ⓘ Effective date: December 15, 2023
Learneo takes privacy seriously. This privacy policy describes the personal data that Learneo collects when you use a
Learneo Service, the purposes for which your personal data is used, and your choices regarding its use.
When we say "'Learneo", "we", and "us," we mean Learneo, Inc. on behalf of itself and its affiliates.
When we say "a Learneo Service", "Service", or "the Services" we mean any of the following services operated by a
Learneo business:
Any capitalized terms not defined herein shall have the meaning assigned to them in each applicable set of Services
terms.
How to Read this Privacy Policy
This privacy policy consists of two parts:
-
Part One
sets out the privacy practices that apply across the Services.
-
Part Two
sets out the privacy practices specific to a Learneo business and one or more of its Services indicated in that section,
including:
-
Personal data collected and processed
-
Additional data security measures
-
Data retention practices
-
Account and personal data deletion; and
-
The Cookie policy applicable to each Service.
This policy does not cover the practices of other services Learneo may own but are not discussed in this privacy policy
and listed above, other companies we don't own or control, or people we don't manage.
If you have a disability, you may access this policy in an alternative format by contacting us at
[email protected].
PART ONE: LEARNEO PRIVACY PRACTICES
Data Controller
Learneo, Inc.
When you sign up and use a Learneo Service, Learneo, Inc. is the data controller of your personal data for
the purposes of delivering those Services to you
(as that term is defined in each applicable set of terms) and as otherwise permitted in this privacy policy.
For general privacy inquiries you may contact us at:
Learneo, Inc.
Attn: Privacy Compliance
2000 Seaport Blvd, Floor 3
Redwood City, CA
94063 USA 866-634-9397
[email protected]
EEA and UK residents may contact our EU and UK based representative regarding all requests
related to data protection and privacy:
[email protected].
Contact Information for Specific Learneo Services
For privacy inquiries regarding a specific Learneo business or Service, please contact us as at:
Course Hero and related services
LitCharts
Symbolab
QuillBot
Scribbr
Children's Privacy
We do not knowingly collect or solicit personal data about children under
13 years of age; if you are a child under the age of 13, please do not attempt to register for or otherwise use the
Services or send us any personal data. If we learn we have collected personal data from a child under 13 years of
age, we will delete that information as quickly as possible. If you believe that a child under 13 years of age may
have provided personal data to us, please contact us to provide that information (see the
contact information above).
If you are under the age of 16 and a resident of the EEA or United Kingdom, or under 18 and are a resident of Israel,
please have your parent or guardian contact us to provide consent for processing your personal data before you
attempt to register for or otherwise use the Services or send us any personal data (see the
contact information above).
For LitCharts and CliffsNotes only, the following applies:
If you are under the age of 16 (or under the age of 18 and a resident of Israel), please do not attempt to register
for or otherwise use the LitCharts or CliffsNotes Services, or send any personal data using the Services. If we
learn that personal data from a child under the age of 16 (or under 18 in Israel) has been provided, we will delete
that information as quickly as possible. If you believe that a child under 16 (or under 18 in Israel) may have
provided personal data on LitCharts or CliffsNotes, please notify us directly (see the
contact information above).
Personal Data We Collect
When you use our Services
Our Services collect different personal data when you sign up
and use them. For details on the personal data that we collect and the categories of third parties with whom
your personal data is shared when you use each Service, please read the relevant Part Two section for that
Service.
When you submit a DMCA takedown request
When you submit a takedown request utilizing a Digital
Millennium Copyright Act (DMCA)-compliant takedown request form for one of the Services, we will collect your
contact information (including your first and last name, address, phone number, and email address) so that we
can remain in contact with you during the process and ensure that your claim is sufficiently addressed. This
information will be used to process your request and keep a record of your complaint. If we receive a valid
counter-notice, your complaint (which includes your contact information) will be forwarded to the uploader.
We will not collect additional categories of personal data or use the personal data we collected for materially
different, unrelated or incompatible purposes without providing you notice.
Information That is Not Personal Data
We may create aggregated, de-identified or anonymized data from the personal data we collect, including by removing
information that makes the data personally identifiable to a particular user. We may use such aggregated,
de-identified or anonymized data and share it within Learneo and with third parties for our lawful business
purposes, including to analyze, build and improve the Services and promote our business, provided that we will not
share such data in a manner that could identify you.
How We Use Your Personal Data
When you use any of our Services, we use the personal data we collect for the following purposes:
-
Providing and customizing the Services you use and request
-
Providing users with the products, Services or information they request, including when you use any one of our Services or any of our combined or integrated Services that you choose to use.
-
Operating and securing the Learneo businesses and our Services, including utilizing shared IT and Security systems, technology and infrastructure.
-
Creating and managing user accounts or user profiles for the Services, including enabling us to allow users to sign up for, and sign in and receive one or more Learneo Services at one time.
-
Providing support and assistance for the Services, including responding to customer support inquiries and responding to data subject rights requests under applicable law.
-
Customizing or personalizing the Services, website content and communications based on users' preferences.
-
To distribute and display your content, which may include your username, across one or more of our Services. "Your content", for purposes of this paragraph, refers only to user generated content you post on our Services. For example, if you post a question or answer on coursehero.com, it may be distributed and displayed on another Learneo Service, and may include your coursehero.com username.
-
Conducting fraud protection activities, implementing security and debugging.
-
Carrying out other business purposes stated when collecting users' personal data or as otherwise set forth in applicable data privacy laws, such as the California Consumer Privacy Act and General Data Protection Regulation.
-
Processing orders or other transactions; billing.
-
Measuring performance and improving the Services
-
Measuring our progress towards corporate goals and key performance indicators, including gathering commercial data related to our subscription Services.
-
Improving the Services, including by:
-
When you use our Services powered by AI, using user inputs to help improve our models.
-
Learning how you use and interact with our Services, by testing, research and development, and gathering commercial data and internal analytics on your use of a Service, or those unique users that subscribe to all or more than one of our Services, and gathering internal analytics on how you engage with one Service when integrated on another Service (for example, your use of a Symbolab feature integrated within coursehero.com).
-
Marketing the Services
-
Marketing and selling the Services, including to co-market, co-promote or cross-sell the Learneo Services (with your consent or otherwise in accordance with applicable law).
-
Showing you advertisements, including interest-based or online behavioral advertising.
-
Communicating with you
-
Responding to correspondence that we receive from you, contacting you when necessary or requested, and sending you information about the Services.
-
Sending emails and other communications according to your preferences or that display content that we think will interest you, as permitted by applicable law.
-
Meeting legal requirements and enforcing legal terms
-
Fulfilling our legal obligations under applicable law, regulation, court order or other legal process (e.g., subpoenas or warrants), such as preventing, detecting and investigating security incidents and potentially illegal or prohibited activities.
-
Protecting the rights, property or safety of you, Learneo, or another party, including conducting fraud protection, security and debugging.
-
Enforcing any agreements with you, including the applicable Terms of Use or Terms of Service for the relevant Service.
For UK and EEA residents, please see
Additional Terms For European Economic Area And UK Residents
for our lawful basis for processing your personal data for the purposes described above.
Learneo and our third-party providers collect information
in the Services through tracking technologies, including but not limited to, cookies (small pieces of
information or text files that a website sends to your computer for record-keeping purposes and is stored in a
file on your computer's hard drive), web beacons (also known as "tracking pixels"), embedded
scripts, location-identifying technologies, fingerprinting, device recognition technologies, in-app tracking
methods and other tracking technologies now and hereafter developed ("Tracking Technologies").
Further details about the Tracking Technologies we use (including the purpose for using them),
interest-based advertising, your choices and how to manage cookies and do-not-track signals are below, and can
also be found in each Service's respective Cookie Policy, linked in each Service's
Part Two
section of this Privacy Policy
Advertising
We may serve ads on our Services or on external services
and engage and work with Service Providers and other third parties to serve advertisements on the Services
and/or on Third-Party Services. Some of these ads may be tailored to your interests based on your browsing,
across time, of the Services and elsewhere on the Internet, which may include use of data from cross-device
usage, sometimes referred to as "interest-based advertising" and "online behavioral
advertising" ("Interest-based Advertising"), which may include sending you an ad on a
third-party service after you have left the Services (i.e., "retargeting"). Our advertisers'
and ad networks' use of Tracking Technologies are governed by their own privacy policies
Your Cookies and Tracking Technologies Choices
We may use Tracking Technologies to collect information
about interactions with the Services, including information about your browsing and purchasing behavior.
Tracking Technologies make Web-surfing and browsing easier for you by saving your preferences so that we can use
the saved information to facilitate and improve your use of the Services.
-
Regular cookies may generally be disabled or
removed by tools available as part of most commercial browsers, and in some instances blocked in the
future by selecting certain settings. Browsers offer different functionalities and options so you may
need to set them separately. Also, tools from commercial browsers may not be effective with regard to
some Tracking Technologies, such as HTML5 cookies. Please be aware that if you disable or remove these
technologies, some parts of the Services may not work and that when you revisit the Services your
ability to limit browser-based Tracking Technologies is subject to your browser settings and
limitations.
-
Some App-related Tracking Technologies in
connection with non-browser usage (e.g., most functionality of a mobile app) can only be disabled by
uninstalling the app. To uninstall an app, follow the instructions from your operating system or handset
manufacturer. Apple and Google mobile device settings have settings to limit ad tracking, and other
tracking, but these may not be completely effective.
-
Your browser settings may allow you to
automatically transmit a "Do Not Track" signal to online services you visit. Note, however,
there is no consensus among industry participants as to what "Do Not Track" means in this
context. Like many online services, we currently do not alter our practices when we receive a "Do
Not Track" signal from a visitor's browser. To find out more about "Do Not
Track," you can visit http://www.allaboutdnt.com, but we
are not responsible for the completeness or accuracy of this third-party information. You have the right
to request information from us about the Services that currently do not respond to "do not
track" mechanisms featured in any Internet browser by contacting us according to the "How to
Contact Us" section below.
-
Many advertisers and service providers that
perform advertising-related services for us and third parties participate in voluntary programs that
provide tools to opt-out of such interest-based advertising such as the Digital Advertising
Alliance's ("DAA") Self-Regulatory Program for Online Behavioral Advertising. To learn
more about how you can exercise certain choices regarding interest-based advertising for DAA members,
visit
https://youradchoices.com/,
and http://www.aboutads.info/appchoices
for information on the DAA's opt-out program for mobile apps. Some
of these companies also are members of the Network Advertising Initiative ("NAI"). To learn
more about the NAI and your opt-out options for their members, see
http://www.networkadvertising.org/choices/
. You can also go to https://help.adroll.com/hc/en-us/requests/new
to adjust your advertising preferences with our service provider,
NextRoll, Inc. (which used to be called AdRoll), or here to opt out of the use of your data by one of
our other service providers, LiveRamp.
-
Please be aware that, even if you are able to opt
out of certain kinds of Interest-based Advertising, you may continue to receive other types of ads.
