Last updated: May 10, 2016
Ooka Island Inc., its affiliates and their successors and assigns (collectively referred to as “Ooka”) are committed to protecting the personal information which they collect by means of this web site (the “Site”) and by means of Ooka’s video game clients (the “Game”).
This School Use Privacy Policy describes the types of personal information which Ooka collects specific for teachers, teacher assistants, school administrators, and their assigns (collectively the “Educators”) for institutional (the “School”) activities related to minors (the “Students”), and how Ooka collects, uses and discloses that information.
This document is a supplement to the general Privacy & Legal Policy available here: https://lighthouse.ookaisland.com/privacy-legal/
When collecting personal information relating to a user of this Site, Ooka will seek that individual’s consent, or the consent of the Educator, Parent or Guardian, to the collection as well as to the use and disclosure of it in accordance with this School Use Privacy Policy.
Ooka will collect the minimum personal information required to satisfy the business and educational functions of the company, in particular the minimum personal information of minors. When personal information on minors may be collected, we will provide suggestions for internal controls to mitigate the risk to the Educators and Students from intentional or accidental disclosure.
Ooka may include requests for Educators to volunteer information required for the successful delivery of Ooka’s products and services.
Data is collected from Educators, Students, and their physical device(s) during the course of access to the Site and the Game.
Ooka provides a personalized learning path through the Game based in part on the personal data volunteered and collected by other means from the Educator and Student.
Ooka may share personal information which it has collected with its employees, agents, and other representatives who need to use that information in connection with one or more of the purposes for which that personal information was collected.
All members of the Ooka team are physically located in Canada, and may access and/or store personal information onto their local workstation.
Ooka may access and disclose any personal information which it has collected if required or permitted to do so by law (for example, in order to comply with a legal requirement, including, but not limited to, one imposed by a warrant, subpoena, court order or like instrument served on Ooka or in an emergency to protect the life, health or security of any person).
Ooka may disclose the personal information of the users of this Site to any successor or any assignee of Ooka’s assets relating to this Site and Game.
Before disclosing personal information relating to a user of this Site to a third party other than as set out in this School Use Privacy Policy, Ooka will obtain the user’s consent to the disclosure.
Ooka engages service providers to provide certain limited services such as shipping products, hosting this Site, or processing financial transactions. Ooka will only provide those service providers with the personal information they need to deliver the service for which they were retained.
Ooka will also require those companies, through contractual means, to safeguard such information, maintain its confidentiality and not to use that information for any purpose other than providing the services for which they were retained. Please note that such services providers may be located outside of Canada.
Provider | Territorial jurisdiction | Information disclosed |
Amazon Web Services Primary internet host |
United States | All data collected by Ooka, the Site, and the Game. |
Google Analytics Web analytics |
United States |
Personal: none Other: web session data. Data accessible in aggregate only. |
Mandrill Transactional email |
United States |
Personal: none Other: Educator email addresses and names, email subject and body content. Efforts are made to not send transactional email containing personal information. |
Mixpanel User engagement tracking |
United States |
Personal: none Other: Site and Game usage data. |
Sentry Application log monitoring |
United States | During the course of error logging, some personal information may be exposed to this error logging provider. Reasonable efforts are made to obscure personal data. |
Ooka uses multiple security measures to safeguard and help prevent unauthorized access to your information, maintain data security, and correctly use the information we collect. These measures include, but are not limited to, the use of encryption, mandatory password requirements, firewalls, and information access controls.
Additionally, your account is protected by the password you use to access your online account, and we urge you to take steps to keep your username and password safe. Educators are responsible for maintaining the confidentiality of their usernames and passwords, including student usernames and passwords.
Please be aware that, despite our best efforts, no security measures are perfect or impenetrable and that no data transmissions over the internet can be guaranteed to be 100% secure.
Ooka has implemented information security procedures to provide security for School, Educator and Student data, and provides best practices to Schools, and Educators to protect their information while engaging with the Game. In the instance of a breach, Ooka will conduct an investigation. The objectives of the investigation are to:
In the event of a security breach, Ooka has established a notification protocol, which includes the following steps:
Additional steps for Clients:
It is the School’s responsibility to protect the privacy rights of minors, their guardians, and staff. With the exception of student game play data, Ooka collects and retains personal information only as volunteered by the Educator. Student game play data only becomes personal in the context of Student personal identifiers linking them to their game play data. At any time, Educators may use internal controls to provide an additional layer of protection for personal information.
For example Educators should always use strong passwords for their Ooka login; Educators should always logout of the Ooka program when finished using the program, and Educators should never share their Ooka login credentials with anyone.
If consent to disclose personal information to Ooka has not been obtained from Student legal guardians, Educators should consult their privacy officers to determine how to balance the benefits of disclosing personal identifiers (e.g. the convenience of identifying Student profiles by full Student names) with the relative risks.
Since Ooka only requires Student player profile usernames be unique per Teacher account, Ooka recommends Educators provide the minimum amount of personal information to distinctly identify each Student. For example, first name plus their initial(s), a unique identifier, or internal codes. It is strongly recommended that the Student’s education number is never used.
For additional guidance, see your organization’s privacy policy.
Ooka welcomes your comments and questions regarding this School Use Privacy Policy. If you have a comment or question regarding this School Use Privacy Policy, or would like to request access or an amendment to your personal information collected and retained by Ooka, please contact Ooka’s Privacy Officer by e-mail, courier or regular mail at the following address:
Ooka Island Inc.
119 Kent St, Suite 155
Charlottetown, Prince Edward Island, C1A 1N3
Canada
Attention: Privacy Officer
E-mail: privacyofficer@ookaisland.com
Fax: 877-567-3115
Ooka may, from time to time, update or change this School Use Privacy Policy. When Ooka makes any change to this Privacy Policy, an updated copy will be posted to this Site and the word updated will appear next to the link to this Privacy Policy on the introductory page of this Site for a period of at least 30 days from the date of the change. The date that this Privacy Policy was last updated will appear at the top of the copy of it posted on this Site.
By using this Site, you consent to Ooka’s collection, use and disclosure of your personal information in accordance with this Privacy Policy.
Please note that by refusing to provide personal information or by denying or withdrawing consent to use or disclose personal information for purposes identified in this School Use Privacy Policy, you may be unable to participate in certain programs or activities sponsored by Ooka.
1 Student usernames are considered personally identifiable only when real full names are used. See also: Best practices and suggested internal controls below.