Acadience Digital Products Privacy Statement

Purpose

Wilson Language Training Corporation (“WLT,” “we,” “us,” or “our”) understands that privacy is incredibly important. The purpose of this Acadience Digital Products Privacy Statement (the “Statement”) is to inform our customers, users, and parents of users of our Digital Products regarding our current practices for protecting the privacy of student data and educator data.

Scope

This Statement applies to our provision of Digital Products to educators and administrators (“Educators”), to schools or school districts who purchase our Digital Products on behalf of their Educators (“Schools”), and to the students whose information we may receive from Educators, who are typically students in K-12 or beyond (“Students”).

This Statement describes the privacy practices of WLT and our current practices for protecting the privacy of Student Data and Educator Data. It applies to the information we collect in connection with Acadience Learning Online (ALO) and/or Acadience Data Management Francais (ADMF) (collectively and individually, the “Digital Products”).

As used in this Statement,

“Customer” refers to either: (i) Schools, or; (ii) an individual Educator when they purchase Digital Products licenses directly from us for their own use (e.g., when an educator provides freelance tutoring).

“Educator Data” refers to information about an Educator that, either alone or in combination with other reasonably available information, can be used to identify the Educator.

“Student Data” refers to any personally identifiable information of a Student, as that term is defined under the Family Educational Rights and Privacy Act (FERPA).

“User” refers to users of our Digital Products.

This Statement constitutes the agreement between you and WLT regarding the Digital Products, and our collection and use of information you may provide while using them. By using or engaging with our Digital Products, you consent to our collection and use of information in accordance with this Statement. If you do not agree with the terms of this Statement, please refrain from using or engaging with any Digital Products.

This Statement does not apply to our corporate websites (e.g., www.acadiencelearning.org, www.wilsonlanguage.com), which are subject to the General Privacy Notice.

Use of our Digital Products by Students; COPPA Direct Notice.

As required under our Acadience Digital Products Terms of Service, available at https://www.acadiencelearning.org/digital-products-terms-of-service/, a Student may only use our Digital Products with the prior consent of a parent, guardian, or eligible student, or by the School acting on behalf of the Student. We receive Student Data pursuant to the “school official” exception under FERPA. The School has direct control over our use, disclosure, and maintenance of Student Data, and our use of this data is limited to a School-authorized educational purpose. When used in Schools, our Digital Products are only used in the context of School-directed learning; accordingly, Schools are not required to obtain parental consent under COPPA to provide us with Student Data described in this Statement, although many Schools choose to do so to comply with state or local requirements. We provide additional information for Schools, Educators, and parents related to COPPA in our Children’s Privacy Notice and COPPA Notice to Schools and Educators. When our Customer is an individual Educator, we require the Educator to obtain express consent from a parent or guardian of any minors, and direct consent from students above the age of majority, prior to providing us with any Student Data. Individual Educators must provide parents with a consent form that describes the data that WLT will collect, how that data is used, and a link to our Acadience Digital Products Privacy Statement. By using our Digital Products, the Educator represents that they have the right to provide us with any Student Data that they provide to us. For information about COPPA obligations and our data-collection and data-use practices, see the COPPA Direct Notice linked earlier in the first paragraph of this section.

Information We Collect

In connection with providing our Digital Products, we receive or collect certain Student Data and Educator Data as described below. For all of our Digital Products, Student Data is collected only as reasonably necessary to provide the services to our Customer.

We never collect the following information from or about Students: Precise geolocation data, biometric or health data, and we do not require any information about a person’s ethnic, racial, or national origin.

Student Data We Collect

In connection with our provision of our Digital Products, we may receive the following Student Data:

• student first and last name;
• date of birth;
• student identification number;
• student school or class enrollment;
• normative assessment results, and
• student grade level

A Customer may share the following information with us, but none of these fields are required for the use of the Digital Products. However, where school districts would like reporting capabilities based on these categories, they may choose to provide this information to us:

• teacher name;
• student email address; and/or
• Demographic information (e.g., gender, ethnicity or race; English language learner status, learning disability status)

Educator Data

We receive the following Educator Data in connection with an Educator’s use of and access to the Digital Products: first and last name, teacher identification number, school name, school district, school email address, and job title (optional). We collect this Educator Data to provide the Educator with the Digital Products and interact with Educators regarding our products and services.

