Privacy Policy
Phenomena Learning, Inc. Platform Privacy Policy Statement
Last Updated: MAY 25, 2022
Phenomena Learning, Inc. (“PHENOMENA LEARNING, INC.”) takes the protection of our customers’ data and information, particularly student data, very seriously. The purpose of this Privacy Statement is to inform our customers about our current data security policies and practices, which are intended to safeguard this sensitive information.
PHENOMENA LEARNING, INC. handles customer data in a manner consistent with applicable laws and regulations, including, without limitation, the Federal Family Educational Rights and Privacy Act (FERPA), the Children’s Online Privacy Protection Act (COPPA), and other state student data privacy protection laws.
If Phenomena Learning, Inc. desires to collect personal information from a child, the Children's Online Privacy Protection Act (COPPA) requires that we first obtain parental or guardian approval by email. We'll clarify what information we're collecting, how we plan to use it, how parents can consent, and how parents can revoke consent in the email. We shall erase the parent contact information and any other information collected from the child in connection with that activity if we do not get parental consent within a reasonable time.
Phenomena Learning, Inc. will seek a higher level of consent than email consent if it gathers personal information from a child that will be made public. Such "high-level" consent methods include, but are not limited to, requiring a signed consent form by mail, email attachment, or fax, as well as requesting a credit card or other payment method for verification (for a nominal fee), speaking with a trained customer service representative by phone or video chat, or speaking with a trained customer service representative by phone or video chat. After obtaining high-level consent, a parent may be given the option of using a pin or password to prove their identity in future interactions.
STUDENT AND USERS UNDER 18
This Subsection applies to Teachers and Administrators. You are solely responsible for ensuring that you and your School are compliant with all laws and regulations related to disclosing to Phenomena Learning, Inc. the personal information of the Students you invite to create Accounts. You, or your School, must provide the necessary notice and obtain the appropriate consents from the parents of the Student as required to make such disclosure to Phenomena Learning, Inc. and grant the following license. You, on behalf of your School, grant to Phenomena Learning, Inc. a nonexclusive license to view, download, reproduce, modify, create derivative works of, distribute, and display information you submit about Students solely for the purposes of (a) providing the Service and (b) creating, using, and disclosing de-identified and/or aggregated information about Students. In the event that you, as a Teacher, are no longer (a) employed by your School or (b) otherwise authorized to view or use student records, you (i) must notify Phenomena Learning, Inc. immediately of such change and (ii) are not permitted to continue to view or use your Account.
This policy covers the collection, use, and storage of data that is obtained through the use of the products and related services accessible through the use of PHENOMENA LEARNING, INC.’s proprietary Phenomena Learning, Inc.
Student Data Obtained and Collected. PHENOMENA LEARNING, INC. receives certain information, which we receive pursuant to the school official exception under FERPA, from its school district customers to enable students to use the Phenomena Learning, Inc. platform.
Third parties that we use to assist with the Platforms are required to follow this Privacy Policy.
The following information is generally provided to PHENOMENA LEARNING, INC. for each student user of Phenomena Learning, Inc.:
• Student first and last name;
• Teacher name;
However, where districts would like reporting capabilities based on these categories, they may choose to provide this information to PHENOMENA LEARNING, INC.
Data We Do Collect.
Student Email Address
Age
Grade Level
Subjects Being Taken At School
Data We Do Not Collect. PHENOMENA LEARNING, INC. never obtains or collects the following categories of information through the use of Phenomena Learning, Inc.:
• User biometric or health data;
• User geolocation data;
• Student social media profile information;
• Student mailing addresses or phone numbers, or other such “directory” information.
Usage Data
How We Use Student Data.
For Services. PHENOMENA LEARNING, INC. only uses student-identifiable data provided by schools and/or school districts to make Phenomena Learning, Inc. available to students enrolled in our enrichment programs. Parents who enroll directly in any program offered by PHENOMENA LEARNING, INC. will also provide information needed to identify students.
PHENOMENA LEARNING, INC. uses student data collected from the use of Phenomena Learning, Inc. for the purpose of making Phenomena Learning, Inc. available to its customers and for improving its content and effectiveness.
• For Reporting. PHENOMENA LEARNING, INC. provides reporting capabilities to its educator customers, and these reports are generated based on Phenomena Learning, Inc. usage information.
