Privacy Policy
Last Updated: January 30, 2023

This Privacy Policy describes how Piazza Technologies, Inc., ("Piazza," "we," "us," or "our") collects, uses, discloses, and protects personal data. This Privacy Policy (the “Policy”) applies to information that we collect and use about you when you access or use the Piazza website, mobile application, or other online or mobile service that links to or otherwise presents this Policy to you. We refer to these products and services collectively as the "Services." It also applies to personal data we collect about you offline, such as when you communicate with us in person.

Under applicable law, Piazza is considered the "data controller" of the personal data we handle under this Policy. In other words, Piazza is responsible for deciding how to collect, use and disclose this data, subject to applicable law. Our contact information appears at the end of this Policy.

PLEASE READ THIS POLICY CAREFULLY TO UNDERSTAND HOW WE HANDLE YOUR INFORMATION. IF YOU DO NOT AGREE TO THIS POLICY, PLEASE DO NOT USE THE SERVICES.

This Privacy Policy contains the following sections:

The Information We Collect
How We Use Information Collected
How We Protect Your Information
Our Legal Bases for Use of Your Information
Online Analytics
When We Disclose Information
How Long We Keep Information
Your Choices
Cookies Notice
Children’s Privacy
Links to Other Websites and Services
Changes to this Policy
How to Contact Us
Privacy Information for California Residents
Privacy Information for Nevada Residents
Privacy Information for Virginia Residents
Notice to Residents of the European Economic Area and United Kingdom

The Information We Collect

We obtain information about you through the means discussed below when we provide the Services or otherwise interact with you. Please note that we need certain types of information to provide the Services to you. If you do not provide us with such information, or if you ask us to delete that information, you may no longer be able to access or use certain Services.

Information You Provide to Us

We collect information that you provide directly to us through:

The Services you use;
Requests or questions you submit to us via online forms, email, or otherwise;
Account registration and administration of your account;
Uploads or posts to the Services; and
Requests for customer support and technical assistance.

Information about you. Certain parts of the Services may not require you to provide any information that can directly identify you by name (such as if you browse the website without logging in). Others may require information that can directly identify you. The specific types of information we collect will depend upon the Services you use, how you use them, and the information you choose to provide.

The types of data we collect directly from you includes:

Registration Information: When you register for an account on the Services, we collect your name, email address, and password. We also collect the college or university name and specific course or group information from students and instructors to enroll (or for instructors to create) in a class or group on Services. We also collect company name, size, location and industry sector if you create an enterprise customer account.
Course Information: If you add a class or group, we collect general information you provide about that course and any addition information that you post, including announcements, syllabi, resources, homework assignments, lecture notes, and links.
User Profile Information: The Services offer you the option of providing additional information about yourself to create a profile ("Profile"), including but not limited to a photo, contact information, classes you have taken, major, degree, educational background, extra-curricular activities, work experience, resume, recruiting preferences such as company size, position, industry, and location, and diversity information you choose to provide such as gender or ethnic origin. Depending on your settings, this "Profile Information" may be viewable by companies or other Piazza users. Accordingly, you should not put sensitive or other information you would not want made available to others in your Profile.
Posts, Messages, Events, and other User-Generated Content: The Services allow you to post content and interact with other Piazza users. We collect any messages to other Piazza users (Messages), information about events you are hosting (Events) or other content you choose to post in the Services (User Content or UGC). For example, in Q&A you can submit questions and answers or share information for a course in which you participate. Using features of Careers, students and companies can send one another Messages.
User Requests: If you submit a question, information request, or support request to us via email or through the Services (Request), we receive the Request and your associated contact information.
Company Profile Information: If you are a Piazza enterprise customer, you provide us information to create a company profile (Company Profile) including, company name, contact information, company personnel names, company background, and career opportunity information.

Information about others. If you invite another person to join the Services, we collect their email address to send an invitation to use the Services and create an account. We may also collect (i) university and class or group information to invite students or instructors to enroll in that class or group on the Services or (ii) professional title and contact information if you are an enterprise customer inviting others in your enterprise to create company accounts.

