What Information Do We Collect and Why?
We invite visitors to our website who represent a potential customer or organization (educational institution, company, etc.) to provide us with an email address and/or other personal contact information so that we may contact them and provide them additional information regarding Digication. We do not distribute or otherwise share with any third party any personal information that any individual or organization provides to us before that individual or organization registers to use Digication.
When you register to use Digication, we require you to give us, if you have not already done so, personal information, including your name, email address, and age range and the name, address and nature of the organization (school, company, etc.) you are affiliated with. If you register on behalf of an educational institution, company, department, program, classroom or other organization (to enable your organization use the administration features of Digication and make Digication available to some or all of its potential users, without limitation), we also will or may require you to give us information concerning your authority to legally bind your organization, and financial and billing information for you or your organization, such as a billing name and address, credit card or purchase order number, and the number of instructors, students and other authorized users that will be using Digication under the organization's master account.
Please Note: We do not allow children under the age of 13 to register for Digication without the permission of a parent or guardian. A parent or guardian who gives permission may at any time later review, delete or refuse to allow the further collection of information concerning the child by contacting our liaison at the child's school or by contacting us directly (please see our contact information in paragraph 8 below). We do not require more information from children than is reasonably necessary to enable them to use Digication; we do not use any special game, prize or other activity to entice children to provide more information than is necessary to enable them to use Digication; and we do not share any personal information about children with any third party.
We use the email address you provide to us during registration to confirm your username and password and to provide you with a link to use to log onto Digication, activate your account and thereafter use Digication. You are, of course, responsible for maintaining the confidentiality and security of your user name and password.
After you register for Digication, we may ask you for additional personal information about yourself in order to make certain features of Digication available to you, enable third parties to offer you related services or for other purposes, such as the provision of customer service, billing, network management, synchronization of information, surveys and other exchanges of information. We may from time to time send you information regarding your account, updates to Digication and other administrative information regarding Digication, and may from time to time send you other information regarding Digication and the products and services of our third party partners. You may opt-out of receiving future promotional material at any time (please see our opt-out policy in paragraph 5 below).
Third party partners may help us provide some of the features and content included in Digication. You or we may need to share your personal information with one or more of our third party partners in order for you to access and use such features or content. You can prevent the sharing of this information by not accessing the feature or content.
What about links to other systems and services?
Digication may contain links to other websites that are not under our control. These websites may collect personally identifiable information about you. We have no responsibility for the privacy policies or content of these linked websites and allow these links solely for the convenience and information of our customers and visitors.
Digication has security measures in place to help prevent the loss, misuse, or alteration of data under our control. Your account information is password protected. We also have reasonable physical, electronic and procedural safeguards to protect your personal information. We employ industry standard Secure Socket Layer (SSL) technology to protect information using both server authentication and data encryption to help ensure that your data is safe, secure, and available only to you. We use an additional security method based on dynamic data and encoded session identifications, and have our website hosted in a secure server environment that uses a firewall and other advanced technology to prevent interference or access from outside intruders. Finally, we require that a unique user name and password be entered each time a user logs on. These safeguards help prevent unauthorized access, maintain data accuracy, and ensure the appropriate use of data.
You can at any time prior to registering for Digication opt out of being contacted by or receiving additional information from us by sending an email to HYPERLINK "mailto:firstname.lastname@example.org" email@example.com. Once you register for Digication, you may not opt out of receiving information concerning your account, updates to Digication or other administrative information regarding Digication, but may still at any time opt out of receiving other promotional information concerning Digication or the products and services of our third party partners by emailing HYPERLINK "mailto:firstname.lastname@example.org" email@example.com at any time.
Correcting and Updating Your Information
You may update or remove the personal information we maintain concerning you by logging onto our website at any time and editing your personal information. Note: If you register for Digication on behalf of an organization, you may need to first contact us to update or remove your personal information. You can view your updated profile to confirm that your edits have been made.
European Union Data Protection
If you reside in the European Union, upon registration you are required to give explicit consent that the personal information you have provided may be transferred and stored in countries outside the European Union, including the United States. If you fail to provide this consent, you will not be permitted to register for and access Digication.
General Data Protection Regulation (GDPR)
The GDPR is a new comprehensive EU data privacy law that will go into effect on May 25, 2018. Along with strengthening and standardizing user data privacy across the EU nations, the GDPR will require new or additional obligations on all organizations that handle EU citizens’ and residents’ personal data, regardless of where the organizations themselves are located.
What kind of personal data does Digication store about our users?
Basic personal information stored for all users:
- Your first and last names
- Your username
- Your email address (in rare cases, this information is not included)
Additional optional personal information which may be stored about our users:
- A unique identifier (aka SyncID or Account ID), which may be an ID number in use at the home institution or a repeat of basic information, like username or email address. This information is typically used to manage course and group enrollment on an institutional level.
- Information you have added to your user profile (including preferred notification email address, support email address, SMS contact, website link, profile image)
- Information that your institution has sent us, such as graduation date, major, credit information or additional account metadata.
- Content created by our users for personal and educational goals, including ePortfolios, discussion posts and comments, and coursework submitted to assignments.
Why does Digication store this data?
The basic information we collect and store about you is the minimum amount of data required to allow you to use Digication. Additional information provided by you serves to allow you to personalize your account, and create content as part of coursework or for personal use. Additional information provided by your home institution is used to manage your account, to further educational goals, and to facilitate assessment activities.
Where is Digication data stored and how is it protected?
- Digication user data is stored on secure servers in the cloud.
- Our main infrastructure provider (AWS) is GDPR compliant.
- We hold your data in as few places as necessary.
- Our employees will not create any unnecessary additional data sets.
- Our employees are trained in data security and they will always take reasonable steps to ensure your data is kept as accurate and up to date as possible.
- We regularly scan for software and infrastructure vulnerabilities using various test and auditing tools as part of our software development and quality assurance processes.
How long does Digication store user data?
- Digication data is held for the lifetime of an account.
- Support tickets are held until a request for deletion is made.
- Contact details gathered as part of activities through our websites will be retained until a user makes a request to us to have data held about them deleted.
How is data destroyed?
Individual user data is removed using standard operating system and database queries, this happens within 60 days after the account is marked for deletion after a request for removal of data is finalized.
What you can ask Digication about your data:
- What specific information do you hold about me?
- How can I gain access to my data?
- How do you keep my data up to date?
- How is Digication meeting its data protection obligations?
- All requests relating to data we hold about you should be directed to firstname.lastname@example.org.
Requesting the removal of the data Digication holds about you if you access Digication through a school, university or another organization:
- Contact your Digication administrator and request for your data to be removed.
- Your organization will then notify us of the request and it will be treated as a priority.
- Upon receiving this request, within 60 days we will create an inventory of all data we hold that is associated with your account. This will include: Digication user account details, all assets created or collaborated upon, submitted work, shared assets, or support tickets.
- The inventory will then be presented to your institution so they can discuss the implications of deleting this data.
- Following an agreement between you and your organization, we will remove all data required as a priority.
- Finally, we will notify all parties when the removal is complete.
If you access Digication through a Personal or Alumni account:
- Please contact us at email@example.com to request that the data we hold about you is removed.
- After receiving your request, within 60 days we will create an inventory of all data we hold about you and share this with you.
- If after viewing the inventory you still want us to delete the data then you will need to confirm via email.
- Once we have received consent to delete your data, we will remove it without undue delay and notify you when the process is complete.
Questions regarding this statement or our security and information practices should be directed to our security administrator by email to firstname.lastname@example.org or by regular mail addressed to Digication, Inc., Attn: Security Administrator, 10 Dorrance Street, STE 700, Providence, RI 02903. We will endeavor to reply to you within two business days to begin our investigation into any concerns about privacy or use of data that you bring to our attention.