On the move: This is what you need to know
But just in case you’re on the move, or do not have time to read it in full, we have summarized the key points for you in our 'speed read' section below.
- We are Anthology Inc. (Anthology Inc., we, our or us) and affiliates. We have entities in the US, Canada, UK, India and Brazil as detailed further below. We have appointed a Data Protection Officer who will be responsible for our approach to data protection and protecting your privacy. You can contact them at firstname.lastname@example.org.
- We will keep your data for as long as we provide services to you. We will then keep data for a limited period when we no longer provide services to you to deal with any queries or complaints.
- Residents located within the European Economic Area (EEA) should note that, we may transfer your Personal Data to a recipient located outside of the EEA. If we do this, we will ensure that the transfer mechanism provides an adequate level of protection, which has been recognized by the European Commission. In addition, if you are a resident within the EEA you have additional rights in relation to your Personal Data; click here for more information.
- Our UK entity is registered as a data controller with the Information Commissioner's Office and our registration number is ZA294962.
- “Process” or “processing” means any operation(s) performed on Personal Data, by automated means or not, such as collecting, protecting, using, sharing, organizing, storing, altering, or erasing.
- “Personal Data” means any information relating to an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identification number or to one or more factors specific to the physical, physiological, mental, economic, cultural or social identity of that natural person.
About Anthology Inc.
Anthology Inc. (Anthology Inc., we, our or us) includes the following entities:
- Anthology, Inc. (f/k/a Campus Management Corp.), a Florida corporation, whose principal place of business is at 5201 Congress Avenue, Boca Raton, FL, 33487, USA;
- Campus Management Corp UK Limited, (specifically, CMC UK) a company registered in England and Wales under company number 06848622 whose registered office is at3rd Floor, 5 Lloyds Avenue, London, EC3N 3AE, England;
- Talisma Corporation Private Limited, a company registered in India whose registered office is at 3rd Floor, Olympia / Building No: 1, Bagmane Tech Park, C V Raman Nagar, Byrasandra, Bangalore - 560093, Karnataka, India;
- Campus Management Brasil Comércio de Softwares Educativos LTDA, a company registered in Brazil under company number 13.473.107/0001-07 whose registered office is at Avenida Paulista, 2300, Andar Pilotis, Cerqueira César, São Paulo, São Paulo, 01310-300, Brasil;
- Campus Management International Private Limited, a company registered in India whose registered office is at 3rd Floor, Olympia / Building No: 1, Bagmane Tech Park, C V Raman Nagar, Byrasandra, Bangaloreh - 560093, Karnataka, India; and
- Admissions US, LLC, a Delaware limited liability company whose principal place of business is at 5201 Congress Avenue, Boca Raton, FL, 33487, USA.
- Campus Labs, ULC, a British Columbia Company whose principal place of business is at 20th Floor, 250 Howe Street Vancouver, BC V6C 3R8 Canada.
- Anthology Inc. of NY (f/k/a Campus Labs, Inc.), a Delaware corporation, whose principal place of business is at 298 Main St., Buffalo, NY 14202 (“Campus Labs”).
- Anthology Inc. of Missouri (f/k/a iModules Software, Inc.), a Delaware corporation, whose principal place of business is at 8330 Ward Parkway, 5th floor, Kansas City, MO 64114 (“iModules”).
What personal data do we collect about you?
This section informs you of what information we collect about you and why.
We collect Personal Data about you if you fill in forms on the Website or correspond with us by phone, email or otherwise. This includes information you provide when you submit an inquiry through our Website, request further information, register for events, buy our services, enter a competition, promotion or survey, give us your business card and when you report a problem with our Website. Please do not submit any Personal Data to us if you are less than 18 years of age.
Personal data we process:
- job title;
- place of employment;
- home or business address and telephone number;
- personal or business email address;
- IP address.
Optional information you may choose to provide:
- spouse’s name;
- or personal comments as part of your profile.
