Effective date: April 1, 2020
We will not use, sell, share, or disclose personally identifiable information we receive from the Applications to (a) market or advertise to students or families/guardians; (b) inform, influence, or enable marketing or advertising to students or families/guardians; or (c) develop a profile of a student or family member/guardian, for any commercial purpose other than providing or improving the Services.
We will not sell, share or disclose personally identifiable information of teachers or administrators we receive from the Applications to third parties for marketing or advertising purposes.
Within the Applications, we do not: (a) display advertising, including any behavioral or contextual advertising; (b) permit the collection of data by third party advertising or tracking services for any purpose except to collect data for us to understand the use of the Applications in order to maintain and improve the Applications; or (c) collect data for use in targeting advertisements on third party services or websites.
We shall be considered a School Official as that term is used in FERPA.
As to COPPA or any state law which requires consent or authorization from a parent or guardian for the collection or use of information concerning a student, the parent, guardian, teacher, school or school district, is responsible for fulfilling any applicable consent requirement.
As used in this policy:
We gather different personal information from each of those groups of people, and may handle that personal information differently for each group, as we explain below.
As noted in the Terms of Service, we only collect personally identifiable information through the Applications from a child under 13 where that student's school, district, and/or teacher has agreed (via the terms described in the Terms of Service) to obtain legally-adequate consent for that child to use the Applications and disclose personally identifiable information to us. A parent or guardian may of course directly sign up his or her child to use the Applications and provide personally identifiable information about that child to us. However, no child under 13 may send us any personally identifiable information unless he or she has signed up through his or her school, district or teacher and such school, district or teacher has obtained legally-adequate consent for that child to use the Applications and disclose personally identifiable information to us. If you are a student under 13, please do not send any personally identifiable information to us if your school, district, and/or teacher has not obtained obtain legally-adequate consent for you to do so, and please do not send any personally identifiable information other than what we request from you in connection with the Applications . If we learn we have collected personally identifiable information from a student under 13 without legally-adequate consent from their parent or guardian or their school, district, and/or teacher, or if we learn a student under 13 has provided us personally identifiable information beyond what we request from him or her, we will delete that information as quickly as possible. If you believe that a child under 13 may have provided us personally identifiable information in violation of this paragraph, please contact us at [email protected].
If you correspond with us outside of the use of the Applications through a web form, email or otherwise, we will collect and retain your correspondence like any other ordinary business correspondence, subject to the information retention policies and legal requirements applicable to us and standard in our business.
In order to provide the Applications to teachers (including home-schooling teachers) or administrators, we receive and store the personally identifiable information you knowingly provide to us.
As part of the registration and account setup process, we require your name, email address, school and school district affiliation, the classes and/or grades using the Applications. If your school or school district uses a third-party single sign-on (“SSO”) we will also have access to the personally identifiable information we describe below under “Third Party SSO Information”. We will also receive any feedback on student work that you may enter into the Applications.
In order to provide the Applications, we receive and store the personally identifiable information that you as a student (or your teacher, school or school district) knowingly provide to us.
As part of the registration and account setup process, we require your name, gender, email address, school and school district affiliation, the classes and/or grades using the Applications. You or your teacher or school may also provide us with information about your personal interests. We will also receive and store the work you do in our Applications, including the student-generated content like your essays, and your teacher’s feedback on that work. If your school or school district uses a third-party single sign-on (like Google) we will also have access to the personally identifiable information we describe below under “Third Party SSO Information”.
Some of this information will be provided to us by your teacher or school, so we may not ask you for it directly, but we will still have it.
