BRIGHTBYTES PUBLIC WEBSITE PRIVACY POLICY

At BrightBytes, Inc. (“BrightBytes,” “we,” or “us”), we understand that privacy is important to our online visitors to our website (“You” or “Visitors”). This Website Privacy Policy describes our collection and use of personal information collected from visitors to our website (our “Website”) located at https://brightbytes.net

A note about Student Data: BrightBytes provides applications and software (our “Applications”) on our Clarity Platform (collectively, our “Service”) to assist school districts, schools, and other educational partners (collectively referred to as “Schools”) access, use and analyze data with the goal of improving student learning outcomes. During the course of offering certain Applications to our School customers, we may have access to the personal information relating to students (“Student Data”). This Privacy Policy does not govern our access to Student Data. We consider Student Data to be highly confidential and special privacy policies apply to such data. Please see our Student Data Privacy Statement for information about how we collect and use Student Data gathered during the provision of our Service to Schools. 


Capitalized terms that are not defined in this Privacy Policy have the meaning given them in our Terms of Use

Click on the links below to jump to each section:
1.    How We Collect and Use Website Information
2.    How We Share Website Information
3.    How We Store and Protect Your Website Information
4.    Your Choices About Your Website Information
5.    Children’s Privacy on Our Website 
6.    Links to Other Websites and Services
7.    How to Contact Us About the Website
8.    Changes to the Privacy Policy

1. HOW WE COLLECT AND USE WEBSITE INFORMATION

We collect the following types of information:
Information you provide to us directly: We ask for certain types of personal information when you correspond with us, request a demo, request a speaker or otherwise engage with us on our Website, including your name, school name, school district, email address, and/or user name and password, and phone number. We may also collect personal information when you correspond with us via email. We use the personal information we collect to operate, maintain, and provide the features and functionality of the Website and to communicate with you.
Information collected through technology: Like most websites and online services, we automatically collect certain types of usage information when you visit our Website. This information is typically collected through cookies, log files, web beacons, and similar tracking technology (collectively, “cookies”). These cookies collect information about how you use the Website (e.g., the pages you view, the links you click, and other actions you take on the Website), information about your browser and online usage patterns (e.g., Internet Protocol (“IP”) address, browser type, browser language, referring / exit pages and URLs, pages viewed, whether you opened an email, links clicked), and information about the device(s) you use to access the Website (e.g., mobile device identifier, mobile carrier, device type, model and manufacturer, mobile device operating system brand and model, and, depending on your mobile device settings, your geographical location data at the city, state, or country level ). In addition, we may also use clear gifs in HTML-based emails to track which emails are opened and which links are clicked by recipients. The information allows for more accurate reporting and improvement of the Website. We may also collect analytics data, or use third-party analytics tools, to help us measure traffic and usage trends for the Website. Although we do our best to honor the privacy preferences of our visitors, we are not able to respond to Do Not Track signals from your browser at this time.  

We use or may use the data collected through cookies, log files, device identifiers, and clear gifs information to: (a) remember information so that you do not have to re-enter it on subsequent visits; (b) to provide and monitor the effectiveness of our Website; (c) monitor aggregate metrics such as total number of visitors, traffic, and usage on our website and our Website; (d) diagnose or fix technology problems; and (e) otherwise plan for and enhance our Website.  

Third Party Tracking and Online Advertising: We may permit third party online advertising networks to collect information from visitors to our Website https://brightbytes.net to provide customized content, advertising and commercial messaging to you from time to time on other websites or services. Typically, the information is collected through cookies or similar tracking technologies. You may be able to set your browser to reject cookies or other tracking technology by actively managing the settings on your browser or mobile device. (To learn more about cookies, clear gifs/web beacons and related technologies and how you may opt-out of some of this tracking, you may wish to visit http://www.aboutads.info/choices/ or the Network Advertising Initiative’s online resources, at http://www.networkadvertising.org.  Please note that although we may permit third party advertising partners to collect information on our Website for the purpose of sending targeted advertisements, our Website is not directed to Students. We do not use Student Data for marketing or targeted advertising purposes.  

