Privacy Notice

Effective Date: May 20, 2024 | Previous Version

This Privacy Notice applies to the products and services of Brisk Labs Corp. (“Brisk,” “we,” “our,” or “us”) that link to this page, such as Brisk’s websites, online platforms and web browser extensions (collectively, our “Service”). 

Through our Service, we provide productivity tools that speed up tasks like lesson planning and grading, engage student learning, and more. This Privacy Notice describes how we collect, use and disclose your personal data when you visit our Service or otherwise engage with us.

A note about Student Data: Brisk Teaching is intended for providers of educational services, such as schools and school districts (collectively, “Schools”), as well as teachers and authorized school users and administrators (collectively, “Educators”). For more information about our product available for students, please refer to our disclosures for Brisk Boost, below. When the Service is used as part of a School’s educational curriculum, the personal data related to students (“Students”) that is (i) provided to Brisk by a School, or (ii) collected by Brisk during the provision of the Service to a School, may include information defined as “educational records” by the Family Educational Rights and Privacy Act (“FERPA”) or “covered information” under California’s Student Online Personal Information Protection Act (“SOPIPA”), or other information protected by similar student data privacy laws. We call this information “Student Data.”

Please see the “Student Data” section below to understand the principles which guide our collection, use and disclosure of Student Data.

If you are an Educator and are interested in using our Service, please ask your School to contact us about entering into a student data processing agreement with us under applicable student data privacy laws.

TABLE OF CONTENTS
  1. What is Personal Data?
  2. Our Collection of Personal Data
  3. Our Use of Personal Data
  4. Our Disclosure of Personal Data
  5. Student Data
  6. Children's Privacy
  7. Your Privacy Choices
  8. Security
  9. Contact Us
  10. Updates to this Notice
1. WHAT IS PERSONAL DATA?

In short: “Personal data” means data or information that identifies or relates to you, or otherwise meets the definition below.
When we use the term “personal data” in this Privacy Notice, we mean any data or information that identifies, relates to, describes, is capable of being associated with or could reasonably be linked, directly or indirectly, with a particular natural person or household.

2. OUR COLLECTION OF PERSONAL DATA

In short: We collect personal data in the ways described below. For example, we may collect personal data when you register for an account on our Service, send us messages, subscribe to our mailing lists, participate in a survey, or integrate our Service with a third-party site or service. In addition, we may collect personal data automatically when you interact with our Service. We may also collect personal data about you from other sources and third parties. 

Information You Provide

We collect the following information you provide in connection with our Service:

  • Account Information, including full name, email address, School name, and other account information that you choose to provide to us.
  • Inquiry and Communication Information, including information you provide to us when you submit a form, email us, or call us. For example, if you join our waitlist, then we may ask you to provide your name and state of residence. 
  • Information Collected Through the Use of the Service, including any files, documents, videos, images, or other information you choose to provide through your use of the Service. 
  • Information from Educators, such as School name, district, teacher or authorized administrator title, organizational units associated with the School, course information and topics, grade levels taught, course work and assignments, course sections. 
  • Student-related Information, such as topics of study, assignments and content (e.g., homework), and grades. For more information about our privacy practices with regard to Student Data, please see the Student Data section below.

Personal Data Automatically Collected

We and our third-party providers may use (i) cookies or small data files that are stored on an individual’s computer and (ii) other, related technologies, such as web beacons, pixels, embedded scripts, location-identifying technologies and logging technologies (collectively, “cookies”) to automatically collect certain data regarding how you interact with our Service, such as log files and analytics data. For more information about how we use cookies and your choices regarding cookies, please see our Cookie Notice.

Personal Data from Third Parties

We also obtain personal data from third parties. We often combine with personal data we collect either automatically or directly from an individual. We may receive the same categories of personal data as described above from the following third parties:

