to any other school district who signs the acceptance in said Exhibit. [Signature Page Follows] Xxxxx X. Xxxxxxx Xxxxx X. 1135664v1 Xxxx Xxxxxxx (Jun 8Nov 30, 2020 12:46 EDT09:11 EST) Xxxxx X. Xxxx Xxxxxxx Director of Technology E XHIBIT “A” DESCRIPTION OF SERVICES Brainingcamp manipulatives 1166732v1 Math League, a Math competition for elementary, middle, and high school students. 1135664v1 Category of Data Elements Check if used by your system Student course grades/performance scores Other transcript data -Please specify: Transportation Student bus assignment Student pick up and/or drop off location Category of Data Elements Check if used by your system Student bus card ID number Other transportation data - Please specify: Other Please list each additional data element used, stored or collected by your application E XHIBIT “C” DEFINITIONS De-Identifiable Information (DII): De-Identification refers to the process by which the Vendor removes or obscures any Personally Identifiable Information (“PII”) from student records in a way that removes or minimizes the risk of disclosure of the identity of the individual and information about them. The Provider’s specific steps to de-identify the data will depend on the circumstances, but should be appropriate to protect students. Some potential disclosure limitation methods are blurring, masking, and perturbation. De-identification should ensure that any information when put together cannot indirectly identify the student, not only from the viewpoint of the public, but also from the vantage of those who are familiar with the individual. NIST 800-63-3: Draft National Institute of Standards and Technology (“NIST”) Special Publication 800-63-3 Digital Authentication Guideline. Personally Identifiable Information (PII): The terms “Personally Identifiable Information” or “PII” shall include, but are not limited to, student data, metadata, and user or pupil-generated content obtained by reason of the use of Provider’s software, website, service, or app, including mobile apps, whether gathered by Provider or provided by LEA or its users, students, or students’ parents/guardians. PII includes, without limitation, at least the following: First Name Home Address Last Name Subject Telephone Number Email Address Discipline Records Test Results Special Education Data Juvenile Dependency Records Grades Evaluations Criminal Records Medical Records Health Records Social Security Number Biometric Information Disabilities Socioeconomic Information Food Purchases Political Affiliations Religious Information Text Messages Documents Student Identifiers Search Activity Photos Voice Recordings Videos Date of Birth Grade Classes Place of birth Social Media Address Unique pupil identifier Credit card account number, insurance account number, and financial services account number Name of the student's parents or other family members General Categories:

GENERAL OFFER OF TERMS. Provider may, by signing the attached Form of General Offer of Privacy Terms (General Offer, attached hereto as Exhibit “E”), be bound by the terms of this to any other school district who signs the acceptance in said Exhibit. [Signature Page Follows] Xxxxx X. Xxxxxxx Xxxxx X. Xxxxxxx Xxxxxx XxXxxx (Jun 8Feb 25, 2020 12:46 EDT2020) Xxxxx X. Xxxxxxx 2/25/2020 Xxxxxx XxXxxx Director of Technology 02/24/2020 Xxxxxx X. Xxxxx Owner E XHIBIT “A” DESCRIPTION OF SERVICES Brainingcamp manipulatives Photography services. For the avoidance of doubt, this DPA does not apply to, and Student Data does not include (a) information collected from customers who opt to purchase products directly from Provider and/or establish a Provider family account; or (b) Provider photographs sold to such customers. In all cases, Provider is and remains the copyright owner of its photographic images. 1166732v1 X X X X X X Category of Data Elements Check if used by your system Other student work data - Please specify: Transcript Student course grades Student course data Student course grades/performance scores Other transcript data -Please specify: Category of Data Elements Check if used by your system Transportation Student bus assignment Student pick up and/or drop off location Student bus card ID number Other transportation data - Please specify: Other Please list each additional data element used, stored or collected by your application E XHIBIT “C” DEFINITIONS De-Identifiable Information (DII): De-Identification refers to the process by which the Vendor removes or obscures any Personally Identifiable Information (“PII”) from student records in a way that removes or minimizes the risk of disclosure of the identity of the individual and information about them. The Provider’s specific steps to de-identify the data will depend on the circumstances, but should be appropriate to protect students. Some potential disclosure limitation methods are blurring, masking, and