This policy only applies to information that we collect through our Sites and does not apply to information that we may collect from you in other ways (for example, this policy does not apply to information that you may provide to us over the phone, by fax or through conventional mail). In addition, please note that this policy does not apply to your children’s educational records—those records are protected by the Family Educational Rights and Privacy Act and we at ColoradoEd are committed to compliance with that law.
Each time you visit our website, we log non-personal information, such as your IP address, domain name, the name of the Web page from which you entered our website, which pages you visit on our website, and how much time you spend on each page. We use this information to monitor and improve our website and for internal analysis. In particular, we use IP addresses to analyze trends, administer the website, and gather information for aggregate use. IP addresses are not linked to personally identifiable information.
We will not share or sell non-aggregated information contained within cookies to any third party.
You also have the ability to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. If you choose to decline cookies, you may not be able to fully experience the interactive features of our Sites or have some of our services on the Sites function properly. If you choose to decline cookies, you will not be able to access the OLS or have your children enrolled in a virtual program.
You can use portions of our Sites without divulging any personal information including your e-mail address. Our Sites do not collect personal information about individuals except when such individuals specifically provide such information on a voluntary basis, for example when you request a catalog, request additional information by contacting us, post a message to a message board, request help, or access and add to or change the information on your account information page on the OLS. When you register your children for a ColoradoEd virtual program or participate in a ColoradoEd virtual program through an affiliate or local school we may collect information regarding you and your children but all such information will be collected over the phone, by fax or through conventional mail. Once you have registered your children for a ColoradoEd virtual program, there is an online service for all such programs (collectively the “OLS”). There will be a personal information page on the OLS that contains some or all of your personal information. You may also be assigned a Member ID and password and may create, at your discretion, a Member ID for your children any time you are logged on to the OLS. The Member ID will be used to recognize you and your children on the OLS portion of the ColoradoEd Site. The Member ID will allow ColoradoEd to recognize: your first and last name; registration ID; type of account, such as teacher, administrator, parent or student (if you created a separate Member ID and password for your children); school affiliation or the ColoradoEd virtual program in which your children are enrolled; integration number; and the e-mail address you provided. The Member ID and the OLS will also allow you to track your children’s attendance, school work and testing and to submit relevant portions of same to ColoradoEd, its affiliates and/or your local school to track your children’s progress and abide by State and/or Federal standards and regulations.
ColoradoEd calls customers to provide information they have requested and to answer questions. Because we only call customers at the telephone numbers they leave for us, ColoradoEd does not call people by generating random or sequential telephone numbers. ColoradoEd may use pre-recorded messages in order to ensure that customers receive the information they requested. Customers do not have to consent to receive calls in order to receive ColoradoEd’s services.
ColoradoEd may use the personal information on your account information page on OLS to provide you with information about new products and services available through ColoradoEd. You can request to opt out of receiving such information by making a request in writing to privacy@ColoradoEd.org.
ColoradoEd may share your information with companies that are not affiliated with ColoradoEd but who are interested in sending you information about their products and services. You can request to opt out of the sharing of your personal information to independent third parties by making a request in writing to privacy@ColoradoEd.org.
You can review, edit, and delete the personal information that you have provided to ColoradoEd by making changes to your account information page on the OLS or making a request in writing to privacy@ColoradoEd.org, as applicable. Please be advised that if your children are enrolled in a ColoradoEd virtual program, the deletion of certain of your personal information may result in your children no longer being able to be enrolled in such program or utilize the OLS.
We understand that our student users who are under 13 years of age need special safeguards and privacy protection and it is our intent to fully comply with the Children’s Online Privacy Protection Act (COPPA). ColoradoEd does not collect personal information from children online at any point. ColoradoEd only receives personal information about your children directly from you when you enroll your children into a ColoradoEd virtual program. You can review any personal information that ColoradoEd has regarding your children by reviewing your online account information page on the OLS and/or making such a request in writing to privacy@ColoradoEd.org. You can request to opt out your children from the use of personal information by ColoradoEd, affiliates and vendors acting on behalf of ColoradoEd, by making a request in writing to privacy@ColoradoEd.org. Please be aware that if you make such a request to opt your children personal information out of use by ColoradoEd, affiliates or vendors acting on behalf of ColoradoEd, your children can no longer continue to be enrolled in a ColoradoEd virtual program or utilize the OLS. Therefore, a request by you for ColoradoEd, affiliates, and vendors acting on behalf of ColoradoEd to no longer use your children’s personal information will terminate your children’s participation in the ColoradoEd virtual program in which they are enrolled and their use of the OLS.
