Privacy policy

Effective Date: October 4, 2024

Introduction

We at Lyceum AI, Inc. ("Lyceum”, "Platform", "Service", "we", "us", or "our"), we are committed to protecting the privacy and security of our users' information, especially that of students and educators. This Privacy Policy explains how we collect, use, disclose, and protect personal information when you interact with our platform. By using Lyceum (the “Site”), you agree to the terms of this Privacy Policy (“Policy”). Please note that our Service is designed for educational organizations (“Educational Partner,” “Educator,” or “Educational Institution”), and as such, we adhere to applicable federal student privacy laws, including the Family Educational Rights and Privacy Act (FERPA), the Children's Online Privacy Protection Act (COPPA), and Protection of Pupil Rights Amendment (PPRA). For the purposes of this Privacy Policy, “Personal Information” means any information that is linked or reasonably linkable to an identified or identifiable natural person. PII does not include publicly available information from government records, deidentified or aggregate information, or information excluded from the scope of “Personal Information” or “PII” as defined by applicable laws.

 

Children Information

COPPA require us to inform parents and legal guardians about our practices for collecting, using, and disclosing personal information from children under the age of 13 ("children"). It also requires us to obtain verifiable consent from a child's parent for certain collection, use, and disclosure of the child's personal information. This Policy notifies parents of:

·       The types of information we may collect from children.

·       How we use the information we collect.

·       Our practices for disclosing that information.

·       Our practices for notifying and obtaining parents' consent when we collect personal information from children, including how a parent may revoke consent.

·       All operators that collect or maintain information from children through this Service.

 

Information We Collect

In order to provide you with our products and services or communicate with you, we collect information in the following categories:

  1. Account Information: When you create an account with Lyceum, we collect your name, email address, and password. If you are an educator or administrator, we may also collect your role and the name of your educational institution.

  2. Student Data: We collect information about students provided by the educational institution, educators, or students themselves. This may include student names, grades, and school-related performance data. We collect only the minimum amount of information necessary to provide our Service.

  3. User-generated Content: When you interact with the Lyceum Platform, we collect the questions you ask, the responses generated by the AI, and any feedback you provide.

  4. Usage Data: We collect information about how you interact with our Service, such as the features you use, the time you spend on the platform, and the device you use to access the Service.

  5. Technical Data: We collect technical data, such as cookies, your IP address, browser type, device information, and operating system, to improve our Service and ensure compatibility with various devices.

  6. Communication Information: If you communicate with us, we collect your name, contact information, and the contents of any messages you send.

  7. Third-party integrations: We allow you to connect third-party applications to our Service for the purposes of signing up for an account, signing in to an existing account, and importing classroom roster data. Signing up and signing in to our Service requires access to your email, first name and last name. Importing classroom roster data will require permission to access your classrooms, classroom rosters and student email addresses. Third-party applications include but are not limited to, Google Classroom. Access tokens obtained through integrations are stored in an encrypted format for enhanced security.

  8. Publicly available information: We may obtain Personal Information about you from other sources, including public records, publicly available information on internet sites, and third parties that help us update, expand, and analyze our records and inform our marketing and recruitment efforts. For instance, we may use information from LinkedIn or from a third-party data provider to update information about you in our contact database.

  9. Deidentified Information: We may collect information that cannot reasonably be used to infer information about, or otherwise be linked to, a particular person (“Deidentified Information”). Deidentified Information may include, but not limited to: (i) device type, (ii) device operating system, (iii) internet browser type, (iv) internet service provider, (v) referring/exit pages, (vi) date/time stamp, and (vii) clickstream information. We will take reasonable measures to ensure that Deidentified Information we collect is not personally identifiable and may not later be easily used to identify you as required by applicable law. We agree not to attempt to re-identify Deidentified Information and not to transfer Deidentified Information to any third party unless the third party agrees to not attempt re-identification.

 

Student Data

We consider Student Data to be confidential and do not use Student Data for any purpose other than to provide our Services on the Educational Institution’s behalf, in accordance with contractual agreements with the Educational Institution. To help Educational Institutions address their obligations to protect their students’ data privacy, we have implemented additional controls and procedures for Educational Institutions when they enter into a contract with Lyceum to make our Services available to students for an educational purpose

 

As between us and the Educational Institution, Student Data are owned and controlled by the Educational Institution. Our collection and use of Student Data is governed by our contracts with the Educational Institutions and by applicable privacy laws. For example, we provide our Services to Educational Institutions as a “School Official” under FERPA and we work with Educational Institutions to help protect personal data from the Student’s educational record, as required by FERPA.

