Privacy Policy

Last Updated October 11, 2024

Introduction

At Scholarly Software Inc. (“we”, “us”, “Scholarly” or the “Company”) we place significant emphasis on protecting our users’ personal identifiable information (“PII”). This privacy policy (this “Policy”) describes how we use, store, process, protect and enable the sharing of your personal information while using services and tools on our platform, whether via our website at scholarlysoftware.com or through other future delivery methods (together, with any and all future online and offline offerings operated by or on behalf of the Company, the “Services”) This Policy also describes the choices available to you regarding the use of, your access to, and how to update and correct your PII. This Policy is incorporated by reference into the Company’s Terms of Service (the “Terms”).

Section I: Information Collected

Information that you provide to us:

When you register for an account with the Company and/or use our Services, we collect a wide range of PII that you provide directly to us, which may include:

· Name;

· Job title;

· Employer name;

· Work address;

· Work email;

· Work phone number;

· Birthdate;

· Personal email address;

· Personal address;

· Personal phone number; and

· Compensation data.

Information that we collect automatically when you use our Services:

In addition to the PII described above, the Company’s website collects certain information automatically and stores it in log files. This information may include internet protocol (“IP”) addresses, the region or general location where your computer or device is accessing the internet, browser type, operating system and other usage information about the use of the Company’s website, including a history of the pages you view. We use this information to help us design our site to better suit our users’ needs. We may also use your IP address to help diagnose problems with our server and to administer our website, analyze trends, track visitor movements, and gather broad demographic information that assists us in identifying visitor preferences. The Company reserves the right to match your IP address (or any other data) with other data about in any way permitted by applicable law.

Use of cookies:

We may use cookies (as well as web beacons or other technologies) to collect and store information about your visit to, or use of, our platform. Cookies are small data files stored on your hard drive or in device memory that help us improve our online services and your experience, and to see which areas and features of our online services are popular. Web beacons are electronic images that may be used in our online services or emails that help deliver cookies, count visits, and understand usage and campaign effectiveness. We may later associate the usage and other information we collect online with PII about you, as permitted or required by law. Most web browsers are set to accept cookies by default. If you prefer, you may be able to set your browser to remove or reject all or specific browser cookies. Please note that, if you choose to remove or reject cookies from scholarlysoftware.com, this could affect the availability, functionality and services offered by our platform.

Information that we receive from academic institutions:

We may receive PII from academic institutions, school districts, state agencies and similar institutions (collectively, “Academic Providers”). The type of PII collected from Academic Providers is similar to the personal information outlined above under “Information that you provide to us” and may also include student contact information, student demographic information such as age and gender, and student records such as grades, transcripts, class lists and student identification codes. When we obtain your PII directly from Academic Providers, we rely on their lawful authority to collect and use your PII and provide it to us so that we can provide you with the Services. Academic Providers are solely responsible for obtaining all required consents and authorizations from the relevant individuals and for satisfying all obligations or rights owed to such Academic Provider’s data subject under applicable privacy laws. The Company is not responsible for the privacy policies or practices of Academic Providers.

Information that we collect from other sources:

We may also collect information about you from additional online and offline sources, including commercially available third-party sources, for the purposes of verifying eligibility and securely offering our services to you. We may combine this information with the PII and other information that we have collected about you under this Policy.

Information received through other platforms:

You may give us permission to collect your information through other third-party platforms. For example, you may connect a social networking service such as LinkedIn or Facebook. When you do this, it allows us to obtain information derived from those accounts.

Section II: Use of Your Personal Information

The Company does not sell, rent, provide or otherwise share your PII with any third parties other than as provided in this Policy or with your consent. We use PII collected for the following purposes:

· the purposes for which you specifically provided your PII;

· to register you as a client and establish an account for you;

· to provide you with the Services;

· to send email notifications about our new or existing products and services, special offers, to request participation in surveys and/or other forms of market research to improve our products and services, or to otherwise contact you;

· to verify your identity;

· to send emails to the email address you provide, to verify your account and for informational and operational purposes including account management, customer service or system maintenance;

· to enhance existing features or develop new features, products and services;

· to detect and prevent fraudulent transactions;

· to ensure internal quality control;

· to enforce the Terms;

· to perform accounting, auditing and other internal functions; and

· to carry out any other purpose for which the information was collected.

We may also use the information that you provide in other ways with your express consent, such as when you choose to use a service or participate in a program we may offer jointly with another entity. We may also use the information that we obtain about you in other ways for which we provide specific notice at the time of collection.

Retention of PII:

Your personal data is stored by the Company on its servers, and on the servers of the cloud-based database management services that the Company engages, located in the United States. The Company retains the PII we receive as described in this Policy for the duration of the customer’s business relationship with the Company and for a period of time thereafter, to analyze the data for the Company’s own operations, for historical and archiving purposes associated with the Services, to resolve disputes, to establish legal defenses, to conduct audits, to pursue legitimate business purposes, to enforce our agreements, and to comply with applicable laws. The Company retains prospect data until such time as it no longer has business value and is purged from the Company’s systems. All personal data that the Company controls may be deleted upon verified request from Data Subjects (as defined below) or their authorized agents. For more information on where and how long your personal data is stored, and for more information on your rights of erasure and portability, please contact us at: support@scholarlysoftware.com.

Our legal bases for handling of your PII:

The laws in some jurisdictions require companies to tell you about the legal ground on which they rely to use or disclose your PII. To the extent those laws apply, our legal grounds are as set forth below:

· To honor our contractual commitments to you: Much of our processing of PII is to meet our contractual obligations to our users. For example, we handle PII on this basis to create your account and to provide the Services.

· Legitimate interests: In many cases, we handle PII on the grounds that it furthers our legitimate interests in ways that are not overridden by the interests or fundamental rights and freedoms of the affected individuals. This includes:

o providing a safe and enjoyable user experience;

o customer service;

o marketing, e.g. sending emails or other communications to inform you about new features;

o protecting our users, personnel and property;

o analyzing and improving our business, e.g. collecting information about how you use our Services to optimize the design and placement of certain features;

o managing legal issues.

o providing more relevant products and services;

o communicating value to our sponsors and corporate members; and

o providing appropriate staffing to meet member and customer needs.

· Legal compliance: We need to use and disclose PII in certain ways to comply with our legal obligations.

· Consent: Where required by law, and in some other cases, we handle PII on the basis of your express or implied consent.

· Vital Interests: In some cases, we may handle PII in order to protect the vital interests of you or others.

Section III: Sharing Information

The Company is not in the business of selling your information. We consider this information to be a vital part of our relationship with you. There are, however, circumstances in which we may share your information with certain third parties, as set forth below:

Consent: We may share information about you with third parties with your consent or at your direction.

Legal Requirements: We may disclose information we obtain about you (i) if we are required to do so by law or pursuant to legal process (such as a court order or subpoena); (ii) in response to requests by government agencies, such as law enforcement authorities; (iii) to establish, exercise or defend our legal rights; (iv) when we believe disclosure is necessary or appropriate to prevent physical or other harm or financial loss; or (v) in connection with an investigation of suspected or actual illegal activity.

Business Transfers: If all or part of the Company is sold, merged or otherwise transferred to another entity, the PII you have stored with us may be transferred as part of that transaction.

Aggregated Non-Personal Information: We may share aggregated non-personal information about you with third parties. This is information that is combined with the non-personal information of other users and does not include PII. We also may not limit the third parties’ use of such aggregated information.

Hosted Databases: The personal information that the Company collects from you is stored in one or more databases hosted by third parties located in the United States. These third parties do not use or have access to your personal information for any purpose other than cloud storage and retrieval.

Third-Party Sub-Processors: On occasion, the Company may also engage third parties to send information to you, including information about our products, services, and events. The Company currently has no such third-party sub-processors.

Generative AI Tools: The Services provided by the Company may incorporate the use of third-party Generative AI Tools (as defined below). The Company ensures that all Generative AI Tools are used in compliance with applicable license terms, consents, agreements, and laws. The Company does not input sensitive PII, trade secrets, or confidential information into any Generative AI Tools, except in cases where these tools do not use such information to train their machine learning models or improve their services. For the purposes of this section, “Generative AI Tools” means generative artificial intelligence technology or similar tools capable of automatically producing various types of content (such as source code, text, images, audio, and synthetic data) based on user-supplied prompts.

We do not otherwise reveal your personal data to persons or businesses unaffiliated with the Company for their independent use unless: (i) you request or authorize it; (ii) in connection with Scholarly-hosted and Scholarly co-sponsored conferences as described above; (iii) the information is provided to comply with the law (for example, compelled by law enforcement to comply with a search warrant, subpoena, or court order), enforce an agreement we have with you, or to protect our rights, property or safety, or the rights, property or safety of our employees or others; (iv) the information is provided to our agents, vendors or service providers who perform functions on our behalf; (v) to address emergencies or acts of God; or (vi) to address disputes, claims, or to persons demonstrating legal authority to act on your behalf. We may also gather aggregated data about our services and website visitors and disclose the results of such aggregated (but not personally identifiable) information to our partners, service providers, advertisers, and/or other third parties for marketing or promotional purposes.

