Skip to main content

Our Privacy Policy

Last Updated: September 27th, 2023

Learnosity respects the privacy of all of its stakeholders and is committed to processing your personal information, also called personal data, responsibly and in accordance with data protection principles and applicable law. This privacy policy explains how we collect, use, share and protect information about you and your rights in relation to your personal information.

Except where specified otherwise, this privacy policy applies to Learnosity Limited and its subsidiaries, Learnosity Inc. and Learnosity Pty Ltd (collectively referred to as “Learnosity”, “we”, “us” or “our”). Where Learnosity mentions its affiliates, those include Questionmark Computing Limited, Questionmark Corporation and Questionmark GmbH.

In this privacy policy we use the terms “Data Controller” and “Data Processor”. These terms have special meanings. “Data Controller” means the organization or person that determines the purpose and means of the processing of personal information, for example an organization or educational institution that is a test sponsor and uses our products and services to deliver assessments to test takers. “Data Processor” means the organization or person that processes personal information on behalf of the Data Controller.

Except when stated otherwise, this privacy policy addresses Learnosity’s activities as a Data Controller. When acting as a Data Processor for its customers, Learnosity is contractually bound to comply with privacy obligations in legally binding contracts that address the requirements of applicable law.

Learnosity only processes personal information pursuant to a lawful basis in accordance with the requirements of applicable law. Lawful bases may include your consent, our legitimate interests and for the performance of a contract with you where products or services are provided. Where Learnosity is acting as a Data Processor, the Data Controller is responsible for ensuring personal information is provided to Learnosity in accordance with applicable law and Learnosity may only process such personal information in accordance with the instructions of the Data Controller.

Our websites

This privacy policy applies to any Learnosity website which includes a link to this privacy policy, including the main public-facing website at https://www.learnosity.com and the separate support site at https://help.learnosity.com (“Learnosity Support Site”). 

Information Collected. When you create an account on the Learnosity Support Site, register for or purchase services either on our main website or via a third-party payment merchant, you enter various information including name and contact details. Learnosity also collects information at this time, including the internal protocol (IP) address used to connect your computer to Internet; login; email address; password; computer and connection information such as browser type and version, operating system, platform and purchase data. Learnosity also records information about your interaction with Learnosity systems and personnel within our customer relationship management system, such as which resources you access or download.

Learnosity offers a chat service on our main website to provide support and assistance in addressing general queries about our products and services, for example if you need help booking a demonstration of our services. This chat service is provided using a third-party supplier. You can use the chat service without providing personal information. However, we necessarily collect all information you enter into the chat service as well as any information you share with us by email, for purposes of reviewing and responding to your communication. Learnosity may ask you to provide personal information when you contact us with support or troubleshooting questions for identification purposes and if that information is necessary to help respond to your queries. We encourage customers to maintain accounts on our Support Site, where they can conveniently view their open support tickets and submit new ones.

Learnosity uses cookies to allow you to stay logged into the website, to make the website experience more useful (such as remembering your preferences), and to gather general statistical information about site use and for marketing purposes. You can manage your cookie preferences and settings through your browser or device settings. Please note that disabling certain cookies may impact the functionality and user experience of the Learnosity website.

Children. Learnosity does not knowingly collect personal information through its websites from any person under the age of 13. We do not market our products and services to persons under the age of 13. If you become aware that a child under the age of 13 has provided personal information to our website, please contact us using the information below.

How Information Is Used. Learnosity uses the information collected via its websites for its internal business purposes (such as maintaining and improving our products and for general, reasonable administrative purposes), to correspond with you (including to provide information on our products and services and for sales and marketing purposes – unless you have opted out of receiving such correspondence in accordance with applicable laws), to gather and analyze information and monitor activity on the website and to provide you with the best product experience. For example, we may use information provided in interactions with our support personnel or using our website to improve our documentation.

Visibility of Information. The personal information you provide to Learnosity will only be visible to you, Learnosity and its affiliates, authorized contractors and subprocessors.

If you create an account on the Learnosity Support Site, your account and support tickets will be visible to you and those included in the submitted support ticket, as well as to Learnosity and its authorized contractors and subprocessors.

Should you use a credit card to make a payment on Learnosity’s websites, Learnosity does not retain a copy of the full credit card number and only retains a reference to the number which is held in full by a secure credit card handling service. Purchasing may also be made via a third-party payment merchant. In this case, Learnosity may be a joint Data Controller with that third-party payment merchant. You should review any third-party payment merchant’s privacy policy before providing them with any personal information, to ensure you are comfortable with their handling of your personal information. Personal information provided to a third party payment merchant will be processed in accordance with that third party’s policies. Learnosity will handle any personal information passed to us by a third-party payment merchant in accordance with this privacy policy.

