Last Updated Date: August 7, 2020
Welcome! GoGuardian (formally — Liminex, Inc. doing business as GoGuardian — “GoGuardian”, “we”, “us”, “our”) is an educational technology company that provides K-12 schools and school districts with software facilitating safer access to online educational materials along with technology management. The privacy of each and every user matters deeply to us, and we strive for transparency in all of our data privacy practices—especially when it comes to identifying the information that we collect, use, share, and disclose, as well as how we help keep your information safe. We take our responsibility to protect your information very seriously. Please remember that we are always here to answer any questions you have, and we look forward to working with you for years to come.
Information Provided Directly to Us through our GoGuardian Offerings
The information that we collect depends on the GoGuardian Offerings and features within those GoGuardian Offerings that a School uses. We collect some business information directly from a School (e.g., information collected when signing up to use our GoGuardian Offerings) or from Schools about their students or directly from the School’s students (e.g., browsing information) when we act as their service provider. We also collect some information automatically (e.g., GoGuardian Offerings usage information).
School and School Official Information
GoGuardian collects the following information that we collectively label as “School Information”:
- School Profile Information: When an official of a School ("School Official") initiates contact through our Website for GoGuardian’s Offerings on behalf of his/her School, we collect that School Official’s contact information as well as information about his/her School relevant to purchasing and setting up our GoGuardian Offerings. This information includes the School Official's name, email address, and phone number, as well as the School’s name, address, billing address, number of devices, number of students, and network configuration. If the School Official creates an account for GoGuardian’s GoGuardian Offerings, the School Official must also create a GoGuardian password.
- Authorized School Personnel: Following a School Official’s establishment of a School account with GoGuardian, the School Official can use GoGuardian Offerings to add additional School personnel such as other School Officials and teachers (together, "Authorized School Personnel") from their School and designate their appropriate permission levels in GoGuardian Offerings.
- Support Requests: Authorized School Personnel can submit requests about GoGuardian Offerings to our support center (e.g., GoGuardian’s Support Center and GoGuardian’s Help Center) through both our GoGuardian Offerings themselves and from our Website. When Authorized School Personnel submit support requests through these support centers, we receive these requests and associated contact information.
- Additional Information About Authorized School Personnel: Depending on the GoGuardian Offerings and features selected by a School, GoGuardian Offerings can collect additional information about Authorized School Personnel, including chat messages and video conferencing between students and teachers using GoGuardian Teacher (including if Personnel participate in a chat function as part of a videoconference), GoGuardian-generated unique account identifiers, and other relevant unique identifiers (e.g., Google Classroom identifiers if School integrates Google Classroom with GoGuardian Teacher). This information may change if a School and/or Authorized School Personnel utilize new features and/or GoGuardian Offerings.
Personal Student Information
In providing our GoGuardian Offerings to Schools, we collect information that may, alone or in combination with other available information, be reasonably used to identify a current or former student enrolled in a K-12 School (“Personal Student Information”).
GoGuardian only collects Personal Student Information on school-managed devices and/or accounts where a School has already registered with GoGuardian and chosen to use GoGuardian Offerings and where such Schools have provided consent required by applicable law, including the Children’s Online Privacy Protection Act (“COPPA”). Each school in the United States must comply with any legal requirements applicable to it, which may include, providing appropriate notice and/or obtaining parental consent. Schools located in countries outside of the United States must also obtain and provide appropriate consent from parents and/or guardians of student or as otherwise required by applicable law.
The Personal Student Information collected by our GoGuardian Offerings on behalf of a School depends on the particular GoGuardian Offerings and features selected by a School and the particular settings enabled or disabled by the School. Pursuant to such selection, the Personal Student Information that we collect includes:
- Student’s School-Managed Account Information: GoGuardian’s Offerings collect a student’s School-managed account information: student’s name, email address, Google Profile ID, Google Image URL, and organizational unit as well as device identifiers necessary to associate a student with a certain device and settings. Additionally, GoGuardian may also need to associate a student with a particular teacher’s classroom by using a Google classroom identifier or other identifier.
