Modified and Effective on March 27, 2020
1. Information we collect
We collect information to provide better Services to all of our users. We collect information in the following ways (collectively, “Data”).
- Information you give us when you use the Site; request information regarding our Services, access promotional materials published by Sibme; or participate in other activities on Sibme’s Site. Sibme collects minimal personal information to provide its Services. The only information required to create an account are your email address, user ID and password. Sibme may collect personal information such as your phone number and mailing address for certain optional functionality. Personal Information means any information that may be used to identify you, such as, your name, title, phone number, email address, or mailing address. The personal information we collect may include name, physical address, telephone number, email address and other personal information that you choose to provide to us in exchange for certain optional functionality.
- Information we get from your use of our Services We collect information about Sibme Services that you use and how you use them. Sibme collects your personal information to provide certain Services to you, for authorized educational/school purposes, or as authorized by the parent/student, the teacher or the educational institution/agency. This information includes:
Device information — We collect device-specific information (such as your hardware model, operating system version, unique device identifiers, and mobile network information including phone number).
Log information — When you use our Services or view content provided by Sibme, we automatically collect and store certain information in server logs. This includes:▪ Internet Protocol (IP) address.
▪ Device event information such as crashes, system activity, hardware settings, browser type, browser language, the date and time of your request and referral URL.
▪ Cookies that may uniquely identify your browser or your Sibme account.
Location information — When you use Sibme Services, we may collect and process information about your actual location using your IP address.
Unique application numbers — Certain Sibme Services include a unique application number. This number and information about your installation (for example, the operating system type) may be sent to Sibme when you install or uninstall that Service or when that Service periodically contacts our servers, such as for automatic updates.
Cookies and other tracking technologies — We use various technologies to collect and store information when you use a Sibme Service, and this may include using cookies or other tracking technologies (including web beacons, email pixels and script-based trackers) to identify your browser or device (“Website Navigational Information”). Website Navigational Information allow web applications to respond to you as an individual.▪ We may use traffic log cookies to identify which pages are being used. This helps us analyze data about web page traffic and improve our website in order to tailor it to customer needs.
▪ Overall, cookies help us provide you with a better website, by enabling us to monitor which pages you find useful and which you do not. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us.
▪ You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. This may prevent you from taking full advantage of the website.
Hashed identifiers — We collect hashed identifiers derived from email addresses for the purposes of cross-device tracking for targeted advertising. Hashing is a process that pseudonymizes (i.e. digitally scrambles) information, such as email addresses. For example, when email@example.com is run through a typical hashing function, it becomes the following string of characters: $2y$12$3ebUq9.w6JrQhdbTaVOXt.WOPvDjhJihGvLQjJahV.VyxwjpgQssC. We take this step to de-identify data and protect email addresses, while being able to use the unique identifier created for the purpose of targeting ads to you across different electronic devices and browsers.
Other functionality — The Site also provides functionality that permits you to enter information relating to third parties (“Third Party Information”). Third Party Information is treated the same way that we treat your personal information unless such Third Party Information relates to children under the age of 13 years old. Please see section 5 below to understand which information we collect in such circumstances.
2. How we use your information
We will process your Data only if it is legally permitted to do so, and more specifically in the circumstances described below.
Managing user registrations. If you have registered for an account with us, we process your Data by managing your user account for the purpose of performing our contract with you according to applicable terms of service.
Promoting the security of our Site and Services. Sibme processes your Data by tracking use of its Site and Services, creating aggregated, non-personal data, verifying accounts and activity, investigating suspicious activity and enforcing our terms and policies to promote the safety and security of the Services, systems and applications and to protect our rights and the rights of others. For example, we may check for license compliance validation using your user/login ID or other account details.
Developing and improving our Site and Services. We process your Data to analyze trends and to track your usage of and interactions with our Site and Services to develop and improve our Site and Services and provide our users with more relevant content and service offerings.
Handling contact and user support requests. If you fill out one of our web forms or request user support, or if you contact us by other means including via a phone call, we process your Data to perform our contract with you, fulfill your requests and communicate with you.
Reviewing compliance with applicable usage terms. We process your Data to review compliance with the applicable usage terms in our customer’s contract and to ensure adherence to the relevant terms.
