Background ring1 Background ring2 Background ring3 Background ring4 Background ring5 Background sphere

PRIVACY POLICY
Effective Date: February 1, 2022

I. INTRODUCTION
This Privacy Policy provides information on how Hourglass Education Technology Solutions, LLC (“Hourglass”) collects, uses, protects, and otherwise processes personal information when you visit our websites, including https://www.hourglassets.com/ and its various subdomains including https://app.hourglassets.com/,(our “Websites”), or use our related software and online or mobile services provided on or in connection with our Websites (collectively, the “Hourglass Products”). How we collect information and how we use information may differ based on our relationship with you. In the ‘Our Relationship with You’ section below, we’ve detailed the different relationships we may have with you, and our respective use of information we collect. References to “us,” “we,” “our,” or “Hourglass” in this Privacy Policy, are referring to Hourglass Education Technology Solutions, LLC and its affiliates.
Customer Data: Hourglass is committed to the protection of personal information. As a provider of education technologies, our customers, which are comprised of schools, school districts, public charter school districts, education service agencies, state departments of education, private organizations, and higher education institutions (collectively, “Customers”), entrust us with their data, which may include personal information of their employees, parents, and students (“Customer Data”). We collect and process Customer Data solely on behalf of our Customers, and in accordance with our agreements with the Customers. We do not use or disclose Customer Data except as authorized and required by our Customers and as provided for in our agreements with our Customers. Because Hourglass does not own or control Customer Data, any request for access, review, correction, or deletion of Customer Data must come directly from our Customers.
We support privacy rights and have developed and implemented policies, processes, procedures, and technologies to collect, use, protect and process Customer Data on behalf of our Customers with those privacy rights in mind. We are also in the process of becoming a signatory of the Student Privacy Pledge.
OUR RELATIONSHIP WITH YOU
• Web Users: For users of our Websites, we offer details on how Hourglass collects and uses information from or about you.
• Hourglass Products Users: For Customers and end users of our Hourglass Products, such as district and school administrators, we provide information on how we collect, process, use, and disclose your personal information through the provision of the Hourglass Products.
• Branded Products: For Customers and end users of our branded products, please see the sections below that correspond with the products you use for more details on how your personal information is processed [Equitable Rostering Solution (ERS) and all other branded applications].
A. CUSTOMERS
When does a customer’s privacy policy govern? In connection with the Hourglass Products, we are considered a “data processor” with respect to any personal information or Student Data (as defined below) provided to us by our Customer about you. That means your school’s or school district’s or public charter school district’s or education service agency’s or state department of education’s or private organization’s or higher education institution’s privacy statement, privacy notice and consent form govern the collection and use of your personal information. Our Privacy Policy does not supersede the terms of any consent form, privacy notice or privacy statement from your school, school district, public charter school district, education service agency, state department of education, private organization, or higher education institution, or stated alternatively, the terms of any agreements between you and your school or school district or public charter school district or education service agency or state department of education or private organization or higher education institution (our Customer).
B. SECURITY
How are customer data protected? Any data provided to us for processing in our applications by a Customer is Customer Data. Hourglass employs a variety of physical, administrative, and technological safeguards that are designed to protect Customer Data against loss, misuse, and unauthorized access or disclosure. We strive to continuously maintain reasonable physical, administrative, and technical security measures. Our measures consider the type and sensitivity of the data being collected, used, and stored, and the current state of technology and threats to data. Hourglass independently verifies its security management system to the internationally recognized standard for security management and utilizes a suite of Microsoft and Microsoft Azure tools as part of its independent verification processes. Hourglass also endeavors to align its privacy and security operations to best practices and relevant international regulations.
C. VENDORS, PARTNERS, AND OTHER DISCLOSURES
Why would my data need to be shared with any 3rd parties? Hourglass works with vendors or partners engaged directly by us to fulfill our obligations to our Customers. Customers may also contract directly with a 3rd party requiring that we share access to Customer Data with a 3rd party. Some disclosures may also be required by law.
1. Vendors. We engage directly with certain third-party companies to help us provide the Hourglass functionality to our Customers, or to you, or to perform work on our behalf (“Vendors”). Our Vendors are required to abide by our privacy and security instructions and are contractually restricted from using any Customer Data accessed or received through us for any purposes other than as needed to perform such services. We may use Vendors to help us conduct marketing campaigns or events and disclose Customer contact information necessary for those activities.
2. Partners. An educational institution may work with third-party companies to provide additional content and functionality which requires access to Hourglass Products (“Partners”). Only with your educational institution’s permission, Hourglass will share information about you (such as your name, email, or student ID), that is required to provide you with access to the Hourglass Products that have been requested by your educational institution. In these cases, these Partners will enter into an agreement directly with your educational institution regarding the processing of any provided data.
3. Other Types of Disclosures. We may also need to share certain portions of Customer Data under the following circumstances:
1. We may need to disclose Customer Data to comply with legal or regulatory requirements and to respond to lawful requests, such as court orders and subpoenas within a legal proceeding. Where such disclosures relate to personal information we hold as a data processor on behalf of our customers, we will refer such requests to our customers where permissible.
