Can Replit’s services be used in schools?
Yes. Using Teams for Education, teachers can set up their own accounts and email students directly to invite them to use the service. Students can create accounts and use Teams for Education without providing personal information like names or email addresses.
Note: that you can code in any of our supported languages without needing to log in or share any information. You just won't get all the great extras available when you sign up. Try coding in Python in a private browser window.
Key Privacy and Data Security Assurances
How can I invite students and protect their privacy?
When you share that link (for example by emailing it outside of Replit to your students or by pasting the link into your LMS or curriculum), then we will not ask students to provide names, emails, or other personal information when they sign up. Neither you nor the students will need to provide us with that information. Students will have view-only access to the Repl Talk forum, so they can still see all the great content, guides, and tutorials from the community, but they can't be contacted or post, which protects their privacy.
What data does Replit collect about students through Teams for Education?
We do not allow students to post on our public forums. Students can still benefit from the forums, though, because they are not restricted from viewing them.
How does Replit use student data?
We only use the student data we collect for the purposes for which it was provided to us – that is, to perform services for the school and otherwise support the internal operations of our Service. Please see the FTC’s COPPA FAQs for more detail on what “support for internal operations” includes.
We do not disclose student data to third parties other than our own subprocessors. We also implement appropriate technical, physical and administrative security measures to protect students’ information.
Can students under 13 use Replit in compliance with COPPA?
With Teams for Education, students under 13 can use Replit in compliance with COPPA. As noted above, we do not ask students (including students under 13) to provide personal information during sign up and we do not allow them to post in our public forums. The only COPPA-covered personal information we collect from students under 13 is Log Information and, as noted above, we only use that information to provide services for the school and otherwise support the internal operations of our Service. Because the only COPPA-covered personal information we collect is Log Information and we only use that information to support the internal operations of our Service, “verifiable parental consent” is not required for students to use our Service.
In addition, consistent with COPPA, we do not disclose student data to third parties other than our own subprocessors, and we implement appropriate measures to protect students’ information.
Can Replit be used in compliance with FERPA?
Is Replit compliant with the GDPR?
Yes, Replit is GDPR compliant.
What is the GDPR?
The EU General Data Protection Regulation (GDPR) is the primary law regulating how companies must protect the personal data of EU citizens. The GDPR took effect on May 25th, 2018, and it gives EU citizens broad rights to their data, creates strong safeguards for the processing of any data, and requires companies to transparently disclose their data processing activities. Any company that processes or stores EU personal data must be compliant with the GDPR. "Personal Data" is considered any information relating to an identified or identifiable natural person.
How is Replit Compliant with the GDPR?
Replit is committed to protecting customer data and privacy, and we take our obligations regarding data compliance seriously and transparently. Replit has engaged in a GDPR compliance review to make its practices with respect to the processing of EU personal data consistent with the GDPR. For example, Replit maintains records of its processing activities, has a legal basis for each processing activity in which it engages, and uses a variety of technical, organizational, and physical measures to safeguard and protect data. We also actively monitor our compliance efforts and seek to continuously improve them.
How does Replit Protect Personal Data Provided by its EU Customers and Users?
How does Replit Transfer and Store Personal Data from the EU?
As Replit is located in the United States, Replit stores the Personal Data it receives from its EU customers on secure data servers hosted by reputable third parties in the United States. To transfer personal data from the EU to the United States, Replit relies on a variety of transfer mechanisms as applicable to a particular transfer, such as EU Commission approved Standard Contractual Clauses, contractual necessity, and consent.
What other privacy regulations and security frameworks is Repl.it compliant with?
This list is not exhaustive and we will continue to update it over time, however, we have reviewed and are compliant with the following privacy regulations:
Will you sign our university's, school's or district's Data Security or Privacy Agreement?
If you are a Local Educational Agency in the United States, our U.S. Student Data Protection Addendum also applies. We are happy to send you a copy for comments/edits if you'd like.