Assessing and improving user experience. Sibme processes device and usage data as described in Section 1 above, which in some cases may be associated with your Data, in order to analyze trends, assess and improve the overall user experience and Service offering. In addition, Sibme uses Website Navigational Information to operate and improve the Site. Sibme may also use Website Navigational Information alone or in combination with Data about customers and Data about webinar attendees to provide personalized information about Sibme. For additional information about the use of Website Navigational Information, please see Section 1 above.
Managing event registrations and attendance. Sibme also uses Data about webinars attendees to plan and host corporate events, host online forums and social networks in which you have registered or that you may participate, including sending related communications to you, to perform our contract with you. Additional information on Sibme’s privacy practices with respect to Data about webinars attendees may be found in additional privacy statements on the event websites, as the case may be. Sibme may also use Data about customers and webinar attendees for marketing purposes. For example, Sibme may use information you provide to contact you to further discuss your interest in the Services and to send you information about Sibme product recommendations related to our contract with you or your interest. Sibme may also receive information about customers and attendees from other sources, including third parties from whom we have purchased data, and combine this information with Data we already have about you.
Managing contests or promotions. If you register for a contest or promotion, we process your Data to perform our contract with you. Some contests or promotions have additional rules containing information about how we will process your Data.
Assessing capacity requirements. Sibme processes your Data to assess and ensure that it is meeting the capacity requirements of its Services.
Identifying customer opportunities. Sibme processes your Data to assess potential new opportunities with customers to ensure that it is meeting the demands of its customers and their users’ experiences.
Displaying personalized advertisements and content. We process your Data to conduct marketing research, advertise to you, provide personalized information about us on and off our websites and to provide other personalized content based upon your activities and interests. To the extent your consent is required and you have provided your prior consent, such consent can be withdrawn by you at any time without having to provide any specific reason for such withdrawal.
Sending marketing communications. We will process your Data to send you marketing information, product recommendations and other non-transactional communications (e.g., marketing newsletters, telemarketing calls, SMS, or push notifications) about us and our partners, including information about our products, promotions or events. To the extent your consent is required and you have provided your prior consent, such consent can be withdrawn by you at any time without having to provide any specific reason for such withdrawal.
Managing payments. If you have provided financial information to us, Sibme processes your Data to verify that information and to collect payments to the extent that doing so is necessary to complete the transaction and perform our contract with you.
Complying with legal obligations. We process your Data when cooperating with public and government authorities, courts or regulators in accordance with our legal obligations under applicable laws to the extent this requires the processing or disclosure of Data or is necessary to protect against misuse or abuse of our websites, to protect personal property or safety, to pursue remedies available to us and limit our damages, to comply with judicial proceedings, court orders or legal processes or to respond to lawful requests.
3. With whom we share your information
Business Partners. From time to time, Sibme may partner with other companies to jointly offer products, services (such as technical and customer support) or programs (such as webinars or downloadable content) such as our channel partners to fulfill product trials and information requests, and provide customers and prospective customers with information about Sibme and its products. To do this, we may pass your information to them to the extent necessary for that purpose only, and they are prohibited from using that information for any other purpose. Sibme does not share your Data with business partners for purpose of webinars or events, unless: (1) you specifically opt in to such sharing, such as via an event registration form; or (2) you attend a joint event by Sibme and its business partner(s) and allow Sibme or its business partner(s) to scan your attendee badge. If you do not wish for your information to be shared in this manner, you may choose not to opt in and choose not to have your badge scanned at Sibme events. If you choose to share your information with business partners in the manners described above, your information will be subject to the business partners’ respective privacy statements. Sibme sometimes hires vendor companies to provide limited services on our behalf, including packaging, mailing and delivering items, sending postal mail, providing technical support, and processing event registrations. We provide those companies only the information they need to deliver the service, and they are prohibited from using that information for any other purpose. Our Business Partners will be given access to your information as is reasonably necessary to provide the Service under reasonable confidentiality terms and are obligated to implement these same commitments to which Sibme is committing itself under the Student Privacy Pledge (www.studentprivacypledge.org).
Your Request. We may share certain information pursuant to a request made by you. On occasion when Sibme transfers personal information to one of those third parties for purposes of responding to a request from you, that third party may need to furnish the information to an unaffiliated party for further assistance. BY USING THE SIBME SITE AND PROVIDING US WITH YOUR PERSONAL DATA, YOU CONSENT TO THIS TRANSFER OF YOUR PERSONAL DATA TO SUCH THIRD PARTY TO SUPPORT THE AUTHORIZED EDUCATIONAL/SCHOOL PURPOSES OR AS AUTHORIZED BY THE PARENT/STUDENT.