Opting out only means that those selected, participating members should no longer deliver certain
interest-based advertising to you but does not mean you will no longer receive any targeted content
and/or ads (e.g., from other ad networks). Also, if your browsers are configured to reject cookies when
you visit these opt-out webpages, or you subsequently erase your cookies, use a different device or web
browser or use a non-browser-based method of access (e.g., mobile app), your browser-based opt-out may
not, or may no longer, be effective.
-
We support the ad industry's 2009
Self-regulatory Principles for Online Behavioral Advertising (
https://www.iab.com/wp-content/uploads/2015/05/ven-principles-07-01-09.pdf
) and expect that ad networks that we directly engage to serve you
interest-based advertising will do so as well, though we cannot guarantee their compliance. We are not
responsible for the effectiveness of, or compliance with, any third-parties' opt-out options or
programs or the accuracy of their statements regarding their programs.
-
In addition, we may serve ads on third-party
services that are targeted to reach people on those services that are also identified on one or more of
our databases ("Matched List Ads"). This is done by using Tracking Technologies, or by
matching common factors between our databases and the databases of the third-party services. We are not
responsible for these third-party services, including without limitation their security of the data. We
are not responsible for such third parties' failure to comply with your or our opt-out
instructions as they may not give us notice of opt-outs to our ads that you give to them, and they may
change their options without notice to us or you. For more information, please see the selling and
sharing sections of the applicable State-Specific Rights section.
-
If you are located in the EEA, UK or Canada, you
can manage your Cookies consent choices using our consent management platform provided by our service
provider OneTrust. If you do not wish to accept non-Essential Cookies in connection with your use of the
Services or wish to withdraw your consent, you can opt out by selecting "Customize" and
changing you by clicking on Cookies Preferences
On certain pages of certain Services websites operated by Learneo, we use session
replay tools provided by third party service providers, including Fullstory, Inc., Amplitude Inc., and
Microsoft. Session replay tools are a necessary tool for Learneo to provide our Services. These tools
allow Learneo to understand user activity and content performance to help deliver and optimize our Services,
find and fix performance issues, and continuously improve our user's experience. Depending on how
you use our Services, our session replay tools may automatically collect the following information:
-
Device-dependent data collected by your computer and web browser:
-
IP address
-
E-mail address including your first and last name, insofar as you have provided it to us via our Services
-
Screen size of your terminal
-
Device type and browser information
-
Geographical data (country only)
-
Language for displaying our website
-
User interactions
-
Mouse commands (movement, position and clicks)
-
Date and time of access
-
Keystrokes (not for sensitive fields like your texts to be checked or credit card information)
Our session replay tools service providers use this
information to evaluate your use of our Services, to compile reports on usage and to provide other services in
connection with the evaluation of our website. They also use third-party services (e.g. Google) to provide
these services, who may store or otherwise process information that your browser transmits when you visit our
Website (including, under certain circumstances, your IP address).
For more information about the session replay tools we use, see:
How We Share Your Personal Data
Sharing with Third-Parties
We share your personal data with the following categories of third-parties and for the following purposes:
-
With Service Providers that help us operate our
Services. These third parties help us provide the Services or perform business functions on our behalf.
They include:
-
Hosting, technology and communication providers
-
Security and fraud prevention consultants
-
Analytics providers that provide analytics on web traffic or usage of our Services (e.g. tools that track user clicks or how visitors found our Services)
-
Support and customer service vendors
-
Payment processors, including those listed
in the applicable Part Two section for each Service. They collect your payment information
necessary to process your payment and share limited payment information with us necessary to
operate our Services
-
Marketing services providers
-
Identification verification service providers
-
With Advertising Service Providers and Partners to
Show You Ads. These third parties help us market our services and provide you with other offers that may
be of interest to you. They include:
-
Ad networks (including social media ad networks)
-
With Parties You Authorize, Access or Authenticate When Using Our Services
-
Third-party log-in services
-
Third-party services you choose to integrate with through the Services.
-
To Fulfill our Legal Obligations. Third parties
that carry out the activities set forth under Meeting Legal Requirements and Enforcing Legal Terms in
the How We Use Your Personal Data section above.
-
Business Transfers. If we undergo a merger,
acquisition, bankruptcy or other transaction in which a third party assumes control of our business (in
whole or in part), your personal data may be transferred to that third party. Should one of these events
occur, we will make reasonable efforts to notify you before your information becomes subject to
different privacy and security policies and practices.
Details of the categories of personal data and the third
parties with whom we share your personal data that we have collected over the past 12 months may be found in the
relevant Part Two section for each Service below.
Sharing With Government Authorities and Law Enforcement
When you use our Services, we may access and share the personal information described
in the applicable Part Two section with regulators, law enforcement, or other government agencies as required by
applicable law or if we have a good-faith belief that we must do so to comply with court orders or government
requests supported with legal process. We may also do so for the purposes of detecting, investigating and
preventing fraud or illegal activity on our Services, and to protect the rights and safety of our users. For
information on the categories of information that may be shared for the purposes and the legal bases for doing
so, see the
Additional Terms For European Economic Area And UK Residents
section in this Policy.
Marketing Communications
When you register an account or
subscribe to a Service, you will receive marketing communications related to that Learneo's services as
well as transactional and account-related communications, as permitted by applicable law. We will collect
your email address as well as other information you provide on a voluntary basis to help tailor communications
to you. In any marketing communication from Learneo, you can unsubscribe at any time by clicking the
"unsubscribe" link included at the bottom of each email. You may also opt-out of receiving marketing
communications at any time either through your account settings or by contacting us (see
Contact Us
section above). Please note that you will continue to receive transactional or account-related communications.
Data Security
We take commercially reasonable steps to protect your
personal data from unauthorized access, use and disclosure using appropriate physical, technical, organizational
and administrative security measures based on the type of personal data and how we are processing that
data.
Examples of data security measures we implement include
regular security vulnerability scanning of our Services in order to make your visit to or use of our Services as
safe as possible; maintaining personal data behind secured networks that are only accessible by a limited
number of persons with special access rights to such systems and who are under obligation to keep the
information confidential; and implementing a variety of security measures when a user enters, submits, or
accesses their information to maintain the safety of your personal data.
You should also help protect your data by appropriately
selecting and protecting your password and/or other sign-on mechanism; limiting access to your computer or
device and browser; and signing off after you have finished accessing your account. Although we work to protect
the security of your account and other data that we hold in our records, please be aware that no method of
transmitting data over the internet or storing data is completely secure.
Data Retention
We will retain your personal data as described in the applicable
Part Two
section for the relevant Service you are using.
Changes To This Privacy Policy
We are constantly working to grow our business and improve
our Services, offer new Services and features to you, and keep up with applicable laws. For these reasons
we may need to change this privacy policy from time to time. When we make material changes, we will
provide you with a reasonable form of online notice of the updated policy.
Additional Terms For Canadian Residents
If you reside in Canada, the following additional terms
apply. If there are any conflicts between this section and any other provision of this policy, the provision
that is more protective of personal data will apply.
Transfers of Personal Data Outside Canada
We may share your personal data amongst Learneo, with
third party service-providers and other third parties that require such information to assist us in providing
Services to you. In the course of providing these Services, your personal data may be accessed, collected,
stored and processed in the U.S. or other foreign jurisdictions by Learneo or its third party service providers.
Learneo and third-party service providers may disclose your personal data in response to a search warrant or
other legally valid inquiry or order or as otherwise required or permitted by Canadian, US, or other law (which
may include disclosure to US and foreign courts, law enforcement or governmental authorities). In the case of a
transfer of personal data to Learneo or third-party service providers that process or store personal data on
behalf of Learneo, Learneo and/or third party recipient will have agreed to safeguard personal data and
use the information only for the purpose(s) for which it has been provided.
Canadian Resident Rights
Subject to applicable law, you have the right to access,
update and correct inaccuracies in your personal data in our custody or control. You can request this by email
or by writing to us at the contact information set out in the
Contact Us
section below. We may request certain personal data for the purpose of verifying
the identity of the individual seeking access to his or her personal data records.
Additional Terms For California Residents
This section provides information in accordance with the
California Consumer Privacy Act ("CCPA"), as amended by the California Privacy Rights Act for
California residents about how Learneo handles certain personal data collected over the past 12 months. If you
are a California resident, you have the rights set forth in this section. For how to exercise these rights, see
the
Exercising Your CCPA Rights
section. If there are any conflicts between this section and any other provision
of this policy, the portion that is more protective of your personal data will apply.
California Resident Rights under the CCPA
-
Access/Right to Know.
You have the right to request certain information about our collection and
use of your personal data over the past 12 months, including:
-
The categories of personal data that we have collected about you.
-
The categories of sources from which that personal data was collected.
-
The business or commercial purpose for collecting or selling your personal data.
-
The categories of third parties with whom we have shared your personal data.
-
The specific pieces of personal data that we have collected about you.
-
Right to Correct. You have the right to correct
inaccuracies in your personal data, depending on the type of personal data and our purposes for
processing it.
-
Deletion.
You have the right to request that we delete the personal data that we have
collected about you. Under the CCPA, this right is subject to certain exceptions: for example, we may
need to retain your personal data to provide you with the Services or complete a transaction or other
action you have requested. Please see the
Data Retention
section on our purposes for retaining limited personal data.
-
Right to Opt-Out of Certain Activities.
In some circumstances, you have the right
to opt out of the sale of your personal data or the sharing of your personal data specifically for
cross-contextual behavioral advertising purposes.
Exercising Your CCPA Rights.
To exercise the rights described above, you or your Authorized Agent (defined
below) must send us a request that (1) provides sufficient information to allow us to verify that you are the
person about whom we have collected personal data, and (2) describes your request in sufficient detail to allow
us to understand, evaluate and respond to it. Each request that meets both criteria will be considered a
"Valid Request
." We may deny requests that do not meet these criteria as permitted by applicable
data privacy laws. You may appeal any denial by contacting us using the relevant contact information provided in
Part One. . We will only use personal data provided in a Valid Request to verify your identity and complete your
request. You do not need an account to submit a Valid Request. We will not charge you a fee for making a Valid
Request unless your Valid Request(s) is excessive, repetitive or manifestly unfounded. If we determine that your
Valid Request warrants a fee, we will notify you of the fee and explain that decision before completing your
request. Please see the
Contact Us
section for where to submit a Valid Request.
Authorized Agent.
You may authorize an agent (an "Authorized Agent") to exercise
your rights on your behalf. To do this, you must provide your Authorized Agent with written permission to
exercise your rights on your behalf, and we may request a copy of this written permission from your Authorized
Agent when they make a request on your behalf.
Non-Discrimination.
We will not discriminate against you for exercising your rights under the CCPA. We
will not deny you our goods or services, charge you different prices or rates, or provide you a lower quality of
goods and services if you exercise your rights. However, we may offer different tiers of our Services as allowed
by applicable data privacy laws (including the CCPA) with varying prices, rates or levels of quality of the
goods or services you receive related to the value of personal data that we receive from you.
