Privacy Policy

This privacy statement explains how the district's central authentication service collects, uses, retains, and protects personal and authentication-related information.

Information collected

• Authentication metadata: timestamps, IP addresses, user agents, and client identifiers.
• Account identifiers required for authentication (username, subject identifier) as needed by integrated services.
• Audit logs of authentication and administrative actions for security, compliance, and incident response.

Purpose and use

Data collected by the service is used solely to authenticate users, enable single sign-on across approved applications, detect and investigate security incidents, and meet operational and compliance requirements. The service does not transmit or store plaintext passwords or passkeys outside of secure authentication protocols.

Data retention

Authentication and audit logs are retained in accordance with district retention policies. Administrators may remove or archive logs through the administrative interface. Retention periods balance operational needs, security investigations, and privacy considerations.

Access, security and controls

Access to logs and administrative functions is restricted to authorized staff. Secrets and cryptographic keys should be stored in a secure secrets manager and rotated regularly. Transport-layer security (TLS) is required for all external communications.

User requests

Users may contact the Help Desk to request assistance, report potential compromise, or request data access in accordance with district procedures. Requests for deletion or special handling will be processed according to policy.

Contact

For privacy or data questions, contact the district Help Desk at or the Information Security Specialist.

Back to home