Privacy Policy

Privacy Policy (“Privacy Policy”, “Agreement”)

Key Information

BitRead (BitRead website owners) is the data controller of your personal information. - We collect the personal information set out in the "What Information We Collect" section of this Privacy Policy below, including account registration details, details of online courses and quizzes you undertake, survey information (where you provide it), identity verification data and information about your use of our site and services. - We use your personal information for the purposes set out in the "How We Use the Information" section of this Privacy Policy below, including providing our site and services to you, ensuring the security and performance of our site, research relating to academic courses and quizzes, sharing information with our partners (such as academic institutions) and our suppliers, direct marketing and performing statistical analysis of the use of our site and services. - We process your personal data as set out in this Privacy Policy on the basis of your consent. In situations where we obtain your personal data from a source other than you, we process your data on the basis of legitimate interests, until the earlier of (a) the point at which you provide your consent; or (b) the point at which you ask us to stop processing your data on the basis of our legitimate interests. We also rely on legitimate interest for very limited additional purposes as set out in the "What You Agree to by Using Our Site" section. - You have a number of rights that you can exercise in relation to our use of your personal information, as set out in the "Updating or Deleting Your Personally Identifiable Information" section of this Privacy Policy below.

Effective: 24 May 2018

Terms of Service

Thank you for using BitRead!

General

At BitRead, we know how much you care about your personal information, so we have prepared this privacy policy to explain how we collect, use, and share it with third parties.

We want to show you that we handle your personal information in a confidential and responsible way and that any processing of your personal information takes place in compliance with the General Data Protection Regulation („GDPR“).

To avoid unauthorized access to your personal data and generally secure such data, we and our partners use encrypted transmission. Those safety measures are constantly revised to comply with the latest technological developments.

We may update our privacy policy to reflect changes to our information practices. If we do this and the changes are material, we will post a notice that we have made changes to this privacy policy on the Websites for at least 7 days after the changes are made, ask for your consent, and indicate the date these terms were last revised at the top of the privacy policy. Any revisions to this privacy policy will become effective the earlier of (i) the end of that 7-day period or (ii) the first time you access or use the Services after any such changes.

The purpose of this Privacy Policy is to describe how BitRead ("BitRead," "us," "we," or "our") collects, uses and shares information about you through our online interfaces (e.g., websites and mobile applications) owned and controlled by us, including bitread.app (collectively referred to herein as the "Site"). Please read this notice carefully to understand what we do. If you do not understand any aspects of our Privacy Policy, please feel free to contact us at [email protected] . Your use of our Site is also governed by our Terms of Use.

If you reside or are located in the European Economic Area ("EEA") BitRead is the data controller of all Personally Identifiable Information (as defined below) collected via the Site and of certain Personally Identifiable Information collected from third parties, as set out in this Privacy Policy.

What Information this Privacy Policy Covers

This Privacy Policy covers information we collect from you through our Site. Some of our Site’s functionality can be used without revealing any Personally Identifiable Information, though for features or services related to the Online Courses and Quizzes, Personally Identifiable Information is required. In order to access certain features and benefits on our Site, you may need to submit, or we may collect, "Personally Identifiable Information" (i.e., information that can be used to identify you). Personally Identifiable Information can include information such as your name and email address, among other things. If you reside or are located in the EEA, it can also include your IP address or device identifier. You are responsible for ensuring the accuracy of the Personally Identifiable Information you submit to BitRead. Inaccurate information may affect your ability to use the Site, the information you receive when using the Site, and our ability to contact you. For example, your email address should be kept current because that is one of the primary manners in which we communicate with you.

What You Agree to by Using Our Site

Please understand that by submitting any Personally Identifiable Information to us, you consent and agree that we may collect, use and disclose such Personally Identifiable Information in accordance with this Privacy Policy and our Terms of Use, and as permitted or required by law. If you do not agree with these terms, please do not provide any Personally Identifiable Information to us. If you refuse or withdraw your consent, or if you choose not to provide us with any required Personally Identifiable Information, we may not be able to provide you with the services that can be offered on our Site. Consent can be withdrawn at any time by navigating to your profile page and clicking the box to remove consent or deleting your account.

Please note that we rely on legitimate interests as the basis for processing your data in the limited circumstances set out below:

• - In situations where we obtain your personal data from a source other than you, we process your data on the basis of legitimate interests, until the earlier of (a) the point at which you provide your consent; or (b) the point at which you ask us to stop processing your data on the basis of our legitimate interests;
• - We will retain your student records relating to degrees or credit-bearing courses and quizzes for our own compliance and verification purposes, even after you withdraw your consent to our processing of your data;
• - We will archive information about your use of our services, even after you withdraw your consent to our processing of your data. This information will only be used in very limited circumstances, such as for defending legal claims relating to contracts we have with you or a third party and retention for audit purposes relating to commercial contracts; and
• - We will use information relating to your use of our services for statistical analysis and research purposes, however we delete your name and email address from such information before we do so.

What Information We Collect

We gather two types of information about users through the Site:

1. Information relating to your use of our Site. When users come to our Site, we may track, collect and aggregate information indicating, among other things, which pages of our Site were visited, the order in which they were visited, when they were visited, and which hyperlinks were "clicked." We also collect information from the URLs from which you linked to our Site. Collecting such information may involve logging the IP address, operating system and browser software used by each user of the Site. We may be able to determine from an IP address a user’s Internet Service Provider and the geographic location of his or her point of connectivity.

We also use (or may use) cookies and web beacons when you visit our Site. For more information on our use of cookies and web beacons, please refer to our [Cookie Policy].

If you visit the Websites, we process only Data that your browser communicates to our servers. We collect the following Data, which is necessary for us in order to display the Website correctly and guarantee the necessary stability and safety:

IP address;
date and time stamp;
time difference to GMT;
requested site;
access status/HTTP status code;
transmitted data volume;
site from which the request was sent;
browser;
operating system and interface; and
language and version of the browser software.

2. Personally Identifiable Information provided directly by you or via third parties. We collect Personally Identifiable Information that you provide to us when you register for an account, update or change information for your account, complete a survey, sign-up for email updates or Courses and Quizzes, participate in our public forums, discussions, send us email messages, and/or participate in Courses and Quizzes or other services on our Site. We may use the Personally Identifiable Information that you provide to respond to your questions, provide you the specific course and/or services you select, send you updates about Courses and Quizzes offered by BitRead or other BitRead events, and send you email messages about Site maintenance or updates.

• - Account Registration. If you register for an account on our Site, you may be required to provide us with Personally Identifiable Information such as your name and email address.
  Depending on your choice of registration, we process the following Data:
  BitRead:
  
  email address and full name.
  
  Facebook single sign-on application:
  
  email address, full name;
  third-party ID; and
  profile picture.
  
  Google single sign-on application:
  
  email address, full name, gender;
  language;
  IP address; and
  profile picture.
  
• - Updates. BitRead may offer you the ability to receive updates either via email or by posting on portions of the Site only accessible to registered users. In order to subscribe to these services, you may be required to provide us with Personally Identifiable Information such as your name and email address.
• - Forums/Discussions. BitRead may offer public forums/discussions from time to time (the "Discussions") where you can share comments and thoughts. In order to participate in the Discussions, you may be required to register with us and/or provide us with Personally Identifiable Information such as your name and email address. Please keep in mind that information you post or make available in Discussions will be publicly available. You should not post any Personally Identifiable Information or other information of a personal or sensitive nature, whether relating to you or another person, on a Discussion. Please also reference our Terms of Use for and additional information about proper use of our Discussions.
• - Participation in Courses and Quizzes. BitRead offers users the opportunity to participate in a Courses and Quizzes on or through the Site. If you desire to participate in a course, you will be asked to provide us with certain information necessary to conduct such a course. This information may include, among other things, your name and email address.

If you participate in a course, we may collect from you certain student-generated content, such as answers you submit, peer-graded reviews, and peer grading contribution feedback. We also collect course and course data, such as student responses to courses and quizzes, and surveys. You should not include any Personally Identifiable Information or other information of a personal or sensitive nature, whether relating to you or another person, on answers, or surveys, except for information required to participate or submit such answerd, or surveys.

• - Identity Verification. BitRead may offer you the ability to verify your identity for selected courses and quizzes. In order to enroll for these services, you may be required to provide us or our third-party identity verification vendor with Personally Identifiable Information such as your name, address, date of birth, a headshot taken using a webcam, and a photo identification document.
• - Communications with BitRead. We may receive Personally Identifiable Information when you send us an email message or otherwise contact us.
• - Third Party Sites. We may receive Personally Identifiable Information when you access or log-in to a third party site, e.g., Facebook, Google+, from our Sites. This may include the text and/or images of your Personally Identifiable Information available from the third party site.
• - Surveys. We may receive Personally Identifiable Information when you provide information in response to a survey operated by us. This may include details about your race, your education history, and your employment.
• - Partner sites. Partner sites providing Course related tools and services to BitRead users may collect nonfinancial individual level user data regarding the individual’s use of that partner site while engaged with such Course related activities, and the partner sites may share that data with BitRead for the purpose of improving BitRead’s services, the partner site’s services, and the individual’s education experience. This data includes information such as the amount of time spent on the partner site and pages viewed.
• - Third Party Credit Card Processing. BitRead provides you with the ability to pay for Courses and Quizzes and other services using a credit card through a third party payment processing service provider. Please note that our service provider – not BitRead – processes and/or collects your credit card information.
  
  When you make purchases in the Services, we process the following Data:
  
  address;
  credit card information; and
  subscription status.
  

When you use the Services, we process the following Data:

when you checked prices on subscription, and what subscription you were interested in;
when you purchase something in the Services; and
what kind of tracks, courses, quizzes, and exercises you complete.

How We Use the Information

1. Information relating to your use of our Site. We use information relating to your use of the Site to build higher quality, more useful services by performing statistical analyses of the collective characteristics and behavior of our users, and by measuring demographics and interests regarding specific areas of our Site. We may also use this information to ensure the security of our services and the Site.

2. Personally Identifiable Information provided directly by you or via third parties. Except as set forth in this Privacy Policy or as specifically agreed to by you, BitRead will not disclose any of your Personally Identifiable Information. In addition to the other uses set forth in this Privacy Policy, we may disclose and otherwise use Personally Identifiable Information as described below.

• - Providing the Site and our services. We use Personally Identifiable Information which you provide to us in order to allow you to access and use the Site and in order to provide any information, products or services that you request from us.
• - Technical support and security. We may use Personally Identifiable Information to provide technical support to you, where required, and to ensure the security of our services and the Site.
• - Updates. We use Personally Identifiable Information collected when you sign-up for our various email or update services to send you the messages in connection with the Site or a Course. We may also archive this information and/or use it for future communications with you, where we are legally entitled to do so. The processing of Data pursues the purpose of marketing for our own products (newsletters, push messages).
• - Discussions. You should not post any Personally Identifiable Information or other information of a personal or sensitive nature, whether relating to you or another person, within a Discussion post. If you choose to post Personally Identifiable Information, such Personally Identifiable Information may be collected during your use of the Discussions. We may publish this information via extensions of our Platform that use third-party services, like mobile applications. We reserve the right to reuse Discussion posts that contain Personally Identifiable Information in future versions of the courses and quizzes we offer, and to enhance future course offerings. We may archive this information and/or use it for future communications with you and/or your designee(s), and/or provide it to the business partner associated with the courses and quizzes you have taken. We may also use or publish posts submitted on the Discussions without using Personally Identification Information.
• - Participation in Courses and Quizzes. We use the Personally Identifiable Information that we collect from you when you participate in a Course through the Site for processing purposes, including but not limited to tracking attendance, progress, and completion of a Course. We may also share your Personally Identifiable Information and your performance in a given Course with the contributor or contributors who create the course, with teaching assistants or other individuals designated by the contributor or contributors to assist with the creation, modification or operation of the course, and with the institution or institutions with which they are affiliated. Also, we may archive this information and/or use it for future communications with you, where we are legally entitled to do so.
• - Identity Verification. For services that require identity verification, we use the Personally Identifiable Information that we collect for verifying your identity, and for authenticating that submissions made on the Site were made by you. This service may be provided through a third-party identity verification vendor. Your photo identification document will be deleted after successful verification of your profile information.
• - Communications with or from BitRead. When you send us an email message or otherwise contact us, we may use the information provided by you to respond to your communication and/or as described in this Privacy Policy. We may also archive this information and/or use it for future communications with you where we are legally entitled to do so. Where we send you emails, we may track the way that you interact with these emails (such as when you open an email or click on a link inside an email). We use this information for the purposes of optimizing and better tailoring our communications to you.
• - Communications with BitRead Business Partners. We may share your Personally Identifiable Information with business partners of BitRead so that BitRead business partners may share information about their products and services that may be of interest to you where they are legally entitled to do so.
• - Research. We may share general course data (including course or assignment submissions, grades, and comments/discussions), information about your activity on our Site, and demographic data from surveys operated by us with our business partners so that our business partners may use the data for research related to online education.
• - Government Authorities, Legal Rights and Actions. BitRead may share your Personally Identifiable Information with various government authorities in response to subpoenas, court orders, or other legal process; to establish or exercise our legal rights or to protect our property; to defend against legal claims; or as otherwise required by law. In such cases we reserve the right to raise or waive any legal objection or right available to us. We also may share your Personally Identifiable Information when we believe it is appropriate to investigate, prevent, or take action regarding illegal or suspected illegal activities; to protect and defend the rights, property, or safety of BitRead, the Site, our users, customers, or others; and in connection with our Terms of Use and other agreements.
• - Disclosure to Acquirers. BitRead may disclose and/or transfer your Personally Identifiable Information to an acquirer, assignee or other successor entity in connection with a sale, merger, or reorganization of all or substantially all of the equity, business or assets of BitRead to which your Personally Identifiable Information relates.