  • Information That Our Users Direct Us to Process: We may receive your information from other users who interact with our Service. For example, if an Educator uses our browser extension’s Inspect Writing feature, our Service will process any personal data included in the document. For more information about how we use information that our users direct us to process, please see our Privacy and Security FAQs.
  • Referral Information: We may receive your contact information from people who think you may also be interested in our Service. For example, an Educator may provide us with your contact information as a part of a referral program.
  • Information We Receive from Third-Party Platforms: Some parts of our Service allow you to login or link your account with a third-party platform, such as Google. These platforms give you the option to share certain personal data with us that you make available on those platforms. For example, if you register through or otherwise link your Brisk account with your Google account (e.g., Google Classroom, G-Suite including Google Docs, Google Chrome, and Google Drive), we may collect personal data that is associated with your Google account. This information we collect may include your name, account profile data, email address, courses, Student rosters, course materials, information about Google Doc views, version history, comments, and authentication action information, and Student submissions, including some Student Data. If you create or upload assessments or other academic or educational resources or materials from a linked third-party platform, we collect the content of these materials and metadata you provide about them. Our Service's use and transfer of information received from Google APIs to any other app will adhere to Google API Services User Data Policy, including the Limited Use requirements. 
    • The information we receive from a third-party platform depends on the third party’s policies and your privacy settings on its platform. You should always review and, if necessary, adjust your privacy settings on third-party platforms before linking them to our Service.
  • Other Sources: We may also collect personal data about individuals that we do not otherwise have from, for example, publicly available sources, third-party data providers like MDR, or through transactions such as mergers and acquisitions. 
3. OUR USE OF PERSONAL DATA

In short: We use personal data to manage our organization and its day-to-day operations. For more details, please see below:

We use personal data to: 

  • Verify your identity and check whether you are permitted to access certain features of our Service.
  • Provide our Service. For example, as part of our 'Inspect Writing' feature, Brisk accesses the version history of documents.
  • Personalize our Service, including by recognizing an individual and remembering their information when they return to our Service.
  • Conduct research and analytics on our user base and our Service. 
  • Send communications, including via email and newsletters.
  • Market and advertise to educators and adults, not to students. As a signatory of the Student Privacy Pledge, we never use student data for targeted advertising. We employ personal data from educator accounts to run and evaluate the effectiveness of marketing campaigns, which include collaborations with social media platforms as detailed in our Cookie Notice.
  • We never sell personal data and our platform is free from any advertising, ensuring a secure, distraction-free educational environment for both students and educators.
  • Improve and customize our Service to address the needs and interests of our user base and other individuals we interact with.
  • Test, enhance, update and monitor the Service, and diagnose or fix technology problems. 
  • Help maintain the safety, security and integrity of our Service, technology assets and other property, and our business.
  • To enforce our contractual rights, to resolve disputes, to carry out our obligations and enforce our rights, and to protect our business interests and the interests and rights of third parties.
  • Prevent, investigate or provide notice of fraud or unlawful or criminal activity.
  • Comply with contractual and legal obligations and requirements. 
  • To fulfill any other purpose for which you provide personal data. 
  • For any other lawful purpose, or other purpose that you consent to.

Where you choose to contact us, we may need additional information to fulfill the request or respond to inquiries. We may provide you with additional privacy-related information where the scope of the inquiry/request and/or personal data we require fall outside the scope of this Privacy Notice. In that case, the additional privacy notice will govern how we may process the information provided at that time.

4. OUR DISCLOSURE OF PERSONAL DATA

In short: We disclose personal data to a few different categories of recipients. Recipients may include companies that enable us to provide AI-powered services, your School, and others as described below.

We may also share, transmit, disclose, grant access to, make available, and provide personal data with and to third parties, as follows. For more information on how we share Student Data that we collect from Schools, including a list of the specific third parties with whom Student Data is shared, please see the section on “Student Data” below.

  • AI Service Providers: We share personal data with service providers who enable us to provide AI-powered services. For example, this may include service providers who assist us in providing the AI-powered tools that form a part of our Service. Our current list of service providers is available upon request.
  • Other Service Providers: We also share personal data with our other service providers, such as vendors who help us with data analysis, fraud prevention, infrastructure provisioning, analytics services, IT services, product fulfillment, and web hosting. Our current list of service providers is available upon request.
  • Your School: If you interact with our Service through your School, we may disclose your information to your School. 
  • Other Users: If you participate in any of our online communities, we may disclose your public profile information to other online community members, as well as any other information you choose to provide or make public.
  • Customer Service and Communication Providers: We share personal data with third parties who assist us in providing customer service and facilitating our communications with individuals that submit inquiries.
  • Marketing Providers: We coordinate and share non-Student Data with our marketing providers in order to communicate with individuals about the Service we make available.
  • Business Transaction or Reorganization. We may take part in or be involved with a corporate business transaction, such as a merger, acquisition, joint venture, or financing or sale of company assets. We may disclose personal data to a third-party during negotiation of, in connection with or as an asset in such a corporate business transaction. Personal data may also be disclosed in the event of insolvency, bankruptcy, or receivership.
  • Legal Obligations and Rights. We may disclose personal data to third parties, such as legal advisors and law enforcement:some text
    • in connection with the establishment, exercise, or defense of legal claims.
    • to comply with laws or to respond to lawful requests and legal process.
    • to protect the rights and property of Brisk, our agents, users, and others, including to enforce our agreements, policies, and terms of service.
    • to detect, suppress, or prevent fraud.
    • to reduce credit risk and collect debts owed to us.
    • to protect the health and safety of us, our users, or any person.
    • as otherwise required by applicable law.
  • With Your Consent or At Your Direction. In addition to the sharing described in this Privacy Notice, we may share information about you with third parties whenever you consent to or direct such sharing.
5. STUDENT DATA

In short: We consider Student Data to be confidential and do not use Student Data for any purpose other than to provide the Service on the School’s behalf, in accordance with our contract with the School. For more details about our Student Data privacy practices, please see below.

To help Schools address their obligations to protect their students’ data privacy, we have implemented additional controls and procedures for Schools when they enter into a contract with Brisk to use the Service as part of a School’s educational curriculum. When the Service is used as part of a School’s educational curriculum, the personal data related to Students that is (i) provided to Brisk by a School, or (ii) collected by Brisk during the provision of the Service to a School, may include information defined as “educational records” by the Family Educational Rights and Privacy Act (“FERPA”) or “covered information” under California’s Student Online Personal Information Protection Act (“SOPIPA”), or other information protected by similar student data privacy laws. We call this information “Student Data.”

As between us and the School, Student Data is owned and controlled by the School. Our collection and use of Student Data is governed by our contracts with the Schools and by applicable privacy laws. For example, we provide the Service to Schools as a “School Official” under FERPA and we work with Schools to help protect personal data from the Student’s educational record, as required by the FERPA.

  • We collect, maintain, use and share Student Data only for an authorized educational purpose and as described in our Agreement with the School, or as directed by the School or by the Student’s parent or legal guardian (each, a “Parent”).
  • We do not use or disclose Student Data for targeted advertising purposes.
  • We do not build a personal profile of a Student other than in furtherance of an educational purpose.
  • We maintain a comprehensive data security program designed to protect the types of Student Data maintained by the Service. For more information about our security practices, please see the Security section below.
  • We will clearly and transparently disclose our data policies and practices to our users.
  • We will never sell Student Data unless the sale is part of a corporate transaction, such as a merger, acquisition, bankruptcy, or other sale of assets, in which case we will require the new owner to continue to honor the terms provided in this Privacy Notice or we will provide the School with notice and an opportunity to opt-out of the transfer of Student Data by deleting the Student Data before the transfer occurs.
  • We will not make any material changes to our Privacy Notice or contractual agreements that relate to the collection or use of Student Data without first giving notice to the School and providing a choice before the Student Data are used in a materially different manner than was disclosed when the information was collected.

How We Share and Disclose Student Data

We disclose Student Data solely as needed to provide the Service on behalf of specific Schools in accordance with our contracts with those Schools or with the consent of the School or Parent. 

For example, Student Data and account usage data may be disclosed to or accessible by users who are authorized to use the Service on behalf of the School, for example a school or district administrator. In addition, depending on the manner in which Brisk is used by the School and the terms of the agreement between the School and Brisk, we may provide access to certain Student Data to the Student and/or to the Parent of the Student about whom the data relates, for the purpose of monitoring Student usage and activity and evaluating the effectiveness of the School’s use of the Service. 

We also disclose Student Data to trusted service providers who have a legitimate need to access such information on our behalf, subject to appropriate contractual terms to protect such data. Our current list of service providers is available upon request.

We may also disclose Student Data in connection with a business transaction or to support our legal rights and obligations, as described in the Our Disclosure of Personal Data section of this Privacy Notice. 

How We Use De-Identified Data

We may also generate, use, and disclose de-identified information for adaptive learning purposes or customized student learning purposes, to recommend content or services relating to School purposes or other educational or employment purposes, as well as for development, research and improvement of our Service. In addition, we may use de-identified information for the development and improvement of other educational sites, services and applications or technologies more generally to the extent permitted under applicable law. “De-identified information” means data from which all personally identifiable information has been removed or obscured so that the remaining information does not reasonably identify an individual and there is no reasonable basis to believe that the information can be used to identify an individual. 