If you use our Website:
If you use our Website, we automatically collect the following information:
- web usage information (e.g. IP address), your login information, browser type and version, time zone setting, operating system and platform; and
- information about your visit, including the full Uniform Resource Locators (URLs) clickstream to, through and from our Website (including date and time); time on page, page response times, download errors, length of visits to certain pages, page interaction information (such as searches, scrolling, clicks and mouse-overs).
Where we collect information about you in the ways described above, we do so on the basis that it is in our legitimate interests to collect and process this data. In most situations this will be anonymized but we collect and process this data to ensure that our site is functioning properly and that our customer experience is to the standard that you and we expect.
The Website may, from time to time, contain links to and from the websites of non-Anthology Inc. parties. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any Personal Data to these websites.
Information we receive from other sources:
We may receive information about you if you use any other website we operate or the other services we provide. We are also working closely with third parties, (including, for example, business partners and sub-contractors in technical services), and may receive information about you from them.
When we receive information from other sources, we rely on them having the appropriate provisions in place telling you how they collect data and who they may share it with. We carefully check our sources to ensure that we only receive your information when it is lawful for us to do so.
How will we use your personal data
This section explains how we will collect, store and use Personal Data you provide to us in order to carry out the activities relevant to the provision of our services to you.
We use the information held about you in the following ways:
Information you give to us. We will use this information to:
- carry out our obligations arising from any contracts entered into between you and us and to provide you with the information, products and services that you request from us;
- respond to your inquiries or to process your requests in relation to your information;
- let you know about important changes or developments to the site or our services;
- provide and personalize our services generally;
- administer records of our services;
- carry out market research campaigns;
- provide you with information about other goods and services we offer that are similar to those that you have already purchased or enquired about;
- provide you, or permit selected third parties that you have consented to provide you, with information about goods, services or educational programs we feel may interest you;
- contact you to let you know about other products and services that we offer and feel may be of interest, as set out in the section on Marketing Communications;
- we will aggregate your Personal Data in an anonymous manner to compile statistical and performance information related to the operation of our goods and services (“Aggregated Anonymous Data”). We use Aggregated Anonymous Data in order to create product and service enhancements; provided, that such information does not incorporate any of our Customer’s data, your Personal Data, or additional data you and our Customers provide. Our use of your Personal Data and Aggregated Anonymous Data is strictly limited to the extent necessary to perform the services for our Customers. This includes Anthology Inc., our parent, subsidiaries, affiliates, and service providers;
- ensure that content from our site is presented in the most effective manner for you and for your computer, making the site easier for you to use and providing you with access to all parts of the site.
Information we collect about you. We will use this information to:
- administer our site and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;
- improve our site to ensure that content is presented in the most effective manner for you and for your computer;
- allow you to participate in interactive features of our service, when you choose to do so;
- be used as part of our efforts to keep our site safe and secure;
- measure or understand the effectiveness of advertising we serve to you and others, and to deliver relevant advertising to you; and
- make suggestions and recommendations to you and other users of our site about goods or services that may interest you or them.
- Information we receive from other sources. We may combine this information with information you give to us and information we collect about you. We may use this information and the combined information for the purposes set out above (depending on the types of information we receive).
We must have a legal basis for processing your Personal Data. We consider that we have a legal basis where:
- you have given us consent to do so for the specific purposes which we have told you about – for example, to send you certain marketing communications;
- it is necessary for us to do so to enable us to provide you with the services that you have requested from us - for example contacting you about the services;
- it is necessary in order to fulfil our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests; or
- the law otherwise permits or requires it.
Where we process your Personal Data on the basis of our legitimate interests, these are our (or our third party’s) interests in providing our services to you in an efficient and secure manner.
- Information you give to us. We will use this information to:
To the extent that we send you any third party content, we take no responsibility for privacy rules of any third parties and encourage you to consider the privacy terms of those third parties separately.
