List of active policies
|Terms of Service||Site policy||All users|
- What Personal Data we collect and why we collect it
- How we use Personal Data
- Who we share Personal Data with
- The choices we offer, including how to access, update, and remove Personal Data
Effective Date: May 18, 2018
- What Personal Data we collect and why we collect it
- How we use Personal Data
- Who we share Personal Data with
- The choices we offer, including how to access, update, and remove Personal Data
We have kept this simple for your understanding, but if you’re not familiar with terms like “cookies” or “IP addresses,” feel free to contact us. Your privacy is really important to us, so whether you’re new to cmERDC or a long-time user, please take the time to get to know our
This policy applies (i) immediately to new users who use or access the Service on or after the Effective Date and (ii) on the Effective Date to users who use or access the Service before the Effective Date.
Please contact us if you have any questions or comments about our privacy practices. You can reach us online at email@example.com or by mail at the address listed in the “What If You Have Questions Regarding Your Personal Data?” section below.
TRANSFERS OF PERSONAL DATA
The Service is hosted and operated in the United States (“U.S.”). If you do not reside in the U.S., laws in the U.S. (and other countries) may differ from the laws where you reside. By using the Service, you acknowledge that any Personal Data about you, regardless of whether provided by you or obtained from a third party, is being provided to cmERDC in the U.S. and will be hosted on U.S. servers, and you authorize cmERDC to transfer, store, host and process your information to and in the U.S., and possibly other countries. You hereby consent to transfer of your data to the U.S. pursuant to either, at cmERDC’s discretion, the EU-U.S. Privacy Shield Framework, the details of which are further set forth below, or the standard data protection clauses promulgated by the EC, a copy of which can be obtained at https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=celex%3A32010D0087.
EU PERSONAL DATA
If you are located in the EU, United Kingdom, Lichtenstein, Norway, or Iceland, you may have additional rights under the EU General Data Protection Regulation (the “GDPR”) related to your Personal Data, as further described below. cmERDC currently blocks all traffic outside the U.S.A. Personal Data will not be collected from individuals accessing our sites and services outside the U.S.A.
NOTICE OF WHAT INFORMATION WE COLLECT AND HOW WE USE IT
Types of Personal Data We Collect
cmERDC collects Personal Data about you when you provide it directly to us, when third parties such as our business partners (e.g. companies with whom we integrate our Service), service providers (such as our advertising service providers) provide us with Personal Data about you, or when Personal Data about you is automatically collected in connection with your use of our Service. We collect the following Personal Data from you in connection with the Service:
- Contact Information: information we collect to identify or contact you, we collect typical “business card information” such as your first and last name, physical address, email address, or telephone number. For example, this is the basic information that we collect when you register for our training services.
- Transaction Information: information related to transactions you conduct on the Service, including when you register for a webinar, event or download special content, and your interactions with the Service (for example the functionality you use and the links clicked on the Service).
- User Account Information: information that identifies you to the Service, such as your user name, email address, password, and IP address. For example, we use this information to authenticate you when you log in to the Service, and use the IP address to help maintain your web session security while using the Service.
- User Content: to the extent that you choose to input Personal Data as part of such content, images, comments, and other content, information, and materials that you post to or through the Service.
Important Note: Users of our Services should not use end-customer personal data (e.g. actual or “live” end-customer data) when building designs and prototypes. Industry practice is to use “dummy data” that does not refer to actual people. Please also do not provide us with any sensitive personal data while building your designs and prototypes. For example, do not provide personal health information or personal financial information (except for limited financial data when purchasing the service as set forth above). If this type of data is necessary to make your prototype “come alive”, use dummy data instead.
- Partner Information: information that our business partners, such as our content-providing partners, share with us -- for example, if you use their services to purchase, preview, and/or otherwise use their content when using our Service.
- Log Data: information automatically recorded by the Service about how a person uses our Service, such as IP addresses, device and browser type, operating system, the pages or features of our Website or Service to which a user browsed, the time spent on those pages or features, the frequency with which the Service is used by a user, search terms used by a user, the links on the Service that a user clicked on or used, and other statistics.