How We Retain Student Data

We will not knowingly retain Student Records beyond the time period required to support an educational purpose, unless authorized by the School. 

Please note: Schools are responsible for maintaining current class rosters, and for managing Student Data which they no longer need for an educational purpose by submitting a deletion request.

If you are using the Service on behalf of a School and wish to access Student Data, delete Student Data or close your account, please contact us (privacy@briskteaching.com). If you are a Parent or Student and wish to access Student Data, delete Student Data or close your account, please direct your request to your School. 

Questions About Student Data

If you are a Parent or Student and have questions about specific practices relating to Student Data provided to Brisk by a School, please direct your questions to your School.

6. CHILDREN'S PRIVACY - BRISK BOOST

In short: We may choose to make parts of our Service available to children under 13 years old, such as Brisk Boost. Our privacy practices with regard to children under 13 are set out below. We will not collect personal data from children under 13 without appropriate consent or authorization. 

In addition to our tools for Educators, we are launching Brisk Boost, a powerful tool designed to help learners boost their academic progress using AI. 

We may choose to make Brisk Boost available to children under the age of 13. However, Brisk will not collect personal data from children under 13 without appropriate consent or authorization, as follows: 

  • When Brisk provides the Service on behalf of a School, the School provides consent for Brisk to collect information from Students under the age of 13 through the Service provided on the School’s behalf, as permitted by the Children’s Online Privacy Protection Act (“COPPA”). In this case: some text
    • We collect and process personal data from Students under 13 solely at the direction of and under the control of a School, and do not require Students to disclose more information than is reasonably necessary to use the Service. 
    • At all times, Schools have the right to request to review or delete the personal data from Students under 13 or decline to permit further collection or use of the Students’ personal data by contacting the School’s account representative. 
    • Schools are responsible for providing appropriate notice to Parents of the School’s use of third-party service providers such as Brisk. We recommend that our School customers provide a link to this Privacy Notice to all Parents. 
    • For more information on how we collect and process Student Data, please see the section on Student Data above.
  • When Brisk provides the Service directly to children under 13 outside of the school context, we require the child’s parent or legal guardian to provide the appropriate consent or authorization for their child to use Brisk. 
  • The parent, legal guardian or school may withdraw consent at any time.

Data Collected from a Child

When a child under 13 uses the Service, we will ask for certain information about the child that is typically provided by the adult setting up the Service for the child, which may include the child’s name and information about the child’s parent, guardian or School (as applicable). 

When the child uses the Service, we will collect the following information from the child: 

  • Information Collected Through the Use of the Service, including any files, documents, videos, images, or other information the child chooses to provide through the child’s use of the Service. 
  • Student-related Information, such as topics of study, assignments and content (e.g., homework), and grades. 
  • Usage information, such as date/time of visit, time spent on our Service, time zone, and activities completed or engaged with through the Service.
  • Device data and log files, which could include IP address, operating system, device type and version, browser type and version, browser id, and location data derived from IP address. This information is typically collected through cookies or similar technologies and we may use third-party providers to collect this information on our behalf. We collect this information to help us understand usage, to diagnose problems and provide support, to administer our Service, facilitate navigation, display information more effectively, to remember users’ settings and preferences, to personalize the user’s experience while using the Service, and to recognize a user’s computer or device in order to assist the use of the Service and for security purposes. 

We do not require the child to provide any more information than is reasonably necessary to use the Service. 

How we share or disclose a child’s personal data 

We share or disclose a child’s personal data as needed to provide our Service or with third parties with appropriate consent or authorization. For example, we share a child’s personal data with third parties as authorized by the Parent or the School, such as school administrators, counselors, resource professionals and others subject to appropriate authorization. Similarly, children may communicate with others through the Service subject to appropriate authorization, such as with their teachers.

We also share information with our trusted third-party service providers who provide services to us or on our behalf, such as website hosting and customer support services, information technology and related infrastructure provision, and other services. Our current list of service providers is available upon request.

We may also share personal data if we believe to be necessary or appropriate: (a) under applicable law; (b) to comply with legal process; (c) to respond to requests from public and government authorities, including public and government authorities outside your country of residence; (d) to enforce our terms and conditions; (e) to protect our operations or those of any of our affiliates; (f) to protect our rights, privacy, safety or property, and/or that of our affiliates, our users or others; and (g) to allow us to pursue available remedies or limit the damages that we may sustain. If Brisk becomes involved in a merger, acquisition, bankruptcy, change of control, or any form of sale of some or all of its assets, a child’s personal data may be transferred or disclosed in connection with the business transaction, subject to any applicable laws.

