Privacy Policy

Privacy Notice

Effective Date: April 30, 2020

Last Updated Date: October 4, 2023

Global Online Academy (“GOA,” “we,” “our,” or “us”) provides this privacy notice to describe how we collect, use, share, and otherwise process the personal information of individuals who visit our website https://globalonlineacademy.org and websites on which this privacy notice appears (the “Site”) and the personal information of individuals who use the services offered by GOA, including individuals who participate in our student courses or educator courses (the “Services”). This privacy notice addresses privacy for children in the United States under the age of 13 separately from privacy for other United States residents and international visitors.

  • CHILDREN’S PRIVACY POLICY

  • GENERAL PRIVACY POLICY
    • Information Collection

    • Information Use

    • Information Sharing

    • Cookies and Analytics

    • Third-Party Links and Tools

    • Security

    • Retention

    • Your Choices

    • Do-Not-Track Disclosure; Third-Party Tracking

    • Your California Privacy Rights – Shine the Light

    • International Visitors

    • Changes to Our Privacy Notice

    • Data Controller; Data Processor

    • Contact

CHILDREN’S PRIVACY POLICY

This section (Children’s Privacy Policy) explains our information collection, disclosure and parental consent practices with respect to information provided by children under the age of 13. This section is in accordance with the U.S. Children’s Online Privacy Protection Act (COPPA) and outlines our practices in the United States with respect to children under 13.

1. The Information We Collect from Children, How We Use It, and When We Communicate with Parents

At student registration, we request that the parent or legal guardian of children under 13 provide us with the following information about the child: name, email address, birth date, gender, preferred pronouns, school attended, graduation year, and optionally, race and nationality, and consent to use of such information according to this Children’s Privacy Policy. We also request the name of the person giving the consent, their relationship to the child being registered, and their email address.

While receiving Services, the child may disclose to the instructor the same personal information the parent already disclosed to us as well as their then-current location, image and voice. We do not store or record the child’s sessions with the instructor.

We collect email addresses for children under 13 to receive Services. We send, for example, a welcome email, course enrollment confirmation, and information in connection with courses, such as grades.

The child’s parent or legal guardian is responsible for establishing the child’s user name and password to be able to access our Services, which are all delivered through the Site. If the user name or password need to be reset, the parent or legal guardian is responsible for contacting us. We treat the user name and password as personal information of the child.

We use the personal information of children under 13 to deliver requested Services to them, communicate about the Services with them, their parent/legal guardian and/or their referring school, to manage, improve, troubleshoot and protect the Services and our Site, and as needed to respond to a legal request, legal process or law enforcement.

2. When Information Collected From Children is Available to Others

Instructors delivering Services on our behalf, and our employees managing the Services, know the names, locations, ages, gender, images and voices of children receiving Services as part of Services delivery. Other students in a course may also know this same information when interacting together over video conference. We may also disclose this information back to the child’s school that referred the child to us in connection with communicating Services received by the child from us to the school.

Flipgrid is a third-party, password-protected, service we use to permit video upload and sharing in connection with courses. Students under 13 are asked to upload videos to this service, which could have access to personal information shared by the child within the videos. We password protect access to FlipGrid itself. The names of participants in this service are commonly disclosed.

In a Zoom-hosted video meeting for instructional purposes, which is transcribed, we may have a written document of what was said in the meeting. Zoom collects this information on our behalf, and thus the same information is available to Zoom. Zoom cannot tell if a child or adult is speaking and transcribes all spoken content. We may retain the transcript and record of statements by children under 13 in connection with administering our programs. Instructors may also video record Zoom-hosted video meetings for instructional purposes (such as topical review or assisting an absent student). Instructor recordings are retained by the instructor while a course is in progress and are thereafter deleted. Zoom facilitates the video recording and thus the videos are also available to Zoom. We have no way to prevent attendees (such as other students) from recording Zoom meetings, and if they are watching the meetings in an area visible to others (such as household members), others may see an image of your child in the Zoom meeting and hear what your child says in the meeting.

Children under 13 who access the Site (for example, to access course or live session) use the Site subject to the cookies described below under the “Cookies and Analytics” section, which cookies may collect the location of the person accessing the Site, their click path through the Site, as well as the IP address of the device used to access the Site. We do not associate such information with a specific child in our records, and have no way of knowing the age of visitors to the Site.