Usage Data and Cookies

In connection with a User’s interactions with our Digital Products, WLT or our third-party service providers automatically collect certain data (“Usage Data”). This Usage Data includes, but is not limited to, the content that a User chooses to interact with, their responses to questions within our Digital Products, and other information about their use of and interaction with our Digital Products. As part of Usage Data, we collect a User’s IP address or other identifiers for the device. We use Usage Data to enhance and improve our product and service offerings and to provide our Digital Products to the User. In connection with Students’ interactions with our Digital Products, persistent Usage Data of students is used for our internal operations only; namely, to support website maintenance, security, and user authentication. Persistent Usage Data of students in the Digital Products are not used or disclosed to contact a specific individual, including through behavioral advertising, to amass a profile on a specific individual, or for any other purpose (except as specifically permitted to provide support for the internal operations of the service). Persistent identifiers are protected in accordance with our Information Technology Security Standards, available at https://www.wilsonlanguage.com/policies/information-technology-security-standards/.

We may use and collect cookies or other technologies (“Cookies”) to collect data in order to support User use and access to the Digital Products, to enhance and personalize their experience with the Digital Products, and for analytics purposes. These Cookies are not used for marketing to Students. In connection with Students’ interactions with our Digital Products, persistent student Cookies are used for our internal operations only; namely, to support login and to access assignments. Persistent cookies deployed in student-facing portions of the Digital Products are not used or disclosed to contact a specific individual, including through behavioral advertising, to amass a profile on a specific individual, or for any other purpose (except as specifically permitted to provide support for the internal operations of the service), No web beacons are used in student facing portions of Digital Products.

De-Identified Data

We may create de-identified or aggregate data sets from the data we receive or collect (“De-identified Data”) to improve our product and service offerings, to understand how our products are being used, and for other lawful business purposes, as described in the “How We Use De-Identified Data” section below.

How We Use Information

How we use Student Data

Our use of Student Data is consistent with applicable laws and regulations, including, without limitation, the Family Educational Rights and Privacy Act (FERPA), the Children’s Online Privacy Protection Act (COPPA), the California Student Online Personal Information Protection Act (SOPIPA), and other state laws. All Student Data is handled securely, as described in the “How We Secure Your Information” section below. We do not obtain any ownership interest in Student Data.

We use Student Data for the following purposes:

• to provide our Digital Products
• to provide related reports and services to the Customer
• for customer support, and;
• to comply with applicable laws.

How we use Educator Data

We use Educator Data to register and maintain Educator accounts, to offer Educators the Digital Products, to support our interactions with Educators and Schools, and to provide Educators with information concerning our programs and services, newsletters, updates, and related materials.

How We Use De-Identified Data

We may use and share De-identified Data in a manner that complies with applicable laws, for our permitted business purposes, including for research and development, demonstrating the effectiveness of our products and services, improving our product and service offerings, for customer service purposes, and to understand how our products are being used.

Sharing of Your Information.

We may share Student Data and/or Educator Data (collectively, “Customer Data”) for the following purposes:

Services. We will share Customer Data with the Customer in connection with providing
the Digital Products. We do not control Educators’ use or handling of Customer Data.

Service Providers. We may share Customer Data with service providers who support our provision of the Digital Products by offering us hosting services, information technology and support (e.g., video hosting), IT security, analytics, or technologies that enhance and personalize a User’s experience with the Digital Products. We evaluate the privacy and security controls of these service providers before we agree to use their services. These service providers are bound by applicable laws and contractual obligations of confidentiality and privacy to maintain Customer Data in a secure and confidential manner. We may share Educator Data with third party service providers that support our marketing function, in order to provide Educators with information concerning our programs and services, newsletters, updates, and related materials.

Google Analytics. As part of collecting Usage Data, we use Google Analytics to collect information about Educators’ use of our Digital Products. We do not use Google Analytics on Student-facing portions of our Digital Products, and we do not use the information we receive from Google Analytics to market to Students. Google Analytics collects information such as how often an Educator uses the Digital Products and what content they visit when they do so. Google Analytics collects only the IP address assigned to an Educator on the date the Educator uses the Digital Products, rather than Educator name or other identifying information We use information generated in connection with Google Analytics for IT support, to understand how our websites are used, and for marketing purposes (unless otherwise agreed to with a Customer). Google’s ability to use and share information collected by Google Analytics about an Educator’s use of Digital Products is restricted by the Google Analytics Terms of Use and the Google Privacy Policy. Google is bound by applicable laws and contractual obligations of confidentiality and privacy to maintain Customer Data in a secure and confidential manner.

Merger or Transfer. If we sell or otherwise transfer our business, we will not transfer Customer Data unless the purchaser agrees to adhere to data-security and privacy standards no less stringent than the terms of this Statement.

