Playground IEP
Features
Resources
Sign Up
Log in
Playground IEP
Features
IEP Copilot
About us
Testimonials
Blog
Log in
Pilot Playground

Privacy Policy

This is some text inside of a div block.

Playground IEP Privacy Policy

Updated: February 25, 2026

This privacy notice for Playground IEP LLC ("Company," "we," "us," or "our"), describes how and why we might collect, store, use, and/or share ("process") your information when you use our services ("Services"), such as when you:

Questions or concerns? Reading this privacy notice will help you understand your privacy rights and choices. If you do not agree with our policies and practices, please do not use our Services. If you still have any questions or concerns, please contact us at privacy@playgroundiep.com.

Playground IEP is a Special Education Caseload Management platform designed to organize information, facilitate teacher collaboration, and automate caseload management processes. Our goal is to provide teachers with the technology tools necessary to provide a transformative education experience to students with IEPs. We believe that privacy and confidentiality is a fundamental human right. We are actively committed to ensuring that. This Privacy Policy outlines how we collect, protect, use and share information gathered on Playground IEP.

Core Data Privacy Principles

  • Minimal Data Collection: Only the minimum data needed for our services is collected.
  • Specific Use of Data: Your data is solely for providing access and support.
  • No Data Sales: Your data is never sold under any circumstances.
  • No Advertising to Students: We strictly avoid advertising to students.
  • Robust Data Protection: All data is safeguarded with strong security measures.
  • Compliance with FERPA & COPPA

This Privacy Policy governs the use of our web-based Site that school staff will be using to access information about students receiving specialized support. By using our Site, you are confirming that you are an authorized user and you are agreeing to the terms of this Privacy Policy. If we update this Privacy Policy, you will be notified of this the next time you log into the Playground IEP portal.

Information We Collect and How We Use It

Playground IEP collects only the limited information needed to enable you to use our programs and services:

  • Student Names & ID Numbers
  • Teacher Name & Email Information
  • Parent/Guardian Names & Emails
  • Special Education & IEP Information
  • Progress Monitoring information

In short, Playground IEP does not use student or teacher information for any purpose other than to enable access to and use of our service.

Cookies & Tracking Technologies

Playground IEP uses a limited number of cookies and similar technologies that are strictly necessary for the operation of our platform. We do not use cookies for advertising, behavioral targeting, or any purpose unrelated to delivering and securing the Service.

What are cookies? Cookies are small text files placed on your device by a website or application. They help the site remember information about your visit and can make your next visit easier and the service more useful to you.

Types of cookies we use:

  • Strictly Necessary / Session Cookies. These cookies are essential for you to log in, navigate the platform, and use its features. They maintain your authenticated session so you do not have to re-enter credentials on every page. These cookies are temporary and are deleted when you close your browser or your session expires.
  • Security Cookies. Our edge-security provider, Cloudflare, may set cookies (for example, the __cf_bm cookie) to distinguish legitimate users from automated traffic and to protect the platform against malicious activity such as DDoS attacks and bot abuse. These cookies are necessary for platform security and do not track you for advertising purposes.
  • Preference / Functionality Cookies. We may use cookies to remember your display preferences or settings within the platform (for example, which dashboard view you last used) so that your experience is consistent between sessions.

Cookies we do NOT use:

  • We do not use third-party advertising or remarketing cookies.
  • We do not use analytics cookies that track individual users across websites.
  • We do not permit any third party to place cookies on our platform for the purpose of behavioral profiling or targeted advertising.

We commit and strictly adhere to the following data privacy policies:

  • We do not collect, maintain, use or share Student PII beyond that needed for authorized educational/school purposes, or as authorized by the parent/student.

  • We do not and will not, sell any confidential student PII data at any time, for any reason.

  • We do not, and will not, sell any user data at any time, for any reason.

  • We do not use or disclose student information collected for behavioral targeting of advertisements to students.

  • We do not knowingly retain Student PII beyond the time period required to support the authorized educational/school purposes.

  • We maintain a comprehensive security program that is reasonably designed to protect the security, confidentiality, and integrity of Student PII against risks – such as unauthorized access or use, or unintended or inappropriate disclosure – through the use of administrative, technological, and physical safeguards appropriate to the sensitivity of the information.

  • We provide resources to support educational institutions/agencies, teachers, or parents/students to protect the security and privacy of Student PII while using the educational service.

  • We require that our vendors with whom Student PII is shared in order to deliver the educational service, if any, are obligated to follow these same commitments for the given Student PII.

  • We allow a successor entity to maintain the Student PII, in the case of our merger or acquisition by another entity, provided the successor entity is subject to these same commitments for the previously collected Student PII.

  • We will incorporate privacy and security when developing or improving our educational products, tools, and services and comply with applicable laws.

Information Protection and Security

At Playground IEP, we are committed to safeguarding the data entrusted to us with rigorous administrative, technical, and physical security measures. Our servers, hosted in the United States, are secured by top-tier hosting services, including AWS, renowned for their robust security protocols, including 24-hour onsite security and specialized teams dedicated to network protection. Access to sensitive information is strictly regulated, requiring administrator-approved credentials.