 

  1. We collect, maintain, use and share Student Data only for an authorized educational purpose and as described in our Agreement with the Educational Institution, or as directed by the Educational Institution or by the Student’s parent or legal guardian (each, a “Parent”).

  2. We do not use or disclose Student Data for targeted advertising purposes. Specifically, personalized advertising (ads based on a user’s personal information) is not used or displayed in Lyceum’s products. We are committed to protecting the privacy and data of our students. We do not share student data with third-party advertisers or use it to create profiles for advertising purposes.

  3. We do not build a personal profile of a Student other than in furtherance of an educational purpose.

  4. We maintain a comprehensive data security program designed to protect the types of Student Data maintained by the Service.

  5. We will clearly and transparently disclose our data policies and practices to our users.

  6. We will never sell Student Data unless the sale is part of a corporate transaction, such as a merger, acquisition, bankruptcy, or other sale of assets, in which case we will require the new owner to continue to honor the terms provided in this Data Policy or we will provide the Educational Institution with notice and an opportunity to opt-out of the transfer of Student Data by deleting the Student Data before the transfer occurs.

  7. We will not make any material changes to our Student Data Policy or contractual agreements that relate to the collection or use of Student Data without first giving notice to the Educational Institution and providing a choice before the Student Data are used in a materially different manner than was disclosed when the information was collected.

 

How We Collect Information

The information we collect depends on how users use our Services or otherwise interact with us. We collect PII and Deidentified Information in various ways, including:

 

Directly from You: We collect PII when you voluntarily submit PII to us while completing forms and in connection with other activities, services, features, or resources we make available. The PII we collect depends on how you use our Services, or how you choose to communicate with us.

 

Through Your Use of the Site: We may collect PII and Deidentified Information that your browser transmits when you use our Services or otherwise interact with us. We may also collect Deidentified Information about how you use our Services or otherwise interact with us through the use of automated tracking technologies, such as session cookies, persistent cookies, and web beacons.

 

A cookie is a small data file that is transferred to an internet browser, which enables the Site to remember and customize your subsequent visits. We may use session cookies to make it easier for you to navigate the Site. Session cookies expire when you close your browser. We may also use persistent cookies to track and target your interests to enhance your experience on the Site. Persistent cookies remain on your device for an extended period of time. 

 

Most internet browsers automatically accept cookies. However, you can instruct your internet browser to block cookies or to provide you with a warning prompt before you accept cookies from the Site. Please refer to your internet browser’s instructions to learn more about these functions. If you reject cookies, the functionality of the Site may be limited and you may not be able to participate in several of the Site’s features.

 

Additionally, we may use web beacons, which are single-pixel, electronic images embedded in the Site that allow us to gather information about your browsing activities on the Site.

From Third Party Services: We may collect PII about you from third parties whose privacy practices may differ from the practices described in this Policy. We do not make any representations or warranties concerning, and will not in any way be liable for, any informational content, products, services, software, or other materials available through third parties. Your use of third parties’ services and/or third party websites is governed by and subject to the terms and conditions of those third parties and/or third party websites. We encourage you to carefully review the privacy policies and statements of such third parties and/or third party websites.

 

How We Use Information

We may use users’ PII for lawful business purposes to help enhance users’ experience. These purposes include:

 

Providing our Services: We may use your PII to fulfill the purpose for which you provide it. For example, if you give us an email address to sign up for communications from us, we will use that email information to contact you as requested.

 

Marketing: We may use your Deidentified Information and aggregate information for marketing and advertising purposes.

 

Customer Service and user Communications: We may use your PII to help us respond to your inquiries, questions, requests, and support needs more efficiently.

 

User Experience Personalization:  We may use your information to personalize the Service to your interests and preferences. For example, we may use such information to tailor the content and information that we send or display to you, offer personalized recommendations, help, and instructions, or otherwise personalize your experience while using our Services. We may also use users’ PII and/or Deidentified Information in the aggregate to analyze users’ browsing and usage activities and patterns in order to understand users’ interests and preferences with respect to our Services.  This will help us optimize your experience on our Services.

 

Business Optimization:  We may use your PII and/or Deidentified Information to improve the content on our web pages, to customize the content and layout of our web pages, conduct internal research and development, administer surveys or market research, and in managing our everyday business needs. We may also use your feedback to improve our Services, including by monitoring, auditing, and analyzing trends, usage, and activities on the Site. All of this is done with the intention of making our Services more useful for you.

