AccelEye Data Privacy and Security Compliance

 

We take data privacy and security seriously

 

AccelEye’s Artificial Intelligence (AI) Ethics & Principles

AccelEye recognizes the transformative potential of artificial intelligence in technology and business. We are committed to the responsible and ethical use of AI, ensuring that our solutions maximize benefits while serving our customers’ best interests. Our AI ethics framework aligns with our core values and professional standards, building trust with our clients, communities, and regulatory authorities.

We uphold our commitment to act in the public interest, respect public trust, and demonstrate professional excellence in all AI implementations.

Children’s Online Privacy Protection Act (COPPA)

Effective Date of Current Compliance: June 23, 2025 (2025 Amendments)

The Children’s Online Privacy Protection Act (COPPA) applies to the online collection of personal information from children under 13 years of age by persons or entities under U.S. jurisdiction. COPPA requires verifiable parental consent for the collection, use, or disclosure of personal information from children.

AccelEye’s COPPA Compliance

AccelEye complies with COPPA and the 2025 amendments to ensure the online safety of children. Student accounts are provided exclusively through verified educators, schools, or educational organizations. Educators agree to obtain appropriate parental permission before issuing accounts to students.

Contact AccelEye for a Complete COPPA Notice

Our COPPA Commitments

Data Collection:

  • We will NOT collect online or offline contact information without consent from a parent, qualified educator, or educational institution
  • We will NOT collect personally identifiable information without proper authorization
  • We expand “personal information” to include biometric identifiers (fingerprints, voiceprints, facial recognition data) as required by the 2025 amendments

Data Use and Disclosure:

  • We will NOT distribute personally identifiable information to third parties without prior parental consent
  • We will NOT use or disclose student information for behavioral targeting of advertisements
  • We will NOT build personal profiles of students except for authorized educational or school purposes
  • We require separate opt-in parental consent before sharing children’s data for targeted advertising

Data Protection (2025 Requirements):

  • We maintain a comprehensive written Information Security Program with administrative, technical, and physical safeguards protecting children’s data
  • We retain children’s personal information only for the minimum time necessary to fulfill collection purposes
  • We implement secure data disposal procedures when retention is no longer required

Incentives:

  • We will NOT entice children to divulge more information than necessary by offering special games, prizes, or activities

Family Educational Rights and Privacy Act (FERPA)

The Family Educational Rights and Privacy Act (FERPA) is a federal law protecting the privacy of student education records. FERPA applies to all schools receiving funds under applicable U.S. Department of Education programs.

AccelEye’s FERPA Compliance

Although FERPA applies to schools rather than vendors, AccelEye may be designated as a “School Official” under FERPA. In this capacity, we comply fully with FERPA requirements and protect the privacy of student information entrusted to us by school districts.

Key Commitments:

  • School districts maintain control of all student data; we operate under their direction
  • We support parents’ and eligible students’ rights to access, inspect, review, and rectify student records
  • We respond to verified written requests from school districts within required timeframes
  • We implement appropriate security measures to protect education records

Important Note: AccelEye has no direct contact with students or parents. All interactions occur through authorized school officials.

New York Education Law 2-D

New York Education Law § 2-d, effective April 2014, protects the privacy and security of personally identifiable information (PII) of students, classroom teachers, and principals.

AccelEye’s NY Education Law 2-D Compliance

AccelEye complies with NY Education Law 2-D and the Parents’ Bill of Rights for Data Privacy and Security.

Required Protections:

  • Student PII cannot be sold or released for commercial purposes
  • Parents have the right to inspect and review their child’s complete education records
  • We implement industry-standard safeguards including encryption, firewalls, and password protection when storing or transferring student PII
  • We provide timely breach notification in accordance with applicable laws and regulations
  • We address parental complaints about possible data breaches
  • Our staff handling PII receive training on federal and state laws, policies, and industry best practices
  • Our contracts with educational agencies address all statutory and regulatory data privacy and security requirements

Student Data Privacy Consortium (SDPC) and National Data Privacy Agreement (NDPA)

The SDPC’s National Data Privacy Agreement (NDPA) streamlines contracting between schools/districts and marketplace providers while establishing common data privacy expectations.

