// Trust & Security Report

    Nearpod (Nearpod Inc., a Renaissance Learning, Inc. company) logo

    Nearpod (Nearpod Inc., a Renaissance Learning, Inc. company)

    K-12 interactive instruction platform (interactive slides, formative assessment, gamified activities, lesson library) plus the AI Create lesson-generation feature; operated under Renaissance Learning since the 2021 acquisition and sharing Renaissance's corporate privacy/security programs.

    Certifications held

    5

    Maturity

    Enterprise

    Trains on your data

    No

    Trust center

    Yes

    // Certification ledger

    Each held certification is backed by a verbatim quote from the vendor's own trust or security page. “Not confirmed” means we could not verify it publicly, not that the vendor lacks it.

    SOC 2 Type 2
    HELD

    Both our Privacy Compliance Program and our Information Security & Compliance Program complete the SOC 2 Type 2 examination of controls on an annual basis.

    Verify on renaissance.com
    SOC 2 Type 1
    HELD

    "SOC 2 Type 1" listed as an available compliance document/badge on the Trust Center.

    Verify on trust.renaissance.com
    COPPA / FERPA (contractual compliance posture, not independently certified)
    HELD

    Nearpod designates school/district users as "school officials" under FERPA and relies on educator consent (rather than direct-to-child consent) as the COPPA basis for collecting student information through teacher-rostered accounts; the company is also a signatory of the Student Privacy Pledge.

    Verify on nearpod.com
    Cyber Essentials (UK NCSC-backed scheme)
    HELD

    "Cyber Essentials" listed as an available compliance document/badge on the Trust Center.

    Verify on trust.renaissance.com
    GDPR (posture)
    HELD

    Renaissance provides region-specific Customer Data Protection Agreements for United States, United Kingdom, European Union, Australia, Canada, and all other countries, available for request through the Privacy Hub.

    Verify on renaissance.com
    > Show 7 unconfirmed / not-held certifications
    ISO 27001
    NOT CONFIRMED

    No public evidence. ISO 27001 is not listed on the Renaissance Trust Center (which enumerates SOC 2 Type 2, SOC 2 Type 1, Cyber Essentials, 1EdTech, COPPA, FERPA) and is not mentioned on Nearpod's own privacy notice.

    source: trust.renaissance.com
    HIPAA
    NOT CONFIRMED

    No public evidence of a HIPAA claim. Nearpod is a K-12 instructional/assessment tool and does not process protected health information; no HIPAA statement appears on Nearpod's privacy notice or Renaissance's Trust Center.

    source: nearpod.com
    COPPA / FERPA (independent certification via iKeepSafe)
    NOT CONFIRMED

    "Renaissance engages iKeepSafe to review and certify that the below-referenced products are in compliance with US data privacy laws such as FERPA and COPPA." Nearpod is listed with certification status "Coming soon" (Star Phonics, Lalilo, and Freckle are shown as already certified).

    source: renaissance.com
    PCI DSS
    NOT CONFIRMED

    No public evidence. Not listed on the Trust Center and no payment-card handling claims found on vendor pages; institutional purchases go through quotes/invoicing rather than direct card processing by Nearpod.

    source: trust.renaissance.com
    ISO/IEC 42001 (AI management systems)
    NOT CONFIRMED

    No public evidence. Not listed on the Trust Center. Renaissance's Trust Center has a general "AI Overview" document but no AI-management-system certification badge.

    source: trust.renaissance.com
    CSA STAR
    NOT CONFIRMED

    No public evidence found on any vendor-domain page.

    source: trust.renaissance.com
    FedRAMP
    NOT CONFIRMED

    No public evidence found; Nearpod/Renaissance make no FedRAMP claim and the product targets K-12 school/district customers, not U.S. federal agencies.

    source: trust.renaissance.com

    // Privacy & AI training

    Trains on customer data

    No

    Data processing agreement

    Offered

    Data region

    Personal data is primarily stored on servers located in the United States (Renaissance-operated or Renaissance service-provider databases); Renaissance separately offers region-specific Customer DPAs for the US, UK, EU, Australia, and Canada, implying some non-US processing/storage arrangements for those regions.