Your Choices. Learnosity will not ask you to provide personal information that is not reasonably necessary to provide a service or product you request. You can always choose not to provide information, even though it might be needed to make a purchase or to access resources on the Learnosity websites. If you choose not to provide essential information you might not be able to make an online purchase, register for webinars, access online resources on Learnosity websites, or use information on the Learnosity Support Site that requires a user account.

Opt-Out. Learnosity and its affiliates comply with all applicable laws that require opt-in consent prior to sending targeted communication. In compliance with the U.S. CAN-SPAM Act of 2003 and other applicable legislation, Learnosity and its affiliates maintain an opt-out list of email addresses (also known as a ‘suppression list’). This list of addresses may be provided to authorized contractors conducting email broadcasts on Learnosity’s and its affiliates’ behalf, but only for the express purpose of suppressing these addresses from promotional email broadcasts conducted on Learnosity’s and its affiliates’ behalf. If you have registered for an account on the Learnosity Support Site or make a purchase or register for services on our websites, you will receive periodic email newsletters and communications from Learnosity and its affiliates to assist you in learning about assessment technologies. In registering for a user account on the Learnosity Support Site or otherwise providing us with your personal details where Learnosity is the Data Controller, you consent to receipt of such correspondence.

If you do not want to receive communications from us, please follow the unsubscribe instructions at the bottom of the email or newsletter you received (this method is the quickest way to expedite your unsubscribe request). Alternatively, you may submit a request by sending an email to privacy@learnosity.com or by contacting your account manager.

In registering for or purchasing our services on our websites, you will be asked to consent to our processing of your personal information as described above. You may withdraw consent at any time by contacting us as described in this privacy policy.

Recruitment privacy policy

Learnosity is committed to protecting the privacy of personal information provided to us in recruitment processes. We believe it is important that you understand what personal information Learnosity collects about you, how we use it and your rights in this personal information. For more information, refer to our recruitment privacy policy at https://learnosity.com/recruitment-privacy-policy/.

Information collected when you use our Software

Learnosity provides a suite of educational software solutions designed to enhance assessment, learning and analytics capabilities for use by educational institutions, publishers and other providers of assessment technologies and solutions (“Learnosity Customers”), including where applicable in their provision of services to their end-user customers. The Learnosity Customer or if applicable its end-user customer is the Data Controller and Learnosity is a Data Processor in respect of processing of personal information described in this section.

The Learnosity Customer and/or if applicable its end-user customer decides what information they ask for and collect and Learnosity processes this information only to provide the services requested by the Learnosity Customer in accordance with our agreement with that Learnosity Customer. Any information processed by Learnosity will be visible to and shared with the Learnosity Customer and/or if applicable its end-user customer. You should raise with the Learnosity Customer and/or if applicable its end-user customer any concerns you have regarding personal information that you are asked to provide as part of the assessment process.

The Learnosity Software may be used to collect and process information on participants in assessments, exams or other learner activities (“Learners”), creators of content on the authoring site or using the authoring API (“Authors”) and administrative users, including persons submitting technical support requests (“Admin Users”). Learnosity processes this information in accordance with the contract between Learnosity and the Learnosity Customer and for the exclusive purpose of providing the Learnosity Software and associated services.

For Learners, Learnosity will process anonymized string (GUID/UUID recommended) user ID numbers as well as technical and usage data, including IP address. Learnosity will also process answers and scores for Learner activities, as well as any audio and video uploads provided. Learnosity instructs Learnosity Customers not to provide Learnosity with user IDs that include the real names of Learners or any other data from which Learners are identified or identifiable by Learnosity. Learnosity instructs Learnosity Customers that an anonymized string should be used for Learner user IDs.

For Authors that use the authoring site, Learnosity will process contact details restricted to first and last name and email address, as well as technical and usage data including IP address. For Authors using the authoring API, only technical and usage data including IP address will be processed, together with an anonymized string (GUID/UUID recommended) user ID number. For Admin Users, Learnosity will process the same information as for Authors using the authoring site as described above.

Learnosity software also uses cookies to make your experience with the software useful, for example to remember preferences, provide you with a better user experience and to help make the assessment experience more effective.   