If you prefer not to receive any marketing communications from us, you can change your preferences and unsubscribe at any time by clicking on this link or contacting us at email@example.com with a subject line that reads “unsubscribe”. If you choose not to receive this information we will be unable to keep you informed of new products, services, events, user conferences, educational programs, newsletters, announcements and promotions that may interest you.
Who will have access to your personal data
We take your privacy seriously and have implemented appropriate physical, technical and organizational security measures designed to secure your Personal Data against accidental loss, destruction or damage and unauthorized access, use, alteration or disclosure.
Who else might we share your personal data with
We may share your Personal Data with any member of our group which means our subsidiaries and our ultimate holding company. This is to ensure efficiency and so we can provide the best service we can to you.
We may share your Personal Data with the following third-party service providers who assist us with administering the provision of our services to you:
- business partners, suppliers, and sub-contractors for the performance of any contract we enter into with them or you;
- analytics and search engine providers that assist us in the improvement and optimization of our site; and
- agents we engage to perform functions on our behalf including sending customer communications, providing technical support services, analyzing data and providing marketing assistance. They have access to Personal Data needed to perform their functions, but may not use it for other purposes.
We may also pass Aggregated Anonymous Data on the usage of our site (e.g., we might disclose the median ages of visitors to our site, or the numbers of visitors to our site that come from different geographic areas) to third parties, but this will not include information that can be used to identify you personally.
If a business transfer or change of business ownership takes place or is envisaged, we may transfer your Personal Data to the new owner (or a prospective new owner). If this happens, you will be informed of this transfer following the completion of such transfer or change of business ownership.
How do we protect your personal data?
This section explains how we keep your Personal Data safe and where it will be held.
We take your privacy seriously and are committed to maintaining the privacy and security of the Personal Data you provide to us, and the choices you have regarding our collection and use of your Personal Data.
We follow strict security procedures as to how your Personal Data is stored and used, and who sees it, to help stop any unauthorized person getting hold of it. Once we have received your Personal Data, we will use strict procedures and security features to try to prevent unauthorized access.
Campus Labs and iModules have taken to make transactions secure for members on our sites and transaction pages. Login, electronic commerce, and administrative activity are transmitted over an industry standard Secure Socket Layer (“SSL”). For iModules products only, all commerce transactions encrypt your Personal Data including name, address, and credit card number to prevent unauthorized access as the information travels over the internet. iModules Customers can elect to have site activity data transmitted securely by adding full site SSL certification as an additional service.
For iModules products and services which require commerce transactions; iModules takes the responsibility of your cardholder data seriously and maintains compliance with Payment Card Industry Data Security Standards (PCI DSS) by meeting all security requirements to help ensure commerce-based transaction data is protected. iModules is certified compliant as a Level One Service Provider by a Qualified Security Assessor (QSA), authorized by the PCI Security Standards Council. Our processes, procedures, network configuration, and overall environment conform to all of the security guidelines as defined in the PCI DSS standard and are annually verified by an external auditor. This Level One compliance, the highest level of PCI DSS compliance, helps ensure your e-commerce transaction data is securely protected, transmitted, and stored by iModules. As part of our policy, datacenters hosting the site must maintain their own annual SSAE 16 audit. Upon a Customer’s request, iModules will provide the current attestation of compliance for PCI DSS as well as a certified SSAE 16, or equivalent review. The attestation and certified SSAE 16 are completed by an external audit firm, on behalf of the datacenter used for our services.
Strong passwords are required for each login, and they are stored in a format that cannot be read by administrators or employees. Multiple failed logins or lost login requests are challenged by reCaptcha. An administrative rights system restricts authenticated but unauthorized access to Customer Data and Personal Data.
Certain Campus Labs products use Federated Authentication. If applicable, the product will connect to Customers’ authentication systems in order to identify and credential users. This means that the Customer logs in using their campus username and password. The centerpiece of each method is a secure transmission of a unique identifier for a user upon a successful granting of credentials. Some of the supported protocols also allow for the passing of additional attributes from a directory or other campus system.
