LOS ANGELES INSTITUTE OF RESTORATIVE PRACTICES AND RESEARCH (LAIRP) PRIVACY POLICY

 

Last updated April 18, 2026

INTRODUCTION

This Privacy Policy describes how the Los Angeles Institute of Restorative Practices and Research ("LAIRP") collects, protects, uses, and shares Personally Identifiable Information ("PII") and other data of Users of its educational products and services (collectively, the "Services"). The Services are designed to support restorative practices training, coaching, professional learning, school climate improvement, educational research, and related programs provided to schools and educational partners. ​​

II. Definitions

For purposes of this Privacy Policy, the following terms and legal authority are defined as follows. ​

1. "AWS" means Amazon Web Services. ​
2. "Beacons" means single pixel images, web beacons, and other similar technology that LAIRP may use to (i) track usage of its website, (ii) track response rates to certain activities and promotions within its website, and (iii) identify certain information regarding the time and manner of access to its website, such as the type of browser, operating system, domain names, and similar technical data. ​
3. "Cookies" means small text files that LAIRP may transfer to the User's local device through the User's web browser to (i) improve navigation to LAIRP's website, (ii) recognize the User and the User's access privileges, (iii) track the User's usage and preferences on LAIRP's website, (iv) detect any cookies previously set by the User's server, and (v) identify certain information regarding the time and manner of access to LAIRP's website. ​
4. "CCPA" means the California Consumer Privacy Act, California Civil Code section 1798.100. CCPA applies to California residents and allows them to request that LAIRP disclose certain information about its collection and use of their PII during the previous twelve (12) months, provided that such requests are made no more than twice within a twelve (12) month period. California residents also may request that LAIRP delete collected or stored PII, subject to applicable legal exceptions, including where the PII is necessary for (i) completion of the Services for the User, (ii) detection of security incidents or protection against malicious, deceptive, fraudulent, or illegal activity, (iii) identification and repair of bugs or errors that impair intended functionality, or (iv) compliance with a legal obligation. California residents may elect to direct LAIRP not to sell their PII, and if LAIRP ever engages in conduct requiring opt-in consent for minors under applicable law, LAIRP will obtain the legally required affirmative authorization. ​
5. "CIPA" means the Children's Internet Protection Act, 47 U.S.C. section 254(h). CIPA sets forth procedures, protections, and restrictions for schools regarding, among other things, (i) children's access to obscene or harmful content over the Internet, (ii) the safety and security of children when using e-mail, chat rooms, and similar online services, (iii) hacking and other unlawful online activities by children, and (iv) unauthorized disclosure, use, and dissemination of children's PII. ​
6. "COPPA" means the Children's Online Privacy Protection Act, 15 U.S.C. sections 6501-6506. COPPA applies to operators of websites and online services that collect PII from children under 13 years of age. Where COPPA applies, LAIRP will provide legally required notice regarding the categories of PII collected, the manner in which the information is used, any third parties receiving such PII, and parental rights, including the right to provide consent, review collected PII, request deletion of PII, and refuse further collection or disclosure except as permitted by law. When allowed by law, a School may act as the parent's agent and provide consent for collection of a child's PII when the information is used exclusively for educational purposes. ​
7. "FERPA" means the United States Family Educational Rights and Privacy Act, 20 U.S.C. section 1232g, 34 CFR Part 99. FERPA provides privacy rights and protections for educational records and educational PII collected and processed on behalf of educational institutions receiving government funding from the U.S. Department of Education. FERPA may provide eligible students and parents with rights to inspect, review, and seek amendment of qualifying education records, subject to applicable exclusions and limitations. ​
8. "PII" means information personally identifiable to a specific User, including information that relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular User or the User's LAIRP account or participation in LAIRP Services. This information may include, but is not limited to, the User's name, home address, telephone number, email address, other online contact information, education records, student records, restorative practice participation records, training completion records, survey responses, and similar information. ​​
9. "School" means a school, school district, college, university, nonprofit organization, public agency, community-based organization, or other education-related institution or agency that contracts with LAIRP or authorizes use of the Services for the benefit of its students, staff, families, or community participants. ​​
10. "Services" means the LAIRP educational, training, coaching, consulting, research, digital, and related services purchased, licensed, or utilized by a School or other authorized partner. ​​
11. "SOPIPA" means the Student Online Personal Information Protection Act, California Business and Professions Code sections 22580-22585. SOPIPA applies to websites, online services, and mobile apps designed, marketed, and used primarily for K-12 school purposes. It prohibits operators covered by SOPIPA from, among other things, selling student information, using student information to target advertising, creating advertising profiles of students, or disclosing covered information except as permitted by law. SOPIPA also requires reasonable security practices and deletion of data upon request where required by law. ​
12. "SSL" means secure socket layers. ​
13. "User" means a student, educator, instructor, teacher, administrator, staff member, parent, guardian, consultant, trainer, researcher, or other authorized end-user of the Services. ​​

