PRIVACY POLICY
Effective Date: March 26, 2020
Symbio Education, LLC, (the “Company,” “us,” or “we”) respects the privacy of our users, and has developed this privacy policy to demonstrate our commitment to protecting your privacy. This privacy policy (“Policy”) describes how we collect, use, and share your personal information whenever you use our website, www.science3dlearn.com, www.science3d.net, and www.symbioeducation.com (collectively, the “Site”), or services that we offer (collectively with the Site, the “Services”), including any information collected through online and/or mobile services and software provided on or in connection with the Site or which link to this Policy.
"You" or "your" means a visitor or a user (whether signed in or not) of our Services. Please read this policy carefully. By accessing or using our Site or Services, you are accepting the practices described in this Policy. If you do not agree with this Policy, delete all cookies from your browser cache after visiting our Site and do not visit or use our Site or Services. Your continued use of our Site or Services signifies your acceptance of this Policy.
Student Data: The Services may be purchased by providers of educational services, such as schools, school districts, or teachers (collectively referred to as "Schools") that use our services for educational purposes. When the Company contracts with a School to provide the Services, we may collect or have access to Student Data (defined below), which may be provided by the School or by the student. We consider such Student Data to be strictly confidential and in general do not use such data for any purpose other than improving and providing our Services to the School or on the school's behalf. Our collection, use and sharing of Student Data is governed by this Agreement and any applicable laws and regulations including, in the U.S., provisions of the Family Educational Rights and Privacy Act ("FERPA"), the Children's Online Privacy Protection Act ("COPPA") and applicable state laws. If you have any questions about reviewing, modifying, or deleting personal information of a student, please contact your School directly. See the section How Do We Protect Student Data And Comply With Laws? to understand the principles which guide our collection, use and disclosure of Student Data.
CONTENTS
What We Collect
How We Use Your Personal Information
How We Share Your Personal Information
Third-Party Tracking and Online Advertising
Information Choices and Changes
Protection of Information: Use of Third-Party Platforms
How to Access, Update, or Delete Your Personal Information
How Long Do We Retain Your Personal Information
European Union Data Protection
How Do We Protect Children’s Privacy?
How Do We Protect Student Data?
Links to Other Websites and Services
Updates to This Policy
Contact Information
Children’s Privacy Policy
School Accounts and Student Data
WHAT WE COLLECT
We get information about you in a range of ways.
Information You Give Us. We may collect information you enter on our Site or in email, text, or other electronic messages between you and our Site. This includes personal information that can identify you, such as your name, email address, and phone number, or any other information we collect that is defined as personal or personally identifiable information under applicable law or by which you may be contacted online or offline (“Personal Information”), and other information that does not identify you, such as age, and gender. If you enroll in our Services, we may collect additional information, depending on the type of account:
· School Information. When a teacher, school administrator, or other authorized person associated with a School registers for an account on our Service or corresponds with us, we may collect personal information such as a name, e-mail address, payment information, username and password, and information about the School.
· Student Information. Once registered, a School may provide information about its students, such as student names or other identifiers, passwords, e-mail address for the student or the student's parent or legal guardian, and educational level and topic of study. Personally identifiable information collected from or about students, along with other information associated with that personally identifiable information is "Student Data." The School may elect to provide user names or identifiers which are not readily identifiable to anyone outside of the School community in lieu of a full student name, at its discretion. Additionally, some Schools may elect to use a single-sign on (SSO) service like G Suite for Education rather than usernames and passwords to authenticate student access.
· Parent and Child Information. When a parent or guardian ("Parent") registers for an account on our Service or corresponds with us, we may collect personal information such as a name, e-mail address, payment information, username and password. We may also collect information about the child(ren) authorized by the Parent to use the Service through the Parent's account, including a profile name for the child user and selection of a profile avatar. Each child user profile must be associated with a Parent account, and children cannot access the Service without the Parent first signing in to the Parent account with the Parent's sign in credentials.
· Learning and Activity Information. During the course of providing the Service, we collect information about your use of the Service, as well as any information that you submit to the Service, such as answers to questions. In addition, we may ask you for personal information at other times, such as when you contact our technical support team, send us an e-mail, complete a user survey or otherwise communicate with us.
