As the operators of the www.leveldata.com website, Level Data, Inc. registered in Michigan, United States of America, with company ID 800691814 and having its registered office at 6850 Stadium Dr, Kalamazoo, MI, 49009 (“Level Data,” “we,” or “us”) understands that privacy is important to our online visitors of our website (“Website Visitors”), to districts who register for our Service (“Districts”), and to Parents & students whose information we may have access to on behalf of a District customer (“Students”). This privacy policy applies to our website http://www.LevelData.com and to our Service (“Service”) and describes the steps we take to protect your data. Capitalized terms that are not defined in this Privacy Policy have the meaning given them in our Terms of Service/Use.

1 HOW WE COLLECT AND USE INFORMATION

We collect the following types of information:

1.1 Via our website

We ask for certain contact when a District or Person completes our contact form at www.LevelData.com/contact, or if a person corresponds with us online. Our website form collects first name, last name, email, title, school district or organization name, phone number, city, state or province, and information relating to the School/District’s information systems including the number of students enrolled, the name of the current student management system, and any comments the person decides to leave.

1.2 Information about Districts via our Services

We ask for certain information when a District administrator registers with Level Data, or if the administrator corresponds with us online, including a name, school name, school district, school email address and/or account name and password, billing information, phone number, message content, and information relating to the School/District’s information systems. We may also retain information provided by a School/District if the School/District sends us a message, posts content to our website or through our Service, interacts with us on Facebook or LinkedIn or logs in to our site using a third party login such as Google +, or responds to emails or surveys. Once a School/District begins using the Service, we will keep records of activities related to the Service. We use this information to operate, maintain, and provide to the features and functionality of the Service, to analyze our Service offerings and functionality, and to communicate with our Districts and website visitors.

1.3 CustomerData via our Services

Level Data may receive non-public identifiable information data (“PII”) about students, parent/guardian, staff, schools and/or other district facets (“Customer Data”) in the course of providing its services to a District. We consider Customer Data to be confidential and do not use such PII for any purpose other than to provide the services to the corresponding District. Level Data may receive CustomerData from the LEA, IEA, and SEA.

Level Data has access to CustomerData only as requested by the District and only for the purposes of performing Services on the District’s behalf. If you are a Student, Teacher, or parent, please contact your District if you have questions about the District’s use of technology service providers like Level Data.

1.4 Information collected through technology

We automatically collect certain types of usage information when visitors view our website or use our service. We may send one or more cookies—a small text file containing a string of alphanumeric characters—to your computer that uniquely identifies your browser and lets Level Data help you log in faster and enhance your navigation through the site. A cookie may also convey information to us about how you use the Service (e.g., the pages you view, the links you click and other actions you take on the Service), and allow us to track your usage of the Service over time. We may collect log file information from your browser or mobile device each time you access the Service. Log file information may include anonymous information such as your web request, Internet Protocol (“IP”) address, browser type, information about your mobile device, number of clicks and how you interact with links on the Service, pages viewed, and other such information. We may employ clear gifs (also known as web beacons) which are used to anonymously track the online usage patterns of our Users. In addition, we may also use clear gifs in HTML-based emails sent to our Districts to track which emails are opened and which links are clicked by recipients. The information allows for more accurate reporting and improvement of the Service. We may also collect analytics data, or use third-party analytics tools, to help us measure traffic and usage trends for the Service. We do not allow third party advertising networks to collect information about the users of our Site or Service.

We use or may use the data collected through cookies, log files, device identifiers, and clear gifs information to: (a) remember information so that a user will not have to re-enter it during subsequent visits; (b) provide custom, personalized content and information; (c) to provide and monitor the effectiveness of our Service; (d) monitor aggregate metrics such as total number of visitors, traffic, and usage on our website and our Service; (e) diagnose or fix technology problems; and (f) help users efficiently access information after signing in.

1.5 Information collected conferences and trade shows

We automatically collect certain information when we participate in conferences and trade shows. The information provided is governed by the rules of each of the separate conferences or shows. Once collected, the contact information provided is used only as permitted by the conference or trade show rules. 

2 HOW WE SHARE YOUR INFORMATION

Our Service platform provides procedures and connectors (custom software) to improve the processes of moving data to and from applications within school districts in order to help improve school processes.  Our Unity platform gathers information from multiple District systems for the purposes of provisioning, identity management, consolidation, quality assurance, integrity checks, validation and integration. 

Level Data only shares PII in a few limited circumstances, described below. We DO NOT rent or sell information for any purpose, without exception.

