Effective July 1, 2026.
Botdoc (ShortSave, Inc., a Colorado corporation doing business as Botdoc) is committed to maintaining the confidentiality and security of all users who transport student data in accordance with all applicable state and federal regulations, and takes precautions consistent with industry standards to protect that data.
Although the Student Privacy Pledge was officially retired as of April 25, 2025, Botdoc continues to uphold the core commitments and responsibilities outlined in the original pledge as part of its ongoing legal and ethical obligations to protect student data.
For information about how Botdoc handles other personal information, please see our main Privacy Policy at https://botdoc.io/privacy-policy/. This FERPA Policy governs student data and supplements, but does not replace, the main Privacy Policy.
Botdoc is a secure digital transportation service used to send or collect sensitive files or data. Once the secure transportation is complete, the data and files are deleted from Botdoc’s environment. Botdoc is never privy to the contents of what its users transport.
Botdoc does not access, read, or retain the contents of student data transmitted through the Services. Botdoc operates as a secure digital transportation platform powered by end-to-end encryption; it moves data but cannot access or inspect the contents of what is being transported. This means Botdoc cannot independently determine whether transmitted content constitutes student data or Education Records. The educational institution is solely responsible for determining what data it transmits through the Services. Once secure transport is complete and the applicable retention period expires, the encrypted container and all associated content data are permanently destroyed.
Certain information provided to Botdoc by School Personnel that is directly related to a student and maintained by an educational institution may constitute an “Education Record” under the Family Educational Rights and Privacy Act (“FERPA”) (20 U.S.C. § 1232g; 34 CFR Part 99). Education records include, but are not limited to, transcripts, class lists, course schedules, health records, student financial information, and disciplinary records, any records directly related to a student and maintained by or on behalf of an educational institution.
Additionally, certain information about a student, such as name and grade level, may constitute “Directory Information” under FERPA and thus not be an Education Record.
When students reach age 18 or enroll in a postsecondary institution, FERPA rights transfer from the parents to the student (“eligible student”).
Botdoc operates as a service provider to educational institutions under FERPA’s school official exception, specifically the outsourced-institutional-service prong at 34 CFR § 99.31(a)(1)(i)(B). Under this exception, schools may share student Education Records with Botdoc without individual parental consent, provided that Botdoc:
Performs an institutional service or function for which the school or district would otherwise use its own employees
Is under the direct control of the educational institution with respect to the use and maintenance of Education Records
Uses Education Records only for the purposes authorized by the respective school or district, and does not re-disclose them except as permitted by FERPA (34 CFR § 99.33)
Botdoc acknowledges and accepts these obligations. By using Botdoc’s Services to transmit Education Records, the educational institution remains responsible for ensuring that the use of Botdoc qualifies under the school official exception or another applicable FERPA exemption.
As School Personnel or an institution providing Directory Information or Education Records to Botdoc, you represent, warrant, and covenant that your institution has done one of the following before sharing student data with Botdoc:
Directory Information Exemption: Complied with FERPA’s Directory Information Exemption, including informing parents and eligible students what information the institution deems to be directory information and allowing a reasonable time to opt out of disclosure
School Official Exemption: Complied with FERPA’s School Official Exemption, including notifying parents in the annual FERPA rights notification that the institution defines “school official” to include service providers and “legitimate educational interest” to include services of the type Botdoc provides
Written Consent: Obtained all necessary parental or eligible student written consent to share the relevant Directory Information and Education Records with Botdoc, solely to enable Botdoc’s operation of the Services
Student data should only be shared with third parties consistent with Botdoc’s privacy policies and applicable student data privacy commitments.
Botdoc will use student data solely to provide and improve the Services for the benefit of the educational institution and its students. Specifically, Botdoc will not:
Sell, rent, or otherwise disclose student data to third parties for commercial purposes
Use student data to engage in targeted advertising to students, parents, or any other individuals
Build student profiles for non-educational purposes
Use student data to train, develop, fine-tune, or improve any artificial intelligence or machine learning model for the benefit of any party other than the student’s educational institution
Use or disclose student data for any purpose not authorized by the applicable educational institution or required by law
Collect, maintain, use, or share student personal information beyond what is needed for authorized educational or school purposes, or as authorized by the parent or student
’Educational/School Purposes’ are services or functions that customarily take place at the direction of the educational institution or their teacher or employee, for which the institution or agency would otherwise use its own employees, and that aid in the administration or improvement of educational and school activities (e.g., instruction, administration, and development and improvement of products or services intended for educational use).
Botdoc will not share Education Records with third parties except:
As directed by a Botdoc user (for example, a teacher sharing with another teacher or a parent through Botdoc’s secure transport)
With subprocessors and service providers that are contractually bound to handle student data consistently with this Policy and applicable law (see Section 6 - Subprocessors)
As required by applicable law or legal process, in which case Botdoc will notify the applicable institution to the extent legally permitted
Any third party with whom Botdoc shares student data will have privacy practices consistent with Botdoc’s commitments to student data privacy.
