July 8, 2022
DreamBox Learning® (DreamBox), the leading K-12 education technology provider, is radically transforming the way the world learns. As the only dual-discipline solution rated “Strong” by Johns Hopkins’ EvidenceforESSA.org in both mathematics and reading, DreamBox uniquely provides schools high-quality, adaptive learning solutions independently proven to accelerate student growth. We built DreamBox because we believe all students can excel at learning, no matter where they start, where they live, or who they are. We are dedicated to helping students realize their potential, working together with parents, guardians, teachers, principals, and district administrators. Critical to our vision is safeguarding the privacy of every person who uses DreamBox. You can learn more about our company values here.
In this policy, we’ve attempted to provide as much useful information as possible, from many different angles, to help you find whatever answers you might need about our approach to privacy. But, at the core, our approach to privacy is this:
DreamBox understands that your data is important, personal, and that it is yours. You shared your data with us so that we can provide you with the DreamBox service, but we don’t own the data: you do. We will not use the data you share to use our services for third-party marketing or other unrelated purposes. We won’t sell it to or share it with any company not directly involved in providing the DreamBox service or services you are using. We will always protect your data, using world-class security measures and practices implemented by vetted, fully-trained personnel. We will be transparent about exactly what data we have from you or about you, how we got that data, and how we use it. If you ask us to delete your data, we will remove you from the DreamBox services, destroy your personal data, and alert you when your removal is complete. We will not collect additional personal information directly from children, or market products to children using the data you provide. See also our statement about Student Privacy, directly below this note.
DreamBox Learning is deeply committed to setting a high bar for protecting students’ privacy and sensitive student information across all our learning products. We believe that students, educators, and learning guardians benefit when there is trust in learning. We believe that well-conceived privacy policies and rigorous enforcement of those policies are a core requirement for online learning. As evidence of our commitment to these principles, we’ve signed on to the nationwide Student Privacy Pledge 2020.
For students who use our system, we receive information from a school or school district, or a parent or learning guardian. When students use our system, they generate usage and performance data that capture how students interact with lessons. We use that statistical data to measure performance, adapt programs to each student’s learning needs, and provide progress reports to educators and learning guardians. We do not collect personal information from students at any time.
We do not market products to students, either within our services or elsewhere. When schools and learning guardians provide student data to use our services, we do not use that data for direct marketing, third-party marketing, or any other unrelated purposes. We will not sell it to or share it with any company not directly involved in providing DreamBox services.
DreamBox has your information for one of these reasons:
Individual Customer or customers that are individuals: individuals or families who directly purchased the DreamBox service for personal or family use.
Individual Parent: a parent or guardian of a student who directly signed their student up to use the DreamBox service. (In other words, their student was not signed up by a school or district.)
Parent: a parent or guardian of a student using the DreamBox service, regardless of how the student was signed up for DreamBox services.
School Customer: an educational institution that has purchased the DreamBox service and provisions accounts for individual student users.
School Parent: a parent or guardian of a student using the DreamBox service, who has been signed up by a school or district.
Student User: any individual using the DreamBox service, whether signed up by a parent or a school. Students may be any age, but DreamBox treats all students as though they are covered by legal protections for children aged 13 or younger.
Parent’s First and Last Name: You will need to provide a first and last name to access the parent dashboard to track your student’s progress. For Individual Customers, first and last name may also be required by our payment processor for initial processing of credit card payments.
Email Address: For customers who are parents and school administration officials, your email address will serve as your login username (For customers that are individuals or students, your name or other identifier set up at registration, or a picture identifier chosen after registration, will serve as your login username.) Your email address may be used to send a confirmation email at registration, as well as information and updates to the DreamBox Service. In some cases, we will also email your student’s personal reports to you, with further information about the progress your student is making. We may use the email address as an additional means of communicating with you about the Programs and DreamBox Learning, including notifying you of updates to websites or policies.
Phone Number: Your phone number will serve as an alternate way of contacting you for the same purposes as the email address. Providing a phone number is optional for Parents using the parent dashboard, though it may be required by our payment processor for initial processing of credit card payments. We do not collect phone numbers for students, and we will never call a student directly.