Categories of Third Parties We Have Shared Your Personal Data With
For the categories of third parties with whom a Learneo
shares the personal data it collects and has collected about you over the past 12 months, please see the
relevant
Part Two
section for the Service you are using.
Your Rights under California's Shine-the-Light Law
Under California Civil Code Sections 1798.83-1798.84,
California residents are entitled to contact us to prevent disclosure of personal data to third parties for such
third parties' direct marketing purposes. To submit such a request, please see the
Contact Us
section and specify "California Shine the Light Request" in the
subject line.
Additional Terms For Residents of other US States
This section provides information in accordance with US
States other than California that may now or in the future have enacted state data privacy laws, including but
not limited to the Colorado Privacy Act , the Connecticut Data Privacy Act , the Delaware Personal Data Privacy
Act, the Montana Consumer Data Privacy Act, the Indiana Consumer Data Protection Act, the Iowa Consumer Data
Protection Act, the Oregon Consumer Privacy Act, the Tennessee Information Protection Act, the Texas Data
Privacy and Security Act, the Utah Consumer Privacy Act, and the Virginia Consumer Data Privacy Act. For
residents of these US States, this section provides information about how Learneo handles certain personal data
that we have collected about you. If you are a resident of one of these US States, you have the rights set forth
in this section. For how to exercise these rights, see the Exercising Your US State Privacy Rights section. If
there are any conflicts between this section and any other provision of this policy, the portion that is more
protective of your personal data will apply.
Rights under Effective US State Laws
-
Right to Know/Access/Portability.You have the right to
confirm whether or not we are processing your personal data and to access such personal data. You may
request for this information to be provided to you in a readily usable format, to the extent it is
technically feasible.
-
Right to Correct. Residents in certain states have
the right to correct inaccuracies in their personal data, depending on the type of personal data and our
purposes for processing it.
-
Right to Delete.
You have the right to request that we delete the personal data that we have
collected about you.
-
Right to Opt-Out of Certain Activities. In some circumstances, you have the right
to opt out from (i) the sale of your personal data, (ii) the processing of your personal data for
purposes of targeted advertising, (iii) the processing of your personal data for profiling in
furtherance of decisions that produce legal or similarly significant effects concerning you. However,
please note that we do not sell and have not sold your personal data. Additionally, Learneo does
not process and has never processed your personal data for the purposes described in (ii) and (iii)
above.
Exercising Your US State Privacy Rights. To exercise the rights described above, you or your
Authorized Agent must send us a request that (1) provides sufficient information to allow us to verify that you
are the person about whom we have collected personal data, and (2) describes your request in sufficient detail
to allow us to understand, evaluate and respond to it. Each request that meets both criteria will be considered
a "Valid Request
." We may deny requests that do not meet these criteria. You may appeal any denial
by contacting the Learneo company relevant to your request; you can find the contact details for the relevant
company in
Part Two
below. We will only use personal data provided in a Valid Request to verify your identity and complete your
request. You do not need an account to submit a Valid Request. We will not charge you a fee for making a Valid
Request unless your Valid Request(s) is excessive, repetitive or manifestly unfounded. If we determine that your
Valid Request warrants a fee, we will notify you of the fee and explain that decision before completing your
request. Please see the
Contact Us
section for where to submit a Valid Request.
Non-Discrimination.
We will not discriminate against you for exercising your rights under applicable US
State privacy laws. We will not deny you our goods or services, charge you different prices or rates, or provide
you a lower quality of goods and services if you exercise your rights. However, we may offer different tiers of
our Services as allowed by applicable data privacy laws with varying prices, rates or levels of quality of
the goods or services you receive related to the value of personal data that we receive from you.
Additional State Law Privacy Rights
Nevada Resident Rights
If you are a resident of Nevada, you have the right to
opt-out of the sale of certain personal data to third parties who intend to license or sell that personal data.
Please note that we do not currently sell your personal data as sales are defined in Nevada Revised Statutes
Chapter 603A.
Complaints
If you have an unresolved privacy concern that we have not
addressed satisfactorily, you may appeal any decision to us by contacting the Learneo company relevant to your
request; you can find the contact details for the relevant company in
Part Two
below. Otherwise,
please refer to your state's process for filing a complaint with the appropriate agency.
Truste Website
Under certain conditions, you may also be entitled to invoke binding arbitration for complaints not resolved by other
means.
If you are a European Economic Area or UK resident, please
see the
Additional Terms For European Economic Area And UK Residents
section for where to lodge a complaint.
Additional Terms For European Economic Area And UK Residents
If you reside in the European Union, Lichtenstein, Norway
or Iceland (collectively, the European Economic Area or "EEA") or the United Kingdom, the
following terms apply. If there are any conflicts between this section and any other provision of this policy,
the provision that is more protective of personal data will apply.
Legal Basis for Use of Your Personal Data
The personal data processed by Learneo, as described in Parts One and Two, are processed under the following legal basis:
-
Contractual Necessity:
Learneo processes the following categories of personal data as a matter
of contractual necessity, meaning that we need to process the data to perform under our product specific
Terms of Use or Terms of Service with you, which enables us to provide you with the
Service:
-
Profile or Contact Data
-
Payment Data
-
Commercial Data
-
Online Identifiers
-
Device/IP Data
-
Web Analytics
-
Third-Party Login Service Data
-
Demographic Data
-
Geolocation Data
-
Other Identifying Information that You Voluntarily Choose to Provide
This includes for the purposes of:
-
Providing users with the products, services or information they request.
-
Providing customer support and assistance for the Services.
-
Personalizing the Services, website content and communications based on users preferences.
-
Creating and managing user accounts or user profiles.
-
Distributing and displaying your content, which may include your username, across one or more of our Services.
-
Enabling users to sign up for and sign in to multiple Services at one time.
-
Processing orders or other transactions; billing.
-
Responding to correspondence that we receive from
you, contacting you when necessary or requested, and sending you information about Learneo or the
Services when requested or as permitted by applicable law.
-
Enforcing any agreements with you, including our Terms of Use or Terms of Service.
When we process personal data due to contractual
necessity, failure to provide such personal data will result in your inability to use some or all portions of
the Services that require such information.
Legitimate Interest: Learneo processes personal data when it furthers its legitimate interests. This includes:
Purposes for Processing
|
Legitimate Interest Relied On
|
Personal Data Categories
|
Learning how you use and interact with one or more of our Services for the purposes of improving the Services, including
testing, research, internal analytics and product development (when such processing is not performed with cookies or
otherwise in a manner requiring consent).
|
In our interest to understand how our customers use our Services and to improve and develop our products and Services.
|
Profile or Contact Data,
Commercial Data,
Online Identifiers,
Device/IP Data,
Web Analytics,
Demographic Data,
Geolocation Data
|
To measure our progress towards corporate goals and key performance indicators, including gathering commercial data
related to our subscription Services (when such processing is not performed with cookies or otherwise in a manner
requiring consent).
|
In our interest to understand how our customers use our Services and to improve and develop our products and
Services.
|
Profile or Contact Data
Commercial Data
Online Identifiers
Device/IP Data
Demographic Data
Geolocation Data
|
Marketing and selling the Services, including co-market, co-promote and cross sell Learneo Services (when such
processing is not performed with cookies or otherwise in a manner requiring consent).
|
In our interest to market, advertise and promote our products and Services to users.
|
Profile or Contact Data,
Demographic Data,
Geolocation Data
|
Sending transactional emails and other product communications to you as our customer according to your communications
preferences.
|
In our interest to improve our products and Services for our users, including to personalize the Service for users.
|
Profile or Contact Data
|
Preventing, detecting and investigating security incidents and potentially illegal or prohibited activities.
|
In our interest, and the interests of our users, to ensure the safety and security of our Services.
|
Profile or Contact Data
Payment Data
Commercial Data
Online Identifiers
Device/IP Data
Web Analytics
Third-Party Login Service Data
Demographic Data
Geolocation Data
Other Identifying Information that You Voluntarily Choose to Provide
|
Protecting the rights, property or safety of you, Learneo, or another party.
|
In our interest to protect our rights and property, and the safety of our staff. It is also in our interest, and the
interest of our users, to protect the rights, property and safety of our users.
|
Profile or Contact Data,
Payment Data,
Commercial Data,
Online Identifiers,
Device/IP Data,
Web Analytics,
Third-Party Login Service Data,
Demographic Data,
Geolocation Data,
Other Identifying Information that You Voluntarily Choose to Provide
|
Detecting and preventing fraud, security, and debugging
|
In our interest, and the interests of our users, to ensure the integrity of our services and to detect and prevent
fraudulent activity.
|
Profile or Contact Data,
Payment Data,
Commercial Data,
Online Identifiers,
Device/IP Data,
Web Analytics,
Third-Party Login Service Data,
Demographic Data,
Geolocation Data,
Other Identifying Information that You Voluntarily Choose to Provide
|
Completion of corporate transactions.
|
In our interest to operate and manage our business in the event of a proposed or actual business sale.
|
Profile or Contact Data,
Payment Data,
Commercial Data,
Online Identifiers,
Device/IP Data,
Web Analytics,
Third-Party Login Service Data,
Demographic Data,
Geolocation Data,
Other Identifying Information that You Voluntarily Choose to Provide
|
-
Consent: In some cases, Learneo processes personal data based on the consent you expressly grant to it at the time it
collects such data (which you may withdraw at any time after giving it, as described in this policy). This includes:
-
Processing your personal data to send you marketing communications where you have consented to such use.
-
Collecting your personal data through the use of advertising or tracking cookies based on your prior consent and use
your personal data for showing you advertisements, including interest-based or online behavioral advertising.
-
Collecting your personal data (including sensitive personal data) for identification verification purposes as described
in this privacy policy.
-
Learning how you use and interact with one or more of our Services for the purposes of improving the Services, including
testing, research, internal analytics and product development (when such processing is performed with cookies or
otherwise in a manner requiring consent).
-
To measure our progress towards corporate goals and key performance indicators, including gathering commercial data
related to our subscription Services (when such processing is performed with cookies or otherwise in a manner requiring
consent).
In some cases Learneo processes personal data based on the implied consent you grant to us at the time we collect your
personal data, as permitted by applicable law.
This includes:
-
Sending you email communications to Market and sell the Services, including to co-market, co-promote and cross sell
Learneo Services.
When we process personal data based on your consent, it will be expressly indicated to you at the point and time of
collection. You have the right to withdraw your consent at any time. We refer to the EEA and UK Resident Rights section
below for further information.
-
Legal Obligation: Learneo processes your personal data where necessary to fulfill its legal obligations under applicable
law, regulation, court order or other legal processing (e.g. subpoenas or warrants). This includes for the purposes of:
-
Fraud protection, security and debugging.
-
Responding to data subject requests under applicable privacy laws.
-
Preventing, detecting and investigating security incidents and potentially illegal or prohibited activities.
-
Data retention and administration obligations.
-
Complying with requests of competent supervisory authorities and legal agencies.
-
Other Processing Grounds: From time to time, Learneo may also need to process personal data if it is necessary to
protect the vital interests of you or others, or if it is necessary for a task carried out in the public interest.
