Flipgrid has industry-leading privacy and security commitments supported by the team at Microsoft. We are used by educators throughout the world and the privacy of your student data is very important to us. Below is an outline of Flipgrid's commitment to educator and student data with all official documents at Terms & Privacy.
Privacy of Educator & Student Personal Data
Flipgrid is an educational offering and any personal data that is collected from or generated by Flipgrid is used only to provide that educational offering:
- We abide by the Student Privacy Pledge, which pledges us to “not collect, maintain, use or share student personal information beyond that needed for authorized educational/school purposes.”
- Educators (School leads) control the content in their Discussions and are able to edit/delete any student content. All data will be saved on Flipgrid until deleted by the educator or student. Any deletion is immediate and permanent.
- Flipgrid can be used by students of all ages.
- We do not sell or share student data with any marketers.
- Data collected by Flipgrid is only processed to provide, improve & develop the service, provide customer & technical service, and comply with applicable laws.
- Parent, student, eligible student, teacher or principal should contact the Flipgrid educator directly to understand the educator's privacy practices or to request to access, change or delete information collected by the educator when using Flipgrid.
- All 3rd parties must abide by Flipgrid's data practices. We periodically conduct or review compliance monitoring and assessments of 3rd parties to determine their compliance with Microsoft’s Supplier Security and Privacy Assurance (SSPA) program. Please see Microsoft's Supplier Code of Conduct for additional information.
Security Best Practices
Flipgrid has robust data security, follows industry best practices, and is routinely reviewed by experts at Microsoft. Our practices include but are not limited to the following:
- Data is stored in a secure data center facility located in the United States.
- Security practices, processes, and controls include, but are not limited to, encryption of data in transit, encryption of data at rest, manual & automated monitoring & auditing systems, and access control. Data at rest is encrypted using AES-256 and data in transit is encrypted using TLS protocol standards.
- Security practices and controls are validated through third-party penetration and vulnerability assessments.
- Implementation of least privilege data access by limiting employee access to whatever extent is required for them to perform their job functions. Flipgrid follows employee access best practices including, but not limited to, employee training & education, signed confidentiality agreements, criminal background checks, and secured access control such as network & application level firewalling & two-factor authentication.
- Upon becoming aware of breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to Student Data or other personal information, promptly and without undue delay Flipgrid will (1) notify affected individuals of the Security Incident; (2) investigate the Security Incident and provide affected individuals with detailed information about the Security Incident; (3) take reasonable steps to mitigate the effects and to minimize any damage resulting from the Security Incident.
This plan outlines Flipgrid's commitments for New York Schools, the Education Law 2-d Rider, and Parent's Bill of Rights. If you have any questions about our privacy & security commitments, COPPA, FERPA, GDPR, or CCPA please reach out to us and we would be happy to provide the answers!
Discussion Recommendations
In addition to our privacy and security practices, we encourage you leverage these features when hosting a discussion with your community.
- When using Flipgrid with your school community, use Email, Username, or Google Classroom access.
- Educators can approve all member activity to review all videos and text comments before the content is made available to your community.
- Flipgrid will automatically review English, French, Spanish, Portuguese, Russian, German, Indonesian, and Chinese text comments and prevent the comment from being posted if the comment contains potentially inappropriate words or phrasing; this feature is free and automatically activated on every Topic.