Aktivate takes the security of the data of students, parents and schools very seriously, and follows all protocols required by law, as well as school districts. Below are some of the most commonly asked questions we receive when it comes to data privacy, and how our software protects its users.

How do we secure the platform?

  • Aktivate adheres to all the data privacy standards required by law – as well those set by the school district.

    Our security measures for storing student data include protections to ensure that only authorized personnel have access to data.

    • Data is encrypted at rest in a private database accessible only by Aktivate personnel that require access to support the product and perform their jobs

    • With respect to payments, we also adhere to Pament Cared Industry (PCI) requirements for privacy and security of data

    • We adhere to all district requirements including with respect to data ownership, security, auditability, etc

  • Districts/schools provide Aktivate with all the forms students are required to complete on or through our website. These forms include requirements set forth by the state (such as medical forms) and additional requirements specified by your district or school.

    Aktivate has created an online registration experience that places full control in the hands of the district/schools with respect to the questions required for registration.

Managing Data

  • Aktivate is governed by, and compliant with FERPA. We are a third party software solution, and the District is the custodian of student electronic health records, and such records fall squarely under FERPA (not HIPAA). FERPA protects all student data and its requirements. Because we work directly with schools, we are required to comply with FERPA.
    Learn more about HIPPA & FERPA regulations.

  • Aktivate has a very comprehensive rights system.

    • Coaches have the ability to view pertinent information related solely to athletes participating in the sport they coach, and only on the teams they are involved with. They have access to emergency contact information, insurance information (if a school requires this) and certain health matters (such as allergies, does the athlete carry an epipen, is there a previous history of injuries, etc). This provides a coach with appropriate information that may be necessary in the event of an injury or other relevant emergency situation (e.g, to provide to EMS personnel). Coaches cannot approve any documents or, more broadly, view any documents uploaded during the registration process.

    • School Admins have access to all information – just as they would if the information had been submitted on a paper form, but with much better controls limiting unauthorized or improper access to this information. School admins can designate and authorize any other school employees who need to be granted admin access rights.

  • We do facilitate integration with certain third party services. One challenge for schools and parents is that there can be a large number of single-purpose, point solutions for different services from different providers that all relate to the same activity (a student’s participation on the varsity football team, for example). There can be one service to register, another to find out when games are, another for the coach to message the team, another to buy tickets to the game, another to watch the game on video, and so on). We don’t offer all of these services ourselves. By creating partnerships with other entities, we aim to facilitate a better and more seamless user experience from sign-up to game-day to end-of-season.

    We look to establish relationships with other companies offering best-of-breed compliant solutions in the high school sports space. For example, we have a partnership with CVS to provide lower-cost physicals (going live in 3 weeks), and we will work with school-selected ticketing providers to promote ticket sales for games This helps create easy-to-use experiences for parents, students and families.

  • Yes. A valid subpoena would be required for Aktivate, a school district, hospital or any other service provider to share information with law enforcement.

  • Aktivate allows parents to opt-in to receive information from certain third parties (e.g., NCSA). When a parent opts in, we share limited parental information, including contact information. We do not share student PII with anyone. We may share aggregated and de-identified information for limited purposes (e.g., to improve our product);

  • Again, only on an aggregated and de-identified basis and if relevant to a bona fide research question (e.g., what proportion of schools nationwide offer Lacrosse or Soccer as a school sport).

  • Aktivate primarily uses Student Data to allow Authorized Users to make meaningful use of the functionality available through the Services (e.g., for registration and scheduling). Aktivate may use Student Data in one or more of the following ways:

    • to provide our educational products and services and to support Customers’ and their Authorized Users;

    • to respond to the inquiries and requests of our Customers and their Authorized Users;

    • to send administrative information to LEA and SEA Customers and their Authorized Users;

    • to send product information when applicable to Authorized Users who are personnel of the LEA or SEA;

    • to send emails and other communications to Customers and Authorized Users;

    • to personalize the experience of Authorized Users;

    • on a de-identified basis, to improve the effectiveness and development of our products;

