Acadly - Privacy

Last updated on: June 16, 2020

You can read the previous version of the Privacy Policy here.

You can also read about our efforts to be GDPR Compliant here.

Acadly INC ('ACADLY INC', We, Us, Our), maker of Acadly, is committed to protecting your privacy. We have prepared this Privacy Policy to describe our practices regarding the personal information that may be collected from users of our websites which post this Privacy Policy, including https://app.acadly.com ('SITE'), ACADLY INC's Acadly iOS, Android, and other mobile applications ('APPS'), and other related educational services (collectively referred to as 'SERVICE'). By submitting personal information through our Site, Apps, or Services, you expressly consent to the processing of your personal information in the appropriate clusters (refer to the DATA PROCESSING, STORAGE, AND CLUSTERS section of this Privacy Policy document) in accordance with this Privacy Policy. The use of personal information collected through our service shall be limited to the purposes described in this Privacy Policy.

IMPORTANT FOR UNIVERSITY USERS

If you are a user (or a parent of a user) who was given access to the Services by the university you are affiliated with, this Privacy Policy does not govern your university's collection, use, or disclosure of personal information through the Site, Apps, or Service. We are not responsible for your university's collection, use, or disclosure of your personal information. Please contact your university to better understand your university's privacy practices. ACADLY INC will retain personal information we process on behalf of universities for as long as needed to provide services and as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements. ACADLY INC uses only de-identified and aggregated data for its own purposes.

DATA PROCESSING, STORAGE, AND CLUSTERS

ACADLY INC endeavours to comply with the laws regarding protection and processing of data of users of Acadly and hence deploys the application servers in various geographic locations. Each collection of these application servers is a Cluster. Based on the geographic location of a university, a cluster is selected to which all the data of Acadly users, affiliated to the aforementioned university, is directed and stored. As of the date of publishing of this Privacy Policy, the clusters and the universities attached to those clusters are mentioned in the following list (not exhaustive) - US East Cluster - Located in the US, exclusively receives and stores data of all those Acadly users who are affiliated to universities whose primary campus is in North and South Americas EU Cluster - Located in Ireland, exclusively receives and stores data of all those Acadly users who are affiliated to universities whose primary campus is in Europe and parts of Africa IN Cluster - Located in India, exclusively receives, processes and stores data of all those Acadly users who are affiliated to universities whose primary campus is in South East Asian Subcontinent and parts of Middle East SG Cluster - Located in Singapore, exclusively receives, processes and stores data of all those Acadly users who are affiliated to universities whose primary campus is in Singapore, and a few South East Asian Countries AU Cluster - Located in Sydney, exclusively receives, processes and stores data of all those Acadly users who are affiliated to universities whose primary campus is in Australasia

DATA YOU PROVIDE TO US

For Course Creators
When you register for a Course Creator (or Course Admin) account with the Service, you will provide Us information about yourself, such as your first name, last name, email address, and your website (if any). Upon verification, We will attach to your details the details of the University or the educational organization where you are a bona-fide instructor. To enroll students in the course and to add other course team members, you will provide Us with the email addresses of course student users and course team members. In providing Us with the email addresses of the prospective members of your course on the Service, you inherently agree that you have the consent of the owners of the provided email addresses. Until the owners of the provided email addresses set a password to use the Service, you also provide the Service the permission to communicate with the owners of provided email addresses subject to condition that the content of any communication will only be related to the course on Acadly of which the owners of the provided email addresses have been made members by you. For Course Users
We collect information from you, such as first and last name, gender, e-mail and mailing addresses, and password when you create an account to log in to our network. We also may retain information on your behalf, such as files and messages that you store using your account. If you provide Us feedback or contact Us via e-mail, We will collect your name and e-mail address, as well as any other content included in the e-mail. When you participate in one of our surveys, We may collect additional profile information. We also collect other types of personal information and demographic information that you provide to Us voluntarily.