2. We may need to disclose Customer Data to protect and defend the rights, property, or safety of our customers, including enforcing contracts or policies, or in connection with investigating and preventing fraud or other misuse of our systems.
3. Where permitted by applicable law, we may utilize aggregated or de-identified (anonymized) information that is no longer associated with a person for internal purposes, such as to enhance and promote the Hourglass Products. Hourglass does not rent, sell, or otherwise provide access to student personal information to third parties for marketing or advertising purposes.

II. WEB USERS
From the moment you first interact with one of the Websites, we or the Customers who offer the Hourglass Products may collect personal information. Sometimes we collect personal information automatically when you interact with our Websites and sometimes we collect the personal information directly from you. At times, we may collect personal information about you from other sources and third parties, even before our first direct interaction.
Note that if you are on an Hourglass application website to access a service or product, you may need to log in to make use of the functionality of the particular product.
A. HOURGLASS’S RELATIONSHIP TO YOU
1. Hourglass as a “data controller” for Public Website Users. With respect to the personal information of users received through our Websites, such as when you visit our Websites or fill out one of our contact forms, Hourglass acts as a “data controller” in relation to that information. A “data controller” is an entity that determines the purposes for which and the manner in which any personal information is processed.
2. Hourglass as a Data “Processor” for Hourglass Applications. Hourglass’s business is in the licensing of access to applications for our Customers to support their educational activities. Our Customers provide data on students collected from parents or the students (“Student Data”) and our Customers provide data on educators collected from district administrators or school administrators or the educators (“Educator Data”). In connection with the Student Data and Educator Data Hourglass receives from our Customers as part of the services, Hourglass acts as a “data processor.” A “data processor” is an entity that processes personal information on behalf and at the direction of the data controller.
B. INFORMATION WE COLLECT
1. Directly from you. You may voluntarily provide us information when you complete a form or survey on our public website or subscribe to our blogs or newsletters. This may include some or all of the following categories of information: name and role; job title; signature; profession; social media account name; username; telephone number; street address; and email address. You may also provide information when you register for an account through a Website to log in to use an Hourglass Product. You may also submit a resume or other information through the Join Us link.
Community Forums – Our Websites may offer publicly accessible community forums or community forums that are publicly accessible to other Customers, but not the general public. You should be aware that any information you provide in these areas is public and may be read, collected, and used by others who access them and may remain on the public forum indefinitely. To request removal of your personal information from our community forums, contact privacy@hourglassets.com. In some cases, we may not be able to remove your personal information, in which case we will let you know if we are unable to do so and why. We encourage all users to exercise caution when providing personal information in community forums. If you provide information when you communicate through our Hourglass community forums, we may link this information with your personal information.
2. Indirectly from you. We collect information about the pages your device’s browser visits and how you access and use the Websites using cookies, tracking technologies and other third-party analytics tools. Specifically, We and our service providers use cookies and similar technologies such as local storage (HTML5), web beacons, Javascript, and eTags on our Websites. This includes information about the devices you use to access the Websites including, but not limited to, unique device identifiers, IP address, operating system, browser, and cookies. Depending on your device settings, we may also collect information about your approximate geographical location. You can learn about our use of cookies, and set your preferences, in our Cookies Policy.
3. Information from third parties. Hourglass may work with third-party ad publishers to re-publish Hourglass content on paid media platforms. We may receive personal information from these publishers. We use this information to provide user-requested information or to contact users regarding Hourglass Products. We may also supplement the information we collect from you with information from Hourglass affiliates and other third parties that we use to promote the Hourglass Products. For example, we may receive information from a third party about how well an online marketing or email campaign performed, or from conference and trade show organizers.
C. HOW WE USE THIS INFORMATION
In addition to the uses described above, we may collect and use your personal information for the following purposes:
1. Product Improvements/Requested Communications. We may use the information collected to provide and improve our Websites and Hourglass Products, and to analyze usage information for sales and marketing purposes. We may also use the information collected to communicate with you in any manner that you have requested. This analysis is necessary to further our legitimate interest in understanding our users and their interactions with us and our websites in order to best iterate and improve our public websites and communications, including marketing purposes, and to provide you with content that you have requested. Third parties may collect information you provide about yourself on their platforms and may provide this information to Hourglass to enable us to offer you requested information, our newsletter or contact you regarding our services, opportunities, products, and/or events.
2. Marketing. We may conduct marketing to promote the Hourglass Products, but do not use or disclose student information (whether personal information or otherwise) provided by customers into our platforms for targeting of advertisements to students. When we conduct (or sponsor) events, conferences, and webinars, we will collect information about attendees, such as the session they attend and their contact information to provide them information about Hourglass Products and other Hourglass information.
3. Marketing Preferences and Opt-Out. Our marketing emails include an “unsubscribe” link so that you can change your preferences and opt-out of receiving marketing emails or communications from Hourglass. You can also send us email at hourglass@hourglassets.com to unsubscribe. Please note that even if you opt-out of marketing emails, we may still need to contact you with important information about your Hourglass account.
