Last Updated: 03/02/2020
1. General information
Each of the EE American Entities, with its registered office in New York, New York, United States of America, is established under the laws of the State of Delaware, United States of America. You can find their full contact details here. EE Poland, with its registered office in Kamieniec Wroclawski, Poland is established under the laws of the Republic of Poland. You can find its full contact details here: http://explaineverything.com/contact/.
Because EE Parent, EE Discover, EE Sales and EE Poland jointly determine the purposes and means of processing of personal data in connection with the Service, they shall be joint controllers as defined in the European General Data Protection Regulation 2016/679 (“GDPR”). Moreover, the EE American Entities designate EE Poland as their representative in the EU. The representative shall be mandated by the joint controller to be addressed in addition to or instead of the joint controller by, in particular, supervisory authorities and data subjects, on all issues related to processing, for the purposes of ensuring compliance with the GDPR.
Explain Everything may use tools or third party analytical software to automatically collect and use certain non-personal information that does not directly enable Explain Everything to identify you. The types of non-personal data Explain Everything may collect and use include, but are not limited to: (i) device properties, including, but not limited to IP address, Media Access Control (“MAC”) address and unique device identifier or other persistent or non-persistent device identifier (“Device ID”); (ii) device software platform and firmware; (iii) mobile phone carrier; and (iv) other non-personal data as reasonably required by Explain Everything to enhance the Service. Behavioral data related to application usage information may be tracked to determine which features are most popular, how they are being used, and how we can improve the applications and Service. In the process of de-identification of behavioral data that is aggregated for statistical analysis we remove information about user’s login and any device identifiers. The third party solutions that Explain Everything use are not authorized to access user’s information or identify a user based on scope of contained data they hold.
You recognize and agree that the analytics companies utilized by Explain Everything may combine the information collected with other information they have independently collected from other services or products relating to your activities. These companies collect and use information under their own privacy policies.
To learn more about the Privacy Shield program, and to view our certification page, please visit https://www.privacyshield.gov/.
2. Children’s Personal Information
Explain Everything collects limited Personal Information from students (“Children’s Personal Information“) only when that student’s school, district, and/or teacher has contracted with Explain Everything to collect Children’s Personal Information from students for the use and benefit of the learning environment.
Children under 13 years old are not allowed to create an account without a parent or guardian’s permission. We recommend that minors over the age of 13 ask their parents for permission before sending any information about themselves to anyone over the Internet. Personal Information for account creation may include username and email address. Personal Information for billing and administrative contacts may include name, address, phone number, and email address.
Please note that an environment using Explain Everything group accounts has an option to switch off even this limited Personal Information collection entirely, so that user email addresses are not required to create an account.
We require schools, districts, and/or teachers to obtain parental consent from students’ parents before collecting any such Children’s Personal Information. The collection occurs during the creation of a student’s account, either by student himself or by a Group Administrator. If you are a student, please do not send any Children’s Personal Information about yourself to us, other than what we request from you when you sign up for the Service. In the event that we learn that we have collected Children’s Personal Information from a student without parental consent being obtained by his or her school, district, and/or teacher, or if we learn a student has provided us Children’s Personal Information beyond what we request when he or she signs up for the Service, we will delete that information as quickly as possible. If you believe that a student may have provided us Children’s Personal Information beyond what is requested when signing up for the Service, or that a student’s school, district, or teacher has not obtained parental consent, please contact us.
Hereinafter, references to “Personal Information” shall apply to personal information of individual Service users who are not student registrants. References to “Children’s Personal Information” shall only apply to personal information of student users of the Service. General references to “information” shall apply to all users.
