Lightspeed Systems’ Commitment to Your Privacy
Lightspeed Systems provides a variety of services (“Services”) to securely manage technology users, internet-enabled devices, and internet access. We understand the importance of privacy to our online visitors, to schools who register for our Services, (“Schools”) and to students and staff (“End User”) whose information we may access on behalf of a School.
As you are navigating between school and related sites, please be aware that other parties’ privacy policies may come into play. If you are using any of the Services through a customer of Lightspeed Systems this policy does not supersede the terms of any agreements between Lightspeed Systems and any other party, nor does it affect the terms of any agreement between any End User of the Services and their employer, their educational institution, or any third party. Please make sure that you read the terms of any privacy policies that you enter into with parties other than Lightspeed Systems including your employer or educational institution, as those policies may also explain how your personal information is used by those parties. If you are accessing Lightspeed Systems through a third-party, public, or unsecured internet provider, please be advised that any information you disclose or publish during the course of such access may be collected by any such provider and that Lightspeed Systems has no control and makes no representation as to the possible use of this information by any such provider.
Please note that each School controls its instance of the Services and any associated data processed within that instance (“School Data”). If you have any questions about a School’s privacy practices, please contact the applicable School. For more information about who is the controller of data and under what circumstances, refer to the “Your Rights Regarding Your Data” section below.
We collect the following types of information:
Information about School Personnel: Schools decide which data is integrated with our Services. When a School administrator registers a School with Lightspeed Systems or corresponds with us online, we ask for certain information including a contact name, school name, school district, school email address, school physical address and/or account name, phone number, job title, message content, and information relating to the School’s information systems. We may also retain information provided by a School if the School sends us a message, posts content to our website or through our Services, or responds to emails or surveys. Once a School begins using Services provided by Lightspeed Systems, we will keep records of activities related to the Services. We use this information to operate, maintain, and provide the features and functionality of the Services, including customer service, support, and billing; to analyze our offerings and functionality; to communicate with our Schools and website visitors; to exchange information, and to offer related services such as user group membership and event registration.
Student Data: Lightspeed Systems may have access to personally identifiable information about students (“Student Data”) in the course of providing Services to a School, including student name, email address, device information/identifiers and usage data We recognize Student Data is confidential and do not use such data for any purpose other than to provide the Services on the School’s behalf. Lightspeed Systems receives Student Data only from the School and never interacts with the Student directly. The School confirms that it has obtained appropriate parental consent, as needed before the student is permitted to access the Services. Lightspeed Systems has access to Student Data only as requested by the School and only for the purposes of performing Services on the School’s behalf.
We may also generate a login ID for the child that is different than the child’s actual name or under the School’s direction, collect login/authentication data via a student information system identification number or other system designated by Customer.
Parent Data: When a parent uses the Services, including the parent portal, Lightspeed Systems may collect their full name and email address. We use this information to operate, maintain, and provide the features and functionality of the Services, including customer service and support; to analyze our offerings and functionality; and to communicate with parents.
Parents should consult the school’s acceptable/responsible use, social media, personnel, and instructional policies for more information about the school’s policies and practices for protecting children on the internet. Teachers are reminded to also be aware of their obligations under the ethical standards for educators in their state and to be conscious of their role as a model for students while interacting with students using Services provided by Lightspeed Systems.
See “Student Safety” below for further explanation of our commitment to online student safety.
Non-Personally Identifiable Information: We may collect certain non-personally identifiable information from visitors to our sites and users of our Services, such as the date and time of their visit, the type of browser used (e.g., Chrome, Firefox, Internet Explorer), the type of operating system used (e.g., Windows 7 or Mac OS), the internet service provider from which the visitor receives internet access, and aggregate information regarding what pages users of the site access or visit. We may collect data for Schools to monitor and generate reports of their users’ online search queries, websites visited or blocked from visiting recorded web activity, and device geolocation for purpose of asset recovery. In addition, we may monitor Schools’ onboarding tasks completed, search queries on our sites, number of users’ sessions on our websites, city and state/province where last accessing our Services, responses to our survey questions, and content provided on managed devices via customizable fields.
We may also match non-personally identifiable information from registered members with personally identifiable information (such as the member’s name, title) in our database to track deployment progress, troubleshoot Services issues, analyze usage, and otherwise monitor Services to make improvements.
Other Data: We obtain contact and business information used to communicate with you about the Services from conferences, events and webinars, sales partners, and public records.
Clear GIFs, pixel tags, and other technologies: Clear GIFs (also known as web beacons, web bugs or pixel tags) are tiny graphics with a unique identifier, similar in function to cookies. In contrast to cookies, which are stored on your computer’s hard drive, clear GIFs are embedded invisibly on web pages. We may use clear GIFs, in connection with Services provided by Lightspeed Systems to, among other things, track the activities of visitors, help us manage content, and compile statistics about site usage. We and our third-party service providers also use clear GIFs in HTML emails to our customers to help us track e-mail response rates, identify when our e-mails are viewed, and track whether our e-mails are forwarded.
We use or may use the data collected through cookies, log files, device identifiers, and clear GIFs to (a) remember information so in subsequent visits a user will not have to re-enter it; (b) provide custom, personalized content, and information; (c) monitor the effectiveness of our Services; (d) monitor aggregate metrics such as total number of visitors, traffic, and usage on our website and our Services; (e) diagnose or fix technology problems; and (f) help users efficiently access information after signing in.
Do-Not-Track: Currently, our systems do not recognize browser “do-not-track” requests. You may, however, disable certain tracking as discussed in this section (e.g., by disabling cookies).
Data Controller: By providing Lightspeed Systems information via our website, tradeshow, Lightspeed Systems event, Partner event, e-mail, phone, chat or support case, you authorize Lightspeed Systems to serve as the Data Controller.
Data Processor: By licensing to use Lightspeed Systems services, you authorize Lightspeed Systems to serve as the Data Processor for the licensed services.
Please review our Cookie Notice for additional details on how we handle cookies on our websites.
COPPA and Children Under 13
Lightspeed Systems complies with the Children’s Online Privacy Protection Act (COPPA, see FTC complying with COPPA FAQs). Students are not allowed to sign up for any Lightspeed Systems solutions. Student accounts are provided only through a verified educator, school, or educational organization. Schools agree to obtain and maintain all necessary rights and consents, including consents required by COPPA, either from an End User or, where necessary, the End User’s parent or legal guardian, to allow Lightspeed to provide and improve the Lightspeed Systems’ solutions and collect and receive user data in order to provide the Services. Please read Lightspeed’s COPPA Notice here.
We meet the following guidelines listed below and agree to:
Student Privacy Pledge & Student Data Privacy Consortium
For Data That We Collect Via Our Products
Adult End Users of Services provided by Lightspeed Systems should contact their educational institution or other organization providing the Services about their right to access their data collected and used by Lightspeed Systems and requests to be forgotten, electronic copies of data, requests for data deletion, data depersonalization and/or data not available through your account login. Schools may access and update account information and modify Services by signing into an administrator account. Adult End Users may be able to access and change their information collected during account creation by choosing the “edit account information” option or other similar functionality offered in the Services. To access or change your personal information, log into your account through the Services.. End Users and visitors may opt out of receiving future promotional electronic communications from Lightspeed Systems by following the unsubscribe procedures indicated in the mailing
Student Data: Student End Users of Services provided by Lightspeed Systems and their parents should contact their educational institution or other organization providing the Services about access to the personal information collected by that institution including requests to be forgotten, requests for data, requests for data deletion, and/or data depersonalization.
Deleting or Disabling Cookies: Most web browsers automatically accept cookies, but if you prefer, you can edit your browser options to block them in the future. The Help portion of the toolbar on most browsers will tell you how to prevent your computer from accepting new cookies, how to have the browser notify you when you receive a new cookie, or how to disable cookies altogether. End Users of Services provided by Lightspeed Systems who disable cookies will be able to browse certain areas of our sites, but some features may not function.
Data Portability: License holders of Lightspeed Systems products may request in writing that the data they provided be returned to them in electronic format. Within a reasonable time Lightspeed Systems will return the data provided by the license holder for the products they have licensed.
Individuals who provided information via our websites, Tradeshow, Lightspeed Systems event, Partner event, e-mail or phone call may request in writing that the data they provided be returned to them in electronic format. Within a reasonable time Lightspeed Systems will return the data provided.
