Effective Date: November 1, 2021
Thank you for doing business with Mastery Coding, Inc. (“Mastery Coding™," "Company," "we," "our," or "us.").
We always seek to improve our Services to you, and that requires that we collect, store, share, and use information about you and your usage and usage preferences. As we do so, we are absolutely committed to protecting your privacy and the security of your personal information.
The term “Data” does not apply to de-identified, anonymized, and aggregated data that may be derived from Data, that cannot be reasonably connected with any individual, (“De-identified Data”). We hold all rights in and may use De-identified Data for our own purposes in any manner and without attribution or compensation to any person.
Many jurisdictions require that we disclose to you the lawful basis for our processing of your Data. We do that in the “Information We Collect and How We Use It” section and otherwise throughout this PrivacyPolicy. In general, our lawful basis for processing your Data is based on your specific consent or your contract with us.
When you enter into an agreement with us, either by accessing the Services, by executing an agreement in hard copy or by clicking “I Accept” or similar language online, we will process your Data for the purposes of fulfilling the terms of our contract with you. In that case, our processing of your Data is based on the contract, so your withdrawal of consent will only be effective after the purposes for processing that Data have been fulfilled and after we no longer have a legal obligation to keep that Data.
In all cases, we will comply with applicable law and we will cease processing your Data after the legal obligation or other necessity passes.
The Services are directed solely to persons 18 years of age or older or of children under 18 who are supervised by a parent, guardian, or other caregiver. Other than for Data collected for the specific purpose of providing the Services to users, we do not knowingly collect Data from users who are under 13. If we become aware that we have gathered Data from a person under 13, except to provide the Services to such person, then we will attempt to delete such Data as soon as possible, subject to our obligations under applicable law. If you believe that we have gathered Data from a person under13 in contravention of this policy, please contact us email@example.com.
1. Data Description: Registration Data consists of the name, email address, student ID number, and other contact information you provide us using the Services, both when you register your account and thereafter. Registration Data also includes your username, client type, and membership end date, if any.
2. Lawful Basis for Processing: Our lawful basis for processing Registration Data is our contract with you. We can only provide certain of the Services to you if we have the Registration Data, so we need to store and access that Registration Data during the term of our contract. Even when the Registration Data is not critically necessary to the provision of the Services, we may still process that Registration Data to facilitate our contractual interactions with you.
3. How We Use It and Who We Share It With: Registration Data is accessible generally only to us and to you. In limited circumstances, we may share your Registration Data with our service providers, which parties help us provide the Services and are under obligations to protect the confidentiality of your Registration Data. We use it only to provide the Services to you. At times, we will share the Registration Data with third parties at your request or to fulfill requests that you make of us. We may use your Registration Data to offer goods or services to you, but only on an opt-in basis after getting your specific consent.
4. Research: We periodically engage with third-party research institutions, such as universities, to study the efficacy of our programs. In those cases, we will share Registration Data with such institutions, but when we do so, it will be for the sole purpose of conducting that research, and we will always have an agreement in place with the institution that requires them to protect the confidentiality of the Registration Data we provide them.
1. Data Description: Engagement Data consists of all the information you input or record using the Services, other than the Registration Data and any Usage Data.
2. Lawful Basis for Processing: Our lawful basis for processing Engagement Data is (1)our contract with you, (2) our obligation to provide you with the Services, and(3) our legitimate interest in improving our Services based on the Engagement Data we receive from you.
3. How We Use It and Who We Share It With: Your Engagement Data is accessible generally only to us, to you, and where it relates directly to a party who either provides services to you or receives services from you, to that party, in which case that party will be obligated to protect the confidentiality of your Engagement Data. In limited circumstances, we may share your Engagement Data with our service providers, which parties help us provide the Services and are under obligations to protect the confidentiality of your Engagement Data. We may use Engagement Data as provided in the Acceptable Use Policy. Both during the term of our agreement with you and thereafter, we may also convert Engagement Data to De-Identified Data for our use in our sole discretion. To the extent we are required to delete any Engagement Data about you, we may still retain De-Identified Data that may have originated as your Engagement Data.
4. Research: We periodically engage with third-party research institutions, such as universities, to study the efficacy of our programs. In those cases, we will share Engagement Data with such institutions, but when we do so, it will be for the sole purpose of conducting that research, and we will always have an agreement in place with the institution that requires them to protect the confidentiality of the Engagement Data we provide them.
1. Data Description: Usage Data consists of the following and similar information:
2. Lawful Basis for Processing: Our lawful basis for processing Usage Data is (1) our contract with you, (2) our obligation to provide you with the Services, and (3)our legitimate interest in improving our Services based on the Usage Data we receive from you.
3. How We Use It and Who We Share It With: Usage Data is accessible to us, to you and to limited third parties that we use to provide and improve the Services. If we share your Usage Data with a third party, that party will be obligated to protect the confidentiality of your Usage Data. We may use Usage Data to make improvements to the Services. We may also convert Usage Data to De-Identified Data that belongs solely to us. To the extent we are required to delete any Usage Data about you, we may still retain De-Identified Data that may have originated as your Usage Data.
4. Research: We periodically engage with third-party research institutions, such as universities, to study the efficacy of our programs. In those cases, we will share Usage Data with such institutions, but when we do so, it will be for the sole purpose of conducting that research, and we will always have an agreement in place with the institution that requires them to protect the confidentiality of the Usage Data we provide them.
1. Data Description: Payment Data is only collected when your use of the Services is subject to the payment of a fee or other charge. Payment Data is the information necessary for us to process your payments for the Services. Payment Data will vary depending on the payment method you use but will likely include information such as:
2. Lawful Basis for Processing: Our lawful basis for processing Payment Data is (1)our contract with you and (2) our legitimate interest in improving our Services based on the Payment Data we receive from you.
3. How We Use It and Who We Share It With: We only use Payment Data to facilitate payment, and we only communicate it to those parties who are strictly necessary for that purpose.
We often use the services of third parties to help us recruit new employees and independent contractors and to manage our interactions with current employees and independent contractors. We do our best to contractually ensure that these third-party service providers comply with the policies we have adopted. However, we can’t guarantee their compliance in every case.
Our lawful basis for processing Data about potential and current employees and independent contractors is our contract with them and our legitimate interest in processing that Data, both to facilitate the formation of a formal relationship and to manage that relationship once it is formed. We only use employment Data for the direct purpose of the employment or independent contractor relationship, and we cease using it as soon as that relationship ends. However, we may keep and process that Data after the relationship ends when we are required to do so by applicable law or to preserve legal claims that may arise.
Users of our website who do not engage us to provide the Services are subject to the Terms of Service posted at https://masterycoding.com/terms . Although you may not be required to affirmatively click “I Accept” on those terms, your use of our website will be governed by those terms.
Teachers and administrators may use the Services to provide training and assistance to students. Those teachers and administrators and the school entities for whom they work are solely responsible for the use of the Data they receive while using the Services and the Data they upload to the Services. We are not responsible for any breach of these terms or of applicable law, including but not limited to, the Family Education Rights and Privacy Act (20 U.S.C. § 1232g; 34 CFR Part 99) ("FERPA"), by any teacher, administrator, or school entity.
SHARING YOUR INFORMATION
Except where a specific limitation is noted above, and in all cases to exclude data profiles obtained thru our learning platform, in particular teachers and students, we may share your Data as follows:
If we ever plan to use any Data in the future for any other purposes not identified above and we do not have a separate lawful basis for that processing, we will only do so after obtaining your specific consent.
Further, we do not sell your Data for any purpose.
The technologies we use for automatic Data collection may include the following:
Your web browser(s) may offer a "Do Not Track" option, which allows the individual to signal to operators of websites and web applications and services (including behavioral advertising services) that he or she does not wish such operators to track certain of his or her online activities over time and across different websites. Our Services do not support Do Not Track requests at this time, which means that we may collect information about your online activity both while you are using the Services and after your use of the Services.