Education Records are never used or disclosed for third-party advertising or for first- or third-party behaviorally targeted advertising to students or parents. Information collected through student use of the Services is never used, sold, rented, or disclosed for advertising purposes.
Botdoc does not market to parents in their capacity as recipients of a school-initiated transmission. Where a parent is an independent Botdoc account holder in their own personal or professional capacity, Botdoc may market to that account holder consistent with Botdoc’s general Privacy Policy and applicable law. Botdoc does not create or keep student profiles for non-educational purposes.
FERPA permits the use of properly de-identified student data for product improvement and analytics purposes. If Botdoc uses de-identified data derived from student use of the Services, Botdoc will:
Apply reasonable de-identification methodologies to ensure the data cannot reasonably be used to identify any individual student
Not attempt to re-identify any de-identified student data, and contractually prohibit any transferee from attempting re-identification
Disclose to educational institutions upon request the categories and methodologies used for de-identification
Botdoc does not use or disclose anonymized metadata in ways that could be used to build student profiles or for commercial purposes beyond direct service improvement.
Botdoc does not use student data to make automated decisions that have legal or similarly significant effects on individual students. Student data processed through the Services is used solely to complete the secure transport transaction and is not input into predictive analytics, behavioral scoring, or automated decision-making systems.
Because of the nature of the Services, students and parents wishing to access, review, or correct student data shared through Botdoc should contact their school or educational institution directly. The educational institution, as the controller of the Education Records, is responsible for responding to such requests under FERPA.
Botdoc will cooperate with educational institutions in responding to student or parental rights requests to the extent technically feasible.
Botdoc maintains appropriate technical and organizational security measures to protect student data from unauthorized access, use, disclosure, alteration, or destruction, including:
Encryption: Student data encrypted in transit using strong cipher suites (TLS) and at rest (AES-256)
Authentication: Multi-factor authentication, RSA/SecurID support, and Active Directory integration
Network security: Auto-scaling firewalls, network and layer 7 intrusion prevention, DDoS mitigation, traffic filtering, and penetration testing
Application security: Static and dynamic application scanning, comprehensive logging, and OWASP Top 10 adherence
SOC 2 Type II: Annual independent audit against AICPA standards
Data Privacy Framework: Self-certified under the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF, as administered by the U.S. Department of Commerce. Botdoc’s active certification is available at https://www.dataprivacyframework.gov/list
GDPR compliance framework: Botdoc designs its control framework to be compliant with the processing and holding of personal data of subjects residing in the EU and UK
We recommend that School Personnel enable two-factor authentication and use strong, unique passwords for their Botdoc accounts.
In the event Botdoc discovers a Security Incident affecting student data, Botdoc will notify the applicable educational institution without undue delay, and in any event within seventy-two (72) hours of confirming the incident. Such notice will include, to the extent then known, a description of the nature of the incident, the categories of student data potentially affected, and steps Botdoc is taking to address the incident.
Educational institutions are responsible for any notifications to parents, students, or regulators required under FERPA and applicable state law. Botdoc will cooperate reasonably with the institution’s notification efforts.
Botdoc may engage subprocessors and service providers to assist in providing the Services, some of whom may have access to student data in connection with the transport transaction. Botdoc maintains written agreements with all subprocessors that require them to protect student data consistently with this Policy and applicable law.
A current list of Botdoc’s subprocessors is available at https://botdoc.io/botdoc-subprocessors/.
Botdoc is a secure digital transportation service. The encrypted contents of student data transmissions are permanently destroyed upon successful delivery and expiration of the applicable retention period. Botdoc does not maintain persistent records of the contents of student data transmitted through the Services and cannot access or view transmitted content due to end-to-end encryption.
Botdoc retains transactional history and metadata in accordance with the Botdoc Data Retention Policy, generally for the period required to meet legal, audit, security, and operational requirements. Upon termination of service, Customer Data is deleted from Botdoc’s systems automatically (i.e., not on opt-in request) within the timeframes established in the Botdoc Data Retention Policy. Metadata may be retained as required by Applicable Law and the retention policy.
This metadata does not include the contents of any transmitted student records or documents. Educational institutions that use Botdoc as a system of record should be aware of this distinction when responding to student or parental data access requests under FERPA.
Upon written request by an educational institution, Botdoc will delete any student data it holds in connection with that institution’s use of the Services, subject to any legal retention obligations.
