Privacy Policy

PRIVACY POLICY

 Platform Athletics, LLC (“PLT4M”) Privacy Policy

Last Revised June 20, 2020

Your privacy is important to Platform Athletics, LLC, dba PLT4M (hereinafter referred to as “Company”). This Privacy Policy covers how we may collect, use, disclose, transfer, and store your information.

Please take a moment to familiarize yourself with our privacy practices.

I. DEFINITIONS

    1. “Data”: Data includes all Personally Identifiable Information (PII) and other non-public information. Data includes, but are not limited to, student data, metadata, and user content.
    2. “PII”: Personally Identifiable Information
    3. “LEA”: Local Educational Agency
    4. “Account Administrators”: Staff members at an LEA with an account for app.plt4m.com
    5. “Company”: Platform Athletics, LLC, provider of servicers
    6. “Service Agreement”: By creating an account for the LEA through app.plt4m.com/team-registration, this privacy policy is considered agreed upon by both LEA and Company and governs all disputes or interactions between the two, unless otherwise agreed to in writing by both parties.
    7. “Nature of Services to be Provided”: Platform Athletics is an educational fitness application, with access through most Internet Service Providers, as well as an iOS and Android app. It is understood that Company owns and controls two distinct websites: PLT4M.com and App.plt4m.com (and all subdomains). PLT4M.com is recognized as a public facing website and is subject to different data policies (outlined in Section IV), as no PII is gathered unless voluntarily offered by visitor. Sections II and III govern the use app.plt4m.com and constitutes the terms of use and privacy policy governing the service agreement between the company and the LEA.

II. DATA POLICY

  1. Data Ownership and Authorized Access
    1. All student data transmitted to the Company is and will continue to be the property of and under the control of the Local Educational Agency (hereinafter referred to as “LEA”)
  1. Parent Access
    1. Parents have the right to review student data held by the Company and request corrections to erroneous information. All such requests must be made through the LEA
  1. Third Party Request
    1. Should a Third Party, including law enforcement and government entities, contact the Company with a request for data held by the Company pursuant to the Services, the Company shall redirect the Third Party to request the data directly from the LEA.
  1. Subcontractors
    1. The LEA understands that PLT4M will rely on one or more subcontractors to perform services for the Company. Company agrees to share the names of these subcontractors with LEA upon request. All subcontractors and successor entities of PLT4M will be subject to the terms of this Privacy Policy.
    2. Company shall enter into written agreements with all subcontractors performing functions pursuant to this privacy policy, whereby subcontractors agree to protect Student Data in a manner consistent with this privacy policy.
    3. A list of all subcontracts with access to student data can be found below:
      1. OBLSK: https://oblsk.com/
  1. Data Provisions
    1. Definition of Personally Identifiable Information
      1. In order to provide our service effectively, we collect certain Personally Identifiable Information (PII) from students. This information includes: First and Last Name, Date of Birth, Gender, Sport/Position, School Level, Graduation Year, Email Address. This information is used exclusively to provide Account Administrators of the LEA with the ability to better organize and utilize the site. Company will not use PII for commercial purposes, other than to provide the services agreed upon with the LEA.
    2. Marketing and Advertising
      1. Company will not use or disclose student information (personal or otherwise) collected through our website for behavioral targeting of advertisements to students. Company will not build a personal profile of a student other than for supporting authorized LEA purposes, or as authorized by the parent/student.
    3. Collection and use of Data
      1. Company will only collect Data necessary to fulfill its duties as outlined in this Agreement. Company will use Data only for the purpose of fulfilling its duties, providing services under this Agreement, and for improving services under this Agreement.
    4. No Disclosure
      1. De-identified information may be used by the Company for the purposes of development, research, and the improvement of the Company’s services.
    5. Company agrees not to attempt to re-identify de-identified Student Data and not to transfer de-identified Student data to any party unless
      1. That party agrees in writing not to attempt to re-identify student data or
      2. Prior written notice has been given to LEA
    6. Disposal of Data
      1. Upon request, and within 30 days of request, Company shall dispose of or delete all Student Data obtained under any Service Agreement with the LEA when that data is no longer needed for the purpose which it was retained.
      2. Disposal shall include but is not limited to de-identification
      3. Upon request of LEA or termination of agreement between LEA and Company, Company shall dispose of all Student Data obtained through said agreement within 30 days of request or within 30 days of contract end date if LEA wishes to finish out the term of the contract.
      4. Company shall not knowingly retain Student Data beyond the time period required to support the authorized educational purposes of using PLT4M.
  1. Data Security: The Company agrees to abide by and maintain adequate data security measures, consistent with industry standards and technology best practices, to protect Student Data from unauthorized disclosure or acquisition by an unauthorized person. General security policies are laid out below:
    1. Passwords and Employee Access
      1. Company shall secure usernames, passwords, and any other means of gaining access to the Services or Student Data. Employees with access to Student Data are held to the same procedures laid out in this privacy policy.
    2. Destruction of Data
      1. Company shall dispose of all Student Data obtained under agreement with the LEA when it is no longer needed for the purpose which it was obtained, in accordance with the procedure laid out above in Section 5.5.
    3. Security Protocols
      1. Both parties agree to maintain security protocols that meet industry standards in the transfer or transmission of any data, including ensuring that data may only be viewed or accessed by parties legally allowed to do so.
      2. PLT4M will maintain reasonable administrative, technical, and physical safeguards to protect the security, confidentiality and integrity of PII student information
    4. Data at Rest and in Transit
      1. Company will use encryption technology to protect PII and user credentials at rest and in transit. At the time of this writing (June, 20, 2020), Company uses AES 256 for data at rest and TLS 1.2 protocol for data in transit.
    5. Employee Training
      1. Company shall provide periodic security training to those of its employees who operate or who are authorized to access the Company’s computer systems and/or Student Data.
    6. Periodic Risk Assessments
      1. Company conducts periodic risk assessments in order to identify and patch any security risks or privacy vulnerabilities. Results of assessments can be made available to LEA upon request. LEA will afford a 45-Day window for such request to be fulfilled.
  1. Data Breach: In the event that Student Data belonging to an LEA is accessed or obtained by an unauthorized individual, Company notify the affected parties within a reasonable amount of time.
    1. Notification of Breach
      1. Security breach notification shall be written in plain English, directed to the LEA, and titled “Notice of Data Breach”. It should include sections titled:
        1. What Happened
        2. What information was involved
        3. What are we doing
        4. What you can do
        5. For more information
      2. Contact person
        1. Notice shall include the contact person at the Company
  1. Coppa Compliance
    1. Kids under 13: We do not knowingly collect personal information from children under 13 and we will delete any information later determined to have been collected from a user younger than 13.
    2. “Opt In” waiver: If a school chooses to use PLT4M for any child under the age of 13, they must comply with the regulations set forth in COPPA and receive consent from the child’s parent. The school must obtain an “Opt In” agreement from each child’s parent or guardian and share with PLT4M in a single file or zip file. PLT4M advises schools to use the parent’s email address to register the child.
    3. Concerning kids under 13, Parents can request that their child and all their information be removed from PLT4M at any time, regardless of if they gave the school consent. This clause supersedes any other clause regarding Parent rights and requests that must be directed to LEA. Parents can reach PLT4M at support@plt4m.com or by calling 855-862-5502 ext 2.

III. Miscellaneous

  1. Termination: In the event that either party seeks to terminate the agreement between company and LEA, they may do so by mutual written consent with 30 days advance notice, given that the contract is still in effect. LEA can request to preserve Student Data through the end of the contract term, or request immediate termination, in which case Company agrees to dispose of data within 30 days, as outlined in Section II 5.5
  1. Governing Law: Unless otherwise agreed to in writing, any agreement between LEA and Company will be governed in accordance with the laws of the state of Massachusetts without regard to conflicts of law principles. Each party consents and submits to the sole and exclusive jurisdiction to the state and federal courts for the county in which the Company is located for any dispute arising out of or relating to the service agreement between LEA and Company.
  1. Successors Bound: This policy shall be binding upon Company’s respective successors in the event of a merger, acquisition, consolidation, or other business reorganization or sale of all business assets
  1. Our Company-Wide Commitment to Your Privacy: PLT4M is committed to the protection of your personal information. To make sure your personal information is secure, we communicate our privacy and security guidelines to PLT4M employees and strictly enforce privacy safeguards within the company. Please read this policy before visiting our websites, accessing our services, or providing any personal information to PLT4M. If you wish not to have your information used and disclosed as provided in this policy please do not provide such information or contact support@plt4m.com for further assistance. In doing so, please understand that your access to information, services and other benefits may be substantially limited.
  2. Changes: PLT4M may periodically update this policy. By using the websites and products, you acknowledge your agreement to the terms of this Privacy Policy. We will notify you about significant changes in the way we treat personal information by sending a notice to the email address specified in your membership account or by placing a prominent notice on our website.
  3. Questions: If you have any questions or concerns regarding our Privacy and Data policy, you can reach us at support@plt4m.com

IV. Policies Governing PLT4M.com

  1. PLT4M.com: The website PLT4M.com is property of the “Company” as defined in Section I and is a public website. Visitors can subscribe to our newsletter and blog. They can also request a demo by submitting their information. As this is a public website, the governance of any data collected through its channels is not subject to the same policies laid out above in Section II and III. PLT4M.com is not directed to or marketed at individuals under the age of 18, but Company acknowledges that individuals under 18 may visit the site, and without the company’s control, submit Personally Identifiable Information.
  2. Kids Under 13: Through PLT4M.com, Provider does not knowingly collect information on kids under the age of 13, and will destroy any such information discovered to be from kids under 13
  3. Communications: PLT4M sends a newsletter and occasional industry and app updates that we believe will be useful to individuals that subscribe to our public facing website (PLT4M.com) blog, download a whitepaper, or request a demo. Users may remove themselves from this mailing list by following the link provided in every email. We will not sell, distribute or lease your personal information to third parties unless we have your permission or are required by law.
  4. Collection and Use of Personal Information: Personal information is data that can be used to uniquely identify or contact a single person. We may use personal information given to Company through PLT4M.com or other means to inform individuals of our products and services, as well as for purposes such as auditing, data analysis, and research to improve Company’s products, services, and communications. You may be asked to provide personal information when in contact with Company. For Individuals over the age of 24, by providing us with personal information about yourself through any means, you consent to the collection, use, disclosure and transfer of that information, and to us sending you marketing communications related to our products and services.
  5. Personal Information We Collect: When you visit our websites, download or install a software application, create a registered user account, purchase a product, register a product, complete a survey or download a software update, we may collect information, including: name, mailing address, phone number, email address, contact preferences. We may also collect such information when you contact us in person (for example, at clinics, conferences, workshops, seminars and other events), via telephone or email. When you send us an email, that address will be recorded automatically for purposes of replying to your email. Otherwise, we will use the email address you provide on request for regular communications with you. By providing your email address, you are subscribing to our newsletter and product updates, which may include information about new features and new services. You may unsubscribe from this content by following the steps detailed in the email footer.
  6. Website Usage Information: We may receive and store certain types of website usage information when you visit our websites. Website usage information helps us determine how visitors arrive, what type of content is most popular and which visitors are interested in particular content and advertising. We may collect the page visited, the time, the source of the request, the type of browser making the request, the preceding page view and other information about your engagement. We may also collect your IP address and your Device Identifier. A Device Identifier is a number automatically assigned to the computer, cell phone or tablet used to access the Internet. We may associate your Device Identifier with the personal information you provide. This information is never used for commercial purposes for individuals under the age of 24.
  7. Information Collected for Software Analytics: In order to improve our software and user experience, we may collect and store certain information about you and your use of our website. This information may include: date; time; computer identity; operating system; language; region; log preferences; registration key; license level; license code; license code status; code registration date; last validation date; ethernet address; IP address; mac address; licensed software name and version; OS version; and any other information about user actions required to improve, support and maintain our software.
  8. Cookies: A cookie is a small amount of data which often includes an anonymous unique identifier that is sent to your browser from a website and stored on your computer’s hard drive. We use cookies to record current session information. This information is never used for commercial purposes unless the user is 24 years or older.
  9. Web Beacons: Our website contains electronic images (generally, single-pixel .gif images) called “web beacons.” Web beacons allow PLT4M and third parties to monitor and collect information about the viewer of the web page, web-based document, e-mail message or other communication, such as the type of browser requesting the web beacon, the Device Identifier of the device that the web beacon is sent to and the time the web beacon was viewed. PLT4M uses web beacons to count web browsers, visits and page views. It also uses beacons to monitor traffic and conversion patterns, to personalize your experience, including advertising and content, and to determine whether or not messages were opened, links were clicked or notifications/offers were acted upon.
  10. Data Storage: PLT4M uses third party vendors and hosting partners to provide the necessary hardware, software, networking, storage and related technology required to run the PLT4M.com website, and such third-party vendors may collect and store your data on behalf of Company.
  11. Disclosure to Third Parties: Personal information is not shared with or sold to other organizations for commercial purposes, except to provide products or services you’ve requested, when we have your permission, or under the following circumstances:
    1. It is necessary to share information in order to investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, violations of Terms of Service, or as otherwise required by law.
    2. We share information with our partners, licensees, agents, representatives, distributors, independent contractors and/or authorized third party exclusively for improving the service we provide. In no way is this information shared or sold for advertising or marketing purposes.
  1. Google Analytics: To gain better insight into how our site is used and to improve our services, we use Google Analytics. Google uses cookies, web beacons, and similar technologies to collect information and use that information to provide measurement services.