• For Account Support. Customers’ usage data may also be used on an aggregated basis to allow PHENOMENA LEARNING, INC.’ account management, customer service and tech support teams to provide services that meet the specific needs of our educator customers or individual customers enrolled in PHENOMENA LEARNING, INC. programs
• Treatment as PII. PHENOMENA LEARNING, INC. treats all student-identifiable data, and any combination of that data, as personally-identifiable information, and that data is stored securely as described more fully below.
• No Solicitation of Students. PHENOMENA LEARNING, INC. does not solicit personally identifiable information directly from students—all student information is provided by school district customers or created through the use of the Phenomena Learning, Inc. platform.
Parental consent is required in compliance with COPPA. This is done through the school district when they enroll in our programs through them or enroll directly with us. Please note that if a teacher or school staff member provides access to the student, the teacher will step into the shoes of the parent/guardian for purposes of consent.
Children can generate or alter content and save it with Phenomena Learning, Inc. through certain actions on our sites and applications. Some of these activities do not require children to contribute any personal information, thus they may not require parental approval or notification. If a child's created content may contain personal information, we will either pre-screen the submission to remove any personal information, or we will obtain verifiable parental approval for the collection by email. Stories or other open-text sections, as well as paintings that allow text or free-hand insertion of information, are examples of generated material that may include personal information. If Phenomena Learning, Inc. proposes to post content containing personal information publicly or share it with a third party for the third party's own purpose in addition to collecting the content, we will require a higher level of parental consent.
• No Ownership. PHENOMENA LEARNING, INC. does not obtain any ownership interest in student-identifiable data
• PHENOMENA LEARNING, INC. does not sell student identifiable data or aggregated de-identified student data to third parties.
No Targeted Advertisements or Marketing.
• PHENOMENA LEARNING, INC. does not use student data for targeted advertising or marketing.
• No student data collected in connection with Phenomena Learning, Inc. usage is shared with third parties for any advertising, marketing, or tracking purposes.
• To further demonstrate its commitment to protecting the privacy of student information, PHENOMENA LEARNING, INC. has taken the Student Privacy Pledge. We commit:
Not to sell student information.
Not to engage in behaviorally targeted advertising,
To use collected data for authorized purposes only.
PHENOMENA LEARNING, INC. only uses collected student data for the purposes described in the “How We Use Student Data” paragraph.
We reserve the right to share or disclose information, including information collected from a student:
As permitted or required by applicable law, such as to maintain the safety and integrity of the website; to enforce terms of use; to protect the child or our or others' rights, property or safety; to take precautions against other liability; or when we believe release is required to comply with federal, state or local law (such as cooperating with a judicial process or law enforcement investigation).
In connection with a corporate change or dissolution, including for example a merger, acquisition, reorganization, consolidation, bankruptcy, liquidation, sale of assets, wind-down of business or related due diligence. To the extent required by law, we will get parental consent before sharing student’s information under such circumstances, and will obtain the agreement of any applicable third party to maintain the confidentiality, security and integrity of said information.
How We Use Educator Data.
PHENOMENA LEARNING, INC. also collects the following information about educators that use the Phenomena Learning, Inc. platform: name, school or district affiliation, and email address. PHENOMENA LEARNING, INC. uses this information for account registration or to provide free educational resources. PHENOMENA LEARNING, INC. also provides information to educators on programming that may be beneficial to their schools.
• We do not store any student data outside of the US. Network-Level Security Measures
• PHENOMENA LEARNING, INC.’s Phenomena Learning, Inc. servers are hosted in a cloud environment
• Our hosting provider implements network-level security measures in accordance with industry standards.
• Phenomena Learning, Inc. manages its own controls of the network environment. Server-Level Security Measures. Servers are Tier 1 or higher.
• Access to production servers is limited to a small, identified group of operations engineers who are trained specifically for those responsibilities
• The servers are configured to conduct daily updates for any security patches that are released and applicable
• The servers have anti-virus protection, intrusion detection, configuration control, monitoring/alerting, and automated backups.
Upon the written request of a customer, PHENOMENA LEARNING, INC. will remove all personally identifiable student and educator data from its production systems when PHENOMENA LEARNING, INC. will no longer be providing access to Phenomena Learning, Inc. to that customer.
In addition, PHENOMENA LEARNING, INC. reserves the right, in its sole discretion, to remove a particular customer’s student data from its production servers a reasonable period of time after its relationship with the customer has ended, as demonstrated by the end of contract term or a significant period of inactivity in all customer accounts.
