FERPA AND COPPA COMPLIANCE
Our Services are compliant with Family Educational Rights and Privacy Act (FERPA) and Children’s Online Privacy Protection Rule (COPPA). We don’t collect student data and our Services don’t hold any student education records.
Our Services comply with the European Union General Data Protection Regulation ("GDPR"). We aim to ensure:
- Transparency regarding the use of data
- That any processing is lawful, fair, transparent and necessary for a specific purpose
- That data is accurate, kept up to date, and removed when no longer necessary
- That data is kept safely and securely
WHO DO WE COLLECT DATA FROM?
How we collect data, what data we collect, and how we use the data, may differ based on how you interact with us. The most common ways to interact with us is by:
- Signing up for an account and registering as a “User” on our Services. This is typically done by teachers and educators. Students do not create accounts to access the content. When a student accesses a resource assigned by their teacher, they do so anonymously.
- Being an “Administrator”, who creates an account where they can get an overview of connected Strawbees Classroom accounts. This is typically done by education professionals.
- Purchasing a product from our webshop, becoming a “Customer”.
- Being a “Visitor” on our Services, attending webinars, sending us emails, participating in contests, surveys or in any other way interacting with us, or using parts of our Services without registering as a User or becoming a Customer.
WHAT DATA DO WE COLLECT?
The Personal data we collect depends on who you are and how you interact with our Services.
- Account Information: When you register as a User or Administrator on our Services, we collect data you submit on the forms on our websites. This includes but is not limited to name, email address, country, school name, and what Strawbees products you have access to.
- Contact Information: When you make a purchase from our webshop and become a Customer, we collect your name, email address, shipping address, and billing information.
- Usage Information: When you use our Services, we collect information on how you use them (dates, times, and details of your browsing activities (such as what portions of the Services you use)), as well as technical data regarding the performance of the Services (such as page response times, download errors).
- Log Data: When you use our Services, we receive log data such as IP address, browser type, operating system, device information, and mobile carrier. In addition, we may collect additional information such as the referring web page, referring search terms, and pages visited.
- Information from your Google Account or other Third-Party Sign-in Service: Our Services allow Users to sign up for and log in to our Services using Google, Apple, Microsoft, or Clever. When you create an account using one of these Third-Party Services, we use the name, profile picture, and email address (if available) provided by these services.
- Additional Information: Means other information, when and to the extent submitted to our Services, or if you, for example, participate in a webinar, contest, request support, leave reviews, or otherwise communicate with Strawbees.
HOW DO WE USE THIS DATA?
We may use your Personal data for the purposes and on the legal bases described below:
- Provide our Services. We use your Personal Data to provide our Services to you, such as verifying your identity, allowing access to the Services, and providing customer support. This is done to perform our contractual relationship with you and/or to comply with a legal obligation.
- Improve and support the Service. We might use your Personal Data to research, understand, and analyze trends of usage to improve and develop new features for our Services. This is in reliance on our legitimate interests in developing and improving the Service.
- Prevention of issues and abuse of the Services. Your Personal data might be used to investigate, prevent, and detect activities on our Service that we believe may violate the law, our Terms of Service, or applicable regulations. At the request of a school, we may investigate accounts to determine whether they comply with school policies. This is done to perform our contractual relationship with you and/or to comply with a legal obligation.
- Perform payments and purchases. Your Personal data might be used for payments and purchases that you do in order to use the Services. We process the data in order to perform our contractual obligations with you. Credit card transactions are securely handled by third parties who collect billing information from you in order to perform transactions.
- Comply with legal obligations. Your Personal data can be used to comply with laws, governmental regulations, or other appropriate legal mechanisms.
- Marketing. Your Personal data can be used to send you marketing communication or other product related information. This is done in accordance with your marketing preferences. Opt-out from marketing communication is always possible, either directly in the marketing email or by contacting us at email@example.com.
DO WE ALLOW ADVERTISING WITHIN OUR SERVICES OR SHARE PERSONAL DATA FOR ADVERTISING?
No. We don’t display ads, allow third-party ads, share data for advertising or marketing purposes on our platforms. Neither do we allow data collection by third-party advertisers or data brokers, or share Personal Data with third parties for marketing purposes.
IN WHAT CIRCUMSTANCES DO WE SHARE PERSONAL DATA WITH THIRD PARTIES?
We only share your personal data with third parties in the limited circumstances detailed below:
- For analyzing data to improve our Services. We may use third party services (such as but not limited to Plausible Analytics) to help with analyzing data to improve our services. We may run beta tests of new features of our platform that require the collection of personally identifiable data. These tests will always be agreed upon with users ahead of time, and only those who give consent have their data collected. For these tests, we use third-party services (such as but not limited to Hotjar).
- To comply with applicable laws or regulations, if we are subject to a business transaction or in case of bankruptcy.
HOW LONG DO WE STORE YOUR PERSONAL DATA?
We store your Personal data no longer than necessary for fulfilling the purposes for which the Personal data was collected. Abandoned accounts and all content associated will be deleted automatically if the account has not been accessed for more than 7 years.
YOUR DATA PROTECTION RIGHTS
You have the right to access, correct, port, or delete any of your Personal data collected by us. You can update the information associated with your Strawbees Classroom account directly by logging in to your account at classroom.strawbees.com. You can also contact us directly at firstname.lastname@example.org, if you wish to exercise any of your rights.
HOW DO YOU DELETE YOUR ACCOUNT?
If you wish to delete your Strawbees Classroom account, you can do so by logging in to your Strawbees Classroom account and clicking on "Delete account" on the Account Settings tab. You can also contact us directly at email@example.com.
HOW DO WE KEEP YOUR PERSONAL DATA SAFE?
We take protecting your security and privacy very seriously and have several measures in place to protect the integrity of your Personal data, including the use of access-controlled data centers, restricted employee access to user information, and data encryption in transit.
In the unlikely event of a security breach, we will notify affected account holders within the amount of time required by law.
You can also reach us by mail at our headquarter:
Strawbees AB, Stenkolsgatan 1B, 417 07 Gothenburg, SWEDEN