If your school or district chooses to use third party single sign-on (e.g., using a Google or Clever account) for access to the Applications, you may have to provide us with your username (or user ID) so that your identity can be authenticated through the third party account (the “SSO Account”). When the authentication is complete, we’ll be able to link your account with the SSO Account. That linking may allow us to access certain personal data, such as your name and email address, your user ID for the SSO Account, data tokens used to implement single sign-on and connect with your SSO Account profile, and other personal data that your privacy settings on the SSO Account permit us to access, in connection with creating your Applications account. We encourage you and all schools or districts to carefully choose privacy settings in SSO Accounts to limit our access to what is strictly necessary. However, we don’t try to access any information in the SSO Account that we don’t have to access in order to allow you to use it to sign onto the Applications. And we never receive or store passwords for any of your SSO Accounts.
Whenever you interact with our Services, our servers automatically receive and record information from your browser or device (“Log Data”), which may include some personal information, but not personally identifiable information. Log Data includes information like your IP address, the type of browser and/or device you're using to access our Services, the capabilities of that browser or device, and the page or feature you requested. Log Data, together with the information that we collect through the Tracking Mechanisms, comprise “Analytic Data”.
If Tracking Mechanisms are used, they may be used to collect information about you and your use of our Services, such as your browser type, and the date and time of your use. Tracking Mechanisms may also be used in order to help us learn more about how users engage with the Services, enable Applications features and processes (like enabling you to return to password-protected areas of the Applications without having to re-enter your password), provide authentication and security for your use of the Applications, or store your preferences.
Our third-party analytics service providers include Google Analytics. For Google’s privacy practices see www.google.com/analytics/learn/privacy.html. To opt out of data recording and analysis by Google Analytics, see https://tools.google.com/dlpage/gaoptout.
We may place on our Website, but never within the Applications, cookies or other tracking mechanisms which allow us to target advertising on third party platforms to individuals who have visited our website. Advertising partners may include Facebook, LinkedIn and Twitter.
Facebook allows its users to control advertising on the Facebook platform. Instructions are here: https://www.facebook.com/help/568137493302217.
LinkedIn allows members to control their LinkedIn advertising and cookie preferences. Instructions are here: https://www.linkedin.com/help/linkedin/answer/62931. Nonmembers may control their LinkedIn advertising and cookie preferences here: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.
Twitter allows its users to control advertising and cookie preferences on the Twitter service. Instructions are here: https://help.twitter.com/en/rules-and-policies/twitter-cookies.
Other information regarding opting out of targeted advertising can be found here: https://optout.aboutads.info.
It may be possible to disable cookies through your device settings. Most browsers allow disabling either third party cookies or all cookies. The method for disabling cookies may vary by device, but can usually be found in preferences or security settings. However, doing so may cause portions of the Services to not function, or to function improperly, or otherwise affect your ability to use the Services. You may also disable web beacons by disabling HTML images in your email program, which may also affect other images in emails you receive.
This section explains how we use and share personal information, consistent with our statements above under “Our Core Commitments”.
We use the information we collect to provide, maintain and improve the Services. Uses of personally identifiable information for those purposes are:
In order to provide the Services, we may disclose your personal information including personally identifiable information to trusted third party vendors working for us in connection with the operation of our Services and our business. Those vendors will use the information only to provide services to us and will keep the information confidential.
In order to provide the Applications, we have to allow the organizations we work with to have access to your personally identifiable information. So you should know that:
If you have questions about how your teacher, school, school district, or any of their personnel handle your personal information, you should direct your questions to the appropriate person in your school or school district.
We may communicate with you if you've provided us the means and permission to do so. For example if you've given us your email address:
If you do not want to receive communications from us, please indicate your preference by emailing [email protected], using an opt-out link in the email or changing your preferences in your Applications account. We also send school or school district technical administrators administrative and operational notices which we believe are necessary for their effective use of the Applications; we do not presently allow opt-out from those notices.
NoRedInk uses the Analytics Data to enable us to figure out how often users use parts of the Services, so that we can customize and improve those Services. As part of our use of such information, we may provide such Analytics Data to our partners (only in a de-identified and aggregated format) about how our users use the Services. We may link Analytics Data to personal information that we collect through the Services, but we will only use the information in this form internally (for example, to customize your experience), and will not disclose it in linked format to third parties.