 

Safety and Security: We may use your PII and/or Deidentified Information to promote the safety and security of the Service, our users, and other parties. For example, we may use the information to authenticate users, protect against fraud and abuse, respond to a legal request or claim, conduct audits, and enforce our terms and policies.

 

We will not collect additional categories of PII or use PII we collected for materially different, unrelated, or incompatible purposes without providing you notice.

 

We prohibit mining your Personal Information for any purposes without your consent. We also prohibit data mining or scanning of Content for the purpose of advertising or marketing to students and their parents.

 

How We Share and Disclose Information

Educational Institutions understand that we will occasionally rely on one or more subcontractors to perform Services. We agree to share the names of these subcontractors with Educational Institutions upon request. All of our subcontractors and its successors shall agree to be subject to this Policy. We disclose Student Data solely as needed to provide our Services on behalf of specific Educational Institutions in accordance with our contractual agreements with those Educational Institutions or with the consent of the Educational Institution or Parent. For example, Student Data and account usage data may be disclosed to or accessible by users who are authorized to use the Service on behalf of the Educational Institution, such as the student’s teacher or other administrative professional. We also disclose Student Data to our trusted service providers who have a legitimate need to access such information on our behalf, subject to appropriate contractual terms to protect such data. We may disclose Deidentified Information to third party advertising partners who help us serve advertisements across the web. This information does not identify you personally, but may be used by those marketing and advertising partners and other third parties to enable them to recognize you on other sites and services. Furthermore, we may disclose Student Data in connection with a business transaction or to support our legal rights and obligations, as described in our Information Sharing and Disclosure section of the Privacy Policy.

 

We may disclose your PII to law enforcement or other government officials if it relates to a criminal investigation or alleged criminal activity.  We may also disclose your PII: (i) if required or permitted to do so by law; (ii) for fraud protection and credit risk reduction purposes; (iii) in the good-faith belief that such action is necessary to protect our rights, interests, or property; (iv) in the good-faith belief that such action is necessary to protect your safety or the safety of others; or (v) to comply with a judicial proceeding, court order, subpoena, or other similar legal or administrative process.

 

If we become involved in a transaction involving the sale of our assets, such as a merger or acquisition, or if we are transferred to another company, we may disclose and/or transfer your PII as part of the transaction. If the surviving entity in that transaction is not us, the surviving company may use your PII pursuant to its own privacy policies, and those policies may be different from this Policy.

 

How We Use De-Identified Data

We may also generate, use, and disclose de-identified information for adaptive learning purposes or customized student learning purposes, to recommend content or services relating to Educational Institution purposes or other educational or employment purposes, to develop, research and improve our Services, or to demonstrate the effectiveness of our Services. In addition, we may use de-identified information for the development and improvement of other educational sites, services and applications or technologies more generally to the extent permitted under applicable law. “De-identified information” means data from which all personally identifiable information has been removed or obscured so that the remaining information does not reasonably identify an individual and there is no reasonable basis to believe that the information can be used to identify an individual.

 

How We Retain Information

We will retain users’ PII while they maintain an account with us or to the extent necessary to provide our Services. Thereafter, we will keep PII for as long as necessary: (i) to respond to any queries from users; (ii) to demonstrate we treated users fairly; (iii) for ordinary business continuity procedures; or (iv) to comply with any applicable laws. We delete PII within a reasonable period after we no longer need the information for the purposes set out in this Policy. Notwithstanding the foregoing, upon request from Educational Institutions, we will ensure that all Personal Information in our possession, as well as that held by our subcontractors or agents to whom we have transferred Personal Information, is either destroyed or transferred to the Educational Institutions in accordance with their directions. .

 

Educational Institutions are responsible for maintaining current class rosters, and for managing Student Data which they no longer need for an educational purpose by submitting a deletion request. Please note: even in the absence of instruction by the Educational Institution, we may delete or de-identify data after a period of user inactivity in accordance with our standard data retention policies. 

 

If you are using our Services on behalf of an Educational Institution and wish to access Student Data, delete Student Data or close your account, please contact us (contact@lyceumlearning.ai). If you are a Parent or Student and wish to access Student Data, delete Student Data or close your account, please direct your request to your Educational Institution.