3. Information Collection and How it is Used
We collect information that is sent to us automatically by your Web browser. This information typically includes your IP address, the name and version of your operating system, the name and version of your browser, the date and time of your visit and the pages on this Site you visit. Please check your browser if you want to learn what information your browser sends or how to change your settings. This information does not identify you personally. Generally, we use this information to improve this Site and make it more compatible with the technology used by our visitors. However, we may link information sent by your browser to information that identifies you personally. For example, if you are a registered member, we may link your IP address to information that identifies you personally. In addition, if we suspect criminal activity, we may share our server logs with the appropriate investigative authorities who could use that information to trace and identify you.
If you have supplied us with your email address, we may occasionally send you an email to tell you about new features, ask for your feedback, or just keep you up to date with what’s going on with Explain Everything and our products. If you would prefer not to receive marketing or promotional emails from us that may relate, for example, to new services or offerings, you may opt-out of receiving these communications by using the opt-out mechanism in an email or by specifying your email communication preferences in your account settings. Following your opt-out, please be aware that we, or our affiliates, may continue to contact you via email for administrative or informational purposes, including, but not limited to, follow-up messages regarding the administration of your account, any services, features or functions you have affirmatively enrolled in or registered to use, any promotions or sweepstakes you have participated in or have entered, or other transactions you have undertaken on the Site.
4. How We Share Your Personal Information
Explain Everything will not rent or sell your Personal Information or Children’s Personal Information to anyone. However, we share your Personal Information and Children’s Personal Information as described below. Again, please note that references to “Personal Information” only apply to personal information of individuals who are not students.
You may choose to populate your user profile on the Service with Personal Information, including, without limitation, your name, photograph, and school affiliation. If you are a student, your user profile may only include your username (that might be generated and may have no relation to your real name). This user profile information will be displayed to other users to facilitate user interaction within the Service or facilitate interaction with the Company. However, please keep in mind that information (whether Personal Information or Children’s Personal Information or not) or content that you voluntarily disclose or otherwise publish (including User Submissions) through the Service becomes publicly available and can be collected and used by others, in accordance with the privacy settings you select in your account preferences. Your display name may be displayed to other users when you upload content, presentations, images or videos or send messages through the Service and other users can contact you through messages and comments. Any images, presentations, captions or other content that you submit to, or create on the Service (including User Submissions) may be redistributed through the Internet and other media channels, and may be viewed by the general public as permitted via the privacy settings.
Personal Information and Children’s Personal Information collected through the Site may be shared with companies and organizations that:
(i) need to know that information to perform services on our behalf (for example, companies that provide data management or other support services to us, such as data storage and Web hosting services as delineated in the Family Educational Right to Privacy Act (FERPA)), and
(ii) that have agreed not to disclose it to others. We will not use or disclose Children’s Personal Information collected through an educational/school service (whether personal information or otherwise) for behavioral targeting or advertisements to students.
Explain Everything does not acquire any user information from a third-party or vendors nor collect information from social or federated login providers.
The Company uses API integration for several third party services including Dropbox, Box, Evernote, and Google Drive. All user login information is collected and stored only by these third party cloud services. The Service does not store or access any login credentials for any third party services. Please refer to those companies’ privacy policies and terms of service if you have concerns or questions.
Explain Everything’s accountability for personal data that it receives under the Privacy Shield and subsequently transfers to a third party is described in the Privacy Shield Principles. In particular, Explain Everything remains responsible and liable under the Privacy Shield Principles if third-party agents that it engages to process the personal data on its behalf do so in a manner inconsistent with the Principles, unless Explain Everything proves that it is not responsible for the event giving rise to the damage.
In case you obtain a business licence and you create material containing any personal data using our Service, then Explain Everything’s accountability for such personal data that it receives under the GDPR shall be as the processor of such personal data and you will remain the controller of such data. We will process such data in accordance with the provisions contained in our Terms of Service. These Terms, together with any applicable Data Processing Agreement, contain all of our representations and obligations as the data processor and – once accepted by you – constitute a Data Processing Agreement, as prescribed by art. 28 of the GDPR. The user rights under the GDPR are:
Access to data
You have the right to access the information that we collect to provide our services. You can do this using this form. We will make sure to provide you with a copy of the data we process about you. In order to comply with your request, we may ask you to give us some additional information that we will use to verify your identity. If you fail to provide such information and the information that you have already given to us is not sufficient to identify you, we may refuse to provide you with information. We will fulfil your request by sending your copy electronically, unless the request expressly specifies a different method. For any subsequent access request, we may charge you with an administrative fee.
