Naturally, we expect the Teams for Education platform to be used by students of all ages. We are aware that there are implications for having users who are under 18 years old, especially when it comes to privacy. We have put together some handy FAQs to give you peace of mind that your students' personal information remains secure and confidential. But before we get there, our Key Privacy and Data Security Assurances might be able to answer your immediate concerns:
Still have questions? Read on...
Can Replit be used in schools without disclosing students' personal information?
Yes. Using Teams for Education, teachers can set up their own accounts and email students directly to invite them to use the service. Students can create accounts at no cost to them, and use Teams for Education without providing personal information like names or email addresses. All that is required is a unique username and password, and you are good to go!
Note: You can code in any of our supported languages without needing to log in or share any information. You just won't get all the great extras available when you sign up. Try coding in Python in a private browser window.
How can I invite students and protect their privacy?
When you share that link (for example by emailing it to your students outside of Replit, or by pasting the link into your LMS or curriculum), we will not ask students to provide names, emails, or other personal information when they sign up. Neither you nor the students will need to provide us with that information. Students will have view-only access to the Repl Talk forum, so they can still see all the great content, guides, and tutorials from the community, but they post or can't be contacted, which protects their privacy.
What data does Replit collect about students through Teams for Education?
We do not allow students to post on our public forums. Students can still benefit from the forums, though, because they are not restricted from viewing them.
How does Replit use student data?
We only use the student data we collect for the purposes for which it was provided to us – that is, to perform services for the school and otherwise support the internal operations of our service. You can read the FTC’s COPPA FAQs for more detail on what “support for internal operations” includes.
We do not disclose student data to third parties other than our own subprocessors. We also implement appropriate technical, physical and administrative security measures to protect students’ information.
Can students under 13 use Replit in compliance with COPPA?
Yes, with Teams for Education, students under 13 can use Replit in compliance with COPPA. As noted above, we do not ask students (including students under 13) to provide personal information during sign up and we do not allow them to post in our public forums. The only COPPA-covered personal information we collect from students under 13 is Log Information and, as noted above, we only use that information to provide services for the school and otherwise support the internal operations of our service. Because of this, “verifiable parental consent” is not required for students to use our service.
In addition, and consistent with COPPA, we do not disclose student data to third parties other than our own subprocessors, and we implement appropriate measures to protect students’ information.
Can Replit be used in compliance with FERPA?
Is Replit compliant with the GDPR?
Yes, Replit is compliant with the EU General Data Protection Regulation (GDPR). We are committed to protecting customer data and privacy. We take our obligations regarding data compliance seriously, and approach them transparently. Replit has engaged in a GDPR compliance review to make our practices consistent with the GDPR, in respect to the processing of EU personal data. For example, Replit maintains records of its processing activities, has a legal basis for each processing activity in which it engages, and uses a variety of technical, organizational, and physical measures to safeguard and protect data. We also actively monitor our compliance efforts and seek to continuously improve them.
How does Replit protect personal data provided by its EU customers and users?
How does Replit transfer and store personal data from the EU?
As Replit is located in the United States, Replit stores the personal data we receives from EU customers on secure data servers hosted by reputable third parties in the United States. To transfer personal data from the EU to the United States, Replit relies on a variety of transfer mechanisms as applicable to a particular transfer, such as EU Commission approved Standard Contractual Clauses, contractual necessity, and consent.
What other privacy regulations and security frameworks is Replit compliant with?
This list is not exhaustive and we will continue to update it over time. However, we have reviewed and are compliant with the following privacy regulations:
Will Replit sign our university's, school's or district's Data Security or Privacy Agreement?
If you are a Local Educational Agency in the United States, our U.S. Student Data Protection Addendum also applies. We are happy to send you a copy for comments/edits if you'd like.