Privacy & Data Collection Policy

Last Updated: October 29, 2024

Jumping Links Example

1. Introduction

At InfoBytes Academy (IBA) we prioritize safeguarding your information, using secure encryption for all sensitive data, including passwords, and ensuring compliance with privacy regulations while maintaining transparency about how personal data is used. Our platform and mobile applications provide enhanced functionality, such as content uploading, speech-to-text features, and AI tools for early childhood educators and education professionals. This policy outlines the types of data we collect, how we use it, and the permissions we request to deliver these functionalities.

2. Data Security and Encryption

We utilize robust administrative, technical, and physical safeguards to protect your data against unauthorized access and ensure that your personal information is securely encrypted and accessible only to authorized parties.

  1. Administrative Safeguards:
    • Access Control Policies: We enforce strict access control measures, ensuring that only authorized personnel have access to personal data based on their job responsibilities. Regular reviews of access permissions help maintain compliance and reduce the risk of unauthorized access.
    • Training and Awareness Programs: We undergo regular training on data privacy and security practices to understand the importance of safeguarding personal information and the specific measures in place to protect it.
    • Incident Response Procedures: We have established protocols for identifying, reporting, and responding to data breaches or security incidents, which are regularly tested and updated to ensure readiness and effectiveness.
  2. Technical Safeguards:
    • Encryption: We employ advanced encryption protocols (such as AES-256) to protect data both in transit and at rest, making it inaccessible to unauthorized users. This includes securing communications through HTTPS and encrypting stored data on our servers.
    • Firewalls and Intrusion Detection Systems: Our systems are protected by firewalls that monitor and control incoming and outgoing network traffic based on predetermined security rules. Intrusion detection systems alert us to any suspicious activities that may indicate a breach.
    • Regular Security Audits and Vulnerability Assessments: We conduct regular security audits and vulnerability assessments to identify and mitigate potential weaknesses in our systems. This proactive approach helps us stay ahead of emerging threats.
  3. Physical Safeguards:
    • Secure Data Centers: Our data is hosted in secure data centers equipped with state-of-the-art security measures, including access controls, surveillance, and environmental controls to protect against unauthorized physical access and natural disasters.
    • Employee Screening: All personnel with physical access to our data centers undergo thorough background checks to ensure they meet our security standards.

  • Assessment of Safeguards’ Effectiveness: To ensure the effectiveness of our safeguards, we conduct periodic reviews and assessments, including:
    • Internal Audits: Regular internal audits of our data protection policies and practices help identify areas for improvement and ensure compliance with applicable laws and regulations.
    • Third-Party Assessments: We may engage third-party security experts to conduct independent assessments of our systems and procedures, providing an objective evaluation of our security posture.
    • Incident Reviews: In the event of a security incident, we conduct a thorough review to analyze the circumstances, evaluate the effectiveness of our safeguards, and identify opportunities to strengthen our measures to prevent future occurrences.

3. Purposes for Data Collection

We collect and process personal data to provide our services effectively, personalize user experiences, and protect the integrity of our platform. Each purpose for data use is outlined below:

  • Providing and Customizing the Services
    • Account Management and Personalization: Collect and use personal information to create and manage user accounts, profiles, and preferences.
    • Order Processing and Billing: Process transactions and billing activities using secure payment methods, ensuring accuracy in delivering purchased products or services.
    • Service Delivery: Personalize responses, deliver products, and tailor services based on user input and interactions.

  • Improving and Developing Services
    • Research and Development: Conduct research and internal analytics to refine our offerings and understand user needs.
    • Product Testing and Enhancement: Test new features and functionalities to continually improve user experience and platform reliability.

  • Personalization and User Support
    • Content Customization: Personalize content, communications, and features based on user interests and activity.
    • Customer Support: Address inquiries, provide technical assistance, and help users navigate services as effectively as possible.

  • Security and Fraud Prevention
    • Safety and Integrity of Services: Conduct fraud prevention, security monitoring, and debugging measures to safeguard user data and protect our platform from unauthorized access.