For information on COPPA and the use of children’s personal information, please contact:
Colorado Virtual Academy
165 S. Union Boulevard, Suite 777
Lakewood, CO 80228
We may offer ColoradoEd message boards and chat rooms to you, the parent(s), on our Sites. Please be aware that anyone may read your postings on a message board or in a chat room. Furthermore, any information which you submit to be posted to a message board or in a chat room, including your information from your account information page and Member ID, will be disclosed and available to all users of that message board or chat room, and is therefore no longer private. We cannot guarantee the security of such information that you disclose or communicate online in public areas such as message boards and chat rooms, and you do so at your own risk. We reserve the right to monitor the content of the message boards only and to republish your postings from message boards or chat rooms elsewhere on the Web or otherwise in any format.
The Sites may contain links to other websites, chat rooms or other resources that we provide for your convenience (“Linked Sites”). These sites are not under the control of ColoradoEd, and ColoradoEd is not responsible for the content available on any Linked Site. Such links do not imply ColoradoEd’s endorsement of material on any Linked Site and ColoradoEd expressly disclaims all liability with regard to your access to such Linked Sites. Access to any other websites linked to the Sites is at your own risk.
To prevent unauthorized access, maintain data accuracy, and ensure the correct use of information, we have put in place commercially reasonable physical, electronic, and managerial procedures to safeguard and secure the information we collect. We also use Secure Sockets Layer (SSL) protocol on your account information pages to protect sensitive personal information.
ColoradoEd is a participant in the U.S.-E.U. and U.S.-Switzerland Safe Harbor programs developed by the U.S. Department of Commerce and the European Union and Switzerland. We have certified that we adhere to the Safe Harbor Privacy Principles agreed upon by the U.S., the E.U. and Switzerland. For more information about the Safe Harbor and to view our certification, visit the U.S. Department of Commerce’s Safe Harbor Web site. If you would like to contact ColoradoEd directly about the Safe Harbor program, please send an e-mail to legal@ColoradoEd.org.
EFFECTIVE DATE: APRIL 23, 2013
(1) how his or her Personal Data (defined below) that is transferred to ColoradoEd in the United States is processed, disclosed and transferred;
(2) his or her choices with regard to how such Personal Data will be used or disclosed by ColoradoEd; and
(3) his or her other rights with regard to that Personal Data.
This Policy complies with the Safe Harbor Principles as agreed upon by the United States Department of Commerce and the European Commission. Consistent with its commitment to protect personal privacy, ColoradoEd adheres to these Safe Harbor Principles, which can be found at http://www.export.gov/safeharbor/.
All capitalized terms used in this Policy are defined at the end of this Policy.
This Policy applies only to the processing of Personal Data that ColoradoEd receives in the United States concerning its European Customers and Employees.
This Policy does not cover data from which individual persons cannot be identified, or situations in which pseudonyms are used (the use of pseudonyms involves the replacement of names or other identifiers with substitutes, so that identification of individual persons is not possible).
III. Collection and Use of Personal Data
ColoradoEd may receive Personal Data concerning Customers and Employees: (1) directly from the Customer or Employee, (2) from a European Affiliate or (3) through other means.
ColoradoEd uses Employee Personal Data for business and employment purposes, including without limitation: (1) filling positions; (2) planning and implementing Employee transfers or assisting with Employee business-related travel; (3) managing employees from another country; (4) conducting performance evaluations and salary, bonus and equity reviews, and other Employee reviews; (5) administering payroll and benefits; (6) satisfying governmental reporting and tax requirements; (7) satisfying security, health and safety concerns; (8) planning and implementing potential acquisitions and mergers; (9) storing and processing data, including Personal Data, in computer databases and servers located in the United States; (10) implementing and maintaining ColoradoEd’s information technology; (11) legal compliance; and (12) for other employment-related and business-related purposes permitted and/or required under applicable local law and regulation. If ColoradoEd uses Employee Personal Data for any other purpose not listed in this Policy, ColoradoEd will seek consent from the applicable Employee(s).
ColoradoEd uses Customer Personal Data for business purposes, including without limitation: (1) order and service fulfillment; (2) Customer service, including information technology support; (3) providing notices regarding services a Customer has purchased or may want to purchase in the future; (4) product or service improvement; (5) tailoring websites to provide a personalized Customer experience; (6) maintaining Customer records; (7) storing and processing data, including Personal Data, in computer databases and servers located in the United States; (8) implementing and maintaining ColoradoEd’s information technology; (9) legal compliance; and (10) for other business-related purposes permitted and/or required under applicable local law and regulation. If ColoradoEd uses Customer Personal Data for any other purpose not listed in this Policy, ColoradoEd will seek consent from the applicable Customer(s).
IV. Disclosures/Onward Transfers of Personal Data
ColoradoEd discloses Employee and Customer Personal Data in limited circumstances and only to those who reasonably need to know such data for a legitimate business purpose and must abide by confidentiality obligations. Absent consent of the Data Subject, ColoradoEd will disclose Employee and Customer Personal Data only to third parties who perform tasks on ColoradoEd’s behalf, and their contractors, provided that such third parties or contractors either: (1) comply with the Safe Harbor principles or use another mechanism permitted by the EU Data Protection Directive; or (2) agree to provide adequate protections for the Data Subject’s privacy interests that are no less protective than those set out in this Policy and to use the Data Subject’s Personal Data only for the purposes for which the third party has been engaged by ColoradoEd.
ColoradoEd may also disclose Employee and Customer Personal Data in response to a lawful legal process, as otherwise required by law, in the event of a sale of our company or assets of our company, and to protect or defend our rights or property.
V. Sensitive Data
ColoradoEd does not transfer Sensitive Data of Employees to the United States.
ColoradoEd transfers Sensitive Data of Customers to the United States in limited circumstances. This Sensitive Data is limited to information regarding religious beliefs and physical or mental health or treatment, which is collected only for accreditation and teaching purposes.
VI. Confidentiality and Security of Personal Data
ColoradoEd maintains reasonable physical, administrative, and technical safeguards designed to secure Customers’ and Employees’ Personal Data, and to prevent unauthorized access to or unauthorized disclosure, alteration or destruction of such information. For more information about how ColoradoEd protects its Customers’ and Employees’ Personal Data, please contact us via e-mail at: legal@ColoradoEd.org.
VII. Right to Access, Change or Delete Personal Data
Upon reasonable request and to the extent the request does not compromise the protections set forth in this Policy, ColoradoEd allows Customers and Employees reasonable access to their Personal Data to correct, amend or delete such data. Employees should direct any such request to their local Human Resources representative.
If you are an Employee and you are unable to access, correct, amend or delete your Personal Data through your local Human Resources office, you may send a request to ColoradoEd’s Legal Department. All such requests must be sent by postal mail or by e-mail to the following address: Legal Department, Colorado Virtual Academy, 165 South Union Blvd, Suite 777, Lakewood, CO 80228, or contact us via e-mail at: legal@ColoradoEd.org.
Customers should direct any such requests to Legal Department, Colorado Virtual Academy, 165 South Union Blvd, Suite 777, Lakewood, CO 80228 or legal@ColoradoEd.org.
ColoradoEd will endeavor to respond in a timely manner to all reasonable written requests to view, modify or delete Personal Data.
VIII. Data Integrity
Customers and Employees are responsible for the accuracy of the data they provide to ColoradoEd. ColoradoEd will use reasonable efforts to maintain the accuracy and integrity of Personal Data and update it as appropriate. ColoradoEd will not maintain Personal Data any longer than necessary for the purposes stated or as required by any applicable laws, unless otherwise agreed to by the Customer or Employee.
IX. Changes to this Policy
This Policy is current as of the effective date set forth above. ColoradoEd reserves the right to change this Policy from time to time, consistent with applicable data protection and privacy laws and principles. Unless such changes afford greater protections to the privacy interests of Customers or Employees, or the affected Customers or Employees otherwise consent, such changes will apply only to Personal Data received after the effective date of such change. ColoradoEd will notify Customers and Employees about material changes to the way it treats Personal Data by placing a prominent public notice on its website, www.ColoradoEd.org.
X. Questions or Complaints
Customers and Employees may contact ColoradoEd with questions or complaints concerning this Policy at:
Colorado Virtual Academy
165 South Union Blvd, Suite 777
Lakewood, CO 80228
XI. Enforcement and Dispute Resolution
As part of ColoradoEd’s annual certification process, ColoradoEd will review ColoradoEd’s compliance with this Policy.
If you are an Employee and have any questions, complaints, or disputes regarding the manner in which ColoradoEd handles or protects your Personal Data, please bring it to the attention of your local Human Resources representative. Complaints or disputes that cannot be remedied by your local Human Resources representative should be forwarded to the ColoradoEd Legal Department at the address above.
If you are a Customer and have any questions, complaints, or disputes regarding the manner in which ColoradoEd handles or protects your Personal Data, please bring it to the attention of the ColoradoEd Legal Department at the address above.
With respect to any complaints regarding this Policy received from any Employee concerning EU Employee Personal Data that cannot be resolved through ColoradoEd’s internal processes, ColoradoEd agrees to cooperate and comply with the primary EU data protection authority for the data controller in question, and, where required, to take appropriate steps to address any adverse effects and assure future compliance.
With respect to any complaints regarding this Policy received from any Customer that cannot be resolved through ColoradoEd’s internal process, ColoradoEd agrees to participate in the dispute resolution procedures set forth by Judicial Arbitration and Mediation Services. In the event that ColoradoEd or Judicial Arbitration and Mediation Services concludes that ColoradoEd did not comply with the Policy, ColoradoEd will take appropriate steps to address any adverse effects and assure future compliance.
ColoradoEd retains sole and absolute discretionary authority to resolve all questions relating to the administration, interpretation and application of this Policy. This authority includes construing the terms of this Policy, including any disputed or doubtful terms.
Failure to comply with this Policy, undergo related training, and abide by all applicable privacy, data protection, and data security laws will amount to a serious disciplinary offence, subject to disciplinary measures which may include termination of employment.
Any questions about the applicability or administration of this Policy should be immediately brought to the attention of ColoradoEd’s Legal Department.
XIII. Defined Terms
Capitalized terms in this Policy have the following meanings:
“Customer” means any parent, legal guardian or student that is a prospective, current, or past Customer of ColoradoEd that stores personal data on equipment in the EU, the EEA, or Switzerland.
“Data Subject” means an identified or identifiable natural living person, and includes ColoradoEd Customers and Employees. An identifiable person is one who can be identified, directly or indirectly, in particular by reference to an identification number or to one or more factors specific to his physical, psychological, mental, economic, cultural or social identity.
“European Affiliate” means a ColoradoEd affiliate located in the EU, elsewhere in the EEA, or in Switzerland.
“Employee” means an employee (whether temporary, permanent, part-time or contract), former employee, independent contractor, or job applicant of ColoradoEd or any of its affiliates, who is also a resident of the EU, another EEA member country, or Switzerland.
“Personal Data” means data that personally identifies a Data Subject or that may be used to personally identify a Data Subject (such as an identification number that identifies a Data Subject). Personal Data includes data such as an individual’s name, address, phone number, e-mail address, user ID and password, and any other information that is combined with Personal Data (such as country of birth, marital status, emergency contact, salary information, performance information, terms of employment, and job qualifications (such as educational degrees earned). Personal Data does not include data that is unreadable or anonymized, or publicly available information that has not been combined with non-public Personal Data.
“Sensitive Data” means Personal Data that discloses a Data Subject’s medical or health condition; race or ethnicity; criminal convictions; political, religious, or philosophical affiliations or opinions; sexual orientation; or trade union membership.