Information We Collect
When you use our Sites or Platforms, we may collect and use Personal Information about you on behalf of the customer to whom we are providing services. “Personal Information” means information that identifies, relates to, describes, is capable of being associated with or could reasonably be linked, directly or indirectly, with a particular consumer (or household in California only). Generally, OpenEyes Technologies is a service provider for its customers and does not collect Personal Information directly from individuals. Rather, the customer determines what Personal Information is collected from individuals. There are also instances when we collect Personal Information directly from individuals. Both instances are described more fully below.
Assessment Platform: Customers that utilize our assessment platform, use it to enter test taker information, or allow test takers to enter their information, to allow for the administration of assessments. In such instances, OpenEyes Technologies acts as a processor of the information on behalf of its customer. Our customers may allow test takers, their employees and contractors to access this platform to create accounts, and enter and access Personal Information. Generally, the Personal Information provided by an organization or test taker may include the following: name, postal address, email address, phone number, gender, user name, password, student ID number, date of birth, parent contact information and consent if the test taker is a minor, and in limited instances biometric identifiers used to verify identity and prevent fraud. A “biometric identifiers" is a record of one or more measurable biological or behavioral characteristics that can be used for automated recognition of an individual, such as fingerprints, retina and iris patterns, voiceprints, voice patterns, bodily gestures, facial characteristics, and typing cadence.
Learning Management System: Customers that use our learning management system (“LMS”), use it to enter employee or other individual information, or allow those individuals to enter their information, to allow them to access training materials and other content in the LMS. In these instances, OpenEyes Technologies acts a processor of the information on behalf of its customer by providing the LMS. Our customers may allow individuals they designate to access this system to create accounts, and enter and access Personal Information. Generally, the Personal Information provided by a customer or individual includes the following: name, postal address, email address, phone number, gender, user name, password, and date of birth. Additional information may also be provided related to employment and education.
Human Resource Platform: Customers may enter, or permit job applicants, employees or their contractors to enter Personal Information about job applications, employment and contracting information into this platform. Generally, Personal Information collected may include name, postal address, email address, phone number, gender, user name, password, date of birth, SSN/TIN, academic information, reference information including name and contact information, phone number, home addresses, employment history including name of previous employers. When permissible by applicable law and required for a position, individuals will be asked to consent to a criminal records search.
VoiceOver Systems: This system allows users to take surveys and assessments, provide reviews of products or services, and share feedback over voice enabled personal digital assistants and smart speaker devices (“smart device”). To enable use of this system, a user needs to provide access to their smart device login information (name, username and password) to us. Generally, Personal Information collected would include smart device account information including your name and email address and username.
User Communications: Generally, we only collect Personal Information directly from individuals if they contact us via our Sites. In these instances, we may collect Personal Information such as name, postal address, email address, and phone number.
Customer Accounts and Payments: We may also collect Personal Information to create customer accounts and to process payments. Generally, this Personal Information includes name, business email address, company name and address, tax ID numbers, and billing information to process transactions, including credit card or bank account details.
Automatically Collected Information; Log information — When you access the Sites or Platforms via a browser, application or other device, our servers automatically record certain information. These server logs may include information such as your web request, your interaction with the Sites or a Platform, Internet Protocol address, browser type, browser language, the date and time of your request. When you use the Sites or a Platform using your smartphone or other mobile device, we may collect information regarding device type, operating system, IP address and device ID. This information is generally part of standard http requests and is sent as part of all online interactions on virtually all web Sites. We may also collect location/GPS information if you provide affirmative consent for us to do this. See our Cookies section for additional information.
Job Applicants: When you apply for a job with us, we may collect your personal information through the Sites. Generally, this includes name, postal address, email address, date of birth, SSN, academic information, employment history and other information needed for our Business Purpose to process a job application.
Use of Your Information
We use your Personal Information to enable us to provide our services and for our legitimate business purposes (“Business Purpose”). These include the following:
- To fulfill our contracts with our customers and provide them and the individuals they designate with access to our Platforms and Sites;
- To present our Sites and its contents to you;
- To provide you with information, products or services that you request from us;
- To provide you with notices about your account;
- To provide you with email alerts, event registrations and other notices concerning our products or services, or events or news, that may be of interest to you.
- To carry out our obligations and enforce our rights arising from any contracts entered into between you and us and our customers, including for billing and collection;
- To allow you to participate in interactive features on our Sites;
- To administer our Sites, including by monitoring and analyzing our Sites traffic and usage patterns;
- For surveys, research, analysis, product improvement and development.
- For marketing, if you consent to receive marketing from us, we may send you email and other communications to provide information about OpenEyes Technologies’ and our partner’s products and services.
- As necessary or appropriate to protect the rights, property or safety of us, our customers or others.
- To respond to law enforcement requests and as required by applicable law, court order, or governmental regulations.
- As otherwise described to you when collecting your Personal Information; or
- To evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which Personal Information held by us about individuals is among the assets transferred.