The lawfulness of processing (Art. 6 GDPR) stems from

the consent pursuant para. 1 subpara. a GDPR upon registration;
the necessity for the performance of contract fulfillment pursuant para 1 subpara. b GDPR, as your Data is needed for a satisfactory use of the Services; and/or
the necessity for the purposes of the legitimate interests pursued by the BitRead or by a third party.

For some tasks we use the help of service providers (e.g. tax advisors or analytics services) which we have chosen and instructed carefully, or other third parties. Some service providers are situated in the United States. Therefore, Data is transferred to third parties in third countries, all of which adhere to the EU-US privacy shield (see https://www.privacyshield.gov/welcome for more information): Auth0, Inc., 10900 NE 8th Street Suite 700, Bellevue, WA 98004, USA; Facebook, Inc., 1601 South California Avenue, Palo Alto, CA 94304, USA (“Facebook”); Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”); Yandex Oy Limited Company - Moreenikatu 6, 04600 Mantsala, Finland (“Yandex”); 2Checkout.com, Inc., 855 Grandview Avenue, Suite 110, Columbus, OH 43215, USA (“2CO” or “2Checkout”); and Bing, Microsoft - https://privacy.microsoft.com/en-us/privacystatement#maincookiessimilartechnologiesmodule.

External Links

For your convenience we may provide links to sites operated by organizations other than BitRead ("Third Party Sites") that we believe may be of interest to you. We do not disclose your Personally Identifiable Information to these Third Party Sites without obtaining your consent. We do not endorse and are not responsible for the privacy practices of these Third Party Sites. If you choose to click on a link to one of these Third Party Sites, you should review the privacy policy posted on the other site to understand how that Third Party Site collects and uses your Personally Identifiable Information.

Retention of Personally Identifiable Information

If you reside or are located in the EEA, we keep your Personally Identifiable Information for no longer than necessary for the purposes for which the Personally Identifiable Information is processed. The length of time we retain Personally Identifiable Information for depends on the purposes for which we collect and use it and/or as required to comply with applicable laws and to establish, exercise or defend our legal rights.

Confidentiality & Security of Personally Identifiable Information

We consider the confidentiality and security of your information to be of the utmost importance. We will use industry standard physical, technical and administrative security measures to keep your Personally Identifiable Information confidential and secure and will not share it with third parties, except as otherwise provided in this Privacy Policy, or unless such disclosure is necessary in special cases, such as a physical threat to you or others, as permitted by applicable law. Because the Internet is not a 100% secure environment we cannot guarantee the security of Personally Identifiable Information, and there is some risk that an unauthorized third party may find a way to circumvent our security systems or that transmission of your information over the Internet will be intercepted. It is your responsibility to protect the security of your login information. Please note that e-mails communications are typically not encrypted and should not be considered secure.

Updating or Deleting Your Personally Identifiable Information

You have certain rights in relation to your Personally Identifiable Information. You can access your Personally Identifiable Information and confirm that it remains correct and up-to-date or choose whether or not you wish to receive material from us or some of our partners by logging into the Site and visiting your user account page.

We store your Data as long as you are a registered user of the Services. Where we retain information for Service improvement and development during your membership, we take steps to eliminate information that directly identifies you and we only use the information to uncover collective insights about the use of our Services, not to specifically analyze personal details about you.

After you have deleted your account we only store Data if it is legally necessary (because of warranty, limitation or retention periods) or otherwise required.

Data will be deleted if you (a) revoke your consent to the storage (b) Data is not needed to fulfill the user contract concerning the Services anymore, or (c) the storage is or becomes legally impermissible. A deletion request does not affect Data, if the storage is legally necessary, for example for accounting purposes.

If you would like further information in relation to your rights or would like to exercise any of them, you may also contact us via [email protected] . If you reside or are located in the EEA, you have the right to request that we:

• - provide access to any Personally Identifiable Information we hold about you;
• - prevent the processing of your Personally Identifiable Information for direct-marketing purposes;
• - update any Personally Identifiable Information which is out of date or incorrect;
• - delete any Personally Identifiable Information which we are holding about you;
• - restrict the way that we process your Personally Identifiable Information;
• - provide your Personally Identifiable Information to a third party provider of services; or
• - provide you with a copy of any Personally Identifiable Information which we hold about you.

We try to answer every email promptly where possible, and provide our response within the time period stated by applicable law. Keep in mind, however, that there will be residual information that will remain within our databases, access logs and other records, which may or may not contain your Personally Identifiable Information. Please also note that certain Personally Identifiable Information may be exempt from such requests in certain circumstances, which may include if we need to keep processing your Personally Identifiable Information to comply with a legal obligation.

When you email us with a request, we may ask that you provide us with information necessary to confirm your identity.

Rights

You can revoke the consent for future data processing at any time. However, this does not affect the lawfulness of Data processing based on the consent before the revocation.

You have the right to obtain (i) confirmation as to whether or not your Data is being processed by us and, if so, (ii) more specific information on the Data. The more specific information concerns, among others, processing purposes, categories of Data, potential recipients or the duration of storage.

You have the right to obtain from us the rectification of inaccurate Data concerning you. In case the Data processed by us is not correct, we will rectify these without undue delay and inform you of this rectification.

Should you decide you do not want us to process your data any further, please contact us under our current contact details [email protected] . We will erase your Data immediately and inform you of this process. Should mandatory provisions of law prevent such erasure, we will inform you without undue delay thereof.

You have the right to (i) receive your Data in a structured, commonly used and machine-readable format and (ii) transmit those Data to another controller without hindrance from us.

You have the right to object at any time to the processing of Data based on our legitimate interests, including profiling and direct marketing purposes.

You have the right to lodge a complaint with a supervisory authority if you think that the processing of Data infringes applicable law, especially the GDPR.

Questions, Suggestions and Complaints

If you have any privacy-related questions, suggestions, unresolved problems, or complaints you may contact us via [email protected] .

If you reside or are located in the EEA, our Data Protection Officer and Privacy Team may assist with all queries regarding our processing of Personally Identifiable at [email protected] .

International Privacy Practices

BitRead’s Sites are primarily operated and managed on servers located and operated within the United States. In order to provide our products and services to you, we may send and store your Personally Identifiable Information (also commonly referred to as personal data) outside of the country where you reside or are located, including to the United States. Accordingly, if you reside or are located outside of the United States, your Personally Identifiable Information may be transferred outside of the country where you reside or are located, including to countries that may not or do not provide the same level of protection for your Personally Identifiable Information. We are committed to protecting the privacy and confidentiality of Personally Identifiable Information when it is transferred. If you reside or are located within the EEA and such transfers occur, we take appropriate steps to provide the same level of protection for the processing carried out in any such countries as you would have within the EEA to the extent feasible under applicable law. We participate in and commit to adhering to the EU-U.S. Privacy Shield Framework when transferring data from the EEA to the United States.

Changing Our Privacy Policy

Please note that we review our privacy practices from time to time, and that these practices are subject to change. Any change, update, or modification will be effective immediately upon posting on our Site. We will notify you of any material change to this Privacy Policy by posting a notice on our Site’s homepage for a reasonable period of time following such update, and by changing the effective date (located at the bottom of this page). Be sure to return to this page periodically to ensure familiarity with the most current version of this Privacy Policy.

No Information from Children Under 13

BitRead strongly believes in protecting the privacy of children. In line with this belief, we do not knowingly collect or maintain Personally Identifiable Information on our Site from persons under 13 years of age, and no part of our Site is directed to persons under 13 years of age. If you are under 13 years of age, then please do not use or access this Site at any time or in any manner. We will take appropriate steps to delete any Personally Identifiable Information of persons less than 13 years of age that has been collected on our Site without verified parental consent upon learning of the existence of such Personally Identifiable Information.

Contact

We are acting as the controller for the data processing within the meaning of the GDPR.

To understand more about the privacy policy, access your personal information, ask questions about our privacy practices, or issue a complaint, please contact our data protection officer within the meaning of the GDPR at [email protected] .