PRIVACY POLICY

Last Updated: March 6, 2024

PLEASE READ THIS POLICY CAREFULLY TO UNDERSTAND HOW WE TREAT YOUR PERSONAL INFORMATION AND WHAT CHOICES AND RIGHTS YOU HAVE IN THIS REGARD. IF YOU DO NOT AGREE WITH THE TERMS AND CONDITIONS OF THIS POLICY, YOU SHOULD NOT ACCESS OR USE THE SITE.

THE SITE IS INTENDED FOR USERS LOCATED IN THE UNITED STATES, AND IT IS NOT INTENDED FOR USERS LOCATED IN OTHER COUNTRIES, INCLUDING THE EUROPEAN UNION AND THE EUROPEAN ECONOMIC AREA.

INTRODUCTION

eDoctrina is committed to protecting the privacy and security of your personal information. We also believe in transparency, and this Policy explains how we treat your personal data. Please read this Policy carefully to learn more about how we process personal information and what rights you may have under applicable law.

When does this Policy apply? This Policy describes our practices for the personal information for which we are a “data controller” under applicable law. This includes information collected when you visit https://www.edoctrina.org/ (the “Site”). This Policy does not apply, however, when we process personal data on behalf of a customer. For information about a customer’s data practices, please contact the customer directly. You can view certain information on our treatment of customer personal data under the “How Do We Treat Student Personal Information” section of this Policy. We are not responsible for our customers’ privacy or security practices.

HOW DO WE COLLECT AND USE PERSONAL INFORMATION?

We collect the following types of personal data for the purposes listed below. You may choose not to provide us with any personal information, but you will not be able to access portions of the Site that require personal information.

Category Description and Purpose
Contact Information If you contact us or submit a question via our Site, request a demo, or otherwise inquire about our products or services, we collect your name, company name, work email address, and phone number.

 

We process Contact Information to provide our products and services to you, to provide customer support, to ensure the privacy and security of our Site, products, and services, to maintain our databases and back-ups, to manage our relationships with you, to communicate with you, and to keep records of our communications with you.

Account Registration Information When you purchase or register for our services, we collect your Contact Information, your company website URL, and a record of the products and services purchased. If you use Google Classroom, we may collect your email address from Google Sign-In and Google Classroom and associated with your account with us.

 

We process Account Registration Information to provide our products and services to you, to provide customer support, to ensure the privacy and security of our products and services, to maintain our databases and back-ups, to manage our relationships with you, to communicate with you, and to keep records of our communications with you.

Payment Information When you purchase products or services from us, our third-party payment processor will collect your credit card number, security code, and expiration date. We only receive confirmation of your payment once it goes through, and such confirmation is then linked to your transactions and other personal information.

 

We process Payment Information to operate our business, to provide our products and services to you, to manage our relationships with you, and to detect fraud, illegal activities, or security breaches.

Communications and Inquiries If you contact us, in addition to your Contact Information, we will receive the subject matter of your message and any comments, content, or other information that you choose to provide.

 

We process Communications and Inquiries to provide our products and services to you, to provide customer support, to ensure the privacy and security of our Site, products, and services, to maintain our databases and back-ups, to manage our relationships with you, to communicate with you, and to keep records of our communications with you.

Cookies and Similar Technologies We use cookies and use similar technologies as described in the “Cookies and Similar Technologies” section of this Policy. If you choose to disable cookies and similar technologies, some areas and features of the Site may not work properly.

 

We process Cookies and Similar Technologies to operate the Site, to serve you the content and functionality you request, to ensure the privacy and security of our Site, to develop new services, to enhance your experience and provide you with a more personal and interactive experience, and for usage analytics purposes.

Device and Usage Information When you visit the Site, we automatically collect information from your browser and your device, which includes the date and time of your visit as well as your location, Internet Protocol (IP) address or unique device identifier, domain server, browser type, access time, and data about which pages you visit.

 

We process Device and Usage Information to operate the Site, to serve you the content and functionality you request, to ensure the privacy and security of our Site, to develop new services, to enhance your experience and provide you with a more personal and interactive experience, and for usage analytics purposes.

