INFORMATION WE COLLECT FROM CHILDREN, HOW WE USE IT AND HOW AND WHEN WE COMMUNICATE WITH PARENTS
Hyperion Academics and its affiliate and subsidiary companies offer to its users a range of sites and applications, some of which are primarily targeted at children, and others that are intended for users of all ages and their families. Our sites and applications offer a variety of activities, including activities that may collect information from children. Below we summarize potential instances of collection and outline how and when we will provide parental notice and/or seek parental consent. In any instance that we collect personal information from a child, we will retain that information only so long as reasonably necessary to fulfill the activity request or allow the child to continue to participate in the activity, and ensure the security of our users and our services, or as required by law. In the event we discover we have collected information from a child in a manner inconsistent with COPPA’s requirements, we will either delete the information or immediately seek the parent’s consent for that collection.
Children can, in many cases, register with our sites and applications to view content, play games, participate in contests, and engage in special features, among other things. During the registration process, we may ask the child to provide certain information for notification and security purposes, including a parent or guardian’s email address, the child’s first name and gender, the child’s member or account username, and password. We also may ask for birth dates from children to validate their ages. We strongly advise children never to provide any personal information in their usernames. Please note that children can choose whether to share their information with us, but certain features cannot function without it. As a result, children may not be able to access certain features if required information has not been provided. We will not require a child to provide more information than is reasonably necessary in order to participate in an online activity.
About the collection of parent email address: Consistent with the requirements of COPPA, on any child-targeted site or application, or in any instance where we ask for age and determine the user is age 12 or under, we will ask for a parent or guardian email address before we collect any personal information from the child. If you believe your child is participating in an activity that collects personal information and you or another parent/guardian have NOT received an email providing notice or seeking your consent, please feel free to contact us at firstname.lastname@example.org. We will not use parent emails provided for parental consent purposes to market to the parent, unless the parent has expressly opted in to email marketing or has separately participated in an activity that allows for such email contact.
Content Generated by a Child/Student
Certain activities on our sites and applications allow children to create or manipulate content and save it with Hyperion Academics and its affiliate and subsidiary companies. Some of these activities do not require children to provide any personal information and therefore may not result in notice to the parent or require parental consent. If an activity potentially allows a child to insert personal information in their created content, we will either pre-screen the submission to delete any personal information, or we will seek verifiable parental consent by email for the collection.
Examples of created content that may include personal information are stories or other open-text fields, and drawings that allow text or free-hand entry of information. If, in addition to collecting content that includes personal information, Hyperion Academics and its affiliate and subsidiary companies also plan to post the content publicly or share it with a third party for the third party’s own use, we will obtain a higher level of parental consent.
About Verifiable Parental Consent
Email Consent. In the event Hyperion Academics and its affiliate and subsidiary companies wish to collect personal information from a child, COPPA requires that we first seek a parent or guardian’s consent by email. In the email we will explain what information we are collecting, how we plan to use it, how the parent can provide consent, and how the parent can revoke consent. If we do not receive parental consent within a reasonable time, we will delete the parent contact information and any other information collected from the child in connection with that activity.
High-Level Consent. In the event Hyperion Academics and its affiliate and subsidiary companies collect personal information from a child that will be posted publicly, we will seek a higher level of consent than email consent. Such “high-level” methods of consent include but are not limited to asking for a credit card or other payment method for verification (with a nominal charge involved), speaking to a trained customer service representative by telephone or video chat, or requiring a signed consent form by mail, email attachment, or fax. After providing high-level consent, a parent may have the opportunity to use a pin or password in future communications as a way to confirm the parent’s identity.
Teacher consent in lieu of a parent. With regard to school-based activities, COPPA allows teachers and school administrators to act in the stead of parents to provide consent for the collection of personal information from children. Schools should always notify parents about these activities. For more information on parental rights with respect to a child’s educational record under the Family Educational Rights and Privacy Act (FERPA), please visit the FERPA site at https://www2.ed.gov/policy/gen/guid/fpco/ferpa/index.html.
Certain games and activities that are directed to children allow users to communicate directly with other users by means of a chat system. In most cases, these chat systems employ filters that are intended to prevent the communication of both personal information and age-inappropriate words and phrases. In addition to filters, we may employ live moderation and/or encourage other users to flag inappropriate communications. We strongly encourage children who use these interactive features on our sites and applications never to provide personal information about themselves or any third party, and certainly never to attempt to circumvent our filters or moderation. We also recommend that parents carefully supervise their children when the children participate in online activities.
