Learnosity follows a simple policy to ensure our staff and customers have a clear understanding of our data handling and privacy requirements. The following relates to our Product offering and the users of those products, authors, teachers, students etc.
We do not share data across our customers for any reason.
Learnosity adheres to the following principles:
- We are entrusted with the data of our customers and their users. We do not own this data but will look after it as if it were our own
- We use best practice security including industry standard TLS encryption in transit and AES 256 encryption at rest.
- Data is not shared – the data is only available to the customer who saved it, and we will not share this data with any other parties except if legally obliged to by a statutory body.
- We may from time to time reprocess this data to allow more efficient storage or analysis.
- We may process this data to provide insights for the benefit of our customers and their users. This will not mix or share data across customers.
- We store data in an orphaned manner, meaning you control the mapping and context for the data.
FAQs
Data is any responses, recordings, content created or uploaded by our Customers or our customers users (students, teachers, administrators etc).
No – Learnosity is designed to not require any PII, and all user identifiers stored with Learnosity are set by our customers and should be one way functions. This ensures that the data is orphaned and anonymous in Learnosity’s Data Stores without the full user context and function/hashing pattern. This approach ensures our clients are the only ones in control of the mapping between their user identities and any data stored with us.
Our Privacy Policy is subject to change, however we will not make material changes without:
- First providing prominent notice to those who contract with us
- Allowing them to opt out before data is used in any manner inconsistent with terms they were initially provided
No – Data stored in Learnosity will not be shared by Learnosity with other providers.
No – Data is controlled by the education provider and Learnosity will not share this data.
We will not allow a successor entity maintain any student personal information, unless this entity is subject to these same commitments for the previously collected student personal information.
Learnosity work on the principle of “least data” and have built a system to not require or store PII. We also regularly review as part of our ongoing product development, the schema of the data that we hold to ensure either that we are sticking to the principle of zero-or-minimal PII, or where we have a need to store PII (for instance, we do store IP addresses for a short period of time for security reasons – i.e. to identify DOS attacks or similar) that we are minimizing the required time for any persistence of such data.
Reporting Security Vulnerabilities
Security is a top priority at Learnosity, and if you believe that you have found a security vulnerability on any of our sites or APIs, we encourage you to let us know straight away at security@learnosity.com.
We will investigate all legitimate reports and do our best to quickly fix the problem. As long as you make a good-faith effort to avoid privacy violations and destructive exploitation of the vulnerability, we will not pursue legal action.
