Last Updated: Jul 15, 2022
SWYE360 Learning, Inc. (“SWYE360”, “us”, or “we”) feels strongly about protecting your privacy. We
understand how important privacy is to you, and we are committed to creating a safe and secure
interface (“API”), and all of our online services applications (collectively, our “platform”), which are
information you provide on our platform and describes the choices available to you regarding our use of
your personal information and how you can access and update this information.
platform, how we use that information, and what we do to protect it. By visiting or using our platform,
Your use of our platform and any information you provide on our platform are subject to the terms of this
Regulatory Compliance We strive to adhere to U.S. federal and certain state regulations. This
includes, but may not be limited to, FERPA, COPPA, SOPPA/ 105 IL CS85, and California AB 1584. We highly
recommend that you read our policies and terms of service to ensure that we adhere to your
localregulatory needs, as we make no guarantee of compliance for your specific needs. If you have
questions about how we handle User Data, please email us at firstname.lastname@example.org.
How we collect and use data
We take the information you provide to us very seriously, and we strive to put you in control of
decisions around your information.
SWYE360 collects the following information about you and your use of our platform: Personal
When you partner with SWYE360, you may provide to SWYE360 what is generally called “personally
identifiable information” or “personal data that can be used to identify you. At SWYE360, we call this
data “Personal Information.”
Information from Integrated Services. You may also share additional information with SWYE360
through an Integrated Service, API, or FTP. If you choose to provide such information during onboarding
or otherwise, you are giving SWYE360 the permission to use, share, and store it in a manner consistent
Information about your use of our technology and other User-provided Information. We may collect
information about your use of certain features on our platform, such as the number and types of report
queries executed, etc. This enables us to better tailor experiences that are most appropriate for you.
Information obtained from other Users. We make available certain features through our technology
that allow other Users to provide us with information about you. This information may include Personal
Information. Generally, this occurs when administrators and teachers provide information about a
learner. For example, an administrator may provide information, such as the learner’s first and last
name, for use within our platform.
Location Information. We may collect and use information about your location (such as your city or
school) to help us in aggregating the predictive analytics models that are precise in their learning,
but we don’t collect the precise geolocation of you or your device.
Information from Other Sources. In certain situations, we may obtain information, including
Personal Information, from third parties or sources other than our platform. If we combine or associate
information from other sources with Personal Information that we collect through our platform, we will
SWYE360 uses this information in the following ways: To enhance our technology and the services we
provide. SWYE360 uses the information you provide or that we collect to enhance our relationship
with you and to operate, maintain, enhance, and provide all of the features and services found on our
platform. If you have given SWYE360 consent, we may use your Personal Information to provide you with
information about SWYE360’s features, services, and other offerings that may be of interest to you.
Under certain circumstances and if we obtain your consent (for example, if you submit a testimonial and
agree to make it public), we maypost your Personal Information on our platform and other third-party
To understand how you and other Users use our platform. SWYE360 uses all of the information that
you provide or that we collect from Users to understand and analyze our users' usage trends, learning
behaviors, and preferences to improve the way the platform works and looks and to create new features
To enable your participation in SWYE360 partnership arrangements. To enable your participation in
SWYE360 partnership arrangements. SWYE360 will not share Personal Information with other
third-party organizations for their marketing or promotional use without your consent or as part of a
specific program or feature for which you can opt in. You can permit us to share your Personal
Information with authorized partners, not-for-profit organizations, and other entities not affiliated
with SWYE360. In these cases, we will only provide to these third parties the information you have
authorized or asked us to share with these third parties.
Data Retention. A core part of our service is to relay data to school administrators and other
authorized stakeholders. Because of this, school organizations frequently need to look back at
previously collected data, whether the user is still active or not. For these purposes, we will retain
your information for as long as your account is active, as is authorized by your school organization, or
as is reasonably useful for your school organization’s potential use. An authorized school
representative, or you if so authorized or using for personal reasons, may request deletion of your
account and data by emailing email@example.com. If the account
is no longer active andthe school
organization has not requested the data within 10 years, we will purge your data.
Data Breach Response Plan
Data breach: when personal information held by SWYE360 is lost or subjected to unauthorized access,
modification, disclosure, or other misuse or interference. Examples of a data breach are when a device
containing a student's personal information is lost or stolen, SWYE360’s database is hacked, or SWYE360
mistakenly provides personal information to the wrong person. Data breaches are not
limited to malicious actions, such as theft or ‘hacking,’ but may arise from internal errors or failure
to follow information handling policies that cause accidental loss or disclosure.
Loss: Accidental or inadvertent loss of personal information held by SWYE360 in circumstances
where it is likely to result in unauthorized access or disclosure.
Unauthorized access: when personal information that SWYE360 holds is accessed by someone who is
permitted to have access. This includes unauthorized access by an external third party (such as
Unauthorized disclosure: when SWYE360 makes personal information accessible or visible to others
outside SWYE360, and releases that information from its effective control in a way that is not permitted
by FERPA, SOPIPA, and SOPPA.
DATA BREACH RESPONSE
Validate the data breach
- Examine the initial information and available logs to confirm that a breach has occurred.
- The date, time, duration, and location of the breach
- The type of personal information involved in the breach
- The cause and extent of the breach
- A list of the affected individuals or possible affected individuals
- The risk of serious harm to the affected individuals
- The risk of other harms
Assemble an incident response team
- Team includes management, information technology, legal, media relations, and risk management
- Immediately determine the status of the breach (on-going, active, or post breach).
- If the breach is active or ongoing, prevent further data loss by securing and blocking unauthorized
access to systems or data and preserving evidence for investigation.
- Document all mitigation efforts for later analysis.
- Advise staff informed of the breach to keep breach details in confidence until notified otherwise.
Determine the scope of the breach
- If criminal activity is suspected, notify law enforcement and follow any applicable federal, state,
or local legal requirements relating to the notification of law enforcement.
Notify the data owners
- Reach out to data owners as soon as possible to notify them about the breach.
- Foster a cooperative relationship between the incident response team and data owners.
- Work collaboratively with data owners to secure sensitive data, mitigate the damage that may arise
from the breach, and determine the root cause(s) of the breach to devise mitigating strategies and
prevent future occurrences.
Prevent Future Breaches
- Full investigation of the cause of the breach
- Report to the Leadership Team and make recommendations:
- Update security and response plan if necessary
- Make appropriate changes to policies and procedures if necessary
- Revise and update SWYE360 staff training practices if necessary
Technical Information. To provide a personalized and high-quality experience for our users, we
may use various technologies that automatically record technical information from your browser or
device, including standard log files, web beacons, or pixel tags. This technical information may include
your Internet Protocol (IP) address, device or browser type, Internet service provider (ISP), referring
or exit pages, clickstream data, operating system, and the dates and times you visit the Website. We do
this to understand better how our Users are using our Website so we can improve site functionality and
the services we offer you. Like most websites, whether or not you are a registered member, we may send
one or more cookies – small text files containing a string of alphanumeric characters – to your
computer. Cookies remember information about your activities on a website and enable us to provide you
with a more personalized learning experience. SWYE360 may use both session cookies and persistent
cookies. A session cookie disappears automatically after you close your browser. A persistent cookie
remains after you close your browser and may be used by your browser on subsequent visits to the
Website. You can, however, remove a persistent cookie at any time. Please review your web browser “Help”
file to learn the proper way to modify your cookie settings. However, without cookies, you will not have
access to certain services and features on the Website.
SWYE360 uses a variety of third-party service providers, such as Amazon Web Services and Google
Analytics, to understand our Website usage. We may allow third-party service providers to place and read
their own cookies, web beacons, and similar technologies to collect information through the Website.
These third parties collect this information directly and automatically, and SWYE360 does not
participate in these data transmissions. SWYE360 will only work with third-party service providers who
have proven, or of whom SWYE360 has reasonable expectation, that they adhere to at least the same
store content information and preferences. Third parties with whom we partner to provide certain
features on our site may use LSOs such as HTML5 to collect and store information. Various browsers may
offer management tools for removing HTML5 LSOs. Please consult your browser’s “Help” function to learn
How we share or transfer data. SWYE360 takes great care to protect the information you provide us.
We do not rent or sell Personal Information that we collect from Users with third parties. We also take
great measures to restrict any collection or disclosure of Personal Information from children less than
13 years of age.
SWYE360 will disclose User information only as described below: If you want information shared with
other Users, we’ll share it with you. We provide certain features that may allow you to share
information with other Users. For example, if you are an administrator, you may want to share a report
with another administrator with your name, school, and grades, and subjects. Whenever you share
information with other Users of our platform, any Personal Information that you choose to include in, or
is associated with, such User Postings will be accessible by such Users. As with most online services,
once you make your Personal Information available to others in any of these ways, it may be collected
and used by the recipients without restriction.
We may share data with third-party applications or persons that you authorize. In the future,
Third-party application developers and service providers (commonly known as “App Developers“) may build
complementary services for our platform. You may request we share your information with App Developers
by connecting to the application or service and approving access to your SWYE360 account.
We may share anonymous or aggregate data to improve our services and learn more about our Users.
On certain occasions, SWYE360 may work with business partners to improve our services or offerings. We
may disclose automatically collected and other aggregate non-Personal Information to authorized business
partners, conduct research on online education, or assist in understanding the usage, viewing, and
demographic patterns for certain programs, content, services, promotions, and/or functionality on our
We will share data when required by law. SWYE360 may also disclose User information if required to
do so by law, or if we have a good-faith belief that such action is necessary to comply with local,
state, federal, international, or other applicable laws (such as U.S. Copyright law) or respond to a
court order, judicial or other government subpoenas, or warrant, or administrative request. Sometimes,
we may make such disclosures without first providing notice to Users.
We may share data in the context of a change of business, including a merger or acquisition. If
is acquired by or merged with a third-party entity, we may transfer or assign the information we have
collected from Users as part of such merger, acquisition, sale, or other change of control. We will only
transfer this information in one of the following cases: The Successor Entity does not reduce our
security and privacy practices concerning student data. One way to achieve this is through the entity
similarly signing the Student Data Privacy Pledge. If, after we send a notice telling Users of the sale
and potential transfer of data and giving them the option to deny the data transfer, a User has not
replied within 15 days.
We may share data when necessary or appropriate to protect SWYE360 or others. SWYE360 may disclose
information that we believe, in good faith, is appropriate or necessary to take precautions against
liability; to protect SWYE360 from fraudulent, abusive, or unlawful uses; to investigate and defend
ourselves against any third-party claims or allegations; to assist government enforcement agencies; to
protect the security or integrity of our platform; or to protect the rights, property, or personal
safety of SWYE360, our Users, or others.
Limitations on Access to your Personal Information by Employees and Authorized Parties. SWYE360’s
employees, agents, and contractors must have a legitimate business reason to access Personal Information
provided to SWYE360. We may share your Personal Information with third-party service providers,
including outside contractors or agents who help us manage our information activities, but they may only
use your Personal Information to provide us with a specific service and not for any other purpose. Where
General Policies on Working with Third Parties. When dealing with Third Parties in any data
context mentioned above, we will only do so if they adhere to similar privacy policies to ourselves,
safeguarding student data at a similar or definitively same level to the Student Data Privacy Pledge.
Your choice and options in our data collection, use, and transfer You can choose to not provide us
Personal Information. You may always decline to share your Personal Information with SWYE360.
Registration may not be required to access many portions of our platform. If you decline to register,
however, SWYE360 will not be able to provide to you certain features and functionalities found on our
platform. You may later enable or access those features by providing SWYE360 with the necessary Personal
You can edit or delete Personal Information in our records. We want you to have access to your
information so that you can help keep it as accurate as possible. If you register and provide SWYE360
with Personal Information, you may update your account and information at any time by reviewing your
profile information. To delete your account permanently or make other changes, email firstname.lastname@example.org.
You can disconnect us from Integrated Services. You may revoke SWYE360’s access to your account on
Integrated Service, such your Student Information System, at any time by updating the appropriate
settings in the respective Integrated Service account preferences. You should check your privacy
settings on each Integrated Service to understand and change the information sent to us through each
before using their services and connecting to our platform.
California Children’s Privacy Rights. If you are under 18, or the parent of a User under 18,
California, you are entitled to request removal of content or information on our platform. If you would
like to request the removal of your or your child’s content or information, please email us at email@example.com. for assistance. Please note that removal of
your content or information does not
ensure complete or comprehensive removal, as there may be de-identified or recoverable elements of your
content or information on our servers in some form. Additionally, we will not remove content or
information that we may be required to retain under applicable federal and state laws.
Our approach to Data Security is important to you and us. To protect your privacy and security, we
reasonable steps to verify your identity before granting you account access or making corrections to
your information. For example, we may ask you to provide certain Personal Information to confirm your
identity, and we may require that you create and use a password to access certain parts of our platform.
You should create and maintain a strong password to help ensure the security of your account.
We try to ensure that our platform and information sent to us are safe, but no security measures are
perfect. SWYE360 uses certain physical, managerial, and technical safeguards designed to
integrity and security of your Personal Information and other information we maintain in connection with
our platform. We cannot, however, ensure or warrant the security of any or all of the information you
transmit to SWYE360, and you do so at your own risk. Once we receive your transmission of information,
SWYE360 makes commercially reasonable efforts to ensure the security of our systems. When you enter
sensitive information, we encrypt the transmission of that information using secure socket layer
technology (SSL) or similar technologies. However, please note that this is not a guarantee that such
information may not be accessed, disclosed, altered, or destroyed by breach of any of our physical,
technical, or managerial safeguards.
We will notify you electronically or via the platform if SWYE360 experiences a data security incident
that could affect you. If we learn of a data security incident that compromises or appears to
compromise your Personal Information, then we will attempt to notify you electronically so that you can
take appropriate protective steps. We may also post a notice on our platform if a data security incident
How we maintain data integrity. SWYE360 only uses Personal Information as needed for the purposes
for which it was collected or where you have consented to our use of Personal Information relating to
you. We take reasonable steps to ensure that the Personal Information we store and use is accurate,
complete, and up-to-date. If you discover that Personal Information or other data pertaining to you is
inaccurate, incomplete, or out-of-date, please update your account information or contact us as outlined
Links to other sites. The platform may link to and may be linked by websites operated by other
or individuals. Some of these websites, such as the SWYE360 Facebook page, may be co-branded with our
such other third-party websites. You should consult the respective privacy policies of those third-party
International visitors. Our platform is operated and managed on servers located within the United
States. Suppose you choose to use our platform from the European Union or other regions of the world
with laws governing data collection and use that differ from U.S. law. In that case, you acknowledge and
agree that you are transferring your Personal Information outside of those regions to the United States.
By providing your Personal Information on the platform, you consent to that transfer. In some special
requirements, we may be able to create and manage isolated servers outside of the United States based on
specific international partnerships. Please contact us at firstname.lastname@example.org. regarding this
your personal information, our third-party disclosure practices, or your consent choices by email at
email@example.com. or by submitting a question using our Contact Form.