Privacy Policy


local_printshopPrint Document

Summit Learning Privacy Policy

Effective Date July 1, 2022 (summary of updates)

We have done our best to write this Privacy Policy in simple and clear terms. In order to facilitate your understanding of the Privacy Policy, we have added notes that provide short summaries of the legal language in plain English.

Introduction

The Summit Learning Program is a personalized approach to teaching and learning inspired by the vision to equip every student to lead a fulfilled life. Gradient Learning (formerly T.L.P. Education) (“Gradient Learning” “we”, “us” and “our”), a California nonprofit public benefit organization and a 501(c)(3) nonprofit organization, operates the Summit Learning Program (the “Program”), including the Summit Learning Platform located at www.summitlearning.org (the “Platform”). With support from the Chan Zuckerberg Initiative, LLC (“CZI”), Gradient Learning offers the Program and Platform as a free service to schools that sign an agreement with Gradient Learning.

The Learning Services (defined below) are designed to facilitate strong relationships between teachers and students through real-time data about progress towards goals, access to ongoing feedback, and access to a wide range of learning resources that enable students to build on what they learn from the teacher by self-directing some of their learning, too.

Gradient Learning does not place ads in its Services or use personal information that we collect for ad purposes, including for behaviorally-targeted advertising purposes. We do not, and will not, make or seek to make money from students or their schools, teachers, or caregivers. We do not, and will not, sell, rent or lease the personal information of students, teachers, or anyone else.

Summary
The Summit Learning Program is a free personalized online learning program for teachers and students that is provided by Gradient Learning with support from the Chan Zuckerberg Initiative to schools that sign agreements with Gradient Learning.

Your privacy on the Learning Services is our priority. We don't make money from students and teachers using the Learning Services, nor do we allow ads to be placed on the Learning Services. We do not and will never sell or rent student or teacher personal information.

Gradient Learning and CZI are signatories to the Future of Privacy Forum’s and SIAA’s Privacy Pledge 2020 (formerly the Student Privacy Pledge) (“Privacy Pledge 2020”).

As with any technology used in the classroom, protections must be in place in order to safeguard student information. We have established this Privacy Policy (the “Privacy Policy”) to articulate the personal information that we collect and how we protect, use, and share it. Use of the Services is also governed by the User Agreement (the “User Agreement”).

This Privacy Policy applies to www.summitlearning.org, https://blog.summitlearning.org and demo.summitlearning.org (“Web Services”) and the Program features accessed through www.summitlearning.org (“Learning Services”) (collectively, the Web Services and Learning Services are “Services”). This Privacy Policy applies to those who register for the Learning Services (“Licensed Users”) and also applies to visitors to our Web Services who do not have registered accounts or anyone who is not logged in to their registered account (“Visitors”). This Privacy Policy also describes how we collect and use information from students (“Student Users”) attending “Partner Schools” (defined below) (Student Users together with Licensed Users, are “Users”).

Summary
We take your privacy very seriously. This Privacy Policy covers the protection of personal information for students, caregivers, teachers, and school officials who use our Learning Services. This Privacy Policy also covers personal information of Visitors to our website who are not using our Learning Services.

For clarity, this Privacy Policy does not apply to any other product or service offered by Gradient Learning, such as Along, which is offered under its own Privacy Policy.

This Privacy Policy does not apply to information collected by Summit Public Schools (a separate legal entity that pioneered the Summit Learning Program). This Privacy Policy also does not apply to websites or online services of companies that Gradient Learning does not own or control even if accessible from our Services.

The Services may contain links (e.g. educational content) that take you outside our Services. This Privacy Policy does not apply to such services that are not operated by Gradient Learning. Access to and use of such outside websites or online services is subject to their respective terms of use and privacy policies.

1. Contract and Services.

When you use our Services you agree to all the terms in this Privacy Policy and our User Agreement. You agree that by registering for, accessing or using our Services, you are entering into a legally binding contract with Gradient Learning (even if you are using our Services for your work at a school).

Summary
By using our Services, including visiting the Summit Learning Program website, you are entering into a contract with Gradient Learning.

