BRAININGCAMP PRIVACY POLICY

Last Updated: May 2019

Your privacy is important to us. This Privacy Policy explains how we may collect, store and use the information you provide us. It also explains choices you can make about the way your information is collected and used.

As a service that may be used by students under the supervision of teachers, schools, and school districts, we have special concerns about the privacy of children. We are committed to compliance with federal and state laws including the Family Educational Rights and Privacy Act (“FERPA”) and the Children's Online Privacy Protection Act ("COPPA").

1. INFORMATION COLLECTED

STUDENTS. We do NOT collect any personally identifiable information (“PII”). Students gain anonymous access to Brainingcamp using shared generic Usernames. When creating your shared generic student Usernames, it is your responsibility to not include any PII. If we become aware of any PII in shared generic Usernames, we will delete those Usernames.

EDUCATORS. We ask you for information such as first and last name, email address, role, school, and a password.

2. DATA OWNERSHIP

All student data will be the property of and under control of District, School, or Teacher Users.

3. REVIEWING, CHANGING, AND DELETING INFORMATION

Educators, schools, and districts remain in control of the personal information they provide to us. At any time they may sign in with their password to review, change, or delete their information. Parents and legal guardians of a minor child who have legal rights to inspect, review, correct, or remove their children’s information are requested to do so by contacting their school or district which can access that information by signing in or contacting us. Most information we collect is necessary for your participation in Brainingcamp and so changing or removing certain kinds of information could result in you or your students losing access to the program.

4. SITE USAGE INFORMATION

To provide license owners with usage and engagement statistics, we record the timestamp and name of each resource a user accesses. We may also use this information for marketing, sales, and product improvement. Our servers and third party analytical tools may automatically collect certain non-personal information associated with your computer such as browser type, operating system, and IP address.

We use cookies to remember users so that they will not need to re-enter information between page or session visits. You may reject cookies, but may not be able to use Brainingcamp if you do.

5. HOW WE USE YOUR INFORMATION

We may use your email to send you account and license information, password reset instructions, expiry notification reminders, renewal details, and other license-related messages. We may also send you newsletters, special offers, and promotions for which you can unsubscribe at any time.

6. THIRD PARTIES

We will NOT disclose your information to third parties without your express written permission. We may disclose information if, we believe in good faith, it is necessary to comply with the law or to protect the safety of you or other Brainingcamp users. We may aggregate and share information in a form that no longer makes individual users personally identifiable. Should Brainingcamp assets be sold, the acquiring company will be required to protect your information consistent with this Privacy Policy. We may disclose purchaser information and license usage to Brainingcamp’s business partners who may be directly involved in the sale, support, or operation of your license.

7. THIRD-PARTY AUTHENTICATION

If you gain access to Brainingcamp through an authentication tool (like Clever), we may collect and use the information you authorize that authentication partner to share with us. Such information shall be used in accordance with the terms of this Privacy Policy.

8. SECURITY PROTOCOLS

We maintain commercially reasonable physical, electronic, and managerial procedures to safeguard and secure your information and data. We may hire third parties to store and manage data, provided they observe the same or equivalent security and privacy guidelines. We use SSL to encrypt data transmission. Your data is stored in the United States on reliable and secure Amazon AWS database services. Because of the inherent risks associated with the Internet, we cannot provide a 100% guarantee of data security. In the event of a security breach caused by hackers, third parties, or events not reasonably within our control, we will comply with legal requirements regarding notice of that breach. You agree that we will not have any other liability other than providing required notice.

9. FERPA

Students access Brainingcamp anonymously without sending or storing any personally identifiable information. Therefore, we do NOT collect any FERPA-protected information. Notwithstanding this, we agree to the following policies required by FERPA:

  • We will perform an institutional service or function for which your school or district would otherwise use its own employees;
  • We will provide a service that has a “legitimate educational interest”;
  • The use and maintenance of education records will be under the direct control of the school or district; and
  • Use of education records will be for authorized purposes and we will not re-disclose PII from education records to other parties (unless we receive specific authorization from a school or district to do so and it is otherwise permitted by FERPA).

10. COPPA

Brainingcamp complies with the Children's Online Privacy Protection Act ("COPPA") and will not knowingly collect or use personally identifiable information from anyone under the age of 13 years, unless such information was provided by a parent or a school representative authorized to share such information.

11. EUROPEAN UNION GDPR

We do NOT collect any student personally identifiable information (“PII”). Students gain anonymous access to Brainingcamp using shared generic Usernames. Notwithstanding this, we recognize that residents of the European Union have certain rights with respect to personal information under the General Data Protection Regulation (GDPR)