Summary
Emerald’s Institutional Equity Incident Management System only collects the information required to be captured by appropriate staff for cases of Protected Class discrimination, bias, and harassment. We are stringent in our handling of data and maintain compliance with all applicable state and federal laws, as well as the organizational policies of our partners regarding the privacy of personally identifiable information. We will never share or attempt to monetize our users’ data in any fashion.
When do we collect information?
We collect information from users when they register, login, and submit case management information on the application.
How do we use user information?
The personal information of our users is used solely to facilitate the managerial aspects of incidents and cases captured in the application. In order to continually improve the quality of our products, we do aggregate and anonymize general usage data strictly for internal development and testing purposes.
How do we protect your information?
Our application secures user data both at rest and in transit using industry standard encryption. Additionally, our infrastructure runs within a secure, segmented virtual private cloud and is regularly scanned for vulnerabilities and patched on a rolling basis. Furthermore, we have implemented password policies for our users to ensure sufficient complexity, and regularly review user usage and audit logs to flag any potentially malicious activity for review.
Compliance with Data Protection Laws
Emerald complies with all applicable provisions of the United States Family Educational Rights and Privacy Act, 20 U.S.C. 1232g, 34 CFR Part 99 (FERPA) in receiving and handling personally identifiable information from education records as a "school official" under FERPA.
Third party disclosures
We do not, sell, trade, or otherwise transfer to outside parties the personally identifiable information of our users.