4. Interest-based Advertising. We may use third-party advertising tools to collect information about your device browser’s visits to the Websites to provide targeted advertisements to you based on your browsing history on other websites or on other devices you may use. If you would prefer to not receive personalized ads based on your browser or device usage, you may generally express your opt-out preference to no longer receive tailored advertisements. Please note that you will continue to receive advertisements, but they will no longer be tailored to your interests.
Please note that we avoid the use of Student Data for targeted advertising purposes, for example, by inhibiting these third-party advertising networks from collecting information for targeted advertising purposes when a student logs into the service through their student Account. Additionally, we do not knowingly direct targeted advertising to individuals we know to be students on our service or on any other website or online service.
To learn more or opt-out of interest-based advertising by participating companies in the following consumer choice mechanisms, please visit:
• Digital Advertising Alliance (DAA)’s self-regulatory opt-out page (http://optout.aboutads.info/) and mobile application-based “AppChoices” download page (https://youradchoices.com/appchoices).
• European Interactive Digital Advertising Alliance (EDAA)’s consumer opt-out page (http://youronlinechoices.eu), if you are located in the EU.
• Network Advertising Initiative (NAI)’s self-regulatory opt-out page (http://optout.networkadvertising.org/).
D. HOW WE SHARE THIS INFORMATION
We use third-party analytics tools to help us understand how the Websites are used. These parties will have access to some of your personal information. This includes analytics tools such as Google Analytics and LinkedIn Lead Gen.
We also share information with our vendors and service providers and other third parties for legal or business purposes, but only as permitted and subject to required limitations. See Vendors, Partners, & Other Disclosures.

III. HOURGLASS PRODUCTS
This section of our Privacy Policy describes how Customer Data, which may include parent, student, and educator personal information, is used when Hourglass Products are provided through our Customers. How that information is used depends on our Customer (school, school district, public charter school district, education service agency, state department of education, private organization, or higher education institution), which is the “data controller.” Please consult your school’s, district’s, agency’s, organization’s, or institution’s privacy statement for more information on how your personal information is processed.
Why would Hourglass receive and use data about you? If you are a user of Hourglass Products, your information has been provided to us by our Customers. We provide the Hourglass Products directly to our Customers (your school, school district, public charter school district, education service agency, state department of education, private organization, or higher education institution). These institutions act as a “data controller” for purposes of any of the personal information provided to Hourglass. Under an agreement with your school, school district, public charter school district, education service agency, state department of education, private organization, or higher education institution, Hourglass acts as a “data processor” on behalf of and at the direction of our Customer. This also means that our Customer’s privacy policy governs the use of student and educator personal information. Hourglass’s Customers determine what information we process through the Hourglass Products (which may include Student Data and/or Educator Data), how it is used, and provide us instructions for how we process that information under the terms of our contract with our Customer.
Who owns Student Data? All Student Data is solely owned, and thereby controlled, by our Customers (schools, school districts, public charter school districts, education service agencies, state departments of education, private organizations, or higher education institutions). Our Customers are responsible for obtaining from students (or their parents, as applicable) a right to collect, use, and share Student Data for legitimate educational purposes. Our Customers license Hourglass Products for the purpose of providing, maintaining, and supporting such data for those legitimate educational purposes. Hourglass will only use Student Data for the purposes of providing the Hourglass Products that our Customers (schools, school districts, public charter school districts, education service agencies, state departments of education, private organizations, or higher education institutions) have contracted with us to provide, and we will process such Student Data according to instructions and the terms of our contract with our Customers.
Who owns Educator Data? All Educator Data is solely owned, and thereby controlled, by our Customers (schools, school districts, public charter school districts, education service agencies, state departments of education, private organizations, or higher education institutions). Our Customers are responsible for obtaining from educators a right to collect, use, and share Educator Data for legitimate educational purposes. Our Customers license Hourglass Products for the purpose of providing, maintaining, and supporting such data for those legitimate educational purposes. Hourglass will only use Educator Data for the purposes of providing the Hourglass Products that our Customers (schools, school districts, public charter school districts, education service agencies, state departments of education, private organizations, or higher education institutions) have contracted with us to provide, and we will process such Educator Data according to instructions and the terms of our contract with our Customers.
A. WHAT INFORMATION DO WE COLLECT
The information collected from you depends on the specific product and what is needed to integrate with the educational institutions’ systems, set up and maintain your accounts. This includes information in the following data categories:
1. Student records. Typically, the information would include pupil records of students enrolled in a school or district that is under the jurisdiction of our Customers and/or serviced by our Customers, such as student IDs, courses students are enrolled in, demographic information, assessment results, and enrollment, attendance, and discipline records. The exact elements will depend on the product.
2. Customer employee records. For our educator evaluation and human capital management products we also collect employee account information of our Customers including usernames, email addresses, titles, years of experience, grades taught, and credentials, to set up and maintain products and services for you.
3. Financial records. Depending on Customer needs, we may also collect financial information of educators that Customers make available to us in order to provide the Hourglass Products.
B. HOW INFORMATION IS COLLECTED OR PROCESSED
1. Directly from you. We collect information necessary to provide the educational technology services as directed by you.
2. Indirectly from you. We collect device and usage information when you access and use the Hourglass Products, including information that your browser or the mobile app sends when you are using our products. This data may include your unique device identifier, IP address, your browser type and configuration, the date and time of your use of the product or service and cookie data. Learn more about our use of cookies in our Cookies Policy.
3. From third parties. With our Customer’s consent, we may receive information from third parties and combine that information with Customer Data. For example, we may receive limited personal information from third-party services that integrate with or complement the Hourglass Products in order to provide you with the best possible user experience.
C. HOW WE USE INFORMATION
We use your information in accordance with the agreements with our Customers, which may include providing the features and functionality of the Hourglass Products, as well as to communicate directly with our Customers and allow our Customers to communicate with other Hourglass users. It is necessary for us to use information in this manner to provide our Customers with the services requested pursuant to their agreement(s) with Hourglass.
We may also use your information to provide you with news and information about upcoming new products and services. Any such marketing communications from us may be discontinued at any time. We may also use de-identified and aggregated information to understand and improve the Hourglass Products. Any information that may be de-identified will not be ‘re-identified.’ We may share general customer contact information with certain Partners as is necessary to offer and provide the Hourglass Products to our current and prospective customers. No customer data other than general organization/institution contact information is provided for these purposes.
We do not provide any Student Data to any third parties for marketing purposes.
We do not provide any Educator Data to any third parties for marketing purposes.
D. HOW WE SHARE INFORMATION
We share information to provide the Hourglass Products to you and further improve them. Within Hourglass Products, your information will be accessed only by those who have a need to know as they support the provision of the Hourglass Products. We use vendors to help us provide the Hourglass Products to your school, school district, public charter school district, education service agency, state department of education, private organization, or higher education institution. For example, if your school, school district, public charter school district, education service agency, state department of education, private organization, or higher education institution uses one or more Hourglass Products that are hosted by Hourglass, Microsoft Azure provides our cloud hosting resources. Third-party analytics tools may also have access to your personal information to help us understand how the Hourglass Products are being used.
E. DATA RETENTION
We keep information collected on behalf of our Customers for as long as necessary and pursuant to contractual terms or as otherwise required by applicable law. We dispose of information that is not held pursuant to contractual terms in a commercially reasonable time period or at the request of a customer.
F. CHILDREN’S PRIVACY
1. We do not knowingly collect any information from Users under the age of 18 unless and until an Hourglass Customer (school, school district, public charter school district, education service agency, state department of education, private organization, or higher education institution) has provided authorization for a User under 18 to use the Hourglass Products and for us to receive personal information from such User.
2. We do not knowingly collect any information from children under the age of 16 unless and until an Hourglass Customer (school, school district, public charter school district, education service agency, state department of education, private organization, or higher education institution) has provided authorization for a student under 16 to use the Hourglass Products and for us to receive personal information from such student.
3. Children’s Online Privacy Protection Act (COPPA). Hourglass Products are not directed to children under 13, and Hourglass does not knowingly collect any information from children under the age of 13.
4. Please contact us at privacy@hourglassets.com if you believe that we have inadvertently collected personal information from a child under 16 without proper consent. This will allow us to permanently delete such information as soon as possible.
G. ACCESS
THIS SECTION APPLIES TO USERS OF ANY HOURGLASS PRODUCTS THAT ARE LOCATED IN THE EUROPEAN ECONOMIC AREA, UNITED KINGDOM OR SWITZERLAND AT THE TIME OF DATA COLLECTION. WE MAY ASK YOU TO IDENTIFY WHICH COUNTRY YOU ARE LOCATED IN WHEN YOU USE SOME OF OUR PRODUCTS OR SERVICES, OR WE MAY RELY ON YOUR IP ADDRESS TO IDENTIFY YOUR COUNTRY LOCATION. HOURGLASS PRODUCTS ARE NOT KNOWINGLY MARKETED TO, SOLD TO, OR USED BY ANY CUSTOMERS OUTSIDE OF THE UNITED STATES OF AMERICA. HOURGLASS PRODUCTS ARE NOT INTENDED TO COLLECT DATA FROM USERS IN THE EUROPEAN ECONOMIC AREA, UNITED KINGDOM OR SWITZERLAND AT THE TIME OF DATA COLLECTION.
1. Hourglass’s relationship to you.
a. Data Processor for Schools, School Districts, Public Charter School Districts, Education Service Agencies, State Departments of Education, Private Organizations, or Higher Education Institutions. To the extent that Hourglass receives personal information through its Customers’ (schools, school districts, public charter school districts, education service agencies, state departments of education, private organizations, or higher education institutions) use of Hourglass Products, Hourglass is a data processor and the Customer is the data controller.
b. Individual Data Subject Rights.
i. In many of the Hourglass Products, you will be able to access student and educator information as well as change and delete some of the information by logging into an account with appropriate roles/permissions. If you cannot access, correct, or delete the required information on your own, please follow these steps:
1. For parents/students. Hourglass does not control your personal information. We provide the Hourglass Products on behalf of your school, school district, public charter school district, education service agency, state department of education, private organization, or higher education institution. Please contact your organization/institution to exercise your rights of access, rectification, erasure, or restriction of use of personal information. The institution needs to manage your request under applicable laws and Hourglass will support our schools, school districts, public charter school districts, education service agencies, state departments of education, private organizations, or higher education institutions with such requests.