We also collect usage and performance information that is not Personal Data or that we aggregate or de-identify so that it no longer personally identifies an individual. We also associate some data that is not Personal Data with Personal Data.
We collect Personal Data when a user (i) creates an account (a “User Account”); (ii) logs into the Service; (iii) interacts with the Service; (iv) uploads or generates User Content; (v) communicates with us; and (vi) responds to a communication or interaction from us. Some of the methods and tools we use to collect Personal Data are:
Unique Identifiers: We use unique identifiers such as cookies, e-mail or your pseudonymized customer ID to track individual usage behavior on our Service, such as the length of time spent on a particular page and the pages viewed during a particular log-in period. Unique identifiers collect information about a user’s use of our Service on an individual basis.
Mobile Device Identifiers: Mobile device identifiers are identifiers stored on your mobile device that track certain data and activities occurring on or through your device. Mobile device identifiers enable collection of Personal Data (such as media access controls) as well as non-personally identifiable information (such as usage and traffic data).
Cookies, Web Beacons, and Other Tracking Tools: We and our third party service providers collect information about you, your device, and your use of the Service through cookies, clear gifs (a.k.a. web beacons/web bugs) (“Web Beacons”), and other tracking tools and technological methods (collectively, “Tracking Tools”). Tracking Tools collect information such as computer or device operating system type, IP address, browser type, browser language, mobile device ID, device hardware type, the website or application visited or used before or after accessing our Service, the parts of the Service accessed, the length of time spent on a page or using a feature, and access times for a webpage or feature. These Tracking Tools help us learn more about our users and analyze how users use the Service, such as how often users visit our Service, what features they use, what pages they visit, what emails they open, and what other sites or applications they used prior to and after visiting the Service.
Web Beacons: Web Beacons help us better manage content on our Service by informing us what content is effective. Web Beacons are embedded in, or otherwise associated with, certain emails or other communications that you receive from us or our partners. Web Beacons help us track your responses and interests and deliver relevant content and services to you. For example, they may let us know when you take actions based on the emails that we send. Web Beacons also allow us to enhance our Behavioral Advertising (defined below), which is further discussed below in the section titled “Online Behavioral Advertising” below.
Third Party Sources: We may use third-party services, such as open search tools and social networks, to obtain information about you (such as your name or company) and to enrich your personal information by obtaining publicly available information about you, such as your job title, employment history and contact information.
Use of Personal Data
cmERDC uses Personal Data to: (i) provide, administer, and improve our Service; (ii) better understand your needs and interests; (iii) fulfill requests you make; (iv) personalize your experience; (v) provide Service announcements; (vi) provide you with information and offers from cmERDC, cmERDC Affiliates, and our business partners; (vii) protect, investigate, and deter against fraudulent, harmful, unauthorized, or illegal activity and (viii) comply with legal obligations.
For example, we use Personal Data to:
- Operate and improve the Service
- Facilitate communications among and between users and the public in general
- Provide user support
- Communicate with users regarding support, security, technical issues, commerce, marketing, and transactions
- Administer the Service, User Accounts, and transactions with respect to User Accounts
- Enforce our contracts, administering and carrying out our obligations under contracts, and complying with the law
We will only use your Personal Data if we have a lawful basis for doing so. Lawful bases for processing include consent, contractual necessity, and our “legitimate interests” or the legitimate interest of others, as further described below.
- Contractual Necessity: We process the following categories of Personal Data
because we need to process the data to perform under our User Agreement
with you, which enables us to provide you with the Service. When we
process data due to contractual necessity, failure to provide such
Personal Data will result in your inability to use some or all portions of
the Service that require such data:
- Contact Information
- User Account Information
- Financial Account Information
- Transaction Information
- User Content
- Legitimate Interest:
We process the following categories of Personal Data when we believe doing
so furthers the legitimate interest of us:
- Contact Information
- User Account Information
- Transaction Information
- User Content
- Partner Information
- Log Data
Examples of these legitimate interests include:
- Operation and improvement of our business, products, and services
- Marketing of our products and services
- Provision of customer support
- Protection from fraud or security threats
- Compliance with legal obligations
- Completion of corporate transactions
- Consent: In some cases, we process Personal Data based on the consent you expressly grant to us at the time we collect such data. When we process Personal Data based on your consent, it will be expressly indicated to you at the point and time of collection.