We require all Learnosity Customers to comply with all privacy and data protection laws applicable to any personal information being processed, including where applicable the General Data Protection Regulation (Regulation (EU 2016/679)(“GDPR”)), the United Kingdom Data Protection Act 2018 and the GDPR as modified and retained in the law of the United Kingdom (“UK GDPR”), the Swiss Federal Data Protection Act (“FADP”), the California Consumer Privacy Act 2018 as amended, and the California Privacy Rights Act (“CCPA”) and/or the Australian Privacy Principles included in the Australian Privacy Act 1988 (Cth) (“APPs”), when using Learnosity’s services. The collection, use and further disclosure of your personal information by the Learnosity Customer and/or if applicable its end user customer is subject to their own privacy policies, for which Learnosity is not responsible and which may be different from this privacy policy. You should raise any questions about this with those organizations.

The Data Controller is responsible for ensuring that the personal information collected from you and processed as part of the assessment process is collected and processed in accordance with applicable data protection laws. Learnosity acts in accordance with the Learnosity Customer’s instructions, including as recorded in written agreements that only permit Learnosity to use your personal information for purposes of providing the Learnosity software and associated services to the Learnosity Customer.

California Consumer Privacy Act 2018, as amended, and the California Privacy Rights Act (“CCPA”). When providing products and services to organizations that are covered businesses under the CCPA or otherwise when implied by that law, Learnosity will be acting as a “service provider.” In this case, Learnosity will enter into written agreements with such Learnosity Customers to meet the applicable requirements of the CCPA. Learnosity will only use personal information of California consumers that it receives as a service provider in accordance with the Learnosity Customer’s written contractual instructions and purposes, and shall not retain, use, disclose or otherwise process personal information otherwise than as permitted for service providers under the CCPA and its regulations. Learnosity does not sell or share personal information as such terms are defined in the CCPA.

Disclosing information to others

Learnosity does not sell or rent personal information (including your email address) it collects to others; however, it may disclose personally identifiable information in the following situations and where applicable in compliance with and limited by the requirements of applicable data protection laws and other commitments made by Learnosity to good privacy practice:

(a) in response to a subpoena, court order or legal process, to the extent permitted and required by law;

(b) to protect your security or the security of other persons including in response to lawful requests by public authorities, including for national security or law enforcement purposes, consistent with applicable law;

(c) in connection with a sale, joint venture or other transfer of some or all of the assets of Learnosity and/or its affiliates, provided that the acquirer commits to using personal information in a manner consistent with applicable law and this privacy policy;

(d) to companies in the Learnosity group including its affiliates, and a limited number of organizations or individuals who are working as our authorized contractors, resellers or agents and who are committed and obliged to protect your privacy in a manner consistent with this privacy policy and applicable law;

These organizations and individuals assist us in providing services to customers and prospects, including the provision of data storage services, customer relationship management, technical support and consulting or other services, and may as instructed by Learnosity to access, store, use or process personal information when providing services to us;

(e) when you request it, for instance if you have asked us to do this as part of an effort to connect you with experts who can help you.

By registering for a user account on the Learnosity Support Site, making a purchase on our websites or otherwise providing us with your personal information, you give your consent for your personal information to be transmitted in the situations outlined above. You may withdraw this consent at any time by contacting us as described in this privacy policy.

The Data Controller is responsible for ensuring that transmittal of personal information collected from you as part of the assessment process is in accordance with applicable data protection laws. Learnosity acts in accordance with the Learnosity Customer’s instructions in respect of such personal information.

As a Data Processor of any personal information collected from you as part of the assessment process, Learnosity may only disclose personal information to others as authorized by the applicable Learnosity Customer in accordance with applicable laws.

Transmission of information and cross-border transfers

Data collected and received by us may be transmitted to the United States and other countries where Learnosity or its affiliates and contractors are located. The internet is a global environment. By using this website and sending information to us electronically, you consent to international transmission of any data that you may choose to supply us. The purpose of international transmissions is to provide support in respect of our services, utilize personnel within the Learnosity group, including its affiliates, and use subcontractors that provide services to us.

Information transmissions to this site and emails sent to us may not be secure. Although Learnosity places a high priority on security and uses reasonable security measures, due to the inherent nature of the internet, all internet transmissions are done at the user’s own risk.

When Learnosity transfers personal information from the European Economic Area, Switzerland and United Kingdom to other countries, we will only do so with arrangements in place that are designed to ensure that your personal information is protected in those other places in accordance with applicable legal requirements.