- Activity Information: Depending on a School’s currently selected GoGuardian Offerings, features, integrations and settings, GoGuardian may collect additional information, from or about online account or any activity when a user is logged on the school-managed accounts and devices, including chats (within GoGuardian Teacher), video conferencing recordings (including audio and videos of participating Students and chats included in a video conference) (within GoGuardian Teacher), a student’s browsing history, IP address, online content, snapshots, and key percentage variance (but not the actual inputs or sequence of inputs) to identify patterns like gaming) collected when the user is logged on to the school-managed device or account.
- Grade and Attendance Information: Depending on a School’s currently selected GoGuardian Offerings, features, integrations, and settings, GoGuardian may receive grade and attendance information.
- Location Information: Using GoGuardian Admin, a School can collect the geographic location of devices for the purpose of locating and recovering its devices. GoGuardian Offerings can collect IP addresses while GoGuardian Offerings are active, no precise geographic login locations of mobile phones can be accessed or stored by GoGuardian.
The Personal Student Information collected may change if a School utilizes new features and GoGuardian Offerings.
If a School chooses to utilize GoGuardian’s guardian feature (such as to enable a School to send important automated notifications to a parent/guardian about his/her child), GoGuardian may receive certain information about a student’s parent(s)/guardian(s). Specifically, GoGuardian may receive a parent’s/guardian’s name, email address, and optionally phone number from the School. To learn whether your child’s School is using this guardian feature or how to update a child’s legal parent/guardian contact information, please contact your child’s School and follow the instructions below in the section below titled “Requests from Parents, Legal Guardians, Eligible Students, and Authorized School Personnel”.
If you are a parent or guardian and you use the Parent App, we collect: 1) your email address to confirm your authorization from the School to use the app and to determine the student associated with you and, once verified, enable the app; and 2) automatically collected information about your app activity set forth below.
Information We Automatically Collect through Our Offerings
Our Offerings automatically collect the following additional information that we label collectively as “School Log and Cookie Information”:
- Analytics Information and Event Information: Our Offerings automatically collect information through analytics services providers, including IP address, Internet service provider (ISP), date and time stamp, browser language, browser type, amount of time spent on particular portions of our Offerings, and/or other general usage data. Similar to other software, we also collect event information regarding how users interact with our Offerings. For example, we collect information about how much time users spend on certain features of our Offerings.
- Log Information: We also collect log information such as service diagnostics and technical logging information, which may include IP address, login times to our Offerings, usage times of our Offerings, browser type, and browser configuration.
- Device Information: We collect information about the devices that log into our Offerings, including type of device, device settings, and operating system.
How We Use Information Collected Through Our Offerings
We use School Information and School Log and Cookie Information to:
- set up and provide our Offerings;
- analyze and improve our Offerings;
- respond to a School’s and/or Authorized School Personnel’s requests and to provide related support;
- administer and troubleshoot our Offerings;
- send information to a School and Authorized School Personnel about how to use our Offerings and other important updates;
- notify a School and Authorized School Officials about new features or Offerings that may be of interest to them, and, similarly notify other Authorized School Personnel of new features or Products that may be of interest to them when residents of the United States or otherwise as permitted by law;
- help prevent fraud and to enforce the legal terms that govern our Offerings;
- to comply with applicable law and protect our and others’ rights, safety and property; and
- follow further instructions of a School.
In accordance with our contractual obligations, we use Personal Student Information and Parent/Guardian Information to:
- Provide, improve and analyze our Offerings and for legitimate educational purposes of the School;
- to send parents and guardians alerts and notices in the Parent App;
- enforce the legal terms that govern our Offerings;
- comply with applicable law and protect our and others’ rights, safety and property; and
- follow further instructions of a School.