Information We Collect from Others

We may collect information about you from other parties, including:

Student Contact and Course Information: Universities or instructors may provide us a list of students to invite to use the Services, in which case we collect students’ email addresses, and pertinent university and course or group information.
Enterprise User Contact Information: Enterprise customers may invite personnel to use the Services, in which case we collect such individuals’ email addresses.
Business Information: Other parties may provide us with business information about prospective customers. For example, we may receive information about university contacts. We may also receive information about recruiting contacts at businesses who may have interest in using Piazza Network.

Information We Collect Automatically

When you use our Services, we collect certain information automatically as described in this Section. As discussed further below, we and our service providers (which are third party companies that work on our behalf), may use a variety of technologies, including cookies and similar tools, to assist in collecting this information.

Websites. When you use our website, we collect and analyze information such as your IP address, browser types, browser language, operating system, the state or country from which you accessed the Services, software and hardware attributes (including device IDs) referring and exit pages and URLs, platform type, the number of clicks, files you download, domain names, landing pages, pages viewed and the order of those pages, the amount of time spent on particular pages, the terms you use in searches on our sites, the date and time you used the Services and upload or post content, error logs, and other similar information.

Mobile Applications and Software. When you use a Piazza mobile application or app, we automatically receive certain information about the mobile phone, tablet, or computer you use, including device identifiers, IP address, operating system, version, Internet service provider, browser type, domain name and other similar information, whether and when you update the app, date and time of use, and how you use the app, including time spent in different portions of the application.

Location Information. When you use the Services, we and our service providers may automatically collect general location information (e.g., general location inferred from an IP address, such as city/state and or postal code) from your computer or mobile device.

How We Use Information Collected

We use the information that we collect for a variety of purposes, including the following business and commercial purposes:

provide you with the Services;
communicate with you by:

responding to your Requests;
Sending you administrative messages and information, including but not limited to about Messages in your inbox, Events, replies or questions from instructors or students, changes to the Services, and updates to our Terms of Service, and this Policy;

send push notifications to your wireless device to provide updates and other relevant messages (you can manage push notifications from the "options" or "settings" page for the mobile app);
notify you in the Services about Events and that may be of interest to you;
notify enterprise customers in the Services and through email about new features and digests of activity;
enable users to communicate and interact;
manage and remember your preferences,
analyze and improve the Services;
as required or permitted by law;
as we determine to be necessary or required to ensure the safety and/or integrity of our users, employees, third parties, members of the public, and/or our Services;
help prevent fraud and enforce our legal terms;
provide you with the Services; and
administer and troubleshoot the Services.

We may also use your information for any other legally permitted purpose, with your consent.

Aggregate/Anonymous Data. We may aggregate and/or anonymize any information we collect so that such information can no longer be linked to you or your device. We may use and disclose such information for any purpose, including without limitation for research and marketing purposes.

How We Protect Your Information

Piazza implements technical, administrative, and physical safeguards to protect your information from loss, misuse, and unauthorized access, disclosure, alteration, or destruction. However, no Internet or email transmission is ever fully secure or error free.

Our Legal Bases for Use of Your Information

The laws of some jurisdictions such as the laws of the European Union require data controllers to tell you about the legal ground that they rely on for using, disclosing, or otherwise processing your information. To the extent those laws apply, our legal grounds are as follows:

Contractual Commitments: We may use, share, or disclose information to honor our contractual commitments to you. For example, to comply with our Terms of Service, which you accept by browsing or otherwise using our Services.
With Your Consent: Where required by law, and in some other cases, we use, share, or disclose information on the basis of your consent.
Legitimate Interests: In many cases, we use, disclose, or otherwise process information on the ground that it furthers our legitimate business interests in ways that are not overridden by the interests or fundamental rights and freedoms of the affected individuals, such as customer service, certain promotional activities, analyzing and improving our business, providing security for our Services, preventing fraud, and managing legal issues.
Legal Compliance: We need to use, disclose, or otherwise process information in certain ways to comply with our legal obligations.

Online Analytics

Analytics

We may use third-party web analytics services (such as those of Google Analytics) on our Services to collect and analyze usage information through cookies and similar tools; engage in auditing, research, or reporting; assist with fraud prevention; and provide certain features to you. To prevent Google Analytics from using your information for analytics, you may install the Google Analytics Opt-out Browser Add-on by clicking here.

