// Trust & Security Report
Nearpod (Nearpod Inc., a Renaissance Learning, Inc. company)
K-12 interactive instruction platform (interactive slides, formative assessment, gamified activities, lesson library) plus the AI Create lesson-generation feature; operated under Renaissance Learning since the 2021 acquisition and sharing Renaissance's corporate privacy/security programs.
Certifications held
5
Maturity
Enterprise
Trains on your data
No
Trust center
Yes
// Certification ledger
Each held certification is backed by a verbatim quote from the vendor's own trust or security page. “Not confirmed” means we could not verify it publicly, not that the vendor lacks it.
Verify on renaissance.com“Both our Privacy Compliance Program and our Information Security & Compliance Program complete the SOC 2 Type 2 examination of controls on an annual basis.”
Verify on trust.renaissance.com“"SOC 2 Type 1" listed as an available compliance document/badge on the Trust Center.”
Verify on nearpod.com“Nearpod designates school/district users as "school officials" under FERPA and relies on educator consent (rather than direct-to-child consent) as the COPPA basis for collecting student information through teacher-rostered accounts; the company is also a signatory of the Student Privacy Pledge.”
Verify on trust.renaissance.com“"Cyber Essentials" listed as an available compliance document/badge on the Trust Center.”
Verify on renaissance.com“Renaissance provides region-specific Customer Data Protection Agreements for United States, United Kingdom, European Union, Australia, Canada, and all other countries, available for request through the Privacy Hub.”
> Show 7 unconfirmed / not-held certifications
source: trust.renaissance.comNo public evidence. ISO 27001 is not listed on the Renaissance Trust Center (which enumerates SOC 2 Type 2, SOC 2 Type 1, Cyber Essentials, 1EdTech, COPPA, FERPA) and is not mentioned on Nearpod's own privacy notice.
source: nearpod.comNo public evidence of a HIPAA claim. Nearpod is a K-12 instructional/assessment tool and does not process protected health information; no HIPAA statement appears on Nearpod's privacy notice or Renaissance's Trust Center.
source: renaissance.com"Renaissance engages iKeepSafe to review and certify that the below-referenced products are in compliance with US data privacy laws such as FERPA and COPPA." Nearpod is listed with certification status "Coming soon" (Star Phonics, Lalilo, and Freckle are shown as already certified).
source: trust.renaissance.comNo public evidence. Not listed on the Trust Center and no payment-card handling claims found on vendor pages; institutional purchases go through quotes/invoicing rather than direct card processing by Nearpod.
source: trust.renaissance.comNo public evidence. Not listed on the Trust Center. Renaissance's Trust Center has a general "AI Overview" document but no AI-management-system certification badge.
source: trust.renaissance.comNo public evidence found on any vendor-domain page.
source: trust.renaissance.comNo public evidence found; Nearpod/Renaissance make no FedRAMP claim and the product targets K-12 school/district customers, not U.S. federal agencies.
// Privacy & AI training
Trains on customer data
No
Data processing agreement
Offered
Data region
Personal data is primarily stored on servers located in the United States (Renaissance-operated or Renaissance service-provider databases); Renaissance separately offers region-specific Customer DPAs for the US, UK, EU, Australia, and Canada, implying some non-US processing/storage arrangements for those regions.
For the AI Create feature, Nearpod states plainly on its own site: "No, Nearpod's AI does not use or collect any user data to train the model." AI Create requires teacher review before any generated content reaches students ("human-in-the-loop"), and district/school admins can disable AI Create entirely. This claim is specific to AI Create; no separate statement was found addressing model training for the broader platform (which does not otherwise expose generative AI to end users).
// Security controls
Encryption in transit
TLS 1.2-grade encryption or better for all application interactions (per third-party-corroborated vendor policy language; not independently re-quoted from a live vendor page in this pass).
nearpod.comBreach notification
Vendor privacy notice commits to notifying users in the event of a data breach.
nearpod.comNo sale of student data
"Nearpod does not sell any user data or employ marketing tools on its student-facing platform." Signatory of the Student Privacy Pledge.
nearpod.comLMS / SSO interoperability
1EdTech (IMS Global) certified, including LTI 1.3 support for streamlined, more secure single sign-on and roster integration with school LMS platforms.
trust.renaissance.comLegacy transatlantic data-transfer claim (potential staleness flag)
The current privacy notice still lists EU-U.S. Privacy Shield participation as a stated compliance mechanism, a framework the CJEU invalidated in 2020 (Schrems II) and which was superseded by the EU-U.S. Data Privacy Framework in 2023. This looks like un-updated legacy language rather than an active transfer mechanism.
nearpod.com// Products & data scope
data: Teacher account data; optional student participation data if the teacher enables student accounts/rosters.
Free plan plus paid individual tiers; sign-up via nearpod.com, no procurement/DPA negotiation typically involved at this tier.
data: District/school-rostered student data (name, email, institution, generated content, optionally audio/photos), LMS-integrated.
Site-license purchasing via quote request; covered by Renaissance's Customer DPAs and Student Data Privacy Agreements filed with state/district data-privacy consortia (e.g., SDPC).
data: Teacher prompt input; output is lesson/assessment content. Vendor states no user data is used to train the underlying model.
Admin-controllable at district/school level (can be disabled); requires teacher review before content reaches students.
data: Similar to Schools & Districts tier, adapted for higher-ed use cases including OER content.
Distinct marketing track on nearpod.com; same underlying Renaissance compliance programs apply.
// What to watch
- SOC 2 Type 1 and Type 2 are Renaissance's corporate-wide compliance-program certifications; no vendor page explicitly states that the Nearpod product/systems are named in-scope of the audited boundary. Request the actual SOC 2 report before relying on it for a Nearpod-specific enterprise deal.
- Nearpod's own privacy notice still references EU-U.S. Privacy Shield, a legal framework invalidated in 2020 and superseded in 2023 — likely stale copy that has not been updated to reflect the current EU-U.S. Data Privacy Framework or SCCs.
- Renaissance's Trust Center explicitly lists Nearpod's iKeepSafe COPPA/FERPA product certification as "Coming soon" (not yet issued), even though Nearpod is contractually FERPA/COPPA-compliant via its terms and Student Data Privacy Agreements. Do not conflate contractual compliance with an independent third-party certification.
- Two zendesk.com help-center pages (privacy policy full text, terms and conditions) returned HTTP 403 during this session and could not be independently re-verified; conclusions rely on renaissance.com/privacy/, nearpod.com/privacy-notice, nearpod.com/ai, and trust.renaissance.com instead.
// At a glance
Pricing model
Freemium for individual teachers (free tier + paid individual upgrades); quote-based site licensing for schools/districts and higher ed.
Self-hostable
No
// How we verified this
Every certification marked HELD is confirmed against a verbatim quote on Nearpod (Nearpod Inc., a Renaissance Learning, Inc. company)'s own trust, security, or privacy pages. We reject certifications claimed only on third-party aggregators, on a cloud host's behalf, or by a similarly named company.
Last verified 2026-07-08. Compliance changes over time. Always confirm directly with the vendor before relying on any certification for a purchasing or compliance decision.
trust.renaissance.com