  • Compliance and Legal Obligations
    • Legal and Compliance Purposes: Fulfill requirements or permissions under applicable data privacy laws and respond to legal requests as necessary.

  • Additional Business Purposes (with Explicit Consent)
    • User Consent-Based Initiatives: Use personal data for any other purposes that require explicit consent, such as targeted service updates or engagement activities.

Each category of data processing aligns with your active consent and is essential for providing, enhancing, or securing our services. You may withdraw consent at any time for specific processing activities; however, this may impact your access to certain features.

4. Types of Data We Collect

  • Profile or Contact Information: Email, user ID, unique identifiers, and encrypted passwords accessible only to users.
  • User-Provided Information: Collected when creating accounts, responding to prompts, completing surveys, or contacting us.
  • Payment Data: Securely processed by Stripe, Inc., including payment card type, billing information, and contact details. We do not have access to this information.
  • Device and Log Data: Automatically collected data, such as browser type, IP address, and device ID, to improve site performance and monitor usage.
  • Cookies and Tracking Technologies: Used to enhance performance, track preferences, and support essential functions. Types include: a) Strictly Necessary Cookies for essential operations. b) Functional Cookies for enhanced user experience, and c) performance Cookies for tracking site performance anonymously.
  • Analytics Data: Aggregated analytics measure traffic and usage patterns using tools like Google Analytics. (See Google’s Privacy Policy for details.)
  • Uploaded Content: Files, images, and videos uploaded by users are processed by AI tools to generate content-based outputs, such as educational responses. Profile images are stored for consistent use within the platform but can be deleted by users.
  • Speech Data (Mobile App): Audio data is processed in real-time by AI to convert speech to text, producing content-based outputs, with user control over data deletion. The initial voice recording is not stored.

5. How Personal Data is Used

We do not sell your personal data. Personal data is used exclusively for essential purposes, including:

  • Identification and Account Management: Verifying and securing user accounts.
  • Service Customization: Managing accounts, processing payments, delivering personalized content, and responding to support inquiries.
  • Analytics and Service Enhancement: Improving offerings, enhancing features, and conducting internal research.
  • Communication: Sending updates, surveys, and relevant notifications, with communication preferences managed in account settings.
  • Uploaded Content: Processing files, images, and videos solely for generating outputs based on user-provided data. Profile images may be stored for continued in-platform use.
  • Speech Data: Converting audio recordings into text to produce content-based outputs.

6. Data Sharing

We do not share data with third parties except as necessary to provide services or as required by law.

We may disclose personal information as follows:

  • Service Providers: Trusted third parties supporting operations under confidentiality obligations.
  • Legal Requirements: Disclosure as required by law or legal processes.
  • Consent-Based Sharing: With user consent in specified circumstances.

7. Third-Party Data Sharing (Online Analytics, Links, Plugins, and Services)

We use third-party analytics services to evaluate and improve our services. These providers, such as Google Analytics, collect non-identifiable data and do not use it to create profiles for targeted advertising. Third parties acting on our behalf are subject to confidentiality obligations and will only access personal data as needed to perform their functions. Our services may contain links to external sites. We do not endorse these sites or control their data practices. We recommend reviewing each third party’s privacy policies.

Our website uses third-party plugins to enhance functionality, manage membership services, and maintain site security. These plugins may collect, store, or process limited personal data as necessary to provide their services. We work with reputable third-party providers who comply with data protection regulations and apply robust security measures. We utilize select third-party plugins to enhance site functionality, including tools for site security, spam prevention, and email subscriptions. Some of these plugins may process limited personal data to provide their services effectively. MailPoet is used to manage email subscription services and stores user data (e.g., name, email address). Akismet is used to filter spam comments by analyzing submitted information, and Jetpack tracks site interactions; it also provides site analytics and security features.

