Revision Date: September 9, 2019
This policy applies to information we collect on this Site, through email and other electronic messages between you and this Site, and through mobile and desktop applications you download from this Site, which provide dedicated non-browser-based interaction between you and this Site.
You can generally visit our Site without revealing any Personal Information; however, if you choose to use our Services we may be required to collect Personal Information that we consider necessary to provide you with services and, once you agree to provide us with Personal Information, you are no longer anonymous to us. You may also choose to upload Student Data in order to get the most value out of our Services. In these cases, we will take reasonable actions to ensure the security and privacy of both Personal Data and Student Data.
However, no method of transmission over the Internet, or method of electronic storage, is 100% secure. Therefore, while we strive to use commercially acceptable means to protect both Personal Information and Student Data, we cannot guarantee its absolute security. Any transmission of information is at your own risk. We are not responsible for circumvention of any privacy settings or security measures contained on the Site.
The safety and security of your information also depends on you. Where we have given you (or where you have chosen) a password for access to certain parts of our Site, you are responsible for keeping this password confidential. We ask you not to share your password with anyone and to notify us immediately if you suspect any unauthorized use of your account.
Ownership of Student Data
All Student Data generated by an SLP while using the Services normally is owned by the Account Owner which controls the account. The Company will not use Student Data for any purposes not requested by the Account Owner, and will not disclose Student Data to any party outside of those authorized.
The Company has designated a party assigned to privacy and security issues, who can be reached by emailing firstname.lastname@example.org with any questions or issues. A subject line of “Security & Privacy” will help expedite any issues that must be addressed.
Subcontractors with access to Student Data are required to comply with all security and privacy requirements set forth by Company and any other applicable standards.
The Company stores data in facilities located within the United States.
Privacy Incident Procedures
The Company will notify the Account Owner when there has been an unauthorized release, breach, disclosure, or acquisition of Student Data. Such notification will follow the procedures outlined in an agreement with the Account Owner, or if none exists, will follow the following procedures:
If the Student Data is accessed or obtained by an unauthorized individual, the Company will notify the Account Owner of the incident within 30 days using the following process:
The security breach notification will be delivered via electronic mail to the Account Owner, at the email address on file with the Company.
The notification will contain the following information:
What Happened - how the breach was able to occur and when the breach occurred;
What Information Was Involved - the specific information that may have been compromised by the breach;
What We Are Doing - the current and next steps in the Company’s procedures that are being followed;
What You Can Do - steps the Account Owner can take to help; and
For More Information - contact information and resources for additional information.
The Company will assist any local education agency to issue additional notifications as required by law.
Account Owners have the ability to request that Company delete Student Data associated with accounts, except in instances where such data is:
Otherwise prohibited from deletion or required to be retained under state or federal law, or
Stored as a copy as part of a disaster recovery storage system and that is
Inaccessible to the public, and
Unable to be used in the normal course of business by the Company.
Account Owners may also request the deletion of any Student Data stored as part of disaster recovery by electronic mail. If possible, the Company will delete the requested Student Data within 45 business days of receiving such a request.
The Company strives to comply with, and assist Account Owners with complying with, applicable parts of FERPA, IDEA, SOPIPA, PPRA, AB 1584, ARRA Public 111-5, 42 US Code, and HIPAA. A significant portion of this responsibility, however, falls to the school district or other organization, and use of the Site and Services does not free the Account Owner from separately complying with published standards to ensure the security, privacy of student data, and notification of breach.
Note that The Company is not a covered entity under HIPAA, and is not a business associate of any covered entity under HIPAA. As a result, The Company is not required to comply with HIPAA standards. If you or your organization are a covered entity under HIPAA, and are required to sign business associates agreements with all 3rd party vendors and contractors, please send an email to email@example.com requesting additional information about a business associate agreement.
Credit Card Payment
Third Party Services
We may use a variety of services hosted by third parties to help provide our Services, such as hosting our various blogs, help center, and knowledge bases, and to help us understand the use of our Services. These services may collect information sent by your browser as part of a web page request, such as cookies or your IP request.
We do not control third parties’ content, services, and/or tracking technologies. If you have any questions about these third-party technologies, you should contact the responsible provider directly.