Our third party hosting provider hosts our online Services (and may technically have access to our data on its servers) but is not authorized to access personal information of children under 13 for its independent purposes. Our legal advisors may also have access to that information (subject to confidentiality) in the course of providing us with legal counsel. If we sell our business or it is acquired by a successor (such as a separate non-profit), our successor will have access to all personal information we have on hand. We also reserve the right to disclose any information we have on hand to law enforcement, in accordance with applicable laws, or in connection with a court order, subpoena, or other legal process.

In connection with our Services, we may ask users to enroll with, or download materials from, the following third party content providers. In so doing, the user, which may include a child under 13, is subject to the separate privacy practices of the third party over which we have no control. We recommend reviewing their separate privacy policies prior to using these separate services. It is possible in some instances that a user may not receive the full benefit of our Services if they do not also enroll with these complementary third party services.

Third Party

Service Offered

Ableton

Digital audio music production platform

Student signs up and sends a link to their project on this service to their instructor

Anthropic

We use Anthropic to analyze anonymous data to learn more about program delivery and success.

Apple App Store

Instructors may request students to download apps from this service, as notified to students on a case by case basis

AppShed

App design platform

Student signs up and sends a link to their project on this service to their instructor

Calend.ly

Instructors may use this service to schedule meetings and conferences; they send links to the service and students and families can sign up for a time to meet through the service, typically by providing a name and email address to the service

Canvas

This is our learning management system through which our courses take place online; each student is identified by name by us within this platform to grant them access to their enrolled courses

CodeHS

App/software design platform

Student signs up and sends a link to their project on this service to their instructor

Code.org

App/software design platform

Student signs up and sends a link to their project on this service to their instructor

Diigo

This platform facilitates collaboration on group research projects

Student signs up and sends a link to their project on this service to their instructor

Doodle

Instructors may use this service to schedule meetings and conferences; they send links to the service and students and families can sign up for a time to meet through the service, typically by providing a name and email address to the service

EdPuzzle

This platform is linked by us to our learning management system through which our courses take place online; this platform facilitates quizzes and can be accessed through each student’s Canvas

Github

This is a software code repository platform

Student signs up and sends a link to their project on this service to their instructor

Glogster

This platform helps create posters or digital media for courses; students can send a link to the work to their instructor from this service

Students sign up to use the platform on their own

GoFormative

This platform facilitates quizzes for courses

Students sign up to use the platform on their own

GSuite

Students may use this platform for word processing, document editing and storage

Students sign up to use the platform on their own

Hellosign

We use this service to collect parent/legal guardian signatures to documents; we direct the documents to the signer via their email address

The documents signed may contain personal information (name, email address, birthdate) of children under 13

Hypothesis

Social annotation tool; LTI through Canvas; whole class looking at PDF and annotate together

Canvas assigns students IDs; can also use student email by default (and student can self-share)

Loom

This platform allows students to view instructor created videos; instructors send students a link; it is not necessary to provide personal information or register to view the videos. If students want to create their own videos on this service, they will need to sign up on their own to use it.

MusicFirst

Used for music composition courses where students sign up on their own with this service to create music together

Noteflight

Used for music annotations – to allow students to comment on each other’s compositions; students sign up on their own for this service

Piktochart

Students may create infographics using this service

Students sign up to use the platform on their own

Pinterest

This photo and project sharing site may be used by instructors to allow students to see content; if students wish to use the site on their own, they need to sign up on their own

PollEverywhere

This service allows instructors to poll their students via a link the instructor emails to students

Salesforce

This is the platform we use to store contact information for instructors, students and families; we may also use it to send surveys to our community members

SketchUp

This service allows students to create 3D modeling online for architecture classes

Students sign up to use the platform on their own

Twist

This is an instant messaging service to facilitate team work across students

Students sign up to use the platform on their own

Unity

This service allows students to create games for game design class

Students sign up to use the platform on their own

Youcanbookme

Instructors may use this service to schedule meetings and conferences; they send links to the service and students and families can sign up for a time to meet through the service, typically by providing a name and email address to the service

YouTube

This video sharing site may be used by instructors to allow students to see content; if students wish to use the site on their own, they need to sign up on their own

Zoom

Video conference platform allowing instructors and students to interact, which may create transcripts of conferences

3. Parental Choices and Controls

You may elect not to have a child participate in the third party services described above (and thus not access personal information of your child), but in some instances, such as not consenting to use of Canvas or Salesforce, among other selections above, it makes it difficult if not impossible for us to provide our offerings to your child if you don’t agree to use of the third party service.

