PRIVACY POLICY

1. OUR COLLECTION OF PERSONAL INFORMATION

We collect personal information in connection with your visits to and use of the Services. This collection includes information that you provide in connection with the Services, information from third parties, and information that is collected automatically such as through the use of cookies and other tracking technologies.

Personal Information Collected from You

We collect personal information from you. The categories of information we collect can include:

• Account and profile information: We collect personal information from you when you register and create a user account on one of the World Book Online products. The personal information we collect during account registration may depend on your account type but could include username, email address (optional), and other contact information you provide.
• Single Sign On Services: If you choose to link your account with us to a third-party account (such as your Google SSO, or a Federated Single Sign On Service using SAML, MS SAML, or other proprietary SSO standards), we collect information from SIS, LMS, or other similar systems to facilitate account creation and logon processes for the performance of our contract.
• Payment and billing information: When you make payments through the Services, you will need to provide certain financial account information. We also collect payment information if you make a purchase or sign up for a subscription. Please note that we use third-party payment processors to process payments made to us. As such, we do not retain any financial account information, such as credit card numbers. Rather, all such information is provided directly by you to our third-party processor. The payment processor’s use of your personal information is governed by their privacy notice.
• Contact and communications information: We collect personal information when you sign up for our newsletter or mailing list or otherwise communicate with us, including by contacting us in person (for example, at conferences, workshops, seminars, and other events), via telephone calls, text message, facsimile, or email. We may also collect personal information through your communications with our customer-support team.

Personal Information Automatically Collected

General. As is true of many digital properties, we and our third-party partners may automatically collect certain information from or in connection with your device when visiting or interacting with our Services, such as the list below and in the sub-sections here:

• Device Data, including internet protocol (IP) address, operating system, device type and version, browser type and version, browser id, the URL entered and the referring page/campaign, date/time of visit, other user agent string data, the time spent on our Services, and any errors that may occur during the visit to our Services. Device data may overlap with the other categories of data below.
• Analytics Data, including the path taken to our Services, through our Services, and when exiting our Services, usage, and activity on or in connection with our Services, metrics on how many emails we send are opened and which attachments or links are opened, clicked, or viewed (such as via pixels, as described further below).
• Location Data (such as geographic location we or our third-party providers may collect, such as via Wi-Fi or IP address).
• Advertising/Advertising Measurement Data, including data associated with your view of, or click on, advertisements served on our Services, cookie IDs or other digital or proprietary identifier (e.g., iOS IDFA, Google AAID) assigned to such device, and device metadata, analytics data, and location data described above, in each case, for purposes of serving advertising (personalized or otherwise) or facilitating advertising measurement/attribution to better optimize or otherwise understand the effectiveness of ad campaigns.

For more information on our and third-party partners’ data collection and online advertising practices, please see the “Our Third-Party Data Collection and Online Advertising Practices” section of this Privacy Notice.

Note that we and our third-party partners may combine information that each of us collects automatically with other information about you, including information you choose to provide.

Cookies and Other Tracking Technologies. We and our third-party providers may use cookies that our Sites and other online services use to store information about users on the users’ computers and other tracking technologies, such as web beacons, pixels, SDKs, scripts, location-identifying technologies, and logging technologies to automatically collect the personal information described in this section (and otherwise expanded upon in other sections). See the “Control Over Your Information” section below to learn more about how you may limit or disable cookies or certain other tracking technologies on your device.

We use or may use the data collected through tracking technologies to secure the Services, improve the Services, to save you time, to provide better technical support, and to track usage of our Sites. For example, tracking technologies help us to: (a) remember information so that a user will not have to re-enter it during subsequent visits; (b) provide custom, personalized content and information; (c) identify you across multiple devices; (d) provide and monitor the effectiveness of our Services; (e) monitor aggregate metrics such as total number of visitors, traffic, and usage on our Services; (f) diagnose or fix technology problems; (g) help users efficiently access information after signing in; and (h) otherwise plan for and enhance our Services.

