← Back to InternPick

Compliance & Legal Standards

InternPick is built on a foundation of legal compliance and student safety. Every badge in our footer is backed by real policy commitments — not just labels.

🛡️ FERPA Compliant⚖️ Dept. of Labor Protected👶 Children's Privacy Safe🔒 256-bit SSL🤖 AI Moderated
🛡️
FERPA Compliant

FERPA — Student Privacy Protection

What is FERPA?

The Family Educational Rights and Privacy Act (FERPA), 20 U.S.C. § 1232g, is a federal law that protects the privacy of student education records. It applies to all educational agencies and institutions that receive federal funding.

How InternPick complies

  • Students can only join InternPick via unique invite codes issued by their school educator — there are no open public student sign-ups.
  • Student profiles are never surfaced in public search results or visible to unauthenticated users.
  • Personally Identifiable Information (PII) in program posts is screened by our AI moderation layer and automatically blocked before publication.
  • InternPick acts as a "school official" under FERPA's legitimate educational interest exception when processing data strictly for program administration.
  • We do not share student education records with third parties without prior written consent, except as permitted by FERPA.
  • Schools retain full control over their student roster and can revoke access at any time.

Your rights under FERPA

Students (or parents/guardians of students under 18) have the right to inspect education records, request corrections, and restrict disclosure. Contact your school's FERPA coordinator, or reach InternPick's data team at privacy@internpick.com.

⚖️
Dept. of Labor Protected

U.S. Department of Labor — Internship Protections

Why DOL compliance matters

The U.S. Department of Labor (DOL) issues guidelines distinguishing lawful school-credit internships from employment relationships. InternPick is designed exclusively around school-sponsored, academic-credit work-based learning, which aligns with the DOL's Primary Beneficiary Test for unpaid internship programs.

InternPick's structural safeguards

  • All programs on InternPick must be tied to a school-accredited practicum with documented academic credit.
  • Program rubrics track training objectives, hours, and credit units — evidence of educational primacy.
  • Host businesses apply to programs; they do not post job listings. This keeps the relationship educational, not employment-based.
  • InternPick does not facilitate payment between businesses and students. Compensation structures (if any) must be arranged and certified externally.
  • Platform terms of service prohibit using InternPick to circumvent labor laws or to displace regular employees with unpaid interns.

Fair Labor Standards Act (FLSA)

Businesses hosting interns are responsible for independently verifying compliance with FLSA, state wage laws, and any applicable union agreements. InternPick provides resources and reminders but does not provide legal advice. Consult qualified legal counsel for your specific situation.

👶
Children's Privacy Safe

Children's Privacy — COPPA & Minor Protections

What is COPPA?

The Children's Online Privacy Protection Act (COPPA), 15 U.S.C. §§ 6501–6506, restricts the collection of personal information from children under 13 without verifiable parental consent. Many states extend similar protections to minors under 18.

How InternPick protects minors

  • InternPick does not knowingly collect personal information from users under 13. The platform is designed for high-school and post-secondary students who participate under their school's supervision.
  • All student accounts are provisioned and controlled by verified school educators — students cannot self-register.
  • Minor student data is processed only for legitimate educational purposes under school authority and is never sold to advertisers or data brokers.
  • Public-facing program pages contain no student information; only program details and school credentials are displayed.
  • AI moderation automatically detects and redacts any PII inadvertently included in program content.

Parental rights

Parents or guardians of students under 18 may request access to, correction of, or deletion of any personally identifiable information InternPick holds about their child by contacting privacy@internpick.com. Requests are processed within 30 days.

🔒
256-bit SSL

Security — 256-bit SSL Encryption

What 256-bit SSL means

All data transmitted between your browser and InternPick is encrypted using TLS 1.3 with AES-256-GCM ciphers — the same standard used by major financial institutions and federal government portals. This prevents eavesdropping, data tampering, and man-in-the-middle attacks.

Additional security measures

  • HTTPS enforced on all pages — HTTP connections are automatically redirected.
  • HSTS (HTTP Strict Transport Security) headers prevent downgrade attacks.
  • Authentication is managed through Supabase Auth with bcrypt-hashed passwords and industry-standard JWT session tokens.
  • Row-Level Security (RLS) policies on our database ensure every user can only access data they are authorized to see — even in the event of an application bug.
  • API keys and secrets are stored server-side only, never exposed in client-side code.
  • Regular security audits and dependency updates are performed as part of our release cycle.

Reporting a vulnerability

If you discover a security vulnerability, please report it responsibly to security@internpick.com. We commit to acknowledging reports within 48 hours and issuing a fix or mitigation within 30 days for confirmed critical issues.

🤖
AI Moderated

AI Moderation Policy

What AI moderation does

InternPick uses AI language models (powered by Google Gemini) to analyze program content before it is published or updated. This is not a replacement for human oversight — it is an additional safety layer.

Specific moderation functions

  • PII detection: Automatically flags and blocks personally identifiable information (names, phone numbers, email addresses, SSNs) from appearing in public program descriptions.
  • Content appropriateness: Screens program content for language inappropriate for an educational context, or content that could constitute harassment or discrimination.
  • Metadata generation: AI suggests program titles, descriptions, and rubric objectives to help educators create high-quality, informative program pages.
  • Compliance prompts: AI flags program structures that may not meet academic-credit or DOL internship criteria, surfacing these for educator review before publishing.

Limitations and human review

AI moderation is probabilistic, not deterministic. InternPick school administrators retain final editorial control over all published content. If you believe content was incorrectly flagged or approved, contact support@internpick.com for human review. We do not use student data to train AI models.

Questions about our compliance?

Our trust & safety team is here to help.

privacy@internpick.comContact Us

Last updated: April 2026 · InternPick.com is operated by SwiftLearn Technologies.