Certain Campus Labs products make it easier to work with Google APIs, specifically, Google Drive. If applicable and provided by the Customer, you can connect to Google Drive in order to copy over individual files for use within their coursework. Campus Labs does not access data within Google Drive except when explicitly directed by the Customer on the individual’s behalf. Any files that are copied from Google Drive within the Campus Labs platform remains hosted until deleted by an authorized party, or until the Customer terminated this service.
Unfortunately, the transmission of your Personal Data via the internet is not completely secure and although we do our best to protect your Personal Data, we cannot guarantee the security of your data transmitted to us over the internet and you acknowledge that any transmission is at your own risk.
How long do we keep your personal data?
This section explains the length of time that we will retain your Personal Data.
We will keep your Personal Data for no longer than necessary, for the purposes we have set out above. We will retain your information for as long as needed in order to provide the relevant goods or services to you or perform any contract we have with you and for a limited period afterwards in order to deal with any queries or complaints.
Any third parties that we engage will keep your data stored on their systems for as long as is necessary to provide the relevant services to you or us. If we end our relationship with any third party providers, we will make sure that they securely delete or return your Personal Data to us.
We may retain Personal Data about you for statistical purposes (for example, to help us better advertise our services). Where data is retained for statistical purposes it will always be anonymized, meaning that you will not be identifiable from that data.
California Residents: Your Rights
This section only applies to you if you are a California resident and we process your Personal Data. If that is the case, you have certain additional rights in relation to your Personal Data under the California Consumer Privacy Act (CCPA), Cal. Civ. Code § 1798.100 et seq.
If the CCPA applies to you, you have the right to request that we:
- disclose or provide copies to you, no more than twice in a 12-month period, the Personal Data about you that we have collected, used, or disclosed during the preceding 12 months; or
delete the Personal Data we hold about you, but please note:
- if we are providing services to you and you ask us to delete Personal Data we hold about you then we may be unable to continue providing those services to you;
we may not be required to delete your Personal Data if it is necessary to:
- complete any transaction for which it was provided;
- detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity; or prosecute those responsible for that activity;
- exercise any right provided to us by law;
- comply with a legal obligation; or
- otherwise use your Personal Data internally in a lawful manner compatible with the context in which you provided it.
To exercise your rights under the CCPA, if applicable, please contact us at the address, email address or phone number listed in Section 13 of this Policy. If you make a request pursuant to your rights under the CCPA, we will attempt to verify your identity by asking you to confirm information we already have on file for you, such as an email address, phone number, account identifier, or password. If you choose to exercise your rights under the CCPA, you have the right not to be treated differently from any other individual whose Personal Data we process.
As discussed above, we do not sell your Personal Data, so we do not offer an opt-out to the sale of Personal Data.
EEA Residents: Your Rights
This section only applies to you if we process your data while you are in the EEA. It explains that you have a number of rights in relation to your Personal Data under the EU General Data Protection Regulation 2016/679 (“GDPR”). However, the additional rights only apply when we process your Personal Data while you reside within the EEA.
CMC UK is registered as a data controller with the Information Commissioner's Office and our registration number is ZA294962.
There are circumstances in which your rights may not apply. For example, if we process your Personal Data while you are present in the United States, we may not have to comply with EU regulations and so your rights may not apply. Essentially, the additional rights will only be active once you return to reside within the EEA and we continue to process your Personal Data.
If the additional rights do apply, you have the right to request that we:
- provide you with a copy of the information we hold about you;
- update any of your Personal Data if it is inaccurate or out of date;
- delete the Personal Data we hold about you - if we are providing services to you and you ask us to delete Personal Data we hold about you then we may be unable to continue providing those services to you;
- restrict the way in which we process your Personal Data;
- stop processing your data if you have valid objections to such processing; and
- transfer your Personal Data to a third party.
For more information on your rights and how to use them, or if you would like to make any of the requests set out above, please contact us using the details provided in this section. We will respond to all such requests within the time period required by law.
