System Status
We know you rely on Lightspeed Systems solutions to do amazing things, so we continuously monitor our services internally and through 3rd-party services. Find interruptions in services, updates, and maintenance announcements here.
Information security and data protection is an integral part of our core beliefs. We have dedicated security and compliance teams, who are committed to keeping your information safe and secure. Lightspeed Systems employs strict policies and procedures to ensure availability, integrity, and confidentiality of customer data.
We know you rely on Lightspeed Systems solutions to do amazing things, so we continuously monitor our services internally and through 3rd-party services. Find interruptions in services, updates, and maintenance announcements here.
Lightspeed Systems understands the need to safeguard the personal and confidential data of our customers, employees, and partners. Privacy and security is our responsibility, and we provide innovative solutions that enhance, rather than compromise, data privacy and security.
Since 1999, Lightspeed Systems has been partnering with schools around the world to protect students and make learning adaptable to the ever-changing technological landscape. The nature of our business mandates us to be compliant with the various student data privacy laws, to ensure student data is safeguarded.
Lightspeed Systems provides hosted services including mobile device management, web filtering, app analytics, and classroom management for schools. Our services are available at least 99.9% of the time, with servers being continuously monitored for performance and availability.
COPPA applies to the online collection of personal information by persons or entities under U.S. jurisdiction about children under 13 years of age. Parental consent is required for the collection or use of any personal information of the users.
We meet the following COPPA guidelines listed below and agree to:
The Family Educational Rights and Privacy Act (FERPA) is a Federal law that protects the privacy of student education records. The law applies to all schools that receive funds under an applicable program of the U.S. Department of Education.
Education Law § 2-d went into effect in April 2014. The focus of the statute was to foster privacy and security of personally identifiable information (PII) of students and certain PII related to classroom teachers and principals.Lightspeed Systems complies with the NY ED Law 2-D and the Parents Bill of Rights, which requires the following:
The Student Privacy Pledge is a public and legally enforceable statement by ed tech companies to safeguard student privacy, built around commitments regarding the collection, maintenance, and use of student personal information.
The SDPC is a unique collaboration of schools, districts, regional, territories and state agencies, policy makers, trade organizations and marketplace providers addressing real-world, adaptable, and implementable solutions to growing data privacy concerns.
The California Consumer Privacy Act of 2018 (CCPA) gives consumers more control over the personal information that businesses collect about them.
California consumers may make a request pursuant to their rights under the CCPA by contacting us at [email protected].
The California Privacy Rights Act (CPRA) amends and expands on the California Consumer Privacy Act (CCPA). CPRA went into effect on Jan 1, 2023. CCPA was amended to protect the personal data of California employees (B2E) and business-to-business (B2B) contacts and requires all organizations collecting California resident data to apply more extensive protections, such as privacy risk assessments, data minimization and retention policies.The CPRA now focuses data rights on b2b relationships and employees – from transparent data disclosure to more vigorous enforcement and higher awareness of privacy risks related to data collection and processing — and accounting for any data tied to California employees, businesses, and residents.
Who does the California Privacy Rights Act protect?
Any individual who is a California resident employee and a service provider/vendor, contractor, consultant, applicant, freelancer, and remote worker can reasonably be identified.
GDPR is a regulation that requires businesses to protect the personal data and privacy of EU citizens for transactions that occur within EU member states.
The Australian Privacy Act 1988 regulates the handling of personal information in Australia. This legislation serves as the foundation of data collection and management policies across the country The Act outlines 13 Australian Privacy Principles (APPs) for managing the use personal and sensitive information
Who does the Privacy Act apply to?
The Privacy Act applies to Australian Government agencies and organizations with an annual turnover exceeding AUD 3 million that handle the personal information of Australian residents.
Fundamental Principles of the Australian Privacy Act (1988)
Lightspeed Systems is committed to meeting the data protection requirements outlined Australian Privacy Principles as follows:
On July 10, 2023, the European Commission’s adequacy decision for the EU-U.S. Data Privacy Framework (EU-U.S. DPF) entered into force. The EU-U.S. Data Privacy Framework (EU-U.S. DPF) and the UK Extension to the EU-U.S. Data Privacy Framework (UK Extension to the EU-U.S. DPF), were respectively developed in furtherance of transatlantic commerce by the U.S. Department of Commerce, the European Commission and the UK Government to provide U.S. organizations with reliable mechanisms for personal data transfers to the United States from the European Union/ European Economic Area and the United Kingdom, while ensuring data protection that is consistent with EU and UK laws.Lightspeed Systems complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF) and the UK Extension to the EU-U.S. DPF, as set forth by the U.S. Department of Commerce. Lightspeed Systems has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union and the United Kingdom in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF. If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (DPF) Program, and to view our certification, please visit https://www.dataprivacyframework.gov/.
Lightspeed Systems is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC).
In compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF, Lightspeed Systems commits to cooperate and comply respectively with the advice of the panel established by the EU data protection authorities (DPAs) and the UK Information Commissioner’s Office (ICO) with regard to unresolved complaints concerning our handling of human resources data received in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF in the context of the employment relationship.
For more details on our compliance with the Data Privacy Framework, please review the ‘International Data Transfers’ section of our Privacy Policy.
The Office of Foreign Assets Control (“OFAC”) of the US Department of the Treasury administers and enforces economic and trade sanctions based on US foreign policy and national security goals against targeted foreign countries and regimes, terrorists, international narcotics traffickers, those engaged in activities related to the proliferation of weapons of mass destruction, and other threats to the national security, foreign policy or economy of the United States.
Entity Name | Subprocessing Activities | Entity Location (HQ) | Security & Supplemental Measures |
---|---|---|---|
Amazon Web Services, Inc. | Application Hosting & Storage | United States | |
LightEdge | Data Center | United States | |
Microsoft Corporation (Microsoft Azure) | Application Hosting & Storage | United States |
Entity Name | Subprocessing Activities | Entity Location (HQ) | Security & Supplemental Measures |
---|---|---|---|
Ably.io | Presence Monitoring | United Kingdom | |
Adobe Sign | Electronic Signature Provider | United States | |
FullStory | Product Analytics | United States | |
Greenhouse Software Inc. | Recruitment Management Software | United States | |
Hive AI | Text Moderation for Product Functionality | United States | |
Microsoft Corporation | Email and Collaboration Tools | United States | |
Namely | Payroll Management Software | United States | |
NetSuite | Accounting Systems | United States | |
Pendo.io Inc | Software Experience Management | United States | |
Salesforce | Customer Support – CRM Provider | United States | |
Snowflake | Product Usage Analytics, Categorization Database | United States | |
Twilio | Communications Technology Provider | United States | |
Zoom, Inc. | Video Conferencing Provider | United States |