District Zero Privacy Policy
Last Updated: October 7th, 2024
Introduction
Welcome to District Zero (“we,” “us,” or “our”). We are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our wellness-first learning platform designed to support students, educators, mentors, and medical professionals in K-12 and medical education settings.
We provide our services (“Services”) directly to learners and leaders who sign up on our website, and to our clients, such as school districts, who offer our Services to their own users (“end users”). If you are an end user of our client and we are providing our Services on our client’s behalf, our client’s privacy policy governs the use of your personal information. This Privacy Policy does not supersede the terms of any agreements between us and our client (or any other client or third party), nor does it affect the terms of any agreement between you and our client.
Please read this Privacy Policy carefully. By using our Services, you agree to the collection and use of your information as described in this Policy.
Table of Contents
• Information We Collect for Our Own Business Purposes
• Information We Collect on Behalf of Our Clients
2. Cookies and Other Information Collected by Automated Means
3. Our Use of Personal Information
• Our Use of Personal Information for Our Own Business Purposes
• Our Use of Personal Information on Behalf of Our Clients
6. Privacy Preferences, Rights, and Choices
• Access or Correct Personal Information
7. International Data Transfers
9. Links to Other Websites and Third-Party Content
• Information We Collect for Our Own Business Purposes
• Information We Collect on Behalf of Our Clients
• Family Educational Rights and Privacy Act (FERPA)
• State Student Data Privacy Laws (e.g., SOPPA)
12. Changes to Our Privacy Policy
1. Information We Collect
Information We Collect for Our Own Business Purposes
We may collect information about individuals who interact with District Zero when using our website or Services (such as learners or leaders who sign up directly on our website, or employees of our clients who are browsing the website).
Information You Provide to Us
Personal information you may provide to us through the Services or otherwise includes:
Account Information: Your name, email address, date of birth, and school/district name.
Login Credentials: Passwords and similar security information that we use for authentication and account access.
Payment Data: Credit card information that leaders may provide to pay for upgrades to the platform.
Content and Activity: Your responses to check-in questions, messages, and other information you submit through your engagement with the platform.
Communications: Information you provide when you contact us with questions, feedback, or otherwise.
Marketing Data: Your preferences for receiving our marketing communications and details about your engagement with them.
Subprocessors: We engage with subprocessors to enhance our service offerings. These include:
• OpenAI: For language processing and safety moderation.
• Hume AI: For emotion expression predictions.
• AWS Comprehend: For natural language understanding.
• Vercel: For hosting and deployment services.
• Resend Labs: For email communication.
These subprocessors are used to provide analytics and insights to improve your experience.
Third-Party Sources
We may combine personal information we receive from you with personal information we obtain from other sources, such as social media platforms on which you share District Zero content.
Information We Collect on Behalf of Our Clients
We may collect information on behalf of our clients, such as school districts. This means that our client’s privacy notice governs the use of your personal information (instead of ours). Our clients determine what information we collect through the Services and how it is used, and we process your information according to our client’s instructions and the terms of our contracts with our clients.
Information Our Client Provides to Us
Typically, our clients will provide us with information about you to set up and maintain your account or for us to be able to provide the Services, such as your account information and enrollment information.
Information We Collect Directly from You
To provide you with the Services, we will collect some information directly from you on our platform, such as your profile information (including contact details and biographical information), login credentials, content and activity, and communications we exchange with you.
Third-Party Sources
We may combine personal information we receive from you with personal information we obtain from other sources, such as social media platforms on which you share District Zero content.
2. Cookies and Other Information Collected by Automated Means
We, and our service providers, may collect certain information from individuals about the use of our websites by automated means, such as cookies, web beacons, and other technologies. A “cookie” is a text file that websites send to a visitor’s computer or other Internet-connected device to uniquely identify the visitor’s browser or to store information or settings in the browser. A “web beacon,” also known as an Internet tag, pixel tag, or clear GIF, is used to transmit information back to a web server.
The information collected by automated means includes:
• Details about the devices that are used to access our websites (such as the IP address, and type of operating system and web browser).
• Dates and times of visits to, and use of, our websites.
• Information about how our websites are used (such as the content that is viewed on our websites and how users navigate between our webpages, and the date and time of access).
• Details about how individuals interact with our emails (such as whether the email is opened and which links are clicked in the email).
• URLs that refer visitors to our websites.
• Search terms used to reach our websites.
Web browsers may offer users the ability to disable receiving certain types of cookies; however, if cookies are disabled, some features or functionality of our websites may not function correctly.
Because there is not yet a consensus on how companies should respond to web browser-based do-not-track (“DNT”) mechanisms, we do not respond to web browser-based DNT signals at this time. Please see the Privacy Preferences, Rights, and Choices section below for information about how you may opt out of, or limit the use of, these automated technologies.
3. Our Use of Personal Information
Our Use of Personal Information for Our Own Business Purposes
We use personal information for our own business purposes that we collect from individuals who sign up directly on our website, employees of our clients who are browsing the website, and other individuals.
We may use personal information to:
• Provide, operate, and improve the Services.
• Communicate about the products and services we offer, and respond to requests, inquiries, comments, and suggestions.
• Establish and maintain an individual’s profile on the website.
• Tailor the content we display in our communications and on the website.
• Administer surveys and other market research.
• Comply with legal requirements, judicial process, and our company policies (including to verify users’ identity in connection with access or correction requests).
• Protect against, identify, investigate, and respond to fraud, illegal activity (such as incidents of hacking or misuse of our websites and mobile applications), and claims and other liabilities, including by enforcing the terms and conditions that govern the services we provide.
We may aggregate and/or de-identify any information that we collect, such that the information no longer identifies any specific individual. We may use, disclose, and otherwise process such information for our own legitimate business purposes—including historical and statistical analysis and business planning—without restriction.
Data Analysis and Insights
We do not sell your personal information. We may use de-identified or aggregated data for analytics and insights to improve our Services. Our subprocessors assist us in processing data to provide analytics and understandings, but they do not retain or use your personal information for their own purposes.
Our Use of Personal Information on Behalf of Our Clients
We use personal information we collect on behalf of our clients to provide Services to our clients at their direction. We do not use this information for our own purposes. We use personal information only as directed or authorized by our client. Typically, we are directed or authorized to use personal information collected on behalf of the client to provide, operate, and improve the Services and our business.
Where the agreement with our client gives us the permission, we may also use your personal information to evaluate and improve our products and services and develop new products and services. We may use de-identified information for purposes such as carrying out research and analyzing trends to better understand how users are using our products and services and further improve them.
Please read our client’s privacy notice for more details on how our client, such as your school district, uses your personal information.
4. Information We Share
We may share personal information for the purposes set out in this Privacy Policy with:
• Authorized Mentors and Mentees: Raw check-in data and personal information are only shared between authorized mentors and mentees within established relationships. Only owners (e.g., educators or administrators) and authorized mentors can invite new authorized members.
• Service Providers: We share information with our trusted service providers who perform services on our behalf, such as technology providers (including providers of payment processing, technology support, web hosting, and email communications). Our service providers are contractually obligated to protect your information and are not permitted to use your information for any purpose other than providing services to us.
• Compliance with Laws: We may disclose your information to comply with legal and regulatory requirements, and protect against and prevent fraud, illegal activity, and claims and other liabilities.
No Sale of Personal Information
We do not and will not sell or rent your personal information to third parties. We are committed to protecting your privacy and ensuring that your personal information is used solely for the purposes described in this Privacy Policy.
5. Data Storage and Security
Storage on Secure US-Based Servers
Your personal information is stored on secure servers located in the United States. We employ industry-standard security measures to protect your data from unauthorized access, alteration, disclosure, or destruction.
Data Encryption
• In Transit: All data is encrypted during transmission using Transport Layer Security (TLS) protocols.
• At Rest: Data is encrypted when stored on our servers.
Backup and Recovery
• We maintain multiple backup environments to ensure data integrity and availability.
• We have disaster recovery plans in place to recover data in case of a system failure.
Logging and Auditing
• We keep detailed logs of system activities to monitor and prevent unauthorized access.
• Regular security audits and assessments are conducted to ensure compliance with industry standards.
Data Retention
We retain your personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.
6. Privacy Preferences, Rights, and Choices
Individuals have certain rights and choices regarding our processing of their personal information. Please note that if the exercise of these rights limits our ability to process personal information, we may be precluded from providing the Services to individuals who exercise these rights, or from otherwise engaging with such individuals going forward.
Individuals whose personal information we process on behalf of a client should contact that client to exercise the rights and choices described in this Privacy Policy.
We reserve the right to verify the identity of the individual in connection with any requests regarding personal information to help ensure that we provide the information to individuals to whom the information pertains, and allow only those individuals or their authorized representatives to exercise rights with respect to that information.
Access or Correct Personal Information
You may request to access the personal information that we maintain about you. If we grant your request, we will provide you with a copy of the personal information we maintain about you in the ordinary course of business, in a commonly used format. You may request to correct any errors in your personal information. We may reject your request to access or correct your information, as permitted by applicable law. If we reject your request, we will notify you of the reasons for the rejection.
To exercise these rights, please contact us at support@districtzero.co.
Marketing
No Behavioral Advertising to Students in Our Products and Services
We do not use or disclose information (whether personal information or otherwise) about students that we collect through the educational products and services we provide on behalf of educational institutions, such as school districts, for behavioral targeting of advertisements to students.
Promotion of Products and Services
We conduct marketing to promote our products and services. This marketing is generally aimed at staff of our current and potential clients. However, we do not restrict activities and events to those audiences when such activities and events benefit other users of the Services, such as webinars that explain how our products and services can be used effectively.
Marketing Preferences and Opt-Out
You may unsubscribe from receiving marketing or other commercial emails from District Zero by following the instructions included in the email. However, even if you opt out of receiving such communications, we retain the right to send you non-marketing communications (such as information about changes to our website terms).