Legal Compliance. We may disclose Customer Data to the extent required by law.

Additional Notes on Information Sharing:

• We do not sell Student Data, and advertisements are not placed within the Digital Products. Without limiting the foregoing, we do not transfer Student Data for any third-party marketing or targeted advertising or for any other type of behavioral advertising.
• Other than as described in the disclosures above, we do not disclose Student Data other than as authorized and permitted by the Customer.
• Our Digital Products do not have any features or functionality that would permit or support the visibility of Student’s information and their interactions with other students, so there is no opportunity for cyber-bullying. Use of our Digital Products does not involve creating a profile, and there is no social component to our Digital Products.

Data Retention and Destruction.

Upon the written request of a Customer, we will remove Student Data and/or Educator Data from our production servers when we will no longer be providing access to the Digital Products to the Customer. We reserve the right, in our sole discretion, to remove Student Data and/or Educator Data for a particular customer from our production servers following a reasonable period of time after our relationship with a Customer has ended, as demonstrated by the end of a contract term or Customer’s lack of activity within the Digital Products.

Student Data Retention and Destruction.

WLT standard retention practice for Digital Products is to maintain Student Data for one hundred and twenty (120) days after our provision of Digital Products to a Customer has ended. For that 120-day period, a Customer may export a copy of the Student Data by using the export tools available to Customer through the Digital Products. After this period, we remove Student Data from inactive Customers of the Digital Products. This retention period is necessary to allow for our Customers (particularly Schools) to avoid the premature deletion of education records when processing or updating their subscriptions to our Digital Products. We do not knowingly retain Student Data beyond the reasonable period of time required to support Customer’s educational purpose, and as authorized by the Customer. Student Data is removed from backups in accordance with our data retention standards.

How We Secure Your Information.

In connection with providing the Digital Products, we implement and maintain reasonable technical, administrative, and physical safeguards. For more details on our safeguards and our IT security program, please review our Information Technology
Security Standards.

Your Data Rights

Choices About Your Information:

Student Data:

Parents of Students, guardians, or eligible Students may request to review, access, correct, delete, opt out, or remove their Student Data by contacting their School administrator. The School administrator can then verify the identity of the requesting party and notify us of the request. We will promptly comply with valid requests for correction or removal of Student Data. We cannot delete, change, or divulge any Student Data unless authorized by the Student’s School. Requests to delete, opt out, or remove Student Data may affect a User’s ability to access or use the Digital Products.

Educator Data:

For Educators who are provided access to the Digital Products by their Schools, the Educator may request to review, access, correct, delete, or remove their Educator Data by contacting their School administrator. The School administrator can then verify the identity of the requesting party and notify us of the request. We will promptly comply with valid requests for correction or removal of Educator Data. We cannot delete, change, or divulge any Educator Data unless authorized by the School. For Educators who purchase a license to Digital Products directly from us, those Customers may contact us directly at info@wilsonlanguage.com to delete, correct, or remove their data, although such requests may hinder or prevent the use of our Digital Products.

Links to Other Websites or Services

General. To give Users access to other helpful information, we may provide links to other sites. We provide these links as a convenience, and we do not endorse the content or services offered by, or the privacy policies in place on, these other sites.

Other sites to which we link may have privacy policies that differ from this Statement. We encourage Users to review the privacy policies of each site they may visit through any links. We are not responsible for the conduct or policies of these third parties.

Other Wilson Services. If you purchased both Acadience® Learning Online (ALO) and FUN HUB® Data and Reporting Suite, and you use Clever for rostering both systems, you may access ALO from FUN HUB®. This link allows you to more easily access your ALO reports, but no ALO data is imported into FUN HUB®, and such ALO data remains in your ALO environment.

Updates to Our Privacy Statement.

We review this Statement on an annual basis and make updates from time to time, for example, to reflect changes in the law and to provide more clarity on our practices. When we make any changes, we will provide notice by updating the “last updated” date at the top of this Statement indicating when it was last revised. For material changes to this Statement, we will seek to provide notice of such material changes in advance of the change coming into effect, by emailing the Customer point of contact we have in our records.

Please reach out to Legal@wilsonlanguage.com with any questions on this Privacy Statement.