 

Cookies and Similar Technologies

First and Third-Party Cookies

A “cookie” is a small file created by a web server that can be stored on your device (if you allow) for use either during a particular browsing session (a “session” cookie) or a future browsing session (a “persistent” cookie). “Session” cookies are temporarily stored on your device and remain there until they expire at the end of your browsing session. “Persistent” cookies remain stored on your device until they expire or are deleted by you. Local shared objects (or “flash” cookies) are used to collect and store information about your preferences and navigation to, from, and on a website. First-party cookies are set by the website you are visiting, and they can only be read by that site. Third-party cookies are set by a party other than that website.

Other Similar Technologies

In addition to cookies, there are other data collection technologies, such as Internet tags, web beacons, pixels (clear gifs, pixel tags, and single-pixel gifs), and navigational data collection (log files, server logs, etc.) that can be used to collect data as you navigate through and interact with a website. For example, web beacons are tiny graphics with unique identifiers that are used to understand browsing activity. UTM codes are strings that can appear in a URL when you move from one web page or website to another. The string can represent information about your browsing, such as which advertisement, page, or publisher sent you to the receiving website.

 

What Cookies and Similar Technologies Are in Use and Why Do We Use Them?

  • Google Analytics. We may use Google Analytics to collect and process statistical data about the number of people using the Site and to better understand how they find and use the Site. The data collected includes data related to your device/browser, your IP address, and on-site activities to measure and report statistics about user interactions. The information stored is reduced to a random identifier. Any data collected is used in accordance with this Policy and Google’s privacy policy. You may learn more about Google Analytics by visiting https://www.google.com/policies/privacy/partners/ and https://support.google.com/analytics/answer/6004245. You can learn more about Google’s restrictions on data use by visiting the Google Privacy Policy at: https://www.google.com/policies/privacy. To opt-out of Google Analytics, visit https://tools.google.com/dlpage/gaoptout and install the opt-out browser add-on feature. For more details, visit the “Google Analytics opt-out browser add-on” page located at https://support.google.com/analytics/answer/181881?hl=en.
  • Google Tag Manager. We may use Google Tag Manager, which allows marketed website tags to be managed using an interface. The tool itself (which implements the tags) does not use cookies and does not register identifiable data. The tool causes other tags to be activated which may, for their part, register personal data under certain circumstances. Google Tag Manager does not access this information. Google Tag Manager is subject to the Google Privacy Policy located at https://www.google.com/intl/en/policies/privacy.
  • Google Remarketing. (e.g. DoubleClick, Dynamic Remarketing). We use certain Google marketing technologies to track user activity on the Site and to serve personalized advertisements. Your browser is assigned a pseudonymous ID used to track the ads that have been served to your browser and to identify those on which you’ve clicked. The cookies enable Google and its partners to select and display ads based on your browsing behavior. For more information on how Google uses this information, you can visit https://policies.google.com/technologies/adshttps://support.google.com/displayvideo/answer/7621162, and https://support.google.com/google-ads/answer/7548399?hl=en. To block certain ads served by Google, please visit https://support.google.com/ads/answer/2662922. Google’s Privacy Policy is available at: https://www.google.com/policies/privacy.
  • SharpSpring. We may use SharpSpring to manage and analyze our marketing campaigns, audience, and performance, and to manage our contacts and customer base. To learn more about SharpSpring, visit https://www.constantcontact.com/legal/privacy-notice.
  • Yahoo Analytics. We may use Yahoo Analytics to collect and process statistical data about the number of people using the Site and to better understand how they find and use the Site. You may learn more about Yahoo Analytics and its privacy practices by visiting https://legal.yahoo.com/us/en/yahoo/privacy/topics/analytics/index.html.
  • Xandr (Formerly AppNexus). We may use Xandr to understand our audiences and serve relevant advertisements. To learn more about Xandr, visit https://about.ads.microsoft.com/en-us/solutions/xandr/platform-privacy-policy.
  • OpenX. We may use OpenX to understand our audiences and to serve relevant advertisements. To learn more about OpenX, visit https://www.openx.com/privacy-center/privacy-policy/.

Other Third-Party Technologies

Some third parties may use data collection technologies to collect information about you when you browse the Internet. We do not control these third parties’ technologies or how they may be used. If you have questions about targeted content, you should contact the responsible party directly or consult their privacy policies.

