Effective Date: February 3, 2025

Thank you for doing business with Stukent, Inc. (“Stukent,” “Company,” “we,” “our,” or “us”). We welcome you and hope you find our websites, web applications, courseware, products, and our other services and tools (collectively, the “Services”) helpful and useful. We have adopted this privacy policy (“Privacy Policy”) to help our website visitors, students, teachers, end users, current and potential customers, our employees, and other business partners (“you” or “your,”) understand what Data we collect, store, share, and use, how and why we do so, and what your rights are regarding that Data.

We always seek to improve our Services to you, and that requires that we collect, store, share, and use information about you and your usage preferences. As we do so, we are absolutely committed to protecting your privacy and the security of your personal information and that of your customers.

In this Privacy Policy, we use the word “Data” to describe all the information we collect that relates to you and your use of our Services. “Data” is broken into different categories, which are defined in the “Data We Collect and How We Use It” section of this Privacy Policy. We may refer to the different categories separately, but when we use the word “Data,” we mean all the different categories described in this Privacy Policy. Because of the nature of our Services, the term “Data” also includes the information, including personally identifiable information, you gather, upload, or is otherwise processed when you use the Services. We do not collect and process personally identifiable information without your consent. We rely on your compliance with our Terms and Conditions or other agreement(s) you may have in place with us to process your Data.

The term “Data” does not apply to de-identified, anonymized, and aggregated data that may be derived from Data, that cannot be reasonably connected with any individual, (“De-identified Data”). We hold all rights in and may use De-identified Data for our own purposes in any legal manner and without attribution or compensation to any person.

This Privacy Policy applies to everybody who interacts with us online or otherwise. Because different portions of the Privacy Policy will apply differently to the various groups who interact with us, we have tried to clearly categorize the types of Data we process and how we do so. If you have any questions about this Privacy Policy or how we handle your Data, please email us at support@stukent.com.

DESCRIPTION OF SERVICES

We provide access to electronic courseware, simulations, and certifications for a variety of subjects for educators, teachers and students. In this Privacy Policy, all tools and services made available in connection with our platform, including our website, web applications, tools, and any other services that we provide directly to you, whether now known or developed later, are included in the term “Services.”

LAWFUL BASIS FOR PROCESSING

Many jurisdictions require that we disclose to you the lawful basis for our processing of your Data. We do that in the “Data We Collect and How We Use It” section and otherwise throughout this Privacy Policy. In general, our lawful basis for processing your Data is based on your specific consent or your contract with us.

By accessing or using any of the Services or by otherwise interacting with us online, you consent to our use of your Data as described in this Privacy Policy. If our processing of your Data is based on your consent, you may withdraw your consent at any time, and we will cease collecting your Data. However, in some cases, this may result in your inability to receive partial or full access to the Services, and your withdrawal of consent does not limit our ability to use the De-Identified Data for use by us in connection with our legitimate business efforts in the future. In addition, your withdrawal of consent may not prevent us from retaining and processing Data if we have gathered such Data pursuant to a different lawful basis or to preserve legal claims. For example, if you give your consent for us to process your Data, but we are also required by law to keep your Data, that separate “lawful basis” will still apply, even if you withdraw your consent.

When you enter into an agreement with us, either by registering for and accessing the Services, by executing an agreement in hard copy, or by clicking “I Accept” or similar language online, we will process your Data for the purposes of fulfilling the terms of our contract with you. In that case, our processing of your Data is based on the contract, so your withdrawal of consent will only be effective after the purposes for processing that Data have been fulfilled and after we no longer have a legal obligation to keep that Data.

In all cases, we will comply with applicable law and we will cease processing your Data after the legal right, obligation, or other lawful basis expires.