perturbation. De-identification should ensure that any information when put together cannot indirectly identify the student, not only from the viewpoint of the public, but also from the vantage of those who are familiar with the individual. NIST 800-63-3: Draft National Institute of Standards and Technology (“NIST”) Special Publication 800-63-3 Digital Authentication Guideline. Personally Identifiable Information (PII): The terms “Personally Identifiable Information” or “PII” shall include, but are not limited to, student data, metadata, and user or pupil-generated content obtained by reason of the use of Provider’s software, website, service, or app, including mobile apps, whether gathered by Provider or provided by LEA or its users, students, or students’ parents/guardians. PII includes, without limitation, at least the following: First Name Home Address Last Name Subject Telephone Number Email Address Discipline Records Test Results Special Education Data Juvenile Dependency Records Grades Evaluations Criminal Records Medical Records Health Records Social Security Number Biometric Information Disabilities Socioeconomic Information Food Purchases Political Affiliations Religious Information Text Messages Documents Student Identifiers Search Activity Photos Voice Recordings Videos Date of Birth Grade Classes Place of birth Social Media Address Unique pupil identifier Credit card account number, insurance account number, and financial services account number Name of the student's parents or other family members General Categories:

GENERAL OFFER OF TERMS. Provider may, by signing the attached Form of General Offer of Privacy Terms (General Offer, attached hereto as Exhibit “E”), be bound by the terms of this to any other school district who signs the acceptance in said Exhibit. [Signature Page Follows] Xxxxx X. Xxxxxxx Xxxxx X. Xxxxxxxx Xxxxxxx Xxxxxxxx (Jun 8Nov 21, 2020 12:46 EDT2019) Xxxxx X. 11/21/19 Xxxxxxx Director of Technology Xxxxxxxx Assistant Superintendent for Teaching & Learning E XHIBIT “A” DESCRIPTION OF SERVICES Brainingcamp manipulatives 1166732v1 LifeSmarts, a web-based consumer education program. 1081011v1 E XHIBIT “C” DEFINITIONS De-Identifiable Information (DII): De-Identification refers to the process by which the Vendor removes or obscures any Personally Identifiable Information (“PII”) from student records in a way that removes or minimizes the risk of disclosure of the identity of the individual and information about them. The Provider’s specific steps to de-identify the data will depend on the circumstances, but should be appropriate to protect students. Some potential disclosure limitation methods are blurring, masking, and perturbation. De-identification should ensure that any information when put together cannot indirectly identify the student, not only from the viewpoint of the public, but also from the vantage of those who are familiar with the individual. Information cannot be de-identified if there are fewer than twenty (20) students in the samples of a particular field or category, i.e., twenty students in a particular grade or less than twenty students with a particular disability. NIST 800-63-3: Draft National Institute of Standards and Technology (“NIST”) Special Publication 800-63-3 Digital Authentication Guideline. Personally Identifiable Information (PII): The terms “Personally Identifiable Information” or “PII” shall include, but are not limited to, student data, metadata, and user or pupil-generated content obtained by reason of the use of Provider’s software, website, service, or app, including mobile apps, whether gathered by Provider or provided by LEA or its users, students, or students’ parents/guardians. PII includes, without limitation, at least the following: First Name Home Address Last Name Subject Telephone Number Email Address Discipline Records Test Results Special Education Data Juvenile Dependency Records Grades Evaluations Criminal Records Medical Records Health Records Social Security Number Biometric Information Disabilities Socioeconomic Information Food Purchases Political Affiliations Religious Information Text Messages Documents Student Identifiers Search Activity Photos Voice Recordings Videos Date of Birth Grade Classes Place of birth Social Media Address Unique pupil identifier Credit card account number, insurance account number, and financial services account number Name of the student's parents or other family members General Categories:

GENERAL OFFER OF TERMS. Provider may, by signing the attached Form of General Offer of Privacy Terms (General Offer, attached hereto as Exhibit “E”), be bound by the terms of this to any other school district who signs the acceptance in said Exhibit. [Signature Page Follows] Xxxxx X. Xxxxxxx Xxxxxx Xxxxx X. Xxxxxxx Xxxxxx (Jun 8Dec 2, 2020 12:46 EDT2019) Xxxxx X. Xxxxxxx Xxxxxx 12/2/19 Director of Technology Digital Learning E XHIBIT “A” DESCRIPTION OF SERVICES Brainingcamp manipulatives 1166732v1 RedCritter, classroom software that manages badges, skills and virtual currency so teachers can recognize and reward students' achievements. 1081011v1 Category of Data Elements Check if used by your system Transportation Student bus assignment Student pick up and/or drop off location Student bus card ID number Category of Data Elements Check if used by your system Other transportation data - Please specify: Other Please list each additional data element used, stored or collected by your application E XHIBIT “C” DEFINITIONS De-Identifiable Information (DII): De-Identification refers to the process by which the Vendor removes or obscures any Personally Identifiable Information (“PII”) from student records in a way that removes or minimizes the risk of disclosure of the identity of the individual and information about them. The Provider’s specific steps to de-identify the data will depend on the circumstances, but should be appropriate to protect students. Some potential disclosure limitation methods are blurring, masking, and perturbation. De-De- identification should ensure that any information when put together cannot indirectly identify the student, not only from the viewpoint of the public, but also from the vantage of those who are familiar with the individual. Information cannot be de-identified if there are fewer than twenty (20) students in the samples of a particular field or category, i.e., twenty students in a particular grade or less than twenty students with a particular disability. NIST 800-63-3: Draft National Institute of Standards and Technology (“NIST”) Special Publication 800-63-3 Digital Authentication Guideline. Personally Identifiable Information (PII): The terms “Personally Identifiable Information” or “PII” shall include, but are not limited to, student data, metadata, and user or pupil-generated content obtained by reason of the use of Provider’s software, website, service, or app, including mobile apps, whether gathered by Provider or provided by LEA or its users, students, or students’ parents/guardians. PII includes, without limitation, at least the following: First Name Home Address Last Name Subject Telephone Number Email Address Discipline Records Test Results Special Education Data Juvenile Dependency Records Grades Evaluations Criminal Records Medical Records Health Records Social Security Number Biometric Information Disabilities Socioeconomic Information Food Purchases Political Affiliations Religious Information Text Messages Documents Student Identifiers Search Activity Photos Voice Recordings Videos Date of Birth Grade Classes Place of birth Social Media Address Unique pupil identifier Credit card account number, insurance account number, and financial services account number Name of the student's parents or other family members General Categories:

GENERAL OFFER OF TERMS. Provider may, by signing the attached Form of General Offer of Privacy Terms (General Offer, attached hereto as Exhibit “E”), be bound by the terms of this to any other school district who signs the acceptance in said Exhibit. [Signature Page Follows] Xxxxx X. Xxxxxxx Xxxxx X. Xxxxxxx (Jun 8, 2020 12:46 EDT) Xxxxx X. Xxxxxxx Director of Technology E XHIBIT “A” DESCRIPTION OF SERVICES Brainingcamp manipulatives 1166732v1 xxxxx://xxx.xxxxxx.xxx/ Online student assessment application 1081011v1 E XHIBIT “C” DEFINITIONS De-Identifiable Information (DII): De-Identification refers to the process by which the Vendor removes or obscures any Personally Identifiable Information (“PII”) from student records in a way that removes or minimizes the risk of disclosure of the identity of the individual and information about them. The Provider’s specific steps to de-identify the data will depend on the circumstances, but should be appropriate to protect students. Some potential disclosure limitation methods are blurring, masking, and perturbation. De-identification should ensure that any information when put together cannot indirectly identify the student, not only from the viewpoint of the public, but also from the vantage of those who are familiar with the individual. Information cannot be de-identified if there are fewer than twenty (20) students in the samples of a particular field or category, i.e., twenty students in a particular grade or less than twenty students with a particular disability. NIST 800-63-3: Draft National Institute of Standards and Technology (“NIST”) Special Publication 800-63-3 Digital Authentication Guideline. Personally Identifiable Information (PII): The terms “Personally Identifiable Information” or “PII” shall include, but are not limited to, student data, metadata, and user or pupil-generated content obtained by reason of the use of Provider’s software, website, service, or app, including mobile apps, whether gathered by Provider or provided by LEA or its