To provide a secure and seamless user experience, we use third-party services to manage memberships and protect our website. Paid Memberships Pro is used to manage memberships and access to our content. Paid Memberships Pro may process data such as your name and email address as necessary for membership creation and access management. This information is handled securely and used solely to provide membership services. We use MalCare to monitor and protect our website against security threats. MalCare may temporarily log information such as IP addresses and login attempts to detect and prevent unauthorized access. This data is processed exclusively for security purposes to keep our website and your information secure.

We take our commitment to data privacy seriously and ensure that our agreements with third-party providers adhere to PIPEDA’s privacy standards. This includes strict guidelines on the storage, handling, and use of data for Canadian and international users. We regularly assess our third-party partners to ensure that they comply with applicable privacy laws and maintain robust security measures to protect user information. For further information on how these third-party companies handle data, please refer to their respective privacy policies.

8. AI and External API Services

We collaborate with external services such as OpenAI and YouAI to deliver advanced AI capabilities while ensuring compliance with all applicable data protection regulations. We do not permit third-party providers to use your data for purposes such as advertising, profiling, or direct marketing. Our agreements with these partners include explicit clauses that require compliance with data policies. We regularly review our partnerships to ensure that all third parties meet standards for data privacy and security.

It is important to note that OpenAI, for instance, does not use data submitted via their API to train or improve their models by default, a practice that differs from the models used through ChatGPT. This means that any data shared with OpenAI/YouAI for processing will not be utilized for their model training without explicit consent. We encourage our users to read the privacy policies of all third-party services we partner with, as they provide important insights into how your data may be collected, used, and shared. By staying informed, you can better understand how your personal information is protected and the measures we take to prevent any misuse or mishandling of your data.

9. Data Retention

User data is retained only for as long as needed to fulfill service requirements or comply with legal obligations. Account data is stored until deactivation or deletion by the user, and any content generated by users through our AI tools is stored temporarily on secure servers only while it remains necessary for access or usage.

We categorize data retention periods based on data type:

  • Account Information: Retained until account deactivation or deletion by the user.
  • Transaction and Billing Records: For processing payments and transactions, we use Stripe, a secure third-party payment provider. Stripe is responsible for handling all payment card information, billing details, and related data. We do not store or have access to your payment card details directly; however, we retain transaction records to manage billing and account-related inquiries as needed. Please refer to Stripe’s Privacy Policy for more information on their data processing and security practices.
  • Uploaded Content and AI-Generated Content: Retained on our servers as long as the user requires access. Users can manage or delete their stored content at any time.

Upon expiration of the retention period or if the data is no longer required, we securely delete or anonymize the information to prevent unauthorized access or use. To strengthen compliance with PIPEDA, we conduct regular reviews of retained data to assess its necessity, ensuring that only essential data is stored long-term. All data is encrypted and accessible only by the user, reinforcing our commitment to data security and privacy.

10. International Data Transfers

We may transfer your personal data to third-party service providers, such as Stripe, for processing purposes. When your data is processed outside of Canada, we ensure that appropriate safeguards are in place to protect your information in accordance with applicable privacy laws, including the Personal Information Protection and Electronic Documents Act (PIPEDA). This may include using standard contractual clauses or ensuring that the third-party providers adhere to equivalent privacy standards to those enforced in Canada. We remain committed to ensuring that your data is handled securely and responsibly, regardless of where it is processed.

User Rights and Choices

11. Active Consent for Data Collection

We prioritize transparency and ensure that users provide active consent for the collection of their personal data. During the sign-up process, users are presented with a clear option to indicate their agreement to our Terms of Service and Privacy Policy. By selecting “Yes,” users explicitly consent to the collection and processing of their personal data for essential purposes, including but not limited to account management and service delivery. By providing your information, you agree to the collection and use of your data as outlined in our Privacy Policy. We value your privacy and want to ensure you have full control over your personal data. You can access, review, and update your information at any time by logging into your account and navigating to the account settings. Here, you can view details about the information we have stored, make updates, and manage preferences.