Learnosity may transfer personal information to countries considered by the European Commission, Switzerland and the United Kingdom as applicable to provide an adequate level of data protection as compared with EU, Swiss and UK data protection laws. In respect of other countries, Learnosity has contractual agreements in place with its relevant suppliers incorporating the EU Standard Contractual Clauses and UK and Swiss addendums, as applicable, and Learnosity Inc. has certified to the EU-U.S. Data Privacy Framework (EU-U.S. DPF), UK Extension to the EU-U.S. DPF and Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) with respect to transfers to the United States of America as elaborated on below.

As a Data Processor, Learnosity may only transfer personal information to other countries in accordance with the requirements and restrictions of its contracts with Learnosity Customers and applicable laws.

EU-U.S. Data Privacy Framework (EU-U.S. DPF); UK Extension to the EU-U.S. DPF and Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF)

Learnosity Inc. complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce.

Learnosity Inc. has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF and from the United Kingdom (and Gibraltar) in reliance on the UK Extension to the EU-U.S. DPF.  Learnosity Inc. has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF.  If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern.  To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit https://www.dataprivacyframework.gov/. As a participating organization in the EU-U.S. DPF, UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF, Learnosity Inc. accepts responsibility for onward transfers to third parties and if such third parties’ processing is inconsistent with the EU-U.S. DPF Principles and Swiss-U.S. DPF Principles, unless Learnosity Inc. can prove it is not responsible for the event giving rise to the damage.

Access and other rights that you have

You may request access to your personal information in order to review, correct and/or delete any personal information Learnosity retains about you by:

sending an email request to the Learnosity privacy team at privacy@learnosity.com.

mailing a request, via regular mail, postage pre-paid in the:

  • US: Learnosity privacy team, Learnosity Inc., 260 Madison Avenue, 8th Floor, New York, NY 10016, USA
  • Ireland: Learnosity privacy team, Learnosity Limited, The Masonry, 151 Thomas St, Dublin, D08 PY5E, Ireland
  • Australia: Learnosity privacy team, Learnosity Pty Ltd, Mezzanine, 388 George Street, Sydney, NSW 2000, Australia

In your request, please clearly state what personal information you would like to have access to. Learnosity will respond to requests within 30 days.

UK, Swiss and EU residents have rights to access personal information stored about them and to limit its use and disclosure. This includes the right to request access to and rectification or erasure of personal information or restriction of or objection to processing, as well as the right to data portability and to withdraw consent to processing of personal information. Learnosity’s customers store personal information within our systems and therefore if you want to receive access to, limit the use of, or limit disclosure of, your personal information received by Learnosity as part of an assessment process, you should ask for this via the Learnosity Customer or its end user customer that is sponsoring the assessment. Similar rights exist for California consumers under the CCPA, if the Learnosity Customer or its end user organization sponsoring the assessment is a business covered by that law. If you are a California consumer, you should contact those organizations directly to most quickly exercise the rights you may have.

Where you have provided personal information directly to Learnosity, such as when registering for a Learnosity Support Site user account or purchasing services on our website, Learnosity will on request provide you with the personal information it retains about you in accordance with applicable data protection law.

Retention of personal information

Learnosity retains your personal information for as long as is necessary to provide its services which includes prudent, limited duration archive retention, for compliance with legal obligations, to enforce our rights under agreements and as permitted under applicable data protection law, including where relevant subject to the requirements of the EU-U.S. Data Privacy Framework principles. Retention periods will therefore reasonably vary based upon the nature of the personal information involved.

Where personal information is stored within our services by Learnosity Customers or their end user customers, the Data Controller determines and is responsible for the length of time during which personal information is retained. Learnosity acts in accordance with the Data Controller’s instructions and may not retain personal information contrary to these instructions.

Aggregation and quality assurance use

Learnosity may from time to time use assessment or website personal information collected for purposes of maintenance and operation of services provided to you, including for internal quality assurance purposes, for instance to ensure that new releases of software behave as expected.

Learnosity has a formal data security policy that keeps track of any such data and carries out internal exercises to ensure that it is not misused.

Learnosity may statistically aggregate data in non-person specific form, and subject to applicable law use this data for operations management, quality control, security and marketing purposes and to improve the quality of our future products and services, and subject to applicable law pass this to Learnosity Customers and their end user customers. Such activities on any personal information provided for assessment purposes may only be carried out with the instructions of the Learnosity Customer, for which Learnosity acts as a Data Processor.

By using our site or services, you give consent for such use. Except where our use does not require consent under applicable law, you may withdraw your consent to such use at any time by contacting us as described in this privacy policy. The right to object to processing of your personal information under the GDPR applies even when we process your personal information on a basis other than your consent, such as based on our legitimate interests or to perform a contract with you.

