Student Records & FERPA

FERPA regulates the handling of "education records" at institutions that receive US Department of Education funding. JCIL.AI is not itself a covered institution — your university is.

When a university deploys the JCIL Cloud widget in a context where education records may flow through it (e.g., a chatbot embedded in the student portal, a counseling-services assistant that sees grade info, an admissions triage bot that views application records), JCIL.AI operates as a "school official" with a legitimate educational interest under 34 CFR § 99.31(a)(1)(i)(B).

• No redisclosure. We do not disclose education records to any party outside the subprocessor chain documented on our subprocessors page.
• Direct institutional control. Your university can terminate our Processing at any time by revoking the API key. On revocation, the key stops working immediately and revoked keys are fully purged from our systems within 90 days.
• Use limitation. Education records are used only for the purpose you configure in the widget's custom prompt. We do not use student data for any other service, product, or training pipeline.
• Return or destruction on request. The university can request deletion of all data at any time via the compliance contact form with topic FERPA / university compliance. We honor within 30 days.
• Audit cooperation. We will support reasonable FERPA audits and provide a controls matrix within the response time requested.

1. Add JCIL.AI to your official list of outsourced service providers operating under the school-official exception.
2. Document the "legitimate educational interest" in using JCIL.AI (typically covered by your existing vendor review process).
3. Configure the widget's custom prompt to match that purpose — do not configure the widget to Process records outside the stated purpose.
4. Ensure that notice of outsourcing to JCIL.AI is consistent with your annual FERPA notification to students.
5. Enable the safety webhook so crisis signals route to appropriate student-support staff (Dean of Students, counseling center, campus safety).

JCIL.AI only sees what passes through the configured widget:

• Chat messages between students and the widget
• Knowledge base URLs you configure (e.g., course catalogs, registrar FAQs)
• Optional identity metadata if you pass it through the widget (student ID, department)
• Request metadata (IP address, approximate location) retained 30 days

We do not pull from your SIS, LMS, or other systems of record unless your integration explicitly sends that data in a message.

Our standard Data Processing Addendum covers FERPA-aligned obligations (school official status, use limitation, no redisclosure, deletion on request). Universities that need a FERPA-specific rider can request one through the compliance contact form.

If your institution's general counsel requires specific language around the school-official exception, re-disclosure, or records-of-disclosure, we will negotiate reasonable additions to the DPA.