At all times, Personal Student Information is the property of and under the control of a School, or as required by applicable law, Personal Student Information is the property of and under the control of the applicable eligible student, parent, or guardian.
We will also use your Personal Student Information in accordance with applicable student privacy laws, including, as applicable, Connecticut's "Act Concerning Student Privacy".
If you are a Product User in the EEA or the United Kingdom ("UK"), please see the “Notice to EEA and Other Non-US Residents” section for more information about how we use information and the legal bases for collecting information.
How We Share Information Collected Through Our Offerings
We may share or disclose information in the following ways:
- Authorized School Personnel Access: Each School determines which Authorized School Personnel have access to the School’s account with GoGuardian’s Offerings and their permission levels.
- Third Parties Supporting Our Offerings: We may share information with our service providers that assist us in performing business-related functions that support our Offerings. For example, we use hosting services and customer service tools to help support our Offerings. When we employ another company to perform a function of this nature, we provide them with the information that they need to perform their specific function.
- With School Permission or at School Direction: We may share or disclose information, including Personal Student Information, to third parties pursuant to a School’s instruction or with a School’s permission. For example, if a School chooses to integrate GoGuardian’s Offerings with another third party company’s products or services, then we will share information as instructed. With your permission, we may also share or disclose your name and other content through a testimonial video or quotation.
- Legal Requirements: We may share or disclose certain information if we believe in good faith that doing so is necessary or appropriate to comply with any law enforcement, legal, or regulatory process, such as to respond to a warrant, subpoena, court order, or other applicable laws and regulations.
- Business Transfer: We may share or disclose certain of the information we collect (set forth above), in connection with or during negotiations of any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company. If such transfer is subject to additional mandatory restrictions under applicable laws, GoGuardian will comply with such restrictions. The successor entity will be subject to all applicable federal and state laws, including student privacy laws. In connection with such a transaction, we will also work to ensure that the successor entity has a commitment to student privacy.
- De-Identified Information: We may use, share, or disclose De-Identified information (as that term is defined in our EULA) for various purposes such as product development, research, and marketing, in compliance with relevant laws. For example, we may use aggregate, anonymous data to publish an e-Book on Schools’ most utilized online educational resources.
If you are a School or other Authorized School Personnel in the EEA or the UK, please see our Notice to EEA and Other Non-US Residents below.
How Long We Keep Information
We retain Personal Student Information as directed by the School:
- School’s Request for Deletion or Transfer of Personal Student Information: GoGuardian acts upon a School’s documented instructions to delete Personal Student Information during and after all School licenses to GoGuardian have expired, unless we are required to retain such information to comply with our legal obligations with law enforcement, resolve disputes, or enforce our agreements. Upon instruction to delete Personal Student Information, GoGuardian will take reasonable efforts to delete and/or de-identify such information in a commercially reasonable amount of time under applicable laws. At the termination of all of the School’s licenses with GoGuardian, GoGuardian and the School may agree to transfer the School’s Personal Student Information back to the School. In that case, similar to deletion requests, GoGuardian will act upon a School’s documented instruction to transfer the School’s Personal Student Information to the School and take reasonable efforts to transfer such information in a commercially reasonable amount of time under applicable laws, unless we are required to retain such information to comply with our legal obligations, or with law enforcement, resolve disputes, or enforce our agreements. For Schools in the EEA, Personal Student Information will be deleted and transferred/ported according to the terms of the DPA or other agreement between the School and GoGuardian.
- Video Conferencing Recordings: If a School enables the video conferencing feature in GoGuardian Teacher, audio and video recordings will be stored by GoGuardian for ninety (90) days.
We generally retain information other than Personal Student Information for as long as it may be relevant to the purposes above or as required or permitted by law. To dispose of any personal information, we may anonymize it, delete it or take other appropriate de-identifying steps. Please note that information may persist in copies made for backup and business continuity purposes for an additional period of time.