Always subject to our obligations under “Legal Compliance” above, we reserve the right to access, read, preserve, and disclose any information that we reasonably believe is necessary to comply with law or court order; enforce or apply our conditions of use and other agreements; or protect the rights, property, or safety of NoRedInk, our employees, our users, or others.
Your Applications account is protected by a password for your privacy and security, and you select that password, so we encourage you to select a strong password. If you use an SSO Account to access your Applications account, you may have additional or different sign-on protections via that third party site or service. You should prevent unauthorized access to your Applications account and the personally identifiable information in that Applications Account by selecting and protecting your password and/or other sign-on mechanism appropriately, not sharing those sign-on credentials with anyone, and limiting access to your computer or device and browser by signing off after you have finished accessing your account.
We endeavor to protect the privacy of your account and other personal information we hold in our records, and we use industry standard data security measures to protect your personal information. Unfortunately, we cannot guarantee complete security. Unauthorized entry or use, hardware or software failure, and other factors, may compromise the security of user information.
You should also be aware that:
This means that your Applications account security is only as good as the security precautions of the people who can access your Applications account, and you should check with them about those precautions and their information handling policies.
We store Analytics Data and information collected through the Website separately from the information stored in the Applications. We have no meaningful ability to provide you with information concerning Analytics Data. For personally identifiable information collected through the Website (e.g., by signing up for a mailing list), please contact us at [email protected] if you would like us to delete that information.
Through your Applications account settings, you may access, and, in some cases, update or delete the personally identifiable information in your Applications account. Please note that in some cases, the information in your Applications account can only be changed by your teacher, school, or school district, and you cannot change it yourself. In that case, you will need to contact the relevant person in your school or school district.
If you would like to request that personally identifiable information regarding your child (or, if you are a teacher, a child that is in your class) be updated and you do not have the ability to do so yourself, please contact us at [email protected]. In most cases we will refer your request to the relevant school or school district, but if you or your child is are not affiliated with a school or school district, we will respond to your request within 10 calendar days of our receipt of such request.
You may be able to add or update information as explained above. You may request deletion of your Applications account by filling out this form. In most cases we will refer your request to the relevant school or school district, but if you or your child are not affiliated with a school or school district, we will respond to your request within 10 calendar days of our receipt of such request. Generally speaking, we also delete personally identifiable information in Applications accounts within a reasonable period after we are informed the Applications account will no longer be used, or if it becomes inactive and we are unable to contact the relevant user, their school or school district. We may use aggregated or de-identified information derived from your personally identifiable information after you update or delete it, but not in a manner that would identify you personally.
The information you can view, update, and delete may change as the Services change. If you have any questions about viewing, updating or deleting information we have on file about you, please contact us at [email protected].
As a matter of our practices and policies, we adhere to the principles set out the European Union General Privacy Directive, however our Services are operated from the United States, and the privacy laws of the United States may not be as protective as those in your jurisdiction. If you are located outside of the United States and choose to use the Services or provide your information to us, you agree that your information will be transferred, processed, and stored in the United States. Your use of the Services represents your agreement to this practice.
|Statute||As of Date|
|Connecticut General Statutes 10-234aa – 10-234dd||2/21/2020|
|Illinois Student Online Personal Protection Act, 105 ILCS 85/1; Illinois School Student Records Act (ISSRA), 105 ILCS 10/1 et seq. & 23 IAC 375||2/21/2020|
|Montana Pupil Online Personal Information Protection Act (Montana House Bill 745)||2/21/2020|
|New York State Education Law Section 2-D||2/21/2020|
|Texas Education Code Chapter 32, Subchapter D||2/21/2020|
|Code of Virginia § 22.1-287.02||2/21/2020|
|Effective since||Effective until||Policy|
|April 1, 2020||Link|
|April 29, 2015||April 1, 2020||Link|