For Data That We Collect From Visitors Of Our Websites
Account Information and Settings: Adult End Users and visitors of the Lightspeed Systems websites have a right to access the data collected and used by Lightspeed Systems To make requests to access or change account information, be forgotten, electronic copies of data, data deletion, and/or data depersonalization, please contact us via the contact information below. End Users and visitors may opt out of receiving future promotional electronic mailings from Lightspeed Systems by following the unsubscribe procedures indicated in the mailing.
Children’s Data: Lightspeed Systems does not knowingly solicit or attempt to collect information from children via its websites. We ask that anyone under the age of 13 not use our websites or submit information to us. Please contact us via the contact information below if you have any questions, concerns, need to access, change, or delete the Personal Information that has been submitted by a child.
Please contact us at the address below if you have any other questions or concerns about the information you receive from us or the information that we collect from you.
Privacy Information for California Residents – CCPA & CPRA California Consumer Privacy Act (CCPA)
California law requires us to provide some additional information regarding your rights with respect to your “personal information” (as defined in the California Consumer Privacy Act (CCPA)).
In many cases, if you are a California resident, the CCPA allows you to make certain requests about your personal information. Specifically, unless certain exceptions apply, the CCPA allows you to request us to:
You also have certain rights under the CCPA not to be subject to certain negative consequences for exercising CCPA rights.
We reserve the right to verify your identity before responding to a request, which may include, at a minimum, depending on the sensitivity of the information you are requesting and the type of request you are making, verifying your name, email address, phone number, or other information. You are also permitted to designate an authorized agent to submit certain requests on your behalf. In order for an authorized agent to be verified, you must provide the authorized agent with signed, written permission to make such requests or a power of attorney. We may also follow up with you to verify your identity before processing the authorized agent’s request.
Please note that certain information may be exempt from such requests under California law. For example, we need certain information in order to provide the Services to you or to comply with legal obligations, so we would need to either reject your request to delete the information or, if we are legally permitted to delete it, we would need to terminate our provision of the Services to you after deleting it. If you would like further information regarding your legal rights under California law or would like to exercise any of them, please contact us at [email protected] or write to us using the contact details provided in the “How to Contact Lightspeed Systems” section below.
California Privacy Act (CPRA)
The California Privacy Rights Act (CPRA) is a data privacy law that amends and expands upon the California Consumer Privacy Act (CCPA). The law takes effect on January 1, 2023, and includes additional privacy protections for consumers.
Expanded Rights under CPRA
Data Subject Access Request – How and when we are expected to handle your request
We will confirm receipt of your verifiable request within 10 days and provide information about how we will process your request.
We will respond to your request within 45 days of its receipt. Should we need more time, we will explain to you the reasons why, and how much more time we need. Should we deny your request, we will explain you the reasons behind our denial.
We do not charge a fee to process or respond to your verifiable request unless such request is manifestly unfounded or excessive. In such cases, we may charge a reasonable fee, or refuse to act on the request. In either case, we will communicate our choices and explain the reasons behind it.
With regard to School Data, consumers should direct requests to exercise applicable rights to the School on whose behalf we handle the data. If we receive a request from a consumer directly in relation to School Data, we will either alert you to redirect your request to the applicable School or refer that request to the appropriate School and await each School’s instructions on how to handle it.
Collection, Use, and Disclosure of Californians’ Personal Information
We share certain personal information as set forth in “Third Parties: How We May Share Your Information” section and in the chart below, and we allow third parties to collect certain information about your activity, for example through cookies, as explained in the “Your Data: How We Collect and Use Information” section.
California residents may opt out of the “sale” of their personal information. We do not “sell” California residents’ personal information under the CCPA, based on our current understanding of the definition of sell. We do share certain information as set forth in “Your Data: How We Collect and Use Information” section and in the chart below, and as also explained in that section, we allow third parties to collect certain information about your activity, for example through cookies.