Section IV: Your Ability to Share Your PII

Some of our Services allow you to share your Scholarly profile and other PII that you have disclosed on the Company’s platform to third parties. You are the only one that can consent and request that your information be sent to a third party for viewing. Once you direct the Company to send your PII to a third party, the Company is not liable for any of such PII sent to the requested third party, including without limitation any liability for any actions such third party may take with respect to your PII. We encourage you to discuss privacy policies and confidentiality issues with the third party you are sending your Scholarly profile to.

Section V: Where Information is Processed - Your Consent to Processing and Transferring Your PII in and to the United States and Other Countries:

Transferring personal data to the United States:

The Company is based in the United States. Information that we collect about you will be processed in the United States. By using the Services, you acknowledge that your personal information will be processed in the United States. By accessing and using the Services and our platform, you consent that the Company may transfer, process, store, use and disclose your data and PII as described in this Privacy Policy.

The United States has not sought nor received a finding of “adequacy” from the European Union under Article 45 of the GDPR. Pursuant to Article 46 of the GDPR, the Company is providing for appropriate safeguards by entering binding, standard data protection clauses, enforceable by data subjects in the EEA and the UK. These clauses have been enhanced based on the guidance of the European Data Protection Board and will be updated when the new draft model clauses are approved.

Depending on the circumstance, the Company also collects and transfers to the U.S. personal data: (i) with consent; (ii) to perform a contract with you; or (iii) to fulfill a compelling legitimate interest of Scholarly in a manner that does not outweigh your rights and freedoms. Scholarly endeavors to apply suitable safeguards to protect the privacy and security of your personal data and to use it only consistent with your relationship with Scholarly and the practices described in this Privacy Statement. Scholarly also enters into data processing agreements and model clauses with its vendors whenever feasible and appropriate. Since it was founded, Scholarly has received zero government requests for information.

For more information or if you have any questions, please contact us at support@scholarlysoftware.com.

Data Subject rights:

The European Union’s General Data Protection Regulation (GDPR) and other countries’ privacy laws provide certain rights for data subjects. Data Subject rights under GDPR include the following:

● Right to be informed;

● Right of access;

● Right to rectification;

● Right to erasure;

● Right to restrict processing;

● Right of data portability;

● Right to object; and

● Rights related to automated decision making including profiling.

This Policy is intended to provide you with information about what personal data the Company collects about you and how it is used. If you wish to confirm that the Company is processing your personal data, or to have access to the personal data that the Company may have about you, please contact us.

You may also request information about: (i) the purpose of the processing; (ii) the categories of personal data concerned; (iii) who else outside of the Company might have received the data from the Company; (iv) what the source of the information was (if you didn’t provide it directly to the Company); and (v) how long it will be stored. You have a right to correct (rectify) the record of your personal data maintained by the Company if it is inaccurate. You may request that the Company erase that data or cease processing it, subject to certain exceptions. You may also request that the Company cease using your data for direct marketing purposes. In many countries, you have a right to lodge a complaint with the appropriate data protection authority if you have concerns about how the Company processes your personal data. When technically feasible, the Company will—at your request—provide your personal data to you.

Reasonable access to your personal data will be provided at no cost. If access cannot be provided within a reasonable time frame, the Company will provide you with a date when the information will be provided. If for some reason access is denied, the Company will provide an explanation as to why access has been denied.

For questions or complaints concerning the processing of your personal data, you can email us atsupport@scholarlysoftware.com. Alternatively, if you are located in the European Union, you can also have recourse to the European Data Protection Supervisor or with your nation’s data protection authority.

Section VI: Your Consent to the Company Emailing You

By using the Services or providing your PII to us, you agree that the Company may communicate with you electronically regarding security, privacy, administrative issues and promotional matters relating to your use of the Services. If the Company learns of a security system’s breach, we may attempt to notify you electronically by posting a notice on scholarlysoftware.com or sending an email to you. You may have a legal right to receive this notice in writing. If you receive an unwanted email from us, you can use the unsubscribe link found at the bottom of the email to opt out of receiving future emails. We will process your request within a reasonable time after receipt. Note that you will continue to receive transaction-related emails regarding products or Services you have requested. We may also send you certain communications regarding the Company and our Services and you may not be able to opt out of those communications (e.g., communications regarding updates to our Terms or this Policy).

Section VII: Unsolicited Information

You may provide us with ideas for new products or modifications to existing products, and other unsolicited submissions (collectively, “Unsolicited Information”). All Unsolicited Information shall be deemed to be non-confidential and we shall be free to reproduce, use, disclose, and distribute such Unsolicited Information to others without limitation or attribution.

Section VIII: Data Security

We take appropriate technical and organizational measures against unauthorized or unlawful processing of PII and other data and against accidental loss or destruction of, or damage to, PII and other data. By using the Services, you acknowledge that no security measures are perfect or impenetrable, and the Company cannot guarantee that the information submitted to, maintained on, or transmitted from its systems will be completely secure. You further acknowledge that the Company is not responsible for the circumvention of any privacy settings or security measures contained on the Company’s platform by any users or third parties.