If you receive email from us, we may use certain analytics tools, such as clear GIFs to capture data such as when you open our message or click on any links or banners our email contains. This data allows us to gauge the effectiveness of our communications.

Notice Concerning Do Not Track

Do Not Track (“DNT”) is a privacy preference that users can set in certain web browsers. We are committed to providing you with meaningful choices about the information collected on our website for third party purposes, and that is why we provide the variety of opt-out mechanisms listed above. However, we do not currently recognize or respond to browser-initiated DNT signals. To learn more about Do Not Track, you can do so here.

When We Disclose Information

We may disclose information in the following ways:

With Other Users: Certain features of our Services make it possible for you to disclose User Content, Profile Information, Company Profile, Messages, Events or other information to other users. You can control this through settings available in the Services, including by making UGC anonymous, hiding your Profile or limiting who can view your Profile. If you do not restrict others from viewing such information, that information is not confidential. We cannot control how others will use the information you make available to them. Please note, we may re-identify anonymous posts and share when we believe in good faith that doing so is necessary or appropriate for the limited purposes of protecting safety of our users or third parties. If you choose to make your information available to others, this constitutes a disclosure by you and not us.
With Your Affiliated Organization: For example, if you’re a professor using the Services made available to you by your university employer, your university may have access to certain information, including information regarding your usage of the Services. If you are a student using Q&A made available to you by a university, the university may have access to certain information in connection with the university making the Services available for your use. For example, we may re-identify anonymous posts to the university where required by our contractual obligations.
Vendors: We may provide access to or disclose your information to select vendors who perform services on our behalf. They have access to perform these services but are prohibited from using your information for other purposes. They provide a variety of services to us, including data storage, analytics, billing, marketing, product content and features, customer service, data storage, security, fraud prevention, and legal services.
Protection of Piazza and Others: We may disclose certain information if we believe in good faith that doing so is necessary or appropriate to (i) protect or defend the rights, safety, or property of Piazza or third parties, including to defend or enforce this Policy, our Terms of Service, or any other contractual arrangement or (ii) to respond to claims that content violates the rights of third parties; (iii) respond to your requests for customer service; and/or (iv) protect the rights, property or personal safety of Piazza, its agents and affiliates, its employees, users and/or the public.
Legal Requirements: We may disclose certain information if we believe in good faith that doing so is necessary or appropriate to comply with any law enforcement, legal, or regulatory process, such as to respond to a warrant, subpoena, court order, or other applicable laws and regulations.
With Your Consent / At Your Direction: We also may disclose your information with your consent or at your direction.
Business Transfer: We may disclose certain information, in connection with or during negotiations of any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company. If such transfer is subject to additional mandatory restrictions under applicable laws, we will comply with such restrictions.
Aggregate/Anonymous Information: From time to time, we may disclose Aggregate/Anonymous Information about use of the Services, such as by creating reports on usage trends. The disclosure of such data is unrestricted.

How Long We Keep Information

We generally retain personal data for so long as it may be relevant to the purposes above and in compliance with applicable law. To dispose of any personal data, we may anonymize it, delete it or take other appropriate steps. Personal data may persist in copies made for backup and business continuity purposes for an additional period of time.

Your Choices

You have certain rights and choices with respect to your personal data such as:

Profile Information, Notification Preferences & Settings: You may update or correct your Profile Information and notification preferences at any time by logging in to your account and going to your "Account/Email Settings" page. You may control who may view your Profile Information through the Services.
Marketing Communications: You can decline promotional communications at the point information is requested or, by following the unsubscribe instructions on communications sent to you. You can also contact us as described in the “How to Contact Us” section below.
Cookies & Analytics: You can opt out of certain cookie-related and analytics processing by following the instructions in our Cookies Notice below.
Your Legal Rights Under Local Law: Your local laws (e.g., laws of the E.U., United Kingdom, California, and Virginia) may permit you to make certain requests, which are outlined in the sections applicable to each jurisdiction below.

Cookies Notice

A cookie is a small text file stored by a website in a user’s web browser that helps us in many ways to make your use of the Services more efficient and meaningful to you. Among other things, cookies avoid you having to log in every time you come back to the Services. They also allow us to tailor the Service to better match your needs.

A session cookie is stored only in your computer’s working memory and only lasts for your browsing session. When you close all your browser’s windows, or when you shut down your computer, the session cookie disappears forever.