2.1 Who we may share information with

• We may be required to share information with law enforcement or other third parties when compelled to do so by a court order or other legal process, to comply with statutes or regulations, to enforce our Terms of Use, or if we believe in good faith that the disclosure is necessary to protect the rights, property or personal safety of our users.
• We may share only non-identifiable information with third party service providers who perform services on our behalf (e.g. educational research organizations), but strictly for the purpose of carrying out their work for us.
• We share aggregate or anonymous data (including personal data that has been stripped of personally identifying characteristics) with third parties as part of providing our Service.
• We may permit our users to share information with one another through our social forums and messaging functions. When you post to the public areas of our Service, your username will be disclosed to other users. We do not control how much personal information a user voluntarily shares through these user content features on our Service.
• In the event of a change of control: If we sell, divest or transfer the business or a portion of our business, we may transfer information, provided that the new provider has agreed to data privacy standards no less stringent than our own. We may also transfer personal information – under the same conditions – in the course of mergers, acquisitions, bankruptcies, dissolutions, reorganizations, liquidations, similar transactions or proceedings involving all or a portion of our business.

2.2 How Student Data is shared

Level Data uses Student PII that it receives from a District only for the purposes of providing our Service to the District. Level Data may de-identify or otherwise anonymize the Student Data and share the aggregated or anonymous data, alone or in combination with other types of data, with other districts, partners, service providers, and others.

3 HOW WE STORE AND PROTECT YOUR INFORMATION

3.1 Storage and processing

Your information collected through the Service is processed in the country in which Level Data service providers maintain facilities. If you are based in the United States and use our Service, you consent to have your data processed by Level Data in the United States. International Customers have differing needs based on their country of origin and Level Data will make a best effort to provide custom storage and processing solutions to meet those requirements. 

3.2 Keeping information safe

Level Data maintains strict administrative, technical and physical procedures to protect information processed via our servers. Access to information is limited (through user/password credentials and two factor authentication) to those employees who require it to perform their job functions. We use industry-standard Secure Sockets Layer (SSL) encryption technology to safeguard the account registration process and sign-up information. Other security safeguards include but are not limited to data encryption, firewalls, VPN, physical access controls to building and files, and an end-to-end zero knowledge environment in which PII is only available to the customer.

4 YOUR CHOICES ABOUT YOUR INFORMATION

4.1 Account information and settings

Districts may update account information and modify Services by signing into the administrator account. Districts and other website visitors can opt-out of receiving promotional email from us by clicking on the “unsubscribe” feature at the bottom of each email. Sorry, you cannot unsubscribe from Service-related messaging.

If you have any questions about reviewing or modifying account information, contact us directly at Info@LevelData.com

4.2 Access to Student Data

Student Data is provided and controlled by the Districts. If you have any questions about reviewing, modifying, or deleting personal information of a student, please contact your district directly.

4.3 Deleting or disabling cookies 

You may be able to disallow cookies to be set on your browser. Please look for instructions on how to delete or disable cookies and other tracking/recording tools on your browser’s technical settings. You may not be able to delete or disable cookies on certain mobile devices and/or certain browsers. For more information on cookies, visit www.allaboutcookies.org. Remember, disabling cookies may disable many of the features available on the Service, so we recommend you leave cookies enabled.

4.4 How long we keep User Content

Following termination or deactivation of a District account, Level Data may retain profile information and content for a commercially reasonable time for backup, archival, or audit purposes. We may maintain anonymised or aggregated data, including usage data and de-identified Student Data. If you have any questions about data retention or deletion, please contact Info@LevelData.com

4.5 California Online Privacy Protection Act

CalOPPA is the first state law in the nation to require commercial websites and online services to post a privacy policy. The law's reach stretches well beyond California to require a person or company in the United States (and conceivably the world) that operates websites collecting PII from California consumers to post a conspicuous privacy policy on its website stating exactly the information being collected and those individuals with whom it is being shared, and to comply with this policy.  See more at: http://consumercal.org/california-online-privacy-protection-act-caloppa/#sthash.0FdRbT51.dpuf

4.5.1 In compliance with CalOPPA we agree:

Users can visit our site anonymously.   Once this privacy policy is created, we will add a link to it on our home page, or as a minimum on the first significant page after entering our website.   Our Privacy Policy link includes the word 'Privacy', and can be easily be found on the page specified above.  Users will be notified of any privacy policy changes on our Privacy Policy Page.  Users are able to change their personal information by logging in to their account.

4.6 Do Not Track Signals

We honor do not track signals and do not track, plant cookies, or use advertising when a Do Not Track (DNT) browser mechanism is in place.

4.7 Third-Party Behavioral Tracking

It's also important to note that we do not allow third party behavioral tracking.

5 FAIR INFORMATION PRACTICES

The Fair Information Practices Principles form the backbone of privacy law in the United States and the concepts they include have played a significant role in the development of data protection laws around the globe. Understanding the Fair Information Practice Principles and how they should be implemented is critical to comply with the various privacy laws that protect personal information.  In order to be in line with Fair Information Practices we will take the following responsive action, should a data breach occur:  We will notify the users via email within 1 business day.

