Last updated: September 11, 2020.
1. Information We Collect
While using the Service, we ask you to provide us with certain personally identifiable information that can be used to contact or identify you (“Personal Information”). Personal Information may include your name, email address, mailing address, telephone number, other contact information, information about a subscriber to the Service (such as a school, district, or educational organization, each, a “Subscriber”), and student information. You may provide us with Personal Information when you register for an account, use the Service, make a purchase on the Service, contact customer support, or otherwise communicate with us.
We collect information about how you access and interact with the Service, such as device type, IP address, operating system, browser type, address of a referring website, activity on our website, device ID, access dates and times, and other system activity. We may collect this information by automated means using technologies such as cookies, web beacons, pixels, browser analysis tools, server logs, and mobile identifiers. We may use such usage information to, for example, better understand website traffic patterns and to optimize our Users’ experience. We track Users’ use of the Service, but we do not track users across third-party websites. We do not process or respond to web browsers’ “do not track” signals or other similar transmissions that indicate a request to disable online tracking of Users who visit or use the Service.
2. How We Use Your Information
Provide, Maintain, and Improve the Service
We may use your information to:
- provide customer service
- send you confirmations, updates, security alerts, and support and administrative messages
- detect and prevent fraud
- operate, protect, and optimize the Service and your experience, such as by performing analytics and conducting product research
- troubleshoot and protect against errors
- personalize and improve the Service
- monitor and analyze usage and trends and otherwise measure the effectiveness of the Service
- develop new features
Sharing Your Information
We only share Personal Information in a few limited circumstances as set forth below. We do not rent or sell information for marketing purposes, and we will never share or sell Personal Information of students (“Student Data”) with third parties for marketing purposes. If you use the Service, you are authorizing us to share information:
- that you or Subscriber direct us to disclose to others
- with our business partners, vendors, and consultants who perform services on our behalf or who help us provide our Service, such as accounting, managerial, technical, marketing, or analytic services, provided that they are subject to confidentiality and security obligations
- if required to do so by law or in the good-faith belief that such action is necessary to comply with local, state, or federal laws, or to respond to a court order, judicial, or other governmental subpoena or warrant, or in the event of bankruptcy proceedings
- if we believe in good faith that doing so is reasonably necessary or appropriate to protect the rights, property, or safety of ESGI, our Users, our employees, copyright owners, third parties, or the public, including to protect ESGI or our Users from fraudulent, abusive, inappropriate, or unlawful use of our Service
- in an aggregated and/or anonymous form that does not reasonably identify a User or Subscriber
Links to Third-Party Sites and Services
3. How We Protect Your Information
We take measures designed to protect your information in an effort to prevent loss, misuse, unauthorized access, disclosure, alteration, and destruction. Please be aware, however, that despite our efforts, no security measures are perfect or impenetrable, and no method of data transmission can be guaranteed against any interception or other type of misuse. To protect the confidentiality of information maintained in your account, you must keep your password confidential and not disclose it to any other person. You are responsible for all uses of the Service by any person using your password. Please advise us immediately if you believe your password has been misused. If there is any disclosure or access to any Student Data by an unauthorized party, we will promptly notify the affected Subscriber and will use reasonable efforts to cooperate with their investigation of the incident.
4. Legal Compliance and Privacy Rights
We comply with the following laws concerning the protection of Student Data, including educational records: Family Educational Rights and Privacy Act (“FERPA”), Children’s Online Privacy Protection Act (“COPPA”), Protection of Pupil Rights Amendment, and Student Online Personal Information Protection Act. We will be considered a School Official as that term is used in FERPA. As to COPPA or any state law requiring consent or authorization from a parent or guardian for Student Data collection or use, the parent, guardian, teacher, or Subscriber is responsible for fulfilling any applicable consent requirement.
California law requires us to disclose certain information regarding the categories of personal information we collect. For purposes of this Section, “personal information” has the meaning provided by the California Consumer Privacy Act (the “CCPA”) and does not include information that is publicly available, deidentified, or aggregated, or that is excluded from the CCPA’s scope, such as personal information covered by certain sector-specific privacy laws. Under the CCPA, we collect, retain, use, and disclose Student Data as a service provider to our customers. For information about our practices with regard to Student Data or any other personal information we process as a service provider, please see the Section “How We Use Your Information.” If you have a question or would like to exercise your California consumer rights to knowledge, access, or deletion, please contact your Subscriber directly.