DATA COLLECTED VIA TECHNOLOGY

To make our Site, Apps, and Services more useful to you, our servers (which may be hosted by a third party service provider) collect information from you, including browser type, operating system, Internet Protocol (IP) address (a number that is automatically assigned to your computer when you use the Internet, which may vary from session to session), domain name, unique device identifiers, information about how you use our Site and Apps, and/or a date/time stamp for your visit. We also use cookies and web beacons (as described below) and navigational data like Uniform Resource Locators (URL) to gather information regarding the date and time of your visit and the solutions and information for which you searched and which you viewed. Like most Internet services, We automatically gather this data and store it in log files each time you visit our Site, use our Apps, or access your account on our network. We may link this automatically-collected data to personally identifiable information. 'COOKIES' are small pieces of information that a website sends to your computer's hard drive while you are viewing a website. We may use both session cookies (which expire once you close your web browser) and persistent cookies (which stay on your computer until you delete them) to provide you with a more personal and interactive experience on our Site. 'WEB BEACONS' are digital images we use to log information on our Site and in our emails. We use web beacons to manage cookies, count visits, and to learn what marketing works and what does not. We also use web beacons to tell if you open or act on our emails. 'ANALYTICS' - We use analytics services to help analyze how users use the Site and Apps. These services use cookies and scripts to collect and store information such as how users interact with our Apps, errors users encounter when using our apps, device identifiers, how often users visit the Site, what pages they visit, and what other sites they used prior to coming to the Site. We use the information we get from Google Analytics only to improve our Site, our Apps, and our Services. Please see the following links for more information about Google Analytics: Privacy Google Ads, Privacy, and Terms of Service for Google Analytics. 'LOCATION' - Acadly's Android App does ask for Location permission and can access your device's GPS in background mode (even when the app is not running) ONLY during the 2 minute duration when the course instructors are recording attendance. Acadly NEVER accesses, transmits, uses, or stores, your Geolocation Coordinates. 'ZOOM' - When you integrate your Zoom account with Acadly by authorizing Acadly to use your Zoom account, Acadly uses only your non personally identifiable data provided by Zoom to create, start, end, and record Zoom meetings created by Acadly on your behalf and on your request. Acadly also uses Zoom's Event Subscriptions to manage ONLY those Zoom meetings that have been created on your behalf by Acadly. Your usage of Zoom within Acadly is implicitly assumed to be in accordance with Zoom's Privacy Policy and Zoom's Terms of Service.

USER GENERATED CONTENT

COMMENTS Acadly allows course members to discuss various activities in a course with comments linked to a course activity. Contents of these comments are visible to course members and you should be aware that any information you provide in these comments may be read, collected, and used by others who access them. LINKS TO OTHER WEBSITES We are not responsible for the practices employed by websites linked by the members of a course to or from the Service, nor the information or content contained therein. Please remember that when you use a link to go from the Service to another website, our Privacy Policy is no longer in effect. Your browsing and interaction on any other website, including those that have a link on the Service, is subject to that website's own rules and policies. Please read over those rules and policies before proceeding. RESOURCE SHARING Acadly provisions for the members of a course on Acadly to share resources (documents, multimedia files, links to videos etc) for the benefit of the other course members registered on Acadly. We are not obligated to confirm whether any resources or files shared by the user respects the copyrights associated with the distribution of shared resource or file. If we receive a request from the copyright owners to remove any disputed resource, we hold the right to remove the shared resource and inform the user who had shared the resource on Acadly. STUDENT ATTENDANCE DATA, SCORES, GRADES AND SUBMISSIONS Since Acadly allows grading of assignments, quizzes, exams on the platform, we store the scores and grades awarded to a student for a satisfactory experience while using the service. Along with the scores and grades, attendance data, voluntarily provided by the users of the Service during the normal course of usage of the Service, is also stored. This data is however visible only to course members (Course Creator, Course Instructors, Course Teaching Assistants, Course Students) registered with the Service. The university to which a student belongs also has the right to this data and Acadly is obligated to disclose the details upon the request of representatives of the concerned university or if Acadly enters into a contract with the concerned university.

USE OF YOUR DATA

TO PROVIDE BETTER SERVICE AND SECURITY Personal information you submit to us is used either to respond to requests that you make, or to aid us in serving you better. ACADLY INC uses your personal information in the following ways: to create and maintain your account; to identify you as a user in our system; to operate, maintain, and improve our Site, Apps, and Services; to personalize and improve your experience; and to make telephone calls to you, from time to time, as a part of secondary fraud protection or to solicit your feedback with your permission.