We also agree to the individual redress principle, which requires that individuals have a right to pursue legally enforceable rights against data collectors and processors who fail to adhere to the law. This principle requires not only that individuals have enforceable rights against data users, but also that individuals have recourse to courts or a government agency to investigate and/or prosecute non-compliance by data processors.

6 CHILDREN’S PRIVACY

Level Data provides a Service designed to assist Districts and other educational partners to improve district processes related to student data. Our Service is not directed to children under 13 and we do not knowingly collect PII directly from students. Please contact us at Info@LevelData.com if you believe we have inadvertently collected personal information from a child under 13 so that we may delete such data as soon as possible.

7 LINKS TO OTHER WEBSITES AND SERVICES

From time to time, we may provide links to third parties from our Service. We are not responsible for the practices employed by websites, applications or services linked to or from our Service. We recommend that you review the privacy policies of third party sites or services before providing any information to them.

8 INCORPORATIONS BY STATE

Pursuant to state law, the following state specific language is hereby incorporated into this Privacy Policy; provided that Level Data is providing and/or offering you Level Data Products or Services in one of the following states:

• California - Level Data will not use your data for any purpose beyond the indicated purposes in the Terms of Use and as defined by the school District, which includes this Privacy Policy. This includes, but is not limited to, Level Data’s policy to never use PII to engage in targeted advertising.
• Colorado - Level Data will not use your data for any purpose beyond the indicated purposes in the Terms of Use or as defined by the school District, which includes this Privacy Policy. Only the Level Data employees that have a legitimate interest in accessing your data, will be granted authorization by Level Data. No data is shared with any third parties unless Level Data is directed to do so by the school District. PII is extracted, transformed, and loaded by Level Data on behalf of the school District. 
• Florida - Level Data will provide notification of a security breach pursuant to requirements as mandated in the Florida Information Protection Act of 2014.
• Maryland - Level Data will not use Covered Information to engage in targeted advertising.
• New York - In accordance with New York Education Law § 2-d, Level Data will comply with and attach to the school District’s contract the Parents’ Bill of Rights for Data Privacy and Security, as applicable.
• Pennsylvania - Level Data will provide notification of a security breach pursuant to the requirements of Pennsylvania’s Breach of Personal Information Notification Act.
• Washington - Level Data will provide notice before making material changes to this Privacy Policy.

9 INCORPORATIONS BY General Data Protection Regulation (GDPR)

Pursuant to the General Data Protection Regulation (GDPR), the following specific language is hereby incorporated into this Privacy Policy; provided that Level Data is providing and/or offering you Level Data Products or Services in or for any European Union entity or citizen.

9.1 Controller

The School District, our Customer, is the Controller of the data in the systems they utilize to operate their business and Level Data shall process their data per our custom services. Additionally, contact information provided by entities and persons via our website contact form or via conferences or trade shows shall be Controlled and Processed by Level Data.

9.2 Your rights under GDPR

If the GDPR applies to you, you have a number of important rights free of charge. In summary, those include rights to:

• access to your personal data and to certain other supplementary information that this Policy is already designed to address
• require Us to correct any mistakes in your information which We hold
• require the erasure of personal data concerning you in certain situations
• receive the personal data concerning you which you have provided to Us, in a structured, commonly used and machine-readable format and have the right to transmit those data to a third party in certain situations
• object at any time to processing of personal data concerning you for direct marketing
• object to decisions being taken by automated means which produce legal effects concerning you or similarly significantly affect you
• object in certain other situations to our continued processing of your personal data
• otherwise restrict our processing of your personal data in certain circumstances
• claim compensation for damages caused by our breach of any data protection laws.

9.3 Exercising your GDPR rights

If you would like to exercise any of those rights, please:

• contact us using our Contact details below
• let Us have enough information to identify you,
• let Us have proof of your identity and address. Where you are a user of our Services you should email us from the email address that you used to register with Level Data. Receipt of an email from this address will usually be sufficient to confirm your identity. In all other cases we may request one or more identification documents, such as a copy of your driving licence or passport and a recent utility or credit card bill; and
• let Us know the information to which your request relates.

10 THIRD PARTY WEBSITES

The Website and our Services may, from time to time, contain links to and from the websites of other networks and affiliates (CEDS, NCES, State and Province databases, various Social Media providers). If you follow a link to any of these websites, please note that these websites have their own privacy policies and terms of use and that we do not accept any responsibility or liability for these policies and terms of use. Please check these policies before you submit any personal data to these websites.

11 HOW TO CONTACT US

If you have any questions about this Privacy Policy or the Service, please contact us at Info@LevelData.com

11.1 How to complain

We hope that we can resolve any query or concern you raise about our use of your information. Please contact us if you need to register a complaint!

12 CHANGES TO PRIVACY POLICY

Level Data may modify or update this Privacy Policy from time to time and made available to you using the website. When we change the policy in a material manner we will let you know and update the ‘last modified’ date at the bottom of this page. Your continued use of the website and our services shall be deemed your acceptance of this Privacy Policy.