We collect personal information from and about you for a variety of purposes. For example, we use personal information to respond to your requests, engage with you as a customer, and provide our Service to you; to monitor, improve, and develop the Service; to protect the security and integrity of our business; comply with legal requirements and obligations; for our business and operational purposes; and as otherwise permitted or required by law. The type of personal information we collect will depend on how you engage with us (e.g., as a customer or potential customer or as a website visitor). We collect information directly from you, from our business partners and affiliates, from your browser or device when you visit our website, or from third parties that you permit to share information with us. We collect the following categories of personal information:
- identifiers, such as your name, address, phone number, email address, or other similar identifiers
- California customer records, such as payment information
- commercial information, such as a history of purchases, obtained or considered
- internet/network information, such as device information, logs, and analytics data
- geolocation data, such as precise location data from your device or generated based on your IP address
- inferences about your interests and preferences
We share personal information with third parties for business purposes. The categories of third parties to whom we disclose your personal information may include our service providers and advisors, vendors who assist us with marketing and advertising our services, analytics providers, and third parties with your consent or direction or with whom you interact through the Service. When we disclose your personal information to our service providers, vendors, or other third parties that process the information on our behalf, we have entered into a written contract with them to protect your personal information, and we will remain liable for any breach of this Policy that is caused by the acts or omissions of our service providers. We do not sell your personal information for monetary or other valuable consideration.
As a California resident, you may be able to exercise the following rights upon verification of your identity:
- The right to know what personal information we have about you, where that personal information came from, and how it is used
- The right to know whether your personal information is sold or disclosed and to whom
- The right to opt-out of the sale or disclosure of your personal information
- The right to have your personal information deleted
- The right to be free of discrimination for exercising these rights
However, please note that if the exercise of these rights limits our ability to process personal information (such as in the case of a deletion request), we may no longer be able to provide you the Service or engage with you in the same manner. To request to exercise your rights under the CCPA, please contact us at firstname.lastname@example.org.
NY Parents’ Bill of Rights
The New York Parents’ Bill of Rights for Data Privacy and Security (the “Privacy Bill of Rights”) addresses the relationship between schools and their third-party contractors, in addition to the schools’ relationships with parents. The only elements of the Privacy Bill of Rights that are incorporated herein are those provisions directed to third-party contractors (“Contractor Privacy Provisions”). We agree to comply with the Contractor Privacy Provisions for schools in the state of New York. In the event of a direct conflict between this Policy and the Contractor Privacy Provisions, the Contractor Privacy Provisions will control. The full extent of the Privacy Bill of Rights is available at http://www.nysed.gov/data-privacy-security/bill-rights-data-privacy-and-security-parents-bill-rights.
International Privacy Rights
Any information collected through the Service is stored and processed in the United States. If you use our Service outside of the United States, you consent to have your data transferred to the United States. We are committed to protecting the privacy and confidentiality of Personally Identifiable Information when it is transferred. If you reside or are located within the EU, Switzerland, or the UK and such transfers occur, we take appropriate steps in an effort to provide the same level of protection for the processing carried out in any such countries as you would have within the EU, Switzerland, or the UK to the extent feasible under applicable law.
5. Children’s Privacy
We do not knowingly collect any information from children under the age of 16 unless and until Subscriber has obtained appropriate parental consent for the student to use the Service. Please contact us at email@example.com if you believe we have inadvertently collected Personal Information of a child under 16 without proper consent so that we may delete such data as soon as possible.
6. Your Choices and Opting Out
Student Data is provided and controlled by Subscriber. If you have any questions about reviewing, modifying, or deleting Student Data, please contact Subscriber directly. Following termination or deactivation of your account, we may retain profile information and content for a commercially reasonable time for backup, archival, or audit purposes, but any and all Student Data associated with the account will be promptly deleted. You may “opt out” of receiving marketing or promotional emails from us by following the instructions in those emails. If you opt out, we may still send you non-promotional emails, such as emails about your account or our ongoing business relations.
7. Changes and Updates to the Policy
We reserve the right to change the provisions of this Policy at any time, in which case we will notify you through the Service and ask for your consent to any material changes. Please revisit this page periodically to stay aware of any changes as well. Your acceptance of the new Policy and continued use of the Service indicates that you have read, understood, and agreed to the updated version of this Policy.
Please contact us with any questions regarding this Policy at firstname.lastname@example.org.