Under applicable data protection, privacy, and other laws, you may have certain rights related to your access and control of your Data. Such rights may include the following:
We may use additional processes to verify your identity before we reveal or delete any of your Data, including two-factor or two-step authentication measures to ensure we can identify you.
Further, although we currently do not process Data without consent, if we at any time in the future process Data without your express consent, you may opt-out or withdraw consent at any time.
Please note that exercising any of the above rights may limit or eliminate our ability to provide you the Services. If so, we may terminate the Services due to such requests.
We will try to comply with your request(s) as soon as reasonably practicable and at the very least as required under applicable law. Upon receipt of your written request, we will provide you with a copy of your information, although in certain limited circumstances we may not be able to make all relevant information available to you, such as where that information also pertains to another user. In such circumstances we will provide reasons for the denial to you upon request.
Please also note that if you do opt-out of receiving marketing-related emails from us, we may still send you messages for administrative or other purposes directly relating to your use of the Services, and you cannot opt-out from receiving those messages while continuing to use the Services.
Further, you may opt-out or disable certain functions on your particular device, preventing us from collecting Data. For example, you may disable geolocation or GPS functionality on your mobile device or disable push notifications. If you disable such features, your ability to use and access the Services may be limited.
To exercise any of these rights, or if you have any questions about our processing of your Data, please contact us at firstname.lastname@example.org or at our toll-free number.
We are based in the United States. By accessing or using the Services or otherwise providing information to us, you understand that your information will be subject to processing, transfer, and storage in and to the United States.
Due to the nature of our Services, we typically act as a "Controller" as defined under the GDPR. If you believe that this role should be defined differently, please contact us at email@example.com.
Pursuant to the GDPR, residents of the EU (and the EEA, as applicable) have the right to obtain our confirmation of whether we maintain personal information relating to them in the United States. If you are a resident of Europe, upon request from you, we will provide you with access to the Data that we hold about you. Please contact us if you have any questions.
Further, if you are a resident of the United Kingdom ("UK"), to the extent the GDPR as incorporated into UK law pursuant to s.3 of the European Union (Withdrawal Act) 2018 (as amended, the "UK GDPR") is different than the GDPR, we will follow all supplemental requirements under the UK GDPR and you have all rights as a UK citizen under the UK GDPR.
California adopted the California Consumer Privacy Act (“CCPA”), which took effect at the beginning of 2020 and has now adopted the California Privacy Rights Act ("CPRA"), portions of which take effect January 1, 2022. We comply with the requirements of the CCPA and CPRA to the extent they apply to us.
If you are a California resident, you may request to exercise your rights for any Data we have processed in the 12 months prior to your request. Such request covers any categories, sources, purposes, and, if applicable, third parties to whom we share the Data. Further, you can exercise any of your rights free of discrimination, for example, we cannot increase the price of the Services or decrease the quality of the Services because you exercise your rights.
Due to the nature of our Services, we typically act as a "business" as defined under the CCPA and CPRA. If you believe that this role should be defined differently, please contact us at legal@masterycoding.
For more information, please direct your questions to us at firstname.lastname@example.org.
The security of your Data is important to us. We use commercially reasonable efforts to store and maintain your Data in a secure environment. We take technical, contractual, administrative, and physical security steps designed to protect Data that you provide to us. We have implemented procedures designed to limit the dissemination of your Data to only such designated staff as are reasonably necessary to carry out the stated purposes we have communicated to you.
You can help by keeping us informed of any changes such as a change of your personal contact information. If you would like to access your information, if you have any questions, comments or suggestions of if you find any errors in our information about you, please contact us email@example.com. If you have a complaint concerning our compliance with applicable privacy laws, we will investigate your complaint and if it is justified, we will take appropriate measures.