|Category of personal information collected by Lightspeed||Categories of third parties to which the information was disclosed for a business purpose|
|Identifiers, such as real name, username, unique user ID, or other similar identifiers.|
|Contact and account registration information, such as telephone number, email address, job title, or other contact information.|
|Customer service information, such as questions and other messages you address to us and summaries or voice recordings of your interactions with customer care.|
|Business and commercial information, such as position, title, business address, business email address, phone, size, location, and needs of your School, records of products or services purchased or considered, or other purchasing or consuming histories.|
|Financial information, such as credit card or bank account information.|
|Device information and identifiers, such as IP address, browser type and language, operating system, platform type, device type, and software and hardware attribute.|
|Connection and usage data, such as landing pages, browsing activity, content or ads viewed and clicked, dates and times of access, pages viewed, time spent on each page, search terms, information about network web traffic (including traffic from a specific user), information about files you download, domain names, forms you complete or partially complete, uploads or downloads, whether you open an email and your interaction with email content, access times, error logs, and other similar information, and sensory and telemetry data.|
|Geolocation data, if enabled by the School, such as city, state, country, and ZIP code associated with your IP address or derived through Wi-Fi triangulation, and with your permission in accordance with your mobile device settings, and precise geolocation information from GPS-based functionality on your mobile devices. Please note that some location-based services may require your personal information for the feature to work as intended.|
|Other information, such as any other information you choose to directly provide to us in connection with your use of the Services.|
California “Shine the Light” Disclosure
The California “Shine the Light” law gives residents of California the right under certain circumstances to opt out of the sharing of certain categories of personal information (as defined in the Shine the Light law) with third parties for their direct marketing purposes. We do not share your personal information with third parties for their own direct marketing purposes within the meaning of that law.
Supplemental Notice for Nevada Residents
Supplemental Notice for Virginia Data Subjects
The Virginia Consumer Data Protection Act (“VCDPA”) provides additional rights to Virginia residents. This section addresses those rights and applies only to Virginia residents.
You have the following rights under the VCDPA:
To exercise any of these rights, please contact us as set out in the “How to Contact Lightspeed Systems” section below and specify which right you are seeking to exercise. We will respond to your request within 45 days.
Storage: All of your personal information is stored on servers at locations designed specifically to ensure that only authorized individuals have access to the server or its data. Lightspeed Systems maintains strict administrative, technical, and physical procedures to protect information stored on our servers. Access to information is limited through login credentials to those employees who require it to perform their job functions.
Processing: Industry-standard Transport Layer Security (TLS) encryption technology is used to safeguard the account registration process. Other security safeguards include but are not limited to data encryption, firewalls, two-factor authentication, and physical-access controls.
Data Safety: Users cannot interact with untrusted users via our platforms. No personal information is displayed publicly.
Practices: We have in place and maintain procedures and practices to ensure data security. These include a Data Governance Team, Security Policy, Privacy Inquiry Policy, Incident Response Plan, Privacy/Security by Design, Vendor Assessments, Security Assessments and regular specific Security Training.
Please be aware, that despite our efforts, no security measures are perfect or impenetrable. We have implemented best practices to protect both your and our data however we do not warrant or guarantee these measures are perfect.
If we learn of a security breach, we will notify you according to our Incident Response Plan or according to Data Processing/Sharing Agreements in place. Depending on where you live, you may have a legal right to receive a notice of a security breach in writing.
For more detailed information on our data security practices, please visit our Trust Center.
We retain data for as long as necessary to fulfill the purposes for which it was collected for. Following termination or deactivation of a School account, Lightspeed Systems may retain profile information and content for a commercially reasonable time for backup, archival, or audit purposes, but all Student Data associated with the School will be deleted in accordance with Lightspeed Systems Data Deletion policy, or in accordance with active DPA, DSA or SLA. We may maintain Aggregated/De-Identified Information, including usage data, for analytics purposes.
If you have any questions about data retention or deletion, please contact us via the contact information below.
On July 10, 2023, the European Commission’s adequacy decision for the EU-U.S. Data Privacy Framework (EU-U.S. DPF) entered into force. The EU-U.S. Data Privacy Framework (EU-U.S. DPF) and the UK Extension to the EU-U.S. Data Privacy Framework (UK Extension to the EU-U.S. DPF), were respectively developed in furtherance of transatlantic commerce by the U.S. Department of Commerce, the European Commission and the UK Government to provide U.S. organizations with reliable mechanisms for personal data transfers to the United States from the European Union/ European Economic Area and the United Kingdom, while ensuring data protection that is consistent with EU and UK laws.
