Privacy Policy

Effective Date: April 1, 2025

SOAR K12, LLC ("SOAR K12," "we," "us," or "our") provides a student-engagement and missing-assignment tracking platform to K-12 school districts ("Districts"). This Privacy Policy describes how we collect, use, disclose, and protect information when you access our web application (the "Service").

1. Who We Are and Our Role

SOAR K12 is a service provider to Districts. When a District subscribes to the Service, the District acts as the data controller for student and staff data ("Educational Records"). SOAR K12 acts as a data processor on the District's behalf and processes Educational Records only as directed by the District and as described in our Data Processing Agreement.

2. Information We Collect

a. Information provided by Districts
  • Student names, district-assigned identifiers, grade level, and school enrollment
  • Course and assignment data (course titles, periods, assignment names, and completion status)
  • Teacher and staff names, email addresses, and course assignments
  • Parent or guardian contact information (name and phone number) where provided by the District
b. Information collected automatically
  • Log data: IP address, browser type, pages visited, and timestamps
  • Session and authentication tokens
  • Cookies required for login state and security (no advertising or cross-site tracking cookies)
c. Information you provide directly
  • Account credentials (username and password or SSO token)
  • Contact-form messages submitted to SOAR K12 support

3. How We Use Information

We use the information we collect to:

  • Provide, operate, and improve the Service
  • Authenticate users and maintain session security
  • Display missing-assignment data to authorized teachers, staff, and administrators
  • Send automated notifications to parents or guardians as configured by the District
  • Generate aggregate, de-identified analytics for District administrators
  • Respond to support requests
  • Comply with legal obligations

We do not sell, rent, or share student data with third parties for advertising, marketing, or any commercial purpose unrelated to the educational services provided to the District.

4. Legal Basis for Processing

We process Educational Records under contract with and at the direction of Districts, which obtain any necessary consents and operate under applicable federal and state education privacy laws, including FERPA (20 U.S.C. § 1232g) and applicable state student-data privacy statutes. All processing is conducted solely for legitimate educational purposes authorized by the District.

5. Data Sharing and Disclosure

We may share information only in the following circumstances:

  • District personnel: Authorized teachers, counselors, and administrators within the subscribing District access data scoped to their school and courses.
  • Sub-processors: We use a limited set of vetted third-party infrastructure providers (cloud hosting, database, and file storage) under data processing agreements that restrict their use of data to service delivery only.
  • Legal requirements: We may disclose information if required by law, court order, or governmental authority, and will notify the District promptly to the extent permitted by law.
  • Business transfers: In the event of a merger, acquisition, or sale, student data will remain subject to this Policy and any existing Data Processing Agreement, and Districts will be notified in advance.

6. Data Retention

We retain District data for the duration of the District's active subscription plus 90 days after termination, during which the District may request an export. After that period, data is securely deleted. Districts may request deletion at any time by contacting us.

7. Security

We implement administrative, technical, and physical safeguards designed to protect the information we process, including encrypted data in transit (TLS 1.2+), encrypted storage, role-based access controls, and regular security reviews. No security measure is perfect; we will notify affected Districts promptly in the event of a confirmed data breach affecting their data.

8. Children's Privacy (COPPA)

The Service is operated on behalf of Districts, which are responsible for obtaining any parental consent required under the Children's Online Privacy Protection Act (COPPA) and similar laws. SOAR K12 does not knowingly collect personal information directly from children under 13 outside of the District-controlled environment.

9. Rights and Requests

Because Educational Records are controlled by the District, requests to access, correct, or delete a student's records should be directed to the student's District. Staff members with questions about their account information may contact us directly at the address below. Where applicable law grants you additional privacy rights (e.g., CCPA/CPRA), we will honor those rights subject to our obligations to the District.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will post the revised policy on this page with an updated effective date and notify subscribing Districts via email at least 30 days before material changes take effect.

11. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact:

SOAR K12, LLC
Privacy Inquiries
Contact Form