Last modified: April 1, 2020
1. DATA RIGHTS. Customer owns all right, title and interest in all data and/or content created or provided by Customer, and in all data derived therefrom (“ Customer Data ”) excluding the Non-Identifiable Aggregated Data (as defined below). Nothing in this Agreement shall be construed to grant ManagedMethods any rights in Customer Data beyond those expressly provided herein. As between ManagedMethods and Customer, Customer shall retain possession of the Customer Data at all times. ManagedMethods shall implement daily backup of the Customer Data for the purpose of service recovery in the case of service unrecoverable failure, except if Customer specifically requests ManagedMethods to disable ManagedMethods’ automatic backup procedure. Backup files will also be considered Customer Data. Notwithstanding any other restrictions on use of data in this or any other agreement (i) Customer grants ManagedMethods the limited, non-exclusive right to perform an automated content scan of Customer Data stored with Customer’s Cloud Provider solely for the purpose of providing the Services to Customer, (ii) Customer grants ManagedMethods the limited, non-exclusive right to view, modify, collect and use the Customer Data to create meta-data derived from Customer Data (which may include, by way of example, file encryption, file modification dates, audit trails, and the number of times a file has been accessed (Customer Meta-Data)), solely for the purpose of providing the Services to Customer (iii) Customer grants ManagedMethods the right to collect and use anonymized generic statistical information derived from such Customer Meta-Data (but not derived from the Customer Data directly) and aggregate it with statistical information from other customers (Non-Identifiable Aggregated Data) solely for providing and improving its services, and (iv) Customer agrees that ManagedMethods shall own all right, title and interest in any such Non-Identifiable Aggregated Data. For purposes of greater clarity, ManagedMethods will not store any Customer Data, except to the extent that it constitutes Customer Meta-Data. As between ManagedMethods and Customer, Customer is solely responsible for the content, quality and accuracy of Customer Data, for securing any necessary approvals for ManagedMethods’ use of the Customer Data as provided for herein, and for ensuring that the Customer Data as made available by Customer complies with applicable laws and regulations. ManagedMethods is not responsible for Customer Data once it leaves the ManagedMethods Service, including by way of example, if Customer downloads a report from the Service to a Customer personal computer.
The App will only use access to read, write, modify or control your G Suite data, including Gmail message bodies (and attachments), metadata, headers, and settings, G Drive files, metadata, read access to admin API data such as logins, third party apps to provide the service. The App will not transfer this data to others unless doing so is necessary to provide and improve these features, comply with applicable law, or as part of a merger, acquisition, or sale of assets.
The App will not use this data for serving advertisements.
The App will not allow humans to read this data unless we have your affirmative agreement for specific data, doing so is necessary for security purposes such as investigating abuse, to comply with applicable law, or for the App’s internal operations and even then only when the data have been aggregated and anonymized.
For details on how we use each Google scope, please see here
3. USE OF DATA. ManagedMethods uses the data to set up, administer and provide the ManagedMethods Service for organizations. We may also use the information to contact you to further discuss your interest in our company and the ManagedMethods Service, to send information regarding our company or partners, such as promotions and events, and to respond to your requests for information. At any time, you have the ability to opt out of receiving marketing communications from us, but you may not opt out of administrative emails. We may provide your personal information to companies that provide services to help us with our business activities such as payment processing or offering customer service through our live chat service. These companies are authorized to use your personal information only as necessary to provide these services to us.
If you request to quote or purchase a third party solution on the ManagedMethods platform, ManagedMethods will share with your selected third party or its authorized reseller information required in order to provide such quote or fulfill the purchase of the third party license. Such information may include but not limited to total number of users, total number of files, total amount of data stored, average number of file changes per time period, etc. Except as otherwise described in this document, your email address and personal information will not be distributed or shared with any third parties outside ManagedMethods.