Compelled Disclosure. Sibme may also disclose your personal information if required to do so by law or, to the extent permitted by applicable law, as necessary in connection with a sale, merger, transfer, exchange or other disposition (whether of assets, stock or otherwise) of all or a portion of a business of Sibme and/or its subsidiaries or to (1) conform to legal requirements or comply with legal process served on Sibme or this Site; (2) protect and defend the rights or property of Sibme and this Site; (3) enforce its agreements with you, or (4) act in urgent circumstances to protect personal safety or the public. In individual instances, Sibme may also share with professional advisers acting as processors or joint controllers including lawyers, bankers, auditors and insurers based in countries in which we operate who provide consultancy, banking, legal, insurance and accounting services, and to the extent we are legally obliged to share or have a legitimate interest in sharing your Data.
Billing. Sibme uses a third-party service provider to manage credit card processing. This service provider is not permitted to store, retain, or use billing information except for the sole purpose of credit card processing on Sibme’s behalf.
Any Data or other information you choose to submit in communities, forums, blogs or chat rooms on our Site may be read, collected and used by others who visit these forums, depending on your account settings.
4. How long we keep your information
Sibme or its Service Providers may retain information (including your profile information) collected for the time period required to support the authorized educational/school purposes, or as authorized by the parent/student. After the termination or deactivation of your account, Sibme may retain your information for a commercially reasonable time for audit purposes or as required by applicable law. We determine the appropriate retention period for the Data on the basis of the amount, nature and sensitivity of your Data processed, the potential risk of harm from unauthorized use or disclosure of your Data and whether we can achieve the purposes of the processing through other means, as well as on the basis of applicable legal requirements (such as applicable statutes of limitation). When you decide to delete certain information in your account, we will fulfill your request and update this information on our platform. We will also notify third parties that we have authorized to use that information of your request. Note that Sibme will permanently delete student personal information after the termination or deactivation of your account. Account data, when deleted, cannot be recovered.
5. Protecting Children’s Privacy
6. Your feedback
We are committed to ensuring that your information is secure. In order to prevent unauthorized access or disclosure we have put in place industry-recognized security safeguards coupled with carefully developed physical, electronic and managerial security procedures to safeguard and secure the information we collect online. Please note that while we have implemented industrystandard security mechanisms and procedures to protect data from loss, misuse and unauthorized access, disclosure, alteration and destruction, no method of storage or transmission is 100% secure. You are solely responsible for protecting your password, limiting access to your devices and signing out of websites after your sessions. We are not responsible for the breach by third parties of the safeguards we put in place to protect the privacy of your data.
8. For EU and UK Individuals: Your Rights Under GDPR
If you reside or otherwise find yourself in the territory of Europe or in the UK, we are committed to facilitate the exercise of your rights granted by the EU General Data Protection Regulation and any applicable UK data protection regulation. You can contact us at firstname.lastname@example.org at any time to discuss your privacy concerns. Privacy rights under the EU General Data Protection Regulation and applicable UK data protection regulation include:
Transparency and the right to information. Through this policy we explain how we use and share your information. However, if you have questions or concerns you can contact us any time.Right of access, objection, restriction of processing, erasure, and portability. You also have the right to withdraw your consent at any time when we process your personal data based on your consent. To exercise these rights, please contact us. Requests to access, change, or delete your information will be addressed within a reasonable timeframe. Please note that if you have registered for an account with Sibme, you may generally update your user settings, profile, organization’s settings or event registration by logging into the website or Services with your username and password and editing your settings or profile.
Right to opt-out to direct marketing. You have the right to opt-out at any time to receiving marketing materials from us by following the opt-out instructions in our commercial emails, by contacting us, or by adjusting your preferences under your profile details on the Site. Please note that we reserve the right to send you other communications, including service announcements and administrative messages relating to your account, without offering you the opportunity to opt out of receiving them.
Right to lodge a complaint with a supervisory authority. If you consider that the processing of your personal data infringes your data protection rights according to the EU General Data Protection Regulation, you have the right to lodge a complaint with a supervisory authority, in the member state of your habitual residence, place of work, or place of the alleged infringement. Contact details for the EU data protection authorities can be found at https://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm.
