At LLS, your privacy is important to us. That is why we take all commercially reasonable means to secure and protect your data and the data of authorized users.
Policy Regarding Children
LLS understands that as a function of providing curriculum resources to schools, it will encounter and receive data from students who are considered minors. LLS will only store the data for as long as necessary for usage. After the functional use of the data is complete, LLS will make commercially reasonable efforts to eliminate the data to protect the personally identifiable information (“PII”) of minors. LLS use of data and data storage complies with COPPA concerning the privacy of minors. See Page 7 of this Policy.
Collection and Use of Data
Personally Identifiable Information ("PII")
PII as used in this Policy is information that we directly associate with a specific person or entity, such as name, address, social security number, telephone number and email address. In addition to this PII, LLS also stores academic information, which is included as PII. These include, but are not limited to, grades, IEPS, health records, and test scores. The PII you provide will vary based upon the context, and LLS will not collect your PII unless you make it available.
Protecting Data During Collection
We take precautions to protect your information. When you submit sensitive information to LLS, your information is protected both online and offline. We use appropriate security measures to protect the security of your data both online and offline. These measures vary based on the sensitivity of the information that we collect, process, store, and the current state of technology. Please note, though, that no website or internet transmission is completely secure, so while we strive to protect your data, we cannot guarantee that unauthorized access, hacking, data loss or a data breach will never occur.
In order to best serve these goals of protecting privacy, users should follow good practices for creating and storing passwords. Use strong passwords, with the general rule being the longer the password, the more secure, and using a combination of capital and lowercase letters, numbers and symbols. Passwords are only as strong as users make them and strong passwords are the best way to protect data on the user side. LLS cannot guarantee that passwords will be secure, but stronger passwords create significant hurdles for hackers and other data threats.
LLS collects information when you create a customer profile or other account on our website, which is required in order to access certain areas of our website, purchase support, plans and products, to obtain software downloads and certain online support services and to request information from us about our products and Services. This information includes company name and contact information and other information about your company (for example, size, revenue, and number of employees), the products you may have licensed and other non-LLS products you may currently use. We use this information in accordance with this Policy to identify you, process your requests and administer Services.
We request information from you on our order form. To buy from us, you must provide contact information (like name and shipping address. This information is used for billing purposes and to fill your orders. If we have trouble processing an order, we will use this information to contact you.
LLS may place “cookies” on the browser of your computer. Cookies are small pieces of information that are stored by your browser on your computer’s hard drive. Cookies may enhance the convenience and use of our website. For example, the information provided through cookies may be used to recognize you as a previous user of our website (so you do not have to enter your personal information every time), offer personalized information for your use, and otherwise facilitate your experience using our website. You may choose to decline cookies if your browser permits, but doing so may affect your ability to access or use certain features of our website.
LLS may also utilize web beacons on our website. A “web beacon,” also known as an Internet tag, pixel tag or clear GIF, links web pages to web servers and their cookies and may be used to transmit information collected through cookies back to a web server. The information collected through these automated means may include information that we gather and store about your visit to, and use of, our websites, such as your IP address, type of browser and operating system used, date and time you access the websites, pages you visit, and, if you linked to the Websites from another website, the address of that website. This data does not include PII and is not treated as PII under this Policy, but it may include the IP address of your device. We may link an IP address to information that is personally identifiable. Most web browsers automatically accept cookies, but you can disable this function so that your browser will not accept cookies. Please be aware that disabling this function may impact your use and enjoyment of our website.
LLS may retain your information for a period of time consistent with the original purpose of collection. For instance, we may retain your information during the time in which you have an account to use our Services and for a reasonable period of time afterward. We also may retain your information during the period of time needed for us to pursue our legitimate business interests, conduct audits, comply with our legal obligations, resolve disputes and enforce our agreements. You may opt out of any future contacts from us at any time. Additionally, if the collection of your personal data was based on your consent, you have the right to revoke that consent at any time. Be aware that by revoking consent, you may lose access to Services you previously opted to use. You may request to review, correct, delete, or otherwise modify any of the personal information that you have previously provided to us through our website(s) and Services. You can do the following at any time by contacting us via the email address or phone number provided below.
