VenueOS
Sign inStart free trial

FERPA statement

How VenueOS complies with the Family Educational Rights and Privacy Act.

Last updated: April 16, 2026

This document is boilerplate drafted for VenueOS and is not legal advice. Review it with your own district or company's legal counsel before relying on it.

Our role as a "school official"

The Family Educational Rights and Privacy Act (FERPA) generally prohibits schools from disclosing personally identifiable information (PII) from a student's education record without written parental consent. FERPA allows disclosure to "school officials" with "legitimate educational interests," including outside service providers under the conditions of 34 CFR § 99.31(a)(1)(i)(B).

When your school or district uses VenueOS, we act as a school official because:

  • We perform a service for which the school would otherwise use its own employees.
  • We operate under the direct control of the school with respect to the use and maintenance of education records.
  • We use education records only for authorized purposes and do not redisclose them to third parties.

What we do (and don't) collect

VenueOS is designed to minimize contact with student records. The core product operates on signage content (announcements, menus, bell schedules) that does not typically include student PII. When your district enables optional features that could include student PII (for example, a classroom directory on a touchscreen display), we process that data solely to provide the requested service.

We do not:

  • Sell or license student PII.
  • Use student PII to build behavioral profiles or market to students.
  • Use student PII to train machine-learning models.
  • Retain student PII beyond what is necessary to deliver the service.

Directory information

Your school may have designated certain items as "directory information" that can be publicly displayed (for example, student name on an honor-roll board). Your district is responsible for ensuring parental opt-out procedures have been honored before any student name or photograph is uploaded to VenueOS for public display.

Parental rights

Under FERPA, parents (and eligible students age 18+) have the right to:

  • Inspect and review education records.
  • Request correction of inaccurate records.
  • Consent to disclosure of personally identifiable information, except where FERPA allows disclosure without consent.

Because we operate on behalf of your school, requests from parents should go through your district's records office in the first instance. If you are a parent and have been directed to contact us, email ferpa@edusignage.app and we will coordinate with your district.

Data security controls

  • Encryption in transit (TLS 1.2+) and at rest (AES-256).
  • Role-based access: only users your district authorizes can see data.
  • Immutable audit logs for all privileged actions.
  • Regular third-party vulnerability scans.
  • Employee access to production data is limited to what is necessary for support and is logged.

Incident response

In the unlikely event of a security incident affecting education records, we will notify the affected district's primary contact without unreasonable delay and no later than 72 hours after discovery, consistent with applicable law and our data processing agreement.

Contact

For FERPA-related questions, contact ferpa@edusignage.app. Districts requiring a signed data processing agreement or data sharing addendum can request one at contracts@edusignage.app.