Student’s First and Last Name: Your student’s name will be used to customize your student’s participation in the Programs, and to personalize reports and updates about your student’s progress. Also, for Individual Customers, we may mail related material to you or your student using your name or his/her name, care of you, at the mailing address you provide.
Student’s Date of Birth: If provided, we will use a student’s age to group Performance Data (See “The Information We Collect from Children,” below) of children of similar age, to assess relative performance and improve the program. Such information will be aggregated with other customers in an anonymous manner and will not include any information that could be used to identify a specific student.
Student’s School Grade Level: We will use a student’s grade level to group Performance Data of children of similar grade, to assess relative performance and improve the program. Such information will be aggregated with other customers in an anonymous manner and will not include any information that could be used to identify a specific student.
Demographic data: We allow our school customers to supply demographic information to aid them in monitoring and advancing equity efforts, and to verify compliance with state, jurisdiction, and school district requirements. This type of information is not collected from consumer customers, nor is it required from any customer.
This demographic information is only used by school employees and DreamBox staff to support those equity efforts. It is never used by DreamBox for any other purpose. The types of demographic data that we currently support as optional inputs from our school customers include:
Parent’s Mailing Address: Your mailing address may be used to allow DreamBox Learning to mail you various Program materials and ancillary program products. At a minimum, you must provide a postal code to use the Programs. Providing a street address is optional, though a full address including postal code may be required by our payment processor for initial processing of credit card payments. We will never collect this information from a student. We will never knowingly contact a student directly.
Credit Card Information: For our customers that are individuals, we may ask for your credit card information to bill you for each student that you register for the Programs. Credit card processing may require:
This information is never handled directly by DreamBox or stored on any of our systems. All credit card information is processed and stored by our processing partner, Stripe.com. Their privacy policy can be found here: https://stripe.com/privacy .
Secondary Uses: DreamBox Learning WILL NOT sell, trade, or assign any personal information we collect to third parties outside of DreamBox Learning nor will we ever directly target any type of communication to a student unless specifically requested by you to do so. DreamBox will not use your personal information, or your student’s personal information, to target advertising at you, or to market products to you.
Participation History: Participation History (how often and how much a customer uses the service and its features) will be collected for customer support, product development, marketing, and other operational and business purposes, including improvements to the Programs; however, such information will not be disclosed to third parties or used for advertising to student users. To be clear: we will not use your student’s participation history to market or sell other products to parents.
Performance Data: DreamBox Learning collects information directly from your student, over the Internet, in the form of the interactions that your student makes when participating in the Programs. We refer to the resulting information as “Performance Data,” and it includes but is not limited to data on when your student starts and stops a lesson, the responses your student makes to questions asked, the timing of your student’s responses, your student’s choice of character and customizations, and the choice of lessons to play.
We will use Performance Data to:
DreamBox Learning does not collect personal information directly from students. DreamBox Learning will seek clear, informed authorization of a parent or guardian first if we ever need to collect information (other than Performance Data) directly from a student.
We may aggregate your student’s Performance Data with the Performance Data of other students participating in the Programs for marketing and other business-related purposes. Aggregate information will be ANONYMOUS and will not identify your student or be combined with other information that would allow individual students to be identified. It cannot be “de-anonymized” or otherwise connected back to individual students.
DreamBox Learning does not collect personal information directly from children under 13, or from any student. Personal information about children that we receive, process or store comes from one of two sources: parents who share information about their children, or schools and districts who share information about the students in their charge. If we ever need to collect personal information from children, we will do so only after receiving explicit permission from their parents or guardians.
Anonymized and aggregated information may be used for demographic profiling and advertising. In such cases, the information will always be aggregated and anonymous. Information used this way will never have a connection to any individual, or any personal identifier attached to it. It will not be possible to reverse the process and connect this aggregated information to individuals.
DreamBox takes great care to ensure we don’t misuse your data, or abuse the trust you placed in us when you shared that data. A significant part of our commitment to your privacy is the way we keep your data out of the wrong hands, either through accidental disclosure or the efforts of hostile actors. DreamBox Learning has multiple security measures in place to protect the information under our control against loss, misuse, or alteration.
DreamBox Learning complies with and enforces U.S. data protection laws across all aspects of our system. By signing up for or using the DreamBox Learning system, you agree:
DreamBox follows ISO 27001 and 27002 guidance for security structures, policies, and procedures.
If you use or access the DreamBox system, please note:
Information being sent to or retrieved from our service
DreamBox retains information provided by the Customer (“Customer Data”) only so long as we have a business-related need for it. We will destroy Customer-supplied data, as well as any other customer-identifying data, at any time upon request. However, our service is dependent upon the use of Customer-supplied Data, so destroying your data will mean you will no longer be able to use the DreamBox service. Derivative, anonymous data such as aggregate performance data will be retained.
Except as provided in this Privacy Policy, DreamBox Learning WILL NOT disclose the information that it obtains from you to third parties without your express written permission, or where we believe, in good faith, that the law requires us to disclose the information. If you request that DreamBox share information provided by or collected from you (or in the case of School Customers, student users) directly with a third party designated by you, you agree that you (and not DreamBox) will be solely responsible for the use, storage, and maintenance of such information by such third party.
DreamBox Learning WILL NOT sell, trade, or assign any unaggregated personal information that it collects to third parties. We, however, may aggregate the information that we collect from users of our website to create demographic profiles and performance profiles regarding the progress of students who use the Programs. DreamBox Learning may share aggregated information with researchers, other clients, marketing professionals or potential investors. This aggregated information will be compiled and reported in the form of ANONYMOUS group statistics only in such a manner that makes individual student users unidentifiable.
In addition, DreamBox Learning may share information about the students, parents, legal guardians, and school officials that register to participate in the Programs, along with such registrants’ Participation History, with contractual business partners of DreamBox Learning that are directly involved in the sale, distribution, operation, maintenance, and support of the Programs on behalf of DreamBox Learning. These partners function as an element of the DreamBox Programs, and do not have access to or use your information for any purpose other than providing the DreamBox Learning Programs.
If you request that DreamBox share any information provided by you (or in the case of School Customers, your student users) directly with a third party designated by you, then you agree that you (and not DreamBox) will be solely responsible for the use, storage, and maintenance of such information by such third party.
As DreamBox Learning continues to develop its business, it might sell some or all of its assets. In such transactions, customer information is generally one of the transferred business assets. An acquiring company would be required to protect all information that DreamBox Learning collects from users of our website and Programs in accordance with the terms of this Privacy Policy.
Currently, DreamBox does not disclose any information that it obtains from you to third parties. As noted above, we will share information with people and parties who already have the right to that information, who were the source of the information, or who you have requested and consented in writing that we share information with.
If this changes, we will update the list above with information about: (i) the third party, (ii) the types of information shared, (iii) the scope (which customers are affected), and (iv) the reasons for us sharing that information, including the third-parties use of that information.
To use the DreamBox Programs, you will be asked to submit certain personal information about you and your student, and to authorize DreamBox Learning to use that information in a limited number of ways. If you are signing up directly as a parent or legal guardian of a student that will use DreamBox, we will require you to review and submit a Parental Consent as part of the registration process, which will require you to consent to our collection and use of information directly from your student over the Internet as described above. If you are the parent of a student using DreamBox through a school or district, your school will authorize our use of your information on your behalf.
Because the DreamBox Learning Programs are individualized and customized for each student, all the information we request from you and your student is required for you and your student to participate in the Programs, except for certain information to be used for our communication purposes to you only. At any time, you may revoke your consent to allowing your student to participate in the DreamBox Learning Programs or refuse to allow DreamBox Learning to further use or collect your student’s personal information. Any Anonymous Performance Data will be retained, but we will not retain any identifiable information regarding you or your student that you have provided. However, if you do any of the above, you and your student will not be able to participate in the Programs.
You can review and modify your Registration Information at any time by accessing our dashboard website using your login and password. You can also request that DreamBox remove your information: see “How to Contact Us” below for information on how to place a request.
The core of our privacy policy is expressed in the “Privacy Statement” at the top of this page. The following items illustrate how this policy aligns with government regulations, industry standards and guidelines, technical standards, and third-party privacy pledges. We make frequent updates to this list. If you are looking for a standard that is not included here, please contact us with details.