TO REACH OUT We may contact you

for administration reasons related to the Service (e.g. to provide you with password reminders or to notify you that a particular service, activity or online content has been suspended for maintenance, or in response to a question that you ask us);
to provide you with information about our Service, activities or online content, including sending e-newsletters or similar correspondence and updates or responding to any contact you have made with us, e.g. on our website, by email or via the means provided in the 'CONTACT INFORMATION' section mentioned below;
to invite you to participate in surveys about our services (participation is always voluntary)

Where we wish to use Your Personal Data in any other way, we will ensure that we notify you and get your consent first. You will be given the opportunity to withhold or withdraw your consent for the use of Your Data for purposes other than those listed in this Privacy Policy.

DISCLOSURE OF YOUR PERSONAL INFORMATION

We will share your personal information with third parties only in the ways that are described as follows or with your express consent. THIRD PARTY SERVICE PROVIDERS. We may share your personal information with third party service providers for the sole purpose of providing you with the Services that we offer you through our Site ('INTERNAL PURPOSES'). For example, we may share data with service providers who host our websites or provide email services on our behalf. OTHER DISCLOSURES. ACADLY INC may disclose information about you if it believes such disclosure is necessary to (a) comply with laws or to respond to lawful requests and legal process; or (b) protect or defend the rights, safety, or property of ACADLY INC, users of the Services, or any person including to enforce our agreements, policies, and terms of use, or (c) in an emergency to protect the personal safety of any person (collectively, 'a', 'b' and 'c', ENFORCEMENT PURPOSES'). We may also share information about you in connection with or during negotiation of any merger, financing, acquisition, bankruptcy, dissolution, transaction or proceeding involving sale, transfer, divestiture or disclosure of all or a portion of our business or assets to another company. In these circumstances, we will only share information with a company that has agreed to data privacy standards no less stringent than our own. In the event that information is shared in this manner, notice will be posted on our Site. We may also share de-identified and aggregated data with others for their own uses.

YOUR PERSONAL INFORMATION - YOUR RIGHTS AND CHOICES

RIGHTS. As a data subject, you have the following rights under Data Protection Legislation and we, as Data Controller in respect of Your Data, will comply with such rights in respect of Your Data:

the right of access to Personal Data relating to you;
the right to correct any mistakes in your Personal Data;
the right to ask us to stop contacting you with direct marketing;
the right to restrict or prevent your Personal Data being processed;
the right to have your Personal Data ported to another data controller;
the right to erasure; and
the right to complain to the DPC if you believe we have not handled your Personal Data in accordance with Data Protection Legislation

These rights are explained in more detail below, but if you have any comments, concerns or complaints about our use of your Personal Data, please contact us (see 'CONTACT INFORMATION' below). We will respond to any rights that you exercise within a month of receiving your request, unless the request is particularly complex or cumbersome, in which case we will respond within three months (we will inform you within the first month if it will take longer than one month for us to respond). Where a response is required from us within a particular time period pursuant to Data Protection Legislation, we will respond within that time period.

Right to access Your Personal Data You may ask to see what Personal Data we hold about you and be provided with:

a summary of such Personal Data and the categories of Personal Data held;
details of the purpose for which it is being or is to be processed;
details of the recipients or classes of recipients to whom it is or may be disclosed, including if they are overseas and what protections are used for those oversea transfers;
details of the period for which it is held or the criteria we use to determine how long it is held;
details of your rights, including the rights to rectification, erasure, restriction or objection to the processing; and
any information available about the source of that data;

Requests for your Personal Data must be made to us specifying what Personal Data you need access to, and a copy of such request may be kept by us for our legitimate purposes in managing the Service. To help us find the information easily, please give us as much information as possible about the type of information you would like to see. If, to comply with your request, we would have to disclose information relating to or identifying another person, we may need to obtain the consent of that person, if possible. If we cannot obtain consent, we may need to withhold that information or edit the data to remove the identity of that person, if possible. There are certain types of data which we are not obliged to disclose to you, which include Personal Data which records our intentions in relation to any negotiations with you where disclosure would be likely to prejudice those negotiations. We are also entitled to refuse a data access request from you where (i) such request is manifestly unfounded or excessive, in particular because of its repetitive character (in this case, if we decide to provide you with the Personal Data requested, we may charge you a reasonable fee to account for administrative costs of doing so), or (ii) we are entitled to do so pursuant to Data Protection Legislation.

Right to update your Personal Data or correct any mistakes in your Personal Data You can require us to correct any mistakes in your Personal Data which we hold free of charge. If you would like to do this, please:

email or write to us (see 'CONTACT INFORMATION' below);
let us have enough information to identify you (e.g. name, registration details); and
let us know the information that is incorrect and what it should be replaced with.