Your Choices about Information Collected through Our GoGuardian Offerings
You have certain rights and choices with respect to your information as further described in this section.
Your choices about School Profile Information and School Log and Cookie Information:
- Promotional Communications: You can decline promotional communications at the point information is requested for such purpose (e.g., by checking the relevant box) or, by following the unsubscribe instructions on communications sent to you. You can also contact us as described in the “How to Contact Us” section below.
- Cookies and Analytics. You can opt out from certain cookie-related and analytics processing by following the instructions in our Cookie Notice below.
- Your Legal Rights Under Local Law: Local laws (e.g., laws of the European Union) may permit an individual to request that we: (1) provide access to and/or a copy of certain information that we hold about that individual; (2) prevent the processing of that individual’s information for direct-marketing purposes (including any direct marketing processing based on profiling); (3) update an individual’s information which is out of date or incorrect; (4) delete certain information that we are holding about an individual; (5) restrict the way that we process and disclose certain of the individual’s information; (6) transfer an individual’s information to a third party provider of services; and/or (7) revoke an individual’s consent for the processing of his/her information. If your local laws provide additional rights, we will consider all requests and provide our response within the time period stated by applicable law. Please note, however, that certain information may be exempt from such requests in some circumstances, which may include if we need to continue processing an individual’s information for our legitimate interests or to comply with a legal obligation. We may request that an individual and/or School provide us with information necessary to confirm the individual’s identity before responding to your request. To exercise any of these rights, please contact us as described further in the “How to Contact Us” section below. In addition to those rights, an individual has the right to lodge a complaint with the relevant supervisory authority. However, we encourage the individual to contact us first, and we will do our very best to resolve the individual’s concern.
Your choices about School Information (Except School Profile Information), Personal Student Information, and Parent/Guardian Information:
- Cooperation with Schools. We will assist the School in facilitating requests relating to Authorized School Personnel Information and Personal Student Information pursuant to the School’s instruction as explained further in the “How Long We Keep Information Collected Through GoGuardian Offerings" or in the “Your Legal Rights Under Local Law” sections above.
- Requests from Parents, Legal Guardians, Eligible Students, and Authorized School Personnel:
- Review, Correction, and Deletion Requests.
- If a parent, legal guardian, eligible student, or Authorized School Personnel wishes to request a review, correction, deletion of Personal Student Information or School Information, he/she should contact the appropriate School Official of his/her or his/her child’s School. GoGuardian will cooperate with the School to fulfill requests pursuant to the School’s verification and instruction within a commercially reasonable amount of time and in compliance with relevant law.
- If you are Authorized School Personnel, please note that we may be required to maintain certain School Information if directed to do so by your School Official on behalf of your School employer or as needed by GoGuardian to enforce our legal rights.
- Transfer Requests. GoGuardian Offerings allow Authorized School Personnel to download information on behalf of a parent, legal guardian, eligible student, or School Personnel. If GoGuardian Offerings do not cover the scope of the transfer request, GoGuardian will, following documented instructions from the School, honor the requests from the parent, legal guardian, eligible student, or Authorized School Personnel for the transfer of Personal Student Information or personal data of the Authorized School Personnel by utilizing the same guidelines as described above in “Review, Correction, and Deletion Requests” in compliance with and as required by relevant law.
- Transfer Requests for Student-Generated Content. California law requires website operators to transfer student-generated content to the student’s personal account when requested by an eligible student, parent, or guardian. GoGuardian Offerings are not used as the primary platform for students to submit their own content. To the extent that students in California, or in other states with similar transfer laws, submit their content on GoGuardian Offerings, the appropriate parent, guardian, or eligible student may submit a request to firstname.lastname@example.org to transfer this information to him/her. Following verification of the requestor’s authorization to receive the information (which may require verification by the requestor’s School), we will provide the student-generated content that we have in a commercially reasonable amount of time in either a CSV or other mutually-agreeable format. Please note that we cannot guarantee retention of student-generated content.
How We Protect Your Information
GoGuardian takes the security and privacy of your School’s data very seriously. For these reasons, GoGuardian has implemented various technical, administrative, and physical safeguards to protect your information, including specific training of our personnel authorized to access Personal Student Information and other information. These safeguards vary depending on the sensitivity of the information at issue.
GoGuardian is committed to preventing unauthorized access to our systems and data, and will investigate any possible occurrence. In the event of a breach of Personal Student Information, GoGuardian will comply with all relevant breach laws to assist the School or provide notification as required to you, a School, affected parents, legal guardians, eligible students, and regulators.
NOTICE TO E.E.A. AND OTHER NON-U.S. RESIDENTS
European Union (“EU”) data protection laws make a distinction between organizations that process personal data for their own purposes (known as "data controllers") and organizations that process personal data on behalf of other organizations (known as "data processors"). Depending on the particular circumstance, GoGuardian and your School may act either as a data controller or a data processor of your personal data. The laws in some jurisdictions like the EU also require data controllers to share the legal ground that they rely upon to use or disclose personal information.
GoGuardian as a Data Controller Vs. Data Processor
GoGuardian is considered the “processor” of School Information (except for School Profile Information), Personal Student Information and Parent/Guardian Information. GoGuardian collects, uses, shares and discloses this information as a processor on behalf of and at the instruction of the School controller, pursuant to our EULA and, if applicable, DPA. If you have a question or complaint about how your personal data is handled, please contact your School.
Our legal grounds for using School Profile Information and School Log and Cookie Information are as follows:
- Contractual Commitments: We use, share, and disclose information to honor our contractual commitments to a School.
- Legal Compliance: We need to use, share, and disclose information in certain ways to comply with our legal obligations.
- With Your Consent: Where required by law, and in some other cases, we use, share, or disclose information on the basis of consent.
- Legitimate Interests: In many cases, we use, share, or disclose information on the ground that it furthers our legitimate business interests in ways that are not overridden by the interests or fundamental rights and freedoms of the affected individuals, such as customer service, analyzing and improving our business, promotional activities, providing security for our GoGuardian Offerings, preventing fraud, and managing legal issues.
Information Transfer To The United States
GoGuardian Offerings are operated in the United States. If you are located outside of the United States, please be aware that any information that you provide to us will be transferred to and/or accessed within the United States. The recipients of information described in the relevant “How We Share Information” sections above may be located in the United States. This information may be subject to United States law, including laws that may require disclosure of personal information to government authorities. Schools may export Personal Data to jurisdictions outside the European Economic Area on the basis of legal mechanisms approved by the European Commission and other relevant authorities for cross-border data transfers, such as Standard Contractual Clauses.
- European Union-United States and Swiss-United States Privacy Shield: GoGuardian has certified to the EU-United States and Swiss-United States Privacy Shield Frameworks as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of “personal data” (as defined under the Privacy Shield principles) from applicable European countries. We recognize that the Court of Justice of the European Union ruled in July 2020 that a certification under the EU-U.S. Privacy Shield Framework no longer can serve as the basis by which entities subject to the GDPR export Personal Data to jurisdictions outside the European Economic Area. GoGuardian will continue to honor its obligation to comply with the Privacy Shield Principles with respect to data that was transferred pursuant to the Privacy Shield Framework. For such data, GoGuardian has certified that we adhere to the Privacy Shield Principles of notice, choice, purpose limitation, onward transfer, security, data integrity, access, recourse, liability, and enforcement for such personal data. To learn more about the Privacy Shield Framework, visit the Department of Commerce’s Privacy Shield list by clicking here. As required under the principles, when GoGuardian receives personal data under the Privacy Shield and then transfers it to a third-party service provider acting as an agent on GoGuardian’s behalf, we have certain liability under the Privacy Shield if both (i) the agent processes the information in a manner inconsistent with the Privacy Shield; and (ii) GoGuardian is responsible for the event giving rise to the damage.
- Choices of International Users: Some international users (including those whose information we collect under the Privacy Shield) of GoGuardian Offerings have certain legal rights to access certain information that we hold about them and to request its deletion. Please see the “Choices about Information Collected through GoGuardian Offerings” section above for more information.
How To Contact Us and Dispute Resolution
Dispute Resolution for EU and Swiss Residents: If you are a resident of the EU or Switzerland and are dissatisfied with the manner in which we have addressed your concerns, you may seek further assistance, at no cost to you, from our designated Privacy Shield independent recourse mechanism, the JAMS Privacy Shield Program, which you can learn more about by visiting https://www.jamsadr.com/eu-us-privacy-shield. Residents of the EU or Switzerland may, in certain circumstances, elect to arbitrate unresolved complaints by invoking binding arbitration pursuant to the Privacy Shield’s Recourse, Enforcement and Liability Principle and Annex I of the Privacy Shield but prior to initiating such arbitration, you must: (1) afford us the opportunity to resolve the issue; (2) seek assistance via GoGuardian’s recourse mechanism above; and (3) contact the U.S. Department of Commerce (either directly or through a European Data Protection Authority) and afford the Department of Commerce time to attempt to resolve the issue. Each party shall be responsible for its own attorney’s fees. Please be advised that, pursuant to the Privacy Shield, the arbitrator(s) may only impose individual-specific, non-monetary, equitable relief necessary to remedy any violation of the Privacy Shield Principles with respect to the individual. GoGuardian is subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission (FTC).
For Australian residents: If you are located in Australia, and are dissatisfied with the way we have handled a privacy issue, you may contact the Office of the Australian Information Commissioner for more information www.oaic.gov.au.
For Singapore residents: If you are located in Singapore, and are dissatisfied with the way we have handled a privacy issue, you may contact the Personal Data Protection Commission for more information www.pdpc.gov.sg.
What are cookies?
Cookies are small text files stored on your computer that allow us to understand usage of GoGuardian Offerings. Cookies include cookies, Internet server logs, tags, Software Development Kit/SDKs, tracking pixels, and other similar tracking technologies. A number of Cookies that we use last only for the duration of your session, expiring when your session ends (the so-called "session cookies"). Other Cookies are used to help our systems recognize you if you return to GoGuardian Offerings and will thus retained longer (the so-called "persistent cookies"). Some of the cookies used on our GoGuardian Offerings are set by us, and some are set by third parties that are delivering services on our behalf.
What types of Cookies does GoGuardian use and what data do they collect?
- understand usage of GoGuardian Offerings and to improve these GoGuardian Offerings;
- authenticate your account; and
- remember your settings and account information.
We do not use any advertising Cookies in our Offerings and we do not place advertisements in GoGuardian Offerings.
What are my choices about Cookies?
You can learn more about how Cookies work and how to turn them off in your particular browsers. Please remember that if you replace, change or upgrade your browser, or delete your Cookies, you may need to use these opt-out tools again.
For information about Cookies used by the developers of these browsers, please visit:
For controls specific to advertising and analytics services offered by Google, click here from each of your browsers.
Note About Do Not Track: Do Not Track (“DNT”): is a privacy preference that users can set in certain web browsers to inform websites and services that they do not want certain information about their webpage visits collected over time and across websites or online services. Some browsers do not recognize DNT settings. At this time, we do not recognize or respond to browser-initiated DNT signals because we do not track you across websites.
How to Contact Us
If you have questions or concerns, the best way to reach us is by emailing email@example.com. You can also reach us by calling 888-310-0410 or by writing to Liminex, Inc. dba GoGuardian, Attn: Chief Privacy Officer, 2030 East Maple Avenue, El Segundo, California 90245.
Additionally, please feel free to consult additional resources such as the ones listed below.
Student Privacy Resource List: