NexLearn LLC and its group companies, within the Learning Technologies Group (“we” or “us”) are committed to protecting and respecting your privacy and want you to know how we handle the information we receive via our website and through our online services.
This policy sets out the basis on which any personal data we collect from you, or that you provide to us, either through our websites www.nexlearn.com, www.drivesafeonline.org, www.simwriter.com, www.careermap.com, www.drivesafela.com, www.Drivesafeonline.us, (“our sites”), our course content, custom development services, software technology licenses, instructional design consulting (collectively “our Services”), or as otherwise indicated to you by us, will be processed by us. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it. For the avoidance of doubt, our Services are subject to their Terms of service, as referenced below.
We are responsible for the operation of our sites and our Services. Our corporate details are: NexLearn LLC, 100 S Main St., Wichita, Kansas 67202, United States, Tel. +1 316-265-2170.
Information we may collect from you:
We collect and/or process the personal data of different categories of people across our sites and Services. The categories are:
· Administrator – a person who is using our sites and who may fill out administrative forms, input data, create accounts for others, and have access to data and reports for others at our sites
· User – a person who uses our Services as our customer to create or manage content
· Student – a person who takes a course or courses through the services and software we provide on our sites
If you are an administrator, we will only collect the information that you provide to us by filling in forms on our sites, providing us with your contact details, or by corresponding with us by phone, email, or otherwise. We maintain records of our correspondence for such period of time as we believe is reasonably required, except where you tell us otherwise.
When you register for an account for one of our Services, we will collect relevant information to set up your account, such as your name, company name, phone number, driver license number, address, and email address to be able to provide the Services. Users who pay for services or courseware are normally required to enter their credit card number. Further details on our payment intermediary are detailed later in this policy.
We also collect user data on the web pages and application functionality that you access or visit as part of the Courses or Services to the extent required for the proper operation and functioning of the Services. This data is collected to deliver and improve Services and includes eLearning content tracking data generated by Administrators, Users, or Students, as described below. The Services may also be directly accessed through other websites. Personal information that you provide or submit to those sites may be sent to the us in order to allow us to deliver the Courseware or Services. We process such information under this Policy.
When you take a course within one of our Services we will collect relevant information to set up your account, generally limited to your name, company name, phone number, driver license number, address, and email address and other information used to provide the Services.
Where the course you take has tracking enabled (which is the normal state), we will also collect data such as your quiz scores, the time you spent in training and other data related to your training performance. We will not use this information for our own purposes, but the you and the account owner have access to this data for your, or his or her own purposes and determines and controls how such information is used. State or Federal regulatory or legal officials may require us to pass information about your performance in any course that you purchase and we will do so when required for your benefit.
Where you require information on what information of yours is collected by account owners and customers of ours for whom you may work, and for what purposes such data is used and processed, please contact the relevant account owner and customer of our Services.
Cookies used on our sites
Our sites may use session and persistent cookies. The cookies placed by our server are readable only by us, and cookies cannot access, read or modify any other data on your computer. We may use web beacons alone or in conjunction with cookies to compile information about your usage of our sites and interaction with emails from us. For example, we may place web beacons in marketing emails that notify us when you click on a link in the email that directs you to our sites, in order to improve our sites and email communications.
Our sites and the Services may contain links to other websites including share and/or “like” buttons. These other websites, services and applications may set their own cookies on users’ computers, collect data or solicit personal information. You should refer to their cookie and privacy policies to understand how your information may be collected and/or used.
We use preference cookies to collect information about your choices and preferences, and to allow us to remember preferred settings and customize our sites accordingly.
We also use analytics cookies to collect information about your use of our site, and to enable us to improve the way our site works. For example, analytics cookies show us which are the most frequently visited pages on our site, help us record any difficulties you have with our site, and show us whether our advertising is effective or not. This allows us to see the overall patterns of usage on our site, rather than the usage of a single person. We use the information to analyse the site traffic, but we do not use information to identify individuals.
We use Remarketing with Google Analytics to advertise online. Third party vendors, including Google, may show our ads on sites across the internet.
We, and third party vendors, including Google, use first-party cookies (such as the Google Analytics cookie) and third-party cookies (such as the DoubleClick cookie) together to inform, optimize, and serve ads based on someone’s past visits to our website. Remarketing cookies used by us expire after 30 days. To opt out of Remarketing or to control your ad preferences, please click here.
Most web browsers have a “help” menu where you can review how to prevent your browser from accepting new cookies, how to have your browser alert you when you receive a new cookie or how to fully disable cookies on your browser. You can learn more about cookies at sites like www.aboutcookies.org. If you use your browser settings to block all cookies, you may not be able to access all or parts of our site.
Below are a list of cookies we use on our sites:
Provider Name Type Expiration Purpose Description Third-party opt-out
Analytics _ga, _gat, _gid, AMP_TOKEN, _gac_, 1P_JAR, CONSENT, NID, other possible cookies named here Session and Persistent End of Session – 20 years Analytical Used for the purpose of analytical tracking of behavior on the website. Not use to collect, store or Google opt-out
process personal data.
HotJar All possible cookies named here Session and Persistent End of Session – 1 year Analytical Used for the purpose of analytical tracking of behavior on the website. Not use to collect, store or process personal data. HotJar opt-out
LinkedIn Bcookie, bscookie, BizoData, BizoID, BizoUserMatchHistory, other possible cookies named here Session and Persistent End of Session – 3 years Analytical & Marketing Used for the purpose of integrating social media features on the website and for tailored advertising.
Twitter Guest_id, Personalization_id, other possible cookies named here Session and Persistent End of Session – 2 years Analytical & Marketing Used for the purpose of integrating social media features on the website and for tailored advertising.
Pardot dtCookie, lpv271292, pardot, Visitor_id271292, other possible cookies named here Session and Persistent End of Session – 10 years Analytical & Marketing Used for the purpose of marketing automation including forms, landing pages, analytics tracking, social media integration and tailored advertising.
DoubleClick IDE, test_cookie, other cookies named here Session and Persistent End of Session – 1 year Marketing Tailored advertising Google opt-out
Cookies used in our Services
We also collect user data on the application functionality that you access as part of the Services to the extent required for the proper operation and functioning of the Services. This data is collected to deliver and improve Services and includes eLearning content tracking data generated by learners, as described above. Our Services are governed by our Terms of service, as specified below.
Below are a list of cookies we use for SCORM Cloud:
Provider Name Type Expiration Purpose Description Third-party opt-out
Analytics _ga, _gat, _gid, AMP_TOKEN, _gac_, 1P_JAR, CONSENT, NID, other possible cookies named here Session and Persistent End of Session – 20 years Analytical Used for the purpose of analytical tracking of behavior on the website. Not use to collect, store or process personal data. Google opt-out
Pardot dtCookie, lpv271292, pardot, Visitor_id271292, other possible cookies named here Session and Persistent End of Session – 10 years Analytical & Marketing Used to identify users that sign up for the SCORM Cloud after visiting our sites.
Cloud JSESSIONID, SC_SESSION, ContentAuth Session and Persistent Never Session Management Used to track a user’s application specific usage, allow access to course content, and keep the user logged into the application. The ContentAuth cookie is the only cookie stored for learners that only access content via API launches or Dispatch launches.
We understand that the security of any data we collect as part of you visiting our site and/or using our Services is of great importance to you. We therefore make sure it is well protected.
Although we own the code, databases and all rights to our software applications, you retain all rights to your data. We maintain reasonable and appropriate security measures to protect your information from loss, destruction, misuse, unauthorized access and/or disclosure. These measures help ensure that your data is safe, secure, and only available to you and to those you provided authorized access. However, no data transmission over the internet or information storage technology can be 100% secure. Although we will do our utmost to protect your personal data, we cannot guarantee the complete security of your data transmitted to our site or otherwise gathered by us; any transmission and supply of personal data to us is therefore at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorized access.
We only make use of third parties where this is necessary for us to make our site available and offer our Services. We only work with third parties that warrant the implementation of appropriate security measures and practices to protect your data.
We use third party vendors and hosting partners to provide the necessary hardware, software, networking, storage and other technology and services required to operate and maintain our site and the Services. As part of this we may be required to transfer (some of) your personal information to these vendors and partners.
We use Amazon Web Services (“AWS”) and Microsoft Azure as our hosting providers in hosting our Services. All NexLearn data is processed in the AWS US-east-1 region or The North Carolina Server Facility in the case of Microsoft Azure, all in the United States. We have executed and implemented the AWS and Microsoft standard data processing addendum, which also includes the requirements stated in Art. 28 of the EU General Data Protection Regulation (“GDPR”). We use WP Engine as our hosting provider for our sites.
The personal information that we collect from you as part of our marketing efforts, including via our sites, is input directly into our CRM database, which is hosted and supported in the United States, and our Other databases for specific Courses, which is hosted and supported in the United States
Other third party vendors we use as part of our Services are currently Redmine (our customer support portal; www.nexlearn.com/redmine), SendGrid (www.sendgrid.com), Basecamp (www.basecamp.com), SageIntacct (www.sageintacct.com), Logz (www.logz.io), as well as the online payment related vendors specified below.
Except as described in this policy, we will not share, give, sell, rent or loan any personal information to any third party, unless:
· It is necessary to share information in order to investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, violations of Terms of Service of the specific Service, or as otherwise required by law
· We are required to do so by relevant laws or regulations; and/or
· You have otherwise specifically authorized us to do so by opting in to our Safe Driving Discount Group
Our sites may, from time to time, contain links to and from the websites of our group companies, partner networks, clients, and/or affiliates. If you follow a link to any of these websites, please note that these websites are subject to their own privacy policies and that we do not accept any responsibility or liability for these sites and policies. Please check those policies before you submit any personal data to these websites.
Uses made of the information
We use your information for the following general purposes:
· Sites and Services provisioning
· Billing, user identification and authentication
· To provide you with information about services via email or telephone that you request from us or which we feel may interest you
· To carry out our obligations arising from any contracts entered into between you and us, like providing your insurance carrier with proof of your successful completion of our courses, or to enable us to deal with any query you have raised
· To allow you to participate in interactive features of our Services, when you choose to do so
· To notify you about changes to our Services
· To administer our sites and/or the Services (as applicable) and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes and as part of our efforts to keep our site and Services safe and secure.