It is your responsibility that all of the Personal Data provided to us is accurate and complete. If any information you have given us changes, please let us know as soon as possible.

Right to ask us to stop contacting you with direct marketing We have a legitimate interest to send you electronic communications/direct marketing in connection with the Service and related matters (which may include but shall not be limited to newsletters, announcement of new features etc.). We may also ask you different questions for different services, including competitions. We may also ask you to complete surveys that we use for research purposes, although you do not have to respond to them. You can ask us to stop contacting you for direct marketing purposes. If you would like to do this, please:

email or write to us (see 'CONTACT INFORMATION' below);
click on the 'unsubscribe' button at the bottom of the electronic communication. It may take up to 15 days for this to take place; and
let us know what method of contact you are not happy with if you are unhappy with certain ways of contacting you only.

We will provide you with information on action taken on a request to stop direct marketing - this may be in the form of a response email confirming that you have 'unsubscribed'. Unsubscribing from direct marketing does not unsubscribe you from essential electronic communications in respect of the administration of Your Account.

Right to restrict or prevent processing of Personal Data In accordance with Data Processing Legislation, you may request that we stop processing your Personal Data temporarily if:

you do not think that your Personal Data is accurate (but we will start processing again once we have checked and confirmed that it is accurate);
the processing is unlawful but you do not want us to erase your Personal Data;
we no longer need the Personal Data for our processing; or
you have objected to processing because you believe that your interests should override the basis upon which we process your Personal Data

If you exercise your right to restrict us from processing your Personal Data, we will continue to process the Personal Data if:

you consent to such processing;
the processing is necessary for the exercise or defence of legal claims;
the processing is necessary for the protection of the rights of other individuals or legal persons; or
the processing is necessary for public interest reasons.

Right to data portability In accordance with Data Protection Legislation, you may ask for an electronic copy of your Personal Data that you have provided to us and which we hold electronically, or for us to provide this directly to another party. This right only applies to Personal Data that you have provided to us â€“ it does not extend to data generated by us. In addition, the right to data portability also only applies where:

the processing is based on your consent or for the performance of a contract; and
the processing is carried out by automated means.

Right to erasure In accordance with Data Protection Legislation, you can ask us (please see 'CONTACT INFORMATION' below) to erase your Personal Data where:

you do not believe that we need your Personal Data in order to process it for the purposes set out in this Privacy Policy;
if you had given us consent to process your Personal Data, you withdraw that consent and we cannot otherwise legally process your Personal Data;
you object to our processing and we do not have any legal basis for continuing to process your Personal Data;
your Personal Data has been processed unlawfully or have not been erased when it should have been; or
the Personal Data have to be erased to comply with law.

We may continue to process your Personal Data in certain circumstances in accordance with Data Protection Legislation (i.e. where we have a legal justification to continue to hold such Personal Data, such as it being within our legitimate business interest to do so (e.g. retaining evidence of resolved support requests etc.). Where you have requested the erasure of your Personal Data, we will inform recipients to whom that Personal Data have been disclosed, unless this proves impossible or involves disproportionate effort. We will also inform you about those recipients if you request it

Right to complain to the DPC If you do not think that we have processed your Personal Data in accordance with this Privacy Policy, please contact us in the first instance. If you are not satisfied, you can complain to the DPC or exercise any of your other rights pursuant to Data Protection Legislation. Information about how to do this is available on the DPC website.

CHOICES. We offer you choices regarding the collection, use, and sharing of your personal information. When you receive newsletters or promotional communications from us, you may 'opt-out' by following the unsubscribe instructions provided in e-mails you receive from us or by contacting us directly at the contact information below. Most web browsers are set to accept cookies by default. If you prefer, you can typically remove and reject cookies from our Site with your browser settings. If you remove or reject our cookies, it will affect how our Site and Services work for you. When you visit the Site, we and others give you the following choices about use of mechanisms for tracking, including tracking of your online activities over time and across different websites and online services by third parties:

Most web browsers are set to accept cookies by default. If you prefer, you can typically remove and reject cookies from our Site with your browser settings. If you remove or reject our cookies, it will affect how our Site and Services work for you.
You may also render some web beacons unusable by rejecting their associated cookies. If you choose to decline cookies, certain features of the Sites and Services that placed the cookie may not function properly or at all as a result.
If you do not wish for us to track emails we send you, some email services allow you to adjust your display to turn off HTML or disable download of images which should effectively disable our email tracking, or you may unsubscribe from our marketing emails as described above.
You may opt out of tracking of certain information collected by Google Analytics, one of our analytics providers as discussed above, on the Sites by using any of the links shared in the relevant section above.