    • on a de-identified basis, to report on aggregate trends and usage statistics;

    • for product access and security controls;

    • to conduct system audits and improve protections against the misuse of our products; and

    • to provide customer support

  • We share Student Data solely as permitted under the Agreement (e.g., for purposes of providing Services) and as required by law, including but not limited to the following:

    • to comply with the law, respond to requests in legal or government enforcement proceedings (such as complying with a subpoena);

    • to protect our rights in a legal dispute, or seek assistance of law enforcement in the event of a threat to the rights, security or property of Aktivate, our affiliates, Customers, Authorized Users or others;

    • in connection with the acquisition or transfer of Aktivate or its to another party (including in connection with any bankruptcy or similar proceeding), provided that such disclosure and subsequent use will be subject to the Privacy Policy;

    • to work with third parties who conduct studies or assist us in providing and improving our products and services, such as platform, infrastructure, software and other types of service providers, agents, partners and researchers. We contractually bind such parties to protect Student Data.

    • We may also share Student Data with Aktivate’s affiliated education companies, provided that such disclosure at all times is subject to this Policy. Aktivate does not: 1) sell Student Data to third parties; 2) share Student Data with third parties for the purpose of enabling targeted advertising to Students; or 3) Claim ownership of Student Data.

  • Customers and Authorized Users may choose to access one or more Third Party Services through Aktivate’s products and services, or customers may choose to use our products and services in conjunction with Third Party Services, such as those from operating system providers, social media platforms, wireless service providers, device manufacturers, and other application or service providers.

    When a Customer or Authorized User elects to enable a Third Party Service, Aktivate may share Other Information with such Third Party Service. While we require each Third-Party Service to disclose all permissions for information access in the Services, we cannot guarantee or enforce their doing so.

    Third Party Service Providers and Partners. We may engage third party companies or individuals as service providers or business partners (each a “Third Party Partner”) to process Other Information and support our business. We may, for example, develop strategic partnerships with Third Party Partners to support our common customers.

    Corporate Affiliates. Aktivate may share Other Information with its corporate affiliates, parents and/or subsidiaries. In connection with certain changes or contemplated changes to Aktivate’s business (e.g., an acquisition, bankruptcy, dissolution, reorganization, sale of some or all of Aktivate’ assets or stock, financing, public offering of securities, acquisition of all or a portion of our business, or similar transaction or proceeding, or steps in contemplation of such activities), some or all Other Information may be shared or transferred, subject to standard confidentiality arrangements.

    To Comply with Laws. If we receive a request for information, we may disclose Other Information if we reasonably believe disclosure is in accordance with or required by any applicable law, regulation, or legal process.

    Aggregated or De-identified Data. We may disclose or use aggregated or de-identified Other Information for any purpose, in our discretion. For example, we may share aggregated or de-identified Other Information with prospects or partners for business or research purposes, such as telling a prospective Aktivate customer the average number of events scheduled, or registration forms completed over some time period.

    To enforce our rights, prevent fraud, and for safety. To protect and defend the rights, property, or safety of Aktivate or third parties, including enforcing contracts or policies, or in connection with investigating and preventing fraud or security issues.

    With Consent. Aktivate may share Other Information with third parties when we have consent to do so.

  • State athletic associations, districts and individual schools create their questionnaires and provide their required participation forms for collection.

Term Definitions

  • “Authorized Users” means students, parents, coaches, teachers and other school personnel using Aktivate’s products or services pursuant to an Agreement.

  • “LEA” or “School District” means a local education agency, school network, independent or public school, or other regional education system using Aktivate’s products or services pursuant to an Agreement.

  • “Other Information” means information that does not contain any personally identifiable information (which may include de-identified information).

  • “SEA” means the educational agency primarily responsible for the supervision of public elementary and secondary schools in any of the 50 states, the Commonwealth of Puerto Rico, the District of Columbia, or other territories and possessions of the United States, as well as a national or regional ministry, department of education, or comparable government body in other countries, as applicable.

  • “Student Data” means the personally identifiable information Aktivate receives regarding a student  within the LEA or the SEA.