Personal Information from Third-Party Sources

We also obtain personal information from third parties, which we often combine with personal information we collect either automatically or directly from you.

We may receive the same categories of personal information as described above from the following third parties:

• Your Employer, Company, Organization, or School: When an individual interacts with our Services as an employee, representative, mentor/coach, or teacher of their employer, company, organization, or school, we may receive their information from their employer or organization, or other employees or representatives at their employer or organization. If you are a Student, we may receive your information from your school, teacher, mentor/coach, or organization.
• Social Media: When an individual interacts with our Services through various social media networks, such as when someone “Likes” us on Facebook or follows us or shares our content on Google, Facebook, Twitter, or other social networks, we may receive some information about individuals that they permit the social network to share with third parties. The data we receive is dependent upon an individual’s privacy settings with the social network. Individuals should always review and, if necessary, adjust their privacy settings on third-party websites and social media networks and services before sharing information and/or linking or connecting them to other services.
• Business Partners: We may receive your information from our business partners, such as companies that offer their products or services on our Services or that co-sponsor an event with us.
• Service Providers: Our service providers that perform services solely on our behalf, such as payment processors, video and audio providers, or survey and certain advertising/marketing providers, collect personal information and may share some or all of this information with us.
• Information Providers: We may from time to time obtain information from third-party information providers to correct or supplement personal information we collect. For example, we may obtain updated contact information from third-party information providers to reconnect with an individual or obtain demographic information (e.g., interests, preferences).
• Other Sources: We may also collect personal information about individuals that we do not otherwise have from, for example, publicly available sources, third-party data providers, brand partnerships, or through transactions such as mergers and acquisitions.

2. OUR USE OF PERSONAL INFORMATION

We collect the above-mentioned information for various purposes, including:

• To fulfill your requests and provide our Services to you. This includes:
  • Making our Services, including providing our products, features, and services to schools and other organizations to use when providing educational services.
  • Coordinating access to your account.
  • Sending you service/transaction-related messages, such as changes to your account.
  • Communicating about, and administering your participation in, events, conferences, programs, contests, surveys, polls, panels, questionnaires, and other offers or promotions.
• For research purposes. We may use your information to conduct research into the educational efficacy and outcomes of students using our products or services. Any such use of data for this purpose will only occur on anonymized data. We will not use your personally identifiable information (PII) in research studies without your consent.
• For marketing purposes We will send you communications about new features, updates, products, and special offers. We may also use your information to serve you ads about our products or other products or services we (or our advertising partners, such as other third-party brands) think you might find interesting. We may also use individual and aggregate information about you to inform our marketing and advertising campaigns. For more information on your choices about marketing communications, see the “Control Over Your Information” and the “Our Third-Party Data Collection and Online Advertising Practices” sections of this Privacy Notice.
• To communicate with you. For example, we may communicate with you about your account activities, such as by providing you with transaction confirmations or alerting you when a subscription is up for renewal. If you register with us, we may enroll you in our email newsletters or other periodic electronic communications and may also send you user surveys and promotional communications. We may communicate with you by email, postal mail, telephone, text message, or other means. For more information on how to adjust your communications preferences, see the “Control Over Your Information” section of this Privacy Notice.
• To monitor, improve, and develop our products and services. We may use your information to understand our visitors and customers and to tailor or optimize our Services. For example, we may analyze statistics and trends to make our Services better and to develop the Sites or new services or features.
• To protect the security and integrity of our business, comply with legal requirements and obligations, or as otherwise permitted by law. We may use information to protect World Book, Inc, our users, and our Services. We may also use information in order to comply with laws, regulations, court orders, or other legal obligations or to assist in an investigation, protect and defend our rights and property, or the rights or safety of third parties, enforce our Terms and Conditions, this Privacy Notice, or agreements with third parties, detect and prevent fraud or for crime-prevention purposes, or for any other reason permitted by law. We may take part in or be involved with a corporate business transaction, such as a merger, acquisition, joint venture, or financing or sale of company assets and may use information in connection with or as an asset in such a corporate business transaction. Personal information may also be used in the event of insolvency, bankruptcy, or receivership.
• For any other purposes with your consent, at your direction, or where notice is provided. We may use your personal information for any other purposes with your consent, at your direction, or where notice is otherwise provided.