 

Security

The security and confidentiality of your PII is very important to us. We use commercially reasonable security measures to protect your PII. This includes appropriate administrative, physical, and technical safeguards to secure PII from unauthorized access, disclosure, and use. Lyceum will conduct periodic risk assessments and remediate any identified security vulnerabilities in a timely manner. Lyceum will also have a written incident response plan, to include prompt notification of Educational Institutions in the event of a security or privacy incident, as well as commercially reasonable practices for responding to a breach of PII. Lyceum agrees to share its incident response plan upon Educational Institutions’ request. However, no data transmitted over or accessible through the internet can be guaranteed to be 100% secure.  As a result, while we attempt to protect your PII, we cannot guarantee or warrant that your PII will be completely secure (i) from misappropriation by hackers or from other nefarious or criminal activities, or (ii) in the event of a failure of computer hardware, software, or a telecommunications networks.

 

California Privacy Rights

California’s “Shine the Light” law permits users of our Services that are California residents to request certain information regarding our disclosure of PII to third parties for their direct marketing purposes. To make such a request, please contact us at the Contact Information provided below.

 

Your Privacy Choices

Any Data held by Lyceum will be made available to Educational Institutions upon request.

 

We strive to provide you with choices regarding the PII you provide to us. We have created mechanisms to provide you with the following control over your PII:

 

Tracking Technologies and Advertising: You can set your browser to refuse all or some browser cookies, or to alert you when cookies are being sent. If you disable or refuse cookies, please note that some parts or functions of our Services may then be inaccessible or not function properly.

 

Promotional Communications: If you do not wish to receive promotional emails, text messages and/or other direct marketing communications from us, you may opt-out at any time by (i) following any instructions included in the communication or (ii) contacting us at contact@lyceumlearning.ai. You can deactivate these messages at any time by changing the notification settings on your browser. Please be aware that although you may opt-out of promotional emails, text messages and/or other direct marketing communications, we reserve the right to email you administrative notices regarding our Services and other non-promotional messages, as permitted under the CAN-SPAM Act.

 

Sharing of Your Information for Third-Party Advertising: If you do not want us to share your PII with unaffiliated or non-agent third parties for promotional purposes, you can opt-out by sending us an email with your request to contact@lyceumlearning.ai.

 

Account Information: If you ever wish to access, update, change, delete, correct, or otherwise control your PII, you may do so by sending us an email with your request to contact@lyceumlearning.ai. To help us process your request, please provide sufficient information to allow us to identify you in our records. We reserve the right to ask for additional information verifying your identity prior to disclosing any PII to you. Should we ask for verification, the information you provide will be used only for verification purposes, and all copies of the information will be destroyed when the process is complete.

 

Other State Privacy Rights: Residents of certain states may have additional personal information rights and choices. If you believe you have such additional rights and wish to exercise them, please send us an email with your request, including the specific rights you wish to exercise, to contact@lyceumlearning.ai. Please be aware that your rights are limited to the extent permitted by applicable law.

 

We will make commercially reasonable efforts to respond to opt-out requests and handle requests to access, update, change, delete, or otherwise control your PII as quickly as possible.

 

Third Party Links

The Site and our Services may contain links to other websites or applications (“Linked Sites”) that are not owned by us.  We do not control the collection or use of any information, including PII, which occurs while you visit Linked Sites. Therefore, we make no representations or warranties for—and will not in any way be liable for—any content, products, services, software, or other materials available on Linked Sites, even if one or more pages of the Linked Sites are framed within a page of the Site.

 

Furthermore, we make no representations or warranties about the privacy policies or practices of the Linked Sites, and we are not responsible for the privacy practices of those Linked Sites. We encourage you to be aware of when you leave the Site and read the privacy policies of Linked Sites.

 

Modifications

We reserve the right to update this Policy from time-to-time with advance notice to Educational Institutions. If our privacy practices change materially in the future, we will post an updated version of the privacy policy to the Site. It is your responsibility to review this Policy for any changes each time you use the Site or our Services. We will not lessen your rights under this Policy without your explicit consent. If you do not agree with the changes made, we will honor any opt-out requests made after the Effective Date of a new privacy policy.

 

Questions

If you are a Parent or Student and have questions about specific practices relating to Student Data provided to Lyceum by an Educational Institution, please direct your questions to your Educational Institution.

 

If you have questions about this Policy or wish to contact us with questions or comments, please contact us at contact@lyceumlearning.ai, or by writing to us at Lyceum AI, 20 S Elm St, Oxford OH, 45056.

 

Effective Date

This Policy was last modified as of the effective date printed above. This version of the privacy policy replaces and supersedes any prior privacy policies applicable to the Site and our Services.