AccelEye’s SDPC/NDPA Participation

  • AccelEye works with school districts in all participating states to execute Data Processing Privacy Agreements
  • School districts interested in signing the SDPC/NDPA with AccelEye should contact: privacy@acceleye.com
  • The SDPC represents a unique collaboration among schools, districts, regional agencies, territories, state agencies, policymakers, trade organizations, and marketplace providers addressing real-world, implementable solutions to data privacy concerns

California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA)

Effective Date: January 1, 2023 (CPRA)
Latest Amendments: 2025

The California Privacy Rights Act (CPRA) amends and significantly expands the California Consumer Privacy Act (CCPA). CPRA protects personal data of California employees (B2E), business-to-business (B2B) contacts, and California residents.

Who CPRA Protects

Any individual who is:

  • A California resident employee
  • A service provider, vendor, contractor, consultant, applicant, freelancer, or remote worker reasonably identifiable as a California resident

California Employee & B2B Data Rights

Right to Know: Employees, contractors, and service providers have the right to know what personal data is collected and managed, including access to “specific pieces of personal information”

Right to Access: Individuals may submit Data Subject Access Requests (DSARs) for their information, subject to limited exceptions

Right to Limit Use and Disclosure: Individuals may request businesses limit or stop using and disclosing sensitive personal information

Right to Correct: Individuals may request correction of inaccurate information

Right to Opt-Out: Individuals may opt out of having personal information sold or shared

Right to Non-Retaliation: Individuals cannot be retaliated against for exercising any data rights

AccelEye’s CCPA & CPRA Compliance Program

Data Subject Access Requests:
Data subjects may exercise their rights by contacting our Privacy Team: privacy@acceleye.com

Data Mapping:
We maintain comprehensive mapping, inventory, and classification of all personal data

Data Minimization:
We process only data that is adequate, relevant, and limited to what is necessary for specified purposes

Data Retention Policies:
We implement data retention policies across all products and processes, retaining data only as long as reasonably necessary to fulfill processing activities

Privacy Impact Assessments:
We conduct risk assessments of all products and processes to ensure privacy and security by design

AI-Specific Protections (AB 1008):
We comply with expanded CCPA requirements for generative AI systems, ensuring AI systems adhere to the same privacy protections governing other data storage, processing, and use

Neural Data Protection (SB 1223):
We protect “neural data” (information generated by measuring central or peripheral nervous system activity) as sensitive personal information

Transaction Compliance (AB 1824):
We maintain consumer opt-out preferences through mergers, acquisitions, bankruptcy, or other transactions

New Mexico Student Data Privacy Compliance

AccelEye is committed to protecting the privacy and security of student data in compliance with all applicable New Mexico requirements. While New Mexico does not currently have a standalone student data privacy statute, AccelEye adheres to the federal Family Educational Rights and Privacy Act (FERPA), the Children’s Online Privacy Protection Act (COPPA), and the data governance standards established under NMSA § 22-1-11 by the New Mexico Public Education Department (NMPED). AccelEye actively participates in the Student Data Privacy Consortium (SDPC) and works with New Mexico school districts to execute National Data Privacy Agreements (NDPAs) that establish clear expectations for data collection, use, security, and deletion. Student data processed by AccelEye is used solely for authorized school safety purposes, is never sold or used for commercial advertising, and is protected by industry-standard encryption, access controls, and breach notification procedures. School districts maintain full ownership and control of all student data, and AccelEye retains information only for the minimum time necessary to fulfill its school safety mission.

Document Version: 2.0
Last Updated: February 18, 2026
Next Review Date: August 17, 2026

This document is maintained by (Accelx Inc.) AccelEye’s Legal and Privacy Team and is reviewed quarterly for compliance with evolving regulations.