Wisconsin Student Data Privacy Agreement (WSDPA)
Version: 2.0 (Improved) | Date: December 2025
Template: WI-NDPA V1 | Provider: NAS (Neeraj's AI Services)
Contact: Dr. Neeraj Agrawal, nas.neeraj@gmail.com
Ready to Sign
NAS is ready and willing to sign the standard WSDPA (WI-NDPA V1) with any Wisconsin school district. This contract template is pre-prepared with all required provisions and ready to execute immediately upon LEA request.
Contact us to execute this agreement: nas.neeraj@gmail.com
PARTIES
Local Education Agency (LEA):
[School District/School Name]
[Address]
[City, State ZIP]
[Contact Person]
[Title]
[Email]
[Phone]
Provider:
NAS (Neeraj's AI Services)
[Business Address - To be added upon LLC formation]
Wisconsin, United States
Contact: Dr. Neeraj Agrawal, Founder & CEO
Email: nas.neeraj@gmail.com
Website: nasneeraj.com
RECITALS
WHEREAS, the LEA is a Local Education Agency as defined by the Family Educational Rights and Privacy Act (FERPA), 20 U.S.C. § 1232g, and Wisconsin Statute § 118.125; and
WHEREAS, the Provider offers Student Information System (SIS) and Learning Management System (LMS) services that may involve the collection, storage, and processing of student data; and
WHEREAS, the documents and data transferred from LEAs and created by the Provider's Services are subject to Wisconsin state student privacy laws, including Wis. Stat. § 118.125 (Pupil Records) and the Wisconsin Student Data Privacy Agreement (WSDPA); and
WHEREAS, the parties wish to enter into this Agreement to ensure compliance with all applicable federal and state student privacy laws;
NOW, THEREFORE, the parties agree as follows:
1. DEFINITIONS
1.1 "Student Data"
Means any information that directly relates to a student that is maintained by the LEA and may include, but is not limited to:
- Personally Identifiable Information (PII)
- Educational records as defined by FERPA
- Pupil records as defined by Wis. Stat. § 118.125
- Student names, dates of birth, enrollment information
- Academic records, grades, attendance
- Guardian/parent contact information
- Any other information that could be used to identify a student
1.2 "Services"
Means the SISLMS by NAS platform, including:
- Student Information System (SIS) functionality
- Learning Management System (LMS) functionality
- Related software, applications, and services provided by NAS
2. DATA OWNERSHIP AND CONTROL
2.1 Ownership
All Student Data remains the exclusive property of the LEA and the student. Provider acknowledges that it has no ownership rights to Student Data.
2.2 Control
The LEA retains full control over Student Data, including the right to:
- Access all Student Data at any time
- Request corrections to Student Data
- Request deletion of Student Data (subject to legal retention requirements)
- Export Student Data in standard formats (CSV, JSON)
- Terminate access to Student Data
3. PERMITTED USES OF STUDENT DATA
3.1 Educational Purpose
Provider may use Student Data solely for:
- Providing the Services to the LEA
- Maintaining and improving the Services
- Performing authorized operations and support
- Complying with legal obligations
3.2 Prohibited Uses
Provider SHALL NOT:
- Sell Student Data to any third party
- Use Student Data for advertising or marketing purposes
- Use Student Data for any purpose other than providing the Services
- Disclose Student Data to third parties except as expressly permitted in this Agreement
- Mine Student Data for commercial purposes
- Create profiles of students for non-educational purposes
4. COMPLIANCE WITH APPLICABLE LAWS
4.1 FERPA Compliance
Provider agrees to comply with the Family Educational Rights and Privacy Act (FERPA), 20 U.S.C. § 1232g, and its implementing regulations, 34 C.F.R. Part 99. Provider acts as a "School Official" with a "legitimate educational interest" as defined by FERPA.
4.2 Wisconsin Statute § 118.125 Compliance
Provider agrees to comply with all applicable Wisconsin student privacy laws, including Wis. Stat. § 118.125 regarding pupil records and confidentiality.
4.3 COPPA Compliance
Provider agrees to comply with the Children's Online Privacy Protection Act (COPPA), 15 U.S.C. §§ 6501-6506, where applicable.
5. SECURITY MEASURES
5.1 Security Standards
Provider shall implement and maintain reasonable security procedures and practices appropriate to the nature of Student Data, including:
- Encryption: AES-256 encryption for data at rest, TLS 1.2+ for data in transit
- Access Controls: Role-Based Access Control (RBAC) and Row-Level Security (RLS) at database level
- Infrastructure Security: SOC 2 Type 2 certified cloud infrastructure (Supabase/AWS)
- Regular Security Assessments: Vulnerability scanning and security audits
5.2 Security Breach Notification
In the event of an unauthorized disclosure of Student Data, Provider shall:
- Notify the LEA within 72 hours of discovery
- Provide detailed information about the breach
- Cooperate with the LEA in investigating and remediating the breach
- Comply with all applicable breach notification laws
6. DATA RETENTION AND DELETION
6.1 Retention Period
Provider shall retain Student Data only for as long as:
- Necessary to provide the Services
- Required by applicable law (Wis. Stat. § 16.61 - minimum 7 years for public records)
- Authorized by the LEA
6.2 Deletion Upon Termination
Upon termination of this Agreement or upon written request by the LEA:
- Provider shall delete or return all Student Data within thirty (30) days
- Provider shall provide written confirmation of deletion
7. THIRD-PARTY DISCLOSURES
7.1 Authorized Third Parties
Provider may disclose Student Data only to:
- Subcontractors necessary to provide the Services, who are bound by equivalent privacy and security obligations
- Cloud Infrastructure Providers: Supabase (database), Vercel (hosting), AWS (infrastructure)
- Law enforcement when required by law or court order
8. AUDIT AND MONITORING
8.1 Audit Logs
Provider shall maintain comprehensive audit logs of all access to Student Data, modifications, exports, and security events. Audit logs shall be retained for a minimum of one (1) year or as required by law.
9. PARENTAL RIGHTS
9.1 FERPA Rights
Provider acknowledges that parents and eligible students have rights under FERPA, including:
- Right to inspect and review Student Data
- Right to request amendment of inaccurate records
- Right to opt-out of directory information disclosure
- Right to file complaints with the U.S. Department of Education
10. TERM AND TERMINATION
10.1 Termination
Either party may terminate this Agreement:
- With cause: Immediately upon material breach
- Without cause: With sixty (60) days written notice
11. GENERAL PROVISIONS
11.1 Governing Law
This Agreement shall be governed by the laws of the State of Wisconsin.
11.2 Dispute Resolution
Any disputes arising under this Agreement shall be resolved through:
- Good faith negotiation
- Mediation (if negotiation fails)
- Wisconsin state courts (if mediation fails)
15. SIGNATURES
LEA (Local Education Agency):
_________________________________
[Name], [Title]
[School District/School Name]
Date: _______________
Provider (NAS):
_________________________________
Dr. Neeraj Agrawal, Founder & CEO
NAS (Neeraj's AI Services)
Date: _______________
Contact to Execute This Agreement
Dr. Neeraj Agrawal, Founder & CEO
NAS (Neeraj's AI Services)
Email: nas.neeraj@gmail.com
Website: nasneeraj.com
Document Version: 2.0 | Last Updated: December 2025 | Next Review: December 2026