PRIVACY POLICY

1. CHILDREN'S PRIVACY

Minors and Children under 16.

If you are under the age of 16 please obtain permission from your parents/legal guardian or the school/library before using the Services. If World Book discovers that is has received a minor's or a child's personal information, without proper consent, World Book will delete it from our systems. World Book does not knowingly solicit or collect data online from, or market online to, minors or children under the age of 16.

CHILDREN UNDER THE AGE OF 13.

The Children's Online Privacy Protection Act of 1998 and its rules (collectively, "COPPA") require us to inform parents and legal guardians (as used in this section, "parents") about our practices for collecting, using, and disclosing personal information from children under the age of 13 ("children"). It also requires us to obtain verifiable consent from a child's parent for certain collection, use, and disclosure of the child's personal information.

This Section notifies parents of:

• The types of information we may collect from children.
• How we use the information we collect.
• Our practices for disclosing that information.
• Our practices for notifying and obtaining parents' consent when we collect personal information from children, including how a parent may revoke consent.
• All operators that collect or maintain information from children through this Site.

The other provisions of this Privacy Policy applies to teens and adults.

Information We Collect from Children

Often Children are on the Site as the result of a Business Subscription between World Book and the child's School or Library. Children can access many parts of the Site and its content and use many of its features without providing us with personal information. However, some content and features require us to collect certain information, including personal information, from them. In addition, we use certain technologies, such as cookies, to automatically collect information from our users (including children) when they visit or use the Site.

We only collect as much information about a child as is reasonably necessary for the child to participate in an activity, and we do not condition his or her participation on the disclosure of more personal information than is reasonably necessary.

Information We Collect Directly. A child must provide us with the following information to create a personal My World Book Account on our Site: name (not required to be a full name), a username, password, and security question and answer that a user can use to reset a password should it be forgotten.

We enable authorized users to communicate with others on or through the Site by posting to public areas of the Site. The nature of these Social Features allows children to disclose personal information about themselves. We do not monitor or review this content before it is posted, and we do not control the actions of third parties with whom your child shares his or her information. We encourage parents to educate their children about safe internet use and to monitor their children's use of social features.

Automatic Information Collection and Tracking. We use technology to automatically collect information from our users, including children, when they access and navigate through the Site and use certain features. The information we collect through these technologies may include:

• Cookies, including those provided by Google Analytics,
• Web beacons, or
• Internet Protocol (IP) Address and other connection information that identifies a device's location (geolocation information)

How We Use Your Child's Information

We use the personal information we collect from your child to:

• register him or her with the Site;
• allow him or her to create a personalized My World Book account to save information;
• track his or her performance in games or other activities;
• retain progress on digital assessments.

We use the information we collect automatically through technology (see Automatic Information Collection and Tracking) and other non-personal information we collect to improve our Site and Service and to deliver a better and more personalized experience by enabling us to: Store information about the child's preferences, progress and performance, allowing us to customize the content according to individual interests.

Our Practices for Disclosing Children's Information

We do not share, sell, rent, or transfer children's personal information other than as described in this section.

We may disclose aggregated information about many of our users:

1. To third parties we use to support the internal operations of our Site and who are bound by contractual or other obligations to use the information only for such purpose and to keep the information confidential.
2. If we are required to do so by law or legal process, such as to comply with any court order or subpoena or to respond to any government or regulatory request.
3. If we believe disclosure is necessary or appropriate to protect the rights, property, or safety of World Book, our customers or others, including to:
1. protect the safety of a child;
2. protect the safety and security of the Site; or
3. enable us to take precautions against liability.
4. To law enforcement agencies or for an investigation related to public safety.

Accessing and Correcting Your Child's Personal Information

At any time, you may review the child's personal information maintained by us, require us to correct or delete the personal information, and/or refuse to permit us from further collecting or using the child's information.

You can review, change, or delete your child's personal information by:

5. Sending us an email at wboltech@worldbook.com. To protect your privacy and security, we may require you to take certain steps or provide additional information to verify your identity before we provide any information or make corrections.