In addition, we may rely on Third-Party cloud-based software platforms (“Third-Party Platforms”) to collect additional information such as your date of birth, credit card or bank account information, and other information that enables us to provide you the Services. Any information you provide through a designated Third-Party Platform will be stored only on that Third-Party Platform in accordance with that Third-Party Platform’s privacy policy and practices.
Information We Get From Others. We may get information about you from other sources. We may add this to information we get from this Site.
Information Automatically Collected. We automatically log information about you and your computer when you visit the Site, read our e-mails, or use our Services. For example, when visiting our Site, we may log your computer operating system type, browser type, browser language, the website you visited before browsing to our Site, pages you viewed, how long you spent on a page, access times and information about your use of and actions on our Site.
This information is typically collected through a variety of tracking technologies, including cookies, web beacons, Locally Stored Objects (LSOs such as Flash or HTML5), log files, and similar technology (collectively, "tracking technologies"), and we may use third party providers to collect this information on our behalf. Cookies are small data files stored on your hard drive by a website. We may use both session Cookies (which expire once you close your web browser) and persistent Cookies (which stay on your computer until you delete them) to provide you with a more personal and interactive experience on our Site.
We use or may use the data collected through tracking technologies to improve the Services, to save you time, to provide better technical support, for promotional purposes, and to track website usage. For example, tracking technologies help us to:
Keep track of whether you are signed in or have previously signed in so that we can display all the features that are available to you.
Remember your settings on the pages you visit, so that we can display your preferred content the next time you visit.
Customize the function and appearance of the pages you visit based on information relating to your account; for example, to default you to a particular grade level, or to remember customized settings for a report.
Track website usage for various purposes including website optimization, website improvement, sales, marketing, and billing.
We do not use tracking technology for third-party advertising.
Most browsers are initially set up to accept cookies, but you can reset your browser to refuse all cookies or to indicate when a cookie is being sent. However, some features and services (particularly those that require you to sign in) may not function properly if your cookies are disabled. You may also set your e-mail options to prevent the automatic downloading of images that may contain technologies that would allow us to know whether you have accessed our e-mail and performed certain functions with it. Deleting cookies does not prevent the collection of information through non-cookie technologies and does delete Local Storage Objects (LSOs) such as Flash objects and HTML5. If you choose to delete Flash objects from our sites, then you may not be able to access and use all or part of the sites or benefit from the information and services offered.
HOW WE USE YOUR PERSONAL INFORMATION
We may use your Personal Information collected through our Site for the following purposes:
● to provide and deliver products and services you request from us
● to operate, maintain, and improve our sites, products, and services
● to respond to comments and questions and provide customer service
● to send information including confirmations, invoices, technical notices, updates, security alerts, and support and administrative messages
● to communicate about promotions, upcoming events, and other news about products and services offered by us and our selected partners
● to protect, investigate, and deter against fraudulent, unauthorized, or illegal activity
We may also use your Personal Information in any other way we may describe when you provide the information, or for any other purpose with your consent.
For Personal Information subject to the European Union General Data Processing Regulations ("GDPR"), we rely on several legal bases to process the data. These legal bases include where:
· The processing is necessary to perform our contractual obligations in our Terms of Service or other contracts with you (such as to provide you the Service as described in our Terms of Service);
· You have given your prior consent, which you may withdraw at any time (such as for marketing purposes or other purposes we obtain your consent for from time to time);
· The processing is necessary to comply with a legal obligation, a court order or to exercise or defend legal claims;
· The processing is necessary for the purposes of our legitimate interests, such as in improving, personalizing, and developing the Service, marketing the Service, such as new features or products that may be of interest, and promoting safety and security as described above.
For more information on your choices about how we use your Personal Information, see Information Choices and Changes below, or contact us using the contact details provided below in Contact Information.
HOW WE SHARE YOUR PERSONAL INFORMATION
We may share or disclose your Personal Information as follows:
● Consent. We may share your Personal Information with your consent. For example, you may let us share personal information with others for their own marketing uses. Those uses will be subject to their privacy policies.
● At the direction of Schools and Parents. We may share your Personal Information with consent and at the direction of Schools and Parents. For example, a School or Parent may direct us to share specific information with another individual, such as when a teacher directs us to send a communication to a parent. Similarly, we may share personal information with third parties, for example, if a School authorizes Google login or similar authentication tools for that School's user accounts.
● For School Administration Purposes. We may share information collected from users associated with a School with other users or persons designated by the School, such as teachers and school administrators of that School.
