Effective August 31, 2023

Lightspeed Systems has updated its Privacy Policy as follows:

• Cookies and Other Technologies:
  • Added a link to our Cookie Notice for additional details on how we handle cookies on our websites
• Added Supplemental Notice for Virginia Data Subjects and their rights under the Virginia Consumer Data Protection Act (“VCDPA”)
• International Data Transfers:
  • Added language detailing Lightspeed Systems’ affirmative commitment to comply with the new EU-U.S. Data Privacy Framework (DPF) and the UK Extension to the EU-U.S. Data Privacy Framework, which replaced Privacy Shield.
  • Added clarifying language to:
    • inform individuals about the possibility, under certain conditions, for the individual to invoke binding arbitration, following the procedures and subject to conditions set forth in Annex I of the DPF Principles
    • Inform individuals about Lightspeed Systems’ liability in cases of onward transfers to third parties
  • Dispute resolution: Updated alternative dispute resolution provider to BBB National Programs Dispute Resolution Process

At Lightspeed Systems, we care deeply about your privacy and are committed to being transparent about our privacy practices.

We encourage you to read the full Privacy Policy to get more detailed information of our data privacy practices.
Please feel free to contact us with any questions or concerns at [email protected]

Effective December 19th, 2022

Lightspeed Systems has updated its Privacy Policy as follows:

• Added California Privacy Rights Act (CPRA) language under the ‘California Privacy Rights’ section. CPRA is the new California law which amends and expands on the CCPA effective Jan 1, 2023.
• Added the following clarifying language (in italics) on how data is shared with 3^rd parties in the ‘Third Parties – How We May Share Your Data’ section:

Third Parties Supporting our Offerings: Agents and service providers (sub-processors) that act on our behalf to support our services, such as technology services (e.g. web hosting and analytics services), subject to confidentiality obligations set out in the executed contracts with the service providers.  We contractually prohibit our service providers from retaining, using, or disclosing information about you for any purpose other than performing the services for us. Please note that these providers have no access to sensitive student data – strict access controls are in place. Additional information about the sub-processors we use to support our service delivery can be found on our Security and Compliance page

• Added the following heading and the following language under the ‘Student Safety’ section”

COPPA and Children Under 13

• Students are not allowed to sign up for any Lightspeed Systems solutions.

• Added SDPC and Student Privacy Pledge as its own heading as follows:
  • We are a Student Data Privacy Consortium signatory, and have signed the Student Privacy Pledge
• Added the following language under the “Security: How We Store & Protect Your Information” section:
  • Users cannot communicate with untrusted users via our platforms. No personal information is displayed publicly.

Review the full Privacy Policy at: https://www.lightspeedsystems.com/privacy-policy/

Effective June 23rd, 2022

• Updated Lightspeed Systems physical address in the ‘Contacting Lightspeed Systems section to: 12013 Fitzhugh Rd, Austin, TX 78736, USA

Review the full Privacy Policy at: https://www.lightspeedsystems.com/privacy-policy/

Effective May 10th, 2022

Lightspeed Systems has updated its Privacy Policy as follows:

• Added the following language in the ‘California Privacy Rights’ section:

How and when we are expected to handle your request

We will confirm receipt of your verifiable request within 10 days and provide information about how we will process your request.

We will respond to your request within 45 days of its receipt. Should we need more time, we will explain to you the reasons why, and how much more time we need. Should we deny your request, we will explain to you the reasons behind our denial.

We do not charge a fee to process or respond to your verifiable request unless such request is manifestly unfounded or excessive. In such cases, we may charge a reasonable fee, or refuse to act on the request. In either case, we will communicate our choices and explain the reasons behind them.

• Added the following language under the ‘How to Contact Lightspeed Systems’ section:
  • We are a Student Data Privacy Consortium signatory

Review the full Privacy Policy at: https://www.lightspeedsystems.com/privacy-policy/

Effective June 4th, 2021

Lightspeed Systems has updated its privacy policy as follows:

• Added the following language under the ‘Applicability of This Privacy Policy’ section:
  • Please note that each School controls its instance of the Services and any associated data processed within that instance (“School Data”). If you have any questions about a School’s privacy practices, please contact the applicable School. For more information about who is the controller of data and under what circumstances, refer to the “Your Rights Regarding Your Data” section below.
• Added California Privacy Rights Act (CCPA) Notification under the ‘California Privacy Rights’ section.
  • Added the CCPA table detailing the categories of personal information collected by Lightspeed Systems and categories of 3^rd parties to whom information is shared/disclosed for business purpose
• Added ‘Supplemental Notice for Nevada Residents’
• Added the following language under the ‘Your Data: How We Collect and Use Information’ section:
  • Employee & Employment Applications:  Please see our Applicant & Employee Privacy Policy
• Added contact details for Lightspeed Systems EU and UK GDPR representatives under the ‘European Union and United Kingdom’ section, pursuant to the GDPR Article 27 requirements.

Effective December 18th, 2020

Lightspeed Systems has updated its privacy policy as follows:

• Added the following language under the ‘Security: How We Store and Protect Your Information’ section:
  • “For more detailed information on our data security practices, please visit our Trust page”

Review the full Privacy Policy at: https://www.lightspeedsystems.com/privacy-policy/

Effective July 28th, 2020

Lightspeed Systems has updated its privacy policy as follows:

• We updated Section 10 to address the invalidation of the Privacy Shield by the European Court of Justice.
• Effective April 13th, 2020
• Lightspeed Systems has updated its privacy policy as follows:
• We improved the format of our privacy policy to make it easier to find and understand the information relevant to you.
• We added Section 1 ‘Applicability of This Privacy Policy’ to describe what our policy applies to.
• We added Section 6 to address California Consumer Privacy (CCPA) rights
• We rearranged and inserted Section 8 to make it clear how long we retain your information
• We updated Section 9 – Data Retention: We removed “or within 90 days” to clarify analytics, reporting and logging data may be kept longer than 90 days to fulfil service agreements.
• We added Section 10 to address both European Union and United Kingdom
• We added Section 11 to address our Legal Basis of Processing Information
• We added the following language under the ‘How To Contact Lightspeed Systems’ section: We have signed the Student Privacy Pledge!

Review the full Privacy Policy at: https://www.lightspeedsystems.com/privacy-policy/

Effective July 10th, 2020

Lightspeed Systems has updated its privacy policy as follows:

• Added a link to our COPPA Notice under the ‘Student Safety’ as follows:
  • Please read Lightspeed’s COPPA Notice here

Effective November 2019

Lightspeed Systems has updated its privacy policy as follows.

• Added language to Section 1, Third Party Analytics to clarify we do NOT perform remarketing. “We do NOT use these for remarketing.”
• Added language to Section 5, Security to identify key security practices in place. “Practices:

We have in place and maintain procedures and practices to ensure data security. These include a Data Governance Team, Security Policy, Privacy Inquiry Policy, Incident Response Plan, Privacy/Security by Design, Vendor Assessments, Security Assessments and regular specific Security Training.”

Please be aware, that despite our efforts, no security measures are perfect or impenetrable. We have implemented best practices to protect both your and our data however we do not warrant or guarantee these measures are perfect.

If we learn of a security breach, we will notify you according to our Incident Response Plan or according to Data Processing/Sharing Agreements in place. Depending on where you live, you may have a legal right to receive a notice of a security breach in writing.

Review the full Privacy Policy at: https://www.lightspeedsystems.com/privacy-policy/

Effective March 2019

Lightspeed Systems has updated its privacy policy as follows.

To address the withdrawal of the United Kingdom from the European Union (Brexit) we have updated our Framework Compliance to include the United Kingdom.  The wording in Bold have been added.

Framework Compliance: Lightspeed Systems, Inc. complies with the EU-U.S. Privacy Shield Framework (Privacy Shield) as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union and the United Kingdom, to the United States in reliance on Privacy Shield.  Lightspeed Systems, Inc. has certified to the Department of Commerce that it adheres to the Privacy Shield Principles with respect to such information.  If there is any conflict between the terms in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern.  To learn more about the Privacy Shield program, and to view our certification, please visit https://www.privacyshield.gov/.

Review the full Privacy Policy at: https://www.lightspeedsystems.com/privacy-policy/

Effective April 2018

Lightspeed Systems has updated its privacy policy as follows.

Terms of Use Updated “terms and conditions” to “terms of use”. This eliminates confusion and matches the document name. We also added a hyperlink to the terms of use document to make it easier to find.

Review the full Privacy Policy at: https://www.lightspeedsystems.com/privacy-policy/

Effective September 2017

Lightspeed Systems has updated its privacy policy as follows.

Employment Applications

In connection with a job application or inquiry, we may collect data about you, including your educational background, résumé or curriculum vitae, and other information, including your ethnicity or criminal background information where required or permitted by law. We may use this information throughout Lightspeed Systems for the purpose of employment consideration. We will keep the information for future consideration unless you direct us not to do so.

Data Controller

By providing Lightspeed Systems, Inc. information via our website, Tradeshow, Lightspeed event, Partner event, e-mails, phone calls, chat or support cases, and maintained in our systems, you authorize Lightspeed Systems, Inc. to serve as the Data Controller.

Data Processor

By licensing to use Lightspeed Systems, Inc. services, you authorize Lightspeed Systems, Inc. to serve as the Data Processor for the licensed services.

Further, Lightspeed Systems, Inc. recognizes its potential liability when onward transferring EU individuals’ data received pursuant to the EU-US Privacy Shield.  An individual has the ability, under certain conditions, to invoke binding arbitration for complaints regarding Privacy Shield compliance not resolved by any of the other Privacy Shield mechanisms.  Please refer to Annex I of the Privacy Shield for additional information.

Adult users of Lightspeed Systems, Inc. Services should contact their educational institution or other organization providing the Service about access requests to be forgotten, electronic copies of data, requests for data deletion, and/or data depersonalization.

User-data retention

Following termination or deactivation of a School account, Lightspeed Systems, Inc. may retain profile information and content for a commercially reasonable time for backup, archival, or audit purposes, but all Student Data associated with the School will be deleted in accordance with Lightspeed Systems, Inc. Data Deletion policy, or in accordance with active DPA, DSA or SLA, or within 90 days.

Data Portability

License holders of Lightspeed Systems, Inc. products may request in writing that the data they provided be returned to them in electronic format.  Within a reasonable time Lightspeed Systems, Inc. will return the data provided by the license holder for the products they have licensed.

Individuals who provided information via our websites, Tradeshow, Lightspeed event, Partner event, e-mail or phone call may request in writing that the data they provided be returned to them in electronic format. Within a reasonable time Lightspeed Systems, Inc. will return the data provided.

For Data, we collect from visitors of our websites

Account information and settings: Adult users and visitors of the Lightspeed Systems, Inc. website have a right to access the data collected and used by Lightspeed Systems, Inc. To make requests to access or change account information, be forgotten, electronic copies of data, data deletion, and/or data depersonalization, please contact us via the contact information below. Users and visitors may opt out of receiving future promotional electronic mailings from Lightspeed Systems, Inc. by following the unsubscribe procedures indicated in the mailing.

Children’s data: Lightspeed Systems, Inc. does not knowingly solicit or attempt to collect information from children via its websites. We ask that anyone under the age of 13 not use our websites or submit information to us. Please contact us via the contact information below if you have any questions, concerns, need to access, change, or delete the Personal Information that has been submitted by a child.

User-data retention: Lightspeed Systems, Inc. may retain profile information and content for a commercially reasonable time. We may maintain anonymized or aggregated data, including usage data, for analytics purposes. If you have any questions about data retention or deletion, please contact us via the contact information below.

You also have a right to raise any data protection-related concerns with the supervisory data protection authority in your jurisdiction.

Review the full Privacy Policy at: https://www.lightspeedsystems.com/privacy-policy/