3. OUR DISCLOSURE OF PERSONAL INFORMATION

World Book, Inc may disclose your personal information when you post content that is visible to others on the Services, when you consent or instruct us to share your information with third parties, or when we have a legitimate business or legal need to share your information. We may also disclose anonymous or aggregate information that does not reasonably identify you as an individual. For example, your information may be shared with:

• Other Users, Schools, Libraries, or Organizations. If you use the Services in connection with another user, a teacher, a mentor/coach, a school, a library, your employer, or an Organization, they may have access to your information. For example, if you are a teacher using our Services, authorized administrative users from your school and program may have access to your entire teacher or Student profiles, including if available, email address, phone number, and other personal information that you provide.
• Usage Reports. We may use your information to generate usage reports for your library, school, district, administrators, and teachers. This data is aggregated and in anonymized form so that it is not associated with individual users and does not include personal information (PI) or personal identifiable information (PII).

We may also share information for the following business purposes:

• Service providers. Third-party vendors and other service providers that perform services on our behalf, as needed to carry out their work for us, which may include providing mailing services, providing payment or accounting services, web hosting, or providing analytic services.
• Third parties in connection with a business transaction. Other parties in connection with a company transaction, such as a merger, sale of company assets or shares, reorganization, financing, change of control or acquisition of all or a portion of our business by another company or third party, or in the event of a bankruptcy or related or similar proceedings.
• Law enforcement, regulators, and other parties for legal reasons. Third parties as required by law or subpoena or if we reasonably believe that such action is necessary: (a) to comply with the law and the reasonable requests of law enforcement; (b) to enforce our Terms and Conditions or to protect the security or integrity of our Services; and/or (c) to exercise or protect the rights, property, or personal safety of World Book, Inc, our users, visitors, or others.

We may also share information with others in an aggregated or otherwise anonymized form that does not reasonably identify you directly as an individual. For example, we may use and share aggregate or anonymized data to study and improve our Services, user functionality, and product offerings.

4. OUR THIRD-PARTY DATA COLLECTION AND ONLINE ADVERTISING PRACTICES

World Book, Inc may participate in interest-based advertising and use third party advertising partners to collect information from visitors to the Services for the purpose of displaying interest-based advertisements on other websites, apps or services, social networks, or on other devices you may use. Typically, though not always, these third-party ad networks use cookies and tracking technologies to recognize your browser or device and to collect information about your visit to our Services to provide you with customized content, advertising, and commercial messages which may be more relevant to your interests, as well as to provide advertising-related services such as reporting, attribution, analytics, and market research.

Advertising Limitations. World Book, Inc does not use, disclose, or sell Student Data (defined in Section 7) to (a) inform, influence, or enable Targeted Advertising; or (b) develop a profile of a student, family member/guardian or group, for any purpose other than providing services to the library or LEA. We do not allow third-party advertising networks to collect information on our learning platforms for targeted advertising purposes nor knowingly direct targeted advertising to individuals we know to be Students on our Services or on any other website or online service.

Please see the “Control Over Your Information” section of this Privacy Notice to learn how you can opt out of interest-based advertising.

5. CONTROL OVER YOUR INFORMATION

• Modifying or Deleting your Account information: If you have an account for a World Book, Inc Digital Product, your account information can be updated by contacting us at slhelp@worldbook.com. Note we may not be able to modify or delete your information in all circumstances.
• Control email communications: You can opt-out of receiving promotional emails from us by clicking the “unsubscribe” link at the bottom of each email. Unfortunately, you cannot unsubscribe from Services-related messaging.
• Communications: We may use personal information we collect to communicate with individuals, including to market to you or offer you information and updates on products or services we think you may be interested in. You can unsubscribe from marketing calls or text messages at any time by replying STOP or clicking the unsubscribe link (where available) in one of our messages.
• Cookies and Other Tracking Technologies: To manage cookies, an individual may have the ability to change their browser settings to (for example): (i) notify them when they receive a cookie, so, the individual can choose whether or not to accept it; (ii) disable existing cookies; or (iii) automatically reject cookies (or certain types of cookies, such as cookies set by third parties). Note that similar controls may exist for other tracking technologies, such as pixels, SDKs, and local Storage. Please check your device or browser settings and related documentation for more information.