We prioritize the security of your data during transmission and at rest. All data entered on our platform is protected with SSL/TLS encryption, ensuring secure communication over the internet. Furthermore, we employ advanced security practices for password management, including encryption, one way hashing, and salted hashing to fortify against unauthorized access attempts.

Despite our diligent efforts to secure Personal Information, it's important to recognize that no system is infallible. Factors such as technical malfunctions, human error, or sophisticated cyberattacks could potentially compromise data security. Should we become aware of a security incident that might affect student and school information, we are committed to providing our client schools and districts with prompt notification in accordance with legal requirements. We will work with the school to notify parents of all affected students.

How and When We Share Data

We share data only in the following circumstances:

  • When you or your educational institution give us permission to share it.
  • With your authorized teachers and other school staff, as necessary to provide the Service.
  • If we are required to do so to comply with the law, a court order, or direction from governmental authorities.
  • If Playground IEP goes through a business transition, such as merging with or being acquired by another company, your information will, in most instances, be transferred to the new entity. We will only transfer data to an entity that adheres to the same privacy and security standards set out in this Privacy Policy.

Third-Party Service Providers (Sub-processors)

To deliver, secure, and support the Playground IEP platform, we use a limited set of vetted third-party service providers ("sub-processors"). Each sub-processor receives only the minimum data necessary to perform its specific function, and all are contractually required to protect data in accordance with standards equivalent to or exceeding our own. All data processed by these providers remains within United States–based facilities.

Below is a description of each sub-processor, the data it may access, and the purpose of that access:

Amazon Web Services (AWS) — AWS provides the cloud infrastructure (compute, storage, and networking) on which the entire Playground IEP application runs. All platform data — including student records, teacher/staff accounts, and encrypted backups — resides on AWS infrastructure. No AWS personnel access this data; it is encrypted at rest with AES-256 and in transit with TLS 1.2+.

Bubble.io — Bubble is the Platform-as-a-Service that hosts the Playground IEP web application and its database. All application data entered into Playground IEP — including student PII, IEP content, teacher/staff information, and parent contact information — is processed within Bubble's application layer to deliver platform functionality such as dashboards, scheduling, and IEP editing.

Cloudflare — Cloudflare provides edge security, including DDoS protection and Web Application Firewall (WAF) filtering. Cloudflare processes network-layer metadata only — such as IP addresses, HTTP request headers, and traffic patterns — to distinguish legitimate users from malicious traffic. Cloudflare does not access or store the contents of student records, IEP data, or any PII entered into the platform.

Google Workspace — Google Workspace is used by Playground IEP staff for business email, internal documents, and to support secure data-processing operations. This includes structured data-preparation workflows such as validating, formatting, and reconciling roster and enrollment information received from districts prior to import into the production platform. Access is limited to authorized personnel, and all data is protected by Google Workspace's SOC 2 Type II controls and encryption.

SFTP To Go — SFTP To Go provides an encrypted file-transfer endpoint used during district-initiated bulk data imports or exports. Student roster and data files (e.g., student names, IDs, grade levels, enrollment, and IEP information) are transferred over encrypted SSH/SFTP tunnels. Data is in transit only and is not retained by the provider beyond the transfer session.

OpenAI API — OpenAI's API provides generative AI capabilities that power narrative suggestions in the IEP editor, such as draft IEP goals and present levels of performance. Only the minimum contextual IEP content needed for a given prompt is transmitted (e.g., student disability category, present levels, and goal areas), and student name and full PII are minimized wherever possible. Under our Data Processing Agreement with OpenAI, all API data is automatically purged within 30 days and is never used to train AI models.

Anthropic (Claude API) — Anthropic's Claude API provides generative AI capabilities that power narrative suggestions and content support in the IEP editor, such as draft IEP goals and present levels of performance. Only the minimum contextual IEP content needed for a given prompt is transmitted (e.g., student disability category, present levels, and goal areas), and student name and full PII are minimized wherever possible. Under Anthropic's enterprise API terms, API inputs and outputs are not used to train AI models, and data is subject to Anthropic's enterprise-grade security controls and data-handling commitments.

Sub-processor oversight: We require every sub-processor to maintain SOC 2 Type II, ISO 27001, or equivalent security certifications, and we review those attestations at least annually. Under our contractual commitments, we will notify client districts in writing (typically 30 days in advance) before enabling any new sub-processor that will process Student Data. Districts may raise objections during this notice period.

For a current list of sub-processors or to ask questions about our data-sharing practices, please contact us at privacy@playgroundiep.com.

Our Commitment to Data Integrity

We recognize the importance of managing student and school data responsibly. We retain student and school data only for as long as necessary to fulfill the purposes for which it was collected, including for the provision of our services, compliance with legal obligations, dispute resolution, and enforcement of our agreements.

Retention Periods:

  • Student Information: Data related to student performance and special education needs, including IEPs, are retained for the duration of the student's enrollment in the school using our platform and/or the duration of the school's active subscription to our service.
  • Teacher and School Staff Data: Information about educators and school administrators is retained for the duration of the school's active subscription to our service.