INTENDED USERS

Other than for Data collected for the specific purpose of providing the Services to users, we do not knowingly collect Data from users who are under the age of 13. If we become aware that we have gathered Data from a person under the age of 13, except to provide the Services to such person, and except to the extent allowed or required by law, then we will attempt to destroy such Data as soon as possible, subject to our obligations under applicable law. If you are under the age of 18 in the jurisdiction in which you reside and want to make a request under applicable law, we may require you to make such a request through a parent or guardian, or through the institution you are affiliated with. If you believe that we have gathered Data from a person under the age of 13 in contravention of this policy, our provision of the Services, or applicable law, please contact us at support@stukent.com.

DATA WE COLLECT AND HOW WE USE IT

Listed below are categories of Data we collect when you use our Services. We never sell your Data, and we always have a lawful basis for gathering the Data, but that lawful basis might be different for different categories, and we describe those uses below. Regardless, we never use the Data for any purpose other than the purpose for which we gathered the Data in the first place, unless we get your prior explicit consent.

A. Registration Data  

1. Data Description: Registration Data may consist of the name, email address, street address, other contact information, and other information you provide us using the Services, both when you register for the Services and thereafter. Registration Data also includes your username, client type (i.e. student, teacher, institution), and other applicable registration information, if any. Further, Registration Data may include information collected when you sign up, login to your account, or otherwise link to your account through a learning management system, social media, or other third-party platform, including registration and profile information. When you link third-party platforms to the Services, you authorize us to collect, store, and use any Data the third-party platform may give us (i.e. email address, username, etc.); and, all of such data is considered Registration Data. Please note that any third-party platform you link to the Services likely has its own privacy policy that governs its use and processing of your data. Please refer to any applicable third-party privacy policy for information regarding their use and processing of your information.
2. Lawful Basis for Processing: Our lawful basis for processing Registration Data is our contract with you and your consent. We can only provide certain Services to you if we have the Registration Data, so we need to store and access that Registration Data during the term of our contract. Even when the Registration Data is not critically necessary to the provision of the Services, we may still process that Registration Data to facilitate our contractual interactions with you.
3. How We Use It and Who We Share It With: Registration Data is accessible generally only to us and to you. In limited circumstances, we may share your Registration Data with our service providers and with parties who help us provide the Services and are under obligations to protect the confidentiality of your Registration Data. We use Registration Data to provide the Services to you. At times, we will share the Registration Data with other third parties at your request. We may also use your Registration Data to offer our own goods or services to you, either directly through emails or through third party platforms, but you may opt out of those communications at any time.

B. Engagement Data

1. Data Description: Engagement Data consists of all the information you input or record using the Services, except as otherwise stated in this Privacy Policy. It also includes all information that is proprietary to you regarding your use of the Services (other than the data that qualifies as “Usage Data” below) that is collected or processed by the Services. Engagement Data specifically includes any text, personal preferences, and other information you input and include in the Services, such as feedback, comments, questions, etc.
2. Lawful Basis for Processing: Our lawful basis for processing Engagement Data is (1) our contract with you, (2) our obligation to provide you with the Services, and (3) our legitimate interest in improving our Services based on the Engagement Data we receive from you.
3. How We Use It and Who We Share It With: Your Engagement Data is accessible to us, to you, to employees or designated agents of your educational institution or employer (if applicable), and to limited third parties that we use to provide and improve the Services. If we share your Engagement Data with a third party, that party will be obligated to protect the confidentiality of your Engagement Data. Some Engagement Data, by nature, will be shared with other users, such as information in chat areas, news groups, forums, communities, etc. Your input of Engagement Data in these situations is voluntary and you assume all risk associated with uploading your Engagement Data. Both during the term of our agreement with you and thereafter, we may also convert Engagement Data to De-Identified Data, and that De-Identified Data belongs solely to us to use in our sole discretion (including to sell De-Identified Data, which is not Data). To the extent we are required to destroy any Engagement Data about you, we may still retain De-Identified Data that may have originated as your Engagement Data.

