← Privacy policy

California prohibits operators of K-12 online services from selling student information, building behavioral profiles, or showing targeted ads. AB 1584 requires every district contract to address ownership, access, security, and breach.

What LeagueForge does to comply

• Sign a §49073.1-compliant addendum to each LEA contract covering: ownership of student data, parent access, security procedures, breach notification, data return/destruction.
• Never sell, share for cross-context behavioral advertising, or build profiles for non-school purposes (SOPIPA).
• No targeted advertising directed at K-12 students.
• Comply with the CCPA/CPRA student-data carve-out and treat data as a service provider.

Parent & student rights

• Access and review of child’s records via the school.
• Correction of inaccurate records.
• Deletion at end of contract or on request.

Breach notification

No specific statutory deadline, but SOPIPA requires notification "in the most expedient time possible and without unreasonable delay."

Resources

• AB 1584 — Ed. Code §49073.1
• SOPIPA — Bus. & Prof. Code §22584

Need help?

School administrators in California can email privacy@leagueforge.gg for a ready-to-sign DPA pre-built for your state.