SECURITY AND PRIVACY

Policy and Practices

At eScholar, we understand that we have a great responsibility as a vendor serving the education field. eScholar serves many education agencies and our data management solutions have an impact on over 20 million students. The proper handling of our client’s data, including student data, is a top priority for us.

As a firm that designs, develops and licenses enterprise data management software to education agencies, the contracts we have with our customers provide us with clarity and specificity concerning our customer’s expectations and our responsibilities, including the care and handling of data.

eScholar provides support for our customers when they license or subscribe to our products. Customers that deploy eScholar software on their own agency’s servers can be assured that their data is completely under their agency’s control. Their data is not transmitted to, or stored, on eScholar servers. Some of our customers contract with eScholar to host their data. Only in those cases does eScholar host any education data. The hosting provisions of those contracts contain clear language dictating the policies and procedures regarding access to and handling of those data.

eScholar conducts training for all its staff members on the proper handling of customer data and the Family Educational Rights and Privacy Act (FERPA) regulations. All staff members must pass an annual test to make sure that they keep current with both eScholar and customer policies and procedures regarding the handling of customer data. Though this is not required by law, we conduct this training because we understand the significance of our responsibilities. We regularly review our policies and procedures to ensure compliance to federal and state laws and security best practices. eScholar is also one of the signatories of the Student Privacy Pledge, which commits eScholar to carry out responsible stewardship and appropriate use of student data according to the pledge and all laws.

The ethical use of data is paramount for the protection of privacy, and the use of data in education is no exception. As a vendor and leader in providing technology solutions for education, eScholar has a firm commitment to our customers and stakeholders, including students, parents, and teachers, not to use the data for any purpose other than to meet our contractual obligations to our customers. In no case will the data ever be used for advertising or marketing purposes.

When visiting our website, escholar.com, cookies may be stored temporarily on your computer. A cookie is a small text file used to analyze your use of our website. We use cookies to improve our visitors’ user experience. Most web browsers (e.g. IE, Firefox, Chrome) accept cookies automatically, but you can set up the way you want to use cookies by configuring the settings in your browser’s privacy options.

If you have any questions or concerns regarding our privacy policies, please reach out to us directly at marketing@escholar.com. 

How do we collect and use personal information on our Website?

We collect the following types of personal data on our website (Site) for the purposes listed below. You may choose not to provide us with any personal information, but you will not be able to access portions of the site that require personal information. For purposes of the EU general data protection regulation, 2016/679 (the “GDPR“), and certain other applicable laws, we act as a data controller with respect to the personal information described below.

Category

Description and Purpose

Contact Information

If you contact us or submit a question via our Site, or otherwise inquire about our business, we will collect your name, email address, and phone number.

We process Contact Information to operate our business, to respond to your request, to ensure the privacy and security of our Site and operations, to maintain our databases and back-ups, to manage our relationships with you, to communicate with you, and to keep records of our communications with you. The legal basis for this processing is consent or, where applicable, our legitimate interests in the proper administration of our Site and business, the proper management of our business relationships, and the performance of a contract between you and us and/or taking steps, at your request, to enter into such a contract.

Communications and Inquiries

If you contact us, in addition to your Contact Information, we will receive the subject matter of your message and any comments, content, or other information that you choose to provide.

We process Communications and Inquiries to operate our business, to respond to your request, to ensure the privacy and security of our Site and operations, to maintain our databases and back-ups, to manage our relationships with you, to communicate with you, and to keep records of our communications with you. The legal basis for this processing is consent or, where applicable, our legitimate interests in the proper administration of our Site and business, the proper management of our business relationships, and the performance of a contract between you and us and/or taking steps, at your request, to enter into such a contract.

Job Application Information

If you apply for a job position through our Site, we collect the information disclosed in our Job Applicant Privacy Notice, which supplements this Policy. We process job application information for the purposes disclosed in the Job Applicant Privacy Notice.

The legal basis for this processing is our legitimate interests in the proper administration of our Site and business, and, where applicable, taking steps, at your request, to enter into a contract.

Cookies and Similar Technologies

We use cookies and use similar technologies as described in the “Cookies and Similar Technologies” section of this Policy. If you choose to disable cookies and similar technologies, some areas and features of the Site may not work properly.

We process Cookies and Similar Technologies to operate the Site, to serve you the content and functionality you request, to ensure the privacy and security of our Site, to develop new services, to enhance your experience and provide you with a more personal and interactive experience, and for usage analytics purposes. Where required by law, we rely on your express opt-in consent for the use of marketing, performance, and analytic cookies and similar technologies. The legal basis for processing of strictly necessary cookies is our legitimate interests in the proper administration of our Site and business.

Device and Usage Information

When you visit the Site, we automatically collect information from your browser and your device, which includes the date and time of your visit as well as your location, Internet Protocol (IP) address or unique device identifier, domain server, browser type, access time, and data about which pages you visit.

We process Device and Usage Information to operate the Site, to serve you the content and functionality you request, to ensure the privacy and security of our Site, to develop new services, to enhance your experience and provide you with a more personal and interactive experience, and for usage analytics purposes. The legal basis for this processing is our legitimate interests in monitoring and improving our Site.

Other Processing Activities. We may also process personal information when necessary for the following:

  • The establishment, exercise, or defense of legal claims, whether in court, administrative, or other proceedings. (The legal basis for this processing is our legitimate interest in the protection and assertion of our legal rights, your legal rights, and the legal rights of others.)
  • Obtaining or maintaining insurance coverage, managing risks, or obtaining professional advice (The legal basis for this processing is our legitimate interest in the proper protection of our business.)
  • Compliance with federal, state, or local laws (The legal basis for this processing is compliance with a legal obligation to which we are subject.)
  • Compliance with a civil, criminal, or regulatory inquiry, investigation, subpoena, or summons by federal, state, or local authorities and cooperation with law enforcement agencies concerning conduct or activity that we, a service provider, or a third party reasonably and in good faith believe may violate applicable law (The legal basis for this processing is compliance with a legal obligation to which we are subject.)
  • Collection, use, retention, or disclosure of information that is deidentified or aggregated.
  • Purposes that are consistent with, related to and/or ancillary to the purposes and uses described in this Policy for which your personal information was provided to us.

We may process your personal information in connection with any of the purposes and uses described in this Policy on one or more of the following legal grounds:

  • Because it is necessary to perform the tasks you have requested or to comply with your instructions or other contractual obligations between you and us;
  • To comply with our legal obligations as well as to keep records of our compliance processes;
  • Because our legitimate interests, or those of a third-party recipient of your personal information, make the processing necessary, provided those interests are not overridden by your interests or fundamental rights and freedoms;
  • Because you have chosen to publish or display your personal information on a public area of the Site, such as a comment area;
  • Because it is necessary to protect your vital interests;
  • Because it is necessary in the public interest; or
  • Because you have expressly given us your consent to process your personal information in a particular manner.

We do not use personal information for making any automated decisions affecting or creating profiles other than as described herein.

Location of Processing. eScholar is based and has operations in the United States, and our parent company, Harris Computer, is based in Canada.  Th personal information you provide on our Site may be transferred to, stored, and processed in Canada, the United States, and other countries in which we or our affiliates, partners, service providers, or agents maintain facilities. By sending us personal information or using the Site, you agree and consent to the processing of your personal information in locations such as the United States, which may not offer the levels of protection required in other countries. We rely on recognized legal bases to lawfully conduct cross-border/international transfers of personal information, such as express consent, when transfer is necessary for us to deliver services pursuant to an agreement, or when the transfer is subject to safeguards that assure the protection of the personal information.

Cookies and Similar Technologies

First and Third-Party Cookies

A “cookie” is a small file created by a web server that can be stored on your device (if you allow) for use either during a particular browsing session (a “session” cookie) or a future browsing session (a “persistent” cookie). “Session” cookies are temporarily stored on your device and remain there until they expire at the end of your browsing session. “Persistent” cookies remain stored on your device until they expire or are deleted by you. Local shared objects (or “flash” cookies) are used to collect and store information about your preferences and navigation to, from, and on a website. First-party cookies are set by the website you are visiting, and they can only be read by that site. Third-party cookies are set by a party other than that website.

Other Similar Technologies

In addition to cookies, there are other data collection technologies, such as Internet tags, web beacons, pixels (clear gifs, pixel tags, and single-pixel gifs), and navigational data collection (log files, server logs, etc.) that can be used to collect data as you navigate through and interact with a website. For example, web beacons are tiny graphics with unique identifiers that are used to understand browsing activity. UTM codes are strings that can appear in a URL when you move from one web page or website to another. The string can represent information about your browsing, such as which advertisement, page, or publisher sent you to the receiving website.

What Cookies and Similar Technologies Are in Use and Why Do We Use Them?

Google Analytics. We may use Google Analytics to collect and process statistical data about the number of people using the Site and to better understand how they find and use the Site. The data collected includes data related to your device/browser, your IP address, and on-site activities to measure and report statistics about user interactions. The information stored is reduced to a random identifier. Any data collected is used in accordance with this Policy and Google’s privacy policy. You may learn more about Google Analytics by visiting https://www.google.com/policies/privacy/partners/ and https://support.google.com/analytics/answer/6004245. You can learn more about Google’s restrictions on data use by visiting the Google Privacy Policy at: https://www.google.com/policies/privacy. To opt-out of Google Analytics, visit https://tools.google.com/dlpage/gaoptout and install the opt-out browser add-on feature. For more details, visit the “Google Analytics opt-out browser add-on” page located at https://support.google.com/analytics/answer/181881?hl=en. Google Analytics relies on the following cookies:

Cookie

Description

Type

Duration

_ga

The cookie is used by Google Analytics to calculate visitor, session, and campaign data and to keep track of site usage for the Site’s analytics report. The cookie stores information anonymously and assigns a randomly generated number to identify unique visitors.

Analytics

two years

_gat

This cookie is used to distinguish users.

Analytics

one minute

_gid

The cookie is used by Google Analytics to store information about how visitors use the Site, and it helps create an analytics report about how the Site is performing. The data collected includes the number of visitors, where the visitor access the page from, and the pages visited by the visitor in an anonymous form.

Analytics

24 hours

Google Tag Manager. We may use Google Tag Manager, which allows marketed website tags to be managed using an interface. The tool itself (which implements the tags) does not use cookies and does not register identifiable data. The tool causes other tags to be activated which may, for their part, register personal data under certain circumstances. Google Tag Manager does not access this information. Google Tag Manager is subject to the Google Privacy Policy located at https://www.google.com/intl/en/policies/privacy.

LinkedIn Analytics and LinkedIn Ads. We use LinkedIn’s technologies for analytics and to add tags to our Site to allow for conversion tracking of LinkedIn ad campaigns. These tools allow us to learn about user activity and LinkedIn audiences, to find trends in user engagement, and to analyze trends with those groups. For more information on LinkedIn’s marketing technologies and to view LinkedIn’s Privacy Policy, visit https://www.linkedin.com/legal/privacy-policy. You can opt-out of LinkedIn Ads by visiting https://www.linkedin.com/help/linkedin/answer/62931?trk=microsites-frontend_legal_privacy-policy&lang=en. LinkedIn uses the following cookies:

Cookie

Description

Type

Duration

AnalyticsSyncHistory

Used to store information about the time a sync with the lms_analytics cookie took place for users in the designated countries

Analytics

30 days

UserMatchHistory

LinkedIn Ads ID syncing

Marketing

30 days

bcookie

Browser Identifier cookie to uniquely identify devices accessing LinkedIn to detect abuse on the platform

Marketing

2 years

lang

Used to remember a user’s language setting

Marketing

Session

li_sugar

Used to make a probabilistic match of a user’s identity outside the designated countries

Marketing

3 months

lidc

To optimize data center selection

Marketing

1 day

lms_ads

Used to identify LinkedIn Members off LinkedIn in the designated countries for advertising

Marketing

30 days

lms_analytics

Used to identify LinkedIn Members in the designated countries for analytics

Analytics

30 days

How long do we process your information?

We retain and use your personal information for as long as is necessary to fulfill the purposes for which it was collected, to comply with our business requirements and legal obligations, to resolve disputes, to protect our assets, to provide our services, and to enforce our agreements.

We take reasonable steps to delete the personal information we collect when (1) we have a legal obligation to do so, (2) we no longer have a purpose for retaining the information, and (3) if you ask us to delete your information, unless we determine that doing so would violate our existing, legitimate legal, regulatory, dispute resolution, contractual, or similar obligations. We may also decide to delete your personal information if we believe it is incomplete, inaccurate, or that our continued storage of your personal information is contrary to our legal obligations or business objectives.

To the extent permitted by law, we may retain and use anonymous, de-identified, and aggregated information for performance reporting, benchmarking, and analytic purposes and for product and service improvement. When we delete data, it will be removed from our active servers and databases; but, it may remain in our archives when it is not practical or possible to delete it.

We are required by law to maintain records of consumer requests submitted under the California Consumer Privacy Act and how we responded to such requests for at least 24 months. We only use this information for recordkeeping purposes.

How do we protect your personal information?

We have put security measures in place to protect personal information from being accidentally lost, used, altered, or disclosed or accessed in an unauthorized manner and to detect fraudulent identify-verification activity, including when transmitting personal information in response to data subject requests. From time to time, we review our security procedures to consider appropriate new technologies and methods.

However, no security system is perfect, and no data transmission is 100% secure. As a result, while we strive to protect personal data, we cannot guarantee or warrant the security of any information transmitted to or from the Site or services. Your use of the Site is at your own risk. We cannot guarantee that your data will remain secure in all circumstances.

If a data breach compromises your personal information, we will notify you and any applicable regulator when we are required to do so by applicable law.

Your rights and choices

Please use the “Contact Us” details at the end of this Policy to exercise your rights and choices under this Policy.

Email Preferences. If you no longer wish to receive communications from us via email, you may opt-out by clicking the “unsubscribe” link at the bottom of our emails or by contacting us via the “Contact Us” details at the end of this Policy and providing your name and email address so that we may identify you in the opt-out process. Once we receive your instruction, we will promptly take corrective action.

Accuracy and Updating Your Personal Information. Our goal is to keep your personal information accurate, current, and complete. If any of the personal information you have provided to us changes, please update it in your user/account profile, or let us know via the “Contact Us” details at the end of this Policy. We are not responsible for any losses arising from any inaccurate, inauthentic, deficient or incomplete personal data that you provide to us.

Complaints. If you believe that your rights relating to your personal information have been violated, you may lodge a complaint with us by contacting us via the “Contact Us” details at the end of this Policy.

Individual Rights. You may have certain rights relating to your personal data under local data protection laws, and we discuss the rights provided in various jurisdictions below. We honor individuals’ rights where required under applicable law, and, depending on the applicable laws, these rights may include the right to:

  • Access your personal information;
  • Know more about how we process your personal information;
  • Rectify inaccurate personal information and, taking into account the purpose of processing the personal information, ensure it is complete;
  • Erase or delete your personal information;
  • Restrict our processing of your personal information;
  • Transfer your personal information to another controller, to the extent possible;
  • Object to certain processing of your personal information;
  • Opt-out of certain disclosures of your personal information to third parties;
  • If you’re under the age of 16, or such other applicable age of consent, opt-in to certain disclosures of your personal information to third parties;
  • Not be discriminated against for exercising your rights described above;
  • Not be subject to a decision based solely on automated processing, including profiling, which produces legal effects; and
  • Withdraw your consent at any time (to the extent we base processing on consent), without affecting the lawfulness of the processing based on such consent before its withdrawal.

All requests should be sent to us at the contact details noted in the “Contact Us” section of this Policy. Your personal information may be processed in responding to these rights. If you are exercising a right that is the responsibility of a third party, including one of our affiliates, we will direct you to contact the appropriate data controller who is responsible for responding to your request.

EU/EEA Residents

Right of Access. To the extent required by law, you have the right to receive confirmation as to whether or not personal data concerning you are being processed, and, where that is the case, access to the personal data and the following information: the purposes of the processing; the categories of personal data concerned; and the recipients or categories of recipient to whom the personal data have been or will be disclosed. We will provide a copy of your personal information in compliance with applicable law.

Right of Rectification. Our goal is to keep your personal information accurate, current, and complete. Please contact us if you believe your information is not accurate or if it changes.

Right to Erasure. In some cases, you have a legal right to request that we delete your personal information when (1) it is no longer necessary for the purposes for which it was collected, (2) consent has been withdrawn in certain instances, (3) you have objected to the processing in certain instances, (4) the personal information has been unlawfully processed, (5) the personal data have to be erased for compliance with a legal obligation; and (6) the personal data were collected in relation to the offer of information society services. However, the right is not absolute. When we delete personal information, it will be removed from our active servers and databases; but, it may remain in our archives when it is not practical or possible to delete it. We may also retain your personal information as needed to comply with our legal obligations, resolve disputes, or enforce any agreements.

Right to Restrict Processing. You have the right to restrict the processing of your data when (1) the accuracy of the personal data is contested, for a period enabling the controller to verify the accuracy of the personal data; (2) the processing is unlawful and you oppose erasure and request a restriction instead; (3) we no longer need the personal data, but you need us to keep it for the establishment, exercise, or defense of legal claims; or (4) you have objected to us processing the personal information, pending resolution of the objection.

Right to Object. In certain circumstances, you have the right to object to the processing of your personal information where the processing is necessary for performance of a task carried out in the public interest, for our legitimate interests, or for the legitimate interests of others. You also have the right to object where personal data are processed for direct marketing purposes or for scientific or historical research purposes or statistical purposes.

Right to Withdraw Consent. If you have provided your consent to the collection, processing, and transfer of your personal information, you may have the right to fully or partially withdraw your consent. Once we have received notice that you have withdrawn your consent, in whole or in part, we will no longer process your information for the purpose(s) to which you originally consented and have since withdrawn unless there are compelling legitimate grounds for further processing that override your interests, rights and freedoms or for the establishment, exercise or defense of legal claims. Withdrawal of consent to receive marketing communications will not affect the processing of personal information for the provision of our services.

Right to Complain. If you believe we have not processed your personal information in accordance with applicable law, we encourage you to contact us at privacy@harriscomputer.com. You may also have the right to make a complaint to an applicable Supervisory Authority or seek a remedy through the courts. A list of Supervisory Authorities for residents of the EU or EEA is available at: https://edpb.europa.eu/about-edpb/board/members_en. If you need further assistance regarding your rights, please contact us using the contact information provided below and we will consider your request in accordance with applicable law.

Nevada Residents

Nevada residents may submit a verified request to us at privacy@harriscomputer.com to request that we not make any sale (as defined under Nevada law) of any covered information (as defined under Nevada law) that we have collected or will collect about you. Please provide your name and contact information in your request, and we will respond to your request in accordance with Nevada law.

California Residents

All terms used in this section shall have the meanings given in the California Consumer Privacy Act, as amended (“CCPA”), when applicable.

CCPA Notice at Collection. We collect and process personal information for as described in the “How Do We Collect and Use Personal Information” section of this Policy. The relevant CCPA categories for this information are listed below. We may provide a separate notice at collection if we collect additional information or intend to use information for additional purposes.

Category

CCPA Categories

Contact Information

For purposes of the CCPA, Contact Information includes the following categories of personal information:

  • Identifiers
  • Categories Described in the Customer Records Statute
  • Professional or Employment-related Information

Job Application Information

For purposes of the CCPA, Job Application Information includes the following categories of personal information:

  • Identifiers
  • Categories of Personal Information described in the California Customer Records statute
  • Commercial Information
  • Professional or Employment-related Information
  • Education Information
  • Internet or Other Electronic Network Activity Information
  • Geolocation Data
  • Audio, Electronic, Visual, thermal, or Similar Information
  • Biometric Information
  • Inferences
  • Sensitive Information

Communications and Inquiries

For purposes of the CCPA, Communications and Inquiries includes the following categories of personal information:

  • Identifiers
  • Categories Described in the Customer Records Statute
  • Commercial Information
  • Audio, Electronic, Visual, or Similar Information
  • Professional or Employment-related Information

Cookies and Similar Technologies

For purposes of the CCPA, Cookies and Similar Technologies includes the following categories of personal information:

  • Identifiers
  • Internet or Other Electronic Network Activity Information
  • Geolocation Data
  • Sensitive Information

Device and Usage Information

For purposes of the CCPA, Device and Usage Information includes the following categories of personal information:

  • Identifiers
  • Internet or Other Electronic Network Activity Information
  • Geolocation Data
  • Sensitive Information

 

Data Practices During Last 12 Months. The disclosures below describe our data practices during the last twelve months:

  • Personal Information Collected: We have collected the categories of personal information listed below during the preceding 12 months:
    • Identifiers
    • Categories of Personal Information described in the California Customer Records statute
    • Commercial Information
    • Professional or Employment-related Information
    • Education Information
    • Internet or Other Electronic Network Activity Information
    • Geolocation Data
    • Audio, Electronic, Visual, thermal, or Similar Information
    • Biometric Information
    • Inferences
    • Sensitive Information
  • Categories of Sources: We have collected the personal information identified in this Policy from you, public sources, and third-party sources, including our data partners.
  • Business and Commercial Purposes for Collecting: In general, we have collected the categories of personal information listed above for the following purposes:
    • To ensure the privacy and security of our Site and operations
    • To maintain our databases and back-ups
    • To manage our relationships with you
    • To communicate with you
    • To keep records of our communications with you
    • To operate our business
    • To respond to your request
    • To serve you the content and functionality you request
    • To develop new services
    • To enhance your experience and provide you with a more personal and interactive experience
    • Usage analytics purposes
  • We have also collected Job Application Information for the following purposes:
    • To communicate with you in your capacity as a potential employee
    • To assess and document your qualifications for the requirements of your role
    • For recruitment or human resources purposes
    • To carry out our obligations under employment law, for the performance of the employment relationship, or as applicable law otherwise permits
    • To facilitate reimbursements and to prevent fraudulent payments
    • To confirm your identity and your entitlement to work in the applicable country
  • Personal Information Sold or Shared: We have not sold or shared categories of personal information during the preceding 12 months.
  • Personal Information Disclosed for a Business Purpose. We have disclosed for a business purpose the categories of personal information listed below during the preceding 12 months. We have disclosed each category of personal information to the following categories of third parties: (1) corporate parents, subsidiaries, and affiliates; (2) advisors (e.g., accountants, attorneys); (3) service providers (e.g., data analytics, data storage, mailing, marketing, website and platform administration, technical support); and (4) operating systems and platforms.
    • Identifiers
    • Categories of Personal Information described in the California Customer Records statute
    • Commercial Information
    • Professional or Employment-related Information
    • Education Information
    • Internet or Other Electronic Network Activity Information
    • Geolocation Data
    • Audio, Electronic, Visual, thermal, or Similar Information
    • Biometric Information
    • Inferences
    • Sensitive Information
  • Business and Commercial Purposes for Disclosing:
    • In general, we have disclosed to the identified categories of third parties the categories of personal information listed above for the following purposes:
      • To ensure the privacy and security of our Site and operations
      • To maintain our databases and back-ups
      • To manage our relationships with you
      • To communicate with you
      • To keep records of our communications with you
      • To operate our business
      • To respond to your request
      • To serve you the content and functionality you request
      • To develop new services
      • To enhance your experience and provide you with a more personal and interactive experience
      • Usage analytics purposes
    • We have also disclosed Job Application Information for the following purposes:
      • To communicate with you in your capacity as a potential employee
      • To assess and document your qualifications for the requirements of your role
      • For recruitment or human resources purposes
      • To carry out our obligations under employment law, for the performance of the employment relationship, or as applicable law otherwise permits
      • To facilitate reimbursements and to prevent fraudulent payments
      • To confirm your identity and your entitlement to work in the applicable country

No Financial Incentive. We do not offer financial incentives or any price or service difference in exchange for the retention or sale of your personal information.

Do Not Sell or Share My Personal Information. Under the CCPA, you have the right to direct us to stop selling or sharing your personal information to third parties and to refrain from doing so in the future. For purposes of the CCPA, we do not sell or share personal information as defined under applicable law.

Limited Use of Sensitive Information. We only use or disclose sensitive personal information for purposes permitted by the CCPA and to which the right to limit does not apply.

CCPA Individual Rights. California consumers have the rights described below. However, these rights do not apply in all instances and are subject to certain exceptions as a matter of law. By way of example, these rights do not apply where we collect or sell a consumer’s personal information if: (1) we collected that information while the consumer was outside of California, (2) no part of a sale of the consumer’s personal information occurred in California, and (3) no personal information collected while the consumer was in California is sold.

Request to Know. As a California resident, you have the right to request: (1) the specific pieces of personal information we have collected about you; (2) the categories of personal information we have collected about you; (3) the categories of sources from which the personal information is collected; (4) the categories of personal information about you that we have sold or shared and the categories of third parties to whom the personal information was sold or shared; (5) the categories of personal information about you that we disclosed for a business purpose and the categories of third parties to whom the personal information was disclosed for a business purpose; (6) the business or commercial purpose for collecting, disclosing, selling, or sharing personal information; and (7) the categories of third parties to whom we disclose personal information. Our response will cover the 12-month period preceding our receipt of a verifiable request unless a longer period is requested by you.

Request to Delete. As a California resident, you have a right to request the erasure/deletion of certain personal information collected or maintained by us. As described herein, we will delete your personal information from our records and notify any service providers and contractors (as defined under applicable law) to delete your personal information from their records. However, we are not required to honor a deletion request if an exemption applies under the law.

Right to Correct. As a California resident, you have a right to correct inaccuracies in your personal information, taking into account the nature of the personal information and the purposes for which we process the personal information. We will use commercially reasonable efforts to correct the inaccurate personal information as directed by you.

Right to Limit Use and Disclosure. As a resident of California, you have the right to limit our use and disclosure of your sensitive personal information to that use which is necessary to perform our services and provide our goods as requested by you, or as otherwise permitted by law. We only use or disclose sensitive personal information for purposes permitted by the CCPA and to which the right to limit does not apply.

Right to Opt Out. As a resident of California, you have the right to direct us to stop selling or sharing your personal information to third parties and to refrain from doing so in the future. For purposes of this right, we do not sell or share personal information as defined under applicable law.

Submission Process. You may submit a request to exercise one of the above rights via a toll-free telephone call to 1-888-847-7747 or by email to privacy@harriscomputer.com. If a request is submitted in an incorrect manner or if it is deficient, we will either (1) treat the request as if it had been submitted via the designated manner, or (2) provide you with specific directions on how to submit the request or remedy any deficiencies, as applicable.

Verification Process. We are required to verify the identities of those who submit requests to exercise the above rights. To determine whether the individual making the request is the consumer about whom we have collected information, we will verify your identity by matching the identifying information provided by you in the request to the personal information that we already maintain about you. As a part of this process, you will be required to provide your name, address, and telephone number. We will inform you if we cannot verify your identity.

  • If we cannot verify the identity of the person making a request for categories of personal information, we may deny the request. If the request is denied in whole or in part for this reason, we will provide a copy of, or direct you to, our privacy policy.
  • If we cannot verify the identity of the person making the request for specific pieces of personal information, we are prohibited from disclosing any specific pieces of personal information to the requestor. However, if denied in whole or in part for this reason, we will evaluate the request as if it is seeking the disclosure of categories of personal information about the consumer.
  • If we cannot verify the identity of the person making a request to delete, we may deny the request.
  • If there is no reasonable method by which we can verify the identity of the requestor to the degree of certainty required, we will state this in our response and explain why we have no reasonable method by which we can verify the identity of the requestor.

Authorized Agents. Authorized agents may submit requests via the methods identified in this Policy. If you use an authorized agent to submit a request to know or a request to delete, we may require: (1) the authorized agent to provide proof that you gave the agent signed permission to submit the request; (2) you to verify your identity directly with us; and (3) you to directly confirm with us that you provided the authorized agent permission to submit the request. However, we will not require these actions if you have provided the authorized agent with power of attorney pursuant to the California Probate Code.

Excessive Requests. If requests from a consumer are manifestly unfounded or excessive, in particular because of their repetitive character, we may either (1) charge a reasonable fee, or (2) refuse to act on the request and notify the consumer of the reason for refusing the request. If we charge a fee, the amount will be based upon the administrative costs of providing the information or communication or taking the action requested.

Non-Discrimination. You have the right not to receive discriminatory treatment by us due to your exercise of the rights provided by the CCPA. We do not offer financial incentives and price or service differences, and we do not discriminate against consumers, employees, applicants, or independent contractors for exercising their rights under the CCPA.

California Shine the Light. Under California Civil Code Section 1798.83, California residents who provide personal information in obtaining products or services for personal, family, or household use may be entitled to request and obtain from us once a calendar year information about the information we shared, if any, with other businesses for direct marketing uses. At present, we do not share your personal information with third parties for those third parties’ direct marketing purposes. Please be aware that not all information sharing is covered by the “Shine the Light” requirements and only information on covered sharing, if any, will be included in our response. As part of the California Online Privacy Protection Act, all users of our Site may make any changes to their information at any time by contacting us at privacy@harriscomputer.com.

Third-party sites and services

This Policy does not apply to any third-party websites or applications. The Site may contain links to, and media or other content from, third parties. These links are to external resources and third parties that have their own privacy policies. Because of the dynamic media capabilities of the Site, it may not be clear which links are to external, third-party resources. If you click on a third-party link, you will be redirected away from the Site. You can check the URL to confirm whether you have left the Site.

We cannot and do not (1) guarantee the adequacy of the privacy or security practices employed by or the content and media provided by any third parties or their websites, (2) control third parties’ independent collection or use or your information, or (3) endorse any third-party information, products, services or websites that may be reached through embedded links on the Site.

Any information provided by you or automatically collected from you by a third party will be governed by that party’s privacy policy and terms of use.

Children

Our Site, products, and services are not directed to children under the age of 13, nor is information knowingly collected from children under the age of 13. No one under the age of 13 may access, browse, or use the Site or provide any information to us. If we learn that we have collected or received personal information from a child under the age of 13 without a parent’s or legal guardian’s consent, we will take steps to stop collecting that information and delete it. If you believe we have any received information from a child under the age of 13, please contact us using the “Contact Us” details provided below.

For more information about COPPA, please visit the Federal Trade Commission’s website at: https://www.ftc.gov/enforcement/rules/rulemaking-regulatory-reform-proceedings/childrens-online-privacy-protection-rule.

Updates and changes to this policy

We may add to, change, update, or modify this Policy from time to time. We will post all changes to this Policy on this page, and the updated policy will be effective immediately upon posting. If we make material changes, we will also notify you through a notice on the homepage of the Site for a reasonable period of time. We may also, in our discretion, notify you of changes to this Policy via email.

You are expected to, and you acknowledge and agree that it is your responsibility to, carefully review this Policy prior to using the Site, and from time to time, so that you are aware of its current terms. Your continued use of the Site after the “Last Updated” date will constitute your acceptance of and agreement to any changes and to our collection and sharing of your information according to the then-current Policy. If you do not agree with this Policy and our practices, you should not use the Site.

Contact us

If you have any questions or concerns, wish to exercise your rights, or want to submit a complaint, please contact us using the information below, and we will do our best to assist you.

In Writing:  1 Antares Drive, Suite 100, Ottawa ON, K2E 8C4

By Emailprivacy@harriscomputer.com

Telephone: 1 (888) 847-7747