We may also share aggregate or de-identified information in a manner that cannot be reasonably used to identify an individual user.

How to access and delete a child’s personal data 

A parent/guardian has the right to access the personal data we have collected from the child, withdraw consent for further collection and request deletion of the child’s personal data. If you are a Parent of a child under 13 that uses our Service outside of school and you want to access, correct, or delete your child’s personal data, please contact us to submit your request. If you are a Parent of a Student under 13 using the Service through a School and you want to access, correct, or delete the Student’s personal data, please contact your child’s School to submit your request. We will respond to the School’s instructions with respect to your child’s personal data.

Unless we receive a deletion request, we will retain the personal data collected from the child for as long as necessary to provide the Service and comply with our legal obligations, which could include retaining information as needed for recordkeeping and billing obligations. We will delete and/or de-identify the child’s personal data when it is no longer needed for the purposes for which it was collected. 

If you require additional assistance regarding your child’s personal data, please contact us at privacy@briskteaching.com. We will respond to all requests as soon as possible. For requests that relate to Students, we may be required to refer the request to the School or School administrator for action.

If you believe a child under the age of 13 has provided personal data to us other than as described above, please contact us using the information in the Contact Us section below so that we may delete such information.

7. YOUR PRIVACY CHOICES

In short: If you would like to update or delete your information you can do so as described below.

You may control your information in the following ways:

  • Profile, controls and data sharing settings. You may update your account information and may change some of your account controls and data sharing preferences by visiting your “Account” page, removing our browser extension via the “settings” or “tools” menu on your web browser, or emailing us at privacy@briskteaching.com.
  • Disconnecting your Brisk account from third party sites. As discussed above, you may be able to connect your Brisk account to accounts you have on third party sites such as Google. You may disconnect your account from a third-party site at any time by visiting the “Account” page to remove authenticated sites and services or removing the Google Chrome Extension under the “Tools” page. 
  • Changing your cookie preferences. For additional details about the cookies we use on our websites and to adjust your preferences with regard to those cookies, please review our Cookie Notice.
  • Changing your communications preferences. You can stop receiving promotional email communications from us by clicking on the “unsubscribe link” provided in such communications. We make every effort to promptly process all unsubscribe requests. You may not opt out of service-related communications (e.g., account verification, transactional communications, changes/updates to features of the Service, technical and security notices).
  • Modifying or deleting your information. If you have any questions about modifying your information, or if you want to remove your name or comments from our Service or publicly displayed content, you can contact us directly at privacy@briskteaching.com. We may not be able to modify your information in all circumstances.
8. SECURITY

In short: We maintain technical and organizational safeguards for personal data as described below.
Brisk has a multi-tiered approach to protecting personal data that includes technical and organizational safeguards. Brisk enforces a robust security program comprised of policies and controls aimed at protecting personal data against known and anticipated threats. Brisk’s security controls include, for example, encryption, firewalls, role-based access controls, and encryption. Brisk restricts access to personal data to a need to know basis and maintains a disciplinary process for any violations.

For Schools that provide us with a designated point of contact for security breaches, Brisk maintains a Student Data breach response protocol. In the event of unauthorized access, destruction, use, modification, or disclosure of Student Data, designated points of contact at Schools will be notified by email or other direct communication channels in accordance with the protocol.

9. CONTACT US

In short: Please feel free to contact us with any questions. Our contact info is below.
If you have any questions or requests in connection with this Privacy Notice or other privacy-related matters, please send an email to privacy@briskteaching.com.

10. UPDATES TO THIS PRIVACY NOTICE

In short: We may update this Privacy Notice. We will notify you of material changes as described below.
We will update this Privacy Notice from time to time. When we make changes to this Privacy Notice, we will change the “Last Updated” date at the beginning of this Privacy Notice. If we make material changes to this Privacy Notice, we will provide reasonable notice to you, such as by email to your registered email address, by prominent posting on this website or our online services, or through other appropriate communication channels. All changes shall be effective from the date of publication unless otherwise provided.

As noted above, we will not make any material changes to this Privacy Notice that relate to the collection or use of Student Data without first giving notice to the School and providing a choice before the Student Data are used in a materially different manner than was disclosed when the information was collected.