With your prior express permission, ManagedMethods may log into your ManagedMethods Service account solely to resolve a problem or support issue. In this case, the ManagedMethods personnel investigating the problem would have the same access and abilities that you have when you are logged in to the ManagedMethods Service; however, the ManagedMethods personnel actions are logged in an immutable audit log.
ManagedMethods collects and stores information to monitor and maintain the ManagedMethods Service to you. Such information includes system health and availability, CPU and disk utilization over time, etc. The sole purpose of collecting this data is to monitor the availability of your service and to respond to failures in order to restore the service. Managed Methods also aggregates anonymized user data, including document and user meta-data, usage and volume statistical information, and other statistics (but not contact information) from our visitors and Users and may provide such anonymous aggregated information to third parties.
Registered Account Information from School/Educators (Name, Address, Billing information, etc.) and Student Information that may be visible during Customer Support/Troubleshooting, including student name, student email address, file names, creation dates of files, login dates/times and third party applications students use.
Portions of the ManagedMethod Service and the Website contain functions for collecting personal information including names and email addresses as well as an individual’s or account’s access history. We may also collect and track other personally identifiable and non-personally identifiable information about you, such as: your IP address, the type of browser you use, and the website you visited before visiting our Website or ManagedMethods Services.
If you are using the service as an Educational Institution, student information may be visible during Customer Support and/or Troubleshooting. Personally identifiable information such as student name, student email address, file names, creation dates of files, login dates and times, and third party applications which students use could be viewed on our service by Product Support Staff.
If you register to use the ManagedMethods Service or express interest in obtaining additional information, we require you to give us your contact information, such as your name, company name, address, and email address. We may also ask for additional personal information, such as title, phone number, department name or additional company information, such as annual revenues, number of employees, or industry. You can opt out of providing this additional information by not entering it when asked.
In addition to the above, ManagedMethods may in any event use and disclose information disclosed to it or collected by to the extent required by any law, subpoena, legal process, court, judicial, regulatory or governmental authority, or if in ManagedMethods’ reasonable discretion use or disclosure is necessary to investigate fraud or any threat to the safety of any individual, to protect ManagedMethods’ legal rights or to protect the rights of third parties. In the event that ManagedMethods is involved in a merger, reorganization, dissolution, sale of business, assets or similar event, information disclosed to or collected by ManagedMethods may be transferred to ManagedMethods’ successor, or to the purchaser of such assets, as applicable. You will be notified via email and/or a prominent notice on our Website of any change in ownership or uses of your personal information, as well as any choices you may have regarding your personal information.
4. POLICY TOWARDS K-12 EDUCATION AND CHILDREN. We adhere to the laws of the State of Colorado for Student Data Transparency and Security Act as passed in HB16-1423 and signed into law on June 10, 2016 and the United States Family Educational Rights and Privacy Act of 1974.
Regarding FERPA and California AB 1584 (Buchanan) Privacy of Pupil Records: 3rd-Party Digital Storage & Education Software (Education Code section 49073.1), ManagedMethods will abide to the following:
(1) Student records obtained by ManagedMethods from an educational institution continue to be the property of and under the control of the educational institution. The educational institution retains full ownership rights to the personal information and education records it provides to ManagedMethods.
(2) ManagedMethods does not retain or store user generated content.
(4) Parents, legal guardians, or eligible students may review personally identifiable information in the student’s records and correct erroneous information by contacting their educational institution. Additionally, ManagedMethods users may access, correct, update, or delete personal information in their profile by signing into console, accessing their user account, and making the appropriate changes.
(5) ManagedMethods is committed to maintaining the security and confidentiality of student records. Towards this end, we take the following actions: (a) we limit employee access to student data to only those employees with a need to such access to fulfill their job responsibilities; (b) we conduct background checks on our employees that may have access to student data; (c) we conduct regular employee privacy and data security training and education; and (e) we protect personal information with technical, contractual, administrative, and physical security safeguards in order to protect against unauthorized access, release or use.