Jurisdiction-Specific Privacy Supplement

If applicable, the Jurisdiction-Specific Privacy Supplement located in the addendum below applies to Customer and its Users:

Australia: The following terms apply to our use of Customer Data for Customers located in Australia, to the extent required by applicable law:

1. Applicable Laws. All references to “applicable laws” in this Statement refers to the Australian Privacy Act 1988, as modified or amended, and any other federal, state, or and Educator Data shall specifically include any information that constitutes “personal information” as defined under applicable laws. Personal information is collected, used, disclosed, managed, and stored in compliance with applicable laws, including but not limited to the Australian Privacy Act 1988.
2. Direct Notice. Through our Digital Products, personal information will be collected only if the information is reasonably necessary for, or directly related to, one or more of the Customer’s functions or activities. Additionally, if sensitive information (as defined in the Australian Privacy Act 1988) is collected, consent must be given by the individual prior to the collection of such sensitive information. By using our Digital Products, Customer represents and warrants that they have obtained all required consents for the collection of personal information under applicable laws, and that Customers have the right to provide us with any personal or sensitive information that they provide to us.
3. Direct Notice to Australian Parents. A Customer may collect personal information and/or sensitive information about your child for the purpose of using our Digital Products. As stated above, we require our Customer to obtain all required consents for the collection of such personal information before using our Digital Products.
4. Affiliates; International Transfers. Personal information of our Australian Customers will be accessed and processed in the United States and/or Canada. By using the Digital Products, Customer consents to our use and disclosure your personal information to third parties (in which case, subclause 8.1 of the Australian Privacy Act 1988 will not apply to the disclosure), and to our affiliates, such as Wilson Language Training Corporation, which are located outside of Australia, including in the United States of America and Canada.
5. Questions. If you have any concerns regarding the Australian Privacy Principles, reach out to legal@wilsonlanguage.com and your request will be processed within a reasonable period of time.

California Education Code § 49073.1: The following terms apply to our use of Customer’s pupil records (as defined in Education Code § 49073.1(D)(5)) for Customers located in California, to the extent required by applicable law:

1. Pupil records continue to be the property of and under the control of Customer;
2. No pupil-generated content is provided to WLT or generated in connection with WLT’s Digital Products;
3. WLT will use and access pupil records solely for the purposes described in the Acadience Digital Products Terms of Service and Acadience Digital Products Privacy Statement;
4. A parent, legal guardian, or eligible pupil may review personally identifiable information in the pupil records and correct erroneous information by contacting their School administrator, as described in the “Choices About Your Information” Section of the Acadience Digital Products Privacy Statement;
5. To ensure the security and confidentiality of pupil records, WLT will comply with the commitments identified in the Information Technology Security Standards;
6. Upon the discovery of a breach of security that results in the unauthorized disclosure of pupil records, WLT will notify the Customer of such disclosure and will reasonably cooperate with Customer in connection with its notification to parents, legal guardians, and/or eligible pupils, and as further described in the “Unauthorized Disclosure” section of the Information Technology Security Standards;
7. Retention of Customer’s pupil records shall be handled in accordance with the “Data Retention and Destruction” section above;
8. Customer and WLT shall each ensure its compliance with the Family Educational Rights and Privacy Act of 1974, 20 USC 1232g, as amended from time to time; and
9. WLT will not use pupil records to engage in targeted advertising.

California Privacy Rights Act (CPRA): The following terms apply to our use of Educator Data for Customers located in California, to the extent required by applicable law:

Educators who are residents of California may be entitled to certain rights with respect to personal information that we collect about them under the CCPA and CPRA, including the Right to Know, the Right to Request Deletion, the Right to Opt Out of Personal Information Sales, the right to non-discriminatory treatment for exercising any rights, the right to initiate a private cause of action for data breaches, the right to correct inaccurate personal information, and the right to limit use and disclosure of sensitive personal information. However, please note that if the exercise of these rights limits our ability to process personal information (such as in the case of a deletion request), we may no longer be able to provide our services to the Educator in question. To exercise these rights, California Educators may contact us at Legal@wilsonlanguage.com, via phone at 508.368.6678, or by U.S. mail at:

Wilson Language Training Corporation
47 Old Webster Road
Oxford, MA 01540

Canada. The following terms apply to our use of Customer Data for Customers located in Canada, to the extent required by applicable law:

In connection with the Digital Products, a Customer with personal information about Canadian citizens must provide any such data to us, or cause data to be provided to us, in strict compliance with applicable laws, which may include, but are not limited to, the Personal Information Protection and Electronic Documents Act (“PIPEDA”), Consumer Privacy Protection Act (“CPPA”), and any other federal or provincial privacy statutes. Provider is a “service provider” for purposes of the CPPA. Without limiting the foregoing, Customer must, to the extent required by applicable laws, provide appropriate notice, and obtain clear consent from parents, guardians, and eligible students, as applicable. Such disclosure must provide appropriate transparency related to our use of and access to Customer Data from the United States, to the extent required by applicable laws. Customer will obtain consent from parents, guardians, and eligible students, as applicable, in full compliance with Section 15(1)-(5) of the CPPA. In the event that consent to use or sharing of any Customer Data is lawfully withdrawn by a person and that Customer Data has been disclosed to or shared with us in connection with the Digital Products, then Customer must promptly reach out to us to request deletion or return of such person’s personally identifiable information. Upon request, we will provide confirmation of the disposition of such Customer Data.

Connecticut. The following terms apply to our use of Customer’s Student information, Student records, and Student-generated content, as those terms are defined in Conn. Gen. Stat. § 10-234aa(4)-(6), for Customers located in Connecticut, to the extent required by applicable law:

1. Student information, student records, and student-generated content in our possession (collectively, “CT Student Data”) are not the property of nor under the control of WLT;
2. Customer may request the deletion of any CT Student Data in our possession that is not (A) otherwise prohibited from deletion or required to be retained under state or federal law, or (B) stored as a copy as part of a disaster recovery storage system and that is (i) inaccessible to the public, and (ii) unable to be used in the normal course of business by the contractor, provided the Customer may request the deletion of any such CT Student Data if such copy has been used by the operator to repopulate accessible data following a disaster recovery;
3. WLT shall not use CT Student Data for any purposes other than those authorized by Customer;
4. An eligible Student, parent, or legal guardian of a Student may review personally identifiable information contained in CT Student Data and correct erroneous information, if any, in such student record by contacting their School administrator, as described in the “Choices About Your Information” Section above;
5. WLT shall take actions designed to ensure the security and confidentiality of CT Student Data;
6. Upon the discovery of a breach of security that results in the unauthorized release, disclosure, or acquisition of CT Student Data, WLT will notify the Customer of such disclosure in accordance with the provisions of Conn. Gen. Stat. 10-234dd, and as further described in the “Unauthorized Disclosure” section of the Information Technology Security Standards;
7. Retention of Customer’s CT Student Data shall be handled in accordance with the “Data Retention and Destruction” section above;
8. Customer and WLT shall each ensure its compliance with the Family Educational Rights and Privacy Act of 1974, 20 USC 1232g, as amended from time to time;
9. The laws of the state of Connecticut shall govern the rights and duties of the parties with respect to CT Student Data; and
10. If any provision of the Acadience Digital Products Terms of Service and/or Acadience Digital Products Privacy Statement (or, as applicable, such other agreement as agreed upon by the parties) or the application of such agreement(s) is held invalid by a court of competent jurisdiction, the invalidity does not affect other provisions or applications of the agreement(s) which can be given effect without the invalid provision or application.

Illinois. The following terms apply to our use of Covered Information (as defined in Illinois’s Student Online Personal Protection Act, or “SOPPA” (105 ILCS 85/)) for Customers located in Illinois, to the extent required by applicable law:

1. Categories or types of covered information to be provided to WLT are defined in the section “Information We Collect” above;
2. Products being provided to the school by WLT include ALO and ADMF;
3. Pursuant to the Family Educational Rights and Privacy Act of 1974, WLT is acting as a school official with a legitimate educational interest; is performing an institutional service or function for which the school would otherwise use employees, under the direct control of the school, with respect to the use and maintenance of covered information; and is using the covered information only for an authorized purpose and may not re-disclose it to third parties or affiliates, unless otherwise permitted under the Act, without permission from the school or pursuant to court order;
4. If a “Breach”, as defined in SOPPA, is attributed to WLT, its officials, agents, employees and subcontractors, WLT shall be liable for any costs and reasonable expenses incurred by the Board in investigating and remediating the Breach, including those costs and expenses identified in 105 ILCS 85/15(4)(D)(i)-(iv);
5. Upon the written request of a customer, WLT will remove Covered Information from our production servers when we will no longer be providing access to the Digital Products to the customer. We reserve the right, in our sole discretion, to remove Covered Information for a particular customer from our production servers following a reasonable period of time after our relationship with a customer has ended, as demonstrated by the end of contract term or customer’s lack of activity within the digital products. Covered Information is removed from backups in accordance with our data retention standards; and
6. WLT agrees that the Customer may publish the written agreement on the school’s website or make the written agreement available for inspection by the general public at its administrative office, as applicable.