Last Updated: September 29, 2021
A reference to “Skool,” “we,” “us” or the “Company” is a reference to SKOOL.COM, INC. and its relevant affiliates involved in the collection, use, sharing, or other processing of Personal Data.
- Responsible Entity
- Processing Activities Covered
- What Personal Data Do We Collect?
- What Device and Usage Data Do We Process?
- Purposes for Which We Process Personal Data
- Who Do We Share Personal Data With?
- International Transfer of Personal Data
- How Long Do We Keep Your Personal Data?
- Your Rights Relating to Your Personal Data
- How We Secure Your Personal Data
- Contact Us
1. Responsible Entity
For more information, please also see Section 10.5 below.
2. Processing Activities Covered
- Visit our branded social media pages;
- Receive communications from us, including emails, phone calls, texts or fax;
- Use our software products, platforms, and services as an authorized user where we act as a controller of your Personal Data; or
- Apply for employment opportunities with us.
Our websites, platforms, and services may contain links to and from the websites of third parties. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any data to these websites.
3. What Personal Data Do We Collect?
The Personal Data we collect from you includes identifiers, geolocation data, professional or employment-related information, visual information, internet activity information, and inferences drawn from any of these categories. We collect such information in the following situations:
- If you express an interest in obtaining additional information about our services; request customer support; sign up for our platform; or otherwise register to use our services, we may require that you provide to us your contact information, such as your name, school or company name, address, phone number, email address or username and password;
- If you interact with our websites or emails, we automatically collect information about your device and your usage of our websites or emails (such as Internet Protocol (IP) addresses or other identifiers), which may qualify as Personal Data (please see the “What device and usage data do we process?” section, below) using cookies, web beacons, or similar technologies;
- If you use and interact with our services, we automatically collect information about your device and your usage of our services through log files and other technologies, some of which may qualify as Personal Data (please see the “What device and usage data do we process?” section, below);
- If you communicate with us via a phone call from us, we may record that call; and
- If you voluntarily submit certain information to our services, such as submitting online forms or surveys, we collect the information you have provided as part of that request.
4. What Device and Usage Data Do We Process?
We use common information-gathering tools, such as tools for collecting usage data, cookies, web beacons, pixels, and similar technologies to automatically collect information that may contain Personal Data as you navigate our websites, our services, or interact with emails we have sent to you.
1. Device and Usage Data
As is true of most websites, we gather certain information automatically when individual users visit our websites. This information may include identifiers, commercial information, and internet activity information such as IP address (or proxy server information), device and application information, identification numbers and features, location, browser type, plug-ins, integrations, Internet service provider, mobile carrier, the pages and files viewed, searches, referring website, app or ad, operating system, system configuration information, advertising and language preferences, date and time stamps associated with your usage, and frequency of visits to the websites.
This information is used to analyze overall trends, help us provide and improve our websites, offer a tailored experience for website users, and secure and maintain our websites. In addition, we gather certain information automatically as part of your use of our software products and services. This information may include identifiers, commercial information, and internet activity information such as IP address (or proxy server), mobile device number, device and application identification numbers, location, browser type, Internet service provider or mobile carrier, the pages and files viewed, website and webpage interactions including searches and other actions you take, operating system and system configuration information and date and time stamps associated with your usage. This information is used to maintain the security of the services, to provide necessary functionality, to improve performance of the services, to assess and improve customer and user experience of the services, to review compliance with applicable usage terms, to identify future opportunities for development of the services, to assess capacity requirements, to identify customer opportunities, and for the security of Skool generally (in addition to the security of our products and services). Some of the device and usage data collected by the services, whether alone or in conjunction with other data, could be personally identifying to you. Please note that this device and usage data is primarily used to identify the uniqueness of each user logging on (as opposed to specific individuals), apart from where it is strictly required to identify an individual for security purposes or as required as part of our provision of the services to our customers.
2. Cookies, Web Beacons and Other Tracking Technologies
Most modern browsers allow you to change your cookie settings. You can usually find these settings in the options or preferences menu of your browser. To understand these settings, the following links for commonly used browsers may be helpful:
3. Do-Not-Track Signals
Do Not Track (“DNT”) is a privacy preference that users can set in certain web browsers. DNT is a way for users to inform websites and services that they do not want certain information about their webpage visits collected over time and across websites or online services. We do not recognize or respond to browser-initiated DNT signals, as the Internet industry is currently still working toward defining exactly what DNT means, what it means to comply with DNT, and a common approach to responding to DNT.
5. Purposes for Which We Process Personal Data
We collect and process your Personal Data for the following purposes:
- Promoting the security of our websites and services: We process your Personal Data by tracking use of our websites and services, creating aggregated non-personal data, verifying accounts and activity, investigating suspicious activity, and enforcing our terms and policies to the extent it is necessary for promoting the safety and security of the services, systems and applications;
- Managing user registrations: If you have registered for an account with us, we process your Personal Data by managing your user account for the purpose of performing our contract with you according to applicable terms of service;
- Handling contact and user support requests: If you fill out a web form or request user support, or if you contact us by other means including via a phone call, we process your Personal Data to perform our contract with you and to the extent it is necessary for fulfilling your requests and communicating with you;
- Developing and improving our websites and services: We may process your Personal Data to analyze trends and to track usage of and interactions with our websites and services to the extent it is necessary for developing and improving our websites and services;
- Assessing and improving user experience: We process device and usage data as described in Section 4.1 above, which in some cases may be associated with your Personal Data, to analyze trends and assess and improve the overall user experience to the extent it is necessary for developing and improving the service offering;
- Identifying customer opportunities: We process your Personal Data to assess new potential customer opportunities to ensure that we are meeting the demands of our customers and their users’ experiences;
- Recording phone calls: We may record phone calls for training, quality assurance, and administration purposes. If required under applicable law, we will obtain your prior consent or give you the option to object to a call being recorded; and
- Complying with legal obligations: We process your Personal Data when cooperating with public and government authorities, courts or regulators in accordance with our legal obligations under applicable laws, to protect against misuse or abuse of our websites, protect personal property or safety, pursue remedies available to us, and limit our damages, comply with judicial proceedings, court orders or legal processes, respond to lawful requests, or for auditing purposes.
If we need to collect and process Personal Data by law, or under a contract we have entered into with you, and you fail to provide the required Personal Data when requested, we may not be able to perform our contract with you.
6. Who Do We Share Personal Data With?
We may share your Personal Data as follows:
- Professional Advisers:In individual instances, we may share your Personal Data with professional advisers acting as service providers, processors, or joint controllers - including lawyers, bankers, auditors, and insurers who provide consultancy, banking, legal, insurance and accounting services; and
- Third Parties Involved in a Corporate Transaction:If we are involved in a merger, reorganization, dissolution or other fundamental corporate change, or sell a website or business unit, or if all or a portion of our business, assets or stock are acquired by a third party. In accordance with applicable laws, we will use reasonable efforts to notify you of any transfer of Personal Data to an unaffiliated third party.
We may also share anonymous or de-identified usage data with Skool’s service providers for the purpose of helping Skool in such analysis and improvements. Additionally, Skool may share such anonymous or de-identified usage data on an aggregate basis in the normal course of operating our business; for example, we may share information publicly to show trends about the general use of our services.
For more information on the recipients of your Personal Data, please contact us by using the information in the “Contact us” section, below.
7. International Transfer of Personal Data
Any data that you provide to us may be accessed, shared or processed by our offices, located in the United States, and service providers located in the United States, if such data transfer is necessary for the specific purpose for which you submitted your data (such as the provision of goods or services under a written contract).
This may entail a transfer of your personal information across international borders. The data protections standards may differ and be lower than the standards enforced in your jurisdiction. We maintain appropriate safeguards as required by applicable law for any personal information transferred internationally, including, where applicable, standard contractual clauses. For a copy of these clauses, please contact us as set forth in the “Contact Us” section below.
Our websites are not directed at individuals under the age of 16. We do not knowingly collect personal information from children under 16. If you become aware that a child has provided us with personal information, please contact us using the contact details provided in the “Contact Us”section below. If we become aware that a child under 16 has provided us with personal information, we will take steps to delete such information.
9. How Long Do We Keep Your Personal Data?
We may retain your Personal Data for a period of time consistent with the original purpose of collection (see the “Purposes for which we process Personal Data” section above) or as long as required to fulfill our legal obligations. We determine the appropriate retention period for Personal Data on the basis of the amount, nature, and sensitivity of the Personal Data being processed, the potential risk of harm from unauthorized use or disclosure of the Personal Data, whether we can achieve the purposes of the processing through other means, and on the basis of applicable legal requirements (such as applicable statutes of limitation).
After expiry of the applicable retention periods, your Personal Data will be deleted. If there is any data that we are unable, for technical reasons, to delete entirely from our systems, we will implement appropriate measures to prevent any further use of or access to such data.
For more information on data retention periods, please contact us by using the information in the “Contact us” section, below.
10. Your Rights Relating to Your Personal Data
1. Your Rights
You may have certain rights relating to your Personal Data, subject to local data protection laws. Depending on the applicable laws these rights may include the right to:
- Access your Personal Data held by us;
- Know more about how we process your Personal Data;
- Erase or delete your Personal Data, to the extent permitted by applicable data protection laws;
- Restrict our processing of your Personal Data, to the extent permitted by law;
- Object to our processing of your Personal Data. Where we process your Personal Data for direct marketing purposes or share it with third parties for their own direct marketing purposes, you can exercise your right to object at any time to such processing without having to provide any specific reason for such objection;
- Opt-out of certain disclosures of your Personal Data to third parties; and
- Not be discriminated against for exercising your rights described above.
2. Additional Disclosures for California, Colorado or Virginia Residents
We have listed the privacy rights for several U.S. state jurisdictions below, but we understand you may have additional rights in your jurisdiction. You may contact us directly at any time about exercising your data protection rights. We will consider your request in accordance with applicable laws.
Certain state laws require that we detail the categories of Personal Data that we disclose for certain “business purposes,” such as to service providers that assist us with securing our services or marketing our products.
We disclose the following categories of Personal Data for our business purposes:
- Personal information under California Civil Code section 1798.80;
- Internet activity information;
- Visual information;
- Professional or employment-related information;
- Education information; and
- Inferences drawn from any of the above information categories.
Sensitive Categories of Personal Data:
- Account log-in information; and
- Geolocation data.
Several jurisdictions grant state residents certain rights, including the right to access specific types of Personal Data, the right to learn how we process Personal Data, the right to know whether and how we disclose or sell Personal Data, the right to opt out of any sale of Personal Data, the right to request deletion of Personal Data in certain circumstances, and the right not to be denied goods or services for exercising these rights.
California law further permits you to request information regarding the disclosure of your personal information to third parties for the third parties’ direct marketing purposes. We do not disclose your personal information to third parties for the third parties’ direct marketing purposes.
In the preceding twelve months we have not sold personal information.
For information on how to exercise your rights, please refer to Section 10.4 below.
If you are an authorized agent wishing to exercise rights on behalf of a state resident, please contact us using the information in the “Contact us” section below and provide us with a copy of the consumer’s written authorization designating you as their agent. We may need to verify your identity and place of residence before completing your rights request.
3. Additional Disclosures for Data Subjects in the EEA and the U.K.
Our legal bases for collecting and using your Personal Data include:
- The performance of your contract or to enter into the contract and to take action on your requests. For example, the processing of your account registration, providing our services, platforms, and products to you, providing customer service to you.
- Our legitimate business interests. For example, fraud prevention, maintaining the security of our network and services, and maintaining, analyzing, and improving our products and services.
- Compliance with a mandatory legal obligation. For example, maintaining administrative records which are subject to mandatory retention periods. We may also collect your Personal Data to record your requests to exercise your rights and to verify your identity for such requests.
- Consent you provide where we do not rely on another legal basis. Consent may be withdrawn at any time.
In some countries, and in particular if you are located in the EEA, you may have the right to:
- Access your personal information;
- Correct inaccurate personal information;
- Request erasure of your personal information without undue delay;
- Request the restricted processing of your personal information;
- Request portability of the personal information that you have given us; and
- To object to the processing of your personal information.
To exercise any of these rights, please contact us as set forth in the “Contact Us” section below and specify which privacy right(s) you wish to exercise. We may need to verify your identity in order to honor your request.
If you have any issues with our compliance, you have the right to lodge a complaint with an EEA supervisory authority. We would, however, appreciate the opportunity to first address your concerns and would welcome you directing an inquiry first to us per the “Contact us” section below.
4. How to Exercise Your Rights
To exercise your rights, please contact us by using the information in the“Contact us” section below. Your personal data may be processed in responding to these rights. We will respond to all legitimate requests ina timely manner and in accordance with applicable laws, and will contact you if we need additional information from you in order to honor your request or verify your identity.
5. Your Rights Relating to Customer Data
11. How We Secure Your Personal Data
We implement a variety of security measures to maintain the safety of your personal information when you enter, submit, or access your personal information. For example, when possible, we use encryption to transfer and store data. We further limit access to this data using access controls and confidentiality commitments.
However, no website, application, or transmission can guarantee security. Thus, while we have established and maintain what we believe to be reasonable procedures to protect the confidentiality, security, and integrity of personal information obtained through the Sites, we cannot ensure or warrant the security of any information you transmit to us.