Lightspeed Systems’ Commitment to Your Privacy
Lightspeed Systems provides a variety of services (“Services”) to securely manage technology users, internet-enabled devices, and internet access. We understand the importance of privacy to our online visitors, to schools who register for our Services, (“Schools”) and to students and staff (“End User”) whose information we may access on behalf of a School.
As you are navigating between school and related sites, please be aware that other parties’ privacy policies may come into play. If you are using any of the Services through a customer of Lightspeed Systems this policy does not supersede the terms of any agreements between Lightspeed Systems and any other party, nor does it affect the terms of any agreement between any End User of the Services and their employer, their educational institution, or any third party. Please make sure that you read the terms of any privacy policies that you enter into with parties other than Lightspeed Systems including your employer or educational institution, as those policies may also explain how your personal information is used by those parties. If you are accessing Lightspeed Systems through a third-party, public, or unsecured internet provider, please be advised that any information you disclose or publish during the course of such access may be collected by any such provider and that Lightspeed Systems has no control and makes no representation as to the possible use of this information by any such provider.
Please note that each School controls its instance of the Services and any associated data processed within that instance (“School Data”). If you have any questions about a School’s privacy practices, please contact the applicable School. For more information about who is the controller of data and under what circumstances, refer to the “Your Rights Regarding Your Data” section below.
We collect the following types of information:
Information about School Personnel: Schools decide which data is integrated with our Services. When a School administrator registers a School with Lightspeed Systems or corresponds with us online, we ask for certain information including a contact name, school name, school district, school email address, school physical address and/or account name, phone number, job title, message content, and information relating to the School’s information systems. We may also retain information provided by a School if the School sends us a message, posts content to our website or through our Services, or responds to emails or surveys. Once a School begins using Services provided by Lightspeed Systems, we will keep records of activities related to the Services. We use this information to operate, maintain, and provide the features and functionality of the Services, including customer service, support, and billing; to analyze our offerings and functionality; to communicate with our Schools and website visitors; to exchange information, and to offer related services such as user group membership and event registration.
Student Data: Lightspeed Systems may have access to personally identifiable information about students (“Student Data”) in the course of providing Services to a School, including student name, email address, device information/identifiers and usage data We recognize Student Data is confidential and do not use such data for any purpose other than to provide the Services on the School’s behalf. Lightspeed Systems receives Student Data only from the School and never interacts with the Student directly. The School confirms that it has obtained appropriate parental consent, as needed before the student is permitted to access the Services. Lightspeed Systems has access to Student Data only as requested by the School and only for the purposes of performing Services on the School’s behalf.
We may also generate a login ID for the child that is different than the child’s actual name or under the School’s direction, collect login/authentication data via a student information system identification number or other system designated by Customer.
Parent Data: When a parent uses the Services, including the parent portal, Lightspeed Systems may collect their full name and email address. We use this information to operate, maintain, and provide the features and functionality of the Services, including customer service and support; to analyze our offerings and functionality; and to communicate with parents.
Parents should consult the school’s acceptable/responsible use, social media, personnel, and instructional policies for more information about the school’s policies and practices for protecting children on the internet. Teachers are reminded to also be aware of their obligations under the ethical standards for educators in their state and to be conscious of their role as a model for students while interacting with students using Services provided by Lightspeed Systems.
See “Student Safety” below for further explanation of our commitment to online student safety.
Non-Personally Identifiable Information: We may collect certain non-personally identifiable information from visitors to our sites and users of our Services, such as the date and time of their visit, the type of browser used (e.g., Chrome, Firefox, Internet Explorer), the type of operating system used (e.g., Windows 7 or Mac OS), the internet service provider from which the visitor receives internet access, and aggregate information regarding what pages users of the site access or visit. We may collect data for Schools to monitor and generate reports of their users’ online search queries, websites visited or blocked from visiting recorded web activity, and device geolocation for purpose of asset recovery. In addition, we may monitor Schools’ onboarding tasks completed, search queries on our sites, number of users’ sessions on our websites, city and state/province where last accessing our Services, responses to our survey questions, and content provided on managed devices via customizable fields.
We may also match non-personally identifiable information from registered members with personally identifiable information (such as the member’s name, title) in our database to track deployment progress, troubleshoot Services issues, analyze usage, and otherwise monitor Services to make improvements.
Other Data: We obtain contact and business information used to communicate with you about the Services from conferences, events and webinars, sales partners, and public records.
Clear GIFs, pixel tags, and other technologies: Clear GIFs (also known as web beacons, web bugs or pixel tags) are tiny graphics with a unique identifier, similar in function to cookies. In contrast to cookies, which are stored on your computer’s hard drive, clear GIFs are embedded invisibly on web pages. We may use clear GIFs, in connection with Services provided by Lightspeed Systems to, among other things, track the activities of visitors, help us manage content, and compile statistics about site usage. We and our third-party service providers also use clear GIFs in HTML emails to our customers to help us track e-mail response rates, identify when our e-mails are viewed, and track whether our e-mails are forwarded.