Operators That Collect or Maintain Information from Children

The following are all operators that may collect or maintain personal information from children through the Site:

Cybage Software Pvt. Ltd.Cybage Towers
Survey No 13A/ 1+2+3/1Wadgaon Sheri
Pune, Maharashtra - 411014Ph: +91-20-66041700

2. INFORMATION SPECIFIC TO TEENS AND ADULT USERS

A. WHAT PERSONAL DATA WE COLLECT

Information You Give Us

We collect personal data that you voluntarily share with us through the Site. For example, we collect information from you when you create an account or fill out a request form on the Site.

The personal data you might provide us may include:

• Identifiers, including real name, postal address, online identifier, Internet Protocol address, telephone number, email address, or account name, photograph, or driver's license.
• Financial information, including bank account number or debit card number.
• Protected classifications, such as military status.
• Commercial information, including products and services purchased; product registration data; and purchase, service, and installation dates.
• Geolocation data, including: location.
• Professional or Employment-Related Information.

You may also submit (a) order information, including name, company name, product information, and delivery address; and (b) payment information, including billing address, credit card number, expiration date, and CVV into the Site. This information is transmitted via Transport Security Layer (TSL) encryption to a third-party order and payment processor under contract with Company. This order and payment information is not stored on Company' servers.

Information We Collect Through Technology On The Site

We collect information through technology to enhance our ability to serve you. When you access and use the Site, Company and, in some cases, our third-party service providers collect information about how you interact with the Site. We describe below methods we use to collect information through technology.

1. IP Address And Other Connection Information
   When you visit the Site, we collect your device identifier, browser information, and Internet Protocol (IP) address. An IP address is often associated with the portal you used to enter the Internet, like your Internet service provider (ISP), company, association, or university. While an IP address may reveal your ISP or geographic area, we cannot determine your identity solely based upon your IP address. We do not link your personal data to device identifier information, browser information, and IP addresses. Where, according to local law, IP addresses and the like are considered personal data, then we treat them as such.

2. Do We Use Cookies?
   Yes. Cookies are small files that the Site or our service provider transfers to your computer's hard drive through your Web browser that enables the Site's or service provider's systems to recognize your browser and capture and remember certain information. We use cookies to help us understand how users use the Site. For example, cookies gather information about how long you spend on a web page so that we can understand what web pages are of most interest to users.

   If you prefer, you can choose to have your computer warn you each time a cookie is being sent, or you can choose to turn off cookies by adjusting your browser settings. If you turn off your cookies, some of the features on the Site may not function properly.

3. Google Analytics
   We use cookies provided by Google Analytics, a third-party service provider, to assist us in better understanding our Site visitors. These cookies collect data tied to a user's IP address, such as the length of time a user spends on a page, the pages a user visits, and the websites a user visits before and after visiting the Site. Based on this information, Google Analytics compiles aggregate data about Site traffic and Site interactions, which we use to offer better Site experiences and tools in the future. Google Analytics does not collect any personal data (other than IP Address which may be considered personal data in some countries). For more information on Google Analytics, visit https://support.google.com/analytics.

4. Web Beacons
   We include small graphic images or other web programming code, called web beacons (also known as "pixel tags", "web bugs" or "clear GIFs"), on the Site. The web beacons are minute graphics with a unique identifier. They are used to track the online movements of Web users. In contrast to cookies, which are stored in a user's computer hard drive, web beacons are embedded invisibly on Web pages and are about the size of the period at the end of this sentence.

5. Your 'Do Not Track' Browser Setting
   We support the Do Not Track (DNT) browser setting. DNT is a preference you can set in your browser's settings to let the websites you visit know that you do not want the websites collecting your personal data.

   Unless you tell us otherwise by selecting the DNT browser setting, we may track your online activities over time and across third-party websites or online services. For example, we might use web beacons to help us determine what links or advertisers brought you to our Site. We then track your activities on our Site. We also may use web beacons to track your visits to other websites so that third-party service providers can display Company advertisements to you on those other websites based on your activities while on the Site ("remarketing").

Information Third Parties Provide About You

We may supplement the information we collect about you through the Site with records received from third parties in order to enhance our ability to serve you, to tailor our content to you, and to offer you information that we believe may be of interest to you. For example, the service provider that processes orders submitted through the Site shares your order information, but not payment information, with us.

Information You Provide To A Third Party - The Site includes links from the Site to, and plug-ins (such as Twitter buttons) from, sites or applications operated by third parties ("Third-Party Sites"). Company does not control any Third-Party Sites and is not responsible for any information they may collect. The information collection practices of a Third-Party Site are governed by its privacy policy. It is your choice to enter any Third-Party Site. We recommend that you read its privacy policy if you choose to do so.

B. PURPOSES FOR WHICH WE USE THE PERSONAL DATA WE COLLECT

We use the information we collect to serve you and improve your experience on the Site. Some examples include:

• Addressing service complaints
• Communicating with you by email, telephone, or text message, in accordance with your wishes
• Evaluating job applications
• Sending you marketing and promotional emails, on behalf of Company or selected third parties, unless you have told us you do not want to receive such emails
• Troubleshooting technical problems on the Site
• Responding to questions and feedback
• Conducting research and analysis
• Marketing and advertising our products and services
• Improving customer service
• Continuously evaluating and improving the online and mobile user experience
• Preventing, discovering and investigating violations of this Privacy Policy or any applicable terms of service or terms of use for the Mobile Application, and investigating fraud, chargebacks or other matters
• Compliance with the law or to protect the rights, property, or safety of Company, our users, or others, including to maintain network and information security, for fraud prevention, and to report suspected criminal acts

Data Retention - We retain your personal data for the duration of the customer relationship, if any. We also retain your personal data for 12 months after our last interaction with you.

C. HOW WE SHARE THE PERSONAL DATA WE COLLECT

We do not sell or rent your personal data to third parties. The following are some of the ways we share your personal data:

1. Affiliated Companies: Company may also share your personal data with other companies in the Company family of companies as necessary to respond to your requests.
2. Third-Party Service Providers: We will share your personal data with third-party service providers under contract with Company to help us provide services to you. The following are some examples of the types of third-party service providers with which we share your personal data and our purpose for doing so:
3. Data Analytics: We retain third-party service providers to help us perform data analytics regarding your interactions with the Site. For example, Google Analytics may track what pages users visit on the Site and how long they stay there to determine how users use the Site.
4. Legal Advice: We may disclose your personal data to an attorney in the process of obtaining legal advice.
5. Third-party Processors: Through the Site, you transmit your order and payment information to a third-party order and payment processor.
6. Advertising Platforms: We may disclose the fact that you visited the Site to advertising networks so that they can show you Company advertisements on other websites and platforms. These services can help us tailor advertising that we think may be of interest to you based on your use of the Site and to otherwise collect and use data about your use of the Site.

We require these third-party service providers, by written agreement, to provide safeguards for your personal data similar to the ones that we provide.

1. Required Disclosures: We may be required to share personal data in a court proceeding, in response to a court order, subpoena, civil discovery request, other legal process, or as otherwise required by law.
2. Legal Compliance and Protections: We may disclose account and other personal data when we believe disclosure is necessary to comply with the law or to protect the rights, property, or safety of Company, our users, or others. This includes exchanging personal data with other companies and organizations for fraud protection and credit risk reduction.
3. Corporate Transactions: We reserve the right to disclose and transfer your data, including your personal data:
1. To a subsequent owner, co-owner, or operator of the Site or successor database.
2. In connection with a corporate merger, consolidation, the sale of substantially all of our membership interests and/or assets or other corporate change, including to any prospective purchasers.

D. HOW WE PROTECT THE PERSONAL DATA WE COLLECT

The security and confidentiality of your personal data is important to us. We have technical, administrative, and physical security measures in place to protect your personal data from unauthorized access or disclosure and improper use.