● Merger or Sale. We may share your Personal Information when we do a business deal, or negotiate a business deal, involving the sale or transfer of all or a part of our business or assets. These deals can include any merger, financing, acquisition, or bankruptcy transaction or proceeding. In such an event, we will make efforts to provide notice before Personal Information is transferred and becomes subject to a different privacy policy. We will not transfer Student Data associated with School accounts in the event of a merger or sale unless the recipient has committed to similarly stringent privacy protections, or we will provide Schools with notice and an opportunity to opt-out of the transfer of Student Data by terminating their accounts and any associated student users before the transfer occurs.
● Safety or Protection. We may share your Personal information for legal, protection, and safety purposes.
o We may share information to comply with laws.
o We may share information to respond to lawful requests and legal processes.
o We may share information to protect the rights and property of the Company, our agents, customers, and others. This includes enforcing our agreements, policies, and terms of use.
o We may share information in an emergency. This includes protecting the safety of our employees and agents, our customers, or any person.
● Vendors and Service Providers. We may share your Personal Information with our trusted contractors, service providers, or other third parties we use to support our business who need it to do work for us. Vendors and other service providers who have access to Student Data, if any, shall be contractually bound to uphold privacy and confidentiality terms no less protective than those provided herein.
● Anonymized Data. We may also share aggregated and/or anonymized data with others for their own uses without restriction.
We do not sell or rent your Personal Information to any third parties for marketing or other purposes, and only disclose Personal Information to nonaffiliated third parties as permitted by law.
FOR CALIFORNIA RESIDENTS: We will not share information we collect about you with nonaffiliated third parties, except as permitted by California law.
THIRD PARTY TRACKING AND ONLINE ADVERTISING
The Company does not display any targeted advertising on the Service or allow any third-party advertising partners to track or collect information from visitors to the Site.
INFORMATION CHOICES AND CHANGES
If you do not want to receive communications from us about promotions, upcoming events, and other news about products and services offered by us and our selected partners, you may opt out by clicking on the “unsubscribe” link on the email that you receive, by logging into the Site and adjusting your preferences in your account profile, or by clicking here. If you unsubscribe, we may still send you non-marketing emails. Non-marketing emails include emails about your accounts and our business dealings with you.
You may send requests about changing contact choices or opt-out of our sharing with others by sending an email to info@symbioeducation.com, or in writing to the address listed in the contact information below.
Any updates to your Personal Information provided to us through this Site, such as your name, telephone number, or email address, may be provided to us using the Contact Information below. Updates to all other Personal Information should be provided by logging into your account profile.
You can typically remove and reject cookies from our Website with your browser settings. Many browsers are set to accept cookies until you change your settings. If you remove or reject our cookies, it could affect how our Website works for you.
PROTECTION OF INFORMATION; USE OF THIRD-PARTY PLATFORMS
We take reasonable steps to protect all Personal Information we collect directly on our Site or in email, text, or other electronic messages between you and our Site. We maintain strict administrative, technical, and physical procedures to protect information stored in our servers. Access to information is limited (through user/password credentials and software systems) to those employees who require it to perform their job functions. We use industry-standard Secure Socket Layer (SSL) encryption technology to safeguard the account registration process and sign-up information. Other security safeguards include but are not limited to data encryption, firewalls, and physical access controls to building and files. However, no system can be 100% secure. Therefore, although we take these steps to secure your information, we do not promise, and you should not expect, that your Personal Information, searches, or other communications will always remain secure. Any transmission of Personal Information is at your own risk. We are not responsible for circumvention of any privacy settings or security measures contained on this Site or on any Third-Party Platform. Where we have given you (or where you have chosen) a password for access to certain parts of our Site or a Third-Party Platform, you are responsible for keeping this password confidential.
Maintaining the security of your personal information also requires your cooperation and involvement. For your protection, remember to sign out of all accounts before closing your browser. After signing out, make sure to close all browser windows. In addition, do not use the "Remember" feature if you are signing in to your account from a computer that other persons may have access to. This is to ensure that others cannot access your personal information if you share a computer with someone else or are using a public computer.
Please keep your password secure. If you have forgotten your password, you may request a new one by contacting info@symbioeducation.com. A new password will be sent to the e-mail address you specified during registration. For all other problems signing in to the Services, please contact our technical support team using the contact information at the end of this policy.
If you have any concerns about the security of your account or the security of the Service, we ask that you report your concern to us immediately at info@symbioeducation.com. While we are unable to respond to all security concerns, we appreciate your feedback and take all reported concerns seriously.
Data storage and transfer. The Company is located in the United States. Personal information collected through our Website and Services may be stored and processed in the United States or any other country in which we or our affiliates or service providers maintain facilities.
Third-Party Platforms. All information collected through the Third-Party Platforms is stored solely on the Third-Party Platform. Our access to information stored on these Third-Party Platforms is limited (through user/password credentials and software systems) to those employees who require it to perform their job functions.
These Third-Party Platforms do not operate under this Policy and may independently solicit and collect information from you. While we believe that the Third-Party Platforms we use to collect, store and access your information take similar steps to protect any Personal Information collected through these Third-Party Platforms, we do not have any control over the data security practices of these Third-Party Platforms. As such, we cannot guarantee the security of your Personal Information transmitted to these Third-Party Platforms. We recommend that you consult the privacy policies of all Third-Party Platforms you visit.
HOW TO ACCESS, UPDATE OR DELETE YOUR PERSONAL INFORMATION
You may edit your account information at any time by signing in to your account, clicking on the account menu in the upper-right corner, and selecting Profile & settings. We recommend that you review your personal information periodically to ensure that it is accurate, complete, and current. If you do not provide and maintain accurate contact information for your account, we may not be able to provide you with the notices set forth in this Privacy Policy.
If you are a parent or guardian of a student who uses the Services through a School, please refer all questions and requests regarding access, modification, or deletion of your student's user account or Student Data to your child's school. The School may, at its discretion, address such requests with us and we will respond promptly to all access, modification and deletion requests it receives from Schools.
Please contact info@symbioeducation.com for further instructions about deleting or deactivating your account or deleting your Personal Information. When account information is deleted or de-identified, certain residual information may remain within our archive records, such as for customer and technical support, billing and tax purposes.
HOW LONG DO WE RETAIN YOUR INFORMATION?
We will retain Personal Information for as long as needed to provide the Services and for our internal business purposes, which may extend beyond the termination or cancellation of your subscription or user account. For example, we may retain certain data as necessary to prevent fraud or future abuse, for recordkeeping or other legitimate business purposes, or if required by law. We may also retain and use information which has been de-identified or aggregated such that it can no longer reasonably identify a particular individual. All retained personal information will remain subject to the terms of this Privacy Policy.
Student data: We will not knowingly retain Student Data beyond the time period required to support an educational purpose, unless authorized by a School or parent. We do not delete or de-identify any Student Data from an active student user account associated with a School except at the direction of the School. The School is responsible for maintaining current student rosters and identifying Student Data which the School no longer needs for an educational purpose by removing students from the school's master roster or by submitting a deletion request.
Unless otherwise directed by a School or Parent, we will delete or de-identify personal information of student and child users after a period of inactivity, after the termination or cancellation of the license subscription, or after termination of our agreement with the School, in accordance with the terms of any applicable written agreement with the School, written requests from authorized School administrators, and our standard data retention schedule. Authorized School administrators may contact us at info@symbioeducation.com to request additional information about our standard data retention schedule and available options for customizing our standard data retention schedule to meet individual School requirements.
We may not be able to immediately or completely delete all data in all instances, such as information retained in technical support records, customer service records, backups, and other similar business records. We will not be required to delete any information which has been de-identified or disassociated with personal identifiers such that the remaining information cannot reasonably be used to identify a particular individual.
EUROPEAN UNION DATA PROTECTION
Residents in the European Union are entitled to certain rights with respect to personal information that we hold about them under the General Data Protection Regulation (GDPR):
· Right of access and portability. The right to obtain access to your personal information, along with certain related information, and to receive that information in a commonly used format and to have it transferred to another data controller;
· Right to rectification. The right to obtain rectification of your personal information without undue delay where that personal information is inaccurate or incomplete;
· Right to erasure. The right to obtain the erasure of your personal information without undue delay in certain circumstances, such as where the personal information is no longer necessary in relation to the purposes for which it was collected or processed;
· Right to restriction. The right to obtain the restriction of the processing undertaken by us on your personal information in certain circumstances, such as where the accuracy of the personal information is contested by you, for a period enabling us to verify the accuracy of that personal information; and
· Right to object. The right to object, on grounds relating to your particular situation, to the processing of your personal information, and to object to processing of your personal information for direct marketing purposes, to the extent it is related to such direct marketing.