How long do we store your data for?
We will keep a copy of your personal data for as long as you remain registered with our sites/the applicable Services or are the contact person or Student of any customer we are dealing with and thereafter for such period as may be required for our legitimate purposes and in compliance with any legal, audit and compliance requirements, provided that in certain cases as outlined below under “Your right” we may delete such data on your request, and further provided that in regard to Courses or Services, our specific Terms of service with you or the relevant customer organization may include relevant specific provisions.
Online payments and billing
If you make a purchase for any of our Courses or Services, you normally will be required to provide your payment details. These details will be made available in part to both the payment gateway and merchant bank involved. We ourselves will not receive and/or store your credit card details. More details can be found below.
Legal basis of our processing of your personal data
We make sure that we only collect and process your data when we have a lawful basis to do so.
Where we operate our sites and perform our marketing efforts, as well as where you open a Services account with us, we determine and control the way in which we process your personal data. We ONLY market on the basis of your consent, and process your personal data as part of your account registration and our ongoing customer interactions with you based on our legitimate interests of promoting, growing and developing our business and in order to perform our obligations under the contract between us.
In other situations we normally act on behalf of a customer of ours (of whom you may be a Student) and perform any related data processing on the basis of our legitimate interests of promoting, growing and developing our business and in order to perform our obligations under a contract between us and such customer. In such situations, the relevant customer and account owner is the controller of your data and determines its use.
We acknowledge and respect your rights as an individual. If you wish to exercise any of your lawful rights or have questions in this regard, please reach out to us via the contact details provided below.
If you are not a Student of another customer, we will not to process your personal data for marketing purposes unless you have asked us to do so. You may also choose to receive publications or certain other communications from us by explicitly indicating so in the appropriate section of the Registration Form or by opting-in by phone, email or via direct marketing emails sent to you.
If you Opt-in we intend to use your data for marketing purposes or we may disclose your information to any third party for such purposes. You can exercise your right to prevent such processing by NOT Opting-IN on the forms we use to collect your data. You can also exercise the right at any time by
You may also have the right to ask us to provide you with data held on you, amend any inaccurate personal data held on you, and/or to delete such data. However, you should be aware that if you request your details to be deleted, this will mean we will have no record of any opting out that you may have requested and that you therefore may receive unsolicited communications in the future. Where we are processing your information on behalf of our customer, you are generally required to exercise any such rights directly with our customer (of whom you may be a Student), being the organization or individual that determines the processing.
Children’s personal information
In accordance with the Children’s Online Privacy Protection Act (“COPPA”) and the GDPR, our Services are not intended to be used by children and we do not knowingly request, solicit, access or receive personal information (as defined in COPPA and the GDPR, as applicable) from anyone under the age of 13 and 16 respectively. Where we are aware that any personal information submitted through our sites or our Services belongs to a child, we will delete this personal information from our records.
Whilst this is not our intention, our Services could be used by customers or Administrators to collect personal information from children under the age of 16. Where you make use of our Services to collect such personal information, you become an “operator” under COPPA and it becomes your obligation as our customer to comply with the relevant requirements of the COPPA and/or the GDPR, as applicable (and any other applicable laws and regulations).
While it is your responsibility, not ours, to ensure compliance with COPPA and the GDPR where you act as our customer and are the account owner and determine the data collection and processing, in the event we have actual notice that you have collected personal information in violation of COPPA and/or the GDPR, we will require you to comply with COPPA and/or the GDPR, and we may delete any violating personal information you are processing without notice.
EU Privacy Shield
NexLearn LLC is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC). We comply with the EU-US Privacy Shield Framework as set forth by the US Department of Commerce regarding the collection, use, and retention of personal information from European Union member countries.
PRIVACY SHIELD, a non-profit alternative dispute resolution provider located in the United States and operated by the Council of Better Business Bureaus. If you do not receive a timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit www.bbb.org/EU-privacy-shield/for-eu-consumers/ for more information and to file a complaint. Please note that if your complaint is not resolved through these channels, under limited circumstances, a binding arbitration option may be available before a Privacy Shield Panel.
Art. 27 GDPR – EU representative
We have appointed NexLearn LLC one of our companies, to act as our designated representative within the EEA for the purposes of Art. 27 of the GDPR. The corporate details of NexLearn LLC are: contact firstname.lastname@example.org. Its corporate website is www.nexlearn.com.
To ensure our compliance, NexLearn LLC is mandated to be addressed in addition to, or instead of us, by supervisory authorities and data subjects with any issues related to our processing of personal data. This designation is without prejudice to legal actions which could be initiated against us.
Terms of service When you access and use the NexLearn Courses or Services as a user, you are subject to the NexLearn Terms of Service. By licensing our Career Map Software services or Courses, you are subject to the Terms of Service as included in your license Agreement with us.
We disclaim all liability related to your collection and use of personal information through our Services.
This policy may be updated by us from time to time, so please check this policy periodically to ensure you are aware of our latest policies.