C. Usage Data

1. Data Description: Usage Data consists of the following and similar information:
   • Information about your interactions with the Services, most commonly our website, which includes the date and time of any requests you make. This also may include details of your use of any advertising you receive via the Services.
   • Adjustments you make to the default state of the Services, such as custom categories or settings.
   • The timing of the information you post to the Services including your interactions with us, but not including the content of those interactions, which would be included as Engagement Data.
   • Technical data which may include URL information, cookie data, your IP address, the types of devices you are using to access or connect to the Services, unique device IDs, device attributes, network connection type (e.g. WiFi, 4G, LTE, Bluetooth) and provider, network and device performance, browser type, language, information enabling digital, mouse movements (including scrolling data). Please note, however, that if you disable certain functions, your use of the Services may be limited.
   • Rights management, operating system, and application version.
   • Motion-generated or orientation-generated mobile sensor data (e.g. accelerometer or gyroscope), if any, required for the purposes of providing specific features of the Services to you.
2. Lawful Basis for Processing: Our lawful basis for processing Usage Data is (1) our contract with you, (2) our obligation to provide you with the Services, and (3) our legitimate interest in improving our Services based on the Usage Data we receive from you.
3. How We Use It and Who We Share It With: Usage Data is accessible to us, to you, and to limited third parties that we use to provide and improve the Services. If we share your Usage Data with a third Party, that party will be obligated to protect the confidentiality of your Usage Data. We may also share Usage Data with other third parties at your specific request. We may use Usage Data to make improvements to the Services. Both during the term of our agreement with you and thereafter, we may also convert Usage Data to De-Identified Data, and that De-Identified Data belongs solely to us to use in our sole discretion (including to sell De-Identified Data, which is not Data). To the extent we are required to destroy any Usage Data about you, we may still retain De-Identified Data that may have originated as your Usage Data.

D. Payment Data

1. Data Description: Payment Data is only collected when your use of the Services is subject to the payment of a fee or other charge. However, we do not directly process your Payment Data because we use a third-party service provider that is PCI compliant to process payments. Payment Data will vary depending on the payment method you use but will likely include information such as:
   • Name
   • Date of birth
   • Certain credit card information used to reference a credit card
   • Address and postal code
   • Mobile phone number
2. Lawful Basis for Processing: Our lawful basis for processing Payment Data is (1) our contract with you and (2) our legitimate interest in improving our Services based on the Payment Data we receive from you.
3. How We Use It and Who We Share It With: We only use Payment Data to facilitate payment. We do not communicate Payment Data to third parties because we do not directly process your Payment Data. You understand that transactions are not processed by Stukent and as such any request for information or claim that is payment related will have to be directed towards the payment processor and not Stukent. See Terms and Conditions for more details.

SHARING YOUR INFORMATION

We value your trust and are committed to protecting your Data. We do not sell your Data for any purpose, nor do we allow other companies to advertise or independently promote their products and services through our platform. Any sharing of your Data is conducted with transparency, limited to the purposes outlined below, and in compliance with applicable privacy laws.

1. At Your Request: If you explicitly request that we share your Data with a third party to further the purposes of our Services, we will do so with your consent.
2. Service Providers: We engage trusted third-party vendors to support the delivery of our Services, such as hosting, payment processing, analytics, and email communications. These vendors are granted access to your Data solely for the purpose of performing these services on our behalf and are contractually required to maintain the confidentiality of your information.
3. Educational Partnerships: We may collaborate with third parties to provide tools and resources for educational purposes. These partnerships may involve co-branded pages or integrations within our Services. Any Data shared with these partners is limited to what is necessary to facilitate these offerings and is governed by contractual agreements that align with our privacy standards. No unsolicited marketing or unrelated services will be promoted.
4. Institutions: If you are affiliated with an institution (e.g., as a teacher, student, or employee), we may share your Data with that institution as part of delivering our Services to you. This includes processing Data on behalf of the institution in accordance with our agreements with them.
5. Future Uses: If we plan to use your Data for any purpose not identified above and we do not have a separate lawful basis for that new purpose, we will only do so after obtaining your specific consent.
6. Business Transitions: In the event of a business transition, such as a merger, acquisition, sale, or restructuring, your Data may be transferred as part of the assets involved in the transaction. Such transfers will be conducted in compliance with applicable laws, and we will take reasonable steps to protect your Data during the process.
7. Legal Disclosures: We may disclose your Data if required by law or if we believe in good faith that such disclosure is necessary to:
   • Comply with legal obligations, such as a subpoena, court order, or legal process.
   • Protect our rights, property, or the safety of our users or others.
   • Investigate and prevent fraud, abuse, or illegal activities.
   • Enforce our Terms and Conditions.

