Is ClassDojo General Data Protection Regulation (GDPR) Compliant?
Yes. We take our commitment to your privacy and data protection seriously, that's why every ClassDojo product is designed with privacy and security first. ClassDojo has complied with GDPR since it went into effect on May 25, 2018.
What is GDPR?
- This spreadsheet breaks down in detailed categories exactly what information we collect for each type of user, the sources we use to collect that information, where it’s stored and how it is used.
- We store all information on highly secure, military-grade data centers that are access-controlled.
- At the software and network level, we use bank-grade security to ensure all information is transmitted securely.
- You control your information and you can delete your teacher account, parent account or student account at any time. We keep personal information until your account is deleted or until it is no longer necessary to provide you with the ClassDojo Service. Please note that some content may be kept after the deleting of an account for school legal compliance reasons.
Frequently Asked Questions:
What personal information does ClassDojo collect?
- Personal information is information that can be used to identify or contact a particular individual or a particular device. We never collect sensitive personal information, as defined by GDPR standards.
- Students: We ask for the minimum necessary information from students to register for the service: often just a name. We don’t ask for gender, email, address, or student ID. Anything else collected is restricted to information needed for educational and safety purposes, or to provide and improve the service.
- School Leaders, Teachers, and Parents: We do ask for some limited information that is provided directly from teachers, school leaders, and parents. We also collect some information related to technology issues in order to provide you with the best possible experience.
- The Information Transparency page breaks down what information is collected for each account type and how that information is collected.
Will ClassDojo ever sell my personal information?
- No. ClassDojo will never sell or rent your personal information to a third party for any reason.
Does GDPR require that data is stored in E.U.?
- No. GDPR requires that organizations comply with EU-U.S. Privacy Shield Framework and Swiss-U.S. Privacy Shield Framework (“Privacy Shield”) regarding the collection, use and retention of personal information transferred from the EU and the UK and/or Switzerland as applicable to the United States. You can learn more about the Privacy Shield program and view our Privacy Shield certification here.
Is there someone at ClassDojo I can speak with if I have further concerns or wish to exercise my rights under GDPR?
- Yes. Please contact us at firstname.lastname@example.org and a team member will happily address your questions or concerns.
- If you are located in the European Union or the EEA, you have a right to lodge complaints about the data processing activities carried about by ClassDojo with ClassDojo’s lead supervisory authority, the Information Commissioner’s Office. You can find their contact details here.
- Pursuant to Article 27 of the GDPR, ClassDojo, Inc. has appointed the European Data Protection Office (EDPO) as its GDPR representative in the EU. You can contact EDPO regarding matters pertaining to the GDPR by sending an email to email@example.com, using EDPO’s online request form, or writing to EDPO at Avenue Huart Hamoir 71, 1030 Brussels, Belgium.