You may also have the right to make a GDPR complaint to the relevant Supervisory Authority. A list of Supervisory Authorities is available here: https://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.htm. If you need further assistance regarding your rights, please contact us using the contact information provided below and we will consider your request in accordance with applicable law. In some cases our ability to uphold these rights for you may depend upon our obligations to process personal information for security, safety, fraud prevention reasons, compliance with regulatory or legal requirements, or because processing is necessary to deliver the services you have requested. Where this is the case, we will inform you of specific details in response to your request.
HOW DO WE PROTECT CHILDREN'S PRIVACY?
We do not permit children under the age of 13 to create an account and do not knowingly collect Personal Information from children under the age of 13 without the consent and at the direction of a Parent. Please contact us at info@symbioeducation.com if you believe we have inadvertently collected information from a child under 13 without parental consent so that we may delete the information as soon as possible.
Parents who purchase a subscription to the Services may set up a child profile associated with the Parent's account so that children under 13 may access the Services under the Parent's supervision. Please see our Children's Privacy Policy below to learn more about how the Company collects, uses and shares information associated with child profiles. The Children's Privacy Policy applies to all users of child profiles, regardless of the age of the child.
When the Services are used by a School in an educational setting, the School may authorize us to collect information from a child under 13. Please refer to the section of this Policy How We Protect Student Data to learn more about how we protect Student Data, including that of students who may be under the age of 13, when the Services are used by a School.
HOW DO WE PROTECT STUDENT DATA AND COMPLY WITH LAWS?
When we provide the Services to Schools, our collection, use and disclosure of Student Data is governed by our Terms of Service and/or any other agreement with the School, by the provisions of the Family Educational Rights and Privacy Act ("FERPA"), the Children's Online Privacy Protection Act ("COPPA") and other applicable laws that may relate to the collection and use of personal information of students. If you have any questions about reviewing, modifying, or deleting the personal information of a student, please contact your School directly.
The Student Privacy Pledge ("The Pledge"). The Company adheres to the Student Privacy Pledge, an industry standard approach to privacy for K-12 service providers. The Pledge was created by the Future of Privacy Forum (FPF) and The Software & Information Industry Association (SIIA) and has been endorsed by the National School Boards Association (NSBA), the National Parent-Teacher Association (PTA), and the White House.
As part of our commitment to The Pledge, when we have access to Student Data through the provision of our Services to a School, the following core principles guide our decisions around data, security, and technology:
· We do not collect, maintain, use or share Student Data beyond that needed for an authorized educational or school purpose, or as authorized by our agreement with a School.
· We do not use or disclose Student Data for targeted advertising purposes.
· We do not build a personal profile of a Student other than in furtherance of a K-12 School purpose, or as authorized by a parent.
· We maintain a comprehensive data security program designed to protect the types of Student Data maintained by us.
· We will not knowingly retain Student Data beyond the time period required to support the School's purpose, unless authorized by the parent.
· We will clearly and transparently disclose our data policies and practices.
· We will never sell Student Data unless the sale is part of a corporate transaction, such as a merger, acquisition, bankruptcy, or other sale of assets, in which case we will use our best efforts to ensure the successor entity honors the privacy commitments made in this policy and/or we will notify the School of such a sale and provide the School an opportunity to opt-out by terminating its account before the data transfer occurs.
· We will not make any material changes to our Privacy Policy or Terms of Service that relate to the collection or use of Student Data without first giving notice to the School and providing a choice before the Student Data is used in a materially different manner than was disclosed when the information was collected.
The Family Educational Rights and Privacy Act ("FERPA"). This Privacy Policy and our Services are designed to meet our responsibilities to protect personal information from the students' educational records under FERPA. We agree to work with each School to jointly ensure compliance with the FERPA regulations.
The Children's Online Privacy Protection Act ("COPPA"). This Privacy Policy and our Services are designed to comply with COPPA. We do not knowingly collect Personal Information from a child under 13 unless and until a School has authorized us to collect such information through the provision of the Services on the School's behalf. When a School uses our Services in the classroom or in an educational context, we rely on the School to provide appropriate consent and authorization for a student under 13 to use the Services and for us to collect personal information from such student, as permitted by COPPA. Upon request, we will provide the School the opportunity to review and delete the Personal Information collected from their students. If you are a parent and you have questions about your child's use of our Services and any information collected, you should discuss your questions with your child's School.
