Keep your info safe

Data Privacy

Coorpacademy is the provider for your MOOC platform. We are the developers, instructional designers, and customer success managers behind every course you do on your platform.
 
We have been mandated by your employer to provide these services. Your employer has agreed to allow us to use the data we collect to continuously improve your experience, to produce better content, and to tailor the platform to your needs.

Examples:


For example, when you finish a course, or stop halfway during a course, we save this data. This way, we know to adapt our recommendations to courses you like better.
 
Another example: when you click on "Start Learning" in the upper right hand corner of the course description page, we record it. And if we see that a lot of users click on this button to start learning instead of another button, we know we need to improve (or remove) the other button.
Want to know more about GDPR?
 
We have produced a course on the "Impacts of GDPR". Just search for "GDPR" ("RGPD" in French) on your platform to improve your knowledge on it!
If you can't find it on your platform, maybe your platform's manager hasn't activated it. Ask your manager for it and we'll be glad to add it to your platform.
You can also follow the course in a stand-alone page by clicking here, but you won't get any stars.

Privacy And Your Activity

Coorpacademy Privacy Promise

Coorpacademy is commited to make sure your personal data stays private and secure. We're proud to uphold the tenets of the General Data Protection Regulation (GDPR). Our Privacy Promise to You, The Learner With regards to your data, we will constantly strive to:

  1. Be Lawful, Fair, Transparent
    We will process your personal data lawfully, fairly and in a transparent manner in relation to you.

  2. Limit Purpose of Data Collection
    The data we collect about you is only for a specific, explicit and legitimate purpose: namely to give you a better experience on the platform. And we will not process it any more than necessary or in a manner that is incompatible with this purpose.

  3. Minimize Data
    The data we collect about you is adequate, relevant and limited to what is necessary. No asking about your race, or sexual orientation here, we don't need to know any of this!

  4. Be Accurate
    We will strive to keep your data accurate and up to date.

  5. Limit Storage of Data
    We limit the time we keep your data for. If your account is deleted (because you leave your company, or because you ask us to), the data we have about you will only be kept for a month (as a backup) until it is permanently deleted. We keep logs of your activity for a little while longer, but once your account is deleted this data is untraceable back to you.

  6. Keep Data Confidential
    We keep your data safe.
    This includes protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical and organisational measures.

  7. Be Accountable
    We are responsible for, and able to demonstrate our compliance with the GDPR.



What kind of data do you collect about me and why?

We collect your first and last names, email address, and any work-related information (such as which business unit you are in) that your employer sends. We do not collect personal information regarding your sex, age, etc. (unless your employer requires us to have it, and sends it to us). Finally, we collect information about your activity on the platform (such as number of questions answered, when and how you've finished courses, etc). This serves two purposes: tailoring the platform to you, and improving the platform for everyone. Tailoring the platform to you: When you finish a course, we save this data (not your personal information, but merely something along the lines of "user x41503 has finished course 67"). When you start another course but stop halfway through because you don't like it, we record that, too. This way, we improve what we recommend to you, the learner. We know to recommend more courses like the first one, and less courses like the second one. Improving the platform for everyone: We constantly measure the rate of clicks on different interface items, as well as the conversion rate between each step of your journey as a learner (for example, when you connect to the platform, the next logical step is to start a learning interaction, either a course or a battle or something like that). The way we collect this data is not saved per person, but rather, it is aggregated data (e.g. 1000 users clicked on this button). In addition, we regularly test different versions of our interface and change it ever so slightly. The combination of these changes and the constant measurements that we make allow us to figure out what works for our learners and what doesn't. Learning from this data allows us to constantly improve the platform.



How long will you keep my data?

We keep your data for as long as we need to use it to improve our services, as long as your account still exists on this platform, and this platform still exists on our servers (i.e. as long as we are still under contract with your employer). If you delete your data (see "Can I delete my data?"): Once your account is deleted, we erase all your personal data. In accordance with EU regulation, we will do this in under two months (this is a maximum, but you can expect it to be faster in practice) once your demand has been acknowledged by your manager. Some data on your usage of the platform (that we use to improve our User Experience, see "What kind of data do you collect about me and why?"), we do keep for a while longer. This data, however, is not traceable back to you as a person, since, once you have been deleted from the database, it will have been anonymized (e.g "an anonymous user answered 48 questions"). If you need more details about this, please contact your manager.