Where Hyperion Academics and its affiliate and subsidiary companies employ a chat system that does not filter all or nearly all personal information, we will first seek high-level consent from the parent.
Contests and Sweepstakes
For contests and sweepstakes, we typically require only the information necessary for a child to participate, such as first name (to distinguish among family members) and parent email address (to notify the parent where required by law). We only contact the parent for more personalized information for prize-fulfillment purposes when the child wins the contest or sweepstakes.
Of course, some contests and sweepstakes ask the child to submit their own created content along with the child’s entry. In those instances, we may require parental consent prior to submission. Please see the guidelines in Content Generated by a Child/Student above for more information on our collection, notice, and consent policies.
Email Contact with a Child
On occasion, in order to respond to a question or request from a child, Hyperion Academics and its affiliate and subsidiary companies may need to ask for the child’s online contact information, such as an email address. Hyperion Academics and its affiliate and subsidiary companies will delete this information immediately after responding to the question or request.
In connection with certain activities or services, we may collect a child’s online contact information, such as an email address, in order to communicate with the child more than once. In such instances we will retain the child’s online contact information to honor the request and for no other purpose. One example would be a newsletter that provides occasional updates about a site, homework assignment, educational opportunity, game/activity, television show, video, book or literature, personality/character, or feature movie. Whenever we collect a child’s online contact information for ongoing communications, we will simultaneously require a parent email address in order to notify the parent about the collection and use of the child’s information, as well as to provide the parent an opportunity to prevent further contact with the child. On some occasions a child may be engaged in more than one ongoing communication, and a parent may be required to “opt-out” of each communication individually.
Push notifications are notifications on mobile and other devices that are typically associated with downloaded applications, and which can communicate to the device holder even when the application is not in use. We will require a child to provide a parent email address before the child can receive push notifications from our child-directed applications that collect a device identifier. We will then provide the parent with notice of our contact with the child and will provide the parent the opportunity to prevent further notifications. Finally, we will not associate the device identifier with other personal information without contacting the parent to get consent.
If a child-directed Hyperion Academics and any of its affiliate and subsidiary companies sites or applications collect geolocation information that is specific enough to equate to the collection of a street address, we will first seek parental consent via email, text, mail and/or phone.
When children interact with us, certain information may automatically be collected, both to make our sites and applications more interesting and useful to children and for various purposes related to our business. Examples include the type of computer operating system, the child’s IP address or mobile device identifier, the web browser, the frequency with which the child visits various parts of our sites or applications, and information regarding the online or mobile service provider. This information is collected using technologies such as cookies, flash cookies, web beacons, and other unique identifiers. This information may be collected by Hyperion Academics and its affiliate and subsidiary companies or by a third party. This data is principally used for internal purposes only, in order to:
- provide children with access to features and activities on our sites and applications
- customize content and improve our sites and applications
- conduct research and analysis to address the performance of our sites and applications
- generate anonymous reporting for use by Hyperion Academics and its affiliate and subsidiary companies
In the event we collect (or allow others to collect) such information from children on our sites and applications for other purposes, we will notify parents and obtain consent prior to such collection.
Hyperion Academics and its affiliate and subsidiary companies will maintain a list of third-party operators who collect persistent identifiers on our sites and applications. You may request to see the list at any time. This request is done by email at privacycontact@HyperionAcademics.com. Please use Third Party Operators in your subject heading.
Please contact us at the mailing address, email, or phone number below with questions about the operators’ privacy policies and collection and use practices:
2005 Hyperion Ave.
Los Angeles, CA 90027
Last Modified: 8/30/2020
SCOPE OF THIS POLICY
Aggregate information means information about groups or categories of subscribers, which does not identify and cannot reasonably be used to identify an individual subscriber.
Anonymous information means information that does not directly or indirectly identify, and cannot reasonably be used to identify, an individual subscriber.
Application means a program or service operated by us (or on our behalf) that may be displayed on various online, mobile, or other platforms and environments, including those operated by third parties, which permits us to interact directly with our subscribers.
Children means individuals who we have identified are not of legal age to consent to the collection and processing of their personal information. In the United States and Latin America, the term “children” refers to individuals under 13 years of age.