• Parents of students who use Phenomena Learning, Inc. may request correction or removal of their child’s personally identifiable data from Phenomena Learning, Inc. by contacting their school administrator. If a parent signed into any PHENOMENA LEARNING, INC. program directly, PHENOMENA LEARNING, INC. can be contacted directly.
If enrolled through the school district. The school administrator can then verify the identity of the requesting party and notify PHENOMENA LEARNING, INC. of the request. PHENOMENA LEARNING, INC. will promptly comply with valid requests for correction or removal of student data; however, removal of student personally identifiable data will limit that student’s ability to use Phenomena Learning, Inc.
Breach Notification. PHENOMENA LEARNING, INC. follows documented “Security Incident Management Procedures” when investigating any potential security incident. In the event of a data security breach, PHENOMENA LEARNING, INC. will notify impacted customers as promptly as possible that a breach has occurred and will inform them (to the extent known) what data has been compromised.
REQUIRED CALIFORNIA PRIVACY NOTICE FOR ALL USERS
This California Privacy Notice does not apply to Personal Information we collect from job applicants or independent contractors, or from our current or former full-time or part-time and temporary employees and staff, officers, directors or owners.
This California Privacy Notice also does not apply to any Personal Information collected by us in connection with our educational software products. Requests for access to Personal Information collected through our educational software products should be directed to your school district.
California Consumer Privacy Act
As required by the California Consumer Privacy Act of 2018 (“CCPA”), we are providing the following details, in addition to those set out in the rest of our Privacy Policy, regarding the categories of Personal Information (as defined under the CCPA, and including applicable Personal Information collected online or offline, “CCPA Personal Information”) about California residents that we have collected or disclosed within the preceding 12 months.
WHILE WE HAVE NOT BEEN IN BUSINESS FOR MORE THAN 12 MONTHS, THIS IS WHAT WE WOULD COLLECT AFTER THE 12 MONTH PERIOD.
What We Have Done in the Preceding 12 Months
(1) We collected the following categories of CCPA Personal Information:
Identifiers, such as name, contact information, online identifiers;
Personal information, as defined in the California customer records law, such as name, contact information, signature, payment card number or other payment information, employment information;
Characteristics of protected classifications under California or federal law, such as sex and marital status;
Commercial information, such as transaction information and purchase history;
Internet or network activity information, such as browsing history and interactions with our website;
Geolocation data, such as device location and IP location;
Audio, electronic, visual and similar information, such as call and video recordings;
Professional or employment-related information, such as work history and prior employer; and
Inferences drawn from any of the CCPA Personal Information listed above to create a profile/summary about, for example, an individual’s preferences and characteristics.
As described above in our general Privacy Policy, we collected this CCPA Personal Information from you and/or from other categories of sources such as data brokers.
Also as described above, we may use this CCPA Personal Information to operate, manage, and maintain our business, to provide our products and services, and to accomplish our business purposes and objectives, including, for example, to: develop, improve, repair, and maintain our products and services; personalize, advertise, market, sell and distribute our products and services; communicate with customers; conduct research, analytics, and data analysis; maintain our facilities and infrastructure; undertake quality and safety assurance measures; conduct risk and security control and monitoring; detect and prevent fraud; perform identity verification; perform accounting, audit, and other internal functions, such as internal investigations; comply with law, legal process, and internal policies; maintain records; and exercise and defend legal claims.
(2) We disclosed the following CCPA Personal Information to third parties for our operational business purposes:
Identifiers, such as name, contact information, online identifiers;
Personal information, as defined in the California customer records law, such as name, contact information, signature, payment card number or other payment information, employment information;
Characteristics of protected classifications under California or federal law, such as sex and marital status;
Commercial information, such as transaction information and purchase history;
Internet or network activity information, such as browsing history and interactions with our website;
Audio, electronic, visual and similar information, such as call and video recordings;
Professional or employment-related information, such as work history and prior employer; and
Inferences drawn from any of the CCPA Personal Information listed above to create a profile/summary about, for example, an individual’s preferences and characteristics.
We shared CCPA Personal Information with our affiliates, service providers, third-party sponsors of and prize providers for sweepstakes, contests, and similar promotions, and our business partners, for our operational business purposes.