How are you using my data?

Our elearning platform, delivering all the online training services to you, is fully hosted in an Amazon Cloud Center in Dublin. All course-associated data are therefore uniquely located in Europe.

We make sure our platform is providing the upmost degree of efficiency and satisfaction, so we constantly bring evolutions with our development team located in France.

Some of our research is conducted in Switzerland, and from time to time we may ask our partners—EdTech labs located in Lausanne Polytechnic School— for their analysis on the pedagogy and course effectiveness of the platform. In doing so, however, your personal data is not used.

Once you’ve registered in the platform, we work with a certain number of sub-contractors with whom we contractually ensure that they take the appropriate organizational and technical measures to be GDPR compliant and therefore to fully execute in line with our Data Privacy engagement to you.

To inform you, we may activate MailChimp, a cloud service located in USA that is fully committed with EU-US Privacy Shield Framework, and uses only your professional email address.

Some of your personal data (including your session ID) can also be used in optimized storage databases: we use Redis, Compose, Mlab, Amazon S3, which are all offering secured, performing storage solutions in Amazon Cloud in Ireland.

We also rely on subcontractors for the following things: video flows creation, operation, monitoring and optimization. We work with Kinesis for data streaming, with Serenytics for analytics dashboards, with Logmatic for operational monitoring and with ElasticSearch for keyword-based search. All of these solutions are in Amazon Cloud in Ireland. For our training video content distribution, we use JWPlayer, based in New-York, who committed to the EU-US Privacy Shield Framework and where only session_id is the sole personal data processed.

Finally, for website analytics, your session id can be used by GoogleAnalytics in Europe, with their disaster recovery site in the USA, but with a full commitment with EU-US Privacy Shield and a Data Protection Agreement in place with us.

In addition to the strong attention towards our sub-processing partners' adequate level of compliance with GDPR, we put in place Data Transfer Agreements with the ones being in the USA, or outside EU, engaging them to cascade the same degree of Data Privacy warranties to their possible processing partners.



Do you share any of my data with other organizations?

No. We don't do cross site marketing. Thus, we don't share your personal data with any organization whose purpose is not to help us ensure our service to you. The data we share is only to our partners and subcontractors who allow us to set up, run, and otherwise improve our MOOC platform. (see "How are you using my data?") Note: This site, and documents posted on it, may contain hypertext links or pointers to information created and maintained by other public and private organisations. We do not guarantee the accuracy, relevance, usefulness, timeliness or completeness of any linked information.



Can I delete my data?

You can indeed delete your account and associated data. To do so, please reach out to your platform manager (either your HR, or your direct manager), and ask them to delete your account. They may ask for extra confirmation just to be sure, as this operation is permanent and cannot be undone, and it means you will lose your progression, badges, and certificates forever. Once you confirm, we will carry out with your account deletion, and you will not be able to connect to the platform anymore*. This operation will erase any personal information in your account that we have about you. And it will mean any data about how you’ve used the platform will be made anonymous. We will still have some data for a bit (see "How long will you keep my data?"), but it won't be traceable back to you. Some data cannot be deleted as it would adversely affect other users. For example, if you've done a battle against someone, we will not erase the battle as this would make that person lose their points. Note: if you're unsure who to contact, you may use the "assistance" link in the footer of your Coorpacademy platform to contact us and we will transfer the demand to the appropriate party. * if you use an external log in service to connect to the platform, such as your company's Active Directory or Google Sign-On, and you delete your account, you will still be able to connect to the platform, but this will effectively create a new user. You will not get any of your progression or other information back.



Can I see and obtain, or rectify my data?

Of course ! Get in touch with your platform manager (either your HR, or your direct manager) and ask for a copy of your information, or a rectification of your information. Once your manager has confirmed the demand, we will comply within one month maximum (this is a legal obligation, but rest assured, it should not take that long in practice, expect one or two weeks). Assistance-imageIf you're unsure who to contact, you may use the "assistance" link in the footer of your Coorpacademy platform to contact us and we will transfer the demand to the appropriate party.