Lightspeed Systems Privacy Department
12013 Fitzhugh Rd.,
Austin, TX 78736
In compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF, Lightspeed Systems commits to refer unresolved privacy complaints concerning our handling of personal data received in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF BBB National Programs Dispute Resolution Process, an alternative dispute resolution provider located in the United States, BBB helps idividual consumers resolve privacy complaints under the Data Privacy Framework Program and has committed to respond to complaints and to provide appropriate recourse at no cost to you. If you do not receive timely acknowledgement of your DPF Principles-related complaint from us, or if we have not addressed your DPF Principles-related complaint to your satisfaction please visit https://bbbprograms.org/programs/all-programs/dpf-consumers/ProcessForConsumers for more information and or to file a complaint.
Lightspeed Systems is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC).
Under certain conditions, an individual may be entitled to invoke binding arbitration when other dispute resolution procedures have been exhausted, provided that the individual has invoked binding arbitration by delivering notice to Lightspeed Systems, and following the procedures and subject to conditions set forth in Annex I of the DPF Principles.
Accountability for Onward Transfer
In the event Lightspeed Systems transfers personal data covered by this Policy to a third party acting as a controller, we will do so consistent with any notice provided to Data Subjects, any consent they have given, and only if the third party has given us contractual assurances that it will (i) process the Personal Data for limited and specified purposes consistent with any consent provided by the Data Subjects, (ii) provide at least the same level of protection as is required by the Data Privacy Framework Principles, and notify us if it makes a determination that it cannot do so; and (iii) cease processing of the Personal Data or take other reasonable and appropriate steps to remediate if it makes such a determination. If Lightspeed Systems has knowledge that a third party acting as a controller is processing Personal Data covered by this Policy in a way that is contrary to the Data Privacy Framework Principles, Lightspeed Systems will take reasonable steps to prevent or stop such processing.
Lightspeed Systems remains liable under the Data Privacy Framework Principles if an agent processes Personal Data covered by this Policy in a manner inconsistent with the Principles, except where Lightspeed Systems is not responsible for the event giving rise to the damage.
Residents in the European Union and the United Kingdom are entitled to certain rights with respect to personal information that we hold about them. Subject to any exemptions provided by the law, their rights are as follows:
EU & UK consumers may make a request pursuant to their rights under the GDPR by contacting us at [email protected]
General Data Protection Regulation (GDPR) – European Representative
Pursuant to Article 27 of the General Data Protection Regulation (GDPR), Lightspeed Systems has appointed European Data Protection Office (EDPO) as its GDPR Representative in the EU. You can contact EDPO regarding matters pertaining to the GDPR:
UK General Data Protection Regulation (GDPR) – UK Representative
Pursuant to Article 27 of the UK GDPR, Lightspeed Systems has appointed EDPO UK Ltd as its UK GDPR representative in the UK. You can contact EDPO UK regarding matters pertaining to the UK GDPR:
We rely on several legal bases to process data:
If you have any questions about this privacy statement, the information that we collect from you, or the Services, please contact us at [email protected] or write to:
Data Protection Officer: John Genter
Lightspeed Systems Privacy Department
12013 Fitzhugh Rd.
Austin, TX 78736, USA
In the event that you are concerned about how data you have provided Lightspeed Systems through the Services has been used, please contact us at the address listed above. Lightspeed Systems takes all concerns about privacy and use of data very seriously and shall endeavor to reply to you within two business days to commence its investigation of your concerns.
Reimagine the inspired and interactive classroom for remote, hybrid, and in-person learning. Lightspeed Classroom Management™ gives teachers real-time visibility and control of their students’ digital workspaces and online activity.
Ensure scalable & efficient learning device management. The Lightspeed Mobile Device Management™ system ensures safe and secure management of student learning resources with real-time visibility and reporting essential for effective distance learning.
Prevent suicides, cyberbullying, and schoolviolence. Lightspeed Alert™ supports district administrators and selected personnel with advanced AI to detect and report potential threats before it’s too late.
Protect students from harmful online content. Lightspeed Filter™ is the best-in-class solution that acts as a solid barrier to inappropriate or illicit online content to ensure students’ online safety 24/7.
Gain complete visibility into students’ online learning. Lightspeed Analytics™ gives districts robust data on the effectiveness of any tools they implement so they can take a strategic approach to their technology stack and streamline reporting.