We use or may use the data collected through cookies, log files, device identifiers, and clear GIFs to (a) remember information so in subsequent visits a user will not have to re-enter it; (b) provide custom, personalized content, and information; (c) monitor the effectiveness of our Services; (d) monitor aggregate metrics such as total number of visitors, traffic, and usage on our website and our Services; (e) diagnose or fix technology problems; and (f) help users efficiently access information after signing in.
Do-Not-Track: Currently, our systems do not recognize browser “do-not-track” requests. You may, however, disable certain tracking as discussed in this section (e.g., by disabling cookies).
Data Controller: By providing Lightspeed Systems information via our website, tradeshow, Lightspeed Systems event, Partner event, e-mail, phone, chat or support case, you authorize Lightspeed Systems to serve as the Data Controller.
Data Processor: By licensing to use Lightspeed Systems services, you authorize Lightspeed Systems to serve as the Data Processor for the licensed services.
Lightspeed Systems complies with the Children’s Online Privacy Protection Act (COPPA, see FTC complying with COPPA FAQs) and the Student Privacy Pledge (studentprivacypledge.org) to ensure the online safety of children. Student accounts are provided only through a verified educator, school, or educational organization. Schools agree to obtain and maintain all necessary rights and consents, including consents required by COPPA, either from an End User or, where necessary, the End User’s parent or legal guardian, to allow Lightspeed to provide and improve the Lightspeed System and collect and receive user data in order to provide the Services. Please read Lightspeed’s COPPA Notice here.
We meet the following guidelines listed below and agree to:
We may share personal information with:
We may aggregate and/or de-identify any information collected through the Services so that such information can no longer be linked to you or your device (“Aggregate/De-Identified Information”). Aggregate/De-Identified Information may be used to determine the demographic composition of our user base and to distribute statistics and general marketplace information about Lightspeed Systems. We may use, transfer, or disclose Aggregate/De-Identified Information for any purpose, including to describe the Services to prospective partners and other third parties and for other lawful purposes.
We do not use personal information for any other commercial purpose.
Further, Lightspeed Systems recognizes its potential liability when onward transferring EU individuals’ data received pursuant to the EU-US Privacy Shield. An individual has the ability, under certain conditions, to invoke binding arbitration for complaints regarding Privacy Shield compliance not resolved by any of the other Privacy Shield mechanisms. Please refer to Annex I of the Privacy Shield for additional information.
In certain areas of the Services, Lightspeed Systems makes announcements, email, chat, polls, forums, discussions, and/or news groups available. Please remember that any information that is disclosed in these areas becomes public information, and you should exercise caution when deciding to disclose any of your personal or other information in these or any other publicly available site. And if you see inappropriate content posted by any other user, please report that information to us so we can review the post and respond accordingly.
For Data That We Collect Via Our Products
Adult End Users of Services provided by Lightspeed Systems should contact their educational institution or other organization providing the Services about their right to access their data collected and used by Lightspeed Systems and requests to be forgotten, electronic copies of data, requests for data deletion, data depersonalization and/or data not available through your account login. Schools may access and update account information and modify Services by signing into an administrator account. Adult End Users may be able to access and change their information collected during account creation by choosing the “edit account information” option or other similar functionality offered in the Services. To access or change your personal information, log into your account through the Services.. End Users and visitors may opt out of receiving future promotional electronic mailings from Lightspeed Systems by following the unsubscribe procedures indicated in the mailing
Student Data: Student End Users of Services provided by Lightspeed Systems and their parents should contact their educational institution or other organization providing the Services about access to the personal information collected by that institution including requests to be forgotten, requests for data, requests for data deletion, and/or data depersonalization.
Deleting or Disabling Cookies: Most web browsers automatically accept cookies, but if you prefer, you can edit your browser options to block them in the future. The Help portion of the toolbar on most browsers will tell you how to prevent your computer from accepting new cookies, how to have the browser notify you when you receive a new cookie, or how to disable cookies altogether. End Users of Services provided by Lightspeed Systems who disable cookies will be able to browse certain areas of our sites, but some features may not function.
Data Portability: License holders of Lightspeed Systems products may request in writing that the data they provided be returned to them in electronic format. Within a reasonable time Lightspeed Systems will return the data provided by the license holder for the products they have licensed.
Individuals who provided information via our websites, Tradeshow, Lightspeed Systems event, Partner event, e-mail or phone call may request in writing that the data they provided be returned to them in electronic format. Within a reasonable time Lightspeed Systems will return the data provided.
