EduNest is designed from the ground up to meet the federal and state requirements that K-12 technology procurement teams need to see before approving a vendor.
Last updated: March 2026 — Prepared for CCSD SAFE List Review
The Family Educational Rights and Privacy Act (20 U.S.C. § 1232g; 34 CFR Part 99) protects the privacy of student education records. EduNest is fully committed to FERPA compliance in every aspect of our platform design and operations.
EduNest operates under the school official exception to FERPA (34 CFR § 99.31(a)(1)). When a district executes a Data Processing Agreement (DPA) with EduNest, we act as a school official with legitimate educational interest in the data we process on the district's behalf.
🔑 Key principle: EduNest never accesses or uses student education records for any purpose other than the educational services specified in the district's DPA. We do not sell, share, or use student data for advertising or commercial profiling.
In the current pre-contract phase, EduNest does not collect or store any student PII. The platform collects only administrator contact information (name, email, school) for demo scheduling purposes — this is not an education record under FERPA.
The Children's Online Privacy Protection Act (15 U.S.C. §§ 6501-6506) requires verifiable parental consent before collecting personal information from children under 13. EduNest's platform architecture is designed with COPPA compliance as a foundational requirement.
EduNest is a parent-facing and school-administrator-facing platform. The system is designed so that:
In district deployments, any student data processed by EduNest is done through the school official exception (FERPA), which satisfies COPPA's operator exception for schools acting as intermediaries with parental consent obtained at enrollment.
✅ COPPA compliant by design: EduNest does not operate a child-directed website or service. The platform is directed to schools and parents, not to children.
The Children's Internet Protection Act (Pub. L. No. 106-554) addresses concerns about access to offensive content over the Internet on school and library computers. EduNest supports district CIPA compliance through our platform design and content policies.
EduNest is purpose-built for K-12 education. All platform content and features are educational in nature:
🛡️ No inappropriate content risk: EduNest's closed-network architecture means students are never exposed to user-generated content from outside the school community.
Nevada NRS Chapter 388 and related statutes (including NRS 388.134 and the Nevada Student Data Privacy Act) impose specific obligations on operators of internet websites, online services, or mobile applications used for K-12 educational purposes in Nevada.
EduNest treats Nevada's student data privacy requirements as a minimum baseline for all district deployments, regardless of state. Our compliance with NRS 388 includes:
📌 Nevada districts: EduNest's standard DPA includes Nevada-specific data handling provisions aligned with NRS 388 and the Nevada Department of Education's guidance on student data privacy.
For Clark County School District (CCSD) deployments, EduNest will execute CCSD's standard vendor Data Processing Agreement and comply with all CCSD privacy policies and the district's SAFE List vendor requirements. We welcome review of our technical security documentation by CCSD's technology team.
EduNest provides a standard Data Processing Agreement for district review. Contact us to receive our DPA and any additional compliance documentation your procurement team requires.