Data Privacy Certification Requirements and Process 
Certification Requirements for Suppliers
- Must be a 1EdTech Contributing Member, Affiliate, or TrustEd Apps Alliance member organization
- Submit an application for review, which is satisfactorily vetted by 1EdTech staff using the 1EdTech TrustEd Apps vetting process and the 1EdTech TrustEd Apps Data Privacy Rubric and meets expectations or meets expectations (with reservations) in all areas of the rubric. Any areas that meet expectations (with reservations) must be explained and posted with the review.
- 1EdTech Contributing Member supplier organizations must complete online, or individual training on the 1EdTech TrustEd Apps vetting process.
- 1EdTech Alliance and Affiliate Member supplier organizations must complete online training on the 1EdTech TrustEd Apps vetting process.
- Complete a self-assessment to ensure that the application meets the required data privacy criteria outlined in the 1EdTech TrustEd Apps Data Privacy Rubric.
- Collaborate with 1EdTech staff to resolve issues that may arise in the 1EdTech TrustEd Apps vetting process and/or issues that may arise as the 1EdTech TrustEd Apps Data Privacy Rubric evolves into the future.
Review the levels of 1EdTech Membership available.
Certification Process for Suppliers
-
As a member of the 1EdTech community, the supplier initiates the request for the review of its application to obtain the 1EdTech TrustEd Apps Certified Seal of Data Privacy by contacting appvetting@1edtech.org.
-
1EdTech staff receives the request and conducts a thorough review of the application’s Privacy Policy and Terms of Service using the 1EdTech TrustEd Apps Data Privacy Rubric. Likewise, the application should demonstrate compliance with applicable privacy laws (COPPA/FERPA/GDPR). Note that all reviews and scores are posted in the 1EdTech Product Directory for any member of 1EdTech to examine for planning purposes.
-
1EdTech staff then generates the TrustEd Apps data privacy vetting report to be sent to the supplier that outlines any areas of strength or concern.
-
If the application meets expectations or meets expectations (with reservations) on the 1EdTech TrustEd Apps Data Privacy Rubric, a 1EdTech staff member notifies the supplier of the results and that the requirements for the 1EdTech TrustEd Apps Seal of Data Privacy have been met and awards the seal.
-
For any areas where the supplier meets expectations (with reservations), a 1EdTech staff member reviews those items with the supplier for awareness.
-
Any areas that do not meet the expectations noted in the rubric must be updated in the application’s Privacy Policy and Terms of Service before the seal can be awarded. A 1EdTech staff member notifies the supplier of the results and reviews what needs to be addressed in the application’s Privacy Policy and Terms of Service in order to achieve the seal.
-
Within ten days from the above notification, the supplier must update its policy to address any concerns or issues that were identified in order to obtain the seal.
-
Complete a self-assessment to ensure that the application meets the required data privacy criteria set forth in the 1EdTech TrustEd Apps Data Privacy Rubric.
-
1EdTech staff sets up a second meeting with the supplier to confirm that all changes are included in the policy and that the supplier fully understands the review process. At this time a review of the supplier’s performance on the self-assessment of the application will also be conducted by 1EdTech staff. Once the supplier satisfactorily addresses all concerns and notifies 1EdTech staff of those changes, and successfully completes the self-assessment, the seal can be awarded.
-
1EdTech staff sends a communication to the supplier within seven days with notification of the award of the 1EdTech TrustEd Apps Certified Seal of Data Privacy.
-
The awarded seal is displayed in the 1EdTech Product Directory, and as a 1EdTech member, the supplier may publish that seal on its application website and in marketing materials during the year of its validity.
-
The full review of the application is published in the 1EdTech Product Directory and is only viewable to 1EdTech members.
-
The 1EdTech Community periodically updates the 1EdTech TrustEd Apps Data Privacy Rubric in an effort to improve it to meet the needs of the users and the market. Applications must be vetted again with each new release of the rubric.
-
A review of each application is conducted annually on the date the seal was awarded, and the supplier is notified 60 days prior to its expiration to confirm any changes to the supplier's privacy policies. The renewal of certification must be completed in order to continue publishing the 1EdTech TrustEd Apps Seal of Data Privacy.
-
If the application continues to meet all of the requirements, it maintains the current status of the seal. If the application falls short of those expectations, the seal is no longer valid, and 1EdTech staff will strive to address those concerns with the supplier. Until the concerns are addressed, and the supplier satisfactorily meets all of the requirements for the seal, the supplier must remove all references and images of the seal from its website and marketing materials.