LLS represents and warrants that it has in place physical, administrative, technical, electronic and operational safeguards and procedures consistent with best practices and industry standards and with applicable laws to protect the confidentiality of all such PII to at least the same degree that LLS protects its own sensitive data, but in no event with less than a reasonable degree of care, which measures include as applicable:
- Access controls on information systems, including controls to authenticate and permit access only to authorized individuals and controls to prevent employees from providing PII to unauthorized individuals who may seek to obtain this information through fraudulent means;
- Access restrictions at physical locations containing PII, such as buildings, computer facilities, warehouses, and record storage facilities to permit access to only authorized individuals;
- Encryption of electronic PII while in transit;
- Procedures designed to ensure that information system modifications are consistent with the information security measures;
- Segregation of duties, and employee background checks for employees with responsibilities for or access to PII, which background checks include verification of identity, including social security number for United States citizens, criminal background check, secondary education, and prior employers, and a prohibited party search (OFAC);
- Monitoring systems and procedures to detect actual and attempted attacks on or intrusions into information systems;
- Response programs that specify actions to be taken when LLS detects unauthorized access to information systems, including immediate reports to Customer; and
- Measures to protect against destruction, loss or damage of PII due to potential environmental hazards, such as fire and water damage or technological failure.
LLS agrees to disclose to you the occurrence of any misuse or wrongful disclosure of PII, including but not limited to systems breaches that may adversely affect you or your employees or users (Data Breach).
LLS will, (a) with reasonable advance notice, or as otherwise approved by LLS, or (b) as required by governmental regulating authorities, allow you or your auditors including internal audit staff, inspectors and other representatives as you may designate in writing, access at all reasonable times to the applicable LLS operations center, to LLS personnel providing the Services, and to logs relating to the Services for the purpose of performing audits and inspection to verify the integrity of PII and to examine our performance of the Services hereunder. You will provide the scope of such audit and such audits will be limited to audits of (i) practices and procedures, (ii) systems, (iii) general controls and security practices and procedures, and (iv) backup procedures. The parties hereto agree to make appropriate arrangements to provide that any audit will not unreasonably interfere with LLS’s ability to perform the Services, will not include LLS’s provision of services to other customers, and will be subject to LLS’s routine security and confidentiality procedures, practices, and policies. Audits will be at your sole expense.
LLS shall promptly make available to you a summary copy of applicable and available current third-party data processing audits or reviews relevant to the Services provided to you. All the information provided to you under this Section shall be Confidential Information of LLS and shall be treated as such by you.
LLS maintains cyber security insurance with an insurer having an AM Best Rating of “A” or its functional equivalent. Any such insurance policy shall (i) provide coverage for cyber incidents, including data breaches, business interruption, and network damage and (ii) shall not be reduced or canceled without 30 days prior notice given to you.
Students who use LLS Services have access to certain PII, including their own name, address, and academic information. LLS strongly recommends that students have robust and unique passwords for each student. ANY DATA BREACHES INVOLVING ANY VARIANCE FROM THIS POLICY, INCLUDING HAVING SHARED PASSWORDS BY STUDENTS, SHALL NOT BE THE RESPONSIBILITY OF LLS. IF ANY SUCH BREACHES OCCUR DUE TO ANY VARIANCE FROM THIS POLICY, YOU WILL FULLY INDEMNIFY AND HOLD LLS HARMLESS FROM ANY AND ALL DAMAGES, COSTS AND EXPENSES RESULTING FROM SAID BREACH.
Administrators who use LLS Services have access to significantly more PII than the students, including student’s names, addresses, and academic information, including IEPs, grades, attendance records, and other personal information. LLS strongly recommends that all administrators have robust and unique passwords. ANY DATA BREACHES INVOLVING ANY VARIANCE FROM THIS POLICY, INCLUDING HAVING SHARED PASSWORDS BY USERS, SHALL NOT BE THE RESPONSIBILITY OF LLS. IF ANY SUCH BREACHES OCCUR DUE TO ANY VARIANCE FROM THIS POLICY, YOU WILL FULLY INDEMNIFY AND HOLD LLS HARMLESS FROM ANY AND ALL DAMAGES, COSTS AND EXPENSES RESULTING FROM SAID BREACH.
California Residents’ Privacy Rights
Pursuant to Section 1798.83 of the California Civil Code, residents of California have the right to request from a business, with whom the California resident has an established business relationship, certain information with respect to the types of personal information the business shares with third parties for direct marketing purposes by such third party and the identities of the third parties with whom the business has shared such information during the immediately preceding calendar year. To request a copy of such information, please contact us as described in the “Questions, Concerns or Complaints” section below, and we will respond within 30 days as required by law.