Important Notes:

• No Data Sales: We do not sell your Data under any circumstances.
• No Third-Party Marketing Offers: We do not permit other companies to advertise or independently promote their products and services through our platform.
• Transparency and Control: You remain in control of your Data. Any sharing with third parties is done transparently and in accordance with the terms outlined here.

TECHNOLOGIES WE USE

The technologies we use for automatic Data collection may include the following:

• Cookies (or browser cookies). A cookie is a small file placed on the hard drive of your computer. You may refuse to accept browser cookies by activating the appropriate setting on your browser. However, if you select this setting you may be unable to access certain parts of our Services. Unless you have adjusted your browser setting so that it will refuse cookies, our system will issue cookies when you direct your browser to our Services.
• Web Beacons. Pages of the Services and our emails may contain small electronic files known as web beacons (also referred to as clear gifs. pixel tags and single-pixel gifs) that permit the use, for example, to count users who have visited those pages or opened an email and for other related website statistics (for example, recording the popularity of certain website content and verifying system and server integrity).
• Geolocation. We may use geolocation (or other similar) technology when you use our Services to determine your current location. If you do not want us to use your location to provide you the Services, you can turn off your location services in your device’s settings.
• Widgets. We may use technologies such as widgets or APIs to display parts of our Services on sites that are operated by our business partners.
• Other Technologies. We may also use device identifiers, local storage, html modifiers, and different types of caching to help us understand the devices and users who access the Services. Those methods include device identifiers that are either hardware-based or software-based, persistent, or non-persistent, and which may identify either a device or a software module within a device (such as a web browser).

“Do Not Track” Options

Your web browser(s) may offer a “Do Not Track” option, which allows the individual to signal to operators of websites and web applications and services (including behavioral advertising services) that he or she does not wish such operators to track certain of his or her online activities over time and across different websites. We do our best to support Do Not Track requests but cannot guarantee full support based on the variety of internet browsers and technologies which means that we may collect information about your online activity both while you are using the Services and after your use of the Services.

YOUR RIGHTS REGARDING YOUR DATA

Under applicable data protection, privacy, and other laws, you may have certain rights related to the access and control of your Data. These rights may include:

1. Access, Correction, and Deletion: The right to access, correct, update, or request deletion of your Data.
   • For parents of high school students whose data is processed as part of an institution’s use of our service, such requests should be directed to the educational institution administering the service. We facilitate these requests as directed by the institution.
2. Objection or Restriction: The right to object to or restrict the processing of your Data. (Please note: Exercising this right may limit or eliminate our ability to provide certain Services.)
3. Data Portability: The right to request portability of your Data.
4. Opt-Out of Marketing: The right to opt-out of receiving marketing communications. You can exercise this right by clicking the “Unsubscribe” or “Opt-Out” link found in those communications. (Note: Email marketing communications are not sent to high school students under any circumstances.)
5. Automated Decision-Making: The right not to be subject to decisions based solely on automated processing, including profiling.
6. Regulatory Complaints: The right to submit a complaint to a regulatory authority regarding our data processing practices.
7. California Privacy Rights: The right to limit use, disclosure, and restrict sensitive personal information (as defined in the CPRA).

We may use additional processes to verify your identity before we reveal or destroy any of your Data, including two-factor or two-step authentication measures to ensure we can identify you.