A persistent cookie remains on your computer after you close your browser so that it can be used by your browser on subsequent visits to the Services. Persistent cookies stay on your computer until either they expire or are overwritten with newer cookies, or you manually remove them. Most browsers can be configured not to accept cookies; however, this may prevent you from having access to some site functions or features.

How We Use Cookies

We use Cookies for the following purposes:

To provide and improve the Services;
For user authentication and enabling you to remain logged in;
To remember your preferences and settings;
For analytics and research, including to understand how you use the Services and which content users prefer;
To personalize the Services for you; and
To assist with security and administrative functions.

We do not use any advertising Cookies in our Services or place advertisements in our Services.

What are your choices about Cookies?

You can learn more about how Cookies work and how to turn them off in your particular browsers. Please remember that if you replace, change or upgrade your browser, or delete your Cookies, you may need to use these opt-out tools again. Additionally, if you turn your Cookies off, some features of our Services may not function properly.

For information about Cookies used by the developers of these browsers, please visit the “Help” section of your browser for more information (e.g., Internet Explorer; Google Chrome; Mozilla Firefox; or Apple Safari) or visit:

For controls specific to analytics services offered by Google, click here from each of your browsers. Although we do not place advertisements in our Services, for more information about advertising and how you can turn off certain advertisements in general, please visit youronlinechoices.com, youronlinechoices.com.au and youradchoices.com.

Children’s Privacy

The Services are intended for general audiences and not for children under the age of 13. If we become aware that we have inadvertently collected “personal information” (as defined by the United States Children’s Online Privacy Protection Act) from children under the age of 13, children under the age of 14 in Spain or South Korea, or from an EU resident under the age of 16 without parental consent, we will take reasonable steps to delete it as soon as possible. We also comply with other age restrictions and requirements in accordance with applicable local laws.

Links to Other Websites and Services

The Services contain links to third-party websites or services. We are not responsible for the content or practices of those websites or services. The collection, use, and disclosure of your information will be subject to the privacy policies of the third-party websites or services, and not this Privacy Policy. We urge you to read the privacy and security policies of these third-parties.

Changes to Our Privacy Policy

We may change this Policy to reflect changes in the law, our information practices or the features of the Services. At the top of this Policy, we will indicate the date of the most recent update. If we make a material change to the Policy, you will be provided with appropriate notice in accordance with legal requirements. By continuing to use the Services, you are confirming that you have read and understood the latest version of this Policy.

How to Contact Us

If you have any questions about this Policy or Piazza’s practices, please contact us at privacy@piazza.com. You can also reach us by writing to Piazza Technologies, Inc., Attention: Privacy, 555 Bryant St # 250, Palo Alto, CA 94301.

PRIVACY INFORMATION FOR CALIFORNIA RESIDENTS

The following information applies to California residents regarding “personal information” (as defined in the California Consumer Privacy Act (“CCPA”)). This information and the rights discussed below do not apply to information collected about employees, former employees, candidates, or independent contractors. In this section, where we use a term in “quotes,” we refer to the meaning of that term in the CCPA.

Categories of personal information we collect, use and disclose. Throughout this Policy, we discuss in detail the specific pieces of personal information and sensitive personal information we collect from you and other users (as described above) and discuss how we use and disclose such information.

We may collect the following categories of personal information about you:

Identifiers (such as name, email address);
Device identifiers (such as IP address);
Internet or other network or device activity (such as browsing history or app usage);
Professional and employment related information;
Education data;
Financial information (such as payment information for enterprise accounts);
General location data;
User-generated content;
Audio and visual information (such as when you call for customer support);
Physical characteristics or description (e.g., if you voluntarily submit a photo); and
Other information that identifies or can be reasonably associated with you.

We also collect “sensitive personal information,” as that term is defined in the CCPA. The categories of “sensitive personal information” we collect are account log-in and password or other credentials allowing access to your account. We may also collect sensitive personal information in UGC, such as when you voluntarily post information revealing your race, religion, sexual orientation, or martial status.

We process the categories of personal information identified above for the purposes described in the How We Use Your Information Collected section above.

We collect the categories of personal information identified above from the following sources: (1) directly from you; (2) through your use of the Services; and (3) other parties such as other users and universities.