How we protect your information

To prevent unauthorized access, maintain data accuracy, ensure the appropriate use of information and protect against the loss, misuse or alteration of information under our control, we have put in place appropriate physical, technical and administrative controls to protect personal information we collect through our website. Learnosity maintains a formal, internal data security policy that is regularly reviewed and audited and on which all employees are trained.

Where Learnosity acts as Data Processor, we comply with written contractual obligations agreed with Learnosity Customers, including having in place appropriate technical and organizational measures that are designed to protect personal information. More information on Learnosity technical and organizational measures can be found at https://learnosity.com/data-protection-protocols/.

Links to other websites

Our websites and assessments taken using our services may contain links to other websites on the Internet that are not operated by Learnosity. For the avoidance of doubt, this privacy policy covers only the Learnosity sites and servers and not other websites or systems, even if linked to from Learnosity’s websites.

Changes to this privacy policy

From time to time, we may need to update this privacy policy. We reserve the right to do so by updating this privacy policy which will be pointed to from our website. The ‘last updated’ date at the top of this page will be modified to show that a change has been made.

When the changes are material, we will also inform you in advance of any changes taking effect in our newsletter and/or otherwise prominently posting a notice of such changes or by directly sending you a notification of changes.

We stand behind the promises we make, and unless required by law will never materially change our policies and practices to make them less protective of personal information collected in the past without the consent of affected customers. We encourage you to review this privacy policy periodically for any changes or updates.

Enforcement

Learnosity is committed to working with individuals to obtain a fair resolution to any complaints or disputes about privacy and personal information.

Learnosity carries out periodic self-assessments to verify that its privacy policy and practices are implemented as described and will take such actions as may be required to address any compliance failures, including with reference to the requirements of the EU-U.S. Data Privacy Framework principles and applicable law. Please contact us if you have any questions or concerns regarding this privacy policy or our practices.

Learnosity’s commitment to privacy is demonstrated and documented by our adherence to applicable laws, execution of the E.U. Standard Contractual Clauses and UK and Swiss addendums with relevant third parties and Learnosity Inc.’s participation in the EU-U.S. DPF, UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF.

Any questions, complaints or concerns about this privacy policy should be sent to Learnosity’s privacy team at privacy@learnosity.com or via regular mail, postage prepaid, addressed in the:

  • US: Learnosity privacy team, Learnosity Inc., 260 Madison Avenue, 8th Floor, New York, NY 10016, USA
  • Ireland: Learnosity privacy team, Learnosity Limited, The Masonry, 151 Thomas St, Dublin, D08 PY5E, Ireland
  • Australia: Learnosity privacy team, Learnosity Pty Ltd, Mezzanine, 388 George Street, Sydney, NSW 2000, Australia

You may also call Learnosity and raise issues at our contact telephone numbers on our website.

We will respond to your concerns within the scope of the EU-U.S. Data Privacy Framework principles within 45 days or sooner if required by applicable law.

In compliance with the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF, Learnosity commits to resolve DPF Principles-related complaints about our collection and use of your personal information. EU, UK and Swiss individuals with inquiries or complaints regarding our handling of personal data received in reliance on the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF should first contact Learnosity Inc. at: FAO Learnosity privacy team, 260 Madison Avenue, 8th Floor, New York, NY 10016, USA or privacy@learnosity.com, or using any of the other contact information above.

In compliance with the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF, Learnosity Inc. commits to cooperate and comply respectively with the advice of the panel established by the EU data protection authorities (DPAs), the UK Information Commissioner’s Office (ICO) and the Gibraltar Regulatory Authority (GRA), and the Swiss Federal Data Protection and Information Commissioner (FDPIC) with regard to unresolved complaints concerning our handling of personal data received in reliance on the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF.

The Federal Trade Commission has jurisdiction over Learnosity Inc.’s compliance with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF).

In respect of personal information within the scope of the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF and Swiss-U.S. DPF, under certain circumstances described therein you may have the right to initiate binding arbitration relating to this privacy policy or Learnosity Inc.’s relevant practices once other dispute resolution mechanisms have been exhausted, as further described in Annex I to the EU-U.S. DPF at https://www.dataprivacyframework.gov/framework-article/ANNEX-I-introduction

How to contact us

If you have any questions or concerns about this privacy policy or how we have handled your personal information, please contact Learnosity’s privacy team at privacy@learnosity.com or using the contact information provided above. If we are unable to satisfactorily deal with your concerns, you should contact the bodies referred to above. Unless stated otherwise in this privacy policy or required by law, we will respond within 30 days.