Please read the following carefully to understand our practices regarding the collection and use of your personal information.
Table of Contents
THE INFORMATION WE COLLECT
We may collect the following categories of personal data, although not all categories may be collected about every individual:
Information you give to us:
This is information about you that you give us directly when you interact with us. You may give it to us by filling out a form on our Websites, corresponding with us by phone, e-mail, chat, or at an in-person event. It includes information necessary to receive product and service information, register for an Application account, pay for a license or subscription, or place an order for other services we provide. It also includes information shared when you submit a query to Customer Support or report feedback about or a problem within our Services. When you create an account for the Application, we require you provide us your first name, last name, email address and telephone number. When you make a purchase from us, we do not store sensitive cardholder data such as full credit card numbers or card authentication data on any of our systems.
Information we collect about you from your use of our Websites:
Using cookies and other technologies, we may automatically collect information from you each time you visit our Websites. This includes technical information, information about your visit, and information about your activity on our Websites such as courses searched and viewed, length of visit to certain pages, page interaction information (such as scrolling, clicks, and mouseovers), methods to browse to and away from a page, and methods used to contact our sales and support teams. Technical information may also include the IP address used to connect your computer to the Internet, browser type and version, operating system, and device platform. See "Cookies and Other Technologies" below for more information.
Information we collect about you from your use of our Application:
We will automatically collect information from you each time you use our Application. This includes the IP address used to connect your computer to the Internet, browser type and version, operating system, and device platform. It also includes progress data related to your use of the Application - including time spent on and the results of lessons, videos, labs, exams, etc.
Information we receive from other sources:
This is information we receive about you from third parties that we work closely with to provide, promote, and improve our Services. These third parties include educational institutions, marketing list providers, analytics providers, and search information providers.
Our role and responsibility when handling your personal information:
Data protection laws require companies to describe their role and responsibility when handling personal information:
Cookies and Other Technologies
WHERE WE STORE YOUR DATA
HOW WE USE YOUR INFORMATION
We use information held about you in the following ways:
DISCLOSURE OF YOUR INFORMATION
REQUESTING, UPDATING, CORRECTING OR DELETING YOUR PERSONAL DATA
Right to Access Your Data: You can ask us for a copy of your personal data in a readily usable format. To request your personal data, you can email firstname.lastname@example.org or call toll free 800-877-4889, making such request. We will respond within 45 days of your request or, if reasonably necessary, we may inform you that an additional 45 days is required in which case we will give you your personal data within 90 days from your initial request. You can ask us to provide you with this information up to two times in a rolling 12-month period. When you make this request, the information provided may be limited to personal information we collected about you in the previous 12 months.
Updating or Correcting Data: You can edit some of your personal data through your Application account. You can also ask us to update or correct your data in certain cases by emailing email@example.com, particularly if it is inaccurate.
Object to, or Limit or Restrict, Use of Data: You can ask us to stop using all or some of your personal data (e.g., if we have no legal right to keep using it) or to limit our use of it (e.g., if your personal data is inaccurate or unlawfully held). However, to the extent your personal data is necessary to be maintained as described by law, we may retain and use such information.
Delete Data: You can ask us to erase or delete all or some of your personal data (e.g., if it is no longer necessary to provide our Services to you). Once we receive a request, we will delete the personal data (to the extent required by law) we hold about you as of the date of your request from our records and direct any service providers to do the same. We will also inform you whether we have complied with your request and to what extent your personal data will be deleted. Please note that in some cases, deletion may be accomplished through de-identification of the information.
If you engage with the Application because your school or employer has signed up to use our Services, then any request from you to correct or delete your data in the Application will need to first be approved by your school or employer as they are the data controller.
As required or permitted under applicable law, please note that we may take steps to verify your identity before acting on your request to exercise your rights to access, correct, or delete your data. You can designate an authorized agent to make a request for your personal data on your behalf once we have verified your identity.
CHOOSING TO EXERCISE YOUR PRIVACY RIGHTS
We will not discriminate against you for exercising your privacy rights. This generally means we will not deny you services, charge different prices or rates, provide a different level of service, or suggest that you might receive a different price or level of quality for services.
LAWFUL BASIS FOR PROCESSING
We will only collect and process personal data about you where we have a lawful basis. Lawful bases include consent (where you have given consent), and contract (where processing is necessary for the performance of a contract or agreement e.g., to deliver the Services you have requested), and other legitimate interests.
Where we rely on your consent to process personal data, you have the right to withdraw or decline your consent at any time and where we rely on legitimate interests, you have the right to object.
Access by you to your Application account is available through a unique username and password selected by you, or through an integration between your school/company LMS system and the Application. We recommend that you do not divulge your username and password to anyone, and that you change your password often using a combination of letters and numbers. We cannot be held accountable for activity that results from your own neglect to safeguard the secrecy of your username and password. If you share a computer with anyone, you should always log out of your account after you are finished in order to prevent access to your information from subsequent users of that computer.
We store your personal information only on servers with restricted access that are located in secured facilities, and use a variety of technologies and procedures intended to protect your personal information from loss, misuse, unauthorized access, disclosure, alteration, and destruction. All Application data is fully encrypted both in transit and at rest using industry-standard encryption methods. Unfortunately, no data transmission over the Internet or any wireless network can be guaranteed to be 100% secure. As a result, while we strive to protect your personal data, you acknowledge that: (a) there are security and privacy limitations of the Internet which are beyond our control; (b) the security, integrity and privacy of any and all information and data exchanged between you and us through our Services cannot be guaranteed and we shall have no liability to you or any third party for loss, misuse, disclosure or alteration of such information; and (c) any such information and data may be viewed or tampered with in transit by a third party.
In the unlikely event that we believe that the security of your personal data in our control may have been compromised, we will try to notify you. To the extent you have provided us with your email address, we may notify you by email and you agree to our use of email as a means of such notification. If you prefer for us to use another method to notify you in this situation, please contact Customer Support at https://www.testout.com/support with the alternative contact information you wish to be used.
TestOut Corporation complies with all applicable provisions of the United States Family Educational Rights and Privacy Act (FERPA) (20 U.S.C. 1232g; 34 CFR Part 99) in receiving and handling personally identifiable information from education records as a "school official" under FERPA.
Our Services are not specifically directed towards children under the age of 13. With regards to the Children’s Online Privacy Protection Act (“COPPA”), to the extent that we collect any personal information of children under the age of 13 in connection with their use of the Application through their school, we rely on the school or district to obtain parental consent as part of their providing the child’s personal information to us.
INFORMATION ABOUT OUR PARTICIPATION IN PRIVACY SHIELD
Under the EU-U.S. Privacy Shield Framework, we are responsible for the processing of information about you we receive from the EU and onward transfers to a third party acting as an agent on our behalf. We comply with the Privacy Shield Principles for such onward transfers and remain liable in accordance with the Privacy Shield Principles if third-party agents that we engage to process such information about you on our behalf do so in a manner inconsistent with the Privacy Shield Principles, unless we prove that we are not responsible for the event giving rise to the damage.
In compliance with the Privacy Shield Principles, TestOut Corporation commits to resolve complaints about our collection or use of your personal information. EU individuals with inquiries or complaints regarding our Privacy Shield policy should first contact us at: firstname.lastname@example.org
Under certain conditions, more fully described on the Privacy Shield website at https://www.privacyshield.gov, including when other dispute resolution procedures have been exhausted, you may invoke binding arbitration.
We are subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission (FTC).
In certain situations, we may be required to disclose personal information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements. We reserve the right to disclose your personal information as required by law and when we believe that disclosure is necessary to protect our rights or to comply with a judicial proceeding, court order, or similar legal process served on us or our Site.
50 S Main Street
Pleasant Grove, UT 84062
We will respond to your request within 45 days or, if reasonably necessary, we may inform you that an additional 45 days is required.
Within the scope of this privacy notice, if a privacy complaint or dispute cannot be resolved through TestOut Corporation's internal processes, TestOut Corporation has agreed to participate in the VeraSafe Privacy Shield Dispute Resolution Procedure. Subject to the terms of the VeraSafe Privacy Shield Dispute Resolution Procedure, VeraSafe will provide appropriate recourse free of charge to you. To file a complaint with VeraSafe under the Privacy Shield Dispute Resolution Procedure, please submit the required information to VeraSafe here: https://www.verasafe.com/privacy-services/dispute-resolution/submit-dispute/