Last updated May 31, 2021
This notice describes the personal data we collect, how it is used and shared, and your choices regarding this data
We may occasionally update this notice. We encourage users to periodically review this notice for the latest information on our privacy practices.
If you have any questions or concerns about your privacy or anything in this notice, we encourage you to contact us at firstname.lastname@example.org.
II. Who does this notice apply to ?
This notice describes how C4E collects and uses personal data. This notice applies to all products and services offered by us, and all users of our website referred to as ‘users’ in this notice.
Users in California should additionally refer to the section of this notice below which provides information regarding C4E’s privacy practices related to the California Consumer Privacy Act (CCPA).
III. What data do we collect ?
The following data is collected by or on behalf of C4E:
- Data provided by users. This data includes:
- Email address
- Data created during the use of our services. This data includes:
- Usage data: we collect data about how users interact with our services. This data includes data such as access dates and times, pages viewed and other system activity, and browser type. In some cases, we collect this data through cookies, server logs, plug-ins, and similar tracking technologies that create and maintain unique identifiers. To learn more about these technologies, please see our Cookie Notice.
- Device data: We may collect data about the devices used to access our services, including the hardware models, device IP address and operating systems and versions, software.
IV. How do we use the data we collect ?
C4E collects and uses data to provide you with our products and services, and reliable and convenient delivery of services. We also use the data we collect:
- To provide you with access to our products and services
- For research and development of our products and services
- For customer support
- To comply with our legal obligations or to protect our rights
C4E does not sell or share personal user data with third parties for marketing purposes.
V. What data do we share with others, and why ?
C4E may share the data we collect:
- With C4E service providers and business partners
- C4E provides data to its service providers or business partners. These include:
- Payment processors and facilitators
- Cloud storage providers
- Data analytics providers
- C4E provides data to its service providers or business partners. These include:
- For legal reasons or in the event of a dispute.
- C4E may share users’ personal data if we believe it’s required by applicable law, regulation, operating license or agreement, legal process or governmental request, or where the disclosure is otherwise appropriate due to safety or similar concerns.
- This also includes sharing personal data with others in connection with, or during negotiations of, any merger, sale of company assets, consolidation or restructuring, financing, or acquisition of all or a portion of our business by or into another company.
We do not sell, trade, or rent users’ personal identification information to others.
VI. How long do we keep your data for?
C4E retains user data for as long as necessary for the purposes described above. This means that we retain different categories of data for different periods of time depending on the category of user to whom the data relates, the type of data, and the purposes for which we collected the data.
Users may request deletion of their accounts at any time by contacting email@example.com C4E may retain user data after a deletion request due to legal or regulatory requirements or for the reasons stated in this policy.
VII. What are our grounds for processing data?
We only collect and use personal data where we have lawful grounds to do so. These include processing user personal data to provide requested services and features, for purposes of C4E’s legitimate interests or those of other parties, to fulfill our legal obligations, or based on consent.
VIII. What about children’s data?
C4E is not directed to children, and we don’t knowingly collect personal information from children under the age of 13. If we find out that a child under 13 has given us personal information, we will take steps to delete that information. If you believe that a child under the age of 13 has given us personal information, please contact us at firstname.lastname@example.org.
IX. What are my rights as a California resident?
The California Consumer Privacy Act (CCPA) allows consumers in California to opt-out of certain sharing of their data.
It is important for you to know that C4E does not sell your data. Please see above for further information on what data we collect and how we use it.
California law requires us to let you know how we respond to web browser Do Not Track (DNT) signals. This is a web browser setting that requests that a web application disable its tracking of an individual user. If you choose to turn on the DNT setting in your browser, your browser sends a special signal to websites to stop tracking your activity. Our website does respond to DNT signals.
California residents may request that C4E:
- Disclose the sources, categories, and specific pieces of personal information we have collected about them, how that information is used including the purpose, and with whom C4E shares it
- Delete their personal information
- Disclose, for any “sales” of personal information under the CCPA, the categories of personal information collected and sold and to what categories of third parties it was sold
- Opt them out of sales of their personal information (if any)
- Provide a copy of their personal information in a readily usable format that allows the information to be transmitted to others
- California residents may not be discriminated against for exercising any of the rights described above.
California residents may exercise these rights by contacting C4E at email@example.com.
X. Users outside of the United States
C4E is located in the United States. If you are a user based outside of the United States, you should be aware that any personal data you provide to us may be stored, processed, transferred between, and accessed from the United States and such other country in which you reside. By using our services, you consent to this transfer. We will protect the privacy and security of personal information as set out in this notice, regardless of where it is processed or stored; however, you explicitly acknowledge and consent to the fact that personal data stored or processed in the United States will be subject to the laws of the United States, including the ability of governments, courts, law enforcement or regulatory agencies of the United States to obtain disclosure of your personal information.
XI. FERPA (Family Education Rights and Privacy Act)
FERPA is a US federal law that protects the privacy of student educational records. We abide by all applicable provisions and guidelines of the FERPA (Family Education Rights and Privacy Act) (20 USC § 1232g; 34 CFR Part 99) as stated in the US Department of Education FERPA page.
Our security and privacy measures include, but are not limited to:
- Protecting data in transit by Transfer Layer Security TLS 1.2 and 256-bit Advanced Encryption Standard (AES-256).
- Adhering to the Payment Card Industry Data Security Standard (PCI DSS) during electronic transactions with students.
- Leveraging the physical and environmental protection of our CoreSite data center provider facilities, that implements 24×7 manned security and monitoring through multiple layers of physical security controls including perimeters fences, manned lobbies, surveillance cameras (CCTV), man trap, locked cages, motion detectors, and biometric access requirements.
- Not monitoring, viewing, or tracking the video or audio content of students’ communication 3 or assignment submissions.
- Not sharing student data, including all Personally Identifiable Information (PII) and other non-public information except as required by law, statute, or court order. Data include, but are not limited to, student data, metadata, and user content.
- • Using only de-identified student data for product development, research, or other purposes. De-identified data will have all direct and indirect personal identifiers removed. This data includes, but is not limited to, name, ID numbers, date of birth, demographic information, and school ID. Furthermore, we do not attempt to re-identify de-identified data and we do not transfer data to any party unless that party agrees not to attempt reidentification.
- Not using any student data to advertise or market to students or their parents, and not using data for any other purpose other than the specific purpose(s) of providing educational content to the schools that adopt our materials. • Not changing how data is collected or shared in any way without advance notice to and consent from the adopting school.
- Using data only for the purpose of fulfilling its duties and providing services to the schools that adopt its online courseware, and for improving services to teachers and students.
- Not mining or scanning of user content for the purpose of advertising or marketing to students or their parents under any circumstances.
- Ensuring that all data in our possession or any of our subcontractors or agents to which we may have transferred data, is destroyed or transferred to the adopting school under the direction of the school when the data is no longer needed for the purpose of delivering services to the school, at the request of the adopting school.
- Storing and processing data in accordance with industry best practices. This includes appropriate administrative, physical, and technical safeguards to secure data from unauthorised access, disclosure, and use.
- Conducting periodic risk assessments and remediating any identified security vulnerabilities in a timely manner.
- Notifying the adopting school in the event of a security or privacy incident, as well as best practices for responding to a breach of PII. We agree to share this incident response plan upon request.
Connect For Education, Inc.
620 Herndon Parkway, Suite 200
Herndon, VA 20170
(703) 880-1180 x 300