FAQ:
G Suite in Education
Frequently Asked Questions regarding Google for Education
The purpose of this webpage is to provide information regarding Google's services and approach to data privacy and security.
According to Google, "We provide educators with powerful solutions that are affordable and easy to use. We know that trust is earned through protecting teacher and student privacy and providing the best security measurements. " (LINK)
G Suite for Education: Privacy & Security.pdfAre there ADS on Google for Education? Not in Core Services but there may be ads on Additional Services*
The G Suite for Education (formerly called Google Apps for Education) core services are the heart of Google’s educational offering to schools. The core services are Gmail (including Inbox by Gmail), Calendar, Classroom, Contacts, Drive, Docs, Forms, Groups, Sheets, Sites, Slides, Talk/Hangouts and Vault. These services are provided under the G Suite agreement.
NO ADS
Additional Services (like YouTube, Maps, and Blogger) are designed for consumer users and can optionally be used with G Suite for Education accounts if allowed for educational purposes by a school’s domain administrator.
*additional services may serve ads, and Google may use information in these additional services to improve them. For G Suite users in primary/secondary (K-12) schools, Google does not use any user personal information (or any information associated with a Google Account) to target ads.
Does Google Own School Data? No.
Google doesn’t assume ownership of any customer data in G Suite core services, and it says so in our contracts (under “Intellectual Property”). Google also makes it easy for individuals and organizations to take their data.
Does Google sell school or student data to third parties? No,
but they will hand over data if requested by law enforcement authorities or by the owners of the data. (LINK)
How does Google keep data secure? Google has their own servers and complies with internationally recognised standards for data encryption. (LINK)
Does Google Comply with International Child protection laws and agreements? Yes
Children’s Online Privacy Protection Act of 1998 (COPPA): We contractually require that schools using G Suite get the parental consent required by COPPA. Our services can be used in compliance with COPPA as long as a school has parental consent. (See, Notice template for schools when gathering parent or guardian consent)
Bottom line: Schools need to obtain parental consent to use Core Services and Google has provided a customizable template for schools.
Family Educational Rights and Privacy Act (FERPA): FERPA gives parents certain rights with respect to their children's education records. These rights transfer to the student when he or she reaches the age of 18 or attends a school beyond the high school level. Parents or eligible students have the right to inspect and review the student's education records maintained by the school. Generally, schools must have written permission from the parent or eligible student in order to release any information from a student's education record.
Bottom line: Parents of children under the age of 18 have the right to control how their child's academic and personal information is used by educational organizations.
✔ Collect, use, share, and retain student personal information only for purposes for which we were authorized by the educational institution/agency, teacher or the parent/student.
✔ Disclose clearly in contracts or privacy policies, including in a manner easy for parents to understand, what types of student personal information we collect, if any, and the purposes for which the information we maintain is used or shared with third parties.
✔ Support access to and correction of student personally identifiable information by the student or their authorized parent, either by assisting the educational institution in meeting its requirements or directly when the information is collected directly from the student with student/parent consent.
✔ Maintain a comprehensive security program that is reasonably designed to protect the security, privacy, confidentiality, and integrity of student personal information against risks – such as unauthorized access or use, or unintended or inappropriate disclosure – through the use of administrative, technological, and physical safeguards appropriate to the sensitivity of the information.
✔ Require that our vendors with whom student personal information is shared in order to deliver the educational service, if any, are obligated to implement these same commitments for the given student personal information.
✔ Allow a successor entity to maintain the student personal information, in the case of our merger or acquisition by another entity, provided the successor entity is subject to these same commitments for the previously collected student personal information.