For Data That We Collect From Visitors Of Our Websites
Account Information and Settings: Adult End Users and visitors of the Lightspeed Systems websites have a right to access the data collected and used by Lightspeed Systems To make requests to access or change account information, be forgotten, electronic copies of data, data deletion, and/or data depersonalization, please contact us via the contact information below. End Users and visitors may opt out of receiving future promotional electronic mailings from Lightspeed Systems by following the unsubscribe procedures indicated in the mailing.
Children’s Data: Lightspeed Systems does not knowingly solicit or attempt to collect information from children via its websites. We ask that anyone under the age of 13 not use our websites or submit information to us. Please contact us via the contact information below if you have any questions, concerns, need to access, change, or delete the Personal Information that has been submitted by a child.
Please contact us at the address below if you have any other questions or concerns about the information you receive from us or the information that we collect from you.
Privacy Information for California Residents
California law requires us to provide some additional information regarding your rights with respect to your “personal information” (as defined in the California Consumer Privacy Act (CCPA)).
In many cases, if you are a California resident, the CCPA allows you to make certain requests about your personal information. Specifically, unless certain exceptions apply, the CCPA allows you to request us to:
You also have certain rights under the CCPA not to be subject to certain negative consequences for exercising CCPA rights.
We reserve the right to verify your identity before responding to a request, which may include, at a minimum, depending on the sensitivity of the information you are requesting and the type of request you are making, verifying your name, email address, phone number, or other information. You are also permitted to designate an authorized agent to submit certain requests on your behalf. In order for an authorized agent to be verified, you must provide the authorized agent with signed, written permission to make such requests or a power of attorney. We may also follow up with you to verify your identity before processing the authorized agent’s request.
Please note that certain information may be exempt from such requests under California law. For example, we need certain information in order to provide the Services to you or to comply with legal obligations, so we would need to either reject your request to delete the information or, if we are legally permitted to delete it, we would need to terminate our provision of the Services to you after deleting it. If you would like further information regarding your legal rights under California law or would like to exercise any of them, please contact us at email@example.com or write to us using the contact details provided in the “How to Contact Lightspeed Systems” section below.
How and when we are expected to handle your request
We will confirm receipt of your verifiable request within 10 days and provide information about how we will process your request.
We will respond to your request within 45 days of its receipt. Should we need more time, we will explain to you the reasons why, and how much more time we need. Should we deny your request, we will explain you the reasons behind our denial.
We do not charge a fee to process or respond to your verifiable request unless such request is manifestly unfounded or excessive. In such cases, we may charge a reasonable fee, or refuse to act on the request. In either case, we will communicate our choices and explain the reasons behind it.
With regard to School Data, consumers should direct requests to exercise applicable rights to the School on whose behalf we handle the data. If we receive a request from a consumer directly in relation to School Data, we will either alert you to redirect your request to the applicable School or refer that request to the appropriate School and await each School’s instructions on how to handle it.
Collection, Use, and Disclosure of Californians’ Personal Information
We share certain personal information as set forth in “Third Parties: How We May Share Your Information” section and in the chart below, and we allow third parties to collect certain information about your activity, for example through cookies, as explained in the “Your Data: How We Collect and Use Information” section.
California residents may opt out of the “sale” of their personal information. We do not “sell” California residents’ personal information under the CCPA, based on our current understanding of the definition of sell. We do share certain information as set forth in “Your Data: How We Collect and Use Information” section and in the chart below, and as also explained in that section, we allow third parties to collect certain information about your activity, for example through cookies.
|Category of personal information collected by Lightspeed||Categories of third parties to which the information was disclosed for a business purpose|
|Identifiers, such as real name, username, unique user ID, or other similar identifiers.|
|Contact and account registration information, such as telephone number, email address, job title, or other contact information.|
|Customer service information, such as questions and other messages you address to us and summaries or voice recordings of your interactions with customer care.|
|Business and commercial information, such as position, title, business address, business email address, phone, size, location, and needs of your School, records of products or services purchased or considered, or other purchasing or consuming histories.|
|Financial information, such as credit card or bank account information.|
|Device information and identifiers, such as IP address, browser type and language, operating system, platform type, device type, and software and hardware attribute.|
|Connection and usage data, such as landing pages, browsing activity, content or ads viewed and clicked, dates and times of access, pages viewed, time spent on each page, search terms, information about network web traffic (including traffic from a specific user), information about files you download, domain names, forms you complete or partially complete, uploads or downloads, whether you open an email and your interaction with email content, access times, error logs, and other similar information, and sensory and telemetry data.|
|Geolocation data, if enabled by the School, such as city, state, country, and ZIP code associated with your IP address or derived through Wi-Fi triangulation, and with your permission in accordance with your mobile device settings, and precise geolocation information from GPS-based functionality on your mobile devices. Please note that some location-based services may require your personal information for the feature to work as intended.|
|Other information, such as any other information you choose to directly provide to us in connection with your use of the Services.|
California “Shine the Light” Disclosure
The California “Shine the Light” law gives residents of California the right under certain circumstances to opt out of the sharing of certain categories of personal information (as defined in the Shine the Light law) with third parties for their direct marketing purposes. We do not share your personal information with third parties for their own direct marketing purposes within the meaning of that law.
