TruancyTracker

Security & Trust

TruancyTracker handles student attendance records, so security and privacy are built into the product, not bolted on. Here is how we protect your district's data.

Our role with your data

Your district owns its data. We act as a service provider / school official under FERPA: we process student data only to provide the attendance-intervention service you direct, and we never sell it, use it for advertising, or repurpose it. This aligns with FERPA and state student-privacy laws (e.g. California's SOPIPA).

Data isolation

Encryption

Access & accountability

Subprocessors

We use a small set of vetted US-based infrastructure providers (cloud hosting, database, and email delivery). Payment processing, when used, is handled by a PCI-compliant provider that never receives student data - only billing contacts. A current subprocessor list and signed data-processing terms are available to customers.

Data ownership, export & deletion

Your data is yours. On request or at the end of a contract, we provide a full export of your data and permanently delete it from our systems.

Compliance approach

We sign district Data Privacy Agreements (including the SDPC "National DPA" and state exhibits), keep data in US regions, and maintain written security, retention, and breach-response practices. Detailed security documentation is available to districts on request.

Contact

Security questions or to request our security overview / DPA: [email protected].

This page summarizes our security practices for prospective districts. It is informational and not a contract; the governing terms are the signed agreement and DPA.