My Math Academy & My Reading Academy Privacy Policy

Effective Date: December 14th, 2022

 

Welcome to the adaptive learning solutions My Math Academy® and My Reading Academy®, which are owned and operated by Age of Learning, Inc. We are committed to providing children with a learning environment where every activity is just as fun as it is educational and where you can feel confident that your children’s privacy is protected.

This Privacy Policy describes the ways in which Age of Learning, Inc., and its subsidiaries (collectively, we, our, us, or the Company) collect, use, and disclose information about you and the children who use My Math Academy or My Reading Academy® and any other websites, applications, and online services (App[s]) that link to this policy (collectively, the Services). We provide account licenses (Account[s]) to the Services for schools, school districts, licensed childcare facilities, and other licensed educational institutions or programs (each, an Educational Institution). These Educational Institutions provide access to children and families to serve their educational goals.

Please read this Privacy Policy closely. By using the Services, you agree to the handling of your information in accordance with this Privacy Policy.

Summary of Key Points

You should read this entire Privacy Policy, but here are some key points:

  • Personal Information, or PI, is defined in this policy to mirror the text of the California Consumer Privacy Act (CCPA)and means information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household.
  • We take your privacy seriously, and will only use your PI, in accordance with this policy, applicable law, and the agreement we have with your Educational Institution.
  • Other than in the places and for the purposes explicitly disclosed in this Privacy Policy, we do not knowingly collect any PI directly from Child Users (defined below) under age 13. For more information about where in the Services we may collect PI from children, please see Section 3(B) (Information We Collect from Users)
  • We do not ask for sensitive PI, such as Social Security numbers, driver’s license numbers, orbiometric data.
  • We use commercially reasonable physical, technical, and administrative security measures designed to safeguard all information collected by the Services.
  • Unless an Educational Institution requires otherwise, Adult Users (as defined below) may contact us at any time as described in Section 13 (Contact Us)to request that we provide for their review, or delete from our records, any PI they have provided about Child Users associated with their Account, or to cease collecting PI from those Child Users. For information about when we automatically delete PI due to Account cancellation or inactivity, please see Section 10 (Location of Information Processing).
  • We provide Accountsto Educational Institutions. In addition to this Privacy Policy and the Terms & Conditions, each Educational Institution will have a separate agreement with the terms and conditions governing Accounts, which may provide additional protections for you.
  • Additional privacy protections apply if your Educational Institution provides us with students’ personally identifiable information (Student Data) as defined by the Family Educational Rights and Privacy Act (20 U.S.C. § 1232g) and its implementing regulations (34 CFR Part 99) (collectively, FERPA) and applicable state laws. The Educational Institution is responsible for obtaining parental consent and/or ensuring that an exception applies prior to transferring Student Data to the Company, which acts as a third-party vendor school official in this context.
  • We will only access, collect, record, organize, use, or disclose (collectively, Process) Student Data collected through the Services as described in our agreement(s) with the applicable Educational Institution and this Privacy Policy. We will Process the data consistent with all applicable laws, including, but not limited to, FERPA.
  • We will delete, or if requested by the Educational Institution, transfer to the Educational Institution all Student Data within 90 days (or a shorter time frame if required by applicable law) following the termination of our agreement with the applicable Educational Institution.
  • We may de-identify Student Data received in connection with providing the Services and use such data as described in this Privacy Policy.

Student Privacy Pledge
The Company is a signatory of the Student Privacy Pledge. The Future of Privacy Forum and the Software & Information Industry Association introduced the Student Privacy Pledge to safeguard student privacy regarding the collection, maintenance, and use of student Personal Information. Since 2014, more than 300 companies have signed on. Signing the pledge demonstrates our commitment to complying with the highest standards for safeguarding Student Data.

1. No Advertisements to Children

The Services will never include any pop-up ads or other advertisements directed to children. In addition, if external links are ever present, Child Users will be blocked from accessing them. External links will only be available if an Adult User enters his or her password.

2. Account Users

We provide Accounts for Educational Institutions. Users of the Services include Child Users (any child under age 18 who uses the learning portion of the Services) and Adult Users (including teachers, parents, and legal guardians of Child Users), collectively referred to as Users

3. Information Collection

There are two general categories of information that we collect.