EEA and UK Resident Rights
-
Access: You have the right to confirmation as to whether or not we process personal data concerning you, and request
access to and/or a copy of the personal data we hold about you.
-
Rectification: If you believe that any personal data we hold about you is incorrect or incomplete, you can request that
we correct or supplement such data. You may correct some of this information directly by logging on to your account.
-
Erasure: You can request that we erase some or all of your personal data from our systems. Under the GDPR and the UK
GDPR, this right is subject to certain exceptions. Please see the Data Retention section on the purposes for which we
retain limited personal data.
-
Withdrawal of Consent: If we are processing your personal data based on your consent (as indicated at the time of
collection of such data), you have the right to withdraw your consent at any time with effect for future processing
operations. Please note, however, that if you exercise this right, you may have to then provide express consent on a
case-by-case basis for the use or disclosure of certain of your personal data, if such use or disclosure is necessary to
enable you to utilize some or all of our Services.
-
Portability: You can ask for your personal data in a machine-readable format. You can also request that we transmit the
data to another controller where technically feasible.
-
Restriction of Processing: You can ask us to restrict further processing of your personal data.
Objection: You can contact us to let us know that you object to the further use or disclosure of your personal data for
certain purposes, such as for direct marketing purposes
Please note that these rights can often be exercised only under specific conditions set out in the GDPR and UK GDPR
as applicable. Furthermore , we may not be able to fully comply with your request in circumstances where doing so is
manifestly unfounded or excessive, or if it is not permitted by law. In those circumstances, we will still respond
to notify you of such a decision. In some cases, we may also need you to provide us with additional information,
which may include personal data, if necessary to verify your identity and the nature of your request.
If you wish to exercise any of your rights, please see the
Contact Us
section of this policy.
Cross Border Transfers of Personal Data
Learneo businesses are located in the United States, Israel, India, The
Netherlands, and Canada and may continue to grow in other countries. We also have service providers both in the
United States and throughout the world. As such, Learneo and our service providers may transfer your personal data
to, or access it in, jurisdictions that may not provide equivalent levels of data protection as your home
jurisdiction. These transfers are necessary in order for us to provide our Services. When we transfer information
about individuals based in the EEA or UK outside of those countries, we will take appropriate measures to safeguard
the transfer as required by applicable law, including:
-
Adequacy Decisions: European Commission decisions recognizing
that certain countries and territories outside of the EEA ensure an adequate level of protection for personal data.
Depending on your use of our Services, when we transfer your personal data from the EEA to Israel or the UK, we rely
on the European Commission's adequacy decision for Israel and the UK. Further, where we transfer your personal data
from the EEA to an US recipient participating in the DPF (including the UK Extension to the EU-U.S. Data Privacy
Framework (DPF), where applicable), we rely on the European Commission's adequacy decision for the US.
-
Standard Contractual Clauses: Transfers to countries that don't have an adequacy decision typically take place on the basis of the European Commission-approved standard contractual data protection clauses (together with the UK Annex
for transfers from the UK), which we use for transfers to countries including but not limited to the US (where the
recipient does not participate in the DPF), and Singapore.
In certain circumstances, cross border transfers may take place on the basis of exemptions provided for under
applicable data protection law.
You may always contact us to request a copy of the transfer measures that we have taken to safeguard the transfer of
your personal data.
Complaints
You have the right to lodge a complaint about our practices with respect to your personal data before a supervisory data
protection authority.
Additional Terms for Australian Residents
If you reside in Australia, the following additional terms apply in
accordance with the Australian Privacy Principles ("APPs") and the Privacy Act 1988 ("APA"). If there are any
conflicts between this section and any other provision of this policy, the following terms shall prevail.
Government ID
To the extent we collect any government ID (such as driver's license, photo card, etc), we recognise that
government ID is a special category of personal information that is subject to a higher standard of privacy
protection compared to other types of personal data. Notwithstanding any other part of this policy, to the extent
that we collect any such government ID from you, we will only collect, use and disclose such data strictly for the
identity verification purpose set out in this privacy policy or for a purpose permitted under APP 9. We will not
handle your government ID in any other manner or for any other purpose. Subject to any retention requirements under
law or otherwise specified in this privacy policy, we will destroy or de-identify any record of your government ID
stored in our systems when we no longer need to use it.
Accessing Your Personal Data
You can request to access, correct, update or delete your personal data by contacting us using the contact details
provided under the Contact us section in Part One.
You can request access to any personal data we hold about you at any time. However please be aware that from time to
time we may need to reject your request to access personal data we hold about you, if we believe such rejection to
be necessary and to the extent allowed by law.
If we do not provide you with access to any of your personal data, or do not correct any of your personal data, we
will provide you with our reasons. If you are not satisfied with our reasons, you may make a complaint as set out
below under the Complaints section.
Complaints
We take your privacy concerns seriously. If you have a complaint
regarding our handling of your personal data or concerning our privacy practices, you may file a complaint with our
Privacy Officer using the contact provided under the Contact us section in Part One. Our Compliance team will
confirm receipt of your complaint and review it with our legal team. If we believe an investigation is necessary, we
will open an investigation into your complaint. We may need to contact you to request further details of your
complaint. If an investigation has been opened following a complaint made by you, we will contact you with the
result of that complaint as soon as possible.
If you are not satisfied with the outcome of your complaint, you may refer your complaint to the Office of the
Australian Information Commissioner by contacting 1300 363 992 or by visiting the website www.oaic.gov.au. Further
information about the APA and the APPs is also available from the Office of the Australian Information Commissioner.
Transfers of Personal Data Outside Australia
We may share your personal data amongst Learneo, with third party
service-providers and other third parties that require such information to assist us in providing Services to you.
Your personal data may be transferred to, and processed in, countries other than Australia, including United States,
Israel, India, The Netherlands, and Canada or other countries as might be the case in the future. We will only
transfer your personal data overseas for the same purposes set out in this Privacy Policy. Personal data that is
stored overseas may not be subject to the APA or the APPs. However, we will not transfer or permit any of your
personal data to be transferred outside of Australia unless we have taken reasonable steps to ensure the transfer is
in compliance with applicable laws, and in any case to a recipient that has privacy protections in place which are
at least substantially similar to which the APPs protect information.
Consequences If We Can't Collect Your Personal Data
If you do not provide us with the personal data we need, we may not be able to provide appropriate services,
targeted content or relevant information to you, and in some cases you may not be able to use our Services.
Additional Terms for Mexican Residents
Purposes and Consent
For residents in Mexico, please consider that the
purposes that have originated and are necessary for the existence, continuity and fulfilling of the legal
relationship with you are considered primary purposes. Therefore, Learneo does not require your express consent for
the processing of your data for these purposes. Any other purpose other than the primary purposes already stated
shall be considered as secondary purposes, for which you may refuse processing of data, by not providing your
personal data whenever they are requested for these purposes in particular, by notifying your refusal to
[email protected],
or by configuring your preferences in accordance with our Cookie Policy.
For residents in Mexico, please consider that communication of personal data described in the "Sharing with Third
Parties" section (except for the Service Providers and Business Transfers portions), and the "Sharing Personal Data
Between the Learneo" section shall be considered "transfers" of data. Nonetheless, said transfers do not require
your consent when takes place between companies that are part of the Learneo corporate group and operate under the
same privacy policies; under conditions necessary for Learneo to maintain its current legal relationship with you
and/or; under a legal requirement for the administration or prosecution of justice., which are considered exceptions
under Mexican Law.
Communication of personal data described in the "Service Providers" portion of the Sharing with Third-Parties section
of the privacy policy shall be considered a "remission", where each third party that receives said data shall be
considered a processor of the correspondent data. As per Mexican Law, Learneo is not required to inform nor obtain
your consent for these communications of data. Please take into consideration that Learneo does not collect, receive
and/or transfer financial data, this data is collected and processed at all times by a "Payment Processor". For more
information, please review the privacy policies of the respective payment processors referred to in the "Personal
Data Collected" section.
The content referred to in the "Business Transfers" portion of the Sharing with Third-Parties section of this privacy
policy does not qualify in Mexico as a communication of personal data, but rather as an assignment of the data
controller obligations to a third party, which shall be communicated to you through the availability of a new
privacy policy.
Your Rights under Mexican Privacy Law
You are entitled to: (i) access to your personal data kept by Learneo (ii); be informed of the treatment given to
your personal data by Learneo; (iii) request rectification of your personal data in case the information is
incorrect or incomplete; (iv) request cancellation of your personal data; (v) refuse to the treatment of your
personal data; and (vi) revoke your consent for the processing of your personal data (together "ARCO Rights").
You may exercise your ARCO rights by contacting Learneo compliance at
[email protected]
with the subject "ARCO Rights", and providing the following information:
-
Your name and address
-
The specific Learneo Service you are using
-
Supporting documentation of your domicile in Mexico,
-
A clear and precise description of the personal data you are seeking to access or the privacy right you are exercising
-
Any additional details relevant to your request.
Our compliance team will review and respond to your request within the timeframe permitted by law.
If you subscribed to more than one Service at checkout, or you have a question or request that pertains to
more than one Service and would like to exercise any of the rights under applicable privacy law, you can submit your
request to Learneo, Inc. and indicate so on the request. Learneo, Inc. will process it accordingly.
Otherwise, please contact the Learneo company relevant to your request; you can find the contact details for the
relevant company in Part Two below.
Learneo, Inc.
Attn: Privacy Compliance
2000 Seaport Blvd, Floor 3
Redwood City, CA 94063 USA
866-634-9397
[email protected]
GDPR/US State Privacy Laws Request Form
EEA and UK residents may contact our EU and UK based representative regarding all requests related to data protection
and privacy:
DP-Dock GmbH
Ballindamm 39
20095 Hamburg, Germany
www.dp-dock.com
DP Data Protection Services UK Ltd.,
16 Great Queen Street, Covent Garden
London, WC2B 5AH, United Kingdom
www.dp-dock.com
PART TWO: PRODUCT SPECIFIC PRIVACY DETAILS
This Part Two describes the privacy practices specific to a Learneo business and one or more of its Services indicated
in that section. Please click on the applicable link below for details.
Course Hero Services
Table of Contents
Personal Data We Collect
Information You Provide
When You Use Course Hero
The types of information we collect and process depend on
how you use Course Hero and whether you sign up as a Student, Educator, or Tutor.
-
Profile or Contact Data. When you sign up with Course Hero, we may collect your:
-
First and last name
-
Email address
-
Phone number
-
Collected for verifying your account and preventing fraud; required for tutors;
-
We may also collect phone numbers
to send you messages based on your express consent at the time of collection. For
example, unless you voluntarily provided your phone number to enable SMS texting in your
account settings, we will give you the option to provide it after submitting a question
so that we can, with your consent, send you text updates on tutor response.
