Digital Learning Services Privacy Notice

Secondary Student/Youth Users

Pearson receives authorization to collect, process and otherwise handle Personal Information of a Secondary Student User or a Youth User under this Privacy Policy and the EULA when a parent, Institution or Educator of such User (a) purchases the Services for such User; (b) establishes an User Account for such User; (c) registers such User to use the Services; (d) instructs such User to establish an account or register to use the Services; or (e) directs such User to complete schoolwork or assignments using the Services. Such authorization and consent also will be deemed to have been granted for all Secondary Education Student/Youth Users who are included in an Educator’s course roster in the Services or who access the Services through account credentials that an Educator has associated with the User’s Personal Information, such as through the Educator’s course or learning management system. Educators and their Institutions are responsible to obtain any additional legally required consents for Secondary Education Student Users and Youth Users.

Other Users

Pearson receives authorization to collect, process and otherwise handle Personal Information under this Privacy Policy and the EULA when the User: (a) purchases the Services; (b) establishes an account or registers to use the Services; (c) accesses the Services through account credentials that an Educator has associated with the User’s Personal Information, such as through an Institution’s course or learning management system; or (d) uses the Services.

Global Nature of the Services

For some of Pearson’s Services, Personal Information may be transmitted, stored and processed in a country other than the one in which the User resides or the Educator or Institution is located. The authorization for Pearson to collect, process and otherwise handle Personal Information under this Privacy Policy includes consent and authorization for the User’s Personal Information to be transferred and stored in countries outside of their residence, which may include the United States and the United Kingdom, as well as any country where the Educator or Institution may be located or the User may visit.

Payment and Order Data

If a Customer purchases the Services online directly from Pearson, Pearson will collect information needed to process the order, including order details, name, institution name and address (if applicable), email address, phone number, shipping and billing addresses, credit/debit card information, shipping options and any instructions. Payment data submitted by the Customer will be disclosed to the Customer’s financial institution and Pearson’s payment processing vendor for the purpose of processing payment for the Services ordered.

Account Data

Pearson collects and processes Account Data to set up, maintain and enable a User account to use the Services. Account Data includes a User’s name (unless an alias is used with Educator or Institution approval/coordination), email address, country, user name and password, as well as the Institution and course identifier for any courses for which User uses the Services. A User’s mobile phone number may also be collected and used for User authentication. With coordination/approval by the Educator, a User may be registered for a User account using an alias* instead of actual first and last name. Account Data does not include student coursework or responses, scores, grades or instructor feedback on interactive exercises, assignments or assessments.

Course Data

Course Data means educational data collected, generated or processed through use of the Services in connection with educational coursework. Course Data includes assignments, student coursework, responses to interactive exercises, assessments, scores, grades and instructor comments. Pearson collects and processes Course Data in order to provide the Services to Users, Educators and Institutions for educational purposes.

Community/Forum Postings; Other Communications

Information posted by a User in a community or forum or communicated with a communication tool provided through the Services may constitute Personal Information. Postings and communications will be visible to and shared with all members of the community or forum. Pearson is not responsible for further use or disclosures by others who are members of the community or forum or recipients of any communications.

Google Drive

Some Services may have the capability to connect to your Google Drive so that you can upload or download documents directly from or into your Google Drive. Before they do so, you will receive a prompt asking you to click "Allow" to enable the Services to connect to your Google Drive. You may remove this connection in the My Account settings for your Google account at any time. Pearson will use this connection to access your Google Drive only for the purpose of uploading or downloading documents that you specifically select with limited metadata to allow identification and retrieval, so that you can access and use the documents within the Services or download them to Google Drive. Pearson will use, process and store these documents and associated personal data in accordance with this Privacy Notice.

Personal Digital Assistants

For some Services, a User may choose, on an optional basis, to use a third party personal digital assistant service to interact with the Services.  The User must enable and activate this use through the personal digital assistant service and may disable it at any time.   Pearson is not responsible for the privacy practices or performance of a third party personal digital assistant service. Use of a third party personal digital assistant service is subject to the privacy policy and terms for that service.   If a User chooses to communicate with Pearson through a personal digital assistant service, Pearson may provide information to, and communicate with the User through, the third party personal digital assistant service for the purpose of delivering the Services to User.  Pearson will otherwise use, process and store any personal information received from a User through a personal digital assistant service to deliver the Services in accordance with this Privacy Notice.

Cookies and Related Technologies

The Services use cookies to enable Users to sign-in to the Services and access stored preferences and settings. Users, Educators and Institutions have a variety of tools to control the use of cookies, web beacons and similar technologies, including browser controls to block and delete cookies. Disabling or blocking these technologies, however, may prevent or impair required functionality and use of the Services.

Application and System Logs

Application and system logs are critical to ensuring the delivery, availability and security of the Services. Pearson automatically collects log data related to User interaction with the Services. This data may include browser type, type of computer/device and technical information about the User’s means of connection to the Services, such as operating system, internet service provider and IP address. This data is collected and used for support purposes and to monitor the health of the Services, identify problems, improve service, detect unauthorized access and fraudulent activity, prevent and respond to security incidents and appropriately scale the computing resources for the Services.

Feedback, De-Identified and Aggregate Data

Pearson may provide Users with the opportunity to evaluate and provide feedback on the Services on a voluntary basis. Pearson may use and disclose such data in de-identified form, as well as other de-identified data and de-identified aggregate data collected and processed through the Services, to deliver, maintain, support, evaluate and improve the Services, conduct educational research, develop new products and services and for other purposes. De-identified data is not considered Personal Information under this Privacy Policy.

Web Analytics

Pearson may use third party web trend analytical services, including Google Analytics and Adobe Analytics, to collect visitor information, such as IP addresses, browser types, referring pages, pages visited and time spent on a particular site. While these analytical services collect and report information on an anonymous basis, they may use cookies to gather web trend information. The information gathered may enable Pearson (but not the third party web trend services) to link information with application and system log data. Pearson uses this information for system administration and to identify problems, improve service, detect unauthorized access and fraudulent activity, prevent and respond to security incidents, appropriately scale computing resources and otherwise support and deliver the Services.

Do Not Track

Do Not Track (DNT) is a proposed mechanism for allowing website visitors to control the collection of certain usage data. Although there has been research into the development of a standard to support the use of DNT signals, there is no adopted standard to follow. The Services do not currently respond to Do Not Track signals.

Educators and Institutions

Where the Services involve the collection and processing of Course Data, Pearson may provide and disclose Personal Information to the User’s Educator and Institution and as otherwise directed by the Institution or the Educator. Educators and Institutions may export grade book information and other Course Data from the Services for the purpose of maintaining educational records. Pearson may use and disclose such Personal Information, as requested or authorized by an Institution or by an applicable governmental educational agency or authority, for administrative, audit and evaluation purposes, such as to evaluate the educational efficacy and effectiveness of the Services.

Improper Conduct

Pearson may use and disclose Personal Information of a User to the User’s Educator, Institution, law enforcement and other regulatory officials for the purpose of investigating and addressing suspected illegal conduct, misappropriation of password access, academic dishonesty or misconduct or any other conduct prohibited by law, the EULA or a User’s Educator, Institution or other applicable regulatory authority.

Affiliates and Contractors

Pearson may disclose Personal Information to affiliated Pearson companies and other companies and organizations who perform work for Pearson under contract and are obligated to protect the privacy of Personal Information consistent with this Privacy Policy.

Other Circumstances

Pearson also may disclose or use Personal Information: (a) with the User’s consent (or, if a Youth User, with the consent of the Youth User’s parent); (b) in response to a subpoena, court order or legal process, to the extent permitted or required by law; (c) as required by law; (d) to protect the security and safety of the User and other persons, data, assets and systems, consistent with applicable law; (e) in connection with a sale, joint venture or other transfer of some or all of its company or its assets, subject to the commitment of the acquiring entity to comply with this Privacy Policy; (f) to investigate or address actual or suspected fraud or other illegal activities; or (g) in order to exercise its legal rights, including enforcement of the EULA or any applicable contract with the User or the User’s Educator or Institution

Communications and User Feedback

Pearson may communicate with Users by email to provide updates and information about the Services and to request User evaluation and feedback about the Services and interest in Pearson research project participation. Pearson will provide Users with a means to express email preferences or unsubscribe to emails in accordance with applicable law. Pearson will only send transactional and operational emails permitted by applicable law to Users who have expressed a preference not to receive email.

Marketing and Advertising

Pearson will not use Personal Information collected or processed by Pearson as a school service provider of a secondary school to send or direct marketing communications to Secondary Student Users. Pearson otherwise may use User Personal Information to market products, services and educational programs to a User, provided that (a) such use and marketing is consistent with applicable law and Pearson’s legal obligations; (b) such Personal Information excludes Payment Data and Course Data; (c) the User has not opted out of receiving marketing; and (d) where required by applicable law, express or implied consent to marketing exists and has not been withdrawn. Pearson does not permit third-party ad networks or similar services to access or collect Personal Information within the Services. Users may change their marketing preferences at any time. Pearson will not knowingly direct or send marketing communications to a User who has expressed a preference not to receive marketing.

No Sale of Personal Information

Pearson does not sell or rent User Personal Information collected or processed through the Services. While Pearson does not sell Personal Information, in accordance with Nevada law, Nevada residents may email a request for no sale of their Personal Information to NevadaDesignatedRequest@pearson.com.

FERPA

Pearson complies with all applicable provisions of the United States Family Educational Rights and Privacy Act, 20 U.S.C. 1232g, 34 CFR Part 99 (FERPA) in receiving and handling personally identifiable information from education records as a "school official" under FERPA.

COPPA

The Services are designed for higher education, professional education or, for certain Services, secondary education. The Services are not designed or intended to collect Personal Information from young children under the age of 13 for any commercial purpose. In the event the Children’s Online Privacy Protection Act (COPPA), 15 U.S.C. 6501 et seq. is deemed to apply to the collection of any Personal Information under this Agreement, Pearson will comply with all applicable provisions of COPPA and collect and use such information for educational purposes only at the direction of the Educator and on the basis of Educator consent.

Other Data Protection Laws

Pearson is committed to complying with all other data protection laws applicable to its delivery of the Services.

Account Data

Users may access and modify Account Data through the Account Profile features and functionality of the Services.

Course Data

Students and parents should direct access, amendment and export requests for Course Data and any education records to their Educator or Institution. Access, correction or deletion may be limited by restrictions to maintain academic fairness and the validity, security and intellectual property rights in educational assessments and materials and any applicable restrictions or requirements of the Educator, Institution or law. In many cases, Institutions and Educators will be able to use the built-in functionality of the Services in order to address access, amendment and export requests. Upon request of the Institution, Pearson will provide reasonable assistance to the Institution, consistent with the terms of its agreement with the Institution. In certain cases, Pearson may not be able to fully satisfy such requests, such as a request for confidential Pearson company information or requests in a specific or proprietary format that Pearson is unable to support or requests that are prohibited by law.

User Responsibilities

To protect Personal Information, Users, Educators and Institutions are urged to: (a) protect and never share their passwords; (b) only access the Services using secure networks; (c) maintain updated internet security and virus protection software on their devices and computer systems; (d) immediately change a password and contact Pearson Support if there is a suspicion that the password has been compromised; and (e) contact Pearson Support if there is another security or privacy concern or issue.