2. Visitors

If you are a Visitor, we will collect personal information that you provide to us, including if you contact us with questions, sign up for a newsletter, or otherwise submit data to us. We will also automatically collect information described in 3.1(b) for Visitors. We will use this information for the purposes described in Section 3.1(b), in our Cookie Policy (“Cookie Policy”), and in accordance with any of the notices provided at the point you submit any personal information (e.g., to be contacted for more information about the Program).

Summary
We collect and use information from Visitors so that we can send requested information, such as sending users newsletters that they sign up for.

3. Users of the Learning Services

We provide the Program directly to schools and school districts that enter into a “Program Agreement” (“Program Agreement”) with us for their educational purposes (“Partner Schools”). In order to operate the Program for Partner Schools, we collect certain information through the Learning Services and only use and share the information to provide the Learning Services in accordance with such Program Agreements (or other terms agreed upon with applicable schools), this Privacy Policy and applicable laws. Each Program Agreement includes a Data Privacy Addendum that includes protections for Student User information, and limits our use and sharing of Student User personal information to the Learning Services. Parents, legal guardians, or caregivers (“Caregivers”) can get more information about the Learning Services on our website.

Summary
We provide the Learning Services to users who agree to our Program Agreement. To operate our service, we need to collect and use certain personal information from users to provide them their educational services. Any personal information we collect comes with specific protections and sharing limitations.

For Student Users, we define personal information as information that alone, or in combination with other, non-personal information would allow someone to identify or contact the child. This includes, but may not be limited to, all information considered to be “personal information” under the Children’s Online Privacy Protection Act (“COPPA”) or “personally identifiable information” under the Family Educational Rights and Privacy Act (“FERPA”). For more information on COPPA please see section 5 below.

Summary
We define "personal information" from students using the Learning Services as any information that would allow that student to be identified or contacted by another individual. We collect this type of personal information on the Learning Services so that we can provide students with educational services and use such information only for educational purposes.

3.1. Information We Collect

We collect different information depending on whether the User is a teacher, school administrator, Caregiver or Student User and how the User uses the Services. We get information, including personal information, about and from Users in two ways: (1) from information provided directly to us and (2) from information we collect through Services engagement. Information provided directly to us can include information provided by Partner Schools and external parties. Regardless of how we get personal information about Users, including Students, we only use the information to provide the Program in accordance with our commitments to our School Partners and as otherwise provided in this Privacy Policy or our agreement with the User.

Summary
Partner Schools give us personal information about their students, teachers and caregivers so that we can provide our education services to their students in partnership with teachers and caregivers.

(a) Information Provided Directly to Us

Licensed Users or their Partner School may choose to provide us personal information and Partner Schools may direct that personal information be provided to us by others for use in connection with the Program. Examples of such information include the following:

  • Account Sign-Up and Profile Information
    • Contact information such as full name and email address;
    • Username and password; and
    • Teacher information, including, but not limited to, name and years of experience.
  • Class and Student User Information. Partner Schools may choose to import the below information from outside third party services into the Services:
    • Class rosters, homeroom, and grade level;
    • Student name;
    • Student email address;
    • Student identification numbers such as school identification number or school information system identification number;
    • Student record information such as attendance, suspension, and expulsions;
    • Student demographic data, including date of birth, gender, ethnicity or race;
    • Student subgroups, such as English learners, students with disabilities, or low income status;
    • Mentor observations;
    • Student outcome information such as grade level promotion and matriculation, AP and IB test information, college admission test scores, college eligibility and acceptance, and employment; and
    • Academic or extracurricular activities a student may belong to or participate in.
  • Course Information and Student User Scores
    • Course data including coursework in applicable media (e.g., video, audio, text and images) and course progress;
    • Student scheduled courses;
    • Test scores, grades, standardized test results (such as NWEA MAP, SBAC, etc.), and teacher feedback on coursework; and
    • Teacher curricula and notes and feedback to or about students.
  • Caregiver Information
    • Names, mobile phone numbers and email addresses of Caregivers, if provided to us by the Partner School or the Caregiver.
  • Other
    • Answers to surveys about the Services or curricula; and
    • Feedback, suggestions, questions, and ideas submitted to us.

For a more comprehensive list of information, see Exhibit A of the Data Privacy Addendum. A detailed explanation of how information is collected and used is provided in this Summit Learning Help Center Article (“What data is collected and why is it needed?”).