2. HOW WE SHARE YOUR WEBSITE INFORMATION
BrightBytes only shares the personally identifiable information collected on our Website in a few limited circumstances, described below. We do not rent or sell personal information for any purpose, without exception. Who we may share information with: 
•    We may share information with our trusted vendors, third party service providers and other individuals who perform services on our behalf (e.g. accountants, mailing houses, hosting providers), but strictly for the purpose of carrying out their work for us. 
•    We may share with other companies and brands owned or controlled by BrightBytes and other companies owned by or under common ownership as BrightBytes, which also includes our subsidiaries (i.e., any organization we own or control) or our ultimate holding company (i.e., any organization that owns or controls us) and any subsidiaries it owns.  These companies may use your personal information in the same way as we can under this Policy;
•    We may share aggregate or anonymous data (including personal data that has been stripped of personally identifying characteristics) with third parties, but will do so only in such a way that no individual may reasonably be identified.
•    We may be required to share information with law enforcement or other third parties when compelled to do so by court order or other legal process, to comply with statutes or regulations, to enforce our Terms of Use, or if we believe in good faith that the disclosure is necessary to protect the rights, property or personal safety of our visitors. 
•    In the event of a change of control: If we sell, divest or transfer the business or a portion of our business, we may transfer information, provided that the new provider has agreed to data privacy standards no less stringent than our own. We may also transfer personal information – under the same conditions – in the course of mergers, acquisitions, bankruptcies, dissolutions, reorganizations, liquidations, similar transactions or proceedings involving all or a portion of our business. 
Please see the Student Data Privacy Statement [anchor to this section below] to learn how Student Data may be shared. 

3. HOW WE STORE AND PROTECT YOUR WEBSITE INFORMATION
Storage and processing: Your information collected through the Website may be stored and processed in the United States or any other country in which BrightBytes or its subsidiaries, affiliates or service providers maintain facilities. If you use our Website, you consent to have your data transferred to the United States or anywhere else BrightBytes maintains facilities.
Keeping information safe: BrightBytes maintains strict administrative, technical and physical procedures to protect information stored in our servers, which are located in the United States. Access to information is limited (through user/password credentials and two factor authentication) to those employees who require it to perform their job functions. We use industry-standard Secure Socket Layer (SSL) encryption technology to safeguard the account registration process and sign-up information. Other security safeguards include but are not limited to data encryption, firewalls, and physical access controls to building.

4. YOUR CHOICES ABOUT YOUR WEBSITE INFORMATION
You can opt-out of receiving promotional email from us by clicking on the “unsubscribe” feature at the bottom of each email.  If you have any questions about reviewing, modifying or deleting your personal information, contact us directly at info@BrightBytes.net.
You may be able to disallow cookies to be set on your browser. Please look for instructions on how to delete or disable cookies and other tracking/recording tools on your browser’s technical settings. You may not be able to delete or disable cookies on certain mobile devices and/or certain browsers. For more information on cookies, visit www.allaboutcookies.org. Remember, disabling cookies may disable many of the features available on the Website, so we recommend you leave cookies enabled.

5. CHILDREN’S PRIVACY ON OUR WEBSITE
Our Website is not directed to children under 13 and we do not knowingly collect personally identifiable information directly from children under 13.  Please contact us at info@BrightBytes.net  if you believe we have inadvertently collected personal information from a child under 13 so that we may delete such data as soon as possible.

6.  LINKS TO OTHER WEBSITES AND SERVICES
From time to time, we may provide links to third parties from our Website. We are not responsible for the practices employed by websites, applications or services linked to or from our Website. We recommend that you review the privacy policies of third party sites or services before providing any information to them. 

7. HOW TO CONTACT US ABOUT THE WEBSITE
If you have any questions about this Privacy Policy or the Website, please contact us at info@BrightBytes.net.

8. CHANGES TO THE PRIVACY POLICY
BrightBytes may modify or update this Privacy Policy from time to time so you should review this page periodically. When the Privacy Policy changes, we will note the effective date below. When we change the policy in a material manner we will provide notice on the website. Your continued access to and use of the BrightBytes Website will constitute your acceptance of any changes or revisions to this Privacy Policy.

 

BRIGHTBYTES STUDENT DATA PRIVACY STATEMENT
BrightBytes provides applications, software, infrastructure and online tools (collectively, our “Service”) designed to assist school districts, schools, and other educational partners (collectively referred to as “Schools”) access, use and analyze data with the goal of improving student learning outcomes. 

During the course of offering certain applications to our School customers, we may have access to Student Data. “Student Data” is any information that is directly related to an identifiable current or former student that is maintained by a school, school district, or related entity or organization, or by us. Student Data may include “educational records” as defined in the Family Educational Rights and Privacy Act (“FERPA”). We consider Student Data to be highly confidential.  