Students Online Personal Information Protection Act ("SOPIPA"). This Privacy Policy and our Services are designed to comply with SOPIPA. We do not use Student Data for targeted advertising purposes. We do not use collected information to amass a profile of a K-12 student except in furtherance of K-12 school purposes. We never sell Student Data unless the sale is part of a corporate transaction, such as a merger, acquisition, bankruptcy, or other sale of assets, in which case we make efforts to ensure the successor entity honors the privacy commitments made in this policy and/or we will notify you of such a sale and provide you an opportunity to opt-out by deleting your account before the data transfer occurs. We will not sell students' personal information to third parties other than in the context of a business transaction.
California Assembly Bill 1584 ("AB 1584"). This Privacy Policy and our Services are designed to comply with AB 1584. Pupil records obtained by us from a local educational agency ("LEA") continue to be the property of and under the control of the LEA. Parents, legal guardians, or eligible pupils may review personally identifiable information in the pupil's records and correct erroneous information by contacting their LEA directly. In the event of an unauthorized disclosure of a pupil's records, we will notify the LEA and will provide the LEA with a report to be shared with the affected parent(s), legal guardians(s) or eligible pupil(s). Pupil records will be deleted and/or de-identified in accordance with our data retention and deletion policies described above in the section How Long Do We Retain Your Information?.
LINKS TO OTHER WEBSITES AND SERVICES
The Services may contain links to and from third-party websites of our business partners, advertisers, and social media sites. If you follow a link to any of these websites, please note that these websites have their own privacy policies and their practices are not covered by this Privacy Policy. We strongly recommend that you read their privacy policies and terms and conditions of use to understand how they collect, use, and share information. We are not responsible for the privacy practices or the content on the websites of third-party sites.
UPDATES TO THIS POLICY
We may, in our sole discretion, modify or update this Policy from time to time, which will be reflected in the `date last modified´ set forth below. If we change this Policy in a material manner, we will do our best to notify you of the changes by posting a notice on the Site. Your continued use of the Services following the effective date of such update constitutes your acceptance of the revised Policy. If you do not agree to any of the terms in this Policy or to any future terms in a future revision of this Policy, do not use or access (or continue to access) the Services or the Site.
We will not make any material changes to our Privacy Policy or Terms of Service that would result in Student Data being used in a materially different manner than was disclosed when the information was collected without first giving notice to applicable Schools and providing a choice before such Student Data is used in a materially different manner than was disclosed when the information was collected.
In the event that you or your School has entered into a signed, written agreement with us, changes to this Policy may not be effective as to you until either (a) you or your School affirmatively accepts the changes to this Policy, either electronically or in a signed writing or (b) upon renewal of the School's agreement with us at the end of the current term.
CONTACT INFORMATION
We welcome your comments or questions about this privacy policy. You can submit any comments or questions, request to change contact choices, opt-out of our sharing with others, or update Personal Information provided to us through this Site here.
You may also contact us at our address:
Symbio Education, LLC
1201 15th Street, NW, Suite 500
Washington, DC 20005
For all other changes or updates to Personal Information, please log into your account profile.
Last Updated: April 2, 2020
CHILDREN'S PRIVACY POLICY
The Company does not permit children under the age of 13 ("Child") to create an account and does not knowingly collect personally identifying information from children under the age of 13 without the consent and at the direction of a parent.
The Company permits Parents to set up child profiles associated with the Parent account so that children may access the Services under the Parent's supervision. We take special precautions to collect only as much information as is reasonably necessary for the child to use the Services and to ensure that Parents have access to and control of their child's use of the Services.
This Children's Privacy Policy applies to all users of child profiles associated with a Parent account, regardless of the age of the child.
By creating a child profile associated with a Parent account and permitting your child to use the Services, you expressly agree to the practices described in this Children's Privacy Policy and you consent to the collection, use, and disclosure of your child's personal information as described herein.
1. How to create a child profile associated with a Parent account.
A parent must purchase a user license using a credit card on the Family Membership page, register for an account with the Company, and agree to the terms of our Terms of Service, Privacy Policy and this Children's Privacy Policy. During the account creation process, the Parent may create individual profiles for each child(ren) authorized by the Parent to use the Services through the Parent's account. Each child user profile must be associated with a Parent account, and children cannot access the Services without the Parent first signing in to the Parent account with the Parent's login credentials. After the Parent logs into a Parent account, the child user selects the child profile to use the Service.
2. What information do we collect from or about a child and how do we use this information?
Information you provide us. Through the Parent's account set-up, the Parent provides information about the child(ren) authorized by the Parent to use the Services through the Parent's account, including a profile name. We recommend that the Parent selects a profile name that does not include the real name or identifying characteristics of the child. The Parent may also create a "secret word," which functions similar to a password to access the child profile, though it cannot be used to sign in to the Services without the Parent first signing in to the Parent's account using the Parent's login credentials. We do not request a birthdate or any additional personal information from the user of the child profile, though the child may change his/her secret word and profile name (of course, the Parent will see these changes through the Parent's account dashboard).
We use this information to provide the Services to the user of the child profile. We use the e-mail address provided by users of Parent accounts to communicate messages about the account, such as subscription notices and password resets, and the child user reports and awards.
Information collected from the Child's use of the Services. During the course of providing the Service, we collect information about the user of the child profile's use of the Services and information submitted to the Services, such as answers to questions, for the purpose of providing feedback to the user.
When your Child accesses the Services through the Parent's account, we automatically collect and store usage information as well as information about the device used by the Parent and Child to access the Services. For example, we collect an IP address, location (at the city level), browser type, language preferences, and other information about the device used to access the Services, such as the device type, model and manufacturer and a unique identifier which allows us to uniquely identify your browser, device, or account, as well as account usage information such as the day/time stamp, referring/exit pages and URLs, pages viewed, and similar information. This information is typically collected through a variety of tracking technologies, including cookies, web beacons, log files, and similar technology (collectively, "tracking technologies"), and we may use third party providers to collect this information on our behalf.
We use this information to secure and improve the Services, to provide personalized content and information, to remember you when you return to the Services at a later time or using a different device, to improve the Services, to save you time, to provide better technical support, to track website usage and other similar purposes.
3. HOW WE DISCLOSE INFORMATION
We may share or disclose a child's Personal Information as needed to provide our Services or with your consent or permission. For example, we share information with our trusted vendors, third party service providers and individuals to provide services for us on our behalf, which may include analytics providers and hosting services. We may also share personal information if we have a good faith belief that access, use, preservation, or disclosure of such information is reasonably necessary to (a) satisfy any applicable law, regulation, legal process, or enforceable governmental request; (b) enforce applicable Terms of Service, including investigation of potential violations thereof; (c) detect, prevent or otherwise address fraud, security or technical issues; (d) protect the rights, property, or personal safety of the Company, its users, or the public; or (e) as required or permitted by law.
If we becomes involved in a merger, acquisition, bankruptcy, change of control, or any form of sale of some or all of its assets, personal information may be transferred or disclosed in connection with the business transaction, subject to any applicable laws.
We may also share aggregate or de-identified information in a manner that cannot be reasonably used to identify an individual user.
4. THIRD PARTY TRACKING AND ONLINE ADVERTISING ON THE SERVICE
The Company does not display any targeted advertising on the Service or allow any third-party advertising partners to track or collect information from visitors to the Site.
5. HOW TO ACCESS AND DELETE YOUR CHILD'S PERSONAL INFORMATION
The Parent may review the information collected from the user of the Child profile at any time by signing in to the Parent account. The Parent may refuse to permit the further collection of the Child user's information by no longer providing the Child user access to the Service through the Parent's account.
We will retain the personal information collected from and about the user of the Child profile for as long as necessary to provide the Service and will de-identify or delete the personal information after the termination of the Parent's subscription account in accordance with our standard data retention policy or until we receive a deletion request. To request deletion of personal information of a user of a child profile at any time, please contact us at info@symbioeducation.com.
6. OUR PRACTICES INVOLVING SCHOOLS
When Symbio Education programs are used by a School in an educational setting, the School may authorize us to collect information from a child under 13. If you are a Parent whose child accesses the Services through a School, please contact the child's School to request to access, review and/or delete your child's information. We will process such requests promptly as directed by the School.
Please refer to the section How Do We Protect Student Data in our main Policy to learn more about how we protect Student Data, including students who may be under the age of 13, when the Service is used by a School.
7. EUROPEAN UNION DATA PROTECTION
If you reside in the European Union, the United Kingdom or Switzerland, additional rights may apply to you pursuant to the General Data Protection Regulation (GDPR). Please see our the section on European Union Data Protection in our main Policy to learn more.
8. CONTACT US
If you have questions or concerns about this policy or about our use of information provided by a user of a child profile, please contact us:
Symbio Education, LLC
1201 15th Street, NW, Suite 500
Washington, DC 20005
Last Updated: April 2, 2020
ADDENDUM: SCHOOL ACCOUNTS AND STUDENT DATA
This Section of our Policy applies to a School's use of the Services.
When Symbio Education is used by a School for an educational purpose, we may collect or have access to Student Data that is provided by the School or by a student. "Student Data" is personal information that is directly related to an identifiable student and may include "educational records" as defined by the Family Educational Rights and Privacy Act ("FERPA").
The School or the student, and not the Company, owns and controls the Student Data. You authorize us to access, collect, transmit, modify, display and store Student Data to provide the Service and as described in this Policy and in the Terms of Service.
Compliance with Laws. In the U.S., we may collect and process Student Data as a School Official with a legitimate educational interest pursuant to the Family Educational Rights and Privacy Act ("FERPA"), 20 U.S.C. § 1232(g). Individually and collectively, we and our School Users agree to uphold our obligations under FERPA, COPPA, the Protection of Pupil Rights Amendment ("PPRA"), applicable State laws relating to student data privacy, and with all other laws and regulations governing the protection of Student Data.
Use of Student Data. By submitting, providing us access to, or causing us to receive Student Data, you agree that we may use the Student Data for the purposes of (i) providing the Services, (ii) improving and developing our Services, (iii) enforcing our rights under the Terms of Service, and (iv) as permitted with the School's or the User's consent.
Use of De-Identified or Anonymized Student Data. You agree that we may collect, analyze, use, and retain data derived from Student Data as well as data about users' access and use of the Service, for the purpose of operating, analyzing, improving or marketing the Services, developing new products or services, conducting research or other purposes, provided that we may not share or publicly disclose information that is derived from Student Data unless such data is de-identified and/or anonymized such that it cannot reasonably identify a specific individual.
Use of Personal Information for Marketing. You agree that we may provide customized content, advertising, and commercial messaging to school, teacher or district administrative users and other non-student users from time to time, provided that such advertisements shall not be based on Student Data. For emphasis, and without limitation, we shall never use Student Data to engage in targeted advertising.
Disclosure of Student Data and Third-Party Service Providers. You acknowledge and agree that we may provide access to Student Data to our employees and service providers which have a legitimate need to access such information to provide their services to us. We and our employees, affiliates, service providers, or agents involved in the handling, transmittal, and processing of Student Data will be required to maintain the confidentiality of such data. We shall not share Student Data with third parties other than as described in this Policy and the Terms of Service, or with consent of the School or parent.
Student Data Access and Deletion Requests. You may request that we delete Student Data in our possession at any time by providing such a request in writing, and we shall comply with such request within thirty (30) days, except that we shall not be required to delete Student Data that has been moved to a [personal family account] on the Service or as otherwise prohibited by law. A parent or student over the age of 18 seeking to access, modify, correct, or delete personal information in a student account that is connected to a School account will be instructed to contact the School to discuss data deletion or modification. We are not required to delete data that has been derived from Student Data if such data is de-identified and/or anonymized such that it cannot reasonably identify a specific individual.
Data Security and Breach Notification. We have implemented administrative, physical and technical safeguards designed to secure the personal information in our possession and control from unauthorized access, disclosure and use. If an unauthorized party gains access to or has been disclosed Student Data (a "Security Event"), that we have collected or received through the Service under this Agreement, we will promptly notify the School. If, due to a Security Event which is caused by the acts or omissions of the Company or its agents, a notification to an individual, organization or government agency is required under applicable privacy laws, the School shall be responsible for the timing, content, and method of any such legally-required notice and compliance with such laws and we shall indemnify the School for reasonable costs related to legally-required notifications. With respect to any Security Event which is not caused by the acts or omissions of the Company or its agents, the Company shall reasonably cooperate with School's investigation of the Security Event, as School requests, at School's reasonable expense, but the Company shall not indemnify a School for costs associated with the Security Event. The Company shall be responsible for the timing, content, cost and method of notice and compliance with such laws as they relate to users that are not associated with a School account.