During the sign-up process, you are also presented with the clear option to join our mailing list for company news and marketing communications. You can opt-out of receiving marketing communications by selecting the ‘unsubscribe’ option in any of our communications. Additionally, within the app, you can disable Push Notifications to stop unwanted communications.

11.1 Consent for Cookies

Cookie Policy:

ne one sentence per definitionWe are committed to protecting your privacy and ensuring transparency regarding the use of cookies on our website. Cookies are small text files that are placed on your device to enhance your browsing experience and provide various functionalities. Our cookie policy outlines the types of cookies we use, their purposes, and how you can manage your cookie preferences.

Types of Cookies We Use:

  1. Strictly Necessary/ Essential Cookies: These cookies are necessary for the operation of our website. They enable you to navigate the site and use its features, such as accessing secure areas. Without these cookies, our website cannot function properly.
  2. Non-Essential Cookies: These cookies are not strictly necessary for the functioning of the website but help us improve your experience. They may include:
    • Performance Cookies: These cookies collect information about how visitors use our site, such as which pages are visited most often. This data helps us improve our website’s performance.
    • Functional Cookies: These cookies allow the website to remember your preferences (such as your username and language selection) to provide a more personalized experience.
    • Targeting/Advertising Cookies: These cookies are used to deliver advertisements that are relevant to you and your interests. They also help measure the effectiveness of advertising campaigns.

Obtaining User Consent:

Before placing any non-essential cookies on your device, we will seek your explicit consent. Upon your first visit to our website, you will see a cookie banner that informs you about our use of cookies and directs you to this cookie policy for more information.

You can choose to accept all cookies or customize your preferences by selecting which types of cookies you allow. Essential cookies will be automatically enabled, while non-essential cookies will only be placed if you give your consent.

You have the right to withdraw your consent at any time. Additionally, you can manage your cookie preferences through your browser settings. Please refer to your browser’s help section for information on how to modify your cookie settings.

11.2 Lodging Complaints About Privacy Violations

We take privacy concerns seriously and encourage users to reach out if they believe their personal data has been mishandled. Users can lodge complaints about potential privacy violations by contacting us directly at info@infobytesacademy.com or by filling out our Contact Form.

Under applicable laws, you have the right to object to the processing of your personal data under certain circumstances.

We are committed to addressing your concerns and will work to resolve any issues you may have. If you believe your concerns have not been adequately addressed, you have the right to lodge a complaint with the relevant data protection authority in your jurisdiction. In Canada, this may include contacting the Office of the Privacy Commissioner of Canada. More information on how to file a complaint can be found on their website.

11.3. Summary of User Rights (IBA Platform & Third Parties)

At InfoBytes Academy, we respect your rights concerning your personal data, including how it is shared with third parties.

Your Rights:

  1. Access: You have the right to request a copy of the personal data we hold about you and information about how we share it with third parties.
  2. Rectification: If you believe that any of your personal data is inaccurate or incomplete, you have the right to request that we correct it.
  3. Erasure: You can request the deletion of your personal data when it is no longer necessary for the purposes for which it was collected or if you withdraw your consent on which the processing is based.
  4. Restriction of Processing: You have the right to request that we restrict the processing of your personal data under certain circumstances, such as when you contest the accuracy of your data.
  5. Data Portability: You have the right to receive your personal data in a structured, commonly used, and machine-readable format, and to transmit that data to another controller, where technically feasible.
  6. Object: You can object to the processing of your personal data for direct marketing purposes or when the processing is based on our legitimate interests.

Exercising Your Rights:

To exercise your rights regarding your personal data shared with third parties, please follow these steps:

  • Contact Us: Reach out to our Data Protection Officer at info@infobytesacademy.com. Please provide sufficient information to identify yourself and specify the right you wish to exercise.
  • Response Time: We will respond to your request within one month of receipt. If your request is complex or numerous, we may extend the response time by an additional two months, and we will inform you of this extension.
  • Verification: We may need to verify your identity before processing your request. This is to ensure that your personal data is not disclosed to unauthorized individuals.
  • Third-Party Sharing: If you have consented to your data being shared with third parties, you can revoke your consent at any time. Revoking consent will not affect the lawfulness of processing based on consent prior to its withdrawal. However, please note that revoking consent may limit your ability to use essential features of our platform.

If you have any concerns about how we handle your personal data, you have the right to lodge a complaint with a supervisory authority. If you have questions about the data stored on our platform, or would like to request account deletion, contact us. Your data will be removed from our servers, but note that some data may need to be retained to comply with legal obligations or resolve disputes.

12. App Permissions

To support app functionality, we may request permissions such as microphone access for speech-to-text features, managed through your device settings. Revoking permissions may limit certain features.

COPPA Compliance – Children’s Online Privacy Protection Act

13. Educator Responsibility and Parental Rights

Our tools do not require or prompt educators to enter identifying information about children. They are designed to be used by educators to support young learners. We prioritize the privacy of children under 13, and adhere to strict consent protocols. Although we do not collect personal information directly from children; educators may input information about children into our AI tools. Before entering such data, educators must obtain verifiable parental consent to ensure compliance with the Children’s Online Privacy Protection Act (COPPA). Consent is essential for the collection, use, and disclosure of personal data, ensuring transparency and respect for individual privacy rights.

13.1 Parental Consent

Educators should inform parents about their use of our tools and secure their permission before inputting any child-related data.

13.2 Parental Rights

Under the Children’s Online Privacy Protection Act (COPPA), parents have the right to review, correct, or delete any personal information collected about their child. If you believe that your child’s information has been submitted to our platform and you would like to take action, please contact us.

Please note that we do not store any personal information beyond the time required to process and fulfill the service request.

13.3 Educator Accountability

Educators using our tools are required to ensure that they comply with this policy and all applicable privacy laws, including COPPA. They are responsible for obtaining the necessary parental consent and should notify parents of their rights to access or delete any information related to their child.

GDPR Compliance – General Data Protection Regulation (EU)

14. Data Processing Grounds

In compliance with the General Data Protection Regulation (GDPR), our data processing activities are based on lawful grounds to ensure clarity and protection of user data. Our legal grounds for processing personal data include:

  • Consent: We obtain user consent at sign-up to process data for purposes like personalized educational recommendations, marketing communications, and subscription services. Consent can be withdrawn at any time.
  • Contract Fulfillment: For account management and the provision of services, such as enabling access to educational tools and processing subscription payments, we rely on the lawful basis of contract fulfillment. This is essential for us to deliver the services agreed upon in our Terms of Service.
  • Legitimate Interest: For activities such as analyzing site performance, improving our offerings, and conducting basic usage analytics, we rely on our legitimate interest. These processes help us refine our services and optimize user experience, while ensuring minimal data usage and privacy impact.

14.1 Right to Access, Rectification, Erasure, and Restriction

In alignment with GDPR, users have specific rights regarding their personal data, which they can exercise at any time:

  • Access: Users can confirm if their data is being processed and request access to a copy of it.
  • Rectification: Users have the right to correct any inaccurate or incomplete data to ensure that all stored information is accurate and up-to-date.
  • Erasure (“Right to be Forgotten”): Users may request the deletion of their personal data under certain conditions, such as if the data is no longer necessary for the purposes it was collected or if they withdraw consent (for more information, visit section 11.3).
  • Restriction: Users can limit data processing under specific circumstances, such as during verification of accuracy or when processing is contested but not yet resolved.

To exercise these rights, users can follow the instructions in their account settings or contact our support team directly at info@infobytesacademy.com or via our contact form.

14.3 Data Portability

Users have the right to data portability, allowing them to request a structured, machine-readable format of their data and transfer it to another provider if they choose. We facilitate this process upon request, ensuring that users can seamlessly transfer their data.

14.4 Automated Decision-Making

We currently use automated tools and algorithms for certain data processes. However, if these processes include decisions that could impact a user’s access to services, we will provide information regarding the logic, significance, and potential consequences of these automated decisions. Users may also request human intervention or challenge automated decisions by contacting us directly.

14.5 Data Protection Officer (DPO)

For privacy inquiries, users may contact our Data Protection Officer (DPO) or designated privacy representative at info@infobytesacademy.com. While we do not process large-scale sensitive data, we prioritize a high standard of data protection practices.

14.6 International Data Transfers Under GDPR

Safeguards

We are committed to ensuring that your personal data remains protected when it is transferred internationally. To this end, we employ a variety of safeguards, including the use of Standard Contractual Clauses (SCCs) as a legal mechanism to facilitate the transfer of personal data outside of the European Economic Area (EEA). These clauses provide assurances that your data will be handled in accordance with applicable data protection laws, ensuring an adequate level of protection.

In addition, we continually assess the legal frameworks of the countries to which your data may be transferred to ensure compliance with all relevant data protection regulations. We strive to uphold the highest standards of data privacy and security, including but not limited to conducting regular audits and assessments of our data processing activities and third-party data processors.

For questions on international data transfers, please contact our support team.

14.7 Consent Withdrawal and Management

Users can manage or withdraw consent for optional data processing activities, such as company updates and marketing by unsubscribing, adjusting their account settings, or by reaching out to our support team. Withdrawing consent for specific processing will not affect access to essential services.

14.8 Lodging Complaints to the Data Protection Authority

In case of a potential data rights violation, users have the right to file a complaint with a supervisory authority. Users within the EU may reach out to their respective national authorities or the European Data Protection Supervisor. Additionally, users may contact Canada’s Office of the Privacy Commissioner if they believe their data privacy rights have been violated.

14.9 Data Breach Policy

In the unlikely event of a data breach, we take the security of your personal data seriously and will act promptly to mitigate any potential risks. In accordance with the General Data Protection Regulation (GDPR), we will notify affected users without undue delay and, where feasible, within 72 hours of becoming aware of the breach.

Our notification will include the following information:

  • A description of the nature of the breach, including the categories and approximate number of individuals affected, as well as the categories and approximate number of personal data records concerned.
  • The likely consequences of the breach, including any potential risks to your rights and freedoms.
  • A description of the measures taken or proposed to be taken to address the breach and mitigate any potential adverse effects.

In addition to notifying users, we will also report the breach to the relevant supervisory authority when required, ensuring compliance with all regulatory obligations.

CCPA Compliance – California Privacy Act

15. Right to Know Under the CCPA, California residents have the right to know what personal information is collected, used, disclosed, or sold by us. California users may request:

  • The categories of personal information collected.
  • Specific pieces of personal information collected.
  • Categories of sources from which personal information was collected.
  • Purposes for collecting or selling personal information.
  • Categories of third parties with whom we share personal information.

15.1. Right to Delete California residents may request the deletion of their personal information collected by us, subject to certain legal exceptions. Upon receiving a verifiable deletion request, we will delete the requested information unless it is necessary to:

  • Complete a transaction or provide a requested service.
  • Detect security incidents or protect against malicious activities.
  • Comply with legal obligations.

15.2. Right to Opt-Out of Sale of Personal Information We do not sell your personal information and have no intention of ever doing so. However, if we decide to sell personal data in the future, California residents will have the right to opt out.

15.3. Right to Non-Discrimination California residents have the right to receive equal service and pricing, even if they exercise their privacy rights. We do not discriminate against users who choose to exercise their rights under the CCPA.

15.4. Verification Process for Requests To process requests to know or delete, we will verify users’ identities using reliable methods, such as requiring login to an account. Additional information may be requested to confirm identity in specific cases.

15.5. Contact Information for CCPA Requests California residents may exercise their rights by emailing info@infobytesacademy.com or via our contact form.

VCDPA Compliance – Virginia Consumer Data Protection Act

16. Right to Access Under the VCDPA, Virginia residents have the right to confirm whether we process their personal data. They may request:

  • The specific personal data processed about them.
  • Information on the categories of personal data processed, the purpose of processing, and any third-party disclosures.

16.1. Right to Correct Virginia residents can request corrections to inaccurate personal data. We will verify the requested corrections, making updates to ensure the accuracy of personal data stored.

16.2. Right to Delete Virginia residents may request the deletion of personal data provided by or obtained about them. We will delete this data unless retaining it is necessary to fulfill specific legal or business obligations, such as:

  • Completing transactions or providing requested services.
  • Detecting security incidents or ensuring compliance with legal requirements.

16.3. Right to Data Portability Virginia residents have the right to obtain a copy of their personal data in a readily usable format. This data will be provided to allow seamless transfer to another service provider if requested.

16.4. Right to Opt-Out of Processing for Targeted Advertising The VCDPA grants the right to opt out of data processing used for targeted advertising, profiling, or sales. We currently do not engage in targeted advertising, profiling, or data sales. However, if we adopt these practices, Virginia residents will have the option to opt out.

16.5. Right to Appeal If a Virginia resident’s request is denied, they have the right to appeal the decision. Instructions for filing an appeal will be provided in the denial communication, ensuring transparency and supporting user rights under the VCDPA.

16.6. Verification and Processing of Requests We use reliable verification methods, such as secure account login, to confirm the identity of Virginia residents who submit access, correction, or deletion requests. Additional identification may be required to process certain requests.

16.7. Contact Information for VCDPA Requests Virginia residents may exercise their rights by emailing info@infobytesacademy.com or via our contact form.

17. Changes to This Policy

We may update this policy from time to time. We will notify you of any significant changes via electronic communication (e.g., email alerts, in-app notifications) and by posting the new policy on our website. Your continued use of our services after such changes constitutes your acceptance of the updated policy.

18. Contact Us

If you have any questions or concerns about this data collection policy or our practices, please contact us:

InfoBytes Academy
Privacy Admin: Monique Jackson
1479-2482 Yonge Street
Toronto, ON M4P 2H5, Canada
info@infobytesacademy.com
647-247-9797

DEFINITIONS

“We,” “Us,” or “Our” refers to InfoBytes Academy (IBA), the platform, and mobile applications managed by InfoBytes for educational tools, resources, and functionalities.

“Platform” or “Services” denotes all services provided by InfoBytes Academy, including its website, mobile applications, educational tools, and AI functionalities.

“You,” “User,” or “Customer” means any individual or entity accessing or using the InfoBytes Academy services, including educators, educational professionals, or any other users of the platform.

“Personal Data” includes identifiable information, such as email addresses, user IDs, and unique identifiers, as well as payment and profile data collected to enable and enhance platform functionalities.

“Service Providers” includes third-party entities that assist InfoBytes Academy in operating its platform, including providers for payments, security, AI, and analytics.

“AI Tools” refers to artificial intelligence-based functionalities and features provided through InfoBytes Academy’s platform to support educational needs and content creation.

“Cookies” are small data files stored on users’ devices, which may include essential (necessary for functionality), functional (enhancing user experience), and performance (anonymized tracking) cookies.

“COPPA” stands for the Children’s Online Privacy Protection Act, a U.S. law aimed at protecting the privacy of children under 13 online.

CCPA” Stands for the California Consumer Privacy Act, a California law that gives residents rights to access, delete, and opt out of the sale of their personal data.

“Educational Tools” includes features within InfoBytes Academy designed for early childhood educators and educational professionals, such as program planning, scaffolding strategies, and behavioral modification tools.

GDPR” stands for the General Data Protection Regulation, an EU law focused on protecting the privacy and personal data of individuals within the European Union.

“Parent” is defined as the legal guardian of a child under 13, whose consent is required for inputting any child-related data on the platform.

PIPEDA” stands for the Personal Information Protection and Electronic Documents Act, a Canadian law governing the collection, use, and disclosure of personal information in commercial activities.

VCDPA” Stands for the Virginia Consumer Data Protection Act, a Virginia law that grants residents rights over their personal data and requires business transparency.