2. For All Other Access Requests
Please email Hourglass at privacy@hourglassets.com or contact us using the information in the “CONTACT US” section if you want to exercise any of these rights.
When we receive an individual rights request from you, please make sure you are ready to verify your identity. Please be advised that there are limitations to your individual rights. We may limit your individual rights in the following ways: (i) where denial of access is required or authorized by law; (ii) when granting access would have a negative impact on other’s privacy; (iii) to protect our rights and properties; and (iv) where the request is frivolous or burdensome.
In many jurisdictions, you also have the right to lodge a complaint with the local data protection authority. A listing of European Economic Area (“EEA”) data protection authorities can be found at https://edpb.europa.eu/about-edpb/about-edpb/members_en. Please contact us at Hourglass first, so we may address your concerns.
HOURGLASS PRODUCTS ARE NOT KNOWINGLY MARKETED TO, SOLD TO, OR USED BY ANY CUSTOMERS OUTSIDE OF THE UNITED STATES OF AMERICA. HOURGLASS PRODUCTS ARE NOT INTENDED TO COLLECT DATA FROM USERS IN THE EUROPEAN ECONOMIC AREA, UNITED KINGDOM OR SWITZERLAND AT THE TIME OF DATA COLLECTION.

IV. BRANDED PRODUCT: EQUITABLE ROSTERING SOLUTION (ERS)
A. WHAT INFORMATION WE COLLECT
1. Schools and School Districts
A school or school district may disclose personally identifiable information from a student’s education records to a third party with either written consent of the parent or by meeting one of the exemptions set forth in FERPA (“FERPA Exemption(s)”), including the exemption for Directory Information (“Directory Information Exemption”) or disclosure to school officials with a legitimate educational interest (“School Official Exemption”). Equitable Rostering Solution (ERS) enables schools, districts, administrators, teachers, or employees (“Users”) to manage online collections of personally identifiable information for Students and Educators wholly in accordance with any and all agreements that exist between Hourglass and the school and/or school district. This information is not shared outside of the school and/or school district or with any third parties except those needed for the provision of the service as outlined in this policy and in those agreements that exist between Hourglass and the school and/or school district. Equitable Rostering Solution (ERS) is not intended to be used by students or parents. As such, students or parents are not intended to have access to Equitable Rostering Solution (ERS), and students or parents should not be given access to Equitable Rostering Solution (ERS) by the school and/or school district. All Equitable Rostering Solution (ERS) Users accessing Equitable Rostering Solution (ERS) on behalf of a school and/or school district must abide by this privacy policy and the terms of any and all agreements that exist between Hourglass and the school and/or school district.
2. Users
1. Registration: The following personal information is collected from Users when they register for an Equitable Rostering Solution (ERS) account: first name, middle name, last name, email address, phone number, and password.
2. Additional Information: The following personal information can be optionally entered by Users after registration: photo, additional email addresses, and additional phone numbers.
3. Employee ID and Job Title/Role: We collect Employee ID (or similar ID) and Job Title/Role for verification purposes and to ensure proper configuration of roles and permissions.
4. School and/or District Associations: We collect a User’s school and/or district associations to ensure a User has access to the appropriate school and/or school district data sets and functionality.
3. Students
1. Demographic Data: Various elements of demographic data are collected from the school and/or school district, including first name, middle name, last name, date of birth, gender, race/ethnicity, special education designations, etc., and wholly in accordance with any and all agreements that exist between Hourglass and the school and/or school district.
2. Assessment Data: A variety of formative and summative assessment data are collected from the school and/or school district wholly in accordance with any and all agreements that exist between Hourglass and the school and/or school district.
3. Course Roster Data: A variety of course roster data are collected from the school and/or school district wholly in accordance with any and all agreements that exist between Hourglass and the school and/or school district.
4. Student Enrollment, Attendance, and Discipline Data: A variety of student-level enrollment, attendance, and discipline data are collected from the school and/or school district wholly in accordance with any and all agreements that exist between Hourglass and the school and/or school district.
5. Additional Information: Additional information can be collected about students only if provided directly by the school and/or school district and only if this additional information is wholly in accordance with any and all agreements that exist between Hourglass and the school and/or school district.
4. Teachers
1. Demographic and Professional Data: Various elements of demographic and professional data are collected from the school and/or school district, including first name, middle name, last name, school, role, title, subjects and grades taught, gender, race/ethnicity, special certifications, degrees, years of experience, etc., wholly in accordance with any and all agreements that exist between Hourglass and the school and/or school district.
2. Course Roster Data: A variety of course roster data are collected from the school and/or school district wholly in accordance with any and all agreements that exist between Hourglass and the school and/or school district.
3. Additional information can be collected about teachers only if provided directly by the school and/or school district and only if this additional information is wholly in accordance with any and all agreements that exist between Hourglass and the school and/or school district.