Deletion Protocols: Upon expiration of the retention period, data is securely and permanently deleted from our systems in accordance with industry-standard practices to ensure the protection of and student school information against unauthorized access or use. We also provide mechanisms for users to request the deletion of their personal information under certain circumstances:

  • User-Requested Deletion: Users may request the deletion of their personal information or their student's information by contacting us at privacy@playgroundiep.com. Upon verification of the requestor's identity, we will proceed with the deletion of the relevant data, subject to any legal or regulatory requirements that may require the retention of certain information.

Data Privacy Pledges & Privacy Law Compliance

At Playground IEP, protecting your data is a top priority for us. We are proud to pledge and endorse the 1EdTech Trusted Apps privacy rules. Additionally we have committed to following the 2020 Student Data Privacy Pledge and are in the process of becoming an official signatory of the pledge.

We strictly follow FERPA and COPPA laws. Our goal is to be a dependable part of the education technology community, making sure everyone's information is secure and respected. Below, we detail how we specifically adhere to FERPA and COPPA regulations to ensure the highest level of data protection and compliance in our operations.

Compliance with the Family Educational Rights and Privacy Act (FERPA)

Playground IEP is committed to full compliance with the Family Educational Rights and Privacy Act (FERPA), a federal law that protects the privacy of student education records. FERPA gives parents certain rights with respect to their children's education records; these rights transfer to the student when he or she reaches the age of 18 or attends a school beyond the high school level.

Our Commitment to Protecting Education Records: Under FERPA, we are bound to protect the privacy of student education records and to provide parents and eligible students access to their records, as well as the opportunity to request correction of records they believe to be inaccurate or misleading.

How We Handle Student Education Records:

  • Access and Use: We access student education records only for legitimate educational interests and purposes as defined under FERPA, or as requested by the educational institution or the eligible student.
  • Disclosure: We do not disclose information from student education records without the written consent of the parent or eligible student, except in cases where FERPA authorizes disclosure without consent. This includes, but is not limited to, disclosures to school officials with legitimate educational interests, to other schools to which a student is transferring, and in connection with financial aid for which the student has applied or received.
  • Protection and Security: We implement rigorous administrative, physical, and technical safeguards to protect the confidentiality, integrity, and availability of student education records. Our security measures are designed to prevent unauthorized access to or disclosure of student records.

Parental and Student Rights under FERPA:

  • Right to Inspect and Review: Parents and eligible students have the right to inspect and review the student's education records maintained by the school.
  • Right to Request Amendments: Parents and eligible students have the right to request that the school correct records they believe to be inaccurate or misleading.
  • Right to Control Disclosures: Parents and eligible students have the right to control disclosures of personally identifiable information contained in the student's education records, except to the extent that FERPA authorizes disclosure without consent.

Requests for Access or Amendments: If a parent or eligible student wishes to inspect and review or request amendments to education records, they should submit a written request to the educational institution that maintains the records. Playground IEP will comply with requests from educational institutions to access or amend education records in accordance with FERPA regulations.

For More Information: For more information about our FERPA compliance practices, or if you have questions or concerns regarding the privacy of student education records, please contact us at privacy@playgroundiep.com

Compliance with the Children's Online Privacy Protection Act (COPPA)

Playground IEP is designed exclusively for use by educators, school teachers, and administrative staff as a tool for managing and supporting students' educational experiences. Our platform is not intended for use by students, including those under the age of 13, and we do not knowingly collect personal information from children.

Platform Usage:

  • Educator and Staff Use Only: Playground IEP is strictly intended for operational and educational management purposes by school staff and educators. As such, our platform does not engage directly with students nor collects personal information from children, including those under the age of 13.
  • No Student Access: Our services and features are developed with the explicit understanding that they will be accessed and utilized solely by educators and school personnel. We have measures in place to ensure our platform remains exclusive to this audience.

Data Collection and Privacy:

  • Data Handling: In providing our services, we may handle student data provided by the educational institutions we serve. However, this data is managed strictly within the context of delivering our services to schools and is not used for any other purpose.
  • Commitment to Privacy: We are committed to protecting the privacy of all data we handle and comply with all applicable laws and regulations, including COPPA, in the provision of our services to educational institutions.

Inquiries and Concerns

Should you have any questions about our platform's use or our approach to privacy and data protection, please do not hesitate to contact us at privacy@playgroundiep.com. We are dedicated to maintaining open and transparent communication with the schools and districts we serve.

Changes to Privacy Policy

Material changes to this policy will be accompanied by a notification to users in the Playground IEP Portal.

More time with

Students.

Less time on

Paperwork.

Create Free Account
Playground IEP
hello@playgroundiep.com
Social media
Social media
Social media
Social media
Features
IEP CopilotCaseload OrganizationIEP SnapshotsProgress MonitoringAutomated IEP SchedulingCustom Confidentiality Settings
Resources
WebinarsLearning LibraryBlogMerch
Who we serve
Special EducatorsSPED AdminService ProvidersGen-Ed TeachersAdministrators
Other
Pricing & OnboardingTestimonials
©2026 Playground IEP. All rights reserved
Privacy PolicyTerms of useData Processing Agreement (DPA)