Information Security and Retention
We use commercially reasonable security measures to safeguard and secure the information we collect. These procedures include, but are not limited to, firewalls, encryption, intrusion detection, and Sites monitoring. We secure data in transit and at rest. We are ISO 9001:2015 (Quality Management Standards) certified and follow ISO 27001 (Information Security Management Standards).
We also limit access to your Personal Information to only those employees who reasonably need to access it to perform their jobs. For any of our service providers, we have written contracts with them that restrict their processing of Personal Information to only fulfill the contracted services. However, no organization can guarantee the security of your information, or that unauthorized persons will not access or use your Personal Information for improper purposes.
If we learn of a security systems breach, we may attempt to notify you electronically so that you can take appropriate protective steps. By using the Sites, Platforms or providing Personal Information to us, you agree that we can communicate with you electronically regarding security, privacy and administrative issues relating to your use of the Sites or Platforms. We may post a notice on our Sites and/or Platforms if a security breach occurs. We may also send an email to you at the email address you have provided to us in these circumstances. Depending on where you live, you may have a legal right to receive notice of a security breach in writing.
We retain your Personal Information as directed by our customers, for our Business Purpose and as required by applicable law. For Personal Information provided directly to us, we generally retain Personal Information for 4 years, or as may be required to comply with our Business Purpose, applicable law, investigations or other security matters.
Sharing You Information
OpenEyes Technologies does not sell or rent Personal Information; however, we may disclose Personal Information as follows:
Customers: We may share Personal Information with our customers consistent with our written contracts to provide services to them. This would include our assessment, learning management system, human resource and VoiceOver system (Platform) customers. We only use your Personal Information consistent with our customer contracts and our Business Purposes. For the assessment platform, if our customer is a school they may use and share your Personal Information consistent with their institution’s policies. Other Platform customers may similarly use and share your Personal Information consistent with their own policies.
Service Providers: We may share your Personal Information with trusted third parties to assist us in providing our services (“Service Providers”) for contract performance and/or our Business Purposes, including to process credit card payments and provide customer assistance. Such Service Providers have access to Personal Information only as needed to perform their services and they are not allowed to use it for other purposes. When we disclose Personal Information for a Business Purpose, we have written contracts in place that describe the data processing and require the Service Provider to keep the Personal Information confidential and not use it for any purpose except for contract performance. We share your Personal Information with the following categories of Service Providers:
- Assessment Service Providers
- Digital Data Processing Service Providers
- Voice Data Processing Service Providers
- Smart Device Service Providers
- Payment Card Service Providers
- Order Processing and Customer Service Providers
- Surveys, Product Development and Research Service Providers
- Marketing Service Providers
- Site and Service Operation Service Providers
Cookies: See our Cookies page for more information about information we disclose related to cookies.
Corporate Transactions: We may disclose your Personal Information to third parties if we are involved in a merger, acquisition, or sale of any or all of our business and/or our assets to a third party;
Government Requests: We may disclose your Personal Information to comply with applicable laws, regulations, legal process such as a subpoena, or lawful requests by public authorities, including to meet national security or law enforcement requirements.
Links to Third Party Websites and Social Media Features
OpenEyes Technologies’ Sites may contain links to other sites, including those of third parties or business partners. While we seek to link to sites that share our high standards and respect for privacy, we cannot be responsible for the privacy practices other websites use. By accessing other third-party websites or applications through our Sites, you are consenting to the terms and privacy policies of those websites. We are not responsible for the content of these sites, any products or services that may be offered through these sites, or any other use of these sites. We accept no liability for any statements, information, products, or services that are published on or are accessible through any websites owned or operated by third parties.
Your Rights Regarding Your Information
Marketing Opt out: If we collected Personal Information directly from and about you, and you do not want to receive marketing communications from OpenEyes Technologies, you may change your contact preferences or unsubscribe by using the link included in each of our emails, or by contacting us as shown in “Contact Us” below.
Under current data protection laws and regulations, you may also have the right to:
- Receive notification of data processing, sharing, or sale of Personal Information
- Obtain confirmation as to whether or not your Personal Information exists, and to be informed of its content and source, verify its accuracy and request its completion, update or amendment.
- Request, in a usable format, an electronic copy of your Personal Information you provided to us if you would like such a copy for yourself or in order to port your Personal Information.
- Request the deletion, anonymization or restriction of the processing of your Personal Information processed in breach of the applicable law.
- Object to the processing of your Personal Information for legitimate reasons.
- Lodge a complaint with the relevant data protection supervisory authority
- Obtain equal services and pricing
The above rights are subject to applicable limitations and restrictions. In certain cases, your request may be denied based on a legitimate exception such as where we are prevented from disclosing such information based on lawful bases, legal requirements, fraud prevention or security concerns. For more information or to make a request, please contact:
OpenEyes Technologies, Inc.