Further, note that restricting the use of these technologies might negatively impact an individual’s experience using our Services, as some features or offerings may be less personalized or may not work as otherwise intended. Depending on an individual’s device and operating system, the individual may not be able to delete or block all cookies or other tracking technologies described in this Privacy Notice. In addition, if an individual wants to reject cookies across all browsers and devices, the individual will need to do so on each browser and device they use. An individual may also have options within their email client to prevent the automatic downloading of images that may contain technologies that would allow us to know whether they have accessed our email and performed certain functions with it.

• Digital Products and Services: World Book, Inc does not market or advertise to students, teachers, or library patrons that use our learning platforms, services, or websites.
• Online Ads: To learn more about interest-based advertising and how you may be able to opt-out of some of this advertising (to the extent the advertising partner or other entity participates in such industry opt-out pages), you may wish to visit the Digital Advertising Alliance’s (DAA) resources at www.aboutads.info/choices or the Network Advertising Initiative’s (NAI) online resources at http://www.networkadvertising.org/choices/. You can also opt-out of receiving some interest-based advertisements on mobile apps by visiting http://www.aboutads.info/appchoices. You may also be able to opt-out of some — but not all — interest-based advertising served by mobile ad networks by visiting http://youradchoices.com/appchoices and downloading the mobile AppChoices app.

Please note that when you opt out of receiving interest-based advertisements, this does not mean you will no longer see advertisements from us or on our online services. It means that the online ads that you do see from these self-regulatory program participants (or other participants that may provide an opt-out mechanism) should not be based on your interests. We are not responsible for the effectiveness of, or compliance with, any third parties opt-out options or programs, or the accuracy of their statements regarding their programs. In addition, third parties may still use cookies to collect information about your use of our online services, including for analytics and fraud prevention as well as any other purpose permitted under those self-regulatory programs.

If you have any questions or requests about your account information, contact us directly at slhelp@worldbook.com.

6. LINKS TO OTHER WEBSITES AND SERVICES

The Services may contain links to and from third-party websites of our business partners, advertisers, social media sites, and other services. If you follow a link to any of these websites, please note that these websites have their own privacy policies and we do not accept any responsibility or liability for their policies or content. We strongly recommend that you read their privacy policies and terms and conditions of use to understand how they collect, use, and share information.

7. HOW WORLD BOOK, INC USES STUDENT DATA

This section describes how we collect, use, disclose, and process Student Data collected through the Services.

Please note that third-party learning providers that libraries, schools, or educational organizations may engage with through the Services may have practices and policies that differ from those described herein. The Student Data we disclose to third-party services you integrate, such as web-based learning management systems, as well as any other personal information such provider collects from the library, school, or educational organization and Students directly, will be governed by the provider’s own privacy policy and the terms of any other agreement between the learning provider and the library, school, or educational organization. Please read the privacy policy of any third-party learning provider to understand their privacy practices.

General Student Data Practices: In addition to the data collection practices specified in this Privacy Notice, we also collect the following information in connection with Students and library, schools, and educational organizations:

• Information about Libraries, Schools, and Educational Organizations: We ask for certain information when a representative corresponds with us online, including a name, school/organization name, school district, school/organization email address, school country and state, and relevant IT and equipment information as required to resolve customer service requests. Representatives, teachers, and mentors/coaches may also provide information about Students. We may also collect information provided by a school or educational organization if the school or educational organization sends us a message, posts content to our Sites or through our Services, or responds to emails or surveys. Once a library, school, or educational organization begins using the Services, we will collect content and information provided by the library, school, or educational organization through their use of the Services and we will keep records of activities related to the Services.
• Information about Students: We do not collect information about Students from the library, school, or educational organization.
• Student Data Usage and Content: Students may create an optional “My Research” account including name (first name only), and a username/password and security question and answer they create. Student “My Research” accounts allow students to save collections of articles and media from World Book’s digital database products. They can also create notes associated with these collections. The optional “My Research” accounts associated with a LEA, school, library, or any other account holder are purged within 90 days of the end of the Service.

Compliance with Laws: We do not use Student Data for any purpose other than to provide the Services, in accordance with our contractual agreements with the participating schools and libraries, our Terms and Conditions, and this Privacy Notice. World Book, Inc does not own or control Student Data, which belongs to the Student or the Library or School that contracts with World Book, Inc to provide the Services.

The World Book, Inc Services are designed to provide protections for Student Data as required by applicable privacy laws throughout all 50 states and territories. For example:

• The Family Educational Rights and Privacy Act (FERPA). This Privacy Notice and our Services are designed to meet our responsibilities to protect personal information from the Students’ educational records under FERPA. We agree to work with our school partners to jointly ensure compliance with the FERPA regulations.
• Children’s Online Privacy Protection Act (COPPA). World Book, Inc products and services are not marketed to children under 13 and we do not knowingly solicit data from children under the age of 13 outside the use of Services provided to a library, school, or LEA.
• Students Online Personal Information Protection Act (“SOPIPA”). This Privacy Notice and our Services are designed to comply with SOPIPA. We do not use Student Data for targeted advertising purposes. We do not use collected information to amass a profile of a Student except in furtherance of providing the features and functionality of the Services. We never sell Student Data unless the sale is part of a corporate transaction, such as a merger, acquisition, bankruptcy, or other sale of assets, in which case we make efforts to ensure the successor entity honors the privacy commitments made in this Privacy Notice and/or we will notify the school and provide an opportunity to opt-out by deleting Student Data before the data transfer occurs.
• California Assembly Bill 1584 (“AB 1584”). This Privacy Notice and our Services are designed to comply with AB 1584. Pupil records obtained by World Book, Inc from a local educational agency (“LEA”) continue to be the property of and under the control of the LEA. Parents, legal guardians, or eligible pupils may review personally identifiable information in the pupil’s records and correct erroneous information by contacting their LEA directly. In the event of an unauthorized disclosure of a pupil’s records, World Book, Inc will notify the LEA and will provide the LEA with information to be shared with the affected parent(s), legal guardians(s), or eligible pupil(s). Pupil records will be deleted and/or de-identified in accordance with our agreements with each school and as described in this Privacy Notice.

Student Data Privacy Principles: We are committed to the following principles to protect Student Data:

• We collect, maintain, use, and share Student Data only to provide and support the Services as described in our Privacy Notice, to maintain, develop, support, or improve our Services, and as otherwise permitted by our agreements or with the consent of the parent, guardian, Student, organization, or school.
• We do not use or disclose Student Data for targeted advertising purposes.
• We maintain a comprehensive data security program designed to protect the types of Student Data maintained by the Services.
• We will clearly and transparently disclose our data policies and practices to our users.
• We will never sell Student Data unless the sale is part of a corporate transaction, such as a merger, acquisition, bankruptcy, or other sale of assets, in which case we will require the new owner to continue to honor the terms provided in this Privacy Notice or we will provide the school with notice and an opportunity to opt-out of the transfer of Student Data by deleting the Student Data before the transfer occurs.
• We will not make any material changes to our Privacy Notice or contractual agreements that relate to the collection or use of Student Data without first giving notice to the school and providing a choice before the Student Data is used in a materially different manner than was disclosed when the information was collected.

How to Review and Delete Student Data: A school or other educational organization may review and delete a Student’s “My Research Account,” if in compliance with any applicable law. Student data is retained within the system during its useful life. If a student exits a district\organization, their data will remain in the system until that year's end of year process. Student information may be removed from the system at any time by appropriate district personnel. In all cases, all backup information will be removed with a 30-day rotation cycle. If you are a parent or Student, please contact your school or other educational organization to access any personal information, limit a Student’s access to the Services, or delete personal information or the Student’s entire profile.

If you have any questions about our practices with regard to Student Data, please contact us at slhelp@worldbook.com.

8. CALIFORNIA RESIDENTS

California Consumer Privacy Act (CCPA/CPRA)

Scope. This section applies only to California residents. It describes how we collect, use, and share Personal Information of California residents as a “business” under the California Consumer Privacy Act (“CCPA”) and their rights with respect to that Personal Information. For purposes of this section, “Personal Information” has the meaning given in the CCPA. However, this section does not apply to

• Information exempted from the scope of the CCPA, including nonpublic personal information.
• Personal Information we collect from individuals acting in their capacities as representatives of organizations solely in the context of conducting due diligence regarding, or providing or receiving a product or service to or from, such organizations; and
• Personal Information we collect, use, and share on behalf of our customers as a “service provider” under the CCPA for purposes of providing our services to them.
• World Book, Inc does not sell (as such term is defined in the CCPA) the Personal Information we collect (and will not sell it without providing a right to opt out).

Your California privacy rights. You have the following rights under the CCPA:

• Information. To request the following information about how we have collected and used your Personal Information during the past 12 months:
  • The categories of Personal Information that we have collected.
  • The categories of sources from which we collected Personal Information.
  • The business or commercial purpose for collecting Personal Information.
  • The categories of third parties with whom we share Personal Information.
  • Whether we have disclosed your Personal Information for a business purpose, and if so, the categories of Personal Information disclosed to each category of third-party recipient.
• Access. To request a copy of the Personal Information that we have collected about you during the past 12 months.
• Deletion. To request that we delete the Personal Information that we have collected from you.
• Nondiscrimination. To exercise the rights described above free from discrimination as provided in the CCPA.

How to exercise the above rights.

To exercise your rights to disclosure, deletion, or correction as described above, please contact us at slhelp@worldbook.com.

9. GENERAL DATA PROTECTION REGULATION (GDPR)

We are a Data Controller of your information.

World Book, Inc legal basis for collecting and using the personal information described in this Privacy Policy depends on the Personal Information we collect and the specific context in which we collect the information:

• World Book, Inc needs to perform a contract with you.
• You have given World Book, Inc permission to do so.
• Processing your personal information is in World Book, Inc legitimate interests.
• World Book, Inc needs to comply with the law.

World Book, Inc will retain your personal information only for as long as is necessary for the purposes set out in this Privacy Policy. We will retain and use your information to the extent necessary to comply with our legal obligations, resolve disputes, and enforce our policies.

If you are a resident of the European Economic Area (EEA), you have certain data protection rights. If you wish to be informed what Personal Information, we hold about you and if you want it to be removed from our systems, please contact us.

In certain circumstances, you have the following data protection rights:

• The right to access, update or to delete the information we have on you.
• The right of rectification.
• The right to object.
• The right of restriction.
• The right to data portability.
• The right to withdraw consent.

If you have any questions about our practices with regard to GDPR, please contact us at slhelp@worldbook.com.

10. CHANGES TO OUR PRIVACY NOTICE

World Book, Inc may modify or update this Privacy Notice from time to time so you should review this page periodically. If we change this Privacy Notice in a material manner, for example, if we seek to use personal information in a materially different manner than we had previously, we will let you know and update the “Last Updated” date at the top of the page.

11. CONSENT

By using our website or services you hereby consent to our Privacy Notice and agree to its terms.

12. HOW TO CONTACT US

If you have any questions about our privacy practices or this Privacy Notice, please email us at slhelp@worldbook.com or contact us at:

World Book
180 N. LaSalle St., Suite 900
Chicago, IL 60601