(b) Information We Collect Through Services Engagement

We may collect certain information from Users’ and Visitors’ computers and devices as they use or engage with the Services. Examples of such information includes:

  • Device and Network Information:
    • We may collect information about networks (such as language, Internet protocol (IP) addresses, internet service provider, and connection speed) and other identifiers that are automatically assigned to a User’s or Visitor’s computer or device (such as browser type and operating system). We also collect the date and time of your use of the Services, and information about the links clicked and pages viewed within the Services. We collect this information to better distinguish users of the Services, which helps us to better secure our Services, understand which of our content and features users find valuable and, for Licensed Users, to provide reliable and personalized Services.
  • Cookies, Pixel Tags, and Similar Technologies:
    • We also use technologies such as cookies, pixel tags, local storage, and similar technologies to automatically collect this information. By using the Services, you consent to our use of cookies and similar technologies to collect information as you engage with the Services. You have control over the collection of information through these technologies per our Cookie Policy. Most browsers allow you to block or delete cookies through settings they provide, but please know that some of our Services may not work properly. We currently do not support “do not track” signals or related opt-outs.
    • Cookies. Cookies are small text files placed on your device consisting of a string of numbers and letters that uniquely identifies your device. This helps us do things such as save your preferences, and to identify Student Users in order to limit our collection and use of personal information accordingly.
    • Pixels. Pixels are a type of technology placed on a website or within the body of an email for the purpose of tracking certain activity, such as views of a website or when an email is opened. Pixels are often used in combination with cookies. For additional information, see our Cookie Policy.
    • Click-through URLs. If you “opt in” to receive newsletters, updates, or other information from us, our emails may use a “click-through URL” linked to content on our sites. When you click one of these URLs, they pass through a separate web server before arriving at the destination page on our sites. We use this click-through data to help us understand how recipients respond to, or interact with, our emails. If you prefer not to be tracked in this way, please do not click text or graphic links in emails you receive from us.
Summary
We collect information when Users engage with the Learning Services and Visitors visit our website to operate and improve the Learning Services. You may be able to have your browser block or delete cookies, but some parts of the Learning Services may not work properly as a result.

(c) Information Received from External Sources

We may also obtain information, including personal information, from external sources, such as content partners, providers of tests and assessments, and Student User information systems, to update or supplement the information we have about Users. For example, this may include data schools choose to provide us via School Information System (SIS) integrations with providers such as Clever (see Section 3.1(a) for examples). You can see more information about such integrations in this Summit Learning Help Center Article ("Setting up your Clever Account"). Local law may require that you authorize the external sources to share your information with us before we can acquire it. We treat personal information we receive from these external sources in accordance with this Privacy Policy, including if we directly combine that personal information with other personal information that we collect through the Learning Services.

Summary
We use technology to collect information about your engagement with our Learning Services to operate and improve the Learning Services.

(d) Information We Do Not Seek to Collect or Store

We do not seek to collect sensitive information about students, such as precise location or biometric data. If we become aware that such information has been provided, we will delete it within a reasonable time of such awareness or get the appropriate school or caregiver consent to keep it if it is reasonably necessary for the Learning Services.

Summary
We don't intentionally collect sensitive information through the Learning Services, such as the exact location of students. If we become aware that sensitive information is on the service, we will delete it or notify the appropriate party to get consent to keep it if necessary.

3.2. We Limit The Use Of The Personal Information We Collect

We use the personal information we collect from the Learning Services for educational purposes as directed by Partner Schools, including to:

  • Provide curricula choice or recommendations;
  • Drive learning engagement and progress via content suggestions to Users;
  • Maintain the security and reliability of the Services, troubleshoot, and perform audits;
  • Administer surveys, studies, and interviews;
  • Operate, develop, analyze, evaluate, and improve Gradient Learning’s educational sites, services, or applications;
  • Communicate with Users in connection with providing the Services;
  • Send Caregivers who are Users informational alerts or other communications via SMS or email messages (see Section 9 (“How We Communicate with You”) for information on how to manage or opt-out of communications);
  • Evaluate the efficacy of the Services and Program;
  • Perform other activities requested by Partner Schools for educational purposes or with the consent of a Caregiver or Student User of the age of majority;
  • Protect or defend the rights, safety, or property of Gradient Learning, Partner Schools or Users, or to comply with any law enforcement, legal, or regulatory process;
  • De-identify the information for other Gradient Learning purposes; or
  • Comply with applicable laws.
Summary
We use the personal information collected from the Learning Services only for educational purposes as directed by Partner Schools.