Botdoc’s handling of student data is designed to support educational institutions’ compliance with the following federal laws, where applicable:
FERPA (Family Educational Rights and Privacy Act, 20 U.S.C. § 1232g; 34 CFR Part 99) - governs the privacy of student education records
COPPA (Children’s Online Privacy Protection Act, 15 U.S.C. § 6501 et seq.) - governs the collection of personal information from children under 13. Botdoc’s Services are not directed to children under 13 without school authorization. Where schools deploy Botdoc for students under 13, the school assumes responsibility for parental consent under the school official exception or COPPA operator exception
PPRA (Protection of Pupil Rights Amendment, 20 U.S.C. § 1232h) - governs surveys and data collection involving students. Botdoc does not conduct surveys or collect personal information directly from students for non-educational purposes
Botdoc complies with applicable state student privacy laws, including without limitation: (a) New York Education Law § 2-d (Parents’ Bill of Rights, Data Security and Privacy Plan); (b) California SOPIPA (BPC § 22584) and AB 1584 (Education Code § 49073.1); (c) Illinois Student Online Personal Protection Act (105 ILCS 85, SOPPA); (d) Colorado HB 16-1423 (Student Data Transparency and Security Act). For state-specific requirements, Botdoc will enter into a vendor data privacy agreement (DPA), parents’ bill-of-rights addendum, or equivalent at the educational institution’s request.
These and similar state laws generally prohibit:
Use of student data for targeted advertising or commercial profiling
Sale or disclosure of student data for non-educational purposes
Building student profiles for non-educational purposes
Use of student data to amass information about students outside of educational context
Botdoc’s commitments in this Policy are designed to comply with the student data privacy requirements of applicable state laws. Botdoc will cooperate with educational institutions in meeting their state-specific vendor contracting requirements upon request.
When School Personnel visit the Botdoc website, we and our service providers may automatically collect certain information using tracking technologies such as cookies, web beacons, and similar technologies. We use this information to understand how visitors use our site and to improve our services. Cookie settings can be changed at any time through your browser settings or by using the cookie preference controls on our website.
For more information about cookies and your choices, see Section 5 of our main Privacy Policy at https://botdoc.io/privacy-policy/ and our Cookies Policy at https://botdoc.io/cookies.
We do not sell student data or allow it to be used by third parties for their own marketing purposes. We do not sell end users’ personal information (whether contained in Customer Usage Data or Customer Content) and do not share it with third parties for their own marketing or other commercial purposes.
We may share user information during a corporate transaction such as a merger, reorganization, or sale of assets. If a corporate transaction occurs, personal information collected from users (not files or data transported via Botdoc) would be one of the assets transferred. This Privacy Policy will continue to apply, and any acquirer would only be able to handle personal information as permitted under this Policy unless users consent to a new policy. We will provide notice of a corporate transaction within thirty (30) days of completion by posting on our homepage and emailing the address on file. If you do not consent to the use of your personal information by a successor company, you may request its deletion.
To keep your information safe, we use physical, electronic, and managerial safeguards applied based on the sensitivity of the information and the current state of technology. Although we take these steps, no internet service is 100% secure and we cannot guarantee that information we collect or store will always be protected from unauthorized access. We recommend enabling two-factor authentication on your Botdoc account and storing your API Keys securely.
You can access and review information associated with your account at any time. You may also request the following information: how we collect and use your information and why; the categories of personal data involved; the categories of recipients of your personal data; how we received your personal data; and how long we use or store your personal data or the manner in which we determine relevant retention periods.
You also have a right to correct your personal data. In certain situations, you can ask that we erase or stop using your information (and object to use of your personal data). Where we rely on your consent to process your personal data, you have the right to decline or withdraw consent at any time. This will not affect the lawfulness of processing prior to withdrawal. You may also request that we stop using your information for direct marketing purposes.
You have a right to raise questions or complaints with your local data protection authority at any time. To exercise these rights, please contact us at support@botdoc.io.
Although the Student Privacy Pledge program was officially retired as of April 25, 2025, Botdoc continues to uphold the core commitments and responsibilities outlined in the original pledge as part of its ongoing legal and ethical obligations to protect student data. These commitments are reflected throughout this Policy and in Botdoc’s contractual arrangements with educational institutions.
We may update this FERPA Privacy Policy from time to time. If we make material changes, we will provide advance notice by updating the “Effective Date” at the top of this Policy, posting a notice on our website or account portal, and providing notice via the email address we have on file for you. Your continued use of the Services after the effective date of any update constitutes acceptance of the revised Policy. We will comply with applicable law regarding notice of and consent to changes.
If you have questions about this FERPA Privacy Policy, disputes relating to our student data practices, or requests relating to student data, please contact us:
Botdoc Privacy Team - Student Data
ShortSave, Inc., a Colorado corporation doing business as Botdoc
1909 Woodmoor Drive
Monument, Colorado 80132
Email: support@botdoc.io