For example, we use Transport Security Layer (TSL) encryption to protect the data collection forms on our Site. In addition, we restrict access to your personal data. Only employees who need the personal data to perform a specific job (for example, a customer service representative) are granted access to personal data. Employees with access to personal data are kept up-to-date on our security and privacy practices.

It is important for you to protect against unauthorized access to your password and to your computer. Be sure to close your browser after you have completed your visit to the Site.

Please note that despite our reasonable efforts, no security measure is ever perfect or impenetrable, so we cannot guarantee the security of your personal data.

E. YOUR CHOICES REGARDING YOUR PERSONAL DATA

You may contact Privacy@scottfetzer.com to access, update, correct, and delete your personal data.

In addition, you may cancel or modify the email communications you have chosen to receive from Company by following the instructions contained in emails from us. Alternatively, you may email Company at wboltech@worldbook.com with your request, stating 'Unsubscribe' in the header and what email addresses you wish not to receive Company emails. Within a reasonable period, we shall ensure that such email addresses are unsubscribed.

3. PRIVACY NOTICE FOR CALIFORNIA RESIDENTS

If you are a California resident, California law may provide you with additional rights regarding our use of your personal information. To learn more about your California privacy rights, visit https://worldbookonline.com/wb/subscribe/Help?id=californiaprivacy.html.

4. COVERED INFORMATION FOR ILLINOIS RESIDENTS

In compliance with Illinois's Student Online Personal Protection Act ("SOPPA"), we make the following disclosures concerning World Book's collection, use, and disclosure of Covered Information here: https://worldbookonline.com/wb/subscribe/Help?id=illinoissoppa.html..

5. INFORMATION SPECIFIC TO NON-U.S. USERS

World Book products and services are offered through independent distributors in the European Union and World Book seldom offers products and services directly in the European Economic Area (which includes the EU and Switzerland), and generally this is done on an offline basis. World Book does not believe it has any direct obligations under the EU's General Data Protection Directive ("GDPR") or other EEA privacy laws. However, World Book supports the transparency and information objectives of the GDPR and other EEA privacy laws and therefore is providing the following information as a notice to EEA users of Online Services.

When this Privacy Policy uses the phrase "Personally Identifiable Information" or "PII", these phrases cover everything that constitutes "personal; data" for purposes of the GDPR and other EEA privacy laws.

Controller: World Book, Inc., a company incorporated in Delaware, U.S.A.

Purpose and Legal Basis for Processing: We process your PII to support our legitimate interests of providing you with information regarding World Book products and services and in particular to respond to requests you specifically make to us regarding World Book products and services. See also the section entitled "How we use your personal data" above.

Recipients: Please see the section entitled "How we use your personal data" above.

International Transfers: As indicated above, World Book and its IT systems are maintained in the United States. Any PII you submit to us is held in the United States.

Personal Information Retention: When you enter your details in this site, the data is generally retained for a period of 12 months from the last date of our contact with you, although it may be deleted earlier.

Data Subject Rights: To the extent permitted by law, you are entitled to obtain information on the processing of your PII, to object to the processing of your PII, to make use of your right to data portability and to have your PII data rectified or deleted or its processing restricted. You are also entitled to lodge a complaint with a supervisory authority, which is generally the supervisory authority where you work and/or are resident.

If you have given us your consent to contact you, you may revoke this consent at any time. Such revocation will not affect any PII which is processed by us on another legal basis, for example, to fulfill our obligations to ensure you are provided with any World Book products and services which we are committed to providing you.

6. HAVE QUESTIONS?

If you have any questions about this Privacy Policy, we'll do our best to answer them promptly. You can contact us at: wboltech@worldbook.com or by calling 800-338-8382.

7. CHANGES TO THIS PRIVACY POLICY

If we change this Privacy Policy, we will post those changes on this page and update the Privacy Policy modification date above. If we materially change this Privacy Policy in a way that affects how we use or disclose your personal data, we will provide a prominent notice of such changes and the effective date of the changes before making them.