To be clear, we will not:

  • Seek to make money from students or their schools, teachers, or Caregivers through the Services;
  • Include advertising in the Services including behaviorally-targeted advertising to Users;** **
  • Sell, rent or lease (or authorize Service Providers (defined in Section 3.3. below) to sell, rent or lease) any personal information we collect from Student Users for any purpose – including for advertising and marketing purposes;
  • Use the personal information we collect from Student Users for marketing purposes (but we may ask Users to participate in surveys or provide feedback regarding the Services);
  • Get paid to make recommendations to students or use (or authorize Service Providers to use) the personal information we collect from students for advertising purposes, including behaviorally-targeted advertising purposes. [Note: Our personalized learning may include recommendations for further learning resources, including some resources provided by others.];
  • Use (or authorize Service Providers to use) the personal information we collect from Users for the creation of commercial products or services; or
  • Use information collected from Student Users for any purposes other than educational purposes of our Partner Schools unless we have de-identified the information such that it cannot reasonably be linked to an identifiable Student User.
Summary
We don't sell or use personal information to make money from anyone using our Services, and we require our own service providers to make the same commitment. We also don't use student personal information for anything other than educational purposes. In certain cases, we may use de-identified information, (i.e. information that cannot be used to identify or contact an individual) to improve your experience on the Learning Services.

De-identified information. We de-identify personal information and use de-identified information for other purposes, including research and product improvement. We consider “de-identified” information to be information that has direct and indirect personal identifiers removed such that the data cannot reasonably be used to identify or contact an individual. Such identifiers include, persistent unique identifiers, name, ID numbers, date of birth, and school ID.

Summary
We may use de-identified information for any lawful purpose.

3.3. We Limit How Personal Information Is Shared

In order to provide the Learning Services, we share your personal information in the limited ways outlined below:

  • Within a school. Partner Schools and their Licensed Users within a school share information with each other as authorized by the Partner School and for the Partner School’s educational purposes. The Learning Services do not include features that make Student User personally identifiable data publicly available.
  • School officials. Because the Learning Services is an educational tool, authorized school officials have legal rights to view, export, and request deletion of information in the Learning Services.
  • Caregivers. With a Student User’s Caregivers as authorized by the Partner School or as required by applicable law.
  • Service Providers. We use Service Providers to support the operation of the Services, such as through document management, data hosting, and provisioning customer service tools related to the Learning Services. CZI is our long-term technology partner and works as a Service Provider to help us develop and support the Services. We do not and will not grant Service Providers the right to sell your personal information or to use your personal information beyond what is reasonably necessary to assist us in providing the Services. We also require Service Providers to implement reasonable security practices in accordance with the Data Privacy Addendum. You can learn more about our security practices in our Security Whitepaper (“Security Whitepaper”). We maintain a list of our Service Providers (“Service Providers”), which may be updated from time to time.
  • Gradient Learning Affiliates. We may share User information to and among our affiliates, in which case we will require them to honor this Privacy Policy. “Affiliates” refers to entities controlled by Gradient Learning. Information is shared for the purposes of providing and improving Partner School support, product analytics and development, and other internal usage as permitted by law.
  • Law enforcement requests. We may access, preserve, and share User information in response to any law enforcement, legal, or regulatory process (e.g., warrants, subpoenas, court orders), or other applicable laws and regulations, if we have a good-faith belief that the law requires us to do so. In such cases, to the extent permitted by law, we will attempt to provide the Partner School or Caregiver (as applicable depending on the circumstances) with notice of such legal request prior to complying with respect to requests for Student User personal information.
  • New owners. If the ownership or control of all or part of the Learning Services changes, we may transfer information to that new owner.  We along with other signatories to the Privacy Pledge 2020, have committed to protecting Student User personal information in the event of such a change of ownership so that we honor commitments made prior to the change. .
    • In the event of such a change, we will provide notice to Users through the Services (or other contact information we have for a User) and this Privacy Policy will continue to apply and any new owner would be permitted to use and share personal information only pursuant to this Privacy Policy (unless Users agree otherwise). If a new owner does not agree to comply with this Privacy Policy, Users will be given a chance to opt out before any personal information is transferred to the new owner.
    • In the unlikely event that we file for bankruptcy or dissolution, we will protect your personal information by seeking to require that it be used only in accordance with this Privacy Policy, and we will not sell personal information to any third party.
  • With other third parties as required. With entities that we are obligated to share information with, as required by law or our agreements with Partner Schools. We may share personal information with third parties if we believe in good faith that sharing information is necessary or appropriate (i) to protect or defend the rights, interests, safety, or security of us, our Partner Schools, Users, or Service Providers; (ii) to prevent violations of the terms of use that govern the Learning Services; and (iii) as otherwise required by law.
  • With other third parties as permitted. We may share information with other third parties, if directed or authorized by the Partner School or with caregiver consent, to the extent permitted by law and subject to our User Agreement.
Summary
We may share your information in limited ways with the following parties: Those who need access to use the Learning Services. Schools and teachers get access to information about their students and caregivers can get access to information about their child. Third-party service providers that help us operate the Learning Services (Note: We never sell your information, and require our third party service providers to make the same commitment). Other third parties if required by law or directed by the appropriate school. Any new owners of the Summit Learning Program (Note: if this happens, you'll be able to opt-out if the new owner does not follow this Privacy Policy).

