Skip to content
Request A Demo

Derivita Privacy Policy

Last Updated: July 11, 2025

Key Takeaways

  • We're committed to protecting the privacy of all our users, especially students.
  • We comply with COPPA, FERPA, PPRA, and other relevant laws.
  • We collect and use student data for educational purposes only.
  • We don't share student data with third parties for marketing or advertising.
  • We take strong measures to protect student data.
  • Parents and schools have rights to access and correct student data.

1. Introduction

Derivita, Inc. (“Derivita’) is committed to protecting the privacy of its users, including the privacy of student data. This Privacy Policy describes how Derivita collects, uses, and shares personal information for two types of users: 1. Users of our public websites, 2. Users of our Derivita Platform and related services (“Platform Services”). In some cases, where an educational institution has integrated our Platform Services, they may require their students to purchase access to course materials directly from Derivita; this method of purchasing access does not change how this policy applies..

Derivita provides Platform Services to schools and educational institutions. In doing so, we may collect and process student data. We understand the importance of protecting student privacy and comply with the Children's Online Privacy Protection Act (COPPA), the Family Educational Rights and Privacy Act (FERPA), the Protection of Pupil Rights Amendment (PPRA), and other applicable laws.

2. Information We Collect

a) Public Website Visitors:

When you visit our public website, we may collect information about your visit, such as your IP address, browser type, operating system, and the pages you viewed. We may use cookies and similar technologies to collect this information. This information is used to improve our website and marketing efforts.

b) Customer and Student Data of Platform Services users:

When students, schools or educational institutions use our Platform Services, we may collect and process student data. The types of student data we may collect include:

  • Directory Information: This may include student names, which are typically considered directory information under FERPA.
  • Demographic Information: We process the demographic data that schools choose to provide, which may include information used for grouping and filtering reports.
  • Enrollment information: Courses, teacher names, school name.
  • Academic performance data: This includes data on homework, quizzes, and exams delivered using the Platform Services.
  • Usage data: How students use our products and services.
  • Student email addresses: We may use student email addresses (if provided by the school) for identification, data correlation, and facilitating communication between students and teachers.
  • Payment Data: In some cases, students purchase a subscription to the Platform Services directly from us. In that case, we use Stripe, a third-party payment processor, to process payments. When a user makes a payment, we share transaction information and necessary billing details with Stripe to complete the transaction. Derivita may retain records of transactions but does not store full credit card numbers. Stripe's security and privacy practices can be found here: https://stripe.com/privacy. We take steps to comply with applicable PCI DSS requirements to protect payment information.

We collect student data solely for legitimate educational purposes, such as improving our products and services, providing personalized learning experiences, and supporting student academic progress.

c) Product Usage Data:

When you visit our public websites or use our Platform Services, we may collect information about your usage, such as the features you use, the actions you take, and the content you create. This information is used to improve our products and services.

3. How We Use Your Information

a) Public Website Visitors:

We may use the information we collect from public website visitors to:

  • Improve our website and marketing efforts.
  • Respond to your inquiries.
  • Provide you with information about our products and services.

 b) Customer and Student Data of Platform Services users:

We use customer and student data to:

  • Provide and improve our Platform Services.
  • Personalize learning experiences.
  • Support student academic progress.
  • Provide reports and analysis to educators.
  • Conduct research and development.
  • Comply with legal obligations.

c) Product Usage Data:

We use product usage data to:

  • Improve our products and services.
  • Develop new features.
  • Troubleshoot issues.

4. How We Share Your Information

a) Public Website Visitors:

We may share information about public website visitors with third-party service providers who assist us with our marketing efforts.

b) Customer and Student Data of Platform Services users:

We may share customer and student data with:

  • Schools and Educational Institutions: We share student data with the schools and educational institutions that use our Platform Services.
  • Subprocessors: We may use subprocessors (sometimes referred to as subcontractors) to provide certain services, such as data hosting, storage, and processing. We take steps to ensure that any subprocessors maintain the same level of privacy and security standards as Derivita. Our primary subprocessor for hosting, storage, and processing customer data is Google Cloud Platform, a leading provider of cloud computing services with robust security and privacy practices. You can learn more about Google Cloud's privacy policy here: https://cloud.google.com/terms/cloud-privacy-notice.
  • Other Third Parties: We may share customer and student data with other third parties when required by law or legal process.

We will not share student data with any third parties for marketing or advertising purposes.

 5. Data De-identification

Derivita may use de-identified data for product development, research, and other purposes. De-identification involves removing all direct and indirect personal identifiers, including but not limited to, name, ID numbers, date of birth, demographic information, location information, and school ID. Derivita will not attempt to re-identify de-identified data and will not transfer such data to any party unless that party agrees not to attempt re-identification.

6. Data Security

Derivita stores and processes data in accordance with industry best practices. This includes appropriate administrative, physical, and technical safeguards to secure data from unauthorized access, disclosure, and use. We maintain a written incident response plan, which includes prompt notification of the affected school district(s) in the event of a security or privacy incident.

7. Data Retention and Deletion

Derivita will retain customer and student data of the Platform Services for as long as necessary to provide the services and as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements. Upon valid request by a school or educational institution, or a student who purchased the Platform Services directly from us, Derivita will delete student data when it is no longer needed for the purposes for which it was collected.

8. Your Rights

a) Public Website Visitors:

You may opt out of receiving marketing communications from us by following the unsubscribe instructions provided in the emails you receive from us.

b) Educational Institutions and Parents of Platform Services users:

Educational institutions using our Platform Services have the right to access, review, and correct inaccuracies in student data. Parents or guardians should direct any requests regarding student data to the applicable educational institution, as Derivita works with and validates requests through the institution. Individual students who directly purchase access to course materials through Derivita also have the right to access, review, and correct their own data.

9. Data Protection Agreements (DPAs)

Derivita typically enters into Data Protection Agreements (DPAs) with educational institutions that purchase the Platform Services. Such DPA will provide further details about the specific types of student data collected and processed, as well as how that data is handled, and the DPA may supersede some of the terms of this Privacy Policy.

10. Cookies and Similar Technologies

Derivita may use cookies and similar technologies to collect information about how you use our public websites and/or Platform Services, for authentication purposes, and to improve our products and services.

11. Data Location and International Users

a) Data Location:

All data collected by Derivita is processed and stored in the United States.

b) EU Marketing:

Derivita does not currently market its services to individuals or organizations in the European Union.

12. Contact Us

If you have any questions about this Privacy Policy, please contact us at:

Email: privacy@derivita.com

Mail:

Derivita

50 W Broadway Suite 333

Salt Lake City, Utah 84101-2027


13. Changes to this Privacy Policy

Derivita may update this Privacy Policy from time to time. If we make any material changes, we will notify you by email or by posting a notice on our website.

Revision History

Date of Revision: July 11, 2025

Summary of Changes:

Revised Privacy Policy to enhance clarity and transparency. No changes to actual privacy practices. Clarifications include:

  • Detailed explanations of student data handling
  • Emphasis on COPPA, FERPA, and PPRA compliance
  • Information on data security and incident response
  • Clearer explanation of parental and school rights