(3) We have “sold” the following categories of Personal Information:
Identifiers, such as name, contact information, online identifiers;
Internet or network activity information, such as browsing history and interactions with our website;
Geolocation data, such as device location and IP location; and
Inferences drawn from any of the CCPA Personal Information listed above to create a profile/summary about, for example, an individual’s preferences and characteristics.
For purposes of this California Privacy Notice, “sold” or “sale” means the disclosure of CCPA Personal Information for monetary or other valuable consideration but does not include, for example, the transfer of CCPA Personal Information as an asset that is part of a merger, bankruptcy, or other disposition of all or any portion of our business.
What You Can Do
If you are a California resident, you have the right to request that we:
(1) Disclose to you the following information covering the 12 months preceding your request:
The categories of CCPA Personal Information we collected about you and the categories of sources from which we collected such CCPA Personal Information;
The specific pieces of CCPA Personal Information we collected about you;
The business or commercial purpose for collecting or selling (if applicable) CCPA Personal Information about you;
The categories of CCPA Personal Information about you that we sold and the categories of third parties to whom we sold such CCPA Personal Information (if applicable); and
The categories of CCPA Personal Information about you that we otherwise shared or disclosed, and the categories of third parties with whom we shared or to whom we disclosed such CCPA Personal Information (if applicable).
To make a request for any of these disclosures, please fill out the CCPA Request to Know Form XXXXX. You can also contact us at people@PhenomenaLearning.com
(2) Delete CCPA Personal Information we collected from you.
To make a request for data deletion, please fill out the CCPA Request to Delete Form XXXXX. You can also contact us at people@PhenomenaLearning.com
(3) Opt you out of any future “sale” of CCPA Personal Information about you by filling out the CCPA Request to Opt Out Form XXXX You may also contact us at people@PhenomenaLearning.com.
We will respond to your requests consistent with applicable law. We may need to verify your identity.
You have the right to be free from unlawful discrimination for exercising your rights under the CCPA.
Children’s CCPA Personal Information
Under the CCPA, sale of CCPA Personal Information of children ages 13 through 16 requires opt-in consent from the child. CCPA Personal Information under the age of 13 cannot be sold without parent or guardian permission. We do not knowingly sell children’s CCPA Personal Information.
Your California “Shine the Light” Rights
California residents have the right to opt out of disclosures of Personal Information (collected online or offline) to third parties for their direct marketing purposes. You can exercise that right by emailing us at people@PhenomenaLearning.com or by completing this Third-Party Opt-Out XXXX. We will comply with these requests consistent with applicable law. You may also opt out of receiving marketing emails from us by clicking on the opt-out link in those emails.
California Minors
If you are a resident of California, under 18, and a registered user of the Services, you may ask us to remove content or information that you have posted to the Services by writing to people@phenomenalearning.com. Please include a description of the content you would like removed, and if possible, the URL for the site and the name of the feature where the content was posted. Please note that your request does not ensure complete or comprehensive removal of the content or information, as, for example, some of your content may have been reposted by another user.
Changes to this California Privacy Notice
We may change or update this California Privacy Notice from time to time. When we do, we will post the revised California Privacy Notice in this section or as otherwise required by law, with a new “Last Updated” date.
Social Media Login Data
We may provide you with the option to register with us using your existing social media account details, like your Facebook, Twitter, or other social media account.
ALL USERS OVER 18
Application Data.
This applies only to over 18 users. All users under 18 will still fall under the CCPA and guidelines applicable to Minors as detailed in this Policy.
If you use our application(s), we also may collect the following information if you choose to provide us with access or permission:
Geolocation Information. We may request access or permission to track location-based information from your mobile device, either continuously or while you are using our mobile application(s), to provide certain location-based services. If you wish to change our access or permissions, you may do so in your device's settings.
Mobile Device Access. We may request access or permission to certain features from your mobile device, including your mobile device's calendar, camera, microphone, contacts, reminders, sms messages, social media accounts, and other features. If you wish to change our access or permissions, you may do so in your device's settings.
Mobile Device Data. We automatically collect device information (such as your mobile device ID, model, and manufacturer), operating system, version information and system configuration information, device and application identification numbers, browser type and version, hardware model Internet service provider and/or mobile carrier, and Internet Protocol (IP) address (or proxy server). If you are using our application(s), we may also collect information about the phone network associated with your mobile device, your mobile device’s operating system or platform, the type of mobile device you use, your mobile device’s unique device ID, and information about the features of our application(s) you accessed.
