Introduction
In this Privacy Policy, Ohio University’s Center for Intervention Research in Schools (“CIRS”, “we,” “us” or “our”) explains our policies and procedures for data collection, use, maintenance, protection, and disclosure when you visit our website or use any DRCO applications (collectively, the “Service”). This policy is effective as of October 22, 2021.
We understand that when you use our Service you are entrusting us with your child’s/student’s personal information. As a result, we have crafted this Privacy Policy (“Privacy Policy”), so that we can protect your child’s/student’s personal information and inform you of your child’s/student’s privacy rights. We always strive to respect the privacy of all parties. We do NOT sell any information collected in the use of the Service.
This Privacy Policy provides general information about the privacy practices of CIRS, the Service, and its related platforms. Your use of the Service constitutes acceptance by you of this Privacy Policy.
We will update this policy as we adjust our procedures to protect the collected information. Before these changes go into effect, we will post the updated policies and procedures here, along with an effective date for the amended Privacy Policy. Once we alter the policy, continued use of the Service on or after the effective date is considered consent to the amended Privacy Policy.
Information We Collect
Contact Information
We may collect contact information, which includes personal information like a teacher’s name and e-mail address; student’s name; and the name and e-mail address of the student’s parent/guardian.
School Information
We may collect information about the student’s school, including the name of the school district, school, grade level, and information about academic and behavioral performance.
Location
Our Services may learn your geographic location, including by collecting your IP address or other device information, which may depend on your device’s settings for location services.
Device Information
We may learn about your browser, device type, IP address, internet service provider, and other technical information about your device when you use our Services.
Website Interactions
We collect information about your interactions with our Services, including pages visited, links clicked, buttons clicked, mouse movement, scroll behavior, and non-sensitive keystroke activity. This information could include personal information, depending on what information you provide.
Submitted Content
We collect any content you submit to us through use of the Services.
How We Collect Your Information
Information We Collect From You
We collect information directly from you, when you provide such information to us, contact us with questions or comments, or upload content through the Services.
Student Information
The data generated through use of the Service may include personal information about individual students. This information is housed/stored on a secure server hosted by DRCO. DRCO follows Ohio University Information Security Standards (https://www.ohio.edu/oit/security/policy-and-practices/consulting/standards), which includes HIPAA, FERPA, and NIST information security standards, where applicable. When school personnel use the website Services, only the teacher and authorized members of an intervention team at the school can see the student’s identity.
CIRS researchers only have access to de-identified data that conceals student and parent names (i.e., student and parent names are replaced by ID numbers). The researchers utilize the de-identified data to measure the effectiveness of the interventions to improve CIRS methods and practices, including modifying the Service accordingly. Research results (that are de-identified and in aggregate form) are shared with the broader academic and educational community through conference presentations and journal publications. Despite the very low risk of re-identification, the CIRS researchers do not share the de-identified data.
Cookies & Web Analytics
Some information, including but not limited to IP addresses, operating systems, browsers, and browsing patterns, is either tracked or collected using “cookies” (which are small data files that a website places on your hard drive for record-keeping purposes) or “web beacons” (which are transparent pixel images that are used in collecting information about website usage). We use these to improve our content and to meet your needs. While most of the cookies we use will “disappear” when you finish browsing, we also use persistent cookies. Persistent cookies stay on your device simply to ensure we recognize your device when you revisit the Service.
Please note that there are options on most browsers (like Google Chrome, Mozilla Firefox, Safari, and Internet Explorer) to disable cookies. You can choose to use such features to disable cookies, but it may impact your use of certain functions included in the Service. To learn more about your ability to manage cookies and web beacons, please consult the privacy features in your browser.
Google Analytics
We may use Google Analytics to collect information about your use of the Service. Google Analytics collects certain information, such as how often you use the Service, the pages you visit, and the websites you used prior to using the Service. We may use the information received from Google Analytics to improve the Service. Google Analytics collects only the IP address assigned to you on the date you visit the website, rather than your name or other identifying information.
We do not combine identifiable information collected through the use of Google Analytics with any other information collected from you unless you have provided consent to do so through a specific research project associated with Ohio University. Although Google Analytics stores a permanent cookie on your machine to identify you as a unique user the next time you use the Service, the cookie cannot be used by anyone but Google. Google’s ability to use and share information collected by Google Analytics is governed by the Google Analytics Terms of Use available at http://www.google.com/analytics/tos.html and the Google Privacy Policy available at http://www.google.com/intl/en/analytics/privacyoverview.html.
You can prevent Google Analytics from recognizing you by disabling cookies on your browser. We also use Google Analytics for Firebase. In connection with Google Analytics for Firebase, we use the following features: dashboard, events, conversions, audiences, funnels, latest release metrics, and retention.
Other Third Parties
We work with other third parties who provide services to us, like analytics or advertising companies. These third parties share information they have collected with us. Other Service users may also share your information with us.
How We Use Your Information
We may use your personal information for the following purposes:
Providing Service: We may use your personal information to provide you with Services that you have ordered or requested.
Communication: When you contact us, we may use your personal information (like your e-mail address) to reply and provide you with the Service or information you requested. We also may use your personal information to collect feedback on our Service and policies.
Service Improvement: We reserve the right to use your personal information and browsing behavior to personalize the Service and improve the overall user experience. We also may use personal information to evaluate response rates or gauge the usability of the Service.
Protect Content: In order to stop malicious, deceptive, fraudulent or illegal activity from occurring on the Service, we may use identifying information to monitor users’ behavior. Our attempts to prevent malicious, deceptive, fraudulent, or illegal Internet activity may result in the suspension of some users from the Service.
Data Processing: We process your information so that we can improve the Service and deliver information that you have either already requested or that we believe you would be interested in. Any information we transfer to a third-party processor that is not affiliated with CIRS is done so as permitted by law. CIRS uses, among others, Amazon Web Service, Amazon Simple Email Service and various Service provided by Google LLC in connection with the Service. We will enter into agreements with any such third-party processors to ensure that they will not further collect, sell, or use your personal information except as necessary to perform data processing for us.
How We Share Information and For What Purposes
We may share your personal information with third parties for certain purposes. For example, we share personal information with:
Service Providers
We partner with third parties to assist with many aspects of the Services, including to provide the Service to you, advertising, analyzing your interests and activity on our Service, and helping us communicate with you. These third parties may provide services related to any of the purposes described in How We Use Your Information, and we may share with them any types of information described in Information We Collect. We may also receive information collected by these third parties and combine it with the information we have collected.
Required By Law
We may disclose your information if needed to comply with a court order, law, legal proceeding, or request from the government. We also reserve the right to disclose your information if we have a reasonable belief that such disclosure is fundamental to the safety of individuals associated with CIRS or others unaffiliated with the company, or to report or investigate fraud or a crime.
Parties to a Business Transaction
We reserve the right to transfer any information we have about you in the event we sell or transfer all or a portion of our business or assets. Should such a sale or transfer occur, we will use reasonable efforts to require that the transferee use personal information provided to us in a manner that is consistent with this Privacy Policy.
Data Retention
We will retain personal information for as long as required for the purpose for which we have collected such personal information. Where we collect personal information to provide a service for you, we will retain such personal information for as long as such Service is provided. Where we collect personal information for our legitimate interests, we will retain such personal information for as long as needed to fulfill such interests.
External Links
The Service may contain links to third-party material, including other websites such as e-commerce platforms. This material is not affiliated with, or owned by, Ohio University or DRCO and other websites may have their own terms and conditions and privacy policies. After you choose to follow the link and leave the Service, we are not responsible for the content of those websites, or their privacy policies. We have no control over what information they collect, or how they choose to use that information.
Security
Security is important to us. We utilize standard and reasonable security methods, including administrative, technical and physical protections, to prevent the theft, access, alteration, destruction, or disclosure of your information. Nonetheless, no network, website, or communication using the Internet is perfectly secure. We will attempt to protect your information, but we cannot guarantee the safety of any information you send to us, and you do so at your own risk. In the unlikely case of a breach of private information, we will follow relevant laws and regulations to inform you of the breach.
Data Rights
Subject to applicable law, you may have the right to request and obtain information about, or copies of, your personal information that we process, where we obtained your information, the business or commercial purpose for collecting your information, the third parties with whom your information is shared, and whether our source of information is publicly accessible. You may also have the right to correct your personal information, or object to its processing. Lastly, you may ask us for information about when we typically delete stored information, or ask that information be anonymized or destroyed, depending on the situation and applicable laws.
All of our processing is in support of our business. Where we process your data based upon your consent, we recognize that you may withdraw consent if you wish to do so, and that you retain a right to your own data.
Contact Us
If you have any questions or concerns about this Privacy Policy, or how CIRS protects your personal data, please feel free to contact: [email protected].