Blocking Cookies in Your Browser
Most browsers let you remove or reject cookies. To do this, follow the instructions in your browser settings. Many browsers accept cookies by default until you change your settings. For more information about cookies, including how to see what cookies have been set on your device and how to manage and delete them, visit www.allaboutcookies.org. You can also opt out of Google Analytics by downloading and installing the browser plug-in available at: https://tools.google.com/dlpage/gaoptout. Note that because these opt-out mechanisms are specific to the device or browser on which they are exercised, you will need to opt out on every browser and device that you use.
7. International Data Transfers
We are headquartered in the United States, and your personal information is stored on secure servers located in the United States. If you are accessing our Services from outside the United States, please be aware that your information may be transferred to, stored, and processed in the United States. We take steps to ensure that your data is treated securely and in accordance with this Privacy Policy.
8. How We Protect Information
We maintain reasonable administrative, technical, and physical safeguards designed to protect the personal information we maintain against accidental, unlawful, or unauthorized access, disclosure, alteration, use, loss, or destruction. However, no method of transmission over the Internet or electronic storage is completely secure, and we cannot guarantee the absolute security of your personal information.
9. Links to Other Websites and Third-Party Content
Our Services may contain links to websites and other third-party content that is not owned or operated by District Zero. The websites and third-party content to which we link may have separate privacy notices or policies. District Zero is not responsible for the privacy practices of any entity that it does not own or control. We encourage you to read the privacy policies of any third-party websites you visit.
10. Children’s Privacy
Information We Collect for Our Own Business Purposes
Because our Services can be used by learners of all ages, we may collect personal information of children under thirteen (13) through the Services. We will obtain prior verifiable consent from the parent or legal guardian of children under 13 before such collection, unless the collection of information falls within an exception that is permitted by applicable law. The information will be collected as necessary for the child to use the Services, and it will only be retained as is reasonably necessary to allow your child to use the Services, or as required by law. In addition, this information will only be used for internal business purposes, and will be shared with third parties only as allowed by applicable law.
Personal Information We May Collect from Children Includes:
• Account Information: Such as the child’s name, email address, and date of birth.
• Login Credentials: Passwords and similar security information that we use for authentication and account access.
• Content and Activity: The child’s responses to check-in questions and other information they submit through their engagement with the platform.
• Communications: Information exchanged when the child contacts us with questions, feedback, or otherwise.
Parents or legal guardians may contact us as set forth below to ask if we have collected their child’s personal information, to review the information or request that it be deleted, or to withdraw their consent for us to collect such information. We reserve the right to verify that the requester is in fact the child’s parent or legal guardian. In any correspondence, please include the child’s name and the parent’s email address and telephone number.
• Contact Information:
• Address: Elmhurst, IL 60126
• Phone: +1-872-395-3526
• Email: support@districtzero.co
Information We Collect on Behalf of Our Clients
We do not knowingly collect any information from children under 13 on behalf of our clients unless and until the relevant institution has provided consent and authorization for a student under 13 to use the Services and for us to collect information from such student.
Where a client instructs us to collect personal information from children under the age of 13, we collect, use, process, and retain such information solely to provide the educational services on behalf of the client and for the purposes set forth in our agreement with the client. We collect only as much information as is necessary to provide the Services, and the client may access, delete, or withdraw consent for continued processing of the child’s information at any time. If you have any questions about reviewing, modifying, or deleting personal information of a child under the age of 13, please contact your educational institution directly.
11. Education Privacy Laws
Family Educational Rights and Privacy Act (FERPA)
We provide educational products and services to school districts and other educational institutions. Through the provision of these products and services, we collect personal information from or about students, which may include educational records governed by the Family Educational Rights and Privacy Act (FERPA). We do not use information covered by FERPA for any purpose other than improving and providing the Services to the educational institution or on the educational institution’s behalf. Our collection, use, and sharing of such data is governed by our contracts with the educational institutions and the provisions of FERPA, but not by the provisions contained in this Privacy Policy. If you have any questions about reviewing, modifying, or deleting personal information of a student, please contact your educational institution directly.
State Student Data Privacy Laws (e.g., SOPPA)
Through our provision of educational products and services to school districts and other educational institutions, we collect personal information from or about students used for K-12 school purposes. This information may be governed by state student data privacy laws, such as the Student Online Personal Protection Act (SOPPA). We do not use any personal information covered by these laws to provide targeted advertisements, or to profile students except in furtherance of school purposes, and we do not rent or sell such information. We maintain reasonable safeguards to store this information and do not disclose this information except as described in this Privacy Policy.
12. Changes to Our Privacy Policy
District Zero reserves the right to change this Privacy Policy at any time. If we make material changes to this Privacy Policy, we will notify you by updating the date of this Privacy Policy and posting it on the website. We may also provide notification of changes in another way that we believe is reasonably likely to reach you, such as via email (if you have an account where we have your contact information) or another manner through the Services.
13. How to Contact Us
You may contact us with questions, comments, or complaints about this Privacy Policy or our privacy practices, or with requests to access or correct your information, by emailing support@districtzero.co or writing to us at:
• Address: Elmhurst, IL 60126
• Phone: +1-872-395-3526
Thank you for trusting District Zero with your personal information. We are dedicated to maintaining the highest standards of privacy and security to support your learning and mentorship journey.