The data controller is the subsidiary or affiliated entity of Hyperion Academics and its subsidiaries and affiliates that is responsible for the personal information collected and used within the scope of this policy from our sites and applications, as follows:
US, Canada and Rest of World:
2005 Hyperion Ave.
Los Angeles, CA 90027
United States of America
A data processor is a person or entity that processes personal information on behalf of a data controller (or data controllers) and is permitted to perform data processing only as directed by the data controller(s).
An IP address is associated with the access point through which you enter the Internet, and is typically controlled by your Internet Service Provider (ISP), your company, university or library or mobile provider. We may use IP addresses to collect information regarding the frequency with which our subscribers visit various parts of our sites and applications, and we may combine IP addresses with personal information.
Member means a subsidiary or affiliated entity that is part of Hyperion Academics and its affiliate and subsidiary companies.
Parents means a parent or legal guardian.
Personal information means information that identifies (whether directly or indirectly) a particular individual, such as the individual’s name, postal address, email address, and telephone number. When anonymous information is directly or indirectly associated with personal information, the resulting information also is treated as personal information.
Our sites and applications may offer message boards, conversation pages, blogs, chat rooms, social community environments, profile pages, and other forums that do not have a restricted audience. If you provide personal information when you use any of these features, that personal information may be publicly posted and otherwise disclosed without limitation as to its use by us or by a third party.
What is Hyperion Academics
Hyperion Academics and its subsidiaries and affiliates refers to Hyperion Academics and its subsidiary and affiliated entities, which offer their products and services under various brand names. These companies engage in a number of businesses, including an educational platform, games, videos, animations, motion pictures, television, publishing, consumer products and interactive services.
WHO WE ARE
A member of Hyperion Academics and its affiliate and subsidiary companies, which may include many different brands, will be the data controller for your information.
TYPES OF INFORMATION WE COLLECT
We collect two basic types of information – personal information (as defined in this policy) and anonymous information (as defined in this policy) – and we may use personal and anonymous information to create a third type of information, aggregate information (also defined in this policy). For example, we collect:
- Registration information you provide when you create an account, enter a promotion, or link your profile on a third-party site or platform with your registration account, such as your first name and surname, country of residence, gender, date of birth, email address, username, and password;
- Transaction information you provide when you request information or purchase a product or service from us, such as your postal address, telephone number, and payment information;
- Information you provide in public forums on our sites and applications, such as your public posts;
- Information sent either one-to-one or within a limited group using our message, chat, post, or similar functionality, where we are permitted by applicable law to collect this information;
- Information we obtain from a third party, such as a site or platform provider, about use of our applications on third-party platforms or devices;
- Location information, including location information provided by a mobile or other device interacting with one of our sites or applications or associated with your IP address, where we are permitted by law to process this information;
- Activity information about your use, and the use by any person(s) you authorize through your account, of our sites and applications, such as the content you view or post, how often you use our services, and your preferences; and
- Usage, viewing, technical, and device data when you visit our sites, use our applications on third-party sites or platforms, or open emails we send, including your browser or device type, unique device identifier, and IP address.
HOW WE COLLECT YOUR INFORMATION
- We collect information you provide to us when you request or purchase products, services, or information from us, register with us (including when you link your profile on a third-party site or platform with your registration account), participate in any public forums or other activities on our sites and applications, respond to surveys, or otherwise interact with us using one or more devices. You may provide information in a variety of ways, including by typing or using voice commands.
- We may or may not collect information through a variety of technologies, such as cookies, Flash cookies, pixels, tags, software development kits, application program interfaces, and Web beacons, including when you visit our sites and applications or use our applications on third-party sites or platforms using one or more devices, whether or not you are logged in or registered. Other options include Do Not Track and how to disable cookies and otherwise make choices with respect to such data collection if you do not wish to have your information collected this way.
- We collect information using analytics tools, including when you visit our sites and applications or use our applications on third-party sites or platforms.
- We acquire information from other trusted sources to update or supplement the information you provided or we collected automatically, such as when we validate postal address information using third party services. Applicable law may require that you authorize the third party to share your information with us before we can acquire it.