We may occasionally send you information on products, services, special deals, and promotions to which you may unsubscribe by following the instructions included in each such communication or by contacting us. Additionally, on rare occasions, we may send you service-related announcements. For example, if access to our products is temporarily suspended for maintenance. Generally, you may not opt-out of these communications, which are not promotional in nature. If you do not wish to receive them, please do not submit your Personal Information through our Site.
If you send us personal correspondence, such as emails or letters, or if other users or third parties send us correspondence about your activities or postings on the Site, we may collect and retain such information in a file specific to you.
Personal Information Sharing and Disclosure
As a matter of policy, we do not disclose your Personal Information except in the following limited circumstances: (i) to fulfill the purpose for which you provided your Personal Information; (ii) to a buyer or other successor in the event of a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which personal information held by us about our Site users is among the assets transferred; (iii) to cooperate with law enforcement inquiries, as well as other third parties to enforce laws; (iv) to protect the safety of any person; (v) to address issues of fraud, security, or technical issues; (vi) to enforce or apply your Purchase Order with us and other agreements, including for billing and collection purpose; and/or (vii) if we believe disclosure is necessary or appropriate to protect the rights, property, or safety of the Company, our customers, or others. This includes exchanging information with other companies and organizations for the purposes of fraud protection and credit risk reduction.
Student Information Access
Requests received by parents, students, or any third party for access to Student Data will be referred to the Account Owner. The Company will make reasonable efforts to connect parents and students to the appropriate contact.
Like many websites, we use “cookie” technology to collect additional website usage data and to improve our Services. A cookie is a small data file that is transferred to your computer’s hard disk. We may use both session cookies and persistent cookies to keep you logged into your account, to better understand how you interact with our Services, to monitor aggregate usage by our users and web traffic routing on our Services, and to improve our Services. Most Internet browsers automatically accept cookies. You can instruct your browser, by editing its options, to stop accepting cookies or to prompt you before accepting a cookie from the websites you visit.
Manage Your Security Settings
You may manage how your browser handles cookies and related technologies by adjusting its privacy and security settings. Browsers are different, so refer to instructions related to your browser to learn about cookie-related and other privacy and security settings that may be available. You can opt-out of being targeted by certain third-party advertising companies online at http://www.networkadvertising.org/choices/.
You may manage how your mobile browser handles cookies and related technologies by adjusting your mobile device privacy and security settings. Please refer to instructions provided by your mobile service provider or the manufacturer of your device to learn how to adjust your settings. If you wish to opt out of receiving offers directly from Company service providers, you can follow the opt-out instructions in the emails that they send you.
Rights to Access and Control Your Personal Information
You have many choices concerning our collection, use, and sharing of your data, including, in certain circumstances, the ability to: (i) delete your data; (ii) change or correct your data; (iii) limit the use of your data; and (iv) obtain a copy of your data.
In order for us to comply with your request concerning your data, send us an email at firstname.lastname@example.org and provide (i) your identifying information (including your IP address, if applicable); (ii) your contact information; and (iii) information about the specific changes, deletions, or other action(s) you are requesting. Please note, we may not accommodate a request to delete or change information if we believe the deletion would violate any law or legal requirement.
California Privacy Rights
California Civil Code Section § 1798.83 permits users of our Site that are California residents to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes. To make such a request, please send an email to email@example.com.
The Company strives to comply with the applicable parts of the Children’s Online Privacy Protection Rule (COPPA). A significant portion of this responsibility, however, falls to the school district or other organization, and use of the Site and Services does not free the Account Owner from separately complying with published standards to ensure the security and privacy of student data.
Our Services are directed towards adults who are of the legal age to access them in their respective jurisdictions and who reside in the United States. By accessing and using our Services, you represent and warrant that you are of the legal age to form a binding contract with us in your respective jurisdiction and that you meet the foregoing eligibility requirements. If you do not meet these requirements, you must not access or use the Services. If we learn we have collected or received personal information from an individual who was ineligible to access or use the Services, we will take steps to remove such information. If you believe we might have any information from or about a user who is ineligible to use the Services, please contact us at firstname.lastname@example.org.
Notification of Changes