Section IX: Children's Policy

The Services are not directed to individuals under the age of 18 and the Company does not knowingly collect, attempt to solicit or receive information from anyone that it knows to be under the age of 18.

Section X: Modifications and Amendments

We may change this Policy from time to time. If we do, we will let you know by appropriate means such as by posting the revised on this page with a new “Last Updated” date. All changes will become effective when posted unless indicated otherwise. If we make any material changes to this Policy, we will notify you by email (sent to the email address specified in your account) or by means of a notice on this website prior to the change becoming effective. We encourage you to periodically review this page for the latest information on our privacy practices. If you object to any changes, you may close your account. Continuing to use the Services and our platform following publication or communication of notice about any changes to this Policy will constitute consent to such changes.

Section XI: Governing Law

By choosing to visit or utilize the Services or otherwise provide information to us, you agree that any dispute over privacy of the terms contained in this Policy will be governed by the law of the State of Delaware and he adjudication of any disputes arising in connection with the Company or the Services will be in accordance with the Terms.

Section XII: Regress and Accountability

If, after reviewing this Policy, you would like to submit a request or have any questions or privacy conecrns, please send us an email at support@scholarlysoftware.com. The Company will address your concerns and attempt to resolve any privacy issues in a timely manner.Data Protection Officer:The Company is headquartered in Denver, Colorado, in the United States. The Company has appointed an internal data protection officer for you to contact if you have any questions or concerns about the Company’s personal data policies or practices. If you would like to exercise your privacy rights, please direct your query to the Company’s Data Protection Officer. The Company’s data protection officer’s name and contact information are as follows:

Kelly Sutton
Scholarly Software Inc.
ksutton@scholarlysoftware.com

Section XIII: Notice to California Users

The information provided in this section applies only to California residents. We are required by the California Consumer Privacy Act of 2018 (the “CCPA”) to provide an explanation of the rights and choices that we offer California residents regarding our handling of their personal information, along with information regarding the categories of personal information we collect, use and share.

California residents’ privacy rights:

The CCPA grants California residents the following rights:

· Information: You can request information about how we have collected, used and shared your personal information during the past twelve months.· Access: You can request a copy of the personal information that we maintain about you.· Deletion: You can ask us to delete the personal information that we have collected or maintain about you.

Please note that the CCPA limits these rights by, for example, prohibiting us from providing certain sensitive information in response to an access request and limiting the circumstances in which we must comply with a deletion request. If we deny your request, we will communicate our decision to you. You are entitled to exercise the rights described above free from discrimination.

How to submit a request:

To request access to or deletion of personal information from our databases, send an email to us at: support@scholarlysoftware.com.

Identity Verification: CCPA requires us to verify the identity of the individual submitting a request for their personal information before providing a substantive response to the request. Because we take the privacy and security of your personal information seriously, we will verify your identity by asking you to both (i) provide certain information about yourself, and then (ii) provide us with a notarized affidavit. Once your identity is verified, we will work to provide you with your requested information in a timely manner.

Authorized Agents: California residents can empower an “authorized agent” to submit requests on their behalf. To protect your privacy we will require the authorized agent to have a written authorization confirming that authority.

Personal information that we collect, use and share:

Information that we collect from you directly: Our Services may collect information directly from you, which identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked, directly or indirectly with a particular consumer or device (“Personal Information”). This Personal Information may be collected directly from you on our platform or through the Services, or indirectly from you, for example by observing your actions in the Services or on our platform.

Information that we collect from covered businesses: The Services also collect such Personal Information about you indirectly from educational institutions, school districts, or other types of organizations that may be a covered business under the CCPA. In such event the Company is deemed an exempt third party as defined in the CCPA, that processes Personal Information on behalf of such covered business for business purposes of electronic ordering, fulfillment, and delivery of academic credentials and data. Such processing activities are governed by the contract between the Company and such covered business and the privacy policy of such covered business. This privacy notice to California residents shall not apply to Personal Information collected from covered businesses. Please see the privacy policy and notices from such covered businesses.

As described above in this Privacy Policy, we do use cookies and other tracking tools on our website to analyze website traffic and facilitate advertising.

The CCPA requires that companies disclose their collection and use of specific categories of Personal Information enumerated in CCPA. Below is a table of those categories and a notification as to whether the Company collects each. Please note that, while each “CCPA category” may cover many types of personal information, the Company collects, uses and shares only the personal information described in this Privacy Policy.

CCPA Categories

Collected?

Identifiers

Yes

Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e))

Yes

Protected classification characteristics under California or federal law

Yes (age, gender, and race/ethnic identity)

Commercial information

Yes

Biometric information

Internet or other similar network activity