We Value Your Privacy

Welcome to http://www.readorium.com (the “Site”). We understand that privacy online is important to users of our Site, especially when conducting business. This statement governs our privacy policies with respect to those users of the Site (“Visitors”) who visit and make use of the various services offered by Readorium (collectively, “Services”) (“Authorized Customers”).

Personally Identifiable Information

This refers to any information that identifies or can be used to identify, contact, or locate the person to whom such information pertains, including, but not limited to, name, address, phone number, fax number, email address, financial profiles, and credit card information. Personally Identifiable Information does not include information that is collected anonymously (that is, without identification of the individual user) or demographic information not connected to an identified individual.

What Personally Identifiable Information is collected?

We may collect basic user profile information from all of our Visitors. We collect the following additional information from our Authorized Customers: the names, addresses, phone numbers and email addresses of Authorized Customers, along with payment information for transacting orders.

Children’s Internet Protection Act (CIPA)

Our software does not provide any obscene or harmful content nor link to any obscene or harmful content, and so we are compliant with CIPA.

Children’s Online Privacy Protection Act (COPPA)

Regarding Students Under the Age of 13: Data Collected and How it is Used

Readorium collects the following data on students who are enrolled in the program: last and first name, grade, gender, teacher and school. This information, provided by the schools, is used to enroll students in the program, track their progress as they use the program, and to generate data reports. Students select their passwords, which are not shared with anyone else. Reports of student progress are emailed to the students’ teachers and school administrators and they can access more detailed information through the online Teacher Resource Center. Student information can only be accessed by school or school district staff and by Readorium staff. Any names used in sample data reports in the Teacher Resource Center or Readorium literature, are fictional. Student information will also not be disclosed to any person or organization other than the school district or Readorium staff. Also, the student information will not be sold.

In order to comply with the requirement that schools are informed of all the COPPA notices, these notices will be accessible through Readorium’s website, Readorium.com. To conform to COPPA guidelines, Readorium will presume that the school’s authorization is based on the school’s having obtained the parent’s consent. However, as a best practice, Readorium will advise schools to consider making such notices available to parents, and consider the feasibility of allowing parents to review the personal information collected. Readorium will delete students’ personal information once the information is no longer needed for its educational purpose.

Purchase of Readorium by Parents/Guardians

Should a parent or guardian purchase Readorium for their child, the information needed to enroll the child is last and first name, grade level and reading level. (Students cannot directly enroll for the program.) As with the School Privacy Policy, this data will not be shared or sold to any person or organization. Parents will be advised that they can access the Privacy Policy on Readorium via this website.

Additional Information about the Children’s Online Privacy Protection Act (COPPA)

To learn more about COPPA, please visit http://www.coppa.org/coppa.htm

What organizations are collecting the information?

In addition to our direct collection of information, our third party service vendors (such as credit card companies, clearinghouses and banks) may collect this information from our Visitors and Authorized Customers. We do not control how these third parties use such information, but we do ask them to disclose how they use personal information provided to them from Visitors and Authorized Customers. Some of these third parties may be intermediaries that act solely as links in the distribution chain, and do not store, retain, or use the information given to them.

How does the Site use Personally Identifiable Information?

We use Personally Identifiable Information to customize the Site, to make appropriate service enhancements, and to fulfill orders on the Site. We may email Visitors and Authorized Customers about research or new product offerings on the Site or information related to the subject matter of the Site. We may also use Personally Identifiable Information to contact Visitors and Authorized Customers in response to specific inquiries, or to provide requested information.

With whom may the information may be shared?

We may share aggregated information about our Visitors, including the demographics of our Visitors and Authorized Customers, with our affiliated agencies and third party vendors. We also offer the opportunity to “opt out” of receiving information or being contacted by us or by any agency acting on our behalf.

How is Personally Identifiable Information stored?

Personally Identifiable Information collected by Readorium is securely stored and is not accessible to third parties or employees of Readorium except for use as indicated above.

What choices are available to Visitors regarding collection, use and distribution of the information?

Visitors and Authorized Customers may opt out of receiving unsolicited information from or being contacted by us and/or our vendors and affiliated agencies by responding to emails as instructed, or by contacting us at Readorium, 541 Queen Anne Rd, Teaneck, NJ 07666.

Are Cookies Used on the Site?

Cookies are used for a variety of reasons. We use Cookies to obtain information about the preferences of our Visitors and the services they select. We also use Cookies for security purposes to protect our Authorized Customers.

What partners or service providers have access to Personally Identifiable Information from Visitors and/or Authorized Customers on the Site?

Readorium has entered into and will continue to enter into partnerships and other affiliations with a number of vendors. Such vendors may have access to certain Personally Identifiable Information on a need to know basis for evaluating Authorized Customers for service eligibility. Our privacy policy does not cover their collection or use of this information. Disclosure of Personally Identifiable Information to comply with law. We will disclose Personally Identifiable Information in order to comply with a court order or subpoena or a request from a law enforcement agency to release information. We will also disclose Personally Identifiable Information when reasonably necessary to protect the safety of our Visitors and Authorized Customers.

How does the Site keep Personally Identifiable Information secure?

All of our employees are familiar with our security policy and practices. The Personally Identifiable Information of our Visitors and Authorized Customers is only accessible to a limited number of qualified employees who are given a password in order to gain access to the information. We audit our security systems and processes on a regular basis. Sensitive information, such as credit card numbers, is protected by encryption protocols, in place to protect information sent over the Internet. While we take commercially reasonable measures to maintain a secure site, electronic communications and databases are subject to errors, tampering and break-ins, and we cannot guarantee or warrant that such events will not take place and we will not be liable to Visitors or Authorized Customers for any such occurrences.

How can Visitors correct any inaccuracies in Personally Identifiable Information?

Visitors and Authorized Customers may contact us to update Personally Identifiable Information about them or to correct any inaccuracies by emailing us at support@readorium.com.

Can a Visitor delete or deactivate Personally Identifiable Information collected by the Site?

We provide Visitors and Authorized Customers with a mechanism to delete/deactivate Personally Identifiable Information from the Site’s database by contacting support@readorium.com. However, because of backups and records of deletions, it may be impossible to delete a Visitor’s entry without retaining some residual information. An individual who requests to have Personally Identifiable Information deactivated will have this information functionally deleted, and we will not sell, transfer, or use Personally Identifiable Information relating to that individual in any way moving forward.

What happens if the Privacy Policy Changes?

We will let our Visitors and Authorized Customers know about changes to our privacy policy by posting such changes on the Site. However, if we are changing our privacy policy in a manner that might cause disclosure of Personally Identifiable Information that a Visitor or Authorized Customer has previously requested not be disclosed, we will contact such Visitor or Authorized Customer to allow such Visitor or Authorized Customer to prevent such disclosure.

Additional Information We Collect

We use Google’s Analytics Advertising Features for estimating visitor demographics and interests in order to improve each website visitor’s experience and our marketing.  This information is not personally identifiable, since it cannot be directly associated with a person’s name, email address, or any other personally identifiable information.   Cookies can be used for remarketing purposes, where our ads might appear on other websites a visitor goes to after leaving our website.  To opt out of this feature, please use this tool provided by Google.

Links

http://www.readorium.com might contain links to other web sites. Please note that when you click on one of these links, you are moving to another web site. We encourage you to read the privacy statements of these linked sites as their privacy policies may differ from ours.

Family Education Rights and Privacy Act (FERPA) Compliance

Readorium, in its role as a vendor to educational agencies and institutions (EAs), receives disclosures from the EAs of personally identifiable information (PII) contained in student records. Only information that is needed for Readorium to perform services outsourced to it by the EA is disclosed to Readorium. These disclosures are authorized under the Family Educational Rights and Privacy Act (FERPA), a federal statute that regulates the privacy of student records by EAs that receive financial assistance from the U.S. Department of Education. Readorium, as a contractor to the EA, receives the disclosures on the same basis as school officials employed by the EA, consistent with FERPA regulations, 34 CFR §99.31(a)(1)(i)(B). Consistent with those regulations, Readorium has a legitimate educational interest in the information to which it is given access because the information is needed to perform the outsourced service, and Readorium is under the direct control of the EA in using and maintaining the disclosed education records, consistent with the terms of its contract.

Readorium is subject to the same conditions on use and redisclosure of education records that govern all school officials, as provided in 34 CFR §99.33. In particular, Readorium must ensure that only individuals that it employs or that are employed by its contractor, with legitimate educational interests – consistent with the purposes for which Readorium obtained the information — obtain access to PII from education records it maintains on behalf of the district or institution. Further, in accordance with 34 CFR §99.33(a) and (b), Readorium may not redisclose PII without consent of a parent or an eligible student (meaning a student who is 18 years old or above or is enrolled in postsecondary education) unless the agency or institution has authorized the redisclosure under a FERPA exception and the agency or institution records the subsequent disclosure. An example of such a disclosure is when Readorium is requested by a school district to assist the district in the transfer of the student records from our system to another system.

Readorium will not sell or otherwise use or redisclose education records for targeted advertising or marketing purposes. Readorium does not allow advertising within it products, and therefore there is no behavioral or targeted advertising. Readorium uses data within its products only to deliver the services contracted by the educational institution. Readorium may use anonymized, non-PII data internally to improve the products and services it delivers to EAs.

Readorium employs extensive technological and operational measures to ensure data security and privacy, including advanced security systems technology.

All employees of Readorium are required to sign an Acknowledgement and Agreement of Policies that commits the employees to comply with Readorium’s data privacy and security policies.

Readorium does not own any of the student data or district-created data within its products. These data within the products are property of, and under the control of the local educational agency. The collection, input, use, retention, disposal, and disclosure of any information in our software applications are controlled solely by the EAs which license our products. Readorium cannot delete, change, or disclose any information from our software applications controlled by the EA. Students who wish to retain possession and control of their own pupil-generated content should contact the EA. If the EA is unable to fulfil the request of the student, Readorium can assist at the direction and expense of the EA.

In the event any third party (including the eligible student or parent/guardian of the eligible student) seeks to access education records, Readorium will immediately inform the EA of such request in writing. Readorium shall not provide access to such data or information or respond to such requests unless compelled to do so by court order or lawfully issued subpoena from any court of competent jurisdiction or directed to do so by the EA. Should Readorium receive a court order or lawfully issued subpoena seeking the release of such data or information, Readorium shall provide immediate notification, along with a copy thereof, to the EA prior to releasing the requested data or information, unless such notification is prohibited by law or judicial and/or administrative order or subpoena.

If the EA is unable to fulfil a request of an eligible student or parent/guardian to review the student’s records, Readorium can assist at the direction and expense of the EA. In such an event where a parent, legal guardian, or eligible student seeks to make changes to the data within our products parents, legal guardians, or eligible students shall follow the procedures established by the EA in accordance with FERPA. Generally these procedures establish the right to request an amendment of the student’s education records that the parent or eligible student believes is inaccurate, misleading, or otherwise in violation of the student’s privacy rights under FERPA. Parents or eligible students who wish to ask the EA to amend their child’s or their education record should write an EA official (often a Principal or Superintendent), clearly identify the part of the record they want changed, and specify why it should be changed. If the EA decides not to amend the record as requested by the parent or eligible student, the EA will notify the parent or eligible student of the decision and of their right to a hearing regarding the request for amendment. Additional information regarding the hearing procedures would be provided to the parent or eligible student when notified of the right to a hearing.

In the event Readorium becomes aware of a data breach or inadvertent disclosure of PII, Readorium shall take immediate steps to limit and mitigate such security breach to the extent possible. A senior executive of Readorium will notify a senior member of the affected EAs leadership team, ideally the Superintendent or similar chief executive. This typically will occur within 24 hours of confirmation of the event and would include the known relevant details. The EA and Readorium will work cooperatively in determining an action plan, including any required notification of affected persons.

In the event of termination of a license to use our products, Readorium works with the EA, in accordance of the terms of the EAs contract, to destroy all student records contained in our systems.

To the extent parents, guardians or students have questions regarding the content of, or privacy associated with, any applications used by the educational institution, please contact that agency or institution.

Readorium may, from time to time, update this policy to be in compliance with evolving state and federal laws and regulations. We will not materially change our policies and practices to make them less protective of your privacy without the written consent of the EA and the EA may rely upon any and enforce any current or prior version of this policy unless otherwise agreed to in writing.

Questions or Comments

Please direct any questions or comments about this privacy policy to harriet.isecke@readorium.com.

Last updated 14th May, 2018