-
Mailing address
-
School
-
Graduation date (month & year)
-
Profile image
-
Courses
-
Country of residence (tutor applicants)
-
Area of expertise (tutor applicants)
-
Highest level of education, and evidence of educational background such as a
diploma, professional certificate/license, or school transcript (tutor applicants only)
-
Confirmation of age 16+ (tutor applicants)
-
Additional "Tutor Profile Data":Graduation date
(month and year), a profile picture, the name of the school you attended, prior relevant
experience, and other platforms tutored on.
-
Additional "Educator Profile Data": Academic role and subject/department, resume (to parse out
optional data on your Course Hero profile), a profile picture, a public profile link (such as a
link to your faculty or LinkedIn profile), courses taught, your biography, education (school,
degree, field of study, dates), teaching history, publications and awards.
-
Identifiers. When you sign up to be a Tutor on Course Hero, we may collect your:
-
Government identification number or driver's license number (identity verification only)
-
Canadian residents only: If you want to claim earnings as a tutor, we
collect your tax information, which consists of your full name or business entity name, type of
ID (SIN for an individual or program account number for a business), government ID number, and
permanent address for the purpose of reporting earnings up to a certain amount
-
Payment Data. When you sign up for a Premier membership or choose to utilize any of
our paid services, we will collect your:
-
Payment card holder name
-
Billing city, state, postal code and country
-
Payment card type
-
First 6 and/or last 4 digits of payment card
-
Expiration date
-
A PayPal email specifically to receive payments from Course Hero
-
Online Identifiers. When you create an account on Course Hero, we will collect:
-
Unique identifiers such as account name and passwords that you use to manage your Course Hero account
-
Third-Party Login Data. If you use a third-party service to
sign-into your Course Hero account, we will collect your:
-
Email
-
Name and profile picture
-
User ID and education data (if applicable)
-
Professional or Employment-Related Data.
If you sign up to use Course Hero as an educator or tutor, we will also collect:
-
Educator resume information, job title, and job history
-
Educator school/faculty issued ID or other document that verifies your status as an educator
-
Educator school-issued email or personal email address*
-
*Note: If you provide a personal
email but want to create an educator account, or if you are unable to be verified by our
third party identification service provider as described in this policy, we will collect
a copy of your school/faculty issued ID or other document that verifies your status as
an educator, such as your employment offer, letter of acceptance, or copy of a pay stub.
We require that you redact personal data (except your name and your employer) from
these documents before they are shared with us).
-
Tutor education level
-
Tutor diploma/transcript
-
Non-Public Education Data. Depending on how you use our Services, we
may collect the following information from you directly:
-
Sensitive Personal Data. If you apply or use our services as a tutor, we will collect your:
-
Biometric data, solely for the purposes of
tutor identification verification and to detect and prevent fraud on Course Hero, obtained with
your express consent as further described in this policy and at the time of
collection.
-
Other Identifying Information that You Voluntarily Choose to Provide.
Depending on how your use our Services or interact with us, we may collect:
-
Identifying information in emails or letters you send us.
When you Apply to be a Tutor on Course Hero
If you apply to be a tutor, using the information above we
will verify your identity as part of your tutor application review. We may also verify your identity when
you withdraw funds from your tutor account or to protect your account when we detect fraudulent activity. To
verify your identity, we will collect your mobile phone number for SMS verification, an image of your photo ID
(such as your driver's license or other government ID; excluding passport), as well as a photo of
yourself. If your professional license is issued by a government, and/or you provide a government-issued
professional license card, we will verify the authenticity of that information with the relevant government.
We may use a third-party identification service provider to collect this personal information to perform
this identity verification on our behalf. When we do, we will inform you about the service provider we use
and the process for verifying your identity with them. Any of the identification service providers we use
will only process your personal information at our instruction and for the purposes of verifying your identity
on Course Hero. In those cases, we will only collect and use the personal information you provide for
identification verification with your consent that you provide at the time we collect this information.
You can revoke this consent at any time by emailing
[email protected]
.
We also collect your PayPal email in order to transfer your earnings for
tutoring on Course Hero. For more details on Applying to be a Tutor with Course Hero, see
our
Support Article
When you Use our AI-Powered Search, Question Prompts, or Chat Features
When you use certain features in Course Hero like our
AI-assisted chat or our AI-powered search functionality, we will collect your inputs to those features along
with Profile or Contact Data and the Automatically Collected Information (described below) associated with your
use of that feature. These features may allow you to input any text that you choose. We will never request
that you provide your personal data in any of these input fields, and strongly advise against doing so.
Please note that any data input into an AI-powered chat or search feature in Course Hero may be stored for
up to 120 days, and otherwise in accordance with our business data retention and deletion policies. We
will use this information for the purposes of providing and improving the relevant feature to you.
When You Communicate with Us
When you contact customer support, we will collect your
first and last name, the email registered with your Course Hero account, and the last 4 digits of your credit
card number (if you are using one of our paid services). You may also choose to provide us with additional
information, such as name on credit card and phone number, or other account details relevant to your
inquiry.
When you provide feedback, we collect your email and any other personal data you may provide us.
When You Participate in a Contest or Sweepstakes
When you choose to participate in a Course Hero contest or
sweepstake, we collect your email, mailing address (for physical prizes), and school you attend. In some cases
we may require your separate consent to participate and agreement to specific terms. If you are selected
as the winner, we also collect a copy of your driver's license and student ID to confirm your identity and
eligibility, after which the copies are deleted. For cash prizes, we require winners to complete a W-2 tax and
direct deposit information used solely to make payment to you.
When You Apply for Scholarships
When you apply for a Course Hero scholarship, we collect
your name, email address, phone number, as well as biographical, education, financial, and work history
information.
When You Attend a Virtual or In-Person Course Hero Event
From time to time, Course Hero hosts in person and/or
virtual events for educators and students, such as the annualCourse Hero Education Summit. When you
register to attend one of our events, we may collect your name, email, school, title, and country of
residence.
When You Choose to Participate in Research to Improve our Services
We periodically conduct research to help improve our
Services, including by sending you invitations for online surveys or questionnaires, or to participate in
research interviews. In such cases, we may collect demographic data about you, such as gender, age, school major
or topic of study, and education level, on a voluntary and anonymized basis. We may also ask you for
information about your use of Course Hero related to our research. Your participation in research to help
improve our Services is voluntary and may be subject to a separate research participant consent form or other
agreement. In the event that your participation in research involves the use of our Services for research
purposes, this Privacy Policy will apply.
In some cases, research participants may be asked to
submit sensory data, such as photos, videos or recordings of a participant's environment, which we only
collect and use for research purposes when you choose to participate and with your consent.
Automatically Collected Information
When you use our Services, we automatically collect the following information:
-
Usage Information (information on your activity and how
you use our Services, such as the date and time of visits, pages viewed, links to/from any page, and
time spent in a session).
-
Inference Information about your usage of Course Hero, such as whether you are a frequent
document uploader student, or an advanced tutor in a particular topic based on your response
history.
-
Device and Connection Information (such as your internet protocol (IP)
address, Internet service provider, operating system, and web browser type).
-
General Location information (estimated location based on your IP
address), to show you relevant content, identify the applicable regional subscription offering to you,
to detect/identify fraud on our Services, and for other commercially reasonable business
purposes.
Information from Third-Party Sources
When You Use Course Hero Services with Third Party Services
If you choose to sign up with the Course Hero Services
using a third-party log-in service, you will provide us or allow the log-in service to provide us with your
personal data as specified by that third-party log-in service. For example, if you choose to sign up using
Facebook, you will provide us or allow Facebook to provide us with your personal data, such as your name, email,
user ID, profile picture, and education data (school, school type, school name, graduation year), if available.
If you use Google, you will provide us or allow Google to provide us with your name, email, and profile picture,
if available. If you use Apple, you will have the option to allow Apple to provide us with your email
address.
For more information about the personal data shared with
Course Hero, please see the third-party log-in services' (Facebook, Google and Apple's) privacy
policies.
Publicly Accessible Information on the Course Hero Services
Depending on how you use our Services, the following data
may be publicly accessible on the Course Hero Services:
-
If you have a student account, your username
and school, as well as graduation date and profile picture, if provided.
-
If you have a tutor account, your username,
information about your active status on Course Hero, and any Tutor Profile Data. If you upload photos,
videos or recordings of your environment to answer a student question, the attachment(s) (together with
your answer) will also be publicly accessible.
-
If you have an educator account, your first
and last name, school where you teach, and any Educator Profile Data.
-
If you upload Content on the Course Hero Services,
any personal data included in your Submission. Please do not include personal data in your Submission
that you would not want to be publicly available.
Information from Creative Commons or Publicly Available on Third-Party Sites
We may collect the first and last name of any professor,
educator, or instructor whose name is publicly listed in connection with a course on a publicly-accessible
website for the purposes of establishing correct course information on Course Hero.
We may collect the first and last name of any
author's work available in the Creative Commons for the purposes of establishing correct authorship
attribution and creating author profiles.
Our Uses
We use the personal data we collect about you for the
purposes stated in the How We Use Your Personal Data section in Part One of this policy.
For UK and EEA residents, please see the Additional Terms
for European Economic Area and UK Residents in Part One for our lawful basis for processing your personal
data.
How We Share Your Personal Data
Below are the categories of third parties with whom we
share your personal data that we collect and have collected over the past 12 months.
Category of Personal Data |
Personal Data We Collect |
Categories of Third Parties With Whom We May Share this Personal Data: |
Profile or Contact Data
|
-
First and last name
-
Email
-
Phone number
-
Mailing address
-
School
-
Graduation date
-
Profile image
-
Courses
|
-
Service Providers
-
Advertising Partners
-
Analytics Partners
-
*Payment Processors
*Our third party payment processors
are Google Pay, Apple Pay, PayPal, Braintree and Recurly. If you sign up as a paying subscriber, your payment information (such as your bank or credit card
number) is collected and processed directly by our third-party payment processors. For
information on our payment processor's collection, use and storage of your personal
data, please see each payment processor's privacy policy. Our payment processors
collect your payment information necessary to process your payment, and share limited
payment information with Course Hero as described in the
Payment Data
row below.
|
Identifiers
|
-
SIN or program account number (Canadians claiming earnings only)
-
Government identification number or driver's license number(identity verification only)
|
|
Payment Data
|
-
Card holder name
-
Billing city, state, postal code and country
-
Payment card type
-
First 6 and last 4 digits of payment card
-
Expiration date
|
-
Service Providers
-
Payment Processors
-
Analytics Providers (only first 6 digits of card)
|
Commercial Data
|
|
|
Online Identifiers
|
-
Unique identifiers such as account name and passwords
|
-
Service Providers
-
Analytics Partners
|
Device/IP Data
|
-
IP address
-
Device ID
-
Type of device/operating system/browser used to access the Services
-
Session IDs and group session IDs (together using cookies)
|
-
Service Providers
-
Advertising Partners
-
Analytics Partners
|
Web Analytics
|
-
Browsing or search history
-
Web page interactions
-
Referring webpage/source through which you accessed the Services
-
Statistics associated with the interaction between device or browser and the Services
|
-
Service Providers
-
Advertising Partners
-
Analytics Partners
|
Third-Party Login Data
|
-
Email
-
Name and profile picture
-
user ID and education data
|
-
Service Providers
-
Analytics Partners
-
Parties You Authorize, Access or Authenticate
|
Professional or Employment-Related Data
|
-
Educator resume
-
Educator job title
-
Educator job history
-
Tutor education level
-
Tutor diploma/transcript
|
-
Service Providers
-
Analytics Partners
|
Non-Public Education Data
|
-
Tutor grades or transcripts
-
Scholarship applicant - student financial information
|
|
Geolocation Data
|
-
IP-address-based location information
|
-
Service Providers
-
Analytics Partners
-
Payment Processors
|
Sensory Data
|
-
Photos, videos or recordings of a user's environment (research participants;
questions and answers on tutoring service)
|
|
Sensitive Personal Data
|
|
-
Identification Service Providers
|
Other Identifying Information that You Voluntarily Choose to Provide
|
-
Identifying information in emails or letters you send us
|
-
Service Providers
-
Analytics Partners
|
Additional Data Security
In addition to the security measures identified in the
Data Security
section in Part One, the information security controls implemented by Course Hero
are audited annually by an external third-party certified Qualified Security Assessor for compliance
with Payment Card Industry Data Security Standard (PCI DSS) security standards.
