Goodness Privacy Policy

Effective Date: Aug 21, 2025

Last Updated: Aug 21, 2025

At Goodness Education (“Goodness,” “we,” “our,” or “us”), we are committed to protecting the privacy and security of the personal information collected through our platform, website, and applications. This Privacy Policy explains how we handle information in compliance with the Children’s Online Privacy Protection Act (COPPA), the Family Educational Rights and Privacy Act (FERPA), and other applicable data privacy standards.

Scope of This Privacy Policy

This Privacy Policy applies to data collected through our:

  • Website,

  • Mobile application,

  • Web application (“Platform”),

  • Email, phone, and other communications with Goodness.

It does not apply to information managed directly by schools, districts, or educational institutions (“Schools”) that use our Platform. That information is governed by our Client Information Policy.

Under FERPA and COPPA, schools act as the primary custodians of student data. Schools are responsible for:

  • Obtaining verifiable parental consent before collecting personal information from children under 13,

  • Responding to parental requests to access, correct, or delete student data in the Platform.

Parents or guardians must contact their child’s school directly to exercise these rights.

Commitment to Children’s Privacy

Goodness does not intentionally collect personal information from children under 18 unless providing services for a School Client with appropriate consent.

  • If we become aware that we have collected personal information without proper consent, we will delete it promptly.

Parents, guardians, or Schools may contact us at [email protected] for concerns.

Information We Collect

We may collect information in the following ways:

  1. Student Data (via Schools): Name, grade level, and emotional well-being responses submitted during school activities.
  2. Teacher and Administrator Data: Name, email address, and login credentials for managing student information.
  3. Technical Data: Device information, IP addresses, browser type, cookies, engagement logs, and analytics for security and performance monitoring.
  4. Website/App Users: Contact information (name, email, school/district, phone number) when registering for events, accessing resources, subscribing to email lists, or communicating with us.
  5. Third-Party Information: Data shared with us by authorized third parties (e.g., event partners, subscription services).

We do not collect or store financial information, medical records, or precise geolocation data.

How We Use the Information

We use collected data solely for educational and operational purposes, including:

  • Providing emotional well-being reports and analytics for Schools,

  • Supporting teachers and administrators in classroom management,

  • Enhancing user experience on our website and apps,

  • Responding to inquiries and providing customer support,

  • Preventing fraud, unauthorized access, and cyberattacks,

  • Conducting research and development to improve our services (with anonymized or aggregated data),

  • Complying with applicable laws and contractual obligations.

We do not sell, rent, or use student or user data for commercial advertising or marketing.

Data Sharing and Disclosure

Goodness may share information only under these conditions:

  • With Schools: To fulfill legitimate educational purposes,

  • With Service Providers: For hosting, storage, security, and technical operations under confidentiality agreements,

  • With Event/Content Partners: If you register for partner-hosted content or events (with prior notice and opt-out option),

  • With Your Consent: For testimonials or endorsements,

  • When Required by Law: To comply with legal obligations or protect safety,

Business Transitions: In the event of a merger, acquisition, or transfer of assets, under continued privacy obligations.

Data Security

Goodness implements controls aligned with the National Institute of Standards and Technology Cybersecurity Framework (NIST CSF), ensuring identification, protection, detection, response, and recovery against incidents. This includes encryption of data at rest and in transit, secure authentication, and information security practices consistent with K-12 standards. Although not a federal mandate, the NIST CSF is the U.S. Department of Education and CISA’s recommended framework for K-12 cybersecurity readiness, which Goodness fully embraces, including:

  • Data encryption (AES-256 at rest, TLS/HTTPS in transit),

  • Role-based access controls for teachers and administrators,

  • Two-factor authentication for administrators,
  • Firewall systems, SSL protocols, and strict access controls,
  • Secure hosting in the U.S.-based facilities,

  • Logging, monitoring, and incident response protocols,

  • Regular security audits and staff training.

In case of a breach, we promptly notify Clients and take corrective action.

Data Retention

  • Student data is retained only as long as necessary for educational purposes defined by the School.

  • Schools determine retention timelines and may request deletion at any time.

  • Website/App user data is retained as long as needed for service delivery, unless deletion is requested, or for legal/tax requirements.

Global Usage and Data Transfers

Goodness operates primarily in the U.S. If you access our services from outside the U.S., your information may be transferred and processed in countries with different data protection laws. We will apply this Privacy Policy regardless of location.

Links to External Sites

Our website, mobile app, and web app may contain links to third-party sites. Goodness is not responsible for how external sites handle personal information. Users should review third-party privacy policies.

Updating Personal Information

Users may request updates or corrections to their personal information by contacting [email protected]

Changes to This Policy

Goodness may update this Privacy Policy periodically. The “Last Updated” date will indicate the latest version. Substantial changes will be communicated to Schools, who will notify parents as required.

Contact Information

For questions about this Privacy Policy, please contact:
 Goodness Education – Privacy Office
 Email: [email protected]

To access, update, or delete student information, parents must contact their child’s school directly.