Supplemental Notice for Nevada Residents
Storage: All of your personal information is stored on servers at locations designed specifically to ensure that only authorized individuals have access to the server or its data. Lightspeed Systems maintains strict administrative, technical, and physical procedures to protect information stored on our servers. Access to information is limited through login credentials to those employees who require it to perform their job functions.
Processing: Industry-standard Secure Socket Layer (SSL) encryption technology is used to safeguard the account registration process. Other security safeguards include but are not limited to data encryption, firewalls, two-factor authentication, and physical-access controls.
Practices: We have in place and maintain procedures and practices to ensure data security. These include a Data Governance Team, Security Policy, Privacy Inquiry Policy, Incident Response Plan, Privacy/Security by Design, Vendor Assessments, Security Assessments and regular specific Security Training.
Please be aware, that despite our efforts, no security measures are perfect or impenetrable. We have implemented best practices to protect both your and our data however we do not warrant or guarantee these measures are perfect.
If we learn of a security breach, we will notify you according to our Incident Response Plan or according to Data Processing/Sharing Agreements in place. Depending on where you live, you may have a legal right to receive a notice of a security breach in writing.
For more detailed information on our data security practices, please visit our Security and Compliance page.
We retain data for as long as necessary to fulfill the purposes for which it was collected for. Following termination or deactivation of a School account, Lightspeed Systems may retain profile information and content for a commercially reasonable time for backup, archival, or audit purposes, but all Student Data associated with the School will be deleted in accordance with Lightspeed Systems Data Deletion policy, or in accordance with active DPA, DSA or SLA. We may maintain Aggregated/De-Identified Information, including usage data, for analytics purposes.
If you have any questions about data retention or deletion, please contact us via the contact information below.
We are aware of the July 16, 2020 decision from the European Union Court of Justice, which invalidated the EU-U.S. Privacy Shield. Lightspeed Systems will work with its customers and update appropriate contracts to incorporate Standard Contractual Clauses (documents approved by the European Commission for use in cross-border data transfer situations) with Lightspeed Systems. We will abide by our obligations under the Standard Contractual Clauses we have signed with our customers. In some cases, customers also may transfer personal data to Lightspeed Systems from the UK or European Economic Area on the basis of derogations under GDPR Article 49. As legally required, Lightspeed Systems will continue to comply with its obligations with respect to data received under the EU-U.S. Privacy Shield.
Lightspeed Systems Privacy Department
2500 Bee Cave Road, Suite 350
Austin, TX 78746
Lightspeed Systems has further committed to refer unresolved privacy complaints under the Privacy Shield Principles to an independent dispute resolution mechanism, the BBB EU PRIVACY SHIELD, operated by BBB National Programs. If you do not receive timely acknowledgement of your complaint, or if your complaint is not satisfactorily addressed, please visit https://bbbprograms.org/privacy-shield-complaints/ for more information and to file a complaint. This service is provided free of charge to you.
Lightspeed Systems is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC).
Residents in the European Union and the United Kingdom are entitled to certain rights with respect to personal information that we hold about them. Subject to any exemptions provided by the law, their rights are as follows:
EU & UK consumers may make a request pursuant to their rights under the GDPR by contacting us at firstname.lastname@example.org
General Data Protection Regulation (GDPR) – European Representative
Pursuant to Article 27 of the General Data Protection Regulation (GDPR), Lightspeed Systems has appointed European Data Protection Office (EDPO) as its GDPR Representative in the EU. You can contact EDPO regarding matters pertaining to the GDPR:
UK General Data Protection Regulation (GDPR) – UK Representative
Pursuant to Article 27 of the UK GDPR, Lightspeed Systems has appointed EDPO UK Ltd as its UK GDPR representative in the UK. You can contact EDPO UK regarding matters pertaining to the UK GDPR:
We rely on several legal bases to process data:
If you have any questions about this privacy statement, the information that we collect from you, or the Services, please contact us at email@example.com or write to:
Data Protection Officer: John Genter
Lightspeed Systems Privacy Department
2500 Bee Cave Road, Suite 350
Austin, TX 78746
In the event that you are concerned about how data you have provided Lightspeed Systems through the Services has been used, please contact us at the address listed above. Lightspeed Systems takes all concerns about privacy and use of data very seriously and shall endeavor to reply to you within two business days to commence its investigation of your concerns.
For more information, see Protecting Privacy, Lightspeed Systems Overview.
We are a Student Data Privacy Consortium signatory.