The Children’s Internet Protection Act (CIPA) is a federal law enacted by Congress in December 2000 to address concerns about access to offensive content over the Internet on school and library computers. CIPA imposes requirements on any school or library that receives funding support for Internet access or internal connections from the “E-rate” program — a program that makes certain technology more affordable for eligible schools and libraries. Our Programs do not provide links to external resources or chat rooms and do not contain any offensive or inappropriate material.
For more information about CIPA, please go to https://www.fcc.gov/consumers/guides/childrens-internet-protection-act.
For our Individual Customers or parents or legal guardians of a student: Congress has enacted a law called the Children’s Online Privacy Protection Act of 1998 (COPPA), designed to protect children’s privacy during use of the Internet. DreamBox Learning has implemented practices consistent with the guidelines provided by the Federal Trade Commission to date. DreamBox Learning will never knowingly request, obtain, use, or disclose personally identifiable information or private content from anyone under the age of 13 without parental consent.
For our customers who are individuals, provided you are 18 years of age or older, you will be asked, at the time of registration, whether you consent to allowing users under the age of 13 to use your subscription and to be subject to this Privacy Policy. You must be the parent or legal guardian to grant such consent. If we receive this parental consent, we may receive personal information about children under the age of 13 listed on your subscription account in order to provide our Programs and services to them. DREAMBOX LEARNING DOES NOT SHARE CHILDREN’S PERSONALLY IDENTIFIABLE INFORMATION WITH THIRD PARTIES. If you are a parent or legal guardian of a user under 13 you may, at any time, revoke your consent to allow your student to use the Programs under your subscription, refuse to allow DreamBox Learning to further use or collect your student’s personal information, or direct DreamBox Learning to delete all identifiable information regarding your student that you have provided. To do so, please contact our Privacy Officer at the contact information below. However, if you do any of the foregoing, your student will not be able to use the Programs.
For administrative officials of our School Customers, to the extent that DreamBox Learning collects, uses, or discloses personal information from children under the age of 13, it is done in strict accordance with this Privacy Policy and for the sole purpose of providing services to the School Customer and Individual Customer.
For more information about COPPA, visit the FTC site at https://www.ftc.gov/enforcement/rules/rulemaking-regulatory-reform-proceedings/childrens-online-privacy-protection-rule .
To report a COPPA violation, you can visit https://www.ftccomplaintassistant.gov/#crnt&panel1-1 or call (877) FTC-HELP.
For our School Customers: The Family Educational Rights and Privacy Act (FERPA) is a Federal law that protects the privacy of student education records. The law applies to all schools that receive funds under an applicable program of the U.S. Department of Education.FERPA gives parents certain rights with respect to their children’s education records. These rights transfer to the student when he or she reaches the age of 18 or attends a school beyond the high school level. DreamBox Learning helps our School Customers be compliant with FERPA. Specifically:
For more information about FERPA, please go to the US Department of Education site at http://www.ed.gov/policy/gen/guid/fpco/ferpa/index.html.
To report a FERPA violation, please visit https://studentprivacy.ed.gov/file-a-complaint.
Originally enacted in 1996, Health Insurance Portability and Accountability Act introduced most of the security and privacy guidelines now in place for US healthcare, as well as establishing guidelines for the insurance industry, guaranteeing interoperability of healthcare systems, and various other key reforms. In the context of education, the elements of HIPAA most likely to come into play are from HIPAA Title II (Administrative Simplification), particularly around Privacy, Security and Enforcement.
While HIPAA does not directly cover DreamBox’s business or operations, as we are not a healthcare provider, insurance company, or healthcare information clearinghouse, some specific elements of HIPAA might be invoked in special circumstances. For instance, if a school or parent were to inadvertently share HIPAA-protected information with DreamBox, such as vaccination history or illness-related absence information, DreamBox would not be allowed to share that information, or utilize it for any purpose. Should HIPAA-protected information be inadvertently shared with us, DreamBox will notify the school or parent (as dictated by state law), and destroy the HIPPA-protected information.
In summary: DreamBox fully complies with HIPAA in all cases where it might apply, but HIPAA is not a direct guideline for DreamBox’s security or privacy practices, being superseded by FERPA, COPPA, and other education and privacy laws.
For more information on HIPAA please refer to the US Dept of Health and Human Services site at https://www.hhs.gov/hipaa/index.html.
The Protection of Pupil Rights Amendments, originally established in 1978 and updated by the No Child Left Behind Act in 2001, says parents must first consent before a school (or their agent) may collect personal information from minor students as part of a survey, study, or evaluation. Personal information is defined to include things that are considered PII, as well as attitudes and opinions about sex, embarrassing personal history, and critical appraisals of family members.
In all cases, DreamBox complies with this law. DreamBox does not collect personal information directly from students. If a student submits or provides personal information of their own initiative – such as through an email or phone message – DreamBox quarantines that information from online systems, notifies the school or parent (as dictated by state law), and then removes the information. For more information about PPRA, visit the US Department of Education site at https://www2.ed.gov/policy/gen/guid/fpco/ppra/parents.html.
In 2004, California enacted a law that places certain requirements on all businesses collecting personal information from residents of California. Notably, this law requires the conspicuous posting of a clear, detailed privacy policy. It requires that companies comply with the elements of their privacy policy. It further specifies that privacy policies must contain this information:
CalOPPA Privacy Policy Requirement | Found in these sections of our privacy policy |
A list of the categories of personally identifiable information an operator collects |
|
A list of the categories of third parties with whom an operator may share personally identifiable information |
|
A description of the process (if any) by which the consumer can review and request changes to his or her personally identifiable information as collected by an operator |
|
A description of the process by which the operator notifies consumers of material changes to an operator’s privacy policy |
|
The effective date of the privacy policy |
|
Introduces concepts and language around third-party contractors for California School Districts. Clarifies that data remains the property of the school, not the contractor, and that should be reflected in contractual language. DreamBox is in full compliance with this law.
Covers collection of and handling of social security numbers. DreamBox does not collect, process or store Social Security Numbers.
For all our customers, parents, and students who are residents of California: The California Consumer Privacy Act (CCPA) is a California law that codifies some privacy and consumer rights. It was passed in 2018, and took effect on January 1, 2020. It guarantees that California residents have, among other rights,
CCPA provides some specific guidelines on how these rights will be protected and enabled by companies doing business with California residents.
DreamBox complies with all provisions of CCPA.
You can review your CCPA rights and place CCPA requests here. (Note – this link will take you away from the www.dreambox.com site.)
Extends CCPA protections in many ways, including coverage of workplace information. DreamBox complies with all provisions of CPRA that are currently in effect, and will comply fully with the additional aspects of the law that take effect on January 1, 2022.
California’s SB-1177, often referred to as the Student Online Personal Information Protection Act (SOPIPA) forbids web sites and online service operators from knowingly selling, disclosing, using or allowing a 3rd party to use the personal information of a minor for marketing or advertising. It was enacted in 2016, and since that time, has been the model for laws in at least eight other states.
DreamBox fully complies with all aspects of SOPIPA and similar laws. We do not use individual or identifiable student personal information for marketing. We don’t resell or share that information with third parties or allow them to reference that information for sales or marketing.
If you believe you have observed or experienced a SOPIPA violation, you should notify the office of the California Attorney General.
Clarifies and extends SOPIPA to explicitly provide protections to students and student data. Explicitly forbids creating or maintaining a marketing profile with student data. DreamBox is in full compliance with this law.
Extends existing regulations around data breaches and notification to cover cases where encryption keys have been or are believed to have been compromised or exposed. DreamBox is in full compliance with this law.
Jurisdiction/Regulation | DreamBox Response |
Alabama: 8-38-1 – 8-38-12 (2018) Data Breach Notification Act | DreamBox fully complies |
Alaska: Sec. 45.48 Personal Information Protection Act | DreamBox fully complies |
Arizona:
| DreamBox fully complies with each of these regulations |
Arkansas:
| DreamBox fully complies with each of these regulations |
Colorado:
| DreamBox fully complies |
Connecticut:
| DreamBox fully complies with each of these regulations |
Delaware:
| DreamBox fully complies with each of these regulations |
Florida: Fla. Stat. 501.171(2) aka Florida Information Protection Act | DreamBox fully complies |
Georgia:
| DreamBox fully complies with each of these regulations |
Hawaii:
| DreamBox fully complies with each of these regulations |
Idaho: ID Code 28-51-105 Disclosure Of Breach | DreamBox fully complies |
Illinois:
| DreamBox fully complies with each of these regulations |
Indiana:
| DreamBox fully complies with each of these regulations |
Iowa:
| DreamBox fully complies with each of these regulations |
Kansas:
| DreamBox fully complies with each of these regulations |
Kentucky:
| DreamBox fully complies with each of these regulations |
Louisiana:
| DreamBox fully complies with each of these regulations |
Maine:
| DreamBox fully complies with each of these regulations |
Maryland:
| DreamBox fully complies with each of these regulations |
Massachusetts:
| DreamBox fully complies with each of these regulations |
Michigan:
| DreamBox complies with all relevant clauses. |
Minnesota: Chapter 325M (Internet Privacy and Service Providers) [NOTE: this does not directly apply to providers like DreamBox, only to ISPs] | DreamBox complies with all relevant clauses. |
Mississippi: MISS. CODE ANN. 75-24-29 & REV STAT 407.1500 Breach Notification | DreamBox fully complies |
Missouri: MO REV STAT 407.1500 Breach Notification | DreamBox fully complies |
Montana:
| DreamBox fully complies with each of these regulations |
Nebraska:
| DreamBox fully complies with each of these regulations |
Nevada:
| DreamBox full complies with each of these regulations. Required disclosures are included in this Privacy Policy |
New Hampshire:
| DreamBox fully complies with each of these regulations |
New Jersey: N.J. REV. STAT. 56:8-161 – 166 Personal Information | DreamBox complies with all relevant clauses. |
New Mexico: 2017 H.B. 15, Chap. 36 : Data Breach | DreamBox fully complies |
New York:
| DreamBox fully complies with each of these regulations |
North Carolina:
| DreamBox fully complies with each of these regulations |
North Dakota: N.D. CENT. CODE 51-30-01 – 07 Breach Notification | DreamBox fully complies |
Ohio:
| DreamBox fully complies with each of these regulations |
Oklahoma:
| DreamBox fully complies with each of these regulations |
Oregon:
| DreamBox fully complies with each of these regulations |
Pennsylvania:
| DreamBox fully complies with each of these regulations |
Rhode Island: Title 11, Chap. 11-49.3 (Identity Theft Protection Act) | DreamBox fully complies |
South Carolina:
| DreamBox fully complies with each of these regulations |
South Dakota: S.D. CODIFIED LAWS 22-40-19 – 26 Breach Notification | DreamBox fully complies |
Tennessee:
| DreamBox fully complies with each of these regulations |
Texas:
| DreamBox fully complies with each of these regulations |
Utah:
| DreamBox fully complies with each of these regulations |
Vermont: Title 9, Chap. 62 (Protection of Personal Information inc. Breach Notification) | DreamBox fully complies |
Virginia:
| DreamBox fully complies with each of these regulations |
Washington:
| DreamBox fully complies with each of these regulations |
Washington D.C.: B21-0578 – Protecting Students Digital Privacy Act of 2016 | DreamBox fully complies |
West Virginia:
| DreamBox fully complies with each of these regulations |
Wyoming:
| DreamBox fully complies with each of these regulations |
The European Union’s (EU) General Data Protection Regulation (GDPR) is a comprehensive privacy and security law that governs how companies of all sizes must behave when handling, storing, transmitting and removing the personal data of individuals who are residing in the EU. DreamBox does not currently market to customers or intentionally perform business activities in the EU. However, we are working to align our privacy policy and practices to be in compliance with the overall principles and restrictions of GDPR.
GDPR provides guidelines on necessary components of a Privacy Policy. Below is that list, with DreamBox’s information or response, included for each. Again, DreamBox is not currently operating in or marketing to residents of the EU, but we are working to align our policies with GDPR principles, and we are providing this information for customers concerned about the issues raised by GDPR and similar pending legislation in other jurisdictions:
GDPR Privacy Policy Requirement | DreamBox response |
---|---|
The identity and contact details of the organization, its representative, and its Data Protection Officer | In this policy, see:
|
The purpose and legal basis for the organization to process an individual’s personal data | In this policy, see:
|
The legitimate interests of the organization | In general, DreamBox data uses are under the “consent” exceptions of GDPR, but we may obtain and use your data in some specific instances under the “legitimate interests” exception, for exigent circumstances such as Investigating possible security violations |
Any recipient or categories of recipients of an individual’s data | All personal information provided by individual customers and school customers is received through automated processes and interfaces into systems administered by the Site Reliability Engineering (SRE) Team of DreamBox Learning, Inc. |
Details regarding transfer of personal data to any country outside the EU, and the safeguards taken with that data | DreamBox data is stored and processed in the United States. Details on the protection of that data is found in several sections of this policy. |
The retention period or criteria used to determine the retention period of the data | DreamBox retains your data as long as there is a business need for this data, to allow us to provide the educational service we’ve contracted to provide. |
The existence of each data subject’s rights
| In this policy, see:
DreamBox does not provide any reports or extract relevant to the “Data Portability” right. |
The right to withdraw consent at any time | In this policy, see:
|
The right to lodge a complaint with a supervisory authority | In this policy, see the sections for individual regulations, such as FERPA, COPPA, and SOPIPA. |
The categories of personal data obtained | In this policy, see:
|
The existence of an automated decision-making system, including profiling, and information about the significance, set up, and consequences of this system | DreamBox does not employ any automated decision-making systems that leverage or refer to personal data. The DreamBox system does employ automated decision-making systems that rely on responses and inputs from students during completion of lessons. |
The Future of Privacy Forum (FPF) and The Software & Information Industry Association (SIIA) put together a statement of principles that they believe should be endorsed by every responsible company that collects, handles or stores student personal information. DreamBox is a long-standing signatory of that pledge, and we fully endorse its overall principles and individual elements. The pledge is structured as a set of commitments, covering specific actions a company will or won’t do; for example, we affirm that:
The full Student Privacy Pledge is here: https://studentprivacypledge.org/privacy-pledge-2-0/ .
Answers to common questions about the pledge: https://studentprivacypledge.org/faqs/ .
Please contact DreamBox (see “How to contact us” below) if you believe we are not fully complying with the Student Privacy Pledge.
As a standard practice, DreamBox Learning uses “cookies.” A cookie is a small amount of data sent to your browser from our web server and stored on your computer, then sent back to the server by your browser each time you access our website. Cookies are used solely for the required operations of our website and services. We do not use cookies to collect any personal information, nor do we use them for behavioral advertising, to build a student profile unrelated to the use of DreamBox, or for any other reason. Please note that if you refuse the DreamBox Learning cookie (by turning cookies off in your browser or by clicking “don’t accept” if you have set your browser to warn you before accepting cookies), our Programs will not work. Cookies cannot be used to gather personal information from your computer.
In response to an FTC privacy report in 2010, the major browser manufacturers implemented a feature called “Do Not Track” or simply, “DNT.” The idea was that, by enabling DNT signals in your browser configuration, you would tell sites and services that they were not allowed to track your movements, responses, and choices.
There is no legal obligation for any company to honor these DNT signals. Also, there is no clear guidance or common understanding of what DNT means for collecting information necessary to operate a site. Because of the lack of clarity and usable best practice information, DreamBox does not currently respond to or interact with DNT signals. We will continue to evaluate DNT as a technology and may consider a change to this policy in the future.
If you have any questions about your privacy or security measures at DreamBox Learning, please contact:
Or, you can contact us through our primary location and main phone number:
DreamBox Learning, Inc. by Discovery Education, Inc
Attn: General Counsel and Privacy Counsel
4350 Congress St, #700
Charlotte, NC 28209
(800) 323-9084
US Federal Government – Protecting Your Privacy:
https://www.usa.gov/privacy (general)
https://tech.ed.gov/privacy/ (From the Office of Educational Technology)
Federal Trade Commission – Protecting Your Child’s Privacy Online: https://www.consumer.ftc.gov/articles/0031-protecting-your-childs-privacy-online
DreamBox updates this privacy policy at least annually, and whenever we need to express changes to business practices or to clarify how we address a specific law, policy, or technical issue.
When we make significant updates to this policy, we will notify all customers whose data we currently hold. We will also prominently display information about the change on our primary information website, https://www.dreambox.com. We will generally not send direct notification for additions to reference lists and items: state standards, or links to government and third-party sites providing supporting information.