- Other Processing Grounds: From time to time we may also need to process Personal Data to comply with a legal obligation, if it is necessary to protect the vital interests of you or other data subjects, or if it is necessary for a task carried out in the public interest.
HOW AND WITH WHOM DOES CMERDC SHARE PERSONAL DATA?
We share Personal Data with the contracting school district with whom you are associated. This includes:
- Teachers of the courses you are enrolled
- Administrators of the site
- Other class participants
We also share Personal Data with third party service providers and agents when necessary to complete a transaction initiated or authorized by you or provide you with a product or service you have requested. In addition to those set forth above, these parties also include:
- Other users (when you use a “share link” to post information publicly, share or comment on content, or as otherwise necessary to effect a transaction initiated or authorized by you through the Service)
- Other parties authorized by you
- The owner and administrator(s) of the Service account that you use, or of the email address that you used to register with the Service (see “Use of Third-Party E-mail Address” immediately below).
We share Personal Data with presenters, sponsors, or other conference participants or organizers if you register for or attend a conference we are involved with.
We also share Personal Data when we believe it is necessary to:
- Comply with applicable law or respond to valid legal process, including from law enforcement or other government agencies
- Protect us, our business or our users, or third parties, for example to enforce our terms of service, prevent spam or other unwanted communications and investigate or protect against fraud
- Maintain the security of our products and services
We also share information with third parties when you have given us consent to do so.
Use of Third-Party E-mail Address
If you register for the Service using an e-mail address such as Google that we recognize to be either a part of a third-party enterprise account for the Service (an “Enterprise Account”) or a potential enterprise Service purchaser (for example, your employer’s) (each, an “E-Mail Holder”), we may provide your name and email address to the E-Mail Holder and their administrator. In some cases, we will also consolidate your account(s) with the accounts of the E-Mail Holder and we provide your E-Mail Holder and their administrator with access to your User Account information and User Content. This may happen when the E-Mail Holder’s account is established after you register for your individual User Account. We make these transfers to allow users who are part of a larger organization to take advantage of the special features and security enjoyed by our enterprise Account holders, and in order to help you and your organization comply with its internal security and email usage obligations. Please note that all accounts for the Service, and all applicable subaccounts (which may include your User Account), are controlled by the account administrator. In certain cases (e.g. when we are aggregating all of the accounts under a current or potential Enterprise Account), we will provide you with the ability to opt-out of consolidation with an E-Mail Holder’s Account (typically by changing the email address on your account to a non-E-Mail Holder email address).
Additionally, when an E-Mail Holder creates an Account, we may notify any individuals already using the Services under an email address with the same company domain as yours so that they can be migrated to your enterprise Account.
YOUR PRIVACY CHOICES
Opting Out of Behavioral Advertising and Tracking Tools
You can opt-out of certain Behavioral Advertising activities by doing one or more of the following. Please note that you will need to opt-out of each browser and device for which you desire to apply these opt-out features.
- Service Provider Opt Out: You can opt-out directly from some Advertising Service Providers and providers of Tracking Tools by using their opt-out tools. Some of these service providers, and links to their opt-out tools, are:
- Industry Opt Out Tools: Some Advertising Service Providers or providers of Tracking Tools may participate in the Network Advertising Initiative's (NAI) Opt-Out Tool (http://www.networkadvertising.org/choices/) and/or the Digital Advertising Alliance (DAA) Consumer Choice Page (http://www.aboutads.info/choices/), and you can opt-out of certain services and learn more about your choices by visiting the links included there. Users in the EU can visit http://www.youronlinechoices.eu/ for more information about your choices and to opt out of participating service providers.