Our collection and use of Student Data provided by the Schools through our Service is governed by our contracts with the Schools and by federal and state law. This BrightBytes Student Data Privacy Statement explains how we collect, use, and share Student Data we may collect through our Service. If you have questions about specific practices relating to Student Data provided to BrightBytes by a School, please direct your questions to your School.  

What Student Data Do We Collect? 
BrightBytes has access to Student Data only as requested by the School and only for the purposes of performing Services on the School’s behalf.  The type of Student Data we collect will depend on how the School uses the Service and the particular Applications we provide to the School, but could include information relating to the individual student and the student’s educational record, such as a name, student ID numbers, grades, and/or coursework. In many instances, we receive only de-identified or aggregate information about students from a School, such that we would not be able to identify an individual student. Please talk to your school if you have questions about the type of personal information the school provides to services like BrightBytes. 

How do we use Student Data? 
All Student Data that we have access to, if any, is owned and controlled by the Schools. We use such data to provide the Service to the School and for other limited purposes permitted by our agreements with the Schools, such as to evaluate, improve, and develop our products, applications and services. We will never use Student Data for marketing purposes or to engage in targeted advertising. 
Do we share Student Data with third parties? 
BrightBytes only shares Student Data in a few limited circumstances, as described below.  We do not rent or sell Student Data for marketing purposes. 

We may share Student Data in the following ways: 
•    As needed to perform the Service and/or at the direction of a School and as authorized by our contract with the School. For example, information including Student Data, will be shared between and among authorized School users and School administrators. This sharing will depend on the settings and functionality selected by the School. 
•    With our trusted vendors, third party service providers and other individuals who perform services on our behalf, but only if such providers have a need to access such information for the purpose of carrying out their work for us and do so under strict confidentiality and data security terms. 
•    We may share aggregate or anonymized data (including personal data that has been stripped of personally identifying characteristics) with third parties, but will do so only in such a way that no individual may reasonably be identified.
•    We may be required to share information with law enforcement or other third parties when compelled to do so by court order or other legal process, to comply with statutes or regulations, to enforce our Terms of Use, or if we believe in good faith that the disclosure is necessary to protect the rights, property or personal safety of our visitors. 
•    In the event of a change of control: If we sell, divest or transfer the business or a portion of our business, we may transfer information, provided that the new provider has agreed to data privacy standards no less stringent than our own. We may also transfer personal information – under the same conditions – in the course of mergers, acquisitions, bankruptcies, dissolutions, reorganizations, liquidations, similar transactions or proceedings involving all or a portion of our business. In either case, we will use our best efforts to provide you with notice and an opportunity to opt-out of the transfer of Student Data by deleting your Student Data information and terminating your account.

How we use anonymized data. 
We may use data which has de-identified or provided in aggregate for product development, research analytics and other purposes, such as analyzing, improving or marketing the Applications and our Service. If BrightBytes publicly discloses or shares with third parties (e.g., in marketing materials, published research, analytics, or in application development) information that is derived from Student Data, such data will be aggregated or anonymized to reasonably avoid identification of a specific school or individual. By way of example, BrightBytes may use de-identified or anonymizes data derived from Student Data in a form which may not reasonably identify either a particular individual, educational entity or school, to develop further analytic frameworks and application tools. 
 

Questions about access or deletion of data
Student Data is provided and controlled by the Schools. If you have any questions about reviewing, modifying, or deleting personal information of a student, please contact your school directly.
 

Children’s Data
BrightBytes does not direct its Services or Applications to children under 13, nor does it collect personal information from children under 13.  Because BrightBytes receives Student Data only from the Schools, Districts, and Departments of Education, and BrightBytes provides the Applications and related services only to a School, District, and Department of Education, BrightBytes relies on each school to obtain and provide appropriate consent and disclosures, if necessary, to collect any student information directly from students, as permitted by the Children’s Online Privacy Protection Act (COPPA).  

Changes to this Policy
BrightBytes may modify or update this Privacy Policy from time to time so you should review this page periodically.  If we change the policy in a material manner, for example if we seek to use personal information in a materially different way than we had previously, we will use our best efforts to provide additional notice before the changes take effect. Our use of Student Data is governed by our Agreements with Schools and we will not make any changes to our privacy practices involving Student Data which would be inconsistent with those contractual requirements without the consent of the School.

This privacy policy was last modified on February 1, 2017.