9. For EU, UK and Swiss Individuals: Privacy Shield Notice for Personal Data Transfers to the United States
Pursuant to the Privacy Shield Frameworks, EU, UK and Swiss individuals have the right to obtain our confirmation of whether we maintain personal information relating to you in the United States. Upon request, we will provide you with access to the personal information that we hold about you. You may also correct, amend, or delete the personal information we hold about you. An individual who seeks access, or who seeks to correct, amend, or delete inaccurate data transferred to the United States under Privacy Shield, should direct their query to email@example.com. If requested to remove data, we will respond within a reasonable time frame.
Sibme’s accountability for personal data that it receives in the United States under the Privacy Shield and subsequently transfers to a third party is described in the Privacy Shield Principles. In particular, Sibme remains responsible and liable under the Privacy Shield Principles if third-party agents that it engages to process the personal data on its behalf do so in a manner inconsistent with the Privacy Shield Principles, unless Sibme proves that it is not responsible for the event giving rise to the damage.
In compliance with the Privacy Shield Principles, Sibme commits to resolve complaints about your privacy and our collection or use of your personal information transferred to the United States pursuant to Privacy Shield. EU, UK, and Swiss individuals with Privacy Shield inquiries or complaints should first contact Sibme at firstname.lastname@example.org. Sibme has further committed to refer unresolved Privacy Shield complaints covering non-human resource data under the Privacy Shield Principles to BBB EU Privacy Shield, an alternative dispute resolution provider located in the United States. If you do not receive a timely acknowledgement of your complaint from us, or if we have not addressed your complaint to your satisfaction, please visit https://bbbprograms.org/privacy-shieldcomplaints/ for more information or to file a complaint. The services of BBB EU Privacy Shield are provided at no cost to you.
Please note that Sibme also receives some data via other compliance mechanisms, including data processing agreements based on the EU Standard Contractual Clauses.
If your Privacy Shield complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for certain residual claims not resolved by other redress mechanisms. See Privacy Shield Annex 1 at https://www.privacyshield.gov/article?id=ANNEX-I-introduction. Sibme is subject to the investigatory and enforcement powers of the US Federal Trade Commission. Sibme may be required to disclose personal information that we handle under the Privacy Shield in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
10.How to Exercise Your Rights
To exercise your rights, please contact us by using the information in Section 15 below (“Contacting us”). We try to respond to all legitimate requests within one month and will contact you if we need additional information from you in order to honor your request. Occasionally it may take us longer than a month, taking into account the complexity and number of requests we receive. If you are an employee of a Sibme customer, we recommend you contact your company’s system administrator for assistance in correcting or updating your information. Some registered users may update their user settings, profiles, organization settings and event registrations by logging into their accounts and editing their settings or profiles.
11. Links to other websites
12. Your responsibility
You acknowledge that local policies or regulations promulgated by your school district or employer may be applicable to you and you are responsible for complying with all such policies and regulations. You shall use Sibme Services and the Site only in strict compliance with these policies and regulations. You shall use Sibme Services and the Site only in strict compliance with the Terms of Service, all United States federal, state and local laws and all other laws, regulations and governmental authority (including, but not limited to, policies and laws related to privacy, defamation, copyright and trademark infringement) applicable to you.
You may manage your receipt of marketing and non-transactional communications by clicking on the “unsubscribe” link located on the bottom of Sibme’s marketing emails. Additionally, you may unsubscribe by contacting us at any time at email@example.com. Please note that opting out of marketing communications does not opt you out of receiving important business communications related to your current relationship with us, such as communications about your subscriptions or event registrations, service announcements or security information. You can also opt out of seeing personalized online ads from companies participating in the Network Advertising Initiative (“NAI”) using the NAI opt out tool at http://optout.networkadvertising.org/.
15. Contacting us
If you have any questions or concerns about our collection, use or disclosure of your personal information or would like to delete or make a correction of personal information you have provided to us, please email us at firstname.lastname@example.org. Sibme supports access to and correction of a student’s personally identifiable information by the student or their parent or authorized guardian, either by assisting the educational institution in meeting its requirements or when the information is collected directly from the student with student/parent/guardian consent.