Privacy policy

This privacy policy describes how Notis LLC (“Notis”) handles users’ personal information, including how information is used and protected. Notis collects, uses, and shares personal information in a safe manner to help the Notis website and app run correctly. This policy, effective as of September 25st, 2018, recognizes the importance of privacy for all users and openly discloses how Notis protects and uses information gathered from users.

Collection

Information posted on a university network within Notis is publicly accessible with the creation of an unrestricted Notis account on that corresponding university network. Information posted on high school networks is only accessible to that high school network and accounts created by Notis for that network. Notis servers are in the USA hosted by Amazon Web Services. Notis will hold and transmit users’ private information in a safe, confidential, and secure environment to the best of Notis’ abilities; however, all information submitted by users to the Notis app and web platform communities is done by a user’s own choice. Users who provide Notis with personal information consent to the transfer and storage of that information on Notis servers.

High School Compliance

Notis LLC complies with the Utah Student Privacy and Data Protection requirements found in Utah Code 53E-9-309.

Notis LLC does not:

  • Sell individual data to a third party
  • Use student data for targeted advertising

Notis will delete student information upon request of the individual or educational entity in control of that student’s information. Notis will provide a Local Educational Authority (LEA) with their students’ data upon request. Notis may be required to share information with law enforcement or other third parties when compelled to do so by court order or other legal process, to comply with statutes or regulations, to enforce Notis’ terms and conditions, or if Notis believes in good faith that the disclosure is necessary to protect the rights, property, or personal safety of users. All information regarding a student, including their name, email, and other personally identifiable information, as well as any work that they produce while using the Notis application or web platform, remains the property of that student (or their parents if the student is a minor). Notis does not collect or store information related to student educational records; if, however, this data is collected through Notis, Notis complies with FERPA.

In the event of a change of control

If the current owners of Notis sell, divest, or transfer Notis LLC, they will not transfer personal information of Notis customers unless the new owner(s) has agreed to the data privacy standards as stated in this privacy policy. In such case, the current owners of Notis will provide all Notis customers with notice and an opportunity to opt-out of the transfer of personally identifiable Student Data.

Information about Children under the age of 13

Notis does not knowingly collect any information about children under the age of 13 unless the school has obtained appropriate parental consent for the student to use Notis or have their data accessible within the Service. Users should contact Notis at [email protected] if they believe Notis has inadvertently collected personal information of a child under 13 without proper parental consents. In such an event, Notis will strive to contact the school and delete such data as soon as possible.

Use

Notis uses users’ personal information to:

  • provide services;
  • resolve disputes and troubleshoot problems;
  • encourage safe trading and enforce internal policies;
  • communicate marketing and promotional offers to users;
  • carry out other objectives for users as disclosed at the moment information is collected.

Disclosure

Notis will not sell or rent users’ personal information to third parties for their marketing purposes. Notis may disclose personal information to respond to legal requirements, enforce internal policies, respond to claims that a post or other user content violates others’ rights, or protect anyone’s rights, property, or safety (for example, if a user submits false contact details or impersonates another person, Notis may pass that user’s personal information to any aggrieved third party, their agent or to any law enforcement agency).

Cookies

The Notis website may use cookies, web beacons, and third-parties to provide users with services that support buying and selling activities within the Notis online marketplace. To protect users’ privacy, use of these tools is limited.

Using Information from Notis

Users may use personal information posted on Notis only to contact another user about a specific post, or in the manner specified by the user in their post. Users may not send spam or collect personal information from someone who has not agreed to it.

Security

All sensitive data such as passwords are stored in an encrypted format to safeguard against abuse. The server itself is locked down and can only be accessed from the specific API calls within the Notis app. This prevents outside attempts to access data. Notis uses many tools to protect users’ personal information against unauthorized access and disclosure; Notis, however, makes no guarantees that its protocells remain uncompromised.

Data Breach Practices

Notis complies with relevant laws regarding data breaches. If Notis management knows of or has reason to suspect a systems security breach by an unauthorized party of user data where that data is being or is likely to be used for an unauthorized purpose, users will be promptly notified, as well as relevant governmental authorities if the situation requires, so that all parties involved may take appropriate steps. Notis is taking all appropriate steps to avoid this situation; in the event of a security breach, however, additional steps will be taken in an effort to prevent future breaches.

General

Notis may update this policy at any time, with updates taking effect for each individual user when users next post content to the Notis network of which they are a part or after 30 days, whichever is sooner.