Data Retention
Except as otherwise permitted or required by applicable
law or regulation, we retain personal information about you for as long as you have an open account with us, as
long as necessary to fulfill the purposes we collected it for. In some cases, we retain personal
information for longer and for other legitimate purposes, including if doing so is necessary to comply with our
legal obligations, enforcing and preventing violations of our Terms, to fight spam, protecting or defending our
rights, property and users, to resolve disputes or collect fees owed, or is otherwise permitted or required by
applicable law, rule or regulation. We may further retain information in an anonymous or aggregated form, where
that information would not identify you personally. Applicable storage periods are determined on a case-by-case
basis. To determine the appropriate retention period for personal information, we consider applicable
legal requirements, the amount, nature, and sensitivity of the personal information, the potential risk of harm
from unauthorized use or disclosure of your personal information, the purposes we process your personal
information for, and whether we can achieve those purposes through other means. We will maintain certain types
of personal information for a limited duration. For example, we keep account information like your account
email address for as long as your account is in existence, because we need it to operate your account.
Deleting Your Account
If you would like to delete your account, you can do this
directly by going to "My Account" in your Account Settings for the relevant Course Hero Service. If
you choose to delete your account: 1) your account information (username and any other information you provided
on your account) will be deleted from the applicable Course Hero Service, but your Submissions will remain in
accordance with our
Terms of Use
; 2) we will not be able to provide you with Services, and you will no longer receive emails from us; and 3) you will
not be able to use the email associated with your account t on that Course Hero Service again.
If the GDPR, UK GDPR, US State privacy laws, or other
applicable privacy law grants you the right to have your personal data deleted entirely from Course Hero
Services and you want to exercise that right, please read
Part One
for how to submit your request.
Cookie Policy
To view the Course Hero Services Cookie Policy,
click here
LitCharts and CliffsNotes
Table of Contents
Personal Data Collected
When you sign up with LitCharts or CliffsNotes
When you create an account on LitCharts or CliffsNotes, we
collect your email, country of residence, date of birth and username. On LitCharts only, we will also collect
user-type (student, teacher/educator, parent, librarian, general interest reader) and username.
If you sign up for a paid subscription on LitCharts or
CliffsNotes, payment information, such as card number, is collected and processed directly by our third-party
payment processors. Our payment processors are Stripe and PayPal (on the LitCharts Service)
and Stripe only (on the CliffsNotes Service) . For information on our payment processor's collection, use and storage of your
personal data, please see the payment processor's privacy policy. Our payment processors do not share your
full payment card information with us.
Collected through your use of our Services
When you use our Services, we collect the following information:
-
Usage information (such as the date and time of
visits, pages viewed, links to/from any page, and time spent in a session)
-
Device information (such as your internet protocol
(IP) address, Internet service provider, operating system, and web browser type)
-
Location information (based on your IP address),
to detect/identify fraud on our Services
Collected about you from third party sources (LitCharts Service only)
If you choose to create an account with us using a third
party log-in service (such as Facebook or Google), you will provide us or allow the log-in service to provide us
with your personal data, such as your email, name and/or username, if available, and any other personal data
specified by that third-party log-in services. For more information about the personal data shared with
LitCharts, please see the third-party log-in services (Facebook or Google) privacy policies.
In some cases, we may receive personal data about you from
a third party, such as your employer or academic institution, to enable your account setup to use our
Services.
Provided by you when you communicate with us
When you contact customer support, we collect your first
and last name, email, and any other personal data you may provide to us when you complete our customer support
form.
We also collect your email and any other personal data you
may provide to us when you choose to respond to surveys or questionnaires we send for research purposes or as
part of our Services, or when you provide feedback.
Our Uses
We use the personal data we collect about you for the
purposes stated in the
How We Use Your Personal Data
section in Part One of this policy.
For UK and EEA residents, please see
Additional Terms For European Economic Area And UK Residents
in Part One of this policy for our lawful basis for processing your personal data
for the purposes we describe.
How We Share Your Personal Data
In addition to the How We Share Your Personal Data section
in Part One, when you use LitCharts and CliffsNotes, below are the categories of third parties with whom we
share your personal data that we collect and have collected over the past 12 months:
Category of Personal Data
|
Personal Data We Collect
|
Categories of Third Parties With Whom We May Share this Personal Data:
|
Profile or Contact Data
|
-
Email
-
Country
-
Date of birth
-
Username (LitCharts Service only)
-
User type (e.g., teacher, student, general interests, reader, librarian, and or parent) (LitCharts Service only)
|
-
Service Providers
-
Payment Processors
|
Payment Data
|
-
Card holder name
-
Billing address
-
Payment card type
-
Last 4 digits of payment card
-
Expiration date
|
|
Commercial Data
|
-
Purchase history
-
Consumer profiles
|
|
Online Identifiers
|
|
|
Device/IP Data
|
-
IP address
-
Type of device/operating system/browser used to access the Services
|
-
Service Providers
-
Analytics Providers
|
Web Analytics
|
-
Web page interact
-
Non-identifiable request IDs
|
-
Advertising Partners (CliffsNotes Service only)
-
Analytics Providers
|
Third-Party Login Service Data (LitCharts Service only)
|
|
|
Demographic Data
|
-
Age/date of birth
-
Postal code
|
|
Geolocation Data
|
-
IP-address-based location information
|
|
Other Identifying Information that You Voluntarily Choose to Provide
|
-
Identifying information in emails or letters you send us
|
|
Data Retention
Except as otherwise permitted or required by applicable
law or regulation, we retain personal information about you for as long as you have an open account with us, as
long as necessary to fulfill the purposes we collected it for. In some cases, we retain personal
information for longer and for other legitimate purposes, including if doing so is necessary to comply with our
legal obligations, enforcing and preventing violations of our Terms, to fight spam, protecting or defending our
rights, property and users, to resolve disputes or collect fees owed, or is otherwise permitted or required by
applicable law, rule or regulation. We may further retain information in an anonymous or aggregated form, where
that information would not identify you personally. Applicable storage periods are determined on a case-by-case
basis. To determine the appropriate retention period for personal information, we consider applicable
legal requirements, the amount, nature, and sensitivity of the personal information, the potential risk of harm
from unauthorized use or disclosure of your personal information, the purposes we process your personal
information for, and whether we can achieve those purposes through other means. We will maintain certain types
of personal information for a limited duration. For example, we keep account information, like your name,
email address, and password, for as long as your account is in existence because we need it to operate your
account.
Deleting Your Account
You can delete the personal data LitCharts or CliffsNotes
holds about you directly within your user account, under "Account Settings".
If the GDPR, US State privacy laws, or other privacy law
grants you the right to have your personal data deleted entirely from our Services and you want to exercise that
right, please read
Part One
for how to submit your request.
Cookie Policy
To view the LitCharts Cookie Policy,
click here.
To view the CliffsNotes Cookie Policy,
click here.
Symbolab
Table of Contents
Personal Data Collected
When you sign up with Symbolab
When you create an account on Symbolab, we collect your
first and last name and email. If you sign up to be a paying subscriber, we collect your billing email. Payment
information, such as card number, is collected and processed directly by our third-party payment processors. Our
payment processors are
Google Pay, Apple Pay, PayPal and
Stripe. For information on our payment processor's
collection, use and storage of your personal data, please see the payment processor's privacy policy. Our
payment processors do not share your full payment card information with us.
Collected through your use of our Services
When you use our Services, we collect location information
(based on your IP address), to identify the applicable default language and regional subscription offering on
our Services.
Collected about you from third party sources
If you choose to create an account with us using a
third-party log-in service (such as Facebook, Office365 or Google), you will provide us or allow the third-party
social network or log-in service to provide us with your personal data, such as your email and username, if
available, and any other personal data specified by that third-party log-in service.
For more information about the personal data shared with
Symbolab, please see the third-party log-in services (Facebook, Office365 or Google) privacy policies.
Provided by you when you communicate with us
When you contact us to provide feedback, you have the
option to provide us with your name, email, and any other personal data.
When you contact us for customer support, we collect your
email, device information (operating system and web browser type), and any other personal data you may choose to
provide us.
When you respond to surveys or questionnaires we send for
research purposes or as part of our Services, we collect your email and any other personal data you may choose
to provide us.
Our Uses
We use the personal data we collect about you for the
purposes stated in the
How We Use Your Personal Data
section in Part One of this policy.
For UK and EEA residents, please see
Additional Terms For European Economic Area And UK Residents
in Part One of this policy for our lawful basis for processing your personal data
for the purposes we describe.
How We Share Your Personal Data
In addition to the How We Share Your Personal Data section
in Part One, when you use Symbolab below are the categories of third parties with whom we share your personal
data that we collect and have collected over the past 12 months:
Category of Personal Data
|
Personal Data We Collect
|
Categories of Third Parties With Whom We May Share this Personal Data:
|
Profile or Contact Data
|
-
First and last name
-
Email
|
|
Payment Data
|
-
Billing email
-
Card holder name
-
Billing address
-
Payment card type
-
Last 4 digits of payment card
-
Expiration date
|
-
Service Providers
-
Payment Processors
|
Commercial Data
|
|
|
Online Identifiers
|
-
Unique identifiers such as account name and passwords
|
|
Device/IP Data
|
-
Type of device/operating system/browser for support
|
-
Service Providers
-
Analytics Providers
|
Web Analytics
|
-
Browsing or search history
-
Web page interactions
-
Referring webpage/source through which users accessed the Services
|
-
Service Providers
-
Analytics Providers
|
Third-Party Login Service Data
|
-
Email
-
Username on social network or third-party login service
|
|
Geolocation Data
|
-
IP-address-based location information
|
-
Service Providers
-
Advertising Partners
-
Analytics Providers
|
Other Identifying Information that You Voluntarily Choose to Provide
|
-
Identifying information in emails or letters you send us
|
|
Data Retention
Except as otherwise permitted or required by applicable
law or regulation, we retain personal information about you for as long as you have an open account with us, as
long as necessary to fulfill the purposes we collected it for.