5. Information we collect indirectly from you: We collect device and usage information when you access and use Hourglass Products, including information that your browser or the mobile app sends when you are using our products. This data may include your unique device identifier, IP address, your browser type and configuration, the date and time of your use of the product or service and cookie data. Learn more about our use of cookies in our Cookies Policy.
B. HOW WE USE INFORMATION
1. On behalf of our Customers, the school or school district. We use the information we collect on behalf of and under the instruction of our Customers, the school or school district, which is the data controller. We use the information in accordance with our agreement(s) with the school or school district to operate, maintain, and provide the features and functionality of the Equitable Rostering Solution’s (ERS) products and services. The school or school district determines how the personal information is used.
C. HOW WE SHARE INFORMATION
We share student and educator information in accordance with our agreement(s) with our Customers, the school or school district. Generally, this includes the sharing of such information inside and outside Equitable Rostering Solution (ERS) in accordance with the contract and applicable law. Student Data and Educator Data will be accessed inside Equitable Rostering Solution (ERS) only by those who have a need to know in order to provide Hourglass Products and improve them. For example, our technical support and client support teams may have access to personal information when Hourglass Products are implemented for your school or school district or when software or other changes are required for support and maintenance purposes. We use vendors to help us provide the Hourglass Products on behalf of our Customers, the school or school district. If you are an Equitable Rostering Solution (ERS) Customer or User, and would like more information on the vendors used to help provide services to you, please send an email to privacy@hourglassets.com requesting more information.
Equitable Rostering Solution (ERS) uses the following third-party service providers:
• Microsoft Azure Cloud Services (https://azure.microsoft.com/en-us/overview/trusted-cloud/privacy/) as a hosting provider for the Equitable Rostering Solution (ERS) product.
• We may use Google Analytics (https://policies.google.com/privacy?hl=en-US) to help us better understand your use of the Equitable Rostering Solution (ERS). These services are for internal use only and are restricted from sharing user data.
D. DELETION OF INFORMATION
Equitable Rostering Solution (ERS) provides limited opportunities to permanently delete some types of information. For example, Users with the right combination of roles and permissions might be able to delete a course roster.
If a student record needs to be permanently deleted from Equitable Rostering Solution (ERS), our Customers, the school or school district may request such a deletion by contacting their client support team personnel or by emailing Hourglass at privacy@hourglassets.com.
If an educator record needs to be permanently deleted from Equitable Rostering Solution (ERS), our Customers, the school or school district may request such a deletion by contacting their client support team personnel or by emailing Hourglass at privacy@hourglassets.com.
STUDENTS DO NOT HAVE ACCESS TO THE EQUITABLE ROSTERING SOLUTION (ERS). STUDENTS ARE THEREFORE UNABLE TO REQUEST DELETION OF INFORMATION. PARENTS DO NOT HAVE ACCESS TO THE EQUITABLE ROSTERING SOLUTION (ERS). PARENTS ARE THEREFORE UNABLE TO REQUEST DELETION OF INFORMATION. ALL REQUESTS FOR DELETION OF INFORMATION MUST BE FURNISHED DIRECTLY BY OUR CUSTOMERS, THE SCHOOL OR SCHOOL DISTRICT.
We will make every attempt to respond to deletion requests within 7 business days.
We will retain User information for as long as a User’s account is active or as needed to provide User’s services. If you wish to cancel your account or request that we no longer use your information to provide you services, contact us via support@hourglassets.com. We will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
E. DATA RETENTION
We keep information collected on behalf of our Customers for as long as necessary and pursuant to contractual terms or as otherwise required by applicable law. We may dispose of information that is not held pursuant to contractual terms in a commercially reasonable time period or at the request of a customer.
F. CHILD ONLINE PRIVACY PROTECTION
Hourglass and Hourglass Products, including the Equitable Rostering Solution (ERS), operate in compliance with the Children’s Online Privacy Protection Act (COPPA). See https://www.ftc.gov/legal-library/browse/rules/childrens-online-privacy-protection-rule-coppa.
Specifically, Equitable Rostering Solution (ERS) is not directed to children under 13 years of age, nor does Equitable Rostering Solution (ERS) collect personal information online from children under 13 years of age.
EQUITABLE ROSTERING SOLUTION (ERS) SHOULD BE ACCESSED ONLY BY PERSONNEL WHO ARE EXPRESSLY AUTHORIZED TO DO SO BY OUR CUSTOMERS, THE SCHOOL OR SCHOOL DISTRICT. AT NO TIME SHOULD CHILDREN UNDER 13 YEARS OF AGE BE AUTHORIZED TO USE EQUITABLE ROSTERING SOLUTION (ERS). IN PROVIDING SERVICES RELATED TO EQUITABLE ROSTERING SOLUTION (ERS), HOURGLASS, ITS PARTNERS, ITS VENDORS, AND ITS AFFILIATES ACT ONLY AS DATA PROCESSORS. THE MAIN RESPONSIBILITY OF WHAT IS KNOWN AS A “DATA CONTROLLER” LIES WITH OUR CUSTOMERS.