De-identified information. In the event we wish to demonstrate how the Program is used or its efficacy, or otherwise provide information or marketing materials related to the Program , we will only share de-identified information.  We may share aggregated and/or non-personally identifiable information publicly (such as statistics about visitors, and traffic patterns).

Summary
To demonstrate the efficacy of the Program or how it's being used in classrooms and schools, we may publicly share information that has been de-identified (i.e., information that cannot be reasonably used to identify or contact an individual).

4. We Support Caregiver Engagement

We support and encourage the involvement of Caregivers in their Student Users’ education. Caregivers and Student Users may, at any time, make a request to access, review, correct or delete of personal information in the Services by contacting the appropriate official at the Student User’s Partner School. If the Partner School determines that the request should be implemented, the Partner School may either make the change themselves or ask us to make such change. We will process such Partner School requests within thirty (30) days of receiving a written request in a manner consistent with applicable law, and the terms of the Data Privacy Addendum.

Summary
We support and encourage caregiver involvement in the Learning Services. Students and caregivers may request to access, review, correct or delete personal information. Such requests must be made through the Partner School.

5. Student User’s Personal Information

All students who use the Program will be enrolled in a Partner School that has signed a Program Agreement to participate in the Program, including the Learning Services. Pursuant to each Program Agreement (including the Data Privacy Addendum), each Partner School has consented to our practices regarding the collection, use, and disclosure of personal information from Student Users as permitted by law.

Prior to a student accessing the Learning Services, the Student User’s teacher or Partner School administrator must create the Student User’s account on the Learning Services. When the Partner School administrator or teacher registers its students, we rely on consent obtained from Partner Schools acting as an agent of the Student User’s Caregivers. For more information, please see our Privacy & Security FAQs (“FAQs” including our commitment to the Privacy Pledge 2020.

Summary
In order to provide students with educational services, schools have the authority to provide us access to their student's personal information. Schools act as an agent of a student's caregivers when they consent to our use of student personal information. When signing up for the Learning Services, schools review and agree to our Program Agreement (including the Data Privacy Addendum) and this Privacy Policy, which details our practices of collecting, using, and disclosing students' personal information.

COPPA governs the collection of certain information from children under the age of 13 ("child" or "children"); for more information about COPPA and generally protecting children's online privacy, please visit the Federal Trade Commission COPPA FAQs and OnGuard Online. While COPPA does not directly apply to non-profit organizations such as Gradient Learning, we voluntarily comply with COPPA’s guidelines regarding students under the age of 13 as part of our commitment to transparency with Caregivers regarding the collection and use of their child’s data.

The commitments we make regarding information collected from or about students apply equally to all students regardless of their age. Accordingly, where this Privacy Policy references students or any information collected from or about students, our Privacy Policy applies to students under 13 years old as well as students 13 years old and above.

For more information about how we protect student information, see Section 12.

Summary
We are committed to trying to protect the personal information for students of all ages on the Learning Services. As part of this commitment, we voluntarily comply with the core principles of COPPA.