A. Information Users Provide to Us

As more fully set forth below, we and our third-party service providers collect information that Users provide when using the Services, including when Adult Users contact us with a question, comment, or request and when Child Users engage in activities. However, we will only use or disclose this information in accordance with this policy and applicable law. Please see Section 5 (When We Disclose Information to Third Parties) below for more information and how we limit disclosure of Child User information.

Educational Institutions register Child Users (i.e., students) through their administrative Accounts. Adult Users who register are asked to provide certain Personal Information about themselves when registering for an Account, including email address and, optionally, their first and last name. If you submit any information relating to other people in connection with the Services, you represent that you have the authority to do so and permit us to use the information in accordance with this Privacy Policy.

B. Information We Collect from Users

We and our third-party service providers collect Personal Information directly from Users of the Services in the form of the actions they take and activities they complete when using the Services. For example, from Adult Users, we may collect information about patterns of usage; from Child Users, we may collect information about patterns of usage, which activities a child commences and completes, when a child starts and stops an activity, which areas of the Services the child frequents, the number of questions answered correctly or incorrectly, and inferences drawn from the foregoing to create an adaptive learning profile for the Child User reflecting, for example, the Child User’s aptitudes and abilities. From all Users, we may collect usage logs and information transmitted to Customer Support.

Where Adult Users access the Services through an Internet browser, we and our third-party service providers also use a variety of technologies, such as cookies (small text files that the Services save on your computer or mobile device), to automatically collect certain technical information from your computer or mobile device including when you use the Services, such as your browser type, operating system, device type, the page served, your IP address, and the approximate geographic region your computer or mobile device is located in. When you download and use one of our Apps, we and our service providers may track and collect App usage data, such as the date and time the App on your device accesses our servers and what information and files have been downloaded to the App based on your device number.

We and our third-party service providers may use the information collected through these technical methods for several purposes, including delivering content, tracking, and enhancing our Users’ experience with the Services. For example, when you return to the Services after logging in, cookies help the Services recognize who you are without having to log back in. For more information, see Section 4 (How We Use Information). The information collected through these technical methods on the child-directed portions of the Services are used only to support the internal operations of the Services. We do not allow third-party advertising networks to collect information submitted through the Services by Users.

Cookies

We use cookies, which are small text files placed on your device, to collect certain internet log information and visitor behavior information. More information about cookies is available at www.aboutcookies.org. We use cookies to recognize your device and to provide and improve our Services as described below. We use the following cookies:

Essential Cookies

These cookies are essential to provide you with services available through the Services and to enable you to use some of its features. For example, they allow you to log in to secure areas of our Services and help the content of the pages you request load quickly. Without these cookies, the services that you have asked for cannot be provided, and we only use these cookies to provide you with those services.

Functionality Cookies

These cookies allow us to remember choices you make when you use our Services, such as remembering your language preferences, remembering your login details, and remembering the changes you make to other parts of Services that you can customize. The purpose of these cookies is to provide you with a more personal experience and to avoid you having to reenter your preferences every time you visit our Services.

Analytics and Performance Cookies

These cookies are used to collect information about traffic to our Services and how Users use the Services. The information gathered does not identify any individual visitor. It includes the number of visitors to our Services, the pages they visited on our Services, what time of day they visited our Services, whether they have visited our Services before, and other similar information. We use this information to help operate our Services more efficiently, to gather broad demographic information and to monitor the level of activity on our Services.

If you do not want the Services to collect information through cookies, you can set your web browser to reject cookies from the Services. Each browser is different, so you should check your browser’s Help menu to learn how to change your cookie preferences. However, please note that if you reject or block cookies from the Services, the Services may not function as intended. For example, you will not be able to remain logged into the Services, and therefore, you would have to log in during each page transition.

Push Notifications and SMS. Additionally, if you downloaded the App on your mobile device to access the Services as part of your use of the Services, we may ask if you would like to receive push notifications, which may include alerts and notifications, badges, banners, and sounds on your mobile device. You may choose to stop receiving push notifications at any time by changing the settings on your mobile device. If you provide us with your mobile phone number, we may send you SMS text messages about your Account, and we may also ask if you would like to receive marketing SMS text messages. Please note that your carrier may charge you for the text messages you receive. To permanently stop receiving SMS text messages from us (if you are located in the U.S. or Canada) text STOP, CANCEL, or UNSUBSCRIBE in reply to any SMS text message sent by us.

4. How We Use Information

We will never monetize the Personal Information of any User of the Services by providing it to a third party in exchange for money, except as described in this policy in the context of a sale of the Company.

We and our third-party service providers may use the information collected from Users as follows:

A. Adult User Information 

Information collected from Adult Users may be used:

i. To permit you to use the Services

ii. To communicate with you regarding your Account and to provide you with related customer service

iii. To respond to your inquiries and to fulfill your requests, retrieve your password, or provide technical support

B. Child User Information 

Information collected from Child Users may be used:

i. To evaluate a Child User’s performance in activities and to adapt a Child User’s learning experience to the Child User’s learning needs

ii. To draw inferences from a Child User’s performance in activities to create an adaptive learning profile for the Child User reflecting, for example, the Child User’s aptitudes and abilities

iii. To analyze, to provide progress reports on or to provide an assessment of a Child User’s performance in activities, and to provide reports about that analysis to the Adult User(s) on the Account and inform recommendations for supporting activities Adult Users can do with their Child User(s)

C. Both Adult and Child User Information 

Information collected from both Adult and Child Users may be used:

i. To allow us to assess and improve the Services, its educational content, and other services we provide (for example, to improve our content and User experience); to research, evaluate, and improve the educational efficacy of the Services; and to inform our understanding of the Services’ User base

ii. To customize, adapt, and personalize Users’ viewing and content-consumption experience; for example, by measuring a Child User’s performance in activities and adapting the Child User’s experience to their learning needs

iii. To maintain and analyze the functioning of the Services

iv. As we believe to be necessary or appropriate: (a) under applicable law; (b) to comply with legal process; (c) to respond to requests from public and government authorities; (d) to detect violations of and enforce our terms and conditions; (e) to protect our operations or those of any of our affiliates, including the security of the Services; (f) to protect our rights, privacy, safety, or property, or that of our affiliates, you, or others; and (g) to allow us to pursue available remedies or limit the damages that we may sustain (collectively, (a)–(g) are Other Uses and Disclosures)

5. When We Disclose Information to Third Parties

Information collected from both Adult and Child Users will not be disclosed except for the following purposes, which include our operations purposes:

A. To third parties who perform certain services for us, such as conducting and evaluating research (for example, on the educational impact of the Services), provided that the service providers agree to keep the information confidential and to use it only for purposes that are permitted by this Privacy Policy

B. As we believe to be necessary or appropriate as set forth above in Other Uses and Disclosures and in other instances substantially similar to those listed in this Section

C. Where legally required and in certain other cases, we may make such disclosures without first providing notice to Users

D. Subject to confidentiality agreements, the terms of this Privacy Policy, and applicable law, information may be disclosed to service providers, advisers, potential transactional partners, or other third parties in connection with the consideration, negotiation, or completion of a corporate transaction in which we are acquired by or merged with another company, or we sell, liquidate, transfer, or license all or a portion of our assets in bankruptcy or otherwise. This means that if some or all our assets are acquired or otherwise transferred or licensed, including in bankruptcy, that such acquirer shall be subject to the same commitments stated under this Privacy Policy.

We do not disclose the Personal Information of Users to third parties for any marketing or promotional purposes.

We also may disclose de-identified and/or aggregated User information for any other purpose as permissible by applicable law—for example, the distribution of de-identified User records to outside researchers or the distribution of reports containing aggregate User demographic information—provided that no individual Adult User or Child User or any specific end-user device can be readily identified.

6. How to Access, Change, or Delete Account Information

If you are using the Services through an Account that is integrated with an Education Institution’s student information system (SIS), unless otherwise required by law, any request to access or make changes to or delete PI including Student Data must be made by the Educational Institution within the SIS. Once the changes are made within the SIS, the changes will automatically appear within the Account.

If you are using the Services through an Account and the Educational Institution is not integrating its SIS with the Services, unless otherwise required by law, any request to access, make changes to, or delete PI including Student Data must be made by the Educational Institution’s designated administrator for the Account. The administrators will be provided access to the Account User Profile pages to update, correct, or delete the information contained therein.

7. Account Cancellation and Reactivation; Data Deletion

Adult Users should contact their respective Educational Institution for any questions regarding Account cancellation and data deletion. Should an Adult User initially contact us, we will first inform the applicable Educational Institution prior to taking any requested action by the Adult User, and subject to applicable law, we will wait for the Educational Institution’s instructions. If an Educational Institutional terminates its agreement with us, we will delete, or if requested by the Educational Institution, we will transfer to the Educational Institution, all Student Data within 90 days (or a shorter time frame if required by applicable law or the terms of our agreement with the Educational Institution) following the termination of the agreement with the applicable Educational Institution. Upon Account cancellation, de-identified Adult and Child User information may nonetheless persist internally in our archive files or similar databases, and may still be used, on a de-identified basis, for our internal support, administrative, and record-keeping purposes including but not limited to allowing us to improve the Services and other services we provide through research, evaluation, and analytics as permissible by applicable law.

Please note that following a request to delete information or your Account under this Privacy Policy, information including PI may remain in backup or archive records, and we may retain certain data if required by law, relevant to preventing fraud or future abuse, or for legitimate business purposes, such as account recovery and customer support—all subject to our internal records retention periods. All retained data will continue to be subject to the Privacy Policy in effect at that time and applicable law.

8. California Privacy Rights

CCPA provides California residents with specific rights regarding their Personal Information. This section describes your CCPA rights and explains how to exercise those rights. In this section “you” or “your” refers to California residents. Under the CCPA, we are required to disclose the categories of sources from whom we collect Personal Information, and the third parties with whom we share it, which we have explained above. We are also required to communicate information about rights you have under California law, such as:

  1. Right to access Personal Information.You may be entitled to receive the specific pieces of your Personal Information we hold.
  2. Right to data portability.You may be entitled to receive a copy of your electronic Personal Information in a readily-usable format.
  3. Right to disclosure.You may be entitled to receive information regarding the categories of Personal Information we collected, the sources from which we collected Personal Information, the purposes for which we collected and shared Personal Information, the categories of Personal Information that we sold, the categories of third parties to whom the Personal Information was sold, and the categories of Personal Information that we disclosed for a business purpose in the 12 months preceding your request.
  4. Right to deletion.You may be entitled to request that we delete the Personal Information that we have collected from you. We will use commercially reasonable efforts to honor your request in compliance with applicable laws, including contacting your Educational Institution who may provide us with guidance on your request. Please note, however, that we may need or be required to keep such information for our legitimate business purposes or to comply with applicable law.

For details on exercising these rights, please see “Exercising Access, Disclosure, Data Portability, and Deletion Rights” below.

Information We Collect and Share

We collect information that identifies, relates to, describes, references, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household.

We have collected the following categories of Personal Information from or about consumers within the last 12 months:

Category

Examples

Collected

A. Identifiers

A real name, alias, unique personal identifier, online identifier, Internet Protocol address, email address, telephone number, Account name, or other similar identifiers

Adult

Child

Yes

Yes

B. Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e))

A name or a telephone number

Some Personal Information included in this category may overlap with other categories.

Yes

Yes

C. Protected classification characteristics under California or federal law

Sex (including gender)

Yes

Yes

D. Commercial information

Records of personal property; products or services, purchased, obtained, or considered; or other purchasing or consuming histories or tendencies

No

No

E. Biometric information

Genetic, physiological, behavioral, and biological characteristics or activity patterns used to extract a template or other identifier or identifying information—such as fingerprints, faceprints, voiceprints, iris or retina scans, keystroke, gait, or other physical patterns and sleep, health, or exercise data

No

No

F. Internet or other similar network activity

Browsing history; search history; or information on a consumer’s interaction with a website, application, or advertisement

Yes

Yes

G. Geolocation data

Physical location or movements

No

No

H. Sensory data

Audio, electronic, visual, thermal, olfactory, or similar information

No

No

I. Professional or employment-related information

Current or past job history or performance evaluations

No

No

J. Nonpublic education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99))

Education records directly related to a student, such as grades, class lists, student schedules, and student identification codes, maintained by an educational institution or party acting on its behalf

No

Yes

K. Inferences drawn from other Personal Information

Profile information reflecting a person’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes

No

Yes

Business and Commercial Purposes That We Use Personal Information for:  We may use or disclose the Personal Information we collect from each of the Categories of Personal Information listed above for one or more of the following purposes:
    1. To fulfill or meet the reason you provided the information;
    2. To provide, support, personalize, and develop our Services;
    3. To process your requests;
    4. To provide you with support and to respond to your inquiries, including to investigate and address your concerns and to monitor and improve our responses;
    5. To provide customer service;
    6. To understand how Users interact with our Services;
    7. To conduct research, testing, analysis, and development;
    8. To detect security incidents and prevent fraud;
    9. To debug and repair errors;
    10. To create, maintain, customize, and secure your Account with us;
    11. To respond to law enforcement requests and as required by applicable law, court order, or governmental regulations;
    12. As described to you when collecting your personal information or as otherwise set forth in the CCPA; and
    13. To evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which personal information held by us about our Users/consumers is among the assets transferred.
Categories of Personal Information We Share:  We may share your Personal Information by disclosing it to a third party for a business purpose described below. We only make these business purpose disclosures under written contracts that describe the purposes, require the recipient to keep the personal information confidential, and prohibit using the disclosed information for any purpose except performing the contract. We do not sell Personal Information, and in the preceding 12 months, we have not sold personal information. In the preceding 12 months, we have also disclosed the following categories of Personal Information for one or more business purposes:

Personal Information Category

Category of Third-Party Recipients

Business Purpose Disclosures of Adult and Child Personal Information

Sales

A: Identifiers

Affiliates, partners, parent/subsidiary organizations, service providers, advertising networks (only applies to Adult PI), and government entities

None

B: California Customer Records personal information categories

None

None

C: Protected classification characteristics under California or federal law

None

None

D: Commercial information

Affiliates, partners, parent/subsidiary organizations, service providers, advertising networks, and government entities

None

E: Biometric information

None

None

F: Internet or other similar network activity

Affiliates, partners, parent/subsidiary organizations, service providers, advertising networks, and government entities

None

G: Geolocation data

None

None

H: Sensory data

None

None

I: Professional or employment-related information

None

None

J: Non-public education information

None

None

K: Inferences drawn from other personal information

Affiliates, partners, parent/subsidiary organizations, service providers, advertising networks, and government entities

None

Our Retention of Personal Information

We retain Personal Information for as long as necessary to provide the services and fulfill the transactions you have requested, or for other business such purposes as complying with our legal obligations, resolving disputes, and enforcing our agreements. We decide how long we need personal information on a case-by-case basis. We may consider the following factors when making retention decisions:

    1. Whether we need to keep some of your Personal Information to maintain your Account;
    2. Whether we are required by law to keep some types of Personal Information for certain periods of time to comply with our legal obligations; and
    3. Whether we need some of your Personal Information for other business purposes, such as to prevent harm and ensure safety and security of our Sites; investigate possible violations of our terms and conditions of use; or protect ourselves.

If we determine your Personal Information is no longer necessary using the factors above, we will generally destroy or anonymize that Personal Information.

Exercising Access, Disclosure, Data Portability, and Deletion Rights

Please note that you may need to directly contact the relevant Educational Institution to exercise these rights. To exercise the access, disclosure, data portability, and deletion rights described above, please submit a verifiable consumer request to us by either contacting us as set forth in Section 13 (Contact Us) below or visiting the link below:

Privacy Portal

Only you or a person registered with the California Secretary of State that you authorize to act on your behalf may make a verifiable consumer request related to your Personal Information. You may also make a verifiable consumer request on behalf of your Child; however, that your Educational Institution may require you to contact them to make any request on behalf of your Child.

You may only make a verifiable consumer request for access or data portability twice within a 12-month period. The verifiable consumer request must:

    1. Provide sufficient information that allows us to reasonably verify you are the person about whom we collected Personal Information or an authorized representative
    2. Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it

We cannot respond to your request or provide you with Personal Information if we cannot verify your identity or authority to make the request and confirm the Personal Information relates to you. Making a verifiable consumer request does not require you to create an account with us. We will only use Personal Information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request.

Nondiscrimination

We fully support your privacy rights and will not discriminate against you for exercising any of your CCPA rights.

CCPA Metrics: www.ageoflearning.com/ccpa

9. Links to Other Services

In the future the Services may include links to external websites or applications. However, to protect children from accessing these external websites, an Adult User will be required to enter a valid password. Any third party websites and applications are governed by their own privacy policies or information collection practices, which may be substantially different from ours. We encourage you to review the privacy policies and information collection practices of any external websites and apps as those parties’ practices would not be subject to this policy.

10. Location of Information Processing

The Services are controlled and operated by us from the United States. Your information may be stored and processed in any country where we have facilities or in which we engage service providers, including the United States, which may have data protection laws that are different from those of your country. In addition, your information may be subject to access requests from governments, courts, or law enforcement officials in countries where it may be processed under the laws of those countries.

11. Security

The security of your Personal Information is important to us, and we employ physical, technical, and administrative security measures designed to safeguard the information collected by the Services. We use industry standard SSL (secure socket layer technology) encryption to transfer Personal Information. Other security safeguards include but are not limited to data encryption, firewalls, and physical access controls to buildings and files.

Adult Users create a password to access the Service after being invited to do so based upon data received from Educational Institutions. Accounts cannot be created without a specific invitation from an Educational Institution. You can help protect against unauthorized access to the Account you use and PI by selecting and protecting your password appropriately and limiting access to your computer and browser by signing off after you have finished accessing the Services. At registration, we assign a Member ID to each Account and use those Member IDs to authenticate logins, allow access to the subscription content, and monitor compliance. The Member ID is also used to authenticate Users when requesting technical support. Access to PI is limited (through User/password credentials and two-factor authentication) to those employees who require it to perform their job functions. Details of this process may change depending on how any given Educational Institution operates its network or integrates with the Service (for example, some Educational Institutions will use Single Sign-On solutions, while others will use separate account credentials).

We are committed to maintaining the security and confidentiality of your information as well as your children’s information, including but not limited to any Student Data, which we receive through Accounts. Some of the precautions we take include (a) limiting employee access to your PI and your children’s PI to only those employees with a need to such access to fulfill their job responsibilities; (b) conducting background checks on our employees and, specifically, upon all employees who may have access to Student Data; (c) requiring employees to sign confidentiality agreements upon hiring; (d) conducting regular employee privacy and data security training and education; and (e) protecting PI with commercially reasonable technical, contractual, administrative, and physical security safeguards.

Please be aware, however, that no information system can be guaranteed to be 100 percent secure, so we cannot guarantee the absolute security of your information. Moreover, we are not responsible for the security of information you transmit to the Services over networks that we do not control, including the internet and wireless networks. If you have reason to believe that your interaction with us is not secure, please contact us as described in Section 13 (Contact Us) below.

12. Changes to Our Privacy Policy

We constantly try to provide the best services, and accordingly our Privacy Policy will change from time to time. If we update any provision of this Privacy Policy that materially expands the ways in which we use or share the information previously collected from you through the Services, we will notify you by posting the revised Privacy Policy on the Services and display a prominent pop-up notice on the Services with a statement that by continuing to use the Services, you are consenting to the revised Privacy Policy. Any modifications to this Privacy Policy will only apply to you and your Child User in accordance with our agreement with your Educational Institution.

13. Contact Us

Age of Learning, Inc., is in the United States of America and is the operator of the Services. Questions regarding this Privacy Policy and issues related to your information or a Child User’s information for which you are responsible should be directed to us via any of the following methods:

Mailing address:
Age of Learning, Inc.
Attention: Legal Department
P.O. Box 230
Glendale, CA 91209
USA
Telephone Number: 800.633.3331

Email address: privacy@aofl.com