Choices About Cookies

Most web browsers are set by default to accept cookies. If you do not wish to receive cookies, you may set your browser to refuse all or some types of cookies or to alert you when cookies are being stored. These settings may affect your enjoyment of the Site’s functionality. Adjusting the cookie settings may not fully delete all of the cookies that have already been created. To delete them, you should review your web browser settings after you have changed your cookie settings. The links below provide additional information about how to disable cookies or manage the cookie settings:

Google Chrome: https://support.google.com/chrome/answer/95647?hl=en

Firefox: https://support.mozilla.org/en-US/kb/enable-and-disable-cookies-website-preferences

Microsoft Edge: https://support.microsoft.com/en-us/microsoft-edge/delete-cookies-in-microsoft-edge-63947406-40ac-c3b8-57b9-2a946a29ae09

Safari: https://support.apple.com/guide/safari/manage-cookies-sfri11471/mac  and https://support.apple.com/en-us/HT201265

For more information about how to modify your browser settings to block or filter cookies, visit http://www.aboutcookies.org/. You may learn more about internet advertising practices and related consumer resources at https://youradchoices.com/control, https://thenai.org/about-online-advertising/faq, and http://www.networkadvertising.org/choices.

HOW DO WE SHARE YOUR PERSONAL INFORMATION?

When we are acting as the data controller or where permitted by applicable law, we may share each of the categories of personal information described above in the following contexts.

Category Description and Purpose
Contact Information If you contact us or submit a question via our Site, request a demo, or otherwise inquire about our products or services, we collect your name, company name, work email address, and phone number.
We process Contact Information to provide our products and services to you, to provide customer support, to ensure the privacy and security of our Site, products, and services, to maintain our databases and back-ups, to manage our relationships with you, to communicate with you, and to keep records of our communications with you.
Account Registration Information When you purchase or register for our services, we collect your Contact Information, your company website URL, and a record of the products and services purchased. If you use Google Classroom, we may collect your email address from Google Sign-In and Google Classroom and associated with your account with us.
We process Account Registration Information to provide our products and services to you, to provide customer support, to ensure the privacy and security of our products and services, to maintain our databases and back-ups, to manage our relationships with you, to communicate with you, and to keep records of our communications with you.
Payment Information When you purchase products or services from us, our third-party payment processor will collect your credit card number, security code, and expiration date. We only receive confirmation of your payment once it goes through, and such confirmation is then linked to your transactions and other personal information.
We process Payment Information to operate our business, to provide our products and services to you, to manage our relationships with you, and to detect fraud, illegal activities, or security breaches.
Communications and Inquiries If you contact us, in addition to your Contact Information, we will receive the subject matter of your message and any comments, content, or other information that you choose to provide.
We process Communications and Inquiries to provide our products and services to you, to provide customer support, to ensure the privacy and security of our Site, products, and services, to maintain our databases and back-ups, to manage our relationships with you, to communicate with you, and to keep records of our communications with you.
Cookies and Similar Technologies We use cookies and use similar technologies as described in the “Cookies and Similar Technologies” section of this Policy. If you choose to disable cookies and similar technologies, some areas and features of the Site may not work properly.
We process Cookies and Similar Technologies to operate the Site, to serve you the content and functionality you request, to ensure the privacy and security of our Site, to develop new services, to enhance your experience and provide you with a more personal and interactive experience, and for usage analytics purposes.
Device and Usage Information When you visit the Site, we automatically collect information from your browser and your device, which includes the date and time of your visit as well as your location, Internet Protocol (IP) address or unique device identifier, domain server, browser type, access time, and data about which pages you visit.
We process Device and Usage Information to operate the Site, to serve you the content and functionality you request, to ensure the privacy and security of our Site, to develop new services, to enhance your experience and provide you with a more personal and interactive experience, and for usage analytics purposes.

 

HOW LONG DO WE PROCESS YOUR INFORMATION?

We retain and use your personal information for as long as is necessary to fulfill the purposes for which it was collected, to comply with our business requirements and legal obligations, to resolve disputes, to protect our assets, to provide our services, and to enforce our agreements.

We take reasonable steps to delete the personal information we collect when (1) we have a legal obligation to do so, (2) we no longer have a purpose for retaining the information, and (3) if you ask us to delete your information, unless we determine that doing so would violate our existing, legitimate legal, regulatory, dispute resolution, contractual, or similar obligations. We may also decide to delete your personal information if we believe it is incomplete, inaccurate, or that our continued storage of your personal information is contrary to our legal obligations or business objectives.

To the extent permitted by law, we may retain and use anonymous, de-identified, and aggregated information for performance reporting, benchmarking, and analytic purposes and for product and service improvement. When we delete data, it will be removed from our active servers and databases; but, it may remain in our archives when it is not practical or possible to delete it.

We are required by law to maintain records of consumer requests submitted under the California Consumer Privacy Act and how we responded to such requests for at least 24 months. We only use this information for recordkeeping purposes.

HOW DO WE PROTECT YOUR PERSONAL INFORMATION?

We have put security measures in place to protect personal information from being accidentally lost, used, altered, or disclosed or accessed in an unauthorized manner and to detect fraudulent identify-verification activity, including when transmitting personal information in response to data subject requests. From time to time, we review our security procedures to consider appropriate new technologies and methods.

However, no security system is perfect, and no data transmission is 100% secure. As a result, while we strive to protect personal data, we cannot guarantee or warrant the security of any information transmitted to or from the Site or services. Your use of the Site is at your own risk. We cannot guarantee that your data will remain secure in all circumstances.

If a data breach compromises your personal information, we will notify you and any applicable regulator when we are required to do so by applicable law.

YOUR RIGHTS AND CHOICES

Please use the “Contact Us” details at the end of this Policy to exercise your rights and choices under this Policy.

Email Preferences. If you no longer wish to receive communications from us via email, you may opt-out by clicking the “unsubscribe” link at the bottom of our emails or by contacting us via the “Contact Us” details at the end of this Policy and providing your name and email address so that we may identify you in the opt-out process. Once we receive your instruction, we will promptly take corrective action. Please note that registered users cannot opt out of receiving transactional e-mails related to their account.

Accuracy and Updating Your Personal Information. Our goal is to keep your personal information accurate, current, and complete. If any of the personal information you have provided to us changes, please update it in your user/account profile, or let us know via the “Contact Us” details at the end of this Policy. We are not responsible for any losses arising from any inaccurate, inauthentic, deficient or incomplete personal data that you provide to us.

Complaints. If you believe that your rights relating to your personal information have been violated, you may lodge a complaint with us by contacting us via the “Contact Us” details at the end of this Policy.

Nevada Residents

Nevada residents may submit a verified request to us at [email protected] to request that we not make any sale (as defined under Nevada law) of any covered information (as defined under Nevada law) that we have collected or will collect about you. Please provide your name and contact information in your request, and we will respond to your request in accordance with Nevada law.

California Residents

California Shine the Light. Under California Civil Code Section 1798.83, California residents who provide personal information in obtaining products or services for personal, family, or household use may be entitled to request and obtain from us once a calendar year information about the information we shared, if any, with other businesses for direct marketing uses. At present, we do not share your personal information with third parties for those third parties’ direct marketing purposes. Please be aware that not all information sharing is covered by the “Shine the Light” requirements and only information on covered sharing, if any, will be included in our response. As part of the California Online Privacy Protection Act, all users of our Site may make any changes to their information at any time by contacting us at [email protected].

THIRD-PARTY SITES AND SERVICES

This Policy does not apply to any third-party websites or applications. The Site may contain links to, and media or other content from, third parties. These links are to external resources and third parties that have their own privacy policies. Because of the dynamic media capabilities of the Site, it may not be clear which links are to external, third-party resources. If you click on a third-party link, you will be redirected away from the Site. You can check the URL to confirm whether you have left the Site.

We cannot and do not (1) guarantee the adequacy of the privacy or security practices employed by or the content and media provided by any third parties or their websites, (2) control third parties’ independent collection or use or your information, or (3) endorse any third-party information, products, services or websites that may be reached through embedded links on the Site.

Any information provided by you or automatically collected from you by a third party will be governed by that party’s privacy policy and terms of use.

CHILDREN

Our Site, products, and services are not directed to children under the age of 13, nor is information knowingly collected from children under the age of 13. No one under the age of 13 may access, browse, or use the Site or provide any information to us. If we learn that we have collected or received personal information from a child under the age of 13 without a parent’s or legal guardian’s consent, we will take steps to stop collecting that information and delete it. If you believe we have any received information from a child under the age of 13, please contact us using the “Contact Us” details provided below.

For more information about COPPA, please visit the Federal Trade Commission’s website at: https://www.ftc.gov/enforcement/rules/rulemaking-regulatory-reform-proceedings/childrens-online-privacy-protection-rule.

UPDATES AND CHANGES TO THIS POLICY

We may add to, change, update, or modify this Policy from time to time. We will post all changes to this Policy on this page, and the updated policy will be effective immediately upon posting. If we make material changes, we will also notify you through a notice on the homepage of the Site for a reasonable period of time. We may also, in our discretion, notify you of changes to this Policy via email.