    For the AI Create feature, Nearpod states plainly on its own site: "No, Nearpod's AI does not use or collect any user data to train the model." AI Create requires teacher review before any generated content reaches students ("human-in-the-loop"), and district/school admins can disable AI Create entirely. This claim is specific to AI Create; no separate statement was found addressing model training for the broader platform (which does not otherwise expose generative AI to end users).

    // Security controls

    Encryption in transit

    TLS 1.2-grade encryption or better for all application interactions (per third-party-corroborated vendor policy language; not independently re-quoted from a live vendor page in this pass).

    nearpod.com

    Breach notification

    Vendor privacy notice commits to notifying users in the event of a data breach.

    nearpod.com

    No sale of student data

    "Nearpod does not sell any user data or employ marketing tools on its student-facing platform." Signatory of the Student Privacy Pledge.

    nearpod.com

    LMS / SSO interoperability

    1EdTech (IMS Global) certified, including LTI 1.3 support for streamlined, more secure single sign-on and roster integration with school LMS platforms.

    trust.renaissance.com

    Legacy transatlantic data-transfer claim (potential staleness flag)

    The current privacy notice still lists EU-U.S. Privacy Shield participation as a stated compliance mechanism, a framework the CJEU invalidated in 2020 (Schrems II) and which was superseded by the EU-U.S. Data Privacy Framework in 2023. This looks like un-updated legacy language rather than an active transfer mechanism.

    nearpod.com

    // Products & data scope

    Nearpod for Teachers (Individual)Consumer / prosumer self-serve

    data: Teacher account data; optional student participation data if the teacher enables student accounts/rosters.

    Free plan plus paid individual tiers; sign-up via nearpod.com, no procurement/DPA negotiation typically involved at this tier.

    Nearpod for Schools & DistrictsInstitutional / enterprise K-12

    data: District/school-rostered student data (name, email, institution, generated content, optionally audio/photos), LMS-integrated.

    Site-license purchasing via quote request; covered by Renaissance's Customer DPAs and Student Data Privacy Agreements filed with state/district data-privacy consortia (e.g., SDPC).

    Nearpod AI CreateEmbedded generative-AI feature

    data: Teacher prompt input; output is lesson/assessment content. Vendor states no user data is used to train the underlying model.

    Admin-controllable at district/school level (can be disabled); requires teacher review before content reaches students.

    Nearpod for Higher EducationInstitutional / higher-ed

    data: Similar to Schools & Districts tier, adapted for higher-ed use cases including OER content.

    Distinct marketing track on nearpod.com; same underlying Renaissance compliance programs apply.

    // What to watch

    • SOC 2 Type 1 and Type 2 are Renaissance's corporate-wide compliance-program certifications; no vendor page explicitly states that the Nearpod product/systems are named in-scope of the audited boundary. Request the actual SOC 2 report before relying on it for a Nearpod-specific enterprise deal.
    • Nearpod's own privacy notice still references EU-U.S. Privacy Shield, a legal framework invalidated in 2020 and superseded in 2023 — likely stale copy that has not been updated to reflect the current EU-U.S. Data Privacy Framework or SCCs.
    • Renaissance's Trust Center explicitly lists Nearpod's iKeepSafe COPPA/FERPA product certification as "Coming soon" (not yet issued), even though Nearpod is contractually FERPA/COPPA-compliant via its terms and Student Data Privacy Agreements. Do not conflate contractual compliance with an independent third-party certification.
    • Two zendesk.com help-center pages (privacy policy full text, terms and conditions) returned HTTP 403 during this session and could not be independently re-verified; conclusions rely on renaissance.com/privacy/, nearpod.com/privacy-notice, nearpod.com/ai, and trust.renaissance.com instead.

    // At a glance

    Pricing model

    Freemium for individual teachers (free tier + paid individual upgrades); quote-based site licensing for schools/districts and higher ed.

    Self-hostable

    No

    // How we verified this

    Every certification marked HELD is confirmed against a verbatim quote on Nearpod (Nearpod Inc., a Renaissance Learning, Inc. company)'s own trust, security, or privacy pages. We reject certifications claimed only on third-party aggregators, on a cloud host's behalf, or by a similarly named company.

    Last verified 2026-07-08. Compliance changes over time. Always confirm directly with the vendor before relying on any certification for a purchasing or compliance decision.

    trust.renaissance.com

    > Browse all vendor trust reports