If you have questions or concerns about our privacy practices as they pertain to children, please contact us at privacy@hourglassets.com.

V. FOR INTERNATIONAL USERS
HOURGLASS PRODUCTS ARE NOT KNOWINGLY MARKETED TO, SOLD TO, OR USED BY ANY CUSTOMERS OUTSIDE OF THE UNITED STATES OF AMERICA. HOURGLASS PRODUCTS ARE NOT INTENDED TO COLLECT DATA FROM USERS IN THE EUROPEAN ECONOMIC AREA, UNITED KINGDOM OR SWITZERLAND AT THE TIME OF DATA COLLECTION.
If a User accesses any of the Hourglass Products or consumes any of the services Hourglass provides from any country that falls under the European Union General Data Protection Regulation (GDPR), the Swiss Data Protection Act, or the United Kingdom General Data Protection Regulation (UK GDPR), we function in the capacity of a “data processor.” In those circumstances, our processing of your personal information is governed by this Privacy Policy as well as the contractual agreement(s) that exist between Hourglass and its Customers.
If any of the Hourglass Products processes personal information as a result of a User’s access from any country that falls under the European Union General Data Protection Regulation (GDPR), the Swiss Data Protection Act, or the United Kingdom General Data Protection Regulation (UK GDPR), we function in the capacity of a “data processor.”
As a User, you may provide personal information to us when you visit and engage with Hourglass Products. In some cases, we will ask for your additional consent so that we may process your personal information.
If you are located outside of the United States when you access any Hourglass Products, please be aware that your information will be transferred to, processed and stored in the United States. By submitting your personal information, you acknowledge that we may transfer, process, and store your data in this way. Wherever the data is, it will be treated securely and in accordance with this Privacy Policy and applicable privacy laws of the United States. These laws may be different from the privacy laws in the country you are in when you access Hourglass Products. However, this does not change our commitments to safeguard your privacy and we will comply with all applicable laws relating to the cross-border data disclosure of your personal information. Where required, we will implement Standard Contractual Clauses with our third parties or rely on such other transfer mechanism or derogation to ensure that the transfer of your personal information outside of the EEA is lawful. You may request details of the transfer mechanisms that we rely on to transfer personal information outside of the EEA, Switzerland, or UK by emailing us at privacy@hourglassets.com.
If you are accessing Hourglass Products in the EEA, Switzerland, or the UK, for example, you may have the right to access, update or correct your Personal Information, to request deletion of such personal information, and to object to certain processing, including that related to marketing, to receive a machine-readable copy of the personal information concerning you that you provided to us or request us to transfer such data to an applicable third party in certain circumstances.

VI. UNITED STATES STUDENT PRIVACY LAWS
We do not use Student Data for any purpose other than to provide the services, in accordance with our contractual agreements with our Customers, our Terms of Service, and this Privacy Policy. Hourglass does not own or control Student Data, which belongs to the student and/or the Customer (schools, school districts, public charter school districts, education service agencies, state departments of education, private organizations, or higher education institutions) that contracts with Hourglass to provide Hourglass Products.
Hourglass Products are designed to provide protections for Student Data as required by applicable privacy laws. For example:
• The Family Educational Rights and Privacy Act (FERPA). This Privacy Policy and our services are designed to meet our responsibilities to protect personal information from the students’ educational records under FERPA. We agree to work with our Customers (schools, school districts, public charter school districts, education service agencies, state departments of education, private organizations, or higher education institutions) to jointly ensure compliance with the FERPA regulations. A school may disclose personally identifiable information from a student’s education records to a third party with either written consent of the parent or by meeting one of the exemptions set forth in FERPA (“FERPA Exemption(s)”), including the exemption for Directory Information (“Directory Information Exemption”) or disclosure to school officials with a legitimate educational interest (“School Official Exemption”).
• Children’s Online Privacy Protection Act (COPPA). Hourglass Products are not directed to children under the age of 13 and do not knowingly collect any information from children under the age of 13. A Customer may not permit a child under the age of 13 to register for Hourglass Products. Should a Customer permit a child under the age of 13 to register for Hourglass Products the Customer represents that it has the authority to provide all necessary consents for Hourglass to collect and use such student’s personal information in the manner contemplated by this Privacy Policy, as permitted by COPPA. EVEN UNDER THOSE CIRCUMSTANCES HOURGLASS PRODUCTS ARE NOT DESIGNED TO BE USED BY CHILDREN UNDER THE AGE OF 13 AND HOURGLASS DOES NOT PERMIT CHILDREN UNDER THE AGE OF 13 TO USE HOURGLASS PRODUCTS. Please contact us at privacy@hourglassets.com if you believe we have inadvertently collected personal information from a child under the age of 13 without proper consent so that we may delete such data as soon as possible.
• Students Online Personal Information Protection Act (“SOPIPA”). This Privacy Policy and our services are designed to comply with SOPIPA. We do not use Student Data for targeted advertising purposes. We do not use collected information to amass a profile of a student except in furtherance of providing the features and functionality of the Hourglass service. We never sell Student Data unless the sale is part of a corporate transaction, such as a merger, acquisition, bankruptcy, or other sale of assets, in which case we make efforts to ensure the successor entity honors the privacy commitments made in this policy and/or we will notify our Customers about the transaction and provide them an opportunity to opt-out by deleting Student Data before the data transfer occurs.

VII. INTERNATIONAL DATA TRANSFERS AND ACCESS
HOURGLASS PRODUCTS ARE NOT KNOWINGLY MARKETED TO, SOLD TO, OR USED BY ANY CUSTOMERS OUTSIDE OF THE UNITED STATES OF AMERICA. HOURGLASS PRODUCTS ARE NOT INTENDED TO COLLECT DATA FROM USERS OUTSIDE OF THE UNITED STATES OF AMERICA AT THE TIME OF DATA COLLECTION.
All Hourglass Products are hosted by Microsoft Azure Cloud resources within the United States.
All Customer data is hosted for all Hourglass Products in Microsoft Azure Cloud data centers within the United States.
In the event that Hourglass Products are accessed by a Customer-authorized User who is outside the United States at the time of access, and Customer data is processed as a result of such access, Customer data may be transferred from that country to the United States and from the United States to that country. In the event that Customer data are processed in such a manner, Hourglass functions solely in the capacity of a “data processor”.
Other countries, territories, and provinces promulgate legislation and regulations with respect to student educational data. If Hourglass becomes aware that a User is accessing student educational data outside the United States of America and Hourglass therefore finds that it is processing student educational data for our Customers as a result of such access, Hourglass will ensure compliance with the applicable law or jurisdiction to the extent that is feasible, only in the event those laws or jurisdictions cover the processing of student educational data that originates in the United States of America and is owned and controlled by a school, school district, public charter school district, education service agency, state department of education, private organization, or higher education institution located in the United States of America.
Some examples of such legislation and regulations include:
• CANADA. In Canada, the Personal Information Protection and Electronic Documents Act (PIPEDA) is a Canadian federal law that applies to the collection, use, and disclosure of personal information in the course of commercial activities in all Canadian provinces as supplemented by substantially similar provincial privacy laws in Alberta, British Columbia and Québec. PIPEDA also applies to international and interprovincial transfers of personal information.
• BRAZIL In Brazil the General Data Protection Law [in Portuguese Lei Geral de Proteção de Dados (or LGPD)] approved in 2018 came into effect in 2020. This law address both public and private sector entities.
• EUROPEAN ECONOMIC AREA. For residents of the European Economic Area, the General Data Privacy Regulation (GDPR) safeguards the privacy of personal data.
• UNITED KINGDOM. For residents of United Kingdom, the UK General Data Protection Regulation provides similar protection of privacy of personal data alongside the existing the Data Protection Act 2018.

VIII. LINKS TO OTHER SITES
Our Websites may provide links to third-party websites or resources. The information practices of those websites are not covered by this Privacy Policy or any other policies or terms applicable to the Hourglass websites or Hourglass Products. We recommend that you review any terms of use and privacy policy of any linked third-party website before providing any information.

IX. OUR COMMITMENT TO DATA SECURITY
Hourglass uses commercially reasonable physical, administrative, and technical safeguards to preserve the confidentiality, integrity, and availability of your personal information and/or Customer data. Our systems are regularly certified by third parties against industry security standards. We cannot, however, ensure or warrant the security of any information you transmit to Hourglass, and you do so at your own risk. Once we receive your transmission of information, Hourglass makes commercially reasonable efforts to ensure the security of our systems. However, please note that this is not a guarantee that such information may not be accessed, disclosed, altered, or destroyed by breach of any of our physical, administrative, and technical safeguards.
Hourglass maintains Data Security, Data Protection, and Disaster Recovery plans that adhere to industry standards. Hourglass also maintains a data security insurance policy with coverage limits informed by industry standards.

X. IN THE EVENT OF CORPORATE TRANSITION
In the event that Hourglass is acquired by or merged with a third-party entity, we reserve the right, in any of these circumstances, to transfer or assign the information our Customers have provided us from our Users as part of such merger, acquisition, sale, or other change of control to the new data processor. In the unlikely event of our bankruptcy, insolvency, reorganization, receivership, or assignment for the benefit of creditors, or the application of laws or equitable principles affecting creditors’ rights generally, we may not be able to control how your personal information is treated, transferred, or used.
In these circumstances, we will only share information with a company that has agreed to data privacy standards no less stringent than our own. In the event that information is shared in this manner, notice will be posted on our website and notice will be provided to our Customers.

XI. CHANGES TO THE POLICY
We may update this Privacy Policy and its last updated date to reflect changes to our data governance practices. If we propose to make any material changes, we will notify you by means of a notice on this page prior to the change becoming effective. We encourage you to periodically review this page for the latest information on our privacy practices.

XII. CONTACT US
If you have any questions or concerns about your privacy or this Privacy Policy, please contact us at privacy@hourglassets.com.
You may also write to us at:
Hourglass Education Technology Solutions, LLC
7349 N Via Paseo Del Sur, #515-114
Scottsdale, AZ 85258
ATTN: Privacy