Belouga Privacy Policy

This privacy policy has been compiled to better serve those who are concerned with how their 'Personally Identifiable Information' (PII) is being used online. PII, as described in US privacy law and information security, is information that can be used on its own or with other information to identify, contact, or locate a single person, or to identify an individual in context. Please read our privacy policy carefully to get a clear understanding of how we collect, use, protect or otherwise handle your Personally Identifiable Information in accordance with our website.

Personal Information

What personal information do we collect from the people that visit our website?

When registering on Belouga.org, as appropriate, you may be asked to enter your name, email address or other details to help you with your experience.

When do we collect information?

We collect information from you when you register on our site or enter information on our site.

How do we use your information?

We may use the information we collect from you when you register, sign up for our newsletter, respond to a survey communication, surf the website, or use certain other site features in the following ways:

  • To personalize your experience and to allow us to deliver the type of content offerings in which you are most interested.
  • To improve our website in order to better serve you.

How do we protect your information?

We do use vulnerability scanning and/or scanning to PCI standards.

We only provide articles and information. Personal credit card numbers and information is only needed for users, specifically teachers, schools and educational institutions, who purchase subscriptions to the Belouga Connected Learning Community.

We use regular Malware Scanning.

Your personal information is contained behind secured networks and is only accessible by a limited number of persons who have special access rights to such systems, and are required to keep the information confidential. In addition, all sensitive/credit information you supply is encrypted via Secure Socket Layer (SSL) technology.

We implement a variety of security measures when a user enters, submits, or accesses their information to maintain the safety of your personal information.

Cookies

Do we use 'cookies'?

Third Parties

Third-party disclosure

We do not sell, trade, or otherwise transfer to outside parties your Personally Identifiable Information unless we provide users with advance notice. This does not include website hosting partners and other parties who assist us in operating our website, conducting our business, or serving our users, so long as those parties agree to keep this information confidential. We may also release information when it's release is appropriate to comply with the law, enforce our site policies, or protect ours or others' rights, property or safety.

However, non-personally identifiable visitor information may be provided to other parties for marketing, advertising, or other uses.

Third-party links

Occasionally, at our discretion, we may include or offer third-party products or services on our website that directly relate to educational content. These third-party sites have separate and independent privacy policies. We therefore have no responsibility or liability for the content and activities of these linked sites. Nonetheless, we seek to protect the integrity of our site and welcome any feedback about these sites.

We do not allow third-party advertising on our website or subscribe to any ad networks.

GDPR Policy

Collection Practices

We only collect data to help us ensure the system is running efficiently, provide age appropriate subject matter and collaboration opportunities, make improvements to the overall user experience and help with product development. If you want your data or your students' data removed, you can email hello@belouga.org and we can do this on your behalf. All requests will be processed within 48 hours maximum. We carry out monthly data audits and upkeep an A+ rating for website security according to Mozilla Observatory.

The only personally identifiable information we collect is; first and last name; the city, state and country where you go to school; birthday. This data is retained for the duration your account is in Belouga. If you wish to either have your account deleted or amend any errors please speak to your parent, or the teacher at your school who your account is connected to.

We do not collect email addresses, of students phone numbers, home address, geolocation, health or another type of personally or non-personally identifiable information. If any parent or teacher would like to request a summary of the data stored on their child and/or student they can view this in their parent/teacher login or they can email hello@belouga.org.

If any of your personal information is shared by mistake with someone who is not you or your school then we must ensure we let you or your teacher know that this has happened within 72 hours of us knowing about it. If we get hacked on mass that impacts a high number of users, we will report to all users (those affected and those not) within the required 72 hours of the breach. We will then keep you updated on a regular basis through our website and social channels on updates to the fix. We will also inform the supervisory authority.

We will only retain your account for as long as reasonably, either for as long as your school is using Belouga, or if the account is deleted by your parent(s) or teacher when/if you move to another school or location.

Belouga’s website is powered by Amazon Web Services (AWS) hosted in the United States, with cloud data endpoints hosted on six continents.

Data and Server Security

Information Security

Belouga stores all user data on encrypted servers located in the United States of America. In order to best protect sensitive data, Belouga maintains server compliance with the following guidelines and standards:

  • Payment Card Industry Data Security Standard (PCI DSS)
  • National Institute of Standards and Technology (NIST)
  • Health Insurance Portability and Accountability Act (HIPAA)

Please refer to this document for additional details and information in reference to server security at Belouga.

Online Data Security

Belouga maintains an A+ rating for website security according to Mozilla Observatory and various third party testing software. Please review details at https://observatory.mozilla.org/analyze/belouga.org

COPPA

COPPA (Children Online Privacy Protection Act)

When it comes to the collection of personal information from children under the age of 13 years old, the Children's Online Privacy Protection Act (COPPA) puts parents in control. The Federal Trade Commission, United States' consumer protection agency, enforces the COPPA Rule, which spells out what operators of websites and online services must do to protect children's privacy and safety online.

We market to and collect information from children under 13 for the purposes of improving the child's site experience. This information will not be shared outside the Belouga platform.

Do we let third-parties, including ad networks or plug-ins collect PII from children under 13? No.

In order to remove your child's information please contact the following personnel: Re: Belouga at hello@belouga.org

We adhere to the following COPPA tenants:

  • We will not require a child to disclose more information than is reasonably necessary to participate in an activity.
  • Teachers can review their students’ personal information, direct us to delete it, and refuse to allow any further collection or use of the students’ information.
  • Teachers can agree to the collection and use of their student's information, but still not allow disclosure to third-parties unless that's part of the service.
  • Teachers can review, delete, manage or refuse with whom their students’ information is shared through account settings on our website, through emailing our support staff contacting us directly.
  • We will notify teachers directly before collecting PII from their students. This includes what specific information you will want to collect and how it might be disclosed, a link to your online privacy policy, and how the teachers can give their consent.
  • Teachers can give consent by agreeing to the terms of service upon registering themselves.

CalOPPA and NYS 2-D

California Online Privacy Protection Act and New York State Education Law 2-D

CalOPPA and NYS 2-D are the first state laws in the nation to require commercial websites and online services to post a privacy policy. The law's reach stretches well beyond California and New York to require any person or company in the United States (and conceivably the world) that operates websites collecting Personally Identifiable Information from California or New York consumers to post a conspicuous privacy policy on its website stating exactly the information being collected and those individuals or companies with whom it is being shared. - See more at: http://consumercal.org/california-online-privacy-protection-act-caloppa/#sthash.0FdRbT51.dpuf and https://www.nysenate.gov/legislation/laws/EDN/2-D

According to CalOPPA and NYS 2-D, we agree to the following:

  • Users can visit our site anonymously.
  • Once this privacy policy is created, we will add a link to it on our home page or as a minimum, on the first significant page after entering our website.
  • Our Privacy Policy link includes the word 'Privacy' and can easily be found on the page specified above.

You will be notified of any Privacy Policy changes:

  • On our Privacy Policy Page
  • After logging in to your account

You can change your personal information:

  • By emailing us
  • By logging in to your account

SOPPA

Student Online Personal Protection Act

The SOPPA law requires school districts to adopt a policy regarding the use of education technology products or applications. SOPPA is intended to ensure that student data will be protected when it is collected by educational technology companies and that the data may be used for beneficial purposes such as providing learning and innovative educational technologies.

We adhere to the following SOPPA requirements:

  • Implement and maintain reasonable security procedures and practices that otherwise meet or exceed industry standards designed to protect covered information from unauthorized access, destruction, use, modification, or disclosure.
  • Publicly disclose material information about our collection, use, and disclosure of covered information with a privacy policy.
  • Limitations on a student’s covered information, including a student's covered information collected only for pre-K through 12 school purposes and not further processed in a manner that is incompatible with those purposes, along with a student's covered information being adequate, relevant, and limited to what is necessary in relation to the pre-K through 12 school purposes for which it is processed.
  • Notify our school and/or district partners of any breach of the students’ covered information no later than 30 calendar days after the determination that a breach has occurred.

Covered information means personally identifiable information or material or information that is linked to personally identifiable information or material in any media or format that is not publicly available. We do not engage in any third-party advertising or sell and/or rent any Belouga users information to third-parties.

Under the SOPPA, parents have the right:

  • To inspect and review the student's covered information.
  • To request from a school a paper or electronic copy of the student's covered information.
  • To request corrections of factual inaccuracies contained in the student's covered information.
  • To request deletion of covered information when allowable by State or federal records laws.
  • To know which authorized software is being used in the classroom.
  • To provide consent to the use of authorized software as outlined in the guidelines.
  • To be notified by the district of a breach of covered information.

User Tracking

How does our site handle Do Not Track signals?

We honor Do Not Track signals and Do Not Track, plant cookies, or use advertising when a Do Not Track (DNT) browser mechanism is in place.

Does our site allow third-party behavioral tracking?

It's also important to note that we do not allow third-party behavioral tracking.

Information Practices

Fair Information Practices

The Fair Information Practices Principles form the backbone of privacy law in the United States and the concepts they include have played a significant role in the development of data protection laws around the globe. Understanding the Fair Information Practice Principles and how they should be implemented is critical to comply with the various privacy laws that protect personal information.

In order to be in line with Fair Information Practices we will take the following responsive action, should a data breach occur:

We will notify you via email within seven (7) business days

We also agree to the Individual Redress Principle which requires that individuals have the right to legally pursue enforceable rights against data collectors and processors who fail to adhere to the law. This principle requires not only that individuals have enforceable rights against data users, but also that individuals have recourse to courts or government agencies to investigate and/or prosecute non-compliance by data processors.

Email Practices

CAN SPAM Act

The CAN-SPAM Act is a law that sets the rules for commercial email, establishes requirements for commercial messages, gives recipients the right to have emails stopped from being sent to them, and spells out tough penalties for violations.

We collect your email address in order to:

  • Send information, respond to inquiries, and/or other requests or questions

To be in accordance with CANSPAM, we agree to the following:

  • Not use false or misleading subjects or email addresses
  • Identify the message as an advertisement in some reasonable way.
  • Include the physical address of our business or site headquarters.
  • Monitor third-party email marketing services for compliance, if one is used.
  • Honor opt-out/unsubscribe requests quickly.
  • Allow users to unsubscribe by using the link at the bottom of each email.

If at any time you would like to unsubscribe from receiving future emails, you can email us at:

  • Follow the instructions at the bottom of each email.

and we will promptly remove you from ALL correspondence.

Contact Information

Contacting Us

If there are any questions regarding this privacy policy, you may contact us using the information below.

https://belouga.org

PO 1289
Bellmore, New York 11710
United States

hello@belouga.org

Changes to Privacy Policy

If we decide to make material changes to our Privacy Policy, we will notify you and other users by placing the revised privacy policy on our website. You should periodically check www.belouga.org for updates. Material changes will only affect the information we collect after the effective date of the change to our Privacy Policy unless we clearly express otherwise.

Last Updated on 2021-08-20