top of page

PRIVACY POLICY

Date of last update: July 28, 2023

Introduction

The Littératout platform is powered by Enable Education, an LMS provider. The privacy policy is therefore the responsibility of Enable  Education.

 

At Enable Education, a division of Enable Training and Consulting, Inc. (“Enable Education”, “We” or “Us” and terms of similar meaning), we 

are committed to your privacy. This means we do not transfer, distribute, disclose, rent or sell any of your personal information to third parties  except as provided for in this policy (the “Privacy Policy”) or as specifically consented by you. 

Enable Education has developed policies and procedures consistent with the Personal Information Protection and Electronic Documents Act (“PIPEDA”), and other relevant privacy laws. By accepting this Privacy Policy in registration or by visiting and using our Thinkscape Software Platform (the “Site”) and/or utilizing the services through the Site (the “Services”), you expressly consent to our collection, use and disclosure of your personal information in accordance with this Privacy Policy.

Scope 

This Privacy Policy applies to all personal information (“Personal Information”) collected, used or disclosed by Enable Education from our clients and their representatives whom they give user access to their account, as well as students, advisors, instructors and teachers who may  use the Services (collectively “Users”). 

Accountability 

Enable Education is responsible for the Personal Information under our possession and control. We have designated a Privacy Officer to be  responsible for our compliance with this Privacy Policy and privacy legislation. 

Information We Collect 

a. Personal Information 

Personal information is any information recorded in any form that identifies or can identify an individual and includes any information provided to us by you or your Users in using our Site and Services. Personal information includes, but is not limited to, the following: 

registration information and user profile information provided  to us in creating your account to use our Services. this is restricted to  name and email address only; 

information about your school or educational institution, such as school name and location; 

User registration information, including profile pictures; APPLICABLE ONLY TO TEACHERS AND PARENT ACCOUNTS and any information that Enable Education collects that is intended to improve and personalize your service experience. 

b. Non-Personally Identifiable Information 

Personal information does not include information that is aggregated or anonymized in such a manner that it cannot be connected to a User. This may include participation rates aggregated among many Users. Such information by itself or  together cannot be tracked to a specific individual’s personally identifiable information. 

How do we use Personal Information? 

Enable Education collects Personal Information for the following purposes: 

to provide Services to you and Users; 

to establish and maintain responsible commercial relations and to communicate with you in order to provide service. This includes, but  is not limited to, communications relating to billing, advertising, promotion and account verification; 

to respond to any correspondence, you may direct to us; to  

understand, research, and improve our Services; 

for customer and User needs and preferences; 

to direct advertisements to you about Our company and our products and services that may be of interest to you; to enforce our  EULA and other service agreements; to provide you with system or administrative messages;  

to meet any regulatory requirements; 

and for any other reasonable purposes for which you may have provided your express consent or in which your consent can be reasonably  implied.

How do we use Non-Personally Identifiable Information? 

In an ongoing effort to better understand and serve the users of our Services and improve our Service and user functionality, we conduct research on our customer and User demographics and behavior based on Personal Information and other information that we have collected. This research can be used to provide our customers with statistics and metrics that may be of interest to them (for example statistical data related to programs). This research will be compiled and analyzed on an aggregate basis and this aggregate does not  

identify any individual and therefore is considered and treated as Non-Personally Identifiable Information under this Privacy Policy. 

Consent 

We respect your privacy and, unless otherwise required by law, we will not collect, use or disclose your Personal Information without  your prior consent. Your consent may be expressed or implied. You may expressly give your consent in writing, verbally or through any electronic means. In certain circumstances, your consent may be implied by your actions. 

Where appropriate, Enable Education will generally seek consent for the use or disclosure of the information at the time of collection. In  certain circumstances, consent with respect to use or disclosure may be sought after the information has been collected but before use (for example, when Enable Education wants to use information for a purpose other than those identified above). In obtaining consent, Enable  Education will use reasonable efforts to ensure that a customer is advised of the identified purposes for which Personal Information collected  will be used or disclosed. 

The form of consent sought by Enable Education may vary, depending upon the circumstances and type of information disclosed. In  determining the appropriate form of consent, Enable Education shall take into account the sensitivity of the Personal Information and the  reasonable expectations of our customers and Users. Enable Education will seek express consent when the information is likely to be  considered sensitive. Implied consent will generally be appropriate where the information is less sensitive. 

You may withdraw consent at any time, subject to legal or contractual restrictions and reasonable notice, however, withdrawing consent may  result in our inability to provide you with the Services and accordingly losing access to the Site. In order to withdraw consent, you must provide  notice to Enable Education in writing. 

Security Policy 

Unless required by law, or in connection with a business transaction, Enable Education shall not use or disclose or transfer Personal  Information for any purpose other than those described above without first identifying and documenting the new purpose and obtaining your  consent, where such consent may not reasonably be implied. 

As noted above, Enable Education does not disclose your Personal Information to third parties. Notwithstanding, your Personal Information may  be transferred to Littératout to assist it in providing customer service and user support. 

Subject to the foregoing, only Enable Education’s and Littératout employees with a business need to know, or whose duties reasonably so  require, are granted access to Personal Information about our Users. All such employees will be required as a condition of employment to  contractually respect the confidentiality of your Personal Information. 

Enable Education will retain Personal Information for only as long as required to fulfill the identified purposes or as required by law. Personal  Information that is no longer required to fulfill the identified purposes will be destroyed, erased or made anonymous according to the  guidelines and procedures established by Enable Education.

Enable Education maintains an event logging system that records user actions on the platform for security purposes. This practice allows us to identify, understand, and appropriately respond to any unusual or suspicious behavior, as well as potential security breaches. Event logs may include information such as the date and time of actions, details of the performed action, and user identifiers. All data is collected and stored in accordance with our privacy policy and is solely used to ensure the security of our users and maintain the integrity of our services.

While we are committed to implementing best practices for information and data security, we cannot guarantee absolute security due to the constantly evolving technologies of viruses and hacking, as well as other unpredictable risk factors such as hardware or software failures.

 

Consequently, Enable Education cannot be held responsible for any data loss or alteration. In the event of a security breach, we will promptly notify users via email once it is discovered.

 

Enable Education is dedicated to maintaining the platform security through regular updates. We continuously make improvements and apply fixes (also known as "patches") to ensure effectiveness, optimal performance, and security of our systems. These updates may include changes to enhance security, fix bugs, or improve features. Enable Education reserves the right to perform these updates without prior notice, while ensuring they do not interfere with the user experience and always adhere to our privacy policy.

In the event that a data breach has been identified involving confidential information and personally identifiable information:


The offending access pathway is disabled. Unauthorized AWS account access is handled through AWS CloudTrail. We would be able to disable access and remedy any damage through that logging.
Unauthorized access over SSH would be handled by removing the compromised SSH key from any relevant servers + restoring the server to a known uncompromised state. 
We will proceed on the basis that early notification is preferred to later notification:
1- INCIDENT ASSESSMENT
Immediately, conduct a prompt incident assessment to determine the risks to the users or the affected parties.
2- NOTIFICATION PLAN
In the event that confidential information or personally identifiable information have been affected by the breach, a notification plan will be deployed:
Notify affected users and other parties who require notice based on legal, professional or contractual obligations.
-The notification will include:
the fact that a privacy breach has occurred,
the elements of personal information involved in the breach,
steps taken to mitigate the risks and next steps,
steps for users on what to do to mitigate the risks.
3-INVESTIGATION AND REMEDIATION
- Ensure that the breach containment has been met.
- An internal investigation will be conducted regarding the incident and review of the circumstances surrounding the breach.
- Address the data breach causes and set up a plan to remediate them.
- Review the adequacy of existing policies and procedures in protecting confidential information and make appropriate changes.

Using the Site & Cookies 

In order to improve the Site, we may use small files commonly known as “cookies”. A cookie is a small amount of data, which often includes a  unique identifier that is sent to your computer or mobile phone (your “device”) from the Site and is stored on your device’s browser or hard  drive. Cookies are used in analyzing trends, administering the site, tracking users’ movements around the site and to gather demographic  information about our user base as a whole. 

The cookies we use on the Site won't collect personally identifiable information about you and we won't disclose information stored in cookies  that we place on your device to third parties. We use cookies to remember users’ settings, store login addresses, authenticate users, run  website experiments, and store analytics data. 

Users can control the use of cookies at the individual browser level. If you reject cookies, you may still use our site, but your ability to use  some features or areas of our site may be limited. 

You can find more information about how to do manage cookies for all the commonly used internet browsers by visiting  www.allaboutcookies.org. This website will also explain how you can delete cookies which are already stored on your device. 

Cookies from third parties 

We use Google Analytics, a web analytics service provided by Google Inc. ("Google") on the Site. Google Analytics uses "cookies", which are  text files placed on your computer, to help the Sites analyse how users use the Site. The information generated by the cookie about your use of the Sites (including your IP address) will be transmitted to and stored by Google on servers in the United States. Google will use this  information for the purpose of evaluating your use of the Site, compiling reports on website activity for website operators and providing other  services relating to website activity and internet usage. Google may also transfer this information to third parties where required to do so by  law, or where such third parties process the information on Google's behalf. Google will not associate your IP address with any other data held  by Google. You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this  you may not be able to use the full functionality of the Sites. By using the Site, you consent to the processing of data about you by Google in  the manner and for the purposes set out above. 

How can I Access my Personal Information? 

Upon request, Enable Education will provide information to a User regarding the existence, use and disclosure of his or her Personal  Information. Enable Education will respond to an application for individual access to Personal Information within a reasonable time and at  minimal or no cost to the individual. A User may challenge the accuracy and completeness of the information and have it amended as  appropriate. 

NOTE: In certain circumstances, Enable Education may not be able to provide access to all the Personal Information it holds about a User. Exceptions may include information that is prohibitively costly to provide, information that contains references to other individuals, information that cannot be disclosed for legal, security or commercial proprietary reasons, or information that is subject to solicitor-client or litigation  privilege. Enable Education will provide the reasons for denying access upon request. 

Safeguards 

Enable Education protects your Personal Information by security safeguards appropriate to the sensitivity of the information. Enable Education  will protect personal information against loss or theft, as well as unauthorized access, disclosure, copying, use, or modification. 

Our methods of protection include: 

Physical measures, such as filing cabinets which are kept locked when not in use and restricted access, both to Enable Education's place  of business in general and to internal offices as well; 

Organization measures, such as security clearances and limited access on a need to know basis; and Technological measures, such as the use of passwords, firewalls and encryption. 

Children and Minors 

We only collect personal information through the Services and/or Site from a child under 13 where that student’s school, school district, and/or teacher has agreed to obtain parental consent for that child to use the Site and Services and disclose personal information to us, for the use 

and benefit of the learning environment. If you are a student under 13, please do not send any personal information about yourself to us if your school, school district, and/or teacher has not obtained this prior consent from your parent or guardian, and please do not send any personal information other than what we request from you in connection with the Services. If we learn we have collected personal information from a  student under 13 without parental consent or if we learn a student under 13 has provided us personal information beyond what we request from him or her, we will delete that information as quickly as possible. If you believe that a student under 13 may have provided us personal information in violation of this paragraph, please contact us at privacy@enableeducation.com

Challenging Compliance 

An individual will be able to address a challenge concerning compliance with this Privacy Policy to Enable Education's Privacy Officer. 

Enable Education will maintain procedures for addressing and responding to all inquiries or complaints from Users about Enable Education's  handling of Personal Information. Enable Education shall investigate all complaints. All inquiries or complaints involving Enable Education's  handling of Personal Information or compliance with this policy or with PIPEDA shall be directed to Enable Education's Privacy Officer. 

The Privacy Officer will respond to all such inquiries or complaints within 14 business days of receipt. The Privacy Officer will make reasonable  efforts to resolve all such complaints within 30 days of receipt of the initial complaint. If Enable Education finds a complaint to be justified, it will take appropriate measures, including, if necessary, amending its policies and procedures. 

For more information, please contact our Privacy Office as follows: 

E-mail: privacy@enableeducation.com 

Mail: Privacy Officer – 8560 Tremaine Rd. Milton, ON - L9T 2X3 

General Provisions

Enable Education reserves the right to modify and amend this privacy policy from time to time in its sole discretion. In such case, the User will be directly notified, and the User will be able to view and accept the modified privacy policy when signing in to the teacher interface.

Introduction
Scope
Consent
Security Policy
Accountability
Information We Collect
Using the Site & Cookies 
Safeguards
Challenging Compliance 
General Provisions
bottom of page