We describe our information disclosure practices above in When We Disclose Information.

“Sale” and “sharing” of personal information. The CCPA sets forth certain obligations for businesses that “sell” or “share” personal information. We do not engage in such activity based on our understanding of the definitions of “sale” and “sharing” under the CCPA and current guidance, and have not engaged in such activity in the past twelve months. We do disclose information as outlined in this Policy, including with potential employers if you choose to participate in Piazza Network. Since we do not “sell” or “share” personal information, we also do not knowingly “sell” or “share” the personal information of children under 16.

California Privacy Rights

California residents can make certain requests about their personal information under the CCPA. Specifically, if you are a California resident, you may request that we:

provide you with information about: the categories of personal information we collect, disclose, “share,” or “sell” about you; the categories of sources of such information; the business or commercial purpose for collecting, “sharing,” or “selling” your personal information; and the categories of third parties to whom we disclose, “share,” or “sell” personal information. Such information is also set forth in this Privacy Policy.
provide access to and/or a copy of certain information we hold about you;
delete certain information we have about you;
correct inaccurate personal information that we maintain about you; and/or
provide you with information about the financial incentives that we offer to you, if any.

Please note that certain information may be exempt from such requests under applicable law. For example, we may retain certain information for legal compliance and to secure our Services. We may need certain information in order to provide the Services to you; if you ask us to delete it, you may no longer be able to use the Services.

The CCPA further provides you with the right to not be discriminated against (as provided for in applicable law) for exercising your rights under the CCPA.

If you would like information regarding your rights under applicable law or would like to exercise any of them, please click here to log into your account or contact us at ccpa@piazza.com or visit piazza.com/legal/form. To protect your privacy and security, we take reasonable steps to verify your identity and requests before granting such requests.

The CCPA also allows you to limit the use or disclosure of your “sensitive personal information” if your sensitive personal information is used for certain purposes. Please note that we do not use or disclose sensitive personal information other than for purposes for which you cannot opt out under the CCPA.

Retention of Your Personal Information. Please see the How Long We Keep Information section above.

Shine the Light Disclosure. The California “Shine the Light” law gives residents of California the right under certain circumstances to request information from us regarding the manner in which we disclose certain categories of personal information (as defined in the Shine the Light law) to third parties for their direct marketing purposes. We do not disclose your personal information to third parties for their own direct marketing purposes without your consent.

PRIVACY INFORMATION FOR NEVADA RESIDENTS

Under Nevada law, Nevada consumers who have purchased goods or services from us may opt out of the “sale” of “covered information” as such terms are defined under Nevada law. We do not engage in such activity; however, if you are a qualifying Nevada resident you may submit a request to opt out of any potential future sales under Nevada law by emailing privacy@piazza.com. Once verified, we will maintain your request in the event our practices change.

PRIVACY INFORMATION FOR VIRGINIA RESIDENTS

If you are a Virginia consumer (as that term is defined under the Virginia Consumer Data Protection Act (“VCDPA”)), you may have certain rights. Virginia law may permit you to request that we:

Confirm whether or not we are processing your personal information and provide you with access such personal information;
Correct inaccuracies in your personal information, taking into account the nature of the personal information and the purposes of the processing of the personal information;
Delete your personal information;
Provide you a copy of personal information that you previously provided to us in a portable and, to the extent technically feasible, readily usable format that allows you to transmit the data to another business, where our processing is carried out by automated means; and
Opt you out of the processing of the personal information for purposes of targeted advertising, the sale of personal information, or profiling in furtherance of decisions that produce legal or similarly significant effects concerning you.

Certain information may be exempt from such requests under applicable law. We need certain types of information so that we can provide the Services to you. If you ask us to delete it, you may no longer be able to access or use the Services.

If you would like to exercise any of these rights, please click here to log into your account or contact us at privacy@piazza.com or visit piazza.com/legal/form . You will be required to verify your identity before we fulfill your request. To do so, you will need to provide the information identified in the webform or as otherwise directed by us.

Piazza does not use your personal information to send you targeted advertising (as that term is defined in the VCDPA).

If we deny your request to exercise any of the rights above, you may appeal that denial by emailing us at privacy@piazza.com.

Notice to Residents of the European Economic Area and United Kingdom

The laws of the European Economic Area and United Kingdom permit you request that we:

provide access to and/or a copy of certain “personal data” (as defined in applicable law) we hold about you;
prevent the processing of your personal data for direct-marketing purposes; (including any direct marketing processing based on profiling)
update personal data which is out of date or incorrect;
delete certain personal data that we are holding about you;
restrict the way that we process and disclose certain of your personal data;
transfer your personal data to a third-party provider of services; and
revoke your consent for the processing of your personal data.

Please note, however, that certain personal data may be exempt from such requests in some circumstances, which may include needing to continue processing your personal data for our legitimate interests or to comply with a legal obligation. We may request you provide us with information necessary to confirm your identity before responding to your request.

To exercise any of these rights, please contact us as described in the “How to Contact Us” section above. In addition to those rights, you have the right to lodge a complaint with the relevant supervisory authority. However, we encourage you to contact us first, and we will do our very best to resolve your concern.

Our Services are operated in the United States. If you are located outside of the United States, please be aware that any personal data you provide to us may be transferred to and/or accessed within the United States. The recipients of information described in the relevant "When We DiscloseInformation" sections above may be located in the United States. This personal data may be subject to United States law, including laws that may require disclosure of personal data to government authorities.

European Union-United States and Swiss-United States Privacy Shield: Piazza has certified with the E.U.-U.S. and Swiss-U.S. Privacy Shield as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of “personal data” (as defined under the Privacy Shield principles) from applicable European countries. We have certified that we adhere to the Privacy Shield Principles of notice, choice, purpose limitation, onward transfer, security, data integrity, access, recourse, liability, and enforcement for such personal data. To learn more about the Privacy Shield Framework, visit the Department of Commerce’s Privacy Shield list by clicking here. We recognize that the Court of Justice of the European Union ruled in July 2020 that a certification under the EU-U.S. Privacy Shield Framework no longer can serve as the basis by which entities subject to the GDPR export personal data to jurisdictions outside the European Economic Area, and that the Swiss Data Protection Authority similarly held the Swiss-US Privacy Shield inadequate. We will continue to honor our obligation to comply with the Privacy Shield Principles with respect to data that was transferred pursuant to the EU-U.S. and Swiss-U.S. Privacy Shield Framework.

As required under the principles, when Piazza receives personal data under the Privacy Shield and then transfers it to a third-party service provider acting as an agent on our behalf, we have certain liability under the Privacy Shield if both (i) the agent processes the information in a manner inconsistent with the Privacy Shield; and (ii) Piazza is responsible for the event giving rise to the damage.

Some international users (including those whose information we collect under the Privacy Shield) of our Services have certain legal rights to access certain information we hold about them and to request its deletion. Please see the “Your Choices” section above for more information.

How to Contact Us for Non-U.S. Residents: If you are located outside the United States and have questions or concerns regarding this Policy or our practices, you may direct a complaint in writing to Piazza Technologies, Inc., Attention: Privacy, 555 Bryant St # 250, Palo Alto, CA 94301 or via email at privacy@piazza.com.

Dispute Resolution for European Economic Area, United Kingdom, and Swiss Residents: If you are a resident of the European Economic Area, United Kingdom, or Switzerland and are dissatisfied with the manner in which we have addressed your concerns for personal data covered by the Privacy Shield, you may seek further assistance, at no cost to you, from our designated Privacy Shield independent recourse mechanism, the JAMS Privacy Shield Program, which you can learn more about by visiting here. Residents of the European Economic Area, United Kingdom, or Switzerland may elect to arbitrate unresolved complaints but prior to initiating such arbitration, you must: (1) afford us the opportunity to resolve the issue; (2) seek assistance via Piazza’s recourse mechanism above; and (3) contact the U.S. Department of Commerce (either directly or through a European Data Protection Authority) and afford the Department of Commerce time to attempt to resolve the issue. Each party shall be responsible for its own attorney’s fees. Please be advised that, pursuant to the Privacy Shield, the arbitrator(s) may only impose individual-specific, non-monetary, equitable relief necessary to remedy any violation of the Privacy Shield Principles with respect to the individual. Piazza is subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission (FTC).

Privacy Policy Last Updated: January 30, 2023