You may contact us at privacy@globalonlineacademy.org any time to stop our further collection of personal information from a child under 13 by stopping our delivery of Services to the child. As far as personal information collected from the child prior to such request, we retain it in an “active” file for 2 years in the event necessary to meet any legal obligations (such as accounting to the student’s school whether they are or are not receiving Services from us). During such 2-year retention period, the persons with whom we share data (described in the immediately preceding paragraph above) will continue to have access to the information as described immediately above. We continue to retain such personal information following the 2 year period indefinitely for limited use in connection with transcript requests. Because of the nature of our business (providing graded instruction), it is possible a student may reach out to us for transcript information for many years after having taken a course.

GENERAL PRIVACY POLICY

Information Collection

When we use the term personal information, we use this term to describe information that may be used to identify you. We or our service providers collect personal information when you contact us, register for membership or our courses, subscribe to our publications and mailing list, or interact with us for any other purpose.

We collect information you voluntarily provide to us through the Site, such as when you complete our “Contact” forms on the Site. We may ask you to provide your first and last name, email address, phone number, organization or school, role or job title, and a brief message.

If you register for the Services, depending on if you are registering as an educator or as a student or on behalf of a student, then we may ask you to provide the name of the individual to receive Services (and your name if registering on behalf of a child), such person’s mailing address, phone number, email address, school affiliation, payment information (which is sent directly to our third-party payment processor and not shared with us; please review the payment processor’s privacy notice for details on how that information is used), gender, preferred pronouns and birthdate. If you are an educator, we also ask for your position with the school. If you are a student or educator at a member school, then the member school may provide the same information to us on your behalf. For students under the age of 13, we ask for this information from their parent or legal guardian (provided we expect the email address, telephone number and payment information collected to be that of the parent or legal guardian).

If you use the Services, then we may also receive information from third parties in certain instances where you have separately signed up with that third party and either share that information with us or permit the third party to share that information with us. For more information about third party tools, please review the “Third-Party Links and Tools” section of this privacy notice.

We also gather technical usage information including, but not limited to, browser type, IP address, time zone, cookie activity on your device, pages visited and other activities on the Site, and other information regarding your interactions with the Site. We use cookies or similar technology to collect such information for advertising and other purposes. See the “Cookies and Analytics” section below to learn more about the use of this information and the choices available to you.

The provision of personal information is sometimes required by law and at other times is a result of a contractual requirement. You may be required to provide personal information, for example in a case where we sign a contract with you, and the non-provision of personal information could, in certain circumstances, prevent a transaction from concluding.

Information Use

We use your personal information, including for the following purposes:

  • To provide goods and services you request, including to process membership applications you submit or to provide communications to which you subscribe;

  • To provide the Services;

  • To contact you as you request, including to respond to your inquiries;

  • To communicate school-level engagement back to our member schools, including individual enrollment data;

  • To send you the GOA newsletter;

  • To improve and optimize the Site and the Services;

  • To audit and monitor the Site and Services, including for security purposes, to facilitate navigation of the Site, to resolve technical issues, to display information more effectively;

  • For GOA’s business purposes, including for marketing and analytics purposes (if you are in the EEA, Switzerland or the UK, then please review the “International Visitors” section below);

  • To comply with the law, to prevent or investigate fraud or unlawful activity and to protect the security and integrity of the Site, the Services and other systems; and/or

  • As otherwise disclosed at the time personal information is collected.

We do not use automatic decision-making (i.e., making decisions solely by automated means without any human involvement) or profiling (i.e., automated processing of personal information to evaluate certain aspects of an individual). Where we intend to process your personal information for a purpose other than the purpose for which it was collected, we will provide you with information regarding the purpose for the processing, as well as other relevant information, prior to processing your personal information for the new purpose.

Information Sharing

We share your personal information, including with the following parties:

  • Third parties that perform services on our behalf, such as storage providers;

  • As described below in “Cookies and Analytics” section;

  • As part of a corporate sale, merger, or acquisition, or other transfer of all or part of our assets including as part of a bankruptcy proceeding;

  • Pursuant to a subpoena, court order, governmental inquiry, or other legal process or as otherwise required by law, or to protect our rights or the rights of third parties; or

  • With your consent or as otherwise disclosed at the time of data collection or sharing.

Cookies and Analytics

We use cookies on the Site and the Services. A cookie is a small file of letters and numbers that we store on your browser or the hard drive of your computer. Cookies contain information that is transferred to your computer's hard drive. You can find more information about the individual cookies used on the Site and the Services and the purposes for which they are used in the table below:

Cookie/Technology

Name

Purpose

More information

Cloud

CRAFT_CSRF_TOKEN

This cookie helps us to secure the Site.

This cookie expires immediately.

Cookiebot

CookieConsent

Stores the user’s cookie consent.

Cookiebot’s Privacy Policy

Google Analytics

_ga

Used to distinguish users.

Google's Privacy Policy

Google Analytics Help pages

_gid

Used to distinguish users.

_gat

Used to throttle request rate.

HubSpot

__hstc

Used to distinguish users.

HubSpot's Privacy Policy

hubspotutk

Used to distinguish users.

__hs_initial_opt_in

Used to stay in compliance with the “Do Not Track” initiative.


You may block cookies by activating the setting on your browser that allows you to refuse the setting of all or some cookies. However, if you use your browser settings to block all cookies (including essential cookies) you may not be able to access all or parts of the Site or the Services.

GOA and its service providers use Google Analytics and other third-party services to improve the performance of the Site and the Services and for analytics and marketing purposes. The information generated by the cookie about your use of the Site (including your IP address) will be transmitted to and stored by Google in aggregate form. Google uses this aggregated information on our behalf in order to evaluate use of the Site, compile reports on Site activity and other services relating to Site activity and usage. For more information about how Google Analytics collects and uses data when you use the Site, visit https://www.google.com/policies/privacy/partners/, and to opt out of Google Analytics, visit https://tools.google.com/dlpage/gaoptout/.

On our website we use Google Tag Manager. Google Tag Manager is a solution that allows us to manage web page tags through a single desktop interface. The Google Tag Manager service itself (which implements the tags) is a cookie-less domain and does not collect any personal information. The Google Tag Manager service triggers other tags that may in turn collect data. Google Tag Manager does not access this data. If deactivation has been done at the domain or cookie level, it will remain for all tracking tags implemented with Google Tag Manager.”

GOA also uses HubSpot as a lead collection and nurturing system and Salesforce as our system of record and for contact management purposes. HubSpot cookies do not store personally identifying information, they store only a unique identifier. HubSpot tracks visitor and prospect activities on this website and on HubSpot landing pages by setting cookies. These cookies are set in order to remember preferences (like form field values) when a visitor returns to this site, and again to provide you with the best possible information service. For more information about how HubSpot collects and uses data when you use the Site, visit HubSpot's privacy page.

Additionally, GOA is currently using Hotjar to collect data on user interactions with the website. We use Hotjar in order to better understand our users’ needs and to optimize this service and experience. Hotjar is a technology service that helps us better understand our users’ experience (e.g. how much time they spend on which pages, which links they choose to click, what users do and don’t like, etc.) and this enables us to build and maintain our service with user feedback. For more information about how Hotjar collects and uses data when you use the Site, visit Hotjar's privacy page.

Third-Party Links and Tools

The Site and Services may provide links to third-party websites or apps, including our social media pages. We do not control the privacy practices of those websites or apps, and they are not covered by this privacy notice. You should review the privacy notices of other websites or apps that you use to learn about their data practices.

The Site may also include integrated social media tools or “plug-ins,” such as social networking tools offered by third parties. If you use these tools to share personal information or you otherwise interact with these features on the Site, those companies may collect information about you and may use and share such information in accordance with your account settings, including by sharing such information with the general public. Your interactions with third-party companies and your use of their features are governed by the privacy notices of the companies that provide those features. We encourage you to carefully read the privacy notices of any accounts you create and use.

Security

We take reasonable security precautions to protect the personal information that you choose to provide. Although guaranteed security does not exist on the internet or offline, we make commercially reasonable efforts to handle such information consistent with this privacy notice and applicable laws. Due to the design of the internet and other factors outside our control, we cannot guarantee communications between you and our servers will be free from unauthorized access by third parties.

Retention

We will process and store your information only for the period necessary to achieve the purpose of the storage, or as permitted by law. The criteria used to determine the period of storage of personal information is, for example, where we have entered into an agreement with you, 6 years following the termination of the agreement, where we have student work that was submitted to a GOA course, 2 years from the conclusion of the course, or the respective statutory retention period. After expiration of that period, the corresponding information is routinely deleted, as long as it is no longer necessary for the fulfillment of a contract or the initiation of a contract.

Your Choices

You may contact us using the contact information provided at the end of this privacy notice if you have any questions, or if you wish to update, correct or amend your personal information. For individuals located in the European Economic Area, United Kingdom or Switzerland, please also see the “International Visitors” section below.

