Here at NovoEd, we appreciate the fact that you are taking the time to learn on our platform and want to provide the best experience possible, which includes ensuring your right to privacy and security of your data.
Your rights and relationship with NovoEd under GDPR:
Your relationship with NovoEd may be through the organization providing a course in which you are enrolled. In this case, your relationship is primarily with the organization who is providing this course, and that organization serves as the data controller for your personal data with NovoEd acting as a processor of your personal data. Requests related to your individual rights related to your personal data should go to the organization serving as the data controller in this scenario.
Security of your personal data
NovoEd strongly values the security and protection of your personal data and has implemented administrative, technical, and physical