You are expected to, and you acknowledge and agree that it is your responsibility to, carefully review this Policy prior to using the Site, and from time to time, so that you are aware of its current terms. Your continued use of the Site after the “Last Updated” date will constitute your acceptance of and agreement to any changes and to our collection and sharing of your information according to the then-current Policy. If you do not agree with this Policy and our practices, you should not use the Site.

HOW DO WE TREAT STUDENT PERSONAL INFORMATION

General. When schools, agencies, or other educational institutions (each, an “Institution”) use eDoctrina to enable student access to services, eDoctrina acts as a data processor on behalf of the Institution. Ownership and control of student personal information (“Student PII”) remains with the school. We use the information in accordance with our agreement with the applicable Institution to operate, maintain, and provide the features and functionality of our products and services. Your Institution determines how your information is used.

Use of Student Data. We will not collect, maintain, use or share Student PII beyond that needed for educational/school purposes authorized by our customers, or as authorized by the parent/student. Our products do not contain any ads. We will never sell Student PII or disclose it to third parties to use for marketing or behavioral targeted advertising to students. We will not build a personal profile of a student other than for supporting authorized educational/school purposes or as authorized by the parent/student. Please read your Institution’s privacy statement for more details on how your Institution uses your personal information.

Disclosure of Student Data. We disclose Student PII in accordance with our agreement with your Institution. Generally, this includes the sharing of data:

  • Within eDoctrina. Your Student PII will be accessed only by those who have a need to know to provide our products and services to your school and improve them. For instance, our support team may have access to your information when we set up the product for your school or when required for support and maintenance purposes. Our team members complete annual FERPA training and are subject to signed confidentiality agreements.
  • With your school. The Student PII we collect and use is shared with your Institution that uses our products and services. What information is shared depends on the product functionality, settings, and instructions of your Institution. Please read your Institution’s privacy statement to learn more.
  • With our vendors. We use vendors to help us provide our products and services to you on behalf of your Institution. For example, eDoctrina is hosted from an industry leading cloud provider within the continental US.  Our products and services, when directed and authorized by your institution, may also integrate with third party products and exchange personal information to provide you with a seamless experience.  We require our vendors to adhere to privacy and security principles consistent with our own policies and the requirements of our Institution customers.

 

Security. We store student PII within our product in secure data centers managed by an industry leading cloud provider, which is subject to strict physical access and data storage standards and requirements. All data is stored within the continental US.  All data is encrypted in transit using SSL/TLS. All Student PII is encrypted at rest when stored and in our backups.  Our entire network and server infrastructure is hardened based on industry standard methodology and scanned regularly for vulnerabilities.  We have multiple layers of firewalls both at the host level and at the perimeter level in addition to other security controls. We utilize advanced visibility and threat detection technologies on our servers to protect them from various types of attacks. We manage our cloud operations and access according to industry standard methodologies and frameworks.  Access to the infrastructure is strictly controlled by our technical operations team using a product with multifactor authentication.  All connections are done through encrypted VPN using a public key infrastructure and all VPN keys are encrypted via user passphrases.  Development and support staff are not permitted server level access to the production environment where student data is stored.  In all cases, access to Student PII is restricted to those needing access in order to provide the application and related services needed to fulfill the educational/school purposes of your Institution.

Retention and Access. Our customer agreements with Institutions set out the terms for collection and storage of student personal information. According to these agreements, we act as a data processor with respect to the data that is created and saved in our products. We will provide access to your Student PII upon request as required by applicable law and our agreements with our Institution customers. If you believe any of your student PII is inaccurate, please inform your institution.  We will report any inaccuracies of which we become aware to our Institution customers.  We will not retain student information beyond the time period required by our Institution customers.

Future Obligations. If we make material changes to our policies affecting Student PII, we will provide prominent notice to your Institution and you within the eDoctrina product before your Student PII is used in any manner inconsistent with this Policy. In the case of our merger or acquisition by another entity, any successor entity maintaining Student PII will be required to meet these same commitments.

CONTACT US

If you have any questions or concerns, wish to exercise your rights, or want to submit a complaint, please contact us using the information below, and we will do our best to assist you.

In Writing:  eDoctrina

2429 Military Road, Suite 300

Niagara Falls, NY 14304

 

By Email: [email protected]

Telephone: 1-888-537-3348