To opt out of our e-mail marketing or cancel your subscription to our mailing list, you may use the link provided at the bottom of each marketing message.

Do-Not-Track Disclosure; Third-Party Tracking

Certain mechanisms may allow you to send web browser signals, known as “Do Not Track” (“DNT”) signals, indicating your choice to disable tracking on the Site. We do not respond to browser “Do Not Track” signals at this time. We may not be aware of or able to honor and respond to every such mechanism. More information about “Do Not Track” is available at www.allaboutdnt.org concerning such information.

Third parties, other than our service providers (such as our website analytics provider), do not have our permission to track which websites you visited prior to and after visiting the Site. That said, we cannot control third-party tracking and there may be some third-party tracking that occurs without our knowledge or consent.

Your California Privacy Rights – Shine the Light

California law permits California residents who provide us with personal information to request certain information regarding our disclosure of such information to third parties for their direct marketing purposes. We do not, at this time, disclose such information to third parties for their direct marketing purposes. If we change this policy, we will update this provision and provide instructions on how you may make a request for details. If any other state enacts a similar law as the California law, then this provision will also apply to such state.

International Visitors

This section applies to those that visit the Site or use the Services from the India, European Economic Area, United Kingdom or Switzerland.

We do not currently use your personal information to market to individuals in the EEA, UK, India, or Switzerland, except in accordance with your preferences.

What is our legal basis for processing? With respect to personal information that is subject to the EU’s General Data Protection Regulation (the GDPR) and India's Digital Personal Data Protection Act, our legal basis for collecting and using your personal information depends on the type of personal information and the purpose for which we collect it. GOA processes personal information with your consent (e.g., when GOA processes personal information to provide goods and services you request, such as a GOA publication to which you subscribe). On other occasions, GOA may process personal information when it needs to do this to fulfill a contract (for example, to process membership applications) or where required to do this by law. If necessary, GOA may also process personal information when it is in GOA’s legitimate interests to do this (e.g., for customer service or to administer membership benefits) and when these interests are not overridden by your data protection rights.

Where will we transfer personal information? Please be aware that the personal information we collect may be transferred to and maintained on servers or databases located outside your state, province, country, or other jurisdiction, where the privacy laws may not be as protective as those in your location. If you are located outside of the United States, please be advised that we process and store personal information in the United States. Where we transfer information from the European Economic Area, United Kingdom or Switzerland, as the case may be, to a country that doesn't provide an adequate level of protection, we’ll only do so where it’s necessary to perform a contract with you or under appropriate safeguards to protect your information, like standard contractual clauses.

Your rights under region-specific privacy likes like General Data Protection Regulation (GDPR) and Digital Personal Data Protection Act (India):

If your personal information is protected, you have certain data protection rights described below with respect to the personal information collected and used by GOA. These rights may only apply in certain circumstances and are subject to certain exemptions. You can exercise these rights using the contact details at the end of this privacy notice. The rights are as follows:

  • To request access to the personal information we hold about you;

  • To request that we rectify or erase your personal information;

  • To request that we restrict or block the processing of your personal information;

  • To receive personal information about you that we store and transmit to another without hindrance from us, including requesting that we provide your personal information directly to another, i.e., a right to data portability; and

  • Where we previously obtained your consent, to withdraw consent to processing your personal information.

To exercise these rights, contact using the “Contact” section below. Please be aware that GOA may be unable to afford these rights to you under certain circumstances, such as if we are legally prevented from doing so. Additionally, you have the right to lodge a complaint against us with the relevant data protection authority where you think we have not used your personal information in accordance with data protection law. To do so, contact the supervisory authority in your country of residence.

Changes to Our Privacy Notice

If our information practices change, we will post these changes on this page. We encourage you to visit this page periodically to learn of any updates.

Data Controller; Data Processor

GOA is the data controller of the personal information collected via the Site that relates to your use of the Site or in connection with your inquiries with us. GOA is also the data controller of the personal information collected via the Services if you are an educator that signs up with the Services directly with us. We dictate the purposes and manner by which this personal information is collected and used.

GOA is the data processor of the personal information of students or educators using the Services because they are students or educators at one of our member schools. GOA processes that personal information on behalf of the member schools and in accordance with our contracts with the member schools.

Contact

If you have questions, comments, or concerns about this privacy notice, please contact us at:

14050 1st Ave NE
Seattle, WA 98125

privacy@globalonlineacademy.org