III. Use and Disclosure

LAIRP collects, processes, and uses data in order to provide the Services and for related educational, restorative-practices, research, training, coaching, evaluation, and program-improvement purposes. This data may include PII. LAIRP may use and disclose PII and other data to the User's School or other authorized partner, and may use and disclose PII and other data as requested or authorized by the School, by an applicable governmental educational agency or authority, or for administrative, audit, evaluation, implementation, and service-effectiveness purposes. ​​

LAIRP also may collect, use, and disclose PII and other data: (a) with the User's consent or the consent of the User's parent or guardian if applicable or required by law; (b) in response to a subpoena, court order, or legal process, to the extent permitted or required by law; (c) to protect the health, safety, and security of the Services, LAIRP's website, and the data, assets, and systems of Users and other persons, consistent with applicable law; (d) in connection with a sale, merger, joint venture, reorganization, or other transfer of some or all of LAIRP's organization or assets, subject to the acquiring entity's commitment to comply with this Privacy Policy or substantially similar privacy protections; (e) to prevent, detect, investigate, or address actual or suspected security breaches, fraud, or other illegal activities or misconduct; or (f) to exercise legal rights, including enforcement of any applicable contract with the User or the School. ​

LAIRP may disclose PII and other data to affiliated organizations, contractors, consultants, service providers, and other entities that perform work for LAIRP. These parties are expected to protect the confidentiality of PII and other data in a manner consistent with this Privacy Policy and applicable law. ​

IV. Third-Party Analytic Services

LAIRP may use third-party analytic services, such as website analytics providers, to collect anonymous or aggregated visitor data from and on its website. If LAIRP uses a third-party service to collect such data, the third-party service is not intended to collect PII associated with that data unless otherwise disclosed. Such services may collect non-PII anonymous visitor data, such as IP addresses, browser types, accessing apps, device information, and referring websites. LAIRP may use this information for appropriate programmatic, educational, and operational purposes, including (i) statistical analysis of website traffic patterns, (ii) administration and audit of the Services, and (iii) confirmation of User and partner compliance with applicable terms, conditions, and rules associated with the Services and LAIRP's website, LAIRP.org

V. Marketing and Advertising

LAIRP will not use student PII or participant education-related PII for targeted marketing purposes and will not knowingly direct marketing communications to students through the Services. LAIRP does not permit third-party advertising networks or similar services to access or collect PII from within school-facing Services in a manner inconsistent with applicable law. LAIRP may, however, communicate with adult educators, administrators, or institutional partners regarding training opportunities, professional learning, publications, events, or related restorative-practices services, subject to applicable law and communication preferences. ​​

VI. No Sale of Personal Information

LAIRP does not sell or rent PII or other data. Users may email a request regarding the sale or sharing of personal information, or related privacy rights, to calvarez@larightbrain.org

VII. Compliance with Legal Authority Regarding Data Protection

LAIRP and each School will comply with all applicable provisions of CCPA, CIPA, COPPA, FERPA, SOPIPA, and other applicable laws, including applicable California Education Code provisions where relevant to the Services. The School remains responsible for obtaining, maintaining, and documenting any notices, consents, permissions, or authorizations required by law for User access to and use of the Services, including those described in California Education Code section 49073.1 where applicable. ​

VIII. Security and Destruction of Student Records

To protect PII and other data from unauthorized or unintended access, use, and disclosure, LAIRP maintains an information privacy and security program and employs reasonable and appropriate physical, administrative, and technical safeguards. This program may include encryption in transit, secure firewalls, role-based access controls, vendor security obligations, and storage of data in secure cloud environments, including AWS where appropriate. LAIRP also performs periodic review of its information security practices and prioritizes remediation of identified security vulnerabilities. ​

LAIRP cannot and does not guarantee that there will never be a security breach. In the event of a security incident involving PII or other protected data, LAIRP will communicate and cooperate with the School or partner organization, and where appropriate or required by law, support notification to affected individuals or parents/guardians. ​

At the conclusion of a school year, training cycle, research engagement, or contracted services period, data collected and stored within the system may be securely retained for operational continuity, reporting, longitudinal support, compliance, or record keeping purposes for as long as reasonably necessary and permitted by law and contract. When a contract ends or data is no longer needed, LAIRP will securely destroy, de-identify, or return data in accordance with applicable law, contractual commitments, and record-retention requirements. ​