(6) In the event of an unauthorized disclosure of a student’s records Managed Methods will promptly notify Users, unless specifically directed not to provide such notification by law enforcement officials. The notification shall identify: (i) the date and nature of the unauthorized use or disclosure, (ii) the Private Data used or disclosed, (iii) general description of what occurred including who made the unauthorized use or received the unauthorized disclosure, (iv) what ManagedMethods has done or shall do to mitigate any effect of the unauthorized use or disclosure, (v) what corrective action ManagedMethods has taken or shall take to prevent future similar unauthorized use or disclosure, (vi) and who at ManagedMethods the User can contact. ManagedMethods will keep the User fully informed until the incident is resolved.
(7) ManagedMethods will delete or de-identify personal information when it is no longer needed, upon expiration or termination of our agreement with an educational institution with any deletion or de-identification to be completed according to the terms of our agreement with the educational institution, or at the direction or request of the educational institution.
(8) ManagedMethods agrees to work with educational institutions to ensure compliance with FERPA and the Parties will ensure compliance by providing parents, legal guardians or eligible students with the ability to inspect and review student records and to correct any inaccuracies therein as described in statement (4) above.
(9) Managed Methods prohibits using personally identifiable information in student records to engage in targeted advertising.
(10) Regarding COPPA, we are required to obtain consent for the collection of personal information online from children under 13. When schools use our Services, the school (including a teacher, administrator or school district) is required to consent to the collection and use of personal information from students as part of signing up to use the Services.
We will not collect more information than is required to use our Services. The information collected is not made publicly available. ManagedMethods is not a platform in which a student, including children under 13, can make their information publicly available.
You may withdraw your consent to our processing of the personal information of your students at any time. However, withdrawing consent may result in the inability to use some or all of the Services.
(11) Regarding information we collect about your students: ManagedMethods monitors students’ activities in the cloud, ManagedMethods analyzes user activities within the school’s web applications to include Google G Suite, Google Drive, Office 365 Mail, OneDrive, SharePoint, Slack, Box, Dropbox and ShareFile, and as such, may have access to students’ personal identifiable information.
Personal information of your students may be collected directly from you or your students, from third parties, and automatically through your student’s use of the Services. Such information may include, but is not limited to, name, address, online activity, images, electronic communications, school work, etc.
(13) Managed Methods will limit use of student data only in the context of a support issue with School permission. Managed Methods will use student data to troubleshoot issues within the customer environment per a support ticket.
(14) Managed Methods third-party vendors do not resell student data and only use student data in technical support with School permission. Please see the below Section 5-12 for how we require third parties to handle student data.
(15) We will only contract with future vendors that are consistent with Student Privacy Pledge principles.
(16) The below Section 5 details how we secure student personal information.
5. SECURITY. We follow generally accepted industry standards to protect the personal identifiable information submitted to us, both during transmission and once we receive it. However, due to the nature of Internet communications and evolving technologies, unauthorized entry or use, hardware or software failure, and other factors, the security of Customer Data may be compromised at any time. No method of transmission over the Internet, or method of electronic storage, is 100% secure. Therefore, we cannot guarantee the absolute security of personal identifiable information and disclaim any assurance that such information will remain free from loss, misuse, or alteration by third parties who, despite our efforts, obtain unauthorized access.
If ManagedMethods becomes aware of a systems security breach by an unauthorized party or that any user data was used for an unauthorized purpose, we will comply with relevant state and other data breach laws. We will notify IT administrators of any breach resulting in unauthorized release of data electronically, at minimum, and without unreasonable delay so that you can take appropriate steps. The notification will include: date of the breach, types of information that were subject to the breach, general description of what occurred, and the steps ManagedMethods is taking to address the breach.
ManagedMethods uses the following third party service providers:
|Third Party||Purpose||Information Shared|
|Google Cloud Platform||Hosting||Our service runs on Google Cloud Platform, which is COPPA compliant|
|Zendesk||Customer Support||We use Zendesk to publish product updates and user guides, and track customer support activities|