Eddo Workspace Pilot: Data & Privacy Overview

Purpose

We are seeking a pilot of using eddo workspace for supporting assessments conducted by participating teachers. eddo workspace integrates with Google Workspace for Education (Google Forms, Google Sheets, and Gmail) to support teachers in creating, distributing, and analyzing assessments. This document outlines how the system uses and protects data, including personally identifiable information (PII).

Integrations with the School's Google Classroom

Google Workspace is used for teacher authentication (sign-up) and authorization for email and drive permissions on behalf of the teacher.

• Email: On request, the system can send an email on behalf of the teacher, for example, to send feedback to students. This requires an action by the teacher and is not done automatically.
• Google Forms: The tool generates assessment forms and collects student responses.
• Google Sheets: Responses may be stored in Google Sheets for teacher reporting and analysis.

No Gmail content is accessed; permissions are limited to account authentication and form creation.

Data Collected

The system only collects the minimum data required to enable core functionality.

Personally Identifiable Information (PII):

• Student email address – used to uniquely associate a student with their submissions.
• Student name – used to uniquely associate a student within the workspace interface.
• Student class – used to organize assessments and responses by classroom.
• Student's teacher – used to associate assessment data with the correct teacher workspace.

This information is submitted by students via Google Forms.

Assessment Data:

Responses submitted by students via Google Forms.

Use of Data

PII is used only for mapping students to their assessments and to the correct teacher workspace, for the teacher's use within the authorized workspace, and for internal use for the purposes of support and product improvement.

PII is not shared, sold, or used for any other purposes.

Assessment response data is stored for teacher instructional use. Assessment response data are also used to support workflow improvements.

A shared dataset, composed exclusively of de-identified student and teacher entries and cleaned of all identifying information, may in the future be made accessible to others and used for education use cases including but not limited to:

• product development and improvement
• curriculum development
• teacher professional development
• research projects aimed to improve student learning outcomes

Data Security

• Encryption: All data is encrypted at rest and in transit. Student PII is further encrypted at the database row level.
• Anonymization: Student PII is anonymized in the system wherever possible. Teachers view data mapped to their students, and the backend anonymizes records to reduce exposure.
• Access Controls: Only authenticated and authorized users (teachers and system admins) can access associated data with our Identity Access Management system (IAM), at the individual record level (Row-level Security).
• Audit & Logging: All system access and data operations are logged and monitored.

Data Retention & Deletion

Teachers or administrators may request deletion of student data at any time.

Upon account termination, all associated PII and assessment data are permanently deleted from the system within 45 days.

Compliance & Standards

• Complies with FERPA requirements for handling student information.
• Aligns with CSDPA (Common Student Data Privacy Agreement) terms commonly required by districts.
• Adheres to industry best practices for security and privacy.

Contact

For additional questions regarding data privacy and security:

Versions

V1: September 4, 2025