IX. Feedback and De-Identified Data

LAIRP may provide Users with the opportunity, on a voluntary basis, to evaluate and provide feedback regarding the Services. LAIRP may use and disclose such data in de-identified form, as well as other de-identified data collected and processed through the Services, so that it may deliver, maintain, support, evaluate, and improve the Services, conduct educational and restorative-practices research, develop new programs and resources, and pursue other legitimate educational or organizational purposes. ​​

LAIRP may use de-identified or aggregated information to describe program outcomes, implementation trends, participation levels, climate or training indicators, research findings, or service impact, provided that such information does not identify an individual student or other User. De-identified data is not considered PII under this Privacy Policy. ​

LAIRP may communicate with Users by email to provide updates and information about the Services and to request User evaluation and feedback about the Services. LAIRP will provide Users with a means or method to express their email preferences or unsubscribe from emails where required by applicable law. ​

X. Cookies and Other Technologies Used to Collect Information

LAIRP may receive and store certain User information through the use of Cookies, Beacons, and other similar technologies. Users and Schools may have a variety of tools to control the use of, block, and delete Cookies, Beacons, and similar technologies. Disabling or blocking these technologies may prevent or impair the required functionality and use of certain Services, and LAIRP may recommend that Users do not block or delete them when they are necessary for access, authentication, or performance. ​

XI. Use of Artificial Intelligence

LAIRP may use Artificial Intelligence ("AI") technologies, including machine learning tools or large language models, to support certain administrative, educational, research, training, or content-development functions. Depending on the Service, these tools may be used for tasks such as summarizing implementation data, organizing qualitative feedback, drafting non-final training materials, supporting internal analysis, or assisting educators and facilitators with resource development. Any such tools are intended to support, not replace, the professional judgment of educators, facilitators, school leaders, and administrators. ​​

Where AI tools are used in connection with school-facing services, LAIRP will seek to use them in a manner consistent with applicable education and privacy laws and with contractual obligations. LAIRP does not use AI to make high-stakes decisions about students without meaningful human review and oversight. Where appropriate, data used in AI-supported workflows may be minimized, anonymized, or de-identified. ​

Students are not required to interact directly with AI systems or chatbots as a condition of receiving LAIRP Services unless expressly disclosed by the School and permitted by law. LAIRP reviews AI-supported processes periodically to support fairness, transparency, appropriateness, and legal compliance. ​

XII. International Use

If Users access the Services from outside the physical borders of the United States, that access may occur through servers or systems located in the country from which the Services are accessed or in the United States. In such circumstances, PII and other data may be transmitted, stored, and shared in accordance with this Privacy Policy and the privacy laws of the United States, which may not be equivalent to the laws in effect in other jurisdictions. Users accessing the Services from outside the United States acknowledge that their information may be processed in the United States to the extent permitted by law. ​

XIII. User PII Responsibilities

To help protect the privacy and security of their PII, Users shall (i) protect, secure, and never share their passwords; (ii) only access the Services using secure networks; (iii) maintain updated internet security and virus protection software on their devices and computer systems; (iv) immediately change a password and request that their School or program administrator contact LAIRP if there is a suspicion or indication that the password has been compromised; and (v) promptly request that their School, partner organization, or program administrator contact LAIRP if they have a security or privacy concern or issue. ​

XIV. Account Removal

In the event a User or a User's parent, where appropriate, wishes to delete or remove the User's PII or account, please send an email to

calvarez@larightbrain.org

or direct the request through the User's School or authorized partner, as applicable. Requests will be reviewed and handled in accordance with applicable law, contractual obligations, and operational requirements. ​

XV. Technical Assistance

Students generally may not request technical assistance or support directly from LAIRP unless a particular Service expressly permits direct support. In most cases, only instructors, teachers, administrators, coordinators, or other authorized representatives of a School or partner organization may request technical assistance or support directly from LAIRP, and they may do so by sending an email to

calvarez@larightbrain.org

XVI. Changes to the Privacy Policy

LAIRP reserves the right to change, amend, edit, or revise this Privacy Policy at any time and for any reason, subject to applicable law. Users and Schools should review this Privacy Policy regularly. Notice of any change, amendment, edit, or revision to this Privacy Policy may be distributed by LAIRP through any commercially reasonable manner, including but not limited to an updated posting on LAIRP's website, and will become effective as stated in the notice or, if no later date is stated, upon posting. Continued access to or use of the Services by the User or School after the effective date of the updated Privacy Policy constitutes acceptance of the revised terms to the extent permitted by law. Questions or concerns regarding a change to this Privacy Policy may be sent to

calvarez@larightbrain.org or dr.pulgarin@larightbrain.org