Can I port my data to another service?

Of course ! Get in touch with your platform manager (either your HR, or your direct manager) and ask for a copy of your data exports. These can be used with other Learning providers to update your progression data there. However, the courses specific to this platform are not going to be available anywhere else, and therefore, other services will not be able to use that progression information in their platform. Moreover, it is their responsibility to format the data properly in order to import it into their service. Once your manager has confirmed the demand, we will comply within one month maximum. Assistance-imageIf you're unsure who to contact, you may use the "assistance" link in the footer of your Coorpacademy platform to contact us and we will transfer the demand to the appropriate party.



Your Rights Regarding Personal Data Processing

Hereafter the rights you own regarding your personal data we may process:

  • The right to be informed
  • The right of access
  • The right to rectification
  • The right to erasure
  • The right to restrict processing
  • The right to data portability
  • The right to object
  • Rights in relation to automated decision making and profiling
For some of these rights, we might need proofs of identity to proceed according to your request. Some of those rights fulfilments are subjects to some additional conditions and conformity with the law.



Our Cookie Policy

Information supplied by cookies can help us to understand the profile of our learners and help us to provide you with a better user experience. It also helps us recognise when you are signed in to your account and to provide a more personalised experience. The cookies we use include :

  • Cloudflare Cookie: to optimize loading times of our application (through http caching)
  • Google Analytics Cookies: to optimize your experience on the platform by collecting behavioral data on how you use the platform.
  • Amazon Load Balancer Cookie (or heroku affinity cookie): to make sure you are always on the right server
  • Coorpacademy Microservices Cookies: to automatically log you in next time you connect and to remember who you are on our different services (notifications, APIs, current session, etc)
  • Language Cookie : to remember which language you have selected on the platform
  • Anti-CSRF token : Protects against CSRFs (Cross-Site Request Forgery). This may appear among the cookies. It expires automatically when the user leaves or ends the browser session.
It is important to note that if you change your settings and block certain cookies, you will not be able to take full advantage of some features of Coorpacademy services, and we might not be able to provide some features you have previously chosen to receive. (for example if you block the language cookie, your language settings won't be saved)

Your web browser may also provide Coorpacademy with information about your device, such as an IP address and details about the browser that you are using. We use information provided by your browser and this may be captured by performance cookies.

If you have any concerns about the way that we use cookies or respect your settings, then please contact us at assistance@coorpacademy.com

Addendums:

  1. Do Not Track (DNT) Browser Setting
    DNT is a feature offered by some browsers which, when enabled, sends a signal to websites to request that your browsing is not tracked, such as by third party ad networks, social networks and analytic companies. This website does not currently respond to DNT requests.

  2. Apps and Devices
    When you download or use Coorpacademy apps on your mobile device, information may be accessed from or stored to your device. Most often this is used in a similar way to a web browser cookie, such as by enabling the app to ‘remember’ you or provide you with the content you have requested.

    Your web browser or device may also provide Coorpacademy with information about your device, such as a device identifier or IP address. Device identifiers may be collected automatically, such as the device ID, IP address, and app ID (a unique identifier relating to the particular copy of the app you are running).
    If you have any concerns about the information which might be accessed from or stored on your device by Coorpacademy, you may wish to only access Coorpacademy content through a web browser and review your web browser settings.

Changes to Coorpacademy's Privacy & Cookies Policy

This Privacy & Cookies Policy may be updated from time to time so you may wish to check it now and then. The date of the most recent revisions will appear on this page. If you do not agree to these changes, please do not continue to use Coorpacademy websites. You can also delete your Coorpacademy account at any time (please see "Can I delete my data?" for details).

If material changes are made to the Privacy & Cookies Policy, for instance affecting how we would like to use your personal information, we will provide a more prominent notice (including, for certain services, email notification of Privacy & cookies Policy changes).

Date of most recent revision: 02/02/2020



Coorpacademy Privacy and Cookie Policy. All rights reserved.