Digital Learning Services Privacy Notice
Effective January 1, 2023
*Revised text includes changes to the Supplemental Privacy Statement as well as some minor wording changes in other sections.
Introduction and Applicability
Pearson Education, Inc. provides educational products and services to facilitate and support learning and education. This Privacy Notice applies to the educational courseware, e-texts and other online services that post or link to this Privacy Notice. Some Pearson services may reference or link to another site or service. Use of other sites and services (including other Pearson sites and services) may be subject to different terms and privacy policies. Examples of product-specific privacy notices include:
Pearson Pathways
Accelerated Pathways
Direct to Consumer Products
Use of the services is subject to the applicable privacy notice, the applicable end-user license agreement or other terms of service and any applicable written agreement executed by Pearson and an Institution or other Educator.
Some Pearson services may reference or link to another site or service. Use of other sites and services (including other Pearson sites and services) may be subject to different terms and privacy policies.
Definitions
For purposes of this Privacy Policy:
- "Customer" means a purchaser of the Services.
- "EULA" means the End-User License Agreement for the Services.
- "Educator" means an instructor, tutor, mentor, teacher, professor, school, school district, college, university or other education institution or education agency that adopts or uses the Services in an educational setting. Educator includes a parent instructing a student at home. Educator also includes a mentor where the Services includes a mentoring component.
- "Institution" means a school, school district, college, university or other education institution or education agency that adopts and uses the Services.
- "Pearson" means Pearson Education, Inc. and its affiliated companies.
- "Personal Information" means information personally identifiable to a particular User. Personal Information may include Account Data and Course Data described below.
- "Secondary Student User" means a User who is a student in a secondary education setting.
- "Services" mean the Pearson educational products and services that link to this Privacy Notice. “Services” do not include Pearson Pathways and Accelerated Pathways, except as specified in the privacy notices for Pearson Pathways and Accelerated Pathways.
- "User" means a student, instructor or school administrator, who is an end-user of the Services.
- "Youth User" means a User who is not able under applicable law to agree to the EULA or consent to the disclosure or use of their Personal Information.
Authorization
Important Note: If you are a student in a secondary school or if you under 18 years old and not sure whether you are old enough to agree to the EULA, please do not use the Services, unless your Educator, Institution or parent set up your account, registered you to use the Services or directed you to set up your account or register to use the Services, instructed you to complete schoolwork or assignments using the Services or otherwise purchased the Services for your use.
Secondary Student/Youth Users
Pearson receives authorization to collect, process and otherwise handle Personal Information of a Secondary Student User or a Youth User under this Privacy Policy and the EULA when a parent, Institution or Educator of such User (a) purchases the Services for such User; (b) establishes an User Account for such User; (c) registers such User to use the Services; (d) instructs such User to establish an account or register to use the Services; or (e) directs such User to complete schoolwork or assignments using the Services. Such authorization and consent also will be deemed to have been granted for all Secondary Education Student/Youth Users who are included in an Educator’s course roster in the Services or who access the Services through account credentials that an Educator has associated with the User’s Personal Information, such as through the Educator’s course or learning management system. Educators and their Institutions are responsible to obtain any additional legally required consents for Secondary Education Student Users and Youth Users.
Other Users
Pearson receives authorization to collect, process and otherwise handle Personal Information under this Privacy Policy and the EULA when the User: (a) purchases the Services; (b) establishes an account or registers to use the Services; (c) accesses the Services through account credentials that an Educator has associated with the User’s Personal Information, such as through an Institution’s course or learning management system; or (d) uses the Services.
Global Nature of the Services
For some of Pearson’s Services, Personal Information may be transmitted, stored and processed in a country other than the one in which the User resides or the Educator or Institution is located. The authorization for Pearson to collect, process and otherwise handle Personal Information under this Privacy Policy includes consent and authorization for the User’s Personal Information to be transferred and stored in countries outside of their residence, which may include the United States and the United Kingdom, as well as any country where the Educator or Institution may be located or the User may visit.
Protection and Security
To protect Personal Information from unauthorized access, use and disclosure, Pearson maintains a comprehensive information security program and employs reasonable and appropriate physical, administrative and technical safeguards. Pearson performs periodic risk assessments of its information security program and prioritizes remediation of identified security vulnerabilities.
Collection and Processing
Pearson collects and processes data in order to provide the Services. This data may include Personal Information.
Payment and Order Data
If a Customer purchases the Services online directly from Pearson, Pearson will collect information needed to process the order, including order details, name, institution name and address (if applicable), email address, phone number, shipping and billing addresses, credit/debit card information, shipping options and any instructions. Payment data submitted by the Customer will be disclosed to the Customer’s financial institution and Pearson’s payment processing vendor for the purpose of processing payment for the Services ordered.
Account Data
Pearson collects and processes Account Data to set up, maintain and enable a User account to use the Services. Account Data includes a User’s name (unless an alias is used with Educator or Institution approval/coordination), email address, country, user name and password, as well as the Institution and course identifier for any courses for which User uses the Services. A User’s mobile phone number may also be collected and used for User authentication. With coordination/approval by the Educator, a User may be registered for a User account using an alias* instead of actual first and last name. Account Data does not include student coursework or responses, scores, grades or instructor feedback on interactive exercises, assignments or assessments.
*Alias Registration Option
With Educator approval/coordination, a User account may be established by using an alias name (pseudonym) and email address that is not otherwise associated with Personal Information provided to Pearson. Alias Registration may not be available if the User account is established through integration with a third party service or if the Institution or Educator establishes the User Account or otherwise prohibits the use of this option. If a User establishes a User account through Alias Registration, the User must notify each Educator of the alias information used to establish the User account so that the Educator can recognize the User account as belonging to that User.
Course Data
Course Data means educational data collected, generated or processed through use of the Services in connection with educational coursework. Course Data includes assignments, student coursework, responses to interactive exercises, assessments, scores, grades and instructor comments. Pearson collects and processes Course Data in order to provide the Services to Users, Educators and Institutions for educational purposes.
Community/Forum Postings; Other Communications
Information posted by a User in a community or forum or communicated with a communication tool provided through the Services may constitute Personal Information. Postings and communications will be visible to and shared with all members of the community or forum. Pearson is not responsible for further use or disclosures by others who are members of the community or forum or recipients of any communications.
Google Drive
Some Services may have the capability to connect to your Google Drive so that you can upload or download documents directly from or into your Google Drive. Before they do so, you will receive a prompt asking you to click "Allow" to enable the Services to connect to your Google Drive. You may remove this connection in the My Account settings for your Google account at any time. Pearson will use this connection to access your Google Drive only for the purpose of uploading or downloading documents that you specifically select with limited metadata to allow identification and retrieval, so that you can access and use the documents within the Services or download them to Google Drive. Pearson will use, process and store these documents and associated personal data in accordance with this Privacy Notice.
Personal Digital Assistants
For some Services, a User may choose, on an optional basis, to use a third party personal digital assistant service to interact with the Services. The User must enable and activate this use through the personal digital assistant service and may disable it at any time. Pearson is not responsible for the privacy practices or performance of a third party personal digital assistant service. Use of a third party personal digital assistant service is subject to the privacy policy and terms for that service. If a User chooses to communicate with Pearson through a personal digital assistant service, Pearson may provide information to, and communicate with the User through, the third party personal digital assistant service for the purpose of delivering the Services to User. Pearson will otherwise use, process and store any personal information received from a User through a personal digital assistant service to deliver the Services in accordance with this Privacy Notice.
Cookies and Related Technologies
The Services use cookies to enable Users to sign-in to the Services and access stored preferences and settings. Users, Educators and Institutions have a variety of tools to control the use of cookies, web beacons and similar technologies, including browser controls to block and delete cookies. Disabling or blocking these technologies, however, may prevent or impair required functionality and use of the Services.
Application and System Logs
Application and system logs are critical to ensuring the delivery, availability and security of the Services. Pearson automatically collects log data related to User interaction with the Services. This data may include browser type, type of computer/device and technical information about the User’s means of connection to the Services, such as operating system, internet service provider and IP address. This data is collected and used for support purposes and to monitor the health of the Services, identify problems, improve service, detect unauthorized access and fraudulent activity, prevent and respond to security incidents and appropriately scale the computing resources for the Services.
Feedback, De-Identified and Aggregate Data
Pearson may provide Users with the opportunity to evaluate and provide feedback on the Services on a voluntary basis. Pearson may use and disclose such data in de-identified form, as well as other de-identified data and de-identified aggregate data collected and processed through the Services, to deliver, maintain, support, evaluate and improve the Services, conduct educational research, develop new products and services and for other purposes. De-identified data is not considered Personal Information under this Privacy Policy.
Web Analytics
Pearson may use third party web trend analytical services, including Google Analytics and Adobe Analytics, to collect visitor information, such as IP addresses, browser types, referring pages, pages visited and time spent on a particular site. While these analytical services collect and report information on an anonymous basis, they may use cookies to gather web trend information. The information gathered may enable Pearson (but not the third party web trend services) to link information with application and system log data. Pearson uses this information for system administration and to identify problems, improve service, detect unauthorized access and fraudulent activity, prevent and respond to security incidents, appropriately scale computing resources and otherwise support and deliver the Services.
Do Not Track
Do Not Track (DNT) is a proposed mechanism for allowing website visitors to control the collection of certain usage data. Although there has been research into the development of a standard to support the use of DNT signals, there is no adopted standard to follow. The Services do not currently respond to Do Not Track signals.
Use and Disclosure
Educators and Institutions
Where the Services involve the collection and processing of Course Data, Pearson may provide and disclose Personal Information to the User’s Educator and Institution and as otherwise directed by the Institution or the Educator. Educators and Institutions may export grade book information and other Course Data from the Services for the purpose of maintaining educational records. Pearson may use and disclose such Personal Information, as requested or authorized by an Institution or by an applicable governmental educational agency or authority, for administrative, audit and evaluation purposes, such as to evaluate the educational efficacy and effectiveness of the Services.
Improper Conduct
Pearson may use and disclose Personal Information of a User to the User’s Educator, Institution, law enforcement and other regulatory officials for the purpose of investigating and addressing suspected illegal conduct, misappropriation of password access, academic dishonesty or misconduct or any other conduct prohibited by law, the EULA or a User’s Educator, Institution or other applicable regulatory authority.
Affiliates and Contractors
Pearson may disclose Personal Information to affiliated Pearson companies and other companies and organizations who perform work for Pearson under contract and are obligated to protect the privacy of Personal Information consistent with this Privacy Policy.
Other Circumstances
Pearson also may disclose or use Personal Information: (a) with the User’s consent (or, if a Youth User, with the consent of the Youth User’s parent); (b) in response to a subpoena, court order or legal process, to the extent permitted or required by law; (c) as required by law; (d) to protect the security and safety of the User and other persons, data, assets and systems, consistent with applicable law; (e) in connection with a sale, joint venture or other transfer of some or all of its company or its assets, subject to the commitment of the acquiring entity to comply with this Privacy Policy; (f) to investigate or address actual or suspected fraud or other illegal activities; or (g) in order to exercise its legal rights, including enforcement of the EULA or any applicable contract with the User or the User’s Educator or Institution
Communications and User Feedback
Pearson may communicate with Users by email to provide updates and information about the Services and to request User evaluation and feedback about the Services and interest in Pearson research project participation. Pearson will provide Users with a means to express email preferences or unsubscribe to emails in accordance with applicable law. Pearson will only send transactional and operational emails permitted by applicable law to Users who have expressed a preference not to receive email.
Marketing and Advertising
Pearson will not use Personal Information collected or processed by Pearson as a school service provider of a secondary school to send or direct marketing communications to Secondary Student Users. Pearson otherwise may use User Personal Information to market products, services and educational programs to a User, provided that (a) such use and marketing is consistent with applicable law and Pearson’s legal obligations; (b) such Personal Information excludes Payment Data and Course Data; (c) the User has not opted out of receiving marketing; and (d) where required by applicable law, express or implied consent to marketing exists and has not been withdrawn. Pearson does not permit third-party ad networks or similar services to access or collect Personal Information within the Services. Users may change their marketing preferences at any time. Pearson will not knowingly direct or send marketing communications to a User who has expressed a preference not to receive marketing.
No Sale of Personal Information
Pearson does not sell or rent User Personal Information collected or processed through the Services. While Pearson does not sell Personal Information, in accordance with Nevada law, Nevada residents may email a request for no sale of their Personal Information to NevadaDesignatedRequest@pearson.com.
Compliance with Data Protection Laws
FERPA
Pearson complies with all applicable provisions of the United States Family Educational Rights and Privacy Act, 20 U.S.C. 1232g, 34 CFR Part 99 (FERPA) in receiving and handling personally identifiable information from education records as a "school official" under FERPA.
COPPA
The Services are designed for higher education, professional education or, for certain Services, secondary education. The Services are not designed or intended to collect Personal Information from young children under the age of 13 for any commercial purpose. In the event the Children’s Online Privacy Protection Act (COPPA), 15 U.S.C. 6501 et seq. is deemed to apply to the collection of any Personal Information under this Agreement, Pearson will comply with all applicable provisions of COPPA and collect and use such information for educational purposes only at the direction of the Educator and on the basis of Educator consent.
Other Data Protection Laws
Pearson is committed to complying with all other data protection laws applicable to its delivery of the Services.
Access, Correction and Portability
Account Data
Users may access and modify Account Data through the Account Profile features and functionality of the Services.
Course Data
Students and parents should direct access, amendment and export requests for Course Data and any education records to their Educator or Institution. Access, correction or deletion may be limited by restrictions to maintain academic fairness and the validity, security and intellectual property rights in educational assessments and materials and any applicable restrictions or requirements of the Educator, Institution or law. In many cases, Institutions and Educators will be able to use the built-in functionality of the Services in order to address access, amendment and export requests. Upon request of the Institution, Pearson will provide reasonable assistance to the Institution, consistent with the terms of its agreement with the Institution. In certain cases, Pearson may not be able to fully satisfy such requests, such as a request for confidential Pearson company information or requests in a specific or proprietary format that Pearson is unable to support or requests that are prohibited by law.
User Responsibilities
To protect Personal Information, Users, Educators and Institutions are urged to: (a) protect and never share their passwords; (b) only access the Services using secure networks; (c) maintain updated internet security and virus protection software on their devices and computer systems; (d) immediately change a password and contact Pearson Support if there is a suspicion that the password has been compromised; and (e) contact Pearson Support if there is another security or privacy concern or issue.
Changes to the Policy
This Privacy Policy may be revised from time to time through an updated posting. Pearson will identify the effective date of the revision in the posting. Often, updates are made to provide greater clarity or to comply with changes in regulatory requirements. If the updates involve material changes to the collection, protection, use or disclosure of Personal Information, Pearson will endeavor to provide notice of the revision in advance through a notice conspicuously posted on the Services, an email to Users or other appropriate way. Continued use of the Services after the effective date of a posted revision evidences acceptance. Please contact us if you have questions or concerns about the Privacy Policy or any objection to any revisions.
Supplemental Privacy Statement for CA, CO, and VA Residents
Residents of California, Colorado, and Virginia should read our Supplemental Privacy Statement in conjunction with this Digital Services Privacy Notice. The Supplemental Privacy Statement explains Pearson's commitment to comply with consumer privacy laws and applies to personal information collected through the Services.
Contact Us
Please contact us with any questions or concerns about this Privacy Policy.