While we and others give you the choices described in this Privacy Policy, there are many ways web browser signals and other similar mechanisms can indicate your choice to disable tracking, and we may not be aware of or honor every mechanism. SECURITY OF YOUR PERSONAL INFORMATION. ACADLY INC uses commercially reasonable physical, managerial, and technical safeguards to preserve the integrity and security of your personal information. We cannot, however, ensure or warrant the security of any information you transmit to Acadly or guarantee that your information on the Service may not be accessed, disclosed, altered, or destroyed by breach of any of our physical, technical, or managerial safeguards. In the event that personal information is compromised as a result of a breach of security, ACADLY INC will promptly notify those persons whose personal information has been compromised, in accordance with the notification procedures set forth in this Privacy Policy, or as otherwise required by applicable law.

WITHDRAWAL OF CONSENT. If you no longer consent to our processing of Your Data (in respect of any matter referred to in this Privacy Policy as requiring your consent), you may request that we cease such processing by contacting us (refer to 'CONTACT INFORMATION' section below). Please note that if you withdraw your consent to such processing, for example in respect of the use of cookies, it may not be possible for us to provide all/part of the Service to you. In the event that personal information is compromised as a result of a breach of security, ACADLY INC will promptly notify those persons whose personal information has been compromised, in accordance with the notification procedures set forth in this Privacy Policy, or as otherwise required by applicable law.

ZOOM DATA. If you had explicitly authorized your Zoom account to be linked with Acadly and at any point in time no longer wish to use the Zoom integration functionality within Acadly, you can visit the Zoom Marketplace and uninstall Acadly from your list of applications installed on Zoom. Once uninstalled, Acadly will automatically remove all your Zoom account information from its servers.

BREACH REPORTING

We will notify serious data breaches in respect of Your Data to the DPC without undue delay, and where feasible, not later than 72 hours after having become aware of same. If notification is not made after 72 hours, we will record a reasoned justification for the delay; however, it is not necessary to notify the DPC where the Personal Data breach is unlikely to result in a risk to the rights and freedoms of natural persons. A Personal Data breach in this context means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, Personal Data transmitted, stored or otherwise processed. We will keep a record of any data breaches, including their effects and the remedial action taken, and will notify you of any data breach affecting your Personal Data (which poses a high risk to you) when we are required to do so under Data Protection Legislation. We will not be required to notify you of a data breach where:

we have implemented appropriate technical and organisational measures that render the Personal Data unintelligible to anyone not authorised to access it, such as encryption; or
we have taken subsequent measures which ensure that the high risk to data subjects is not likely to materialise; or
it would involve disproportionate effort, in which case we may make a public communication instead.

In the event of a serious data breach in respect of User Uploaded Data, we will notify the relevant Data Controller of such breach as soon as reasonably practicable.

CHILDREN'S PRIVACY

Acadly is, at the time of publishing this Privacy Policy, meant to be used in institutes of higher education (e.g universities), thus we assume that unless exceptional circumstances arise, most of the users of Acadly will be over 13 years of age. At the time of being registered in a course on Acadly either as a Course Team member (Instructor, or TA) or as a student, if the user is less than 13 years of age, it is the responsibility of the Course Creator (or the Course Admin) to obtain necessary permissions from the said user's parents and inform ACADLY INC by writing to us at contact@acadly.com ACADLY INC does not knowingly collect or solicit personal information from anyone under the age of 13 or knowingly allow such persons to register with the Service. If we become aware that we have collected personal information from a child under age 13 without verification of parental consent, we will remove that information.

CONTACT INFORMATION

ACADLY INC welcomes your comments or questions regarding this Privacy Policy. Please e-mail us at contact@acadly.com or contact us at the following address: ACADLY INC 8, The Green STE A, Dover, DE - 19901 United States

CHANGES TO THIS PRIVACY POLICY

ACADLY INC may change this Privacy Policy from time to time. If we make any changes to this Policy, we will change the "Last Updated" date above. If such changes are material, a notice of the changes will be posted along with the revised Privacy Policy, prior to the change becoming effective. We encourage you to visit this page from time to time for the latest on our privacy practices.