users, students, or students’ parents/guardians. PII includes, without limitation, at least the following: First Name Home Address Last Name Subject Telephone Number Email Address Discipline Records Test Results Special Education Data Juvenile Dependency Records Grades Evaluations Criminal Records Medical Records Health Records Social Security Number Biometric Information Disabilities Socioeconomic Information Food Purchases Political Affiliations Religious Information Text Messages Documents Student Identifiers Search Activity Photos Voice Recordings Videos Date of Birth Grade Classes Place of birth Social Media Address Unique pupil identifier Credit card account number, insurance account number, and financial services account number Name of the student's parents or other family members General Categories:

GENERAL OFFER OF TERMS. Provider may, by signing the attached Form of General Offer of Privacy Terms (General Offer, attached hereto as Exhibit “E”), be bound by the terms of this to any other school district who signs the acceptance in said Exhibit. [Signature Page Follows] Xxxxx X. Xxxxxxx Xxxxx X. Xxxxxxxx Xxxxxxx Xxxxxxxx (Jun 8Feb 13, 2020 12:46 EDT2020) Xxxxx X. 2/13/2020 Xxxxxxx Director of Technology Xxxxxxxx Assistant Superintendent for Teaching & Learning E XHIBIT “A” DESCRIPTION OF SERVICES Brainingcamp manipulatives 1166732v1 DeltaMath Plus 1081011v1 E XHIBIT “C” DEFINITIONS De-Identifiable Information (DII): De-Identification refers to the process by which the Vendor removes or obscures any Personally Identifiable Information (“PII”) from student records in a way that removes or minimizes the risk of disclosure of the identity of the individual and information about them. The Provider’s specific steps to de-identify the data will depend on the circumstances, but should be appropriate to protect students. Some potential disclosure limitation methods are blurring, masking, and perturbation. De-identification should ensure that any information when put together cannot indirectly identify the student, not only from the viewpoint of the public, but also from the vantage of those who are familiar with the individual. Information cannot be de-identified if there are fewer than twenty (20) students in the samples of a particular field or category, i.e., twenty students in a particular grade or less than twenty students with a particular disability. NIST 800-63-3: Draft National Institute of Standards and Technology (“NIST”) Special Publication 800-63-3 Digital Authentication Guideline. Personally Identifiable Information (PII): The terms “Personally Identifiable Information” or “PII” shall include, but are not limited to, student data, metadata, and user or pupil-generated content obtained by reason of the use of Provider’s software, website, service, or app, including mobile apps, whether gathered by Provider or provided by LEA or its users, students, or students’ parents/guardians. PII includes, without limitation, at least the following: First Name Home Address Last Name Subject Telephone Number Email Address Discipline Records Test Results Special Education Data Juvenile Dependency Records Grades Evaluations Criminal Records Medical Records Health Records Social Security Number Biometric Information Disabilities Socioeconomic Information Food Purchases Political Affiliations Religious Information Text Messages Documents Student Identifiers Search Activity Photos Voice Recordings Videos Date of Birth Grade Classes Place of birth Social Media Address Unique pupil identifier Credit card account number, insurance account number, and financial services account number Name of the student's parents or other family members General Categories:

GENERAL OFFER OF TERMS. Provider may, by signing the attached Form of General Offer of Privacy Terms (General Offer, attached hereto as Exhibit “E”), be bound by the terms of this to any other school district who signs the acceptance in said Exhibit. [Signature Page Follows] Xxxxx X. Xxxxxxx Xxx Xxxxx X. Xxxxxxx Xxx (Jun 8Mar 2, 2020 12:46 EDT2020) 03/02/2020 Xxxxx X. Xxxxxxx Xxx Director of Technology E XHIBIT EXHIBIT “A” DESCRIPTION OF SERVICES Brainingcamp manipulatives 1166732v1 [INSERT DETAILED DESCRIPTION OF PRODUCTS AND SERVICES HERE. IF MORE THAN ONE PRODUCT OR SERVICE IS INCLUDED, LIST EACH PRODUCT HERE] DeltaMath allows teachers to create assignments by selecting from a variety of problem types. The students need to register accounts using the teacher’s code in order to see the assignments. The students then work on the problems, which are automatically graded and given students detailed solutions for problems they got wrong. The students keep working until they develop mastery. The teacher will be able to see which students completed the assignments, including how many problem attempts were required to reach mastery. E XHIBIT “C” DEFINITIONS De-Identifiable Information (DII): De-Identification