As explained in the section on Marketing Communications above, even if you consented to the processing of your Personal Data for marketing purposes (by checking the relevant box or by requesting information about services), you have the right to ask us to stop processing your Personal Data for such purposes. You can exercise this right at any time by contacting us at firstname.lastname@example.org.
In providing services to you, you understand that we may transfer your information to different locations around the world. For example, information that is collected within the European Economic Area (EEA) may be transferred to destinations outside of the EEA for the purposes described in this policy.
For users resident in the EEA, where your Personal Data is transferred from the EEA to a recipient outside the EEA in a country not recognized by the European Commission as providing an adequate level of protection for Personal Data, such transfer shall be covered by a framework recognized by the relevant authorities or courts as providing an adequate level of protection for Personal Data, including, but not limited to, Standard Contractual Clauses (the agreement in the form annexed to the European Commission's decision of February 5, 2010 on Standard Contractual Clauses for the transfer of Personal Data to processors established in third countries which can be found here).
If you are unsatisfied with our response to any data protection issues you raise with us or our DPO, you have the right to make a complaint to the Information Commissioner’s Office (ICO). The ICO is the authority in the UK which is tasked with the protection of Personal Data and privacy.
Cookies are then sent back to the originating website on each subsequent visit, or to another website that recognizes that cookie. Cookies are useful because they allow a website to recognize a user's device.
Cookies in themselves do not identify you, just the computer or device you are using. Cookies do lots of different jobs, like making it easier for you to log on to and use our site during future visits, letting you navigate between pages efficiently, remembering your preferences, and generally improving the user experience. They also allow us to monitor traffic on our site and can also help to ensure that advertisements you see online are more relevant to you and your interests.
Cookies themselves only record which areas of our site have been visited by your computer or device and for how long. Allowing us to create a cookie does not give us access to the rest of your computer.
We use the following cookies:
- Strictly necessary cookies. These are cookies that are required for the operation of the Website. They include, for example, cookies that enable you to log into secure areas of our website.
- Analytical/performance cookies. They allow us to recognize and count the number of visitors and to see how visitors move around the Website when they are using it. This helps us to improve the way the Website works, for example, by ensuring that users are finding what they are looking for easily.
- Functionality cookies. These are used to recognize you when you return to the Website. This enables us to personalize our content for you, greet you by name and remember your preferences (for example, your choice of language or region).
- Targeting cookies. These cookies record your visit to the Website, the pages you have visited and the links you have followed. We will use this information to make the Website more relevant to your interests. We may also share this information with third parties for this purpose.
You can find more information about the individual cookies we use and the purposes for which we use them below:
- [DoubleClickID]: This is an anonymous, unique identifier used to track how successful our advertising is. It collects advertising information via pixels, or transparent GIF files, which are provided by our ad management partner, DoubleClick. These files allow DoubleClick to recognize a unique cookie on your web browser, which in turn, lets us know which advertisements to show you. The cookie allows the devices IP address to be sent to a website, but it doesn’t store the IP address or any other Personal Data. This is a third-party cookie.
- [LeadLander]: We use this cookie to collect information about how visitors use our Website and email communications. The cookie collects information relating to where visitors have come to the site from, the number of visitors, which email communications they clicked on and the pages they visited. If you consent, we may use the information collected by this cookie, in combination with your Personal Data, to contact you and tailor our communications to you based on the pages you have visited.
With most Internet browsers, you can erase or block cookies or ask to receive a warning before a cookie is stored. The “Help” function within your browser should tell you how. You will also find details on how to delete cookies from your computer as well as more general information about cookies.
Please be aware that restricting cookies may have a negative impact on the functionality of the Website.
Who can you ask for more information?
Corporate Communications Manager
5201 North Congress Ave.
Boca Raton, FL 33487
Telephone number: 561.923.2500
Alternatively, you can contact us through the inquiry form of the Website.
We have appointed a Data Protection Officer who is responsible for our approach to data protection and protecting your privacy. You can contact them at email@example.com.