Erasure and rectification of data
If you believe that the information we have about you is incorrect, you are welcome to contact us so we can update it and keep your data accurate. We will automatically delete information about you from our systems after it is no longer needed for the purposes it was collected. We will also cause your information to be deleted from any third-party system if we find that such third party is misusing your information. If at any point you wish for us to delete information about you, you can do this by contacting us using this form.
Withdrawal of consent
If processing of your data is based on consent, you have the right to withdraw your consent at any time. If you at any point wish to withdraw your consent, you can do this by contacting us using this form. Remember that withdrawal of consent will not affect the lawfulness of processing based on this consent before its withdrawal.
We do not use any information provided by you for the purposes of automated decision-making, including profiling.
Disclosure of your data
We guarantee that all your personal information is protected through our compliance with GDPR standards and any related restrictions protecting access to user data. All data is encrypted while in transit and all traffic is performed only through the SSL (https). We store the data on encrypted servers in AWS data centers fulfilling SOC 1, SOC 2 and SOC 3 standards. Explain Everything regularly verifies safety of user data with scheduled audits and tests. We will not make this information available to third parties in cases different than those specified below, unless you give us a permission to do so or unless such disclosure is necessary to comply with a legal obligation that is imposed on us.
We may disclose your data to entities located in countries outside of the European Economic Area, provided that such entities meet appropriate data protection standards in accordance with the GDPR.
We may share information that you provided us with while purchasing a license for our software with:
- payment processors, i.e. PayPal and Braintree, in order to be able to process and complete the payment process for your order;
- storage, computing and network distribution provides, such as Amazon AWS;
- providers of services necessary to send transaction-related and product-related information via email to the extent that such disclosure is necessary to automate, simplify and analyze these processes(MailChimp, Firebase);
- external accounting and bookkeeping services providers to the extent that such disclosure is necessary to have these services provided to us;
- our legal advisors to the extent that such disclosure is necessary to obtain legal advice or protect our rights in legal proceedings;
- governments and law enforcement authorities only if we are required to do so by law. We will always attempt to redirect the law enforcement agency or government to request any data directly from you. If compelled to disclose your data, we will promptly notify you and provide a copy of the demand.
Each third party solution provider has a contractual limit within data processing agreement, that regulates responsibilities and forbids re-identification or other use of data outside of scope described in this document. We will notify you with an update to this document if the context in which your information is processed would change. We may share personal information obtained in connection with your use of the Service only if required to do so by law or if necessary to protect our rights in legal proceedings.
If Explain Everything ever were to engage in any onward transfers of data with third parties for a purpose other than which it was originally collected or subsequently authorized, Explain Everything would provide an opt-out choice to limit the use and disclosure of personal data.
Explain Everything will notify you at the email address you provided to us in the event of a data breach or exposure of your personal data to unauthorized individuals.
6. Questions and Complaints
119 W 24th St
New York, NY 10011
European Union customers should use following contact details for questions or concerns related to the GDPR:
Explain Everything sp z o.o.
55-079 Wrocław, Poland, EU
Explain Everything has further committed to refer unresolved privacy complaints under the EU-US Privacy Shield Principles to BBB EU PRIVACY SHIELD, a non-profit alternative dispute resolution provider located in the United States and operated by the Council of Better Business Bureaus. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit http://www.bbb.org/EU-privacy-shield/for-eu-consumers/ for more information and to file a complaint.
Please note that if your complaint is not resolved through these channels, under limited circumstances, a binding arbitration option may be available before a Privacy Shield Panel.