- Web Browser Controls: You can prevent the use of certain Tracking Tools, such
as cookies, on a device-by-device basis using the controls in your web
browser. These controls can be found in the Tools > Internet Options
(or similar) menu for your browser, or as otherwise directed by your
browser’s support feature. Through your web browser, you may be able to:
- Delete existing Tracking Tools
- Disable future Tracking Tools
- Set your browser to provide you with a warning each time a cookie or certain other Tracking Tools are being set
- Mobile Opt Out: Your mobile devices may offer settings that enable you to make choices about the collection, use, or transfer of mobile app information for Behavioral Advertising. You may also opt-out of certain Tracking Tools on mobile devices by installing the DAA’s AppChoice app on your mobile device (for iTunes, visit https://itunes.apple.com/us/app/appchoices/id894822870?mt=8, for Android, visit https://play.google.com/store/apps/details?id=com.DAA.appchoices&hl=en). For more information, please visit http://support.apple.com/kb/HT4228, https://support.google.com/ads/answer/2662922?hl=en or http://www.applicationprivacy.org/expressing-your-behavioral-advertising-choices-on-a-mobile-device, as applicable.
- Do Not Track: Your browser may offer you a “Do Not Track” option, which allows you to signal to operators of websites and web applications and services (including behavioral advertising services) that you do not wish such operators to track certain of your online activities over time and across different websites. The Service does not support Do Not Track requests at this time, which means that we collect information about your online activity both while you are using the Service and after you leave our Service.
- Our Cookie Management Tool: We also allow you the ability to opt out of certain types of Cookies by clicking on the cookie banner when you first enter the applicable website (for EU users), or by using the solution below:
Emails: We will give you the ability to opt-out of marketing-related emails by clicking on a link at the bottom of each such email. You cannot opt-out of receiving certain non-marketing emails regarding the Service.
We believe the security of your information is a serious issue and we are committed to protecting the information we receive from you. Your personal information is contained behind secured networks and is only accessible by a limited number or persons who have special access rights to such a system, and are required to keep the information confidential. We use commercially reasonable security measures to protect against the loss, misuse, and alteration of your information under our control based on the type of Personal Data and applicable processing activity, such as data encryption in transit, data encryption at rest, pseudonymization, and enforcement of least privilege and need-to-know principles.
We retain Personal Data about you for as long as you have an open account with us or as otherwise necessary to provide you with the Service, and thereafter as set forth in our Service agreement with you (typically 30 days after termination of the Service, or sooner upon request (except as required by law)). In some cases, we retain Personal Data for longer, if doing so is necessary to comply with our legal obligations, resolve disputes or collect fees owed, or is otherwise permitted or required by applicable law, rule, or regulation. Upon disposal, we will destroy or render unreadable any such Personal Data. Afterwards, we retain some information in a depersonalized or aggregated form but not in a way that would identify you personally.
INTERACTIONS WITH OTHERS
The Service contains areas where you may be able to publicly post information, communicate with others, submit media content, and/or review goods, services, or vendors, such as discussion boards or blogs. Any information, including Personal Data that you post there, will be public and can be viewed by the public at large, and therefore anyone who accesses such postings will have the ability to read, collect, and further disseminate such information. We have no control over, and take no responsibility for, the use, storage, or dissemination of information posted or otherwise made available on such portions of the Service. By posting Personal Data online in public forums, you may receive unsolicited messages from other parties.
WHAT RIGHTS AND CHOICES DO YOU HAVE REGARDING YOUR PERSONAL DATA?
Accessing, Correcting, and Deleting Your Personal Data and Other Data Subject Rights
You have certain rights with respect to your Personal Data, and we want to help you review and update your information to ensure it is accurate and up-to-date. We may limit or reject your request in certain cases, such as if it is frivolous or extremely impractical, if it jeopardizes the rights of others, if it is not required by law, or if the burden or expense of providing access would be disproportionate to the risks to your privacy in the case in question. In some cases, we may also need you to provide us with additional information, which may include Personal Data, to verify your identity and the nature of your request. We will take reasonable steps to respond to all requests within 30 days (or less!).
If you are an cmERDC Account holder, you can accomplish most of the following by logging into your User Account or, for those using enterprise accounts, by contacting your account administrator. You can contact us directly at firstname.lastname@example.org if you have any additional requests or questions:
- Access: You can request more information about the Personal Data we hold about you and request a copy of such Personal Data.
- Rectification: If you believe that any Personal Data we are holding about you is incorrect or incomplete, you can request that we correct or supplement such data.
- Erasure: You can request that we erase some or all of your Personal Data from our systems. Please note that if you request the deletion of information required to provide the Service to you, your User Account will be deactivated and you will lose access to the Service.
- Portability: You can ask for a copy of your Personal Data in a machine-readable format. You can also request that we transmit the data to another controller where technically feasible.
For the following, please email us at email@example.com
- Withdrawal of Consent: If we are processing your Personal Data based on your consent (as indicated at the time of collection of such data), you have the right to withdraw your consent at any time. Please note, however, that if you exercise this right, you may have to then provide express consent on a case-by-case basis for the use or disclosure of certain of your Personal Data, if such use or disclosure is necessary to enable you to utilize some or all of our Service.
- Objection: You can contact us to let us know that you object to the further use or disclosure of your Personal Data for certain purposes, such as for marketing purposes.
- Restriction of Processing: You can ask us to restrict further processing of your Personal Data.
You also have the right to lodge a complaint about cmERDC’s practices with respect to your Personal Data with the supervisory authority of your country or EU Member State.
Closing Your Account
You may close an account, and upon termination of your User Account, we will take reasonable steps to provide, modify, or delete your Personal Data as soon as is practicable. However, cmERDC may nevertheless retain your Personal Data to protect the business interests of cmERDC, cmERDC Affiliates, vendors, and other users, and some information may remain in archived/backup copies for our records or as otherwise required by law. Those interests include without limitation the completion of transactions, maintaining records for financial reporting purposes, complying with our legal obligations, resolving disputes, and enforcing agreements.
California Privacy Rights
Pursuant to Section 1798.83 of the California Civil Code, residents of California can obtain certain information about the types of Personal Data that companies with whom they have an established business relationship have shared with third parties for direct marketing purposes during the proceeding calendar year. In particular, the law provides that companies must inform consumers about the categories of Personal Data that have been shared with third parties, the names and addresses of those third parties, and examples of the types of services or products marketed by those third parties. To request a copy of the information disclosure provided by cmERDC pursuant to Section 1798.83 of the California Civil Code, please contact as set forth above.
ENFORCEMENT AND RECOURSE
COPPA (Children Online Privacy Protection Act)
When it comes to the collection of personal information from children under 13, the Children's Online Privacy Protection Act (COPPA) puts parents in control. The Federal Trade Commission, the nation's consumer protection agency, enforces the COPPA Rule, which spells out what operators of websites and online services must do to protect children's privacy and safety online.
We do not specifically market to children under 13.
The Fair Information Practices Principles form the backbone of privacy law in the United States and the concepts they include have played a significant role in the development of data protection laws around the globe. Understanding the Fair Information Practice Principles and how they should be implemented is critical to comply with the various privacy laws that protect personal information.
In order to be in line with Fair
Information Practices we will take the following responsive action, should a
data breach occur:
We will notify the users via email
- Within 7 business days
We also agree to the individual redress principle, which requires that individuals have a right to pursue legally enforceable rights against data collectors and processors who fail to adhere to the law. This principle requires not only that individuals have enforceable rights against data users, but also that individuals have recourse to courts or a government agency to investigate and/or prosecute non-compliance by data processors.
The CAN-SPAM Act is a law that sets the rules for commercial email, establishes requirements for commercial messages, gives recipients the right to have emails stopped from being sent to them, and spells out tough penalties for violations.
We collect your email address in order to:
- Send information, respond to inquiries, and/or other requests or questions.
- Process orders and to send information and updates pertaining to orders
- We may also send you additional information related to your product and/or service.
- Market to our mailing list or continue to send emails to our clients after the original transaction has occurred
To be in accordance with CANSPAM we agree to the following:
- NOT use false, or misleading subjects or email addresses
- Identify the message as an advertisement in some reasonable way
- Include the physical address of our business or site headquarters
- Monitor third party email marketing services for compliance, if one is used.
- Honor opt-out/unsubscribe requests quickly
- Allow users to unsubscribe by using the link at the bottom of each email
If at any time you would like to
unsubscribe from receiving future emails, you can email us at
firstname.lastname@example.org and we will promptly remove you from ALL correspondence.
We Commit To:
- Not collect, maintain, use or share student personal information beyond that needed for authorized educational/school purposes, or as authorized by the parent/student.
- Not sell student personal information.
- Not use or disclose student information collected through an educational/school service (whether personal information or otherwise) for behavioral targeting of advertisements to students.
- Not build a personal profile of a student other than for supporting authorized educational/school purposes or as authorized by the parent/student.
- Not make material changes to school service provider consumer privacy policies without first providing prominent notice to the account holder(s) (i.e., the educational institution/agency, or the parent/student when the information is collected directly from the student with student/parent consent) and allowing them choices before data is used in any manner inconsistent with terms they were initially provided; and not make material changes to other policies or practices governing the use of student personal information that are inconsistent with contractual requirements.
- Not knowingly retain student personal information beyond the time period required to support the authorized educational/school purposes, or as authorized by the parent/student.
- Collect, use, share, and retain student personal information only for purposes for which we were authorized by the educational institution/agency, teacher or the parent/student.
- Disclose clearly in contracts or privacy policies, including in a manner easy for parents to understand, what types of student personal information we collect, if any, and the purposes for which the information we maintain is used or shared with third parties.
- Support access to and correction of student personally identifiable information by the student or their authorized parent, either by assisting the educational institution in meeting its requirements or directly when the information is collected directly from the student with student/parent consent.
- Maintain a comprehensive security program that is reasonably designed to protect the security, privacy, confidentiality, and integrity of student personal information against risks – such as unauthorized access or use, or unintended or inappropriate disclosure – through the use of administrative, technological, and physical safeguards appropriate to the sensitivity of the information.
- Require that our vendors with whom student personal information is shared in order to deliver the educational service, if any, are obligated to implement these same commitments for the given student personal information.
- Allow a successor entity to maintain the student personal information, in the case of our merger or acquisition by another entity, provided the successor entity is subject to these same commitments for the previously collected student personal information.
570 1st St SE
St. Cloud, Minnesota 56304
SummaryYour access to and use of the Service is conditioned on your acceptance of and compliance with these Terms. These Terms apply to all visitors, users and others who access or use the Service.
cmERDC Terms of Service
Last updated: 5/11/2018
Please read these Terms of Service ("Terms", "Terms of Service") carefully before using the https://moodle.cmerdc.org website (the "Service") operated by cmERDC ("us", "we", or "our").
Your access to and use of the Service is conditioned on your acceptance of and compliance with these Terms. These Terms apply to all visitors, users and others who access or use the Service.
By accessing or using the Service you agree to be bound by these Terms. If you disagree with any part of the terms then you may not access the Service.
We may terminate or suspend access to our Service immediately, without prior notice or liability, for any reason whatsoever, including without limitation if you breach the Terms.
All provisions of the Terms which by their nature should survive termination shall survive termination, including, without limitation, ownership provisions, warranty disclaimers, indemnity and limitations of liability.
Some parts of the Service are billed on a subscription basis ("Subscription(s)"). You will be billed in advance by invoice on a monthly or yearly basis.
Our Service allows you to post, link, store, share and otherwise make available certain information, text, graphics, videos, or other material ("Content"). You are responsible for the following the terms of your subscription contract and the conditions of sharing copyrighted information.
Links To Other Web Sites
Our Service may contain links to third-party web sites or services that are not owned or controlled by cmERDC.
cmERDC has no control over, and assumes no responsibility for, the content, privacy policies, or practices of any third party web sites or services. You further acknowledge and agree that cmERDC shall not be responsible or liable, directly or indirectly, for any damage or loss caused or alleged to be caused by or in connection with use of or reliance on any such content, goods or services available on or through any such web sites or services.
We reserve the right, at our sole discretion, to modify or replace these Terms at any time. If a revision in material we will try to provide at least 30 days' notice prior to any new terms taking effect. What constitutes a material change will be determined at our sole discretion.
If you have any questions about these Terms, please contact us.