In some cases, we retain personal
information for longer and for other legitimate purposes, including if doing so is necessary to comply with our
legal obligations, enforcing and preventing violations of our Terms, to fight spam, protecting or defending our
rights, property and users, to resolve disputes or collect fees owed, or is otherwise permitted or required by
applicable law, rule or regulation. We may further retain information in an anonymous or aggregated form, where
that information would not identify you personally. Applicable storage periods are determined on a case-by-case
basis.
To determine the appropriate retention period for personal information, we consider applicable
legal requirements, the amount, nature, and sensitivity of the personal information, the potential risk of harm
from unauthorized use or disclosure of your personal information, the purposes we process your personal
information for, and whether we can achieve those purposes through other means. We will maintain certain types
of personal information for a limited duration.
For example, we keep account information, like your name,
email address, and password, for as long as your account is in existence because we need it to operate your
account.
Deleting Your Account
You can delete the personal data Symbolab holds about you
directly within your user account, under "Account Management".
If the GDPR, US State privacy laws, or other privacy law
grants you the right to have your personal data deleted entirely from Symbolab and you want to exercise that
right, please read
Part One
for how to submit your request.
Cookie Policy
To view our Cookie Policy, click here.
QuillBot
Table of Contents
Personal Data Collected
When you sign up with QuillBot
When you register for an account to use our Services, we
ask you for your name and email. If you sign up for our premium Services, payment information, such as card
number, is collected and processed directly by our third-party payment processors. Our payment processors
are Amazon Pay, Stripe, PayPal, Chargebee, Razorpay, Google
Pay and Apple Pay. For information on our payment
processor's collection, use and storage of your personal data, please see the payment processor's
privacy policy. Our payment processors do not share your full payment card information with us. Our
payment processors may share limited payment data with us, including card type, last 4 digits of card, token
number, expiration date, and country or PayPal email subject to restrictions in the applicable law in your
jurisdiction.
Collected through your use of QuillBot
When you use our Services, we collect the following information:
-
Usage information (such as the date and time of visits, pages viewed, links to/from any page, and time spent in a session)
-
Device information (such as your internet protocol
(IP) address, Internet service provider, operating system, computer model, language settings and CPU
details, and web browser type)
-
Inference Information about your usage of
QuillBot, such as whether you are a frequent document uploader or user of a particular feature.
-
Location information (approximated, based on your
IP address), to identify the applicable regional subscription offering and to detect/identify fraud on
our Services
We may also collect personal data you provide or otherwise make available to us when you use our Services. For example:
-
When you use the Plagiarism Checker, we store a
copy of your document, which includes any information contained within.
-
When you use our Paraphraser tool, we will collect
any information you paraphrase, including personal data you enter into Paraphraser.
-
When you upload documents to our Services, we will
store both a copy of the original document (or the text of the original document) as well as the
paraphrased version and any information contained within.
-
When you use QuillBot Flow, we will collect any information, including personal data, you enter into your project(s)
within the editor.
If you use the voice recognition feature on QuillBot Flow for audio to text conversion, the audio to text conversion
occurs in real time and audio is not stored by us; however, the text converted from audio input that is added by you to
your project(s) is stored by us in accordance with this policy.
Collected when you use QuillBot's Browser Extensions
When you use QuillBot's browser extensions, the
contents in the email you prepare and receive, chat messages you write (excluding history or chats received),
documents you create, search queries, and text you input on multiline fields on websites you visit ("Your
Content"), as transmitted by you in connection with your use of our extension, will be used in real time
on our machine learning algorithm to generate outputs, after which Your Content is deleted from our Services. We
only store Your Content after you provide your consent, which you can revoke at any time within the
extension icon found on the right top corner of your browser.
When you use QuillBot's Chrome extension, we will
store your Command Data, which includes the text and metadata (including any personal data as described in this
Privacy Policy) of any command that you provide to QuillBot to perform a specific function. For example, when
you provide the command "Write an email for a business proposal," we will store that text and the
metadata associated with it, including your personal data like your QuillBot account and browser information. We
use the Command Data we store to understand usage, optimize our Services, and provide the best experience on
QuillBot.
Command Data is distinct from Your Content, which includes
the contents of the email you prepare and receive, chat messages you write (excluding history or chats
received), documents you create, search queries, and text you enter in multiline fields on websites you visit.
We process Command Data in real time using our machine learning algorithm to generate outputs. After this
real-time processing, Your Content is deleted from our Services.
We also collect URLs and usage information (in addition to
the usage information described above), such as the number of times you disable/enable the extension on a
website. This information helps us understand how you use this service and how we can improve it.
We do not access your contacts, text in single-line fields
(which are more likely to contain personal data), or content in fields marked "sensitive," such as
credit card, password, email address, or email subject fields.
We only collect Your Content when the QuillBot icon is
displayed and enabled, indicating that Your Content will be grammar-checked or paraphrased. We only store Your
Content with your consent. You can disable the extension or revoke consent at any time by clicking the QuillBot
icon in the top-right corner of your browser and going to "Preferences."
We also collect URLs and usage information when you use
QuillBot on a website (in addition to the usage information described immediately above), such as the number of
times you disable/enable the extension on a website, which we retain to help us understand how you use this
Service and to help us improve it. We only collect Your Content when the QuillBot icon is displayed and enabled,
indicating that Your Content will be grammar checked or paraphrased. You can choose to disable the QuillBot
extension at any time on the top right corner of your browser. We do not access your contacts, text in
single-line input fields (which are more likely to contain personal data), or content in fields marked
"sensitive" such as credit card, password, email address or email subject fields.
Collected when you use the QuillBot Desktop App
When you install the QuillBot desktop app, QuillBot will
request permission to access your computer's accessibility features. This allows us to collect your
inputs from within certain applications on your computer to enable us to provide our Services to you. Your
inputs will be used in real time on our machine learning algorithm to generate outputs, after which they are
deleted. Access to your accessibility features also allow us to identify apps you use but which are yet to be
supported, so we can display a feedback widget. After you grant permissions to your computer's
accessibility settings, you can choose when to use the QuillBot desktop app to help improve your writing at any
time, by clicking on the QuillBot icon that appears when you open certain compatible apps on your computer.
Collected about you when you participate in QuillBot University
If you choose to sign up for a QuillBot University event (including live webinars), we will collect your first and last
name, email address, occupation, country of residence, and any other personal data you provide to us. We may use this
personal data in order to process your registration, provide you with the event, and to improve our future events and
our services.
Collected about you from third party sources
If you choose to sign up with QuillBot using certain
third-party log-in services (such as Facebook or Google) you will provide us or allow the log-in service to
provide us with your personal data, such as your email, name and/or username, if available, and any other
personal data specified by that third-party log-in service. For more information about the personal data shared
with QuillBot, please see the third-party log-in service's (Facebook or Google) privacy policies.
In some cases, we may receive information about your
interactions with products and services offered by our affiliates for which we provide technical or other
services. We may also collect personal data about you from a third party, such as your employer or
academic institution, to enable your account setup to use our Services. We will also receive limited payment
information from our payment service providers (as described above), which we need to manage your QuillBot
subscription.
We may collect the first and last name of any
author's work available in the Creative Commons for the purposes of establishing correct authorship
attribution and creating author profiles on QuillBot.
We use analytics services such as Google Analytics and
Amplitude to collect and process certain analytics data when you use our Services. These services may also
collect information about your use of other websites, apps, and online resources. For more information about our
use of these services, please see our
Cookie Policy
. In addition, you can learn
about Google's practices by going to
https://www.google.com/policies/privacy/partners/
and opt out of
them by downloading the Google Analytics opt-out browser add-on, available at
https://tools.google.com/dlpage/gaoptout
.
Provided by you when you communicate with us
When you contact us for more information about QuillBot or
for customer support, we collect your name, email, and the contents of your message to us.
If you subscribe to our newsletter, we will collect your
email. When we send you emails, we may track whether you open them to learn how to deliver a better customer
experience and improve our Services.
We collect your email and any other personal data you may
provide to us when you choose to respond to surveys or questionnaires we send for research purposes or as part
of our Services; or when you choose to provide feedback.
If you choose to connect to QuillBot using your Google account, you may also use the Upload from Drive feature on
QuillBot Flow to connect your Google Drive account to QuillBot. You may then select which of your Google Drive files you wish to import, and use our
Services to edit your document(s). You may only use the Upload from Drive feature after you grant QuillBot
permission to "see and download" all of the files in your Google Drive account. QuillBot will
collect and store the information contained in any Google Drive document you import as described in this policy.
Quillbot's use and transfer to any other app of information received from Google APIs will adhere to the
Google API Services User Data Policy
, including the Limited Use requirements.
Collected when you sign up for a Team Plan
When you sign up for QuillBot's premium Services
under a Team Plan, we collect personal data from Team Plan Owners, Administrators, and Writers (as defined in
our Terms of Service) necessary to administer and operate the Services.
If you are a Team Plan Owner, we collect your first and
last name and email address. You also have the option to provide us with your phone number, company name,
Business Tax Identifier, and address. As Team Plan Owner, you may invite other individuals to join the
Team Plan as either an Administrator or Writer. In such a case, we use your name on the email invitation to
Writers and Administrators added by you. Payment information, such as card number, is collected and
processed directly by our third-party payment processors. Our payment processors do not share your full payment
card information with us.
If you are a Writer or Administrator, we collect your
email address from the Team Plan Owner to send you an invitation to join the Team Plan. To join a Team
Plan, you will need to register an account with QuillBot. When you register an account, we will collect
additional personal data as described in the "Collected When you sign up with QuillBot" section of
this policy.
Our Uses
We use the personal data we collect about you for the
purposes stated in the
How We Use Your Personal Data
section in Part One of this policy.
For UK and EEA residents, please see
Additional Terms For European Economic Area And UK Residents
in Part One of this policy for our lawful basis for processing your personal data
for the purposes we describe.