refers to the process by which the Vendor removes or obscures any Personally Identifiable Information (“PII”) from student records in a way that removes or minimizes the risk of disclosure of the identity of the individual and information about them. The Provider’s specific steps to de-identify the data will depend on the circumstances, but should be appropriate to protect students. Some potential disclosure limitation methods are blurring, masking, and perturbation. De-identification should ensure that any information when put together cannot indirectly identify the student, not only from the viewpoint of the public, but also from the vantage of those who are familiar with the individual. NIST 800-63-3: Draft National Institute of Standards and Technology (“NIST”) Special Publication 800-63-3 Digital Authentication Guideline. Personally Identifiable Information (PII): The terms “Personally Identifiable Information” or “PII” shall include, but are not limited to, student data, metadata, and user or pupil-generated content obtained by reason of the use of Provider’s software, website, service, or app, including mobile apps, whether gathered by Provider or provided by LEA or its users, students, or students’ parents/guardians. PII includes, without limitation, at least the following: First Name Home Address Last Name Subject Telephone Number Email Address Discipline Records Test Results Special Education Data Juvenile Dependency Records Grades Evaluations Criminal Records Medical Records Health Records Social Security Number Biometric Information Disabilities Socioeconomic Information Food Purchases Political Affiliations Religious Information Text Messages Documents Student Identifiers Search Activity Photos Voice Recordings Videos Date of Birth Grade Classes Place of birth Social Media Address Unique pupil identifier Credit card account number, insurance account number, and financial services account number Name of the student's parents or other family members General Categories:

GENERAL OFFER OF TERMS. Provider may, by signing the attached Form of General Offer of Privacy Terms (General Offer, attached hereto as Exhibit “E”), be bound by the terms of this to any other school district who signs the acceptance in said Exhibit. [Signature Page Follows] Xxxxx X. Xxxxxxx Xxxxxx Xxxxx X. Xxxxxxx Xxxxxx (Jun 8Jan 29, 2020 12:46 EDT2020) 01/29/20 Xxxxx X. Xxxxxxx Xxxxxx Director of Technology Digital Learning E XHIBIT “A” DESCRIPTION OF SERVICES Brainingcamp manipulatives 1166732v1 Financial Literacy 101, online financial education. 1081011v1 E XHIBIT “C” DEFINITIONS De-Identifiable Information (DII): De-Identification refers to the process by which the Vendor removes or obscures any Personally Identifiable Information (“PII”) from student records in a way that removes or minimizes the risk of disclosure of the identity of the individual and information about them. The Provider’s specific steps to de-identify the data will depend on the circumstances, but should be appropriate to protect students. Some potential disclosure limitation methods are blurring, masking, and perturbation. De-De- identification should ensure that any information when put together cannot indirectly identify the student, not only from the viewpoint of the public, but also from the vantage of those who are familiar with the individual. Information cannot be de-identified if there are fewer than twenty (20) students in the samples of a particular field or category, i.e., twenty students in a particular grade or less than twenty students with a particular disability. NIST 800-63-3: Draft National Institute of Standards and Technology (“NIST”) Special Publication 800-63-3 Digital Authentication Guideline. Personally Identifiable Information (PII): The terms “Personally Identifiable Information” or “PII” shall include, but are not limited to, student data, metadata, and user or pupil-generated content obtained by reason of the use of Provider’s software, website, service, or app, including mobile apps, whether gathered by Provider or provided by LEA or its users, students, or students’ parents/guardians. PII includes, without limitation, at least the following: First Name Home Address Last Name Subject Telephone Number Email Address Discipline Records Test Results Special Education Data Juvenile Dependency Records Grades Evaluations Criminal Records Medical Records Health Records Social Security Number Biometric Information Disabilities Socioeconomic Information Food Purchases Political Affiliations Religious Information Text Messages Documents Student Identifiers Search Activity Photos Voice Recordings Videos Date of Birth Grade Classes Place of birth Social Media Address Unique pupil identifier Credit card account number, insurance account number, and financial services account number Name of the student's parents or other family members General Categories: