Business Purposes includes the following:
- Debugging means identifying and repairing errors that impair existing intended functionality.
- Evaluation means undertaking internal research to assess the effectiveness of the Services and for technological development and demonstration.
- Maintenance and Improvement means undertaking activities to verify or maintain the quality or safety of the Services, and to improve, upgrade or enhance the Services.
- Provide the Services means delivering and providing the Services, including, but not limited to, providing educational-related services, maintaining accounts, providing customer service, fulfilling orders and verifying customer information.
- Security means detecting security incidents, protecting against malicious, deceptive, fraudulent or illegal activity and taking appropriate action for those responsible for that activity.
- Short-Term Use means short-term, transient use related to a current interaction with a California resident, such as the contextual customization of information shown as part of the same interaction. In Short-Term Use, the personal information is not disclosed to another third party and is not used to build a profile about an individual or otherwise alter an individual’s experience outside the current interaction.
Personal Information means information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular California resident or their household.
User means an individual who uses this site or the Services.
Personal Information Collected and Disclosed within the Last 12 Months
Within the last 12 months, we have not collected and disclosed categories of Personal Information through the Services.
Sale of Personal Information
We do not monetize Personal Information. We do not sell, and have not sold, within the last twelve (12) months, any Personal Information collected through the Services, except to the extent that third party targeted advertising cookies and related technologies are ultimately determined to be a “sale” for purposes of the California Consumer Privacy Act. The following categories of personal information may have been collected and shared through such cookies and related technologies during the past 12 months within the digital advertising ecosystem: Identifiers (limited to a numeric identifier, such as an IP address) Commercial Information, Internet or Similar Network Activity, Geolocation Data and Inferences drawn from other Personal Information.
Under the California Consumer Privacy Act (CCPA), California residents have certain rights related to their personal information collected by and on behalf of a business subject to the law. Students also have certain privacy rights under U.S. Family Educational Rights and Privacy Act (FERPA).
FERPA Privacy Rights. FERPA provides students with privacy rights and protection for educational personally identifiable information collected and processed on behalf of educational institutions receiving government funding from the U.S. Department of Education. FERPA provides students with rights to obtain from these educational institutions access to their educational records, as well as correction and amendment of their educational records, even though the CCPA does not apply to non-profit and public educational institutions.
CCPA Right to Know. California residents may request a business to disclose the following information about the business’ collection and use of their personal information over the past twelve (12) months, provided that such requests are made no more than twice within a twelve (12) month period:
- The categories of personal information collected;
- The categories of sources for the personal information collected;
- The business or commercial purpose for collecting, and, if applicable, selling, personal information;
- The specific pieces of personal information collected;
- If the personal information has been disclosed, the categories of personal information disclosed and the categories of third parties receiving the personal information;
- If the personal information has been sold, the categories of personal information sold and the categories of third parties to whom the personal information was sold.
CCPA Deletion Right. California residents may request a business to delete the personal information that the business collected and has been retained by the business or its service providers. This right is limited, and the business may deny a deletion request if it is necessary for the business or a service provider to maintain the personal information in order to:
- Complete the transaction for which the personal information was collected, provide a good or service requested by the individual, or reasonably anticipated within the context of a business’ ongoing business relationship with the individual, or otherwise perform a contract between the business and the individual.
- Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity; or prosecute those responsible for that activity;
- Debug to identify and repair errors that impair existing intended functionality;
- Exercise free speech ensure the right of another individual to exercise his or her right of free speech, or exercise another right provided for by law.
- Comply with the California Electronic Communications Privacy Act pursuant to Chapter 3.6 (commencing with Section 1546) of Title 12 of Part 2 of the Penal Code;
- Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest , where the businesses’ deletion of the information is likely to render impossible or seriously impair the achievement of such research, if the individual has provided informed consent;
- Enable solely internal uses that are reasonably aligned with the expectations of the individual based on the individual’s relationship with the business;
- Comply with a legal obligation;
- Otherwise use the individual’s personal information, internally, in a lawful manner that is compatible with the purpose for which the individual provided the information.
CCPA Right to No Sale of Personal Information. A California resident has the right to opt-out of the sale of their Personal Information by a business subject to the CCPA. In addition, a business subject to the CCPA must have affirmative authorization in order to sell the Personal Information of a California resident who it knows is under the age of 16. As explained above, we do not sell Personal Information, except to the extent that third party advertising cookies are ultimately determined to be a “sale” under the California Consumer Privacy Act. Additional information is available on our Do Not Sell My Info page, including information about how to manage or block these cookies. We do not engage in targeted advertising to individuals who we know are under the age of 16.
CCPA Right to Non-Discrimination. A business subject to the CCPA may not discriminate against a California resident for exercising any of their CCPA privacy rights.
How to Make a Request under the Right to Know and Right to Deletion
Beginning January 1, 2020, California residents may submit a Right to Know and Right to Deletion request to us by email at [email protected] or by calling us at (540) 277-3138.
Note: Please direct any access, deletion or correction requests related to education records and to course data directly to their educational institutions. As a service provider, Unbound cannot delete or modify education records or other records collected or processed for, or on behalf of, an educational institution, unless it is directed to do so by the educational institution.
Under California law, we will only respond to verifiable requests that are made either: (a) by a California resident; (b) by a person registered with the California Secretary of State who a California resident has authorized to act on their behalf; or (c) by a parent or legal guardian, if the California resident is a minor.
We will not require a California resident to set up an account in order to make a request or receive the requested information. In order to respond to a request, however, we must be able to reasonably verify, understand and fulfill the request. We will not be able to respond to the request if we are unable to verify identity or the authority to make the request. In conducting verification, we generally will use personal information previously collected by us. If the request is made on behalf of another individual, we may require additional verification and documentation of the individual’s authority to make the request. In responding to requests, we may limit the information provided for privacy and security reasons, as permitted by law.
Our goal is to respond to requests within 45 days. If we need another 45 days, we will advise the requester within 45 days after receiving the request.
We will not charge a fee to respond to a request, unless it is excessive, repetitive or unfounded. If a fee will apply, we will advise the requester before completing the request, explain why a fee applies and provide an estimate of the fee.
Changes to this California Supplemental Privacy Statement
If you have any questions or comments about this Privacy Statement or your rights under California law, please contact us at [email protected].