This Privacy Policy describes how Piazza Technologies, Inc., ("Piazza," "we," "us," or "our") collects, uses, discloses, and protects personal data. This Privacy Policy (the “Policy”) applies to information that we collect and use about you when you access or use the Piazza website, mobile application, or other online or mobile service that links to or otherwise presents this Policy to you. We refer to these products and services collectively as the "Services." It also applies to personal data we collect about you offline, such as when you communicate with us in person.
Under applicable law, Piazza is considered the "data controller" of the personal data we handle under this Policy. In other words, Piazza is responsible for deciding how to collect, use and disclose this data, subject to applicable law. Our contact information appears at the end of this Policy.
PLEASE READ THIS POLICY CAREFULLY TO UNDERSTAND HOW WE HANDLE YOUR INFORMATION. IF YOU DO NOT AGREE TO THIS POLICY, PLEASE DO NOT USE THE SERVICES.
This Privacy Policy contains the following sections:
We obtain information about you through the means discussed below when we provide the Services or otherwise interact with you. Please note that we need certain types of information to provide the Services to you. If you do not provide us with such information, or if you ask us to delete that information, you may no longer be able to access or use certain Services.
We collect information that you provide directly to us through:
Information about you. Certain parts of the Services may not require you to provide any information that can directly identify you by name (such as if you browse the website without logging in). Others may require information that can directly identify you. The specific types of information we collect will depend upon the Services you use, how you use them, and the information you choose to provide.
The types of data we collect directly from you includes:
Information about others. If you invite another person to join the Services, we collect their email address to send an invitation to use the Services and create an account. We may also collect (i) university and class or group information to invite students or instructors to enroll in that class or group on the Services or (ii) professional title and contact information if you are an enterprise customer inviting others in your enterprise to create company accounts.
We may collect information about you from other parties, including:
When you use our Services, we collect certain information automatically as described in this Section. As discussed further below, we and our service providers (which are third party companies that work on our behalf), may use a variety of technologies, including cookies and similar tools, to assist in collecting this information.
Websites. When you use our website, we collect and analyze information such as your IP address, browser types, browser language, operating system, the state or country from which you accessed the Services, software and hardware attributes (including device IDs) referring and exit pages and URLs, platform type, the number of clicks, files you download, domain names, landing pages, pages viewed and the order of those pages, the amount of time spent on particular pages, the terms you use in searches on our sites, the date and time you used the Services and upload or post content, error logs, and other similar information.
Mobile Applications and Software. When you use a Piazza mobile application or app, we automatically receive certain information about the mobile phone, tablet, or computer you use, including device identifiers, IP address, operating system, version, Internet service provider, browser type, domain name and other similar information, whether and when you update the app, date and time of use, and how you use the app, including time spent in different portions of the application.
Location Information. When you use the Services, we and our service providers may automatically collect general location information (e.g., general location inferred from an IP address, such as city/state and or postal code) from your computer or mobile device.
We use the information that we collect for a variety of purposes, including the following business and commercial purposes:
We may also use your information for any other legally permitted purpose, with your consent.
Aggregate/Anonymous Data. We may aggregate and/or anonymize any information we collect so that such information can no longer be linked to you or your device. We may use and disclose such information for any purpose, including without limitation for research and marketing purposes.
Piazza implements technical, administrative, and physical safeguards to protect your information from loss, misuse, and unauthorized access, disclosure, alteration, or destruction. However, no Internet or email transmission is ever fully secure or error free.
The laws of some jurisdictions such as the laws of the European Union require data controllers to tell you about the legal ground that they rely on for using, disclosing, or otherwise processing your information. To the extent those laws apply, our legal grounds are as follows:
We may use third-party web analytics services (such as those of Google Analytics) on our Services to collect and analyze usage information through cookies and similar tools; engage in auditing, research, or reporting; assist with fraud prevention; and provide certain features to you. To prevent Google Analytics from using your information for analytics, you may install the Google Analytics Opt-out Browser Add-on by clicking here.
If you receive email from us, we may use certain analytics tools, such as clear GIFs to capture data such as when you open our message or click on any links or banners our email contains. This data allows us to gauge the effectiveness of our communications.
Do Not Track (“DNT”) is a privacy preference that users can set in certain web browsers. We are committed to providing you with meaningful choices about the information collected on our website for third party purposes, and that is why we provide the variety of opt-out mechanisms listed above. However, we do not currently recognize or respond to browser-initiated DNT signals. To learn more about Do Not Track, you can do so here.
We may disclose information in the following ways:
We generally retain personal data for so long as it may be relevant to the purposes above and in compliance with applicable law. To dispose of any personal data, we may anonymize it, delete it or take other appropriate steps. Personal data may persist in copies made for backup and business continuity purposes for an additional period of time.
You have certain rights and choices with respect to your personal data such as:
A cookie is a small text file stored by a website in a user’s web browser that helps us in many ways to make your use of the Services more efficient and meaningful to you. Among other things, cookies avoid you having to log in every time you come back to the Services. They also allow us to tailor the Service to better match your needs.
A session cookie is stored only in your computer’s working memory and only lasts for your browsing session. When you close all your browser’s windows, or when you shut down your computer, the session cookie disappears forever.
A persistent cookie remains on your computer after you close your browser so that it can be used by your browser on subsequent visits to the Services. Persistent cookies stay on your computer until either they expire or are overwritten with newer cookies, or you manually remove them. Most browsers can be configured not to accept cookies; however, this may prevent you from having access to some site functions or features.
How We Use Cookies
We use Cookies for the following purposes:
We do not use any advertising Cookies in our Services or place advertisements in our Services.
What are your choices about Cookies?
You can learn more about how Cookies work and how to turn them off in your particular browsers. Please remember that if you replace, change or upgrade your browser, or delete your Cookies, you may need to use these opt-out tools again. Additionally, if you turn your Cookies off, some features of our Services may not function properly.
For information about Cookies used by the developers of these browsers, please visit the “Help” section of your browser for more information (e.g., Internet Explorer; Google Chrome; Mozilla Firefox; or Apple Safari) or visit:
For controls specific to analytics services offered by Google, click here from each of your browsers. Although we do not place advertisements in our Services, for more information about advertising and how you can turn off certain advertisements in general, please visit youronlinechoices.com, youronlinechoices.com.au and youradchoices.com.
The Services are intended for general audiences and not for children under the age of 13. If we become aware that we have inadvertently collected “personal information” (as defined by the United States Children’s Online Privacy Protection Act) from children under the age of 13, children under the age of 14 in Spain or South Korea, or from an EU resident under the age of 16 without parental consent, we will take reasonable steps to delete it as soon as possible. We also comply with other age restrictions and requirements in accordance with applicable local laws.
The Services contain links to third-party websites or services. We are not responsible for the content or practices of those websites or services. The collection, use, and disclosure of your information will be subject to the privacy policies of the third-party websites or services, and not this Privacy Policy. We urge you to read the privacy and security policies of these third-parties.
We may change this Policy to reflect changes in the law, our information practices or the features of the Services. At the top of this Policy, we will indicate the date of the most recent update. If we make a material change to the Policy, you will be provided with appropriate notice in accordance with legal requirements. By continuing to use the Services, you are confirming that you have read and understood the latest version of this Policy.
If you have any questions about this Policy or Piazza’s practices, please contact us at privacy@piazza.com. You can also reach us by writing to Piazza Technologies, Inc., Attention: Privacy, 555 Bryant St # 250, Palo Alto, CA 94301.
The following information applies to California residents regarding “personal information” (as defined in the California Consumer Privacy Act (“CCPA”)). This information and the rights discussed below do not apply to information collected about employees, former employees, candidates, or independent contractors. In this section, where we use a term in “quotes,” we refer to the meaning of that term in the CCPA.
Categories of personal information we collect, use and disclose. Throughout this Policy, we discuss in detail the specific pieces of personal information and sensitive personal information we collect from you and other users (as described above) and discuss how we use and disclose such information.
We may collect the following categories of personal information about you:
We also collect “sensitive personal information,” as that term is defined in the CCPA. The categories of “sensitive personal information” we collect are account log-in and password or other credentials allowing access to your account. We may also collect sensitive personal information in UGC, such as when you voluntarily post information revealing your race, religion, sexual orientation, or martial status.
We process the categories of personal information identified above for the purposes described in the How We Use Your Information Collected section above.
We collect the categories of personal information identified above from the following sources: (1) directly from you; (2) through your use of the Services; and (3) other parties such as other users and universities.
We describe our information disclosure practices above in When We Disclose Information.
“Sale” and “sharing” of personal information. The CCPA sets forth certain obligations for businesses that “sell” or “share” personal information. We do not engage in such activity based on our understanding of the definitions of “sale” and “sharing” under the CCPA and current guidance, and have not engaged in such activity in the past twelve months. We do disclose information as outlined in this Policy, including with potential employers if you choose to participate in Piazza Network. Since we do not “sell” or “share” personal information, we also do not knowingly “sell” or “share” the personal information of children under 16.
California residents can make certain requests about their personal information under the CCPA. Specifically, if you are a California resident, you may request that we:
Please note that certain information may be exempt from such requests under applicable law. For example, we may retain certain information for legal compliance and to secure our Services. We may need certain information in order to provide the Services to you; if you ask us to delete it, you may no longer be able to use the Services.
The CCPA further provides you with the right to not be discriminated against (as provided for in applicable law) for exercising your rights under the CCPA.
If you would like information regarding your rights under applicable law or would like to exercise any of them, please click here to log into your account or contact us at ccpa@piazza.com or visit piazza.com/legal/form. To protect your privacy and security, we take reasonable steps to verify your identity and requests before granting such requests.
The CCPA also allows you to limit the use or disclosure of your “sensitive personal information” if your sensitive personal information is used for certain purposes. Please note that we do not use or disclose sensitive personal information other than for purposes for which you cannot opt out under the CCPA.
Retention of Your Personal Information. Please see the How Long We Keep Information section above.
Shine the Light Disclosure. The California “Shine the Light” law gives residents of California the right under certain circumstances to request information from us regarding the manner in which we disclose certain categories of personal information (as defined in the Shine the Light law) to third parties for their direct marketing purposes. We do not disclose your personal information to third parties for their own direct marketing purposes without your consent.
Under Nevada law, Nevada consumers who have purchased goods or services from us may opt out of the “sale” of “covered information” as such terms are defined under Nevada law. We do not engage in such activity; however, if you are a qualifying Nevada resident you may submit a request to opt out of any potential future sales under Nevada law by emailing privacy@piazza.com. Once verified, we will maintain your request in the event our practices change.
If you are a Virginia consumer (as that term is defined under the Virginia Consumer Data Protection Act (“VCDPA”)), you may have certain rights. Virginia law may permit you to request that we:
Certain information may be exempt from such requests under applicable law. We need certain types of information so that we can provide the Services to you. If you ask us to delete it, you may no longer be able to access or use the Services.
If you would like to exercise any of these rights, please click here to log into your account or contact us at privacy@piazza.com or visit piazza.com/legal/form . You will be required to verify your identity before we fulfill your request. To do so, you will need to provide the information identified in the webform or as otherwise directed by us.
Piazza does not use your personal information to send you targeted advertising (as that term is defined in the VCDPA).
If we deny your request to exercise any of the rights above, you may appeal that denial by emailing us at privacy@piazza.com.
The laws of the European Economic Area and United Kingdom permit you request that we:
Please note, however, that certain personal data may be exempt from such requests in some circumstances, which may include needing to continue processing your personal data for our legitimate interests or to comply with a legal obligation. We may request you provide us with information necessary to confirm your identity before responding to your request.
To exercise any of these rights, please contact us as described in the “How to Contact Us” section above. In addition to those rights, you have the right to lodge a complaint with the relevant supervisory authority. However, we encourage you to contact us first, and we will do our very best to resolve your concern.
Our Services are operated in the United States. If you are located outside of the United States, please be aware that any personal data you provide to us may be transferred to and/or accessed within the United States. The recipients of information described in the relevant "When We DiscloseInformation" sections above may be located in the United States. This personal data may be subject to United States law, including laws that may require disclosure of personal data to government authorities.
European Union-United States and Swiss-United States Privacy Shield: Piazza has certified with the E.U.-U.S. and Swiss-U.S. Privacy Shield as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of “personal data” (as defined under the Privacy Shield principles) from applicable European countries. We have certified that we adhere to the Privacy Shield Principles of notice, choice, purpose limitation, onward transfer, security, data integrity, access, recourse, liability, and enforcement for such personal data. To learn more about the Privacy Shield Framework, visit the Department of Commerce’s Privacy Shield list by clicking here. We recognize that the Court of Justice of the European Union ruled in July 2020 that a certification under the EU-U.S. Privacy Shield Framework no longer can serve as the basis by which entities subject to the GDPR export personal data to jurisdictions outside the European Economic Area, and that the Swiss Data Protection Authority similarly held the Swiss-US Privacy Shield inadequate. We will continue to honor our obligation to comply with the Privacy Shield Principles with respect to data that was transferred pursuant to the EU-U.S. and Swiss-U.S. Privacy Shield Framework.
As required under the principles, when Piazza receives personal data under the Privacy Shield and then transfers it to a third-party service provider acting as an agent on our behalf, we have certain liability under the Privacy Shield if both (i) the agent processes the information in a manner inconsistent with the Privacy Shield; and (ii) Piazza is responsible for the event giving rise to the damage.
Some international users (including those whose information we collect under the Privacy Shield) of our Services have certain legal rights to access certain information we hold about them and to request its deletion. Please see the “Your Choices” section above for more information.
How to Contact Us for Non-U.S. Residents: If you are located outside the United States and have questions or concerns regarding this Policy or our practices, you may direct a complaint in writing to Piazza Technologies, Inc., Attention: Privacy, 555 Bryant St # 250, Palo Alto, CA 94301 or via email at privacy@piazza.com.
Dispute Resolution for European Economic Area, United Kingdom, and Swiss Residents: If you are a resident of the European Economic Area, United Kingdom, or Switzerland and are dissatisfied with the manner in which we have addressed your concerns for personal data covered by the Privacy Shield, you may seek further assistance, at no cost to you, from our designated Privacy Shield independent recourse mechanism, the JAMS Privacy Shield Program, which you can learn more about by visiting here. Residents of the European Economic Area, United Kingdom, or Switzerland may elect to arbitrate unresolved complaints but prior to initiating such arbitration, you must: (1) afford us the opportunity to resolve the issue; (2) seek assistance via Piazza’s recourse mechanism above; and (3) contact the U.S. Department of Commerce (either directly or through a European Data Protection Authority) and afford the Department of Commerce time to attempt to resolve the issue. Each party shall be responsible for its own attorney’s fees. Please be advised that, pursuant to the Privacy Shield, the arbitrator(s) may only impose individual-specific, non-monetary, equitable relief necessary to remedy any violation of the Privacy Shield Principles with respect to the individual. Piazza is subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission (FTC).