This list may not include all of your rights under applicable laws. If you believe you have additional rights, please contact us using the methods in this Privacy Policy.

Please note that exercising any of the above rights may limit or eliminate our ability to provide you the Services. If so, we may terminate the Services due to such requests.

We will try to comply with your request(s) as soon as reasonably practicable and at the very least as required under applicable law. Upon receipt of your written request, we will provide you with a copy of your information, although in certain limited circumstances we may not be able to make all relevant information available to you, such as where that information also pertains to another user. In such circumstances we will provide reasons for the denial to you upon request.

Please also note that if you opt-out of receiving marketing-related emails from us, we may still send you messages for administrative or other purposes directly relating to your use of the Services, and you cannot opt-out from receiving those messages while continuing to use the Services.

Further, you may opt-out or disable certain functions on your particular device, preventing us from collecting Data. For example, you may disable geolocation or GPS functionality on your mobile device or disable push notifications. If you disable such features, your ability to use and access the Services may be limited.

To exercise any of these rights, or if you have any questions about our processing of your Data, please contact us at support@stukent.com or at our toll-free number: (855) 788-5368.

A. Privacy for EU/UK Residents

The Regulation (EU) 2016/679 (General Data Protection Regulation) made effective in Europe on May 25, 2018 (“GDPR”) requires that we clearly describe to data subjects the data we collect and how we use that data. This Privacy Policy does that and if you have any questions for us regarding our data collection, please contact us at support@stukent.com. We comply with the GDPR requirements to the extent they apply to us.

We are headquartered in the United States and all user data is stored in the United States. By accessing or using the Services or otherwise providing information to us, you understand that your information will be subject to processing, transfer, and storage in and to the United States.

Due to the nature of our Services, we typically act as a “Processor” as defined under the GDPR. If you believe that this role should be defined differently, please contact us at support@stukent.com.

Pursuant to the GDPR, residents of the EU (and the EEA, as applicable) have the right to obtain our confirmation of whether we maintain personal information relating to them in the United States. If you are a resident of Europe, upon request from you, we will provide you with access to the Data that we hold about you. Please contact us if you have any questions.

Further, if you are a resident of the United Kingdom (“UK”), to the extent the GDPR as incorporated into UK law pursuant to s.3 of the European Union (Withdrawal Act) 2018 (as amended, the “UK GDPR”) is different than the GDPR, we will follow all supplemental requirements under the UK GDPR and you have all rights as a UK citizen under the UK GDPR.

B. Privacy for California Residents

California adopted the California Consumer Privacy Act (“CCPA”), which took effect at the beginning of 2020 and has now adopted the California Privacy Rights Act (“CPRA“), portions of which took effect January 1, 2022. We comply with the requirements of the CCPA and CPRA to the extent they apply to us.

If you are a California resident, you may request to exercise your rights for any Data we have processed in the 12 months prior to your request. Such request covers any categories, sources, purposes, and, if applicable, third parties to whom we share the Data. Further, you can exercise any of your rights free of discrimination, for example, we cannot increase the price of the Services or decrease the quality of the Services because you exercise your rights.

Due to the nature of our Services, we typically act as a “service provider” as defined under the CCPA and CPRA. If you believe that this role should be defined differently, please contact us at support@stukent.com or at our toll-free number: (855) 788-5368.

For more information, please direct your questions to us at support@stukent.com or at our toll-free number: (855) 788-5368.

C. Other Data Privacy and Protection Laws

We comply with all data protection and privacy laws in applicable jurisdictions, to the extent such laws apply to us and our Services. Specifically, our processing of your Data may be subject to the Family Educational Rights and Privacy Act (“FERPA“). We work with educational institutions to comply with FERPA. We strive to be transparent about our data processing activities and have disclosed our practices throughout this Privacy Policy. If you have any questions about your rights under any applicable data protection and privacy laws, please contact us support@stukent.com or at our toll-free number: (855) 788-5368.