How We Share Your Personal Data
In addition to the How We Share Your Personal Data section
in Part One, when you use QuillBot below are the categories of third parties with whom we share your personal
data that we collect and have collected over the past 12 months:
Category of Personal Data
|
Personal Data We Collect
|
Categories of Third Parties With Whom We May Share this Personal Data:
|
Profile or Contact Data
|
-
First and last name
-
Email
|
-
Service Providers
-
Analytics Partners
-
Payment Processors
|
Payment Data
|
-
Billing address
-
Payment card type
-
Last 4 digits of payment card
-
Expiration date
|
-
Service Providers
-
Payment Processors
|
Commercial Data
|
|
-
Service Providers
-
Analytics Partners
|
Online Identifiers
|
-
Unique identifiers such as account name and passwords
|
|
Device/IP Data
|
-
IP address
-
Device ID
-
Type of device/operating system/browser used to access the Services
|
-
Service Providers
-
Analytics Partners
|
Web Analytics
|
-
Browsing or search history
-
Web page interactions
-
Referring webpage/source through which you accessed the Services
-
Statistics associated with the interaction between device or browser and the Services
|
-
Service Providers
-
Analytics Partners
|
Third-Party Login Service Data
|
-
Email
-
Username on the social network
|
-
Service Providers
-
Analytics Partners
|
Geolocation Data
|
-
IP-address-based location information
|
-
Service Providers
-
Analytics Partners
|
Other Identifying Information that You Voluntarily Choose to Provide
|
-
Identifying information in emails or letters you send us
|
|
Data Retention
Except as otherwise permitted or required by applicable
law or regulation, we retain personal information about you for as long as you have an open account with us, as
long as necessary to fulfill the purposes we collected it for. In some cases, we retain personal
information for longer and for other legitimate purposes, including if doing so is necessary to comply with our
legal obligations, enforcing and preventing violations of our Terms, to fight spam, protecting or defending our
rights, property and users, to resolve disputes or collect fees owed, or is otherwise permitted or required by
applicable law, rule or regulation. We may further retain information in an anonymous or aggregated form, where
that information would not identify you personally. Applicable storage periods are determined on a case-by-case
basis. To determine the appropriate retention period for personal information, we consider applicable
legal requirements, the amount, nature, and sensitivity of the personal information, the potential risk of harm
from unauthorized use or disclosure of your personal information, the purposes we process your personal
information for, and whether we can achieve those purposes through other means. We will maintain certain types
of personal information for a limited duration. For example, we keep account information like your account
email address for as long as your account is in existence, because we need it to operate your account.
Deleting Your QuillBot Account
If you would like to delete the personal data QuillBot
holds about you, you can request this via the
Contact Us
page or by emailing
[email protected].
If the GDPR, US State privacy laws, or other privacy law
grants you the right to have your personal data deleted entirely from QuillBot and you want to exercise that
right, please read
Part One
for how to submit your request.
Cookie Policy
To view our Cookie Policy,
click here
.
Scribbr
Table of Contents
Personal Data Collected
When you sign up with Scribbr
When you sign up to use our Services, we collect:
-
Your name, email and telephone number
-
The user type: student, teacher or other user
-
Level of education
-
In which country you study
-
At which school you study
-
The field and year of study
-
The expected graduation date
You will have the option to provide us with a billing
name, email, and address, if different from the name and email used to create an account with us.
Collected through your use of Scribbr
When you use our Services, we collect:
-
IP address to, among other things, identify the applicable tax for services rendered
-
Browsing history
-
Usage information, and movements on our websites
or websites of third parties gathered through tracking cookies. For detailed information about our use
of cookies, please see Part One and our
Cookie Policy
.
We collect any identifying information in the content of
the document(s) you share with us. Specifically for proofreading services, when you use our Services, we use any
identifying information we collect to help provide Services to you.
Payment information, such as card number, is collected and
processed directly by our third-party payment processors. Our payment processors are Adyen, PayPal, Apple Pay, and Google Pay. For information on our payment processor's collection, use and storage of your
personal data, please see the payment processor's privacy policy. Our payment processors do not share your
full payment card information with us.
When you use Scribbr browser extensions, we collect
certain information about the content of websites visited, such as the title, author(s) name, contributor(s)
name, publication dates, and the name of the website. This information is used by us in real time to generate a
citation. Depending on the website you visit when using our extension, this may include your personal
information as author, including your full name. We also collect certain device and browser information as well
as information about your usage, such as button clicks or mouse position, which we retain to help us improve the
Service. You can choose to disable the Scribbr extension at any time on the top right corner of your
browser.
The Services may contain links or connections to third party websites or services that are not owned or controlled by us
(“Third Party Services”). We have no control over and assume no responsibility for the content, accuracy, terms and
conditions, privacy policies, or practices of or opinions expressed by any Third Party Service that you interact with
through the Services. When you access or use a Third Party Service via Scribbr, you may be subject to the privacy policy
of such Third Party Service. The Third Party Services include:
Collected about you from third party sources
If you choose to sign up with Scribbr using a third-party
log-in service, you will provide us or allow the log-in service to provide us with your personal data as
specified by that third-party log-in service. For example, if you choose to sign up using Facebook, you will
provide us or allow Facebook to provide us with your personal data, such as your name, email, and ID assigned to
your account, if available. If you use Google, you will provide us or allow Google to provide us with your name,
email, ID assigned to your account, and profile picture, if available.
For more information about the personal data shared with
us, please see the third-party log-in services (Facebook and Google's) privacy policies.
Provided by you when you communicate with us
When you contact customer support, we collect:
We collect your email and any other personal data you may
provide to us when you respond to surveys or questionnaires we send for research purposes or as part of our
Services, or when you provide feedback.
Our Uses
We use the personal data we collect about you for the
purposes stated in the
How We Use Your Personal Data
section in Part One of this policy.
For UK and EEA residents, please see
Additional Terms For European Economic Area And UK Residents
in Part One of this policy for our lawful basis for processing your personal data
for the purposes we describe.
How We Share Your Personal Data
In addition to the How We Share Your Personal Data section
in Part One, when you use Scribbr below are the categories of third parties with whom we share your personal
data that we collect and have collected over the past 12 months:
Category of PersonalData
|
Examples of Personal Data We Collect
|
Categories of Third Parties With Whom We May Share this Personal Data:
|
Profile or Contact Data
|
-
First and last name
-
Email
-
Phone number
-
User type: student, teacher or other user
-
Billing name, email, and address
-
Level of education
-
In which country you study
-
At which school you study
-
The field and year of study
-
The expected graduation date
|
|
Payment Data
|
-
Card holder name
-
Payment card type
-
First 6 and last 4 digits of payment card
|
|
Commercial Data
|
-
Purchase history
-
Consumer profiles
|
-
Service Providers
-
Analytics Partners
|
Online Identifiers
|
-
Unique identifiers such as account name and passwords
|
-
Parties Users Authorize, Access or Authenticate
|
Device/IP Data
|
-
IP address
-
Device ID
-
Domain server
-
Type of device/operating system/browser used to access the Services
|
-
Service Providers
-
Advertising Partners
-
Analytics Partners
|
Web Analytics
|
-
Browsing or search history
-
Web page interactions
-
Referring webpage/source through which you accessed the Services
-
Non-identifiable request IDs
-
Statistics associated with the interaction between device or browser and the Services
|
|
Third-Party Login Data
|
-
Email
-
Name and profile picture
|
|
Consumer Demographic Data
|
-
Postal code
-
Education level
|
|
Geolocation Data
|
-
IP-address-based location information
|
-
Advertising Partners
-
Analytics Partners
|
Other Identifying Information that You Voluntarily Choose to Provide
|
-
Identifying information in emails or letters you send us
-
Identifying information in the content of the document(s) you share with us
-
Specifically for proofreading services: any identifying information you share with us to help provide services to you
|
|
Provided below are the locations of third party recipients with whom we share your personal data with:
Activity
|
Recipients
|
Location
|
Visiting our website
|
Data processors engaged by us, such as advertising companies and hosting providers.
|
USA, The Netherlands, Germany, Ireland, Belgium
|
Using our Services
|
Data processors engaged by us, such as hosting providers and providers of plagiarism software.
|
USA, The Netherlands, Ireland
|
Customer service or otherwise corresponding with you
|
Data processors engaged by us, such as hosting providers and providers of CRM software.
|
USA, The Netherlands, Ireland, Germany
|
Other general purposes
|
Subcontractors or service providers such as auditing companies, consulting and law firms, and insurance companies;
Data processors engaged by us, such as hosting providers;
Relevant authorities
|
USA, The Netherlands, Ireland, Germany
|
Additional Scribbr Data Security
In addition to the security measures identified in the
Data Security
section of this policy, we take the following security measures to protect your
personal data:
-
all documents are uploaded to Scribbr via a secure connection;
-
logical and physical security (e.g. safe, doorman, firewall, network segmentation);
-
technical control of the authorizations (as limited as possible) and keeping log files;
-
management of the technical vulnerabilities (patch management);
-
keeping software up-to-date (e.g. browsers, virus scanners and operating systems);
-
making back-ups to safeguard availability and accessibility of the personal data;
-
automatic erasure of outdated personal data;
Examples of organizational security measures taken by us are:
-
special guidelines to which all employees and experts must abide, including confidentiality;
-
uploaded documents are never shared with third parties, nor are they published;
-
experts are obliged to delete your documents after having edited it;
-
assign responsibilities for information security;
-
promote privacy and security awareness among new and existing employees;
-
establish procedures to test, assess and evaluate security measures periodically;
-
check log files regularly;
-
using a protocol for handling data breaches and other security incidents;
-
conclude confidentiality, data processing and data protection agreements;
-
assess whether the same objectives can be achieved with less personal data;
-
provide access to personal data to as few people within the organization as possible; and
-
define the decision-making and underlying considerations per processing.
We have internal security policies in place in which it is
further described how we ensure an appropriate level of technical and organizational security measures. We also
have a data breach policy in place in which it is described how we deal with a (possible) data breach.
Supplementing Part One of this policy, we do not store
your personal data any longer than is strictly necessary for the purposes for which we process your personal
data. We have put in place the following Retention Policy to ensure that your personal data are deleted after a
reasonable period:
Activity
|
Retention period
|
Visiting our website
|
Please see our
Cookie Policy
|
Using our Services
|
-
Your account: 3 years after your last activity on your account
-
Edited documents: 12 months after editing
-
Plagiarism checked and Grammar checked documents:
-
Document as a whole: 1 month after the check
-
Results of the check: 12 months after the check
-
Citation Checker and Self Plagiarism Checker:
-
Quick checks: 60 minutes after the check
-
Regular checks: 90 days after the check
|
Customer service or otherwise corresponding with you
|
-
If you have an account: up until the deletion of your account
-
If you do not have an account: 9 months after the last date of contact
|
Job openings
|
1 month or, upon your request, 3 months after you have applied
|
Other general purposes
|
Retention terms depend on the relevant purpose. In any case, no longer than necessary
|
You can always delete your documents and results before
the standardized retention terms manually via your account. Documents uploaded in the Citation Checker /
Self-Plagiarism Checker can be deleted by contacting us. Please find our contact details in the
contact information above
.
Deleting Your Scribbr Account
If you would like to delete your account from the Scribbr
platform, you can do this directly by going to "Account" in "Settings." If you choose to
delete your account: 1) your account information (first and last name, email address, phone number, user type,
and any other information you provided on your account) will be deleted from the Scribbr platform, 2) all your
uploaded documents and order details will be deleted automatically; this is irrevocable, and you can never use
or enter this account again; 3) the Scribbr team will no longer have access to your documents. This means we
cannot deal with possible complaints, as we cannot address complaints from deleted accounts.
If the GDPR, US State privacy laws, or other privacy law
grants you the right to have your personal data deleted entirely from Scribbr and you want to exercise that
right, please read Part One of this policy for how to submit your request.
Cookie Policy
To view our Cookie Policy,
click here
.