USE OF YOUR INFORMATION BY Hyperion Academics and its affiliate and subsidiary companies
The member of Hyperion Academics and its affiliate and subsidiary companies that is the data/information controller for your information is responsible for and may use your information for the purposes described in this policy. Other members of Hyperion Academics and its affiliate and subsidiary companies may have access to your information where they perform services on behalf of the data controller(s) (as a data processor or similar role) and, unless prohibited under applicable law, for use on their own behalf (as a data controller or similar role) for the purposes described in this policy. Consistent with applicable law and choices and controls that may be available to you, we may use information collected from you, or from devices associated with you, to:
- Provide you with the experiences, products, and services you request, view, engage with, or purchase;
- Communicate with you about your account or transactions with us and send you information or request feedback about features on our sites and applications or changes to our policies;
- Send you offers and promotions for our products and services or third-party products and services;
- Personalize content and experiences;
- Provide you with targeted advertising based on your activity on our sites and applications and on third-party sites and applications;
- Operate, understand, optimize, develop, or improve our sites, applications, products, services and operations, including by using survey research and analytics tools; and
- Detect, investigate and prevent activities that may violate our policies or be illegal.
SHARING YOUR INFORMATION WITH OTHER ENTITIES
- We will not share your personal information with a third party outside Hyperion Academics, its affiliates and subsidiaries except in limited circumstances, including:
- When you allow us to share your personal information with another company, such as:
- Electing to share your personal information with carefully selected companies so that they can send you offers and promotions about their products and services; and
- Directing us to share your personal information with third-party sites or platforms, such as social networking sites.
- Please note that once we share your personal information with another company, the information received by the other company is controlled by that company and becomes subject to the other company’s privacy practices.
- When we cooperate with financial institutions to offer co-branded products or services to you; however, we will do so only if permitted by applicable law and, in these cases, the financial institutions are prohibited from using your personal information for purposes other than those related to the co-branded products or services;
- When companies perform services on our behalf, like package delivery, marketing and advertising, and customer service; however, these companies are prohibited from using your personal information for purposes other than those requested by us or required by law; and
YOUR CONTROLS AND CHOICES
We provide you the ability to exercise certain controls and choices regarding our collection, use and sharing of your information. In accordance with applicable law, your controls and choices may include:
- Correcting, updating, and deleting your account;
- Choosing or changing your choices for subscriptions, newsletters, and alerts;
- Choosing whether to receive from us offers and promotions for our products and services, or products and services that we think may be of interest to you;
- Choosing whether we share your personal information with other companies so they can send you offers and promotions about their products and services;
- Controlling targeted advertising from many ad networks and partners; data exchanges; and marketing analytics and digital advertising and marketing service providers;
- Choosing to control targeted advertising you receive within applications by using the settings and choices made available to you through your device(s), for example, by re-setting your device’s advertising identifier and/or opting out of interest based ads;
- Requesting removal of your personal information from a public forum on one of our sites or applications; and
- Requesting access to the personal information we hold about you and that we amend or delete it.
You may exercise these controls and choices in various ways, including by emailing us at email@example.com with OPT-OUT in the subject heading, following instructions provided in communications sent to you, or by using your device or other available settings (for example, by re-setting your device’s advertising identifier and/or opting out of interest based ads). You can opt out of interest based ads by emailing us at firstname.lastname@example.org with OPT-OUT in the subject heading.
Please be aware that if you do not allow us to collect personal information from you, we may not be able to deliver certain experiences, products, and services to you, and some of our services may not be able to take account of your interests and preferences. If collection of personal information is mandatory, we will make that clear at the point of collection so that you can make an informed decision whether to participate. If you have questions about the specific personal information about you that we process or retain, and your rights regarding that personal information, please contact us at email@example.com with Privacy Rights in the subject heading.
We recognize the need to provide further privacy protections with respect to personal information we may collect from children on our sites and applications. Some of the features on our sites and applications are age-gated so that they are not available for use by children, and we do not knowingly collect personal information from children in connection with those features. When we intend to collect personal information from children, we take additional steps to protect children’s privacy, including:
- Notifying parents about our information practices with regard to children, including the types of personal information we may collect from children, the uses to which we may put that information, and whether and with whom we may share that information;
- In accordance with applicable law, and our practices, obtaining consent from parents for the collection of personal information from their children, or for sending information about our products and services directly to their children;
- Limiting our collection of personal information from children to no more than is reasonably necessary to participate in an online activity; and
- Giving parents access or the ability to request access to personal information we have collected from their children and the ability to request that the personal information be changed or deleted.
DATA SECURITY, INTEGRITY AND RETENTION
The security, integrity, and confidentiality of your information are extremely important to us. We have implemented technical, administrative, and physical security measures that are designed to protect information from unauthorized access, disclosure, use, and modification. We regularly review our security procedures to consider appropriate new technology and methods.
DATA TRANSFERS, STORAGE AND PROCESSING GLOBALLY
California Residents Rights
Notice to California Residents: If you are a California resident, you may have certain additional rights. California Civil Code Section 1798.83 permits you to request information regarding the disclosure of your personal information by certain members of Hyperion Academics or its subsidiaries and affiliates to third parties for the third parties’ direct marketing purposes. California Business and Professions Code Section 22581 permits registered users who are minors to request and obtain deletion of certain posted content. The California Consumer Privacy Act, California Civil Code 1798.100, et seq., requires transparency regarding data practices and permits you to request, among other things, access to and deletion of your personal information, and requires that we provide you control over certain data transfers deemed under the law to be a “sale.”
Your California Privacy Rights
Right to Access
If you are a California resident, you have the right to request, up to two times each year, access to categories and specific pieces of personal information about you that we collect, use, disclose, and sell.
Right to Delete
If you are a California resident, you have the right to request that we delete personal information that we collect from you, subject to applicable legal exceptions.
Process to Make a CCPA Request
To make an access or deletion request, please email firstname.lastname@example.org and put CCPA Request in the subject heading. Before completing your request, we may need to verify your identity or the identity of your authorized representative. We will send you a link to verify your email address and may request additional documentation or information solely for the purpose of verifying your identity. You have the right not to receive discriminatory treatment for the exercise of your privacy rights conferred by the CCPA.
Right to Opt Out of Sale of Personal Information
- Choose to control targeted advertising from many ad networks and partners; data exchanges; and marketing analytics and digital advertising and marketing service providers.
- Choose to limit participation in Nielsen digital membership research (for non-Panelists)
Shine the Light Act
If you are a California resident, California Civil Code Section 1798.83 permits you to request information regarding the disclosure of your personal information by certain members of Hyperion Academics and its affiliate and subsidiary companies to third parties for the third parties’ direct marketing purposes. We are dedicated to treating your personal information with care and respect. Pursuant to California Civil Code Section 1798.83(c)(2), members of Hyperion Academics or its subsidiaries and affiliates, do not share guests’ personal information with other member companies or others outside Hyperion Academics or its subsidiaries and affiliates. For those parties’ direct marketing use unless a subscriber elects that we do so.
To make such a request, please send an email to email@example.com or write us at:
RE: CA Privacy Rights
2005 Hyperion Ave.
Los Angeles, CA 90027
Removal of Content
If you are a California resident under the age of 18, and a registered user of any site where this policy is posted, California Business and Professions Code Section 22581 permits you to request and obtain removal of content or information you have publicly posted.
To make such a request, please send an email with a detailed description of the specific content or information to firstname.lastname@example.org. Please be aware that such a request does not ensure complete or comprehensive removal of the content or information you have posted and that there may be circumstances in which the law does not require or allow removal even if requested.
- We collected the following categories of personal information in the last 12 months: Identifiers/Contact Information, demographic information (like gender and age), payment card information associated with you, commercial information, Internet or other electronic network activity information, geolocation data, audio, electronic, visual or similar information, and inferences drawn from the above.
- The sources of personal information that we collected are: our subscribers, directly, third party sites or platforms that you link with your registration account, analytics tools, social networks, advertising networks, and trusted sources who update or supplement information we hold about you.
- As the term is defined by the CCPA, we “sold” the following categories of personal information in the last 12 months: Identifiers/Contact Information, Internet or other electronic network activity information, and inferences drawn from the above. We “sold” each category to advertising networks, data analytics providers, and social networks.
- The business or commercial purposes of “selling” personal information is for third party companies to perform services on our behalf, like marketing, advertising, and audience measurement.
We do not “sell” personal information of known minors under 16 years of age.
If you have a question about our privacy policies, please send an email to Privacycontact@hyperionacademics.com or write us at:
Hyperion Academics - Privacy
2005 Hyperion Ave.
Los Angeles, CA 90027