COPPA Privacy Policy

Last modified: December 15, 2015

EverFi, Inc. (“EverFi”) values the privacy of children and of all of its users. This COPPA Privacy Policy (“COPPA Policy”) is designed to comply with the Children’s Online Privacy Protection Act (“COPPA”) and contains important information about how we collect, use, and disclose the personal information we collect from children under thirteen years old who take courses provided through our website, http://www.everfi.com/ (the “Site”) and the services, such as courses, provided on our Site (the “Services”).

EverFi develops and makes available educational online courses (hosted on its own platform). EverFi may partner with foundations, non-profits, or for-profit entities to make these courses available to schools and other educational organizations. In the course of providing these Services, EverFi may come into contact with information, including personal information, from the course taker.

Some, but not all, courses are directed towards children under 13. This COPPA Privacy Policy applies to the information we collect from children under 13 through EverFi courses directed towards children.

EverFi will handle children’s personal information as described in this COPPA Policy. Any personal information we collect about other users (e.g., teens and adults) will be treated in accordance with the EverFi Privacy Policy (“Privacy Policy”). The use of our Site and any dispute over privacy, is subject to this COPPA Policy, the Privacy Policy, and our Terms of Service, including its applicable limitations on damages and the resolution of disputes. Our Terms of Service and Privacy Policy are incorporated by reference into this COPPA Policy.

Who Will Collect Information About Children?

EverFi operates the Site and Services and will collect children’s personal information as described in this COPPA Policy and our Privacy Policy. We can be contacted at:

3299 K Street NW

Suite 400

Washington, DC 20007

202-625-0011

privacy@everfi.com

Even if EverFi digital learning courses are offered in conjunction with an outside partner, the partner will not receive any individual personal information from users of the Site, including children. EverFi may provide partners with aggregate or de-identified information about users.

What Information Do We Collect About Children and Why?

As described in further detail below, we collect some personal information from children so that we can track their progress through our courses.

How Information is Collected? We may collect information about children directly from children, as well as

automatically through a child’s use of our Site and Services. We will not require a child to disclose more information than is reasonably necessary to use our Services. We do provide parents with a copy of a notice of our privacy practices as posted on the learning platform.

Information We Collect Directly.

From children under 13, we utilize the date of birth to verify the child’s age but do not store the age. We only store whether or not they are under 13. If a child is under 13, we collect the child’s first name, and last initial. We do not ask children for their full last name. Children must create their own usernames, but are not required to provide an email. We only use user name and email address (if provided) to track a child’s progress in our courses or to reset passwords; we will not contact a child using his or her email address or username. We may also collect additional demographic information (such as race and gender) from children; however, we do not associate this with the child’s name or other personal information and we use it only to compile aggregate and de-identified information about participants in our courses. Parents may ask us to stop collecting personal information from their child by emailing us at privacy@everfi.com, however, in such cases the child will not be able to take or complete our courses. If a parent directs us to stop collecting and using a child’s personal information, we must disable his or her use of our courses to ensure that no information is collected.

Information We Collect Automatically.

We may automatically collect the following information about a child’s use of our Site through cookies and other technologies: domain name; browser type and operating system; web pages viewed; links clicked; the length of time spent on our Site; the length of time our courses were taken; Google Analytics statistics; the referring URL, or the webpage that led the child to our Site; language information; device name and model; operating system type, name, and version; and activities within our Site. We may also collect IP address, device identifier or a similar unique identifier from users of our Site, including children; we only use such identifiers to support the internal operations of our Site and we do not use such identifiers to collect information about the child outside of our Site.

Other Information We Collect About Children.

We collect information about children’s performance and activities on our Site, including completion of courses. This information is for internal use only and will not be disclosed to other entities; however, we do not use this information in personally identifiable form for our own commercial purposes. Before we analyze or use any activity data for our own commercial purposes, we de-identify and/or aggregate such information.

How We Use Children’s Information
We use personal information collected from children for the following purposes:

        • To provide our Services; and
        • To respond to customer service and technical support issues and requests.

We de-identify and/or aggregate the information we collect from children under 13 before we use it for any other purposes, as noted below.

Unique Identifiers. We only collect and use unique identifiers, such as IP addresses, as necessary to operate our Site or Services, including to maintain or analyze their functioning; perform network communications; authenticate users or personalize content; and protect the security or integrity of users and our Site and Services. We never use unique identifiers to track users across third-party apps or websites.

Aggregate or De-identified Information. We may use aggregate or de-identified information about children for research, analysis, and similar purposes. When we do so, we strip out names, e-mail, contact information, and other personal identifiers. We may use aggregate or de-identified information for the following purposes:

        • To better understand how users access and use our Site and Services;
        • To improve our Site and Services and respond to user desires and preferences; and
        • To conduct research or analysis, including research and analysis by third parties.

How We Share Children’s Information
We do not sell children’s personal information, and a child may not make his or her personal information public through our services. In general, we may disclose the personal information that we collect about children to provide our Services, to comply with the law, and to protect EverFi and other users of our Services. For example, we may share children’s personal information as follows:

        • Service Providers. We may disclose the information we collect from children to third-party vendors, service providers, contractors, or agents who perform functions on our behalf.
        • Business Transfers. If we are acquired by or merged with another company, if substantially all of our assets are transferred to another company, or as part of a bankruptcy proceeding, we may transfer the personal information we have collected from our users to the other company.
        • In Response to Legal Process. We also may disclose the personal information we collect in order to comply with the law, a judicial proceeding, court order, subpoena, or other legal process.
        • To Protect Us and Others. We also may disclose the personal information we collect where we believe it is necessary to investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the safety of any person, violations of our Terms of Service, Privacy Policy, or this COPPA Policy, or as evidence in litigation in which EverFi is involved.
        • With Parents. Parents may request information about the information we have collected from their child by contacting us at privacy@everfi.com
      • Aggregate and De-Identified Information. We may also use and share aggregate or de-identified information about users with third parties for marketing, research, or similar purposes.

Your Rights to Review, Delete, and Control Our Use of Children’s Personal Information
Parents have a right to review the information we have collected about their children and students, respectively, and to delete it, and to tell us to stop using it. To exercise these rights, you may contact us at privacy@everfi.com. You will be required to authenticate yourself as the child’s parent to receive information about that child. Please note that copies of information may remain in cached or archived form on our systems after you request us to delete it.

Changes to This COPPA Policy
This COPPA Policy is current as of the Effective Date set forth above. We may change this COPPA Policy from time to time, so please be sure to check back periodically. We will post any changes to this COPPA Policy on our Site, at www.everfi.com. If we make any changes to this COPPA Policy that materially affect our practices with regard to the personal information we have previously collected from a child, we will endeavor to provide you with notice in advance of such change by highlighting the change on our Site