6. Security and Accuracy of Personal Information

The security of personal information from our Users is important to us, and we work hard to protect it from unauthorized access and use. In an effort to prevent unauthorized access, disclosure, or improper use of User information, and to maintain data accuracy, we have established physical, technical, and administrative safeguards designed to protect the personal information we collect. For additional technical details regarding Gradient Learning’s security programs and measures, please see our Security Whitepaper.

We're constantly evolving our security procedures as technology changes, but our security procedures at a minimum include the following:

  • We restrict access to personal information to authorized Gradient Learning employees, agents, service providers, or independent contractors who reasonably need to know that information in order to process it for us, and who are subject to confidentiality obligations. Employees and contractors (“Staff”) are subject to discipline if they fail to meet these obligations.
  • We require our Service Providers with which we share Student User personal information to employ industry standard data protection and security protocols.
  • We use strong authentication methods including multi-factor authentication for all Staff.
  • We employ administrative, physical, and technical safeguards designed to protect personal information from unauthorized access, disclosure, and use or acquisition by an unauthorized person, including when transmitting and storing such information.
  • We employ encryption technologies to securely transmit personal information, including data-in-transit encryption, and we encrypt personal information that is stored.
  • We strive to maintain a data backup and recovery capability designed to help ensure a timely and accurate restoration of personal information.
  • We work hard to maintain a secure software development lifecycle with industry standard security practices designed to establish secure application, infrastructure, and network architectures.
  • We endeavor to maintain event monitoring and response procedures for events which could impact functionality, security and/or availability of the Learning Services.
  • We provide Staff training for security incidents and maintain incident response policies, plans and procedures focused on timely and effective incident response.
  • We employ trained security professionals with experience in security incident response and event monitoring.
  • We perform application security testing (including penetration testing) and conduct security risk assessments focused on the identification and remediation of risks, and work hard to timely remediate identified security vulnerabilities
  • We implement oversight and governance procedures for security risks, including a vulnerability disclosure program and reviews of incidents affecting the Summit Learning Platform.
Summary
We are constantly working on ways to prevent unauthorized access and misuse of personal information through administrative, physical, and technical safeguards. These include:
  • using strong authentication methods,
  • limiting who has access to student data,
  • destroying or deleting personal information as needed,
  • using strong encryption technology,
  • using secured data backup and recovery capability,
  • maintaining industry standard software development lifecycle,
  • providing security training to employees and staff, and
  • requiring Service Providers to follow similar terms.
If there is a data breach, we will provide notice to the school in a timely manner.

We regularly develop and implement features to help keep personal information safe. You can find more information about our technical practices in our Security Whitepaper. Should you discover any security bugs or vulnerabilities in our Services or have any questions regarding our data practices, please contact our team at security@summitlearning.org.

Although we make concerted good faith efforts to maintain the security of personal information, and we work hard to ensure the integrity and security of our systems, no practice can be 100% guaranteed. The security of personal information can be compromised by outages, attacks, human error, system failure, unauthorized use or other factors at any time. If we learn of a breach of your personal information, we will provide notice which will include information required by applicable law.

For additional information on our security practices, please visit our FAQs.

7. Data Retention

We will only retain personal information, including personal information from Users, for the time period required to support the authorized educational purposes. If a Partner School leaves our Program or requests removal of any personal information, we will promptly direct our Staff to delete, dispose of, or de-identify the personal information. We will delete, dispose of, or de-identify the personal information within sixty (60) days following such Partner School requests unless, consistent with applicable law, there is a legitimate reason to retain such personal information. Our normal retention period will not apply if we have consent to retain such information or if we are required to retain such information to comply with our legal obligations or law enforcement requests, resolve disputes, protect the safety and security of our Users or our Services, or enforce the User Agreement, Program Agreement (including the Data Privacy Addendum and Partner School Terms of Service), or any posted guidelines, policies or rules applicable to specific features of the Services.

Summary
We only keep User personal information for as long as necessary to provide the Services. In certain cases, we may need to keep personal information if the law requires a different duration, or as directed by the relevant Partner School.

If you are an eligible Student User (or Caregiver of a Student User that is under the age of 18) and wish to have your (or your student’s) personal information removed from the Learning Services, please contact your Partner School and review the information in Section 8 (“Partner Schools Can Delete Information”).

For additional information relating to deletion and retention policies, please see our FAQs.

8. Partner Schools Can Delete Information

Partner Schools may request the review or deletion of their Student User information in the Services. We will delete or de-identify such information within sixty (60) days, or in compliance with applicable law, unless we otherwise have consent to retain such information or are required to retain such information to comply with our legal obligations or law enforcement requests, resolve disputes, or enforce the User Agreement, Program Agreement, (including the Data Privacy Addendum and Partner School Terms of Service), or any posted guidelines, policies or rules applicable to specific features of the Services. Such information will be deleted when it is no longer needed for the purpose for which it was retained.

Summary
Schools can request that we delete and update student personal information.

9. How We Communicate With You

If you created an account on the Services (or otherwise provided an email address or phone number to us, or otherwise opted-in to receive communications from us), we may send you messages related to the Services, including messages regarding your account, privacy and security notices, and updates and information regarding the Program, including the Learning Services. These communications may be sent through SMS, push notifications, email, telephone calls, and postal mail. [Note: Standard carrier fees may apply to messages sent to your mobile devices.] If you have an account with us, we'll also use your contact information for customer service purposes, or to contact you for legal matters or purposes. We may receive a confirmation when you open an email from us if your device supports it.

Summary
We may contact you with messages and notifications about the Services, including information about your account, privacy and security notices, and service updates.

For Parents, Legal Guardians, or Caregivers. If, as a Caregiver of a Student User, you provided contact information to your school, your account (“Parent Account”) will be set up by your Student User’s teacher or Partner School. At the direction of the Partner School, we may send an invitation to you to log in to your Parent Account via the contact information that your Student User’s teacher or Partner School provided to us to set up your Parent Account. The invitation may be sent via email or SMS text message. [Note: Your carrier may charge you fees for text messages.] We may also send you informational text messages, including, but not limited to, messages: (1) providing information related to your student’s use of the Services; (2) supplying information that you request; or (3) responding to your inquiries regarding your account or use of the Services. If, as a Caregiver of a Student User, you provide your telephone number to your Student User’s Partner School, you are consenting to Gradient Learning (on behalf of and at the direction of your student’s Partner School) sending informational text messages related to the Partner School’s mission. If, as a Caregiver, you would prefer not to receive our communications, you may opt-out using the instructions contained in these communications, you may text “STOP” at any time and/or contact us (see Section 11 below). After doing so, we will send you confirmation of this opt-out via text message.

Summary
Schools will provide us information about caregivers so that they can be enrolled in the Learning Services. We may also contact you about your student's account, to provide requested information, to respond to inquiries, or to provide information as directed by your student's school. Caregivers may opt-out of these communications.

10. We Are Transparent About Changes

We may modify this Privacy Policy or our User Agreement from time to time. If we make material changes to this Privacy Policy, including changes that impair your rights or change how your data will be used under this Privacy Policy, we will provide you at least 30 days prior notice pursuant to this Section 10. We will seek to provide you notice through our Services, or by other means, to provide you the opportunity to review the changes before they become effective. We agree that changes cannot be retroactive. The notice will indicate which sections contain material modifications and what choices you may have. Your continued use of our Services after we publish or send a notice about our changes to these terms means that you are consenting to the updated terms following their “effective date.” If you object to any changes, you must stop using or accessing the Services. If we make any changes to this Privacy Policy or the User Agreement, you can request a copy of the prior versions by contacting us at privacy@summitlearning.org.

Summary
When we make material changes to this policy, we will notify you before the changes go into effect.

11. We Want To Hear From You

If you have any questions about this Privacy Policy or our practices, please contact privacy@summitlearning.org.

You can learn more about Gradient Learning on our website, http://gradientlearning.org/ and about the Summit Learning Program in our FAQs.

You can also reach us by emailing or writing to the contact information provided in this Summit Learning Help Center Article (“How can I contact Gradient Learning?”).

Summary
If you have questions about the Privacy Policy, you can email us at privacy@summitlearning.org.

12. Useful Information Regarding Student Data

What Information Does Gradient Learning Collect from Students and How Does Gradient Learning Use the Information?

As described above, we use the information collected from Student Users to provide the Learning Services to Student Users and as described further in this Privacy Policy and the User Agreement. The Partner Schools have authorized us to collect the information from Student Users necessary to use our Learning Services, including:

  • Classwork, for example: project submissions (including documents and other media), assessment responses, and academic goals;
  • Communications with teachers and mentors, for example: responses to teacher feedback, free-form notes, and requests for guidance; and
  • Non-academic information, for example: college and career interests, college preparation artifacts (essays, letters of recommendation), reflections on academic progress and other self-assessments, anonymous survey responses, and offers to tutor peers.

In addition to the information entered by the Student User, we automatically collect some information from any use of our Learning Services as set forth in Section 3.1(b) of this Privacy Policy. We also receive information from the Student User's teacher or Student User’s Partner School, and link to the Student User’s account in our Learning Services as set forth in Section 3.1.

If we discover that we have collected personal information from a Student User in a manner inconsistent with this Privacy Policy, we will take appropriate steps to either promptly delete the information, or seek consent for that use for the Learning Services.

What Student Information is Visible to Others?

The Learning Services limit access to each Student User’s account and the content thereon to the Student User, the Student User’s Caregivers, teachers, school administrators, and other teachers in the Student User’s Partner School (depending on the setting selected by the Partner School’s administrator). Accordingly, the Learning Services do not permit any Student User’s account or the content and grades thereon to be viewed or accessed by the general public.

How Long Do You Keep a Student’s Information?

Please see Section 7 (“Data Retention”). If you are a Caregiver of a Student User under the age of 18 and you wish to have a Student’s personal information removed from the Learning Services, please contact your Partner School.

What Caregiver Choices are there?

Please see Section 4 (“We Support Caregiver Engagement”).

Summary
Here's a summary of our key practices for student information: We collect information from students and others, as authorized by Partner Schools, so that we can provide the Learning Services; Student's accounts are not available to the general public. We limit access to the student, their teachers, caregivers and to other trusted adults (if they are given access by the Partner School); We keep data for a limited time, and caregivers can request to have a student's information removed (see Section 7); and We support caregiver control and involvement (see Section 4).

13. Information for California Residents

While the CCPA does not apply to nonprofit organizations like Gradient Learning, we take privacy seriously and have chosen to inform our practices with the CCPA. Specifically, this means the below.

13.1 The Right to Request Information

The CCPA gives consumers who are residents of California the right to request the following information about the personal information that we’ve collected in the past 12 months:

  • Information about Data Collection.
    • The categories of personal information that have been collected.
    • The specific pieces of personal information that have been collected about you.
    • The categories of sources from which we have collected personal information.
    • The business purpose for which we have collected personal information.
  • Information about Data Disclosure.
    • The categories of third parties with whom personal information has been shared.
    • The categories of personal information that we have disclosed for a business purpose. \

To request any of the above information, email privacy@summitlearning.org. Please include in your request sufficient information that allows us to reasonably verify that you are the person about whom we collected personal information. Please note that we do not sell your personal data, and that Gradient Learning will not discriminate against you in any way based on your exercise of these rights.

13.2 Additional Disclosure

We have described in fuller detail in this Privacy Policy the personal information that we collect, how we use and disclose it, but provide the following additional disclosure:

  • Information we collect. We have collected the following categories of personal information within the past 12 months: (1) identifiers; (2) internet or other similar network activity; (3) education information; and (4) audio and visual information as part of the content and communications exchanged between students and teachers using the Services.
  • Sources of information. We obtain these categories of personal information directly and indirectly as described in Section 3.1 of this Privacy Policy.
  • Purposes of disclosure. We disclose the personal information we collect for one or more of the following business purposes: (1) to provide you with the Services; (2) to operate, de-bug and improve our Services and contents as described in more detail in this Privacy Policy; (3) to protect against malicious or fraudulent activity on our Services and prevent security incidents; (4) to undertake activities to verify or maintain the quality and safety of the Services; and (5) to undertake internal research for technological development.
Summary
: California residents have the right to request information about the personal data we collect. Requests should be sent to privacy@summitlearning.org. In addition to the details outlined in this Privacy Policy, below you'll find additional disclosure and summary around the personal information we collect: Over the past 12 months we've collected certain personal information from student and teacher users, in order to provide educational services. We collect this personal information both from direct and indirect sources. We may disclose personal information for select business purposes, such as to protect against fraudulent activity or to debug our website.