Push Notifications. We may request to send you push notifications regarding your account or certain features of the application(s). If you wish to opt out from receiving these types of communications, you may turn them off in your device's settings.
This information is primarily needed to maintain the security and operation of our application(s), for troubleshooting, and for our internal analytics and reporting purposes.
All personal information that you provide to us must be true, complete, and accurate, and you must notify us of any changes to such personal information.
We automatically collect certain information when you visit, use, or navigate the Services. This information does not reveal your specific identity (like your name or contact information) but may include device and usage information, such as your IP address, browser and device characteristics, operating system, language preferences, referring URLs, device name, country, location, information about how and when you use our Services, and other technical information. This information is primarily needed to maintain the security and operation of our Services, and for our internal analytics and reporting purposes.
Like many businesses, we also collect information through cookies and similar technologies.
The information we collect includes:
Log and Usage Data. Log and usage data is service-related, diagnostic, usage, and performance information our servers automatically collect when you access or use our Services and which we record in log files. Depending on how you interact with us, this log data may include your IP address, device information, browser type, and settings and information about your activity in the Services (such as the date/time stamps associated with your usage, pages and files viewed, searches, and other actions you take such as which features you use), device event information (such as system activity, error reports (sometimes called "crash dumps"), and hardware settings).
Device Data. We collect device data such as information about your computer, phone, tablet, or other device you use to access the Services. Depending on the device used, this device data may include information such as your IP address (or proxy server), device and application identification numbers, location, browser type, hardware model, Internet service provider and/or mobile carrier, operating system, and system configuration information.
Location Data. We collect location data such as information about your device's location, which can be either precise or imprecise. How much information we collect depends on the type and settings of the device you use to access the Services. For example, we may use GPS and other technologies to collect geolocation data that tells us your current location (based on your IP address). You can opt out of allowing us to collect this information either by refusing access to the information or by disabling your Location setting on your device. However, if you choose to opt out, you may not be able to use certain aspects of the Services.
PROCESSING YOUR INFORMATION
We process your personal information for a variety of reasons, depending on how you interact with our Services, including:
To facilitate account creation and authentication and otherwise manage user accounts. We may process your information so you can create and log in to your account, as well as keep your account in working order.
To deliver and facilitate delivery of services to the user. We may process your information to provide you with the requested service.
To respond to user inquiries/offer support to users. We may process your information to respond to your inquiries and solve any potential issues you might have with the requested service.
To send administrative information to you. We may process your information to send you details about our products and services, changes to our terms and policies, and other similar information.
To enable user-to-user communications. We may process your information if you choose to use any of our offerings that allow for communication with another user.
To request feedback. We may process your information when necessary to request feedback and to contact you about your use of our Services.
To protect our Services. We may process your information as part of our efforts to keep our Services safe and secure, including fraud monitoring and prevention.
To evaluate and improve our Services, products, marketing, and your experience. We may process your information when we believe it is necessary to identify usage trends, determine the effectiveness of our promotional campaigns, and to evaluate and improve our Services, products, marketing, and your experience.
To identify usage trends. We may process information about how you use our Services to better understand how they are being used so we can improve them.
To comply with our legal obligations. We may process your information to comply with our legal obligations, respond to legal requests, and exercise, establish, or defend our legal rights.
COOKIES AND OTHER TRACKING TECHNOLOGIES
We may use cookies and similar tracking technologies (like web beacons and pixels) to access or store information. Specific information about how we use such technologies and how you can refuse certain cookies is set out in our Cookie Notice.
SOCIAL LOGINS
Our Services offer you the ability to register and log in using your third-party social media account details (like your Facebook or Twitter logins). Where you choose to do this, we will receive certain profile information about you from your social media provider. The profile information we receive may vary depending on the social media provider concerned, but will often include your name, email address, friends list, and profile picture, as well as other information you choose to make public on such a social media platform.
We will use the information we receive only for the purposes that are described in this privacy notice or that are otherwise made clear to you on the relevant Services. Please note that we do not control, and are not responsible for, other uses of your personal information by your third-party social media provider. We recommend that you review their privacy notice to understand how they collect, use and share your personal information, and how you can set your privacy preferences on their sites and apps.
Contact
PHENOMENA LEARNING INC
305 24th Ave E
Seattle WA, 98112