1629 K St NW #300
Washington D.C. 20006
Our Platforms: For our Platforms, as we are service providers for our customers, please contact your school or other organization directly that provided you access to a Platform regarding your Personal Information. OpenEyes Technologies is subject to our customer’s policies regarding your rights to your Personal Information and will forward any requests it receives to the customer as they are the data controller of that information.
Please be aware that your request may not be accepted for review unless you provide the following: name, email address, or other identifier that you have used to use our Sites, or if you are not a registered user of the Sites, or have not otherwise previously interacted with us, your first and last name and an email or street address where we can correspond with you, State or Country in which you are located; Clear description of the information or content you wish to receive or to be deleted or corrected, or the action you wish to be taken; and sufficient information to allow us to locate the content or information to be deleted, removed or corrected. For your protection, we may only implement requests with respect to the Personal Information associated with the particular email address that you use to send us your request. In addition, please note that, depending on the nature of your inquiry or request, we may need to verify your identity before implementing your request and may require proof of identity, such as in the form of a government issued ID and proof of geographical address.
Upon receipt of a request, we will use our reasonable efforts to respond to and act on your request or inquiry in a timely manner and in compliance with applicable laws. We may be unable to update or delete your information if we determine, in our reasonable discretion, that it is impractical (for instance, if the information is residing on backup tapes or is otherwise archived), if the deletion or modification would violate applicable law, or if the legitimate interests for which it was originally collected persists.
Please also read our notices for California Residents and EU/EEA individuals for more information about your rights if you are located in those places.
California Privacy Rights
California “Shine the Light” law (California Civil Code Section 1798.83) permits residents of California to opt out of Open Eyes Technologies disclosure of Personal Information to third parties for marketing purposes at any time. OpenEyes Technologies will not disclose your Personally Information to third parties for marketing without giving you notice and getting your consent. Please note—this opt-out doesn’t prohibit disclosures for nonmarketing purposes. You can opt out for free by contacting us at:
OpenEyes Technologies, Inc.
1629 K St NW #300
Washington D.C. 20006
AB 1584: OpenEyes will also comply with California AB 1584 where
Transfer of Personal Information to the U.S.
OpenEyes Technologies’ Sites and Platforms are hosted and operated in the United States ("U.S."). For individuals located in the European Union (EU), European Economic Area (EEA) or other countries with similar laws, or participating in activities outside of the US that you have consented to, your Personal Information may be transferred to countries outside your home country, in particular to the United States and India. Some non-EU countries are recognized by the European Commission as providing an adequate level of data protection according to EU standards. The full list of these countries is available at https://ec.europa.eu/info/law/law-topic/data-protection_en. For transfers from the EU to countries not considered adequate by the European Commission, we have put in place appropriate and suitable safeguards to protect your personal data and that the transfer of your personal data is in compliance with the requirements and the obligations provided by applicable data protection laws, such as standard contractual clauses adopted by the European Commission as per Articles 45 and 46 of the EU General Data Protection Regulation 2016/679.
Our Legal Bases for Processing
We process Personal Information per applicable law and with transparency and fairness. Our processing activities are conducted on one of the following bases for processing:
- With your consent
- In order to fulfill our contractual obligations to you
- For the legitimate purpose of operating our business, including to improve and develop our services to customers, for fraud prevention purposes, and to improve users’ experience
- As otherwise determined in compliance with the law
Notice to Minors
Our Sites is not intended for independent use by minors under the age of 13. We do not allow children under the age of 13 to create and access individual accounts on the Sites. However, minors under the age of 13 may access and use the assessment platform as part of a school providing them access. This use can only occur if the school or district has confirmed that it has sufficient authority to permit the students to use the assessment platform and provide the information described herein. This information is used for the legitimate educational interests of the school and OpenEyes Technologies is a service provider to the school.
Under the U.S. Family Education Rights and Privacy Act (“FERPA”), OpenEyes Technologies meets the definition of a “school official” when it is providing services to schools for the contracted, legitimate educational purposes as set forth in agreements with schools. In such instances, schools may act as a parent’s agent and schools can consent to collection of their students’ information on the parent’s behalf. Parents do have certain rights over minor children’s information. Parents may review their child’s Personal Information, direct their child’s school or district to delete it, and refuse to allow any further collection or use of the child’s information. Parents also have the option to allow for the collection and use of their child’s information, but still restrict disclosure to third parties. Because the Personal Information entrusted to us are under the direct control of the originating school, district, or educational organization, if parents would like to exercise any of the above-mentioned rights, a parent should directly contact their children’s school or district. Should a school or district like to exercise any of the above-mentioned rights, please contact us at Policies@TheOpenEyes.com.
Do Not Track
We do not support “Do Not Track” browser settings and do not currently participate in any Do Not Track frameworks that would allow us to respond to signals or other mechanisms from you regarding the collection of your Personal Information.
OpenEyes Technologies, Inc.
1629 K St NW #300
Washington D.C. 20006