The BLAST Assessment Platform (“BLAST”) takes data security and user privacy very seriously, and recognizes the importance of protecting personally identifiable student information gathered through its services.
If you have any questions about our collection and use of your information, please contact us at firstname.lastname@example.org.
1. The Information We Collect
We only collect information provided by the users. When you sign a service agreement with the BLAST Assessment Platform, we may ask for information to process the registration, including email addresses of users (educators, principals, and district administrators) and we will generate individual passwords. These initial passwords will be reset by the users upon first-time use, and they cannot and will not be accessed or stored by BLAST. Furthermore, our Service uses two-factor authentication to verify users, as well as session timeouts on the WebApp to prevent unauthorized access to student data.
To help personalize your experience and ensure data accuracy, we may also ask for information including your name, role within your educational institution, children’s names, their student ID, their gender, their age, and their home language. However, providing personally-identifiable information is not a requirement in order to use our Services, i.e. users can choose to opt out of providing certain information, such as student IDs.
Non-Personally Identifiable Information. When you use the Service, we may also collect and store information about the mobile, computer or other devices you use to access our Service and about how you use them. We may also collect and store information such as your browser type, IP address, language, operating system, unique device identifier, mobile network information including phone number, the date and time of your usage, the content and pages you view and the websites you visited immediately before and after visiting our Service.
2. Protection of Data at Rest and In Transit
All the data collected for use on the BLAST Assessment Platform, including data in transit and data at rest, has end-to-end encryption through the Google Cloud Platform. For more information on how Google encrypts data and employs security measures to protect data, visit https://firebase.google.com/support/privacy#data_encryption.
3. How We Use That Information
We use the information we collect to operate and provide you with BLAST’s Service and Content. This includes, but is not limited to:
Authenticating your login;
Personalizing your BLAST experience and customizing your child’s activities;
Allowing you to monitor your child’s progress in BLAST;
Protecting our intellectual property or other rights; and
Managing and improving our business, Service and Content.
You can opt out of receiving most emails by selecting the “unsubscribe” link on our emails, but we reserve the right to email you (i) to confirm transactions, (ii) to address account issues, or to request a reset password or (iii) as required by law.
We also reserve the right to use or share non-personal information (e.g., de-identified or aggregate data) for research purposes.
4. Scope of User Access of the Service and Content
To protect other users’ information, each user––depending on their assigned role––only has access to the classroom and student information that they are responsible for. For instance, users who are district leaders are limited to accessing the school, grade, classroom and student information belonging to their district; users who are teachers are limited to accessing their respective classroom and student information in that classroom.
5. Sharing Your Information With Third Parties
WE WILL NOT SELL, SHARE, OR TRADE THE PERSONAL IDENTIFIABLE INFORMATION (PII) YOU SUBMIT TO ANY THIRD PARTY, MASS MARKETERS, OR TO OTHER NON-AFFILIATED ENTITIES FOR THEIR MARKETING PURPOSES. Your PII will not be visible to other users of the Service unless you provide them with access to it.
Compliance with law and law enforcement requests, and protection of our rights. We may disclose your information when we have a good faith belief it is reasonably necessary to (i) meet any applicable law, regulation, legal process, court order, governmental request or other legal mechanism, (ii) enforce applicable Terms of Service, including investigation of potential violations, (iii) detect, prevent, or otherwise address fraud, security or technical issues, (iv) protect against harm to the rights, property, safety of BLAST, our users, or the public.
Consent. We may disclose your information when we believe we have your consent to do so, such as when you contact customer service and ask us about your account, or when we have the consent of someone we believe is authorized to consent on behalf of you, such as the individual named in the service agreement for your account.
We and our partners use various technologies to collect and store information when you use our Service or Content, and this may include sending one or more cookies or anonymous identifiers to your device. Cookies are small text files placed on the browser of your computer or mobile device when you visit a website or use an application.
This information is not personally identifiable and is used only to improve the Service or Content and enhance your experience. Cookies are not used to retrieve PII from your computer or device, or to retrieve other information from your computer or device for purposes that are unrelated to the Service or your interaction with the Service. We reserve the right to disclose or utilize any of this information in aggregate form, for any purpose, in our sole judgment.
You may stop or restrict the placement of cookies on your computer or remove them from your browser by adjusting your web browser preferences. Note that this may cause some features of the Service to work incorrectly. Please note that cookie-based opt-outs are not effective on mobile applications. However, on many mobile devices, applications users may opt out of certain mobile tracking activities via their device settings.
7. Accessing, Reviewing, and Deleting Your Information
8. Keeping Your Personal Information Secure
We have implemented and maintained commercially reasonable security practices to protect against the unauthorized access, use, modification, destruction or disclosure of your personal information. We do not collect users’ login information to the Service, except for email addresses for the purposes of creating new user accounts. To increase account security, two-factor authentication is required upon logging in to the BLAST App and WebApp Applications.
9. Employee Obligations to Protect Student Data
11. Contact Information
or by sending a letter to the following address:
157 Bowery, Suite 2B,
New York, NY 10002
Last updated on December 18, 2023