We access, use, store, and share Google user data in the following ways:

• Access: We access Google user data such as email addresses and names when you link your Google Classroom or use Single Sign-On (SSO) to log in to our services.
• Use: We use Google user data to facilitate automatic enrollment, synchronize course rosters, manage user accounts, and integrate with Google Classroom for a seamless educational experience.
• Storage: Google user data is stored securely in our systems to maintain the continuity of the services provided. We use industry-standard security measures to protect this data.
• Sharing: We do not share Google user data with third parties except as necessary to provide our services, comply with legal obligations, or with your explicit consent.

Limited Use of Google User Data

Our use of Google user data is limited to the practices disclosed in this privacy policy and conforms to Google’s Limited Use requirements. We do not use this data for any other purposes beyond those necessary to provide and improve our services. Stukent’s use and transfer of information received from Google APIs to any other app will adhere to Google API Services User Data Policy, including the Limited Use requirements

In-Product Privacy Notifications

We prominently display privacy notifications within our app interface to ensure that users can easily find information about how their Google user data is accessed, used, stored, and shared. Consistency and Updates

The privacy policy linked on our homepage is the same as the one linked on the app’s OAuth consent screen. We keep our privacy policy and in-product privacy notifications up to date to reflect any changes in how our app uses Google user data.

SECURITY

The security of your Data is important to us. We use commercially reasonable efforts to store and maintain your Data in a secure environment. We take technical, contractual, administrative, and physical security steps designed to protect Data that you provide to us. We have implemented procedures designed to limit the dissemination of your Data to only such designated staff as are reasonably necessary to carry out the stated purposes we have communicated to you.

THIRD-PARTY POLICIES

You may be able to access third-party websites and other tools and services or products via a link on our website, or via our other tools. The privacy policies of these third parties are not under our control and may differ from ours. The use of any Data that you may provide to any third parties will be governed by the privacy policy of such third party or by your independent agreement with such third party, as the case may be. If you have any doubts about the privacy of the information you are providing to a third party, we recommend that you contact that third party directly for more information or to review its privacy policy.

This Privacy Policy does not address, and we are not responsible for, the privacy, information, or other practices of any third parties, including any third party operating any offering, site, or other products and Services used in connection with the Services. The inclusion of a link does not imply endorsement of the linked site or service by us or by our affiliates.

DATA RETENTION

We retain your Data for as long as necessary to fulfill the purposes for which it was collected or as required by applicable laws and regulations. This retention period may extend beyond the termination of your relationship with us if the data is needed to meet legal obligations, prevent fraud or future abuse, or support legitimate business purposes, such as account recovery, compliance, or the analysis of De-Identified Data.

For educational purposes, we may retain De-Identified or aggregated data indefinitely to support research, improve services, or develop educational resources. This data is stripped of personally identifiable information and is used in compliance with applicable privacy laws and the terms of this Privacy Policy.

All retained data will remain securely stored and governed by the terms outlined in this Privacy Policy.

AMENDMENT OF THIS PRIVACY POLICY

We reserve the right to change this Privacy Policy at any time. If we decide to change this Privacy Policy in the future, we will post or provide appropriate notice. Unless stated otherwise, our current Privacy Policy applies to all Data that we have about you and your account. The date on which the latest update was made is indicated at the top of this document. We recommend that you print a copy of this Privacy Policy for your reference and revisit this policy from time to time to ensure you are aware of any changes. Your continued use of the Services signifies your acceptance of any changes.

CONTACT US

You can help by keeping us informed of any changes such as a change of your personal contact information. If you would like to access your information, or if you have any questions, comments, or suggestions or find any errors in our information about you, please contact us at support@stukent.com or at our toll-free number: (855) 788-5368. If you have a complaint concerning our compliance with applicable privacy laws, we will investigate your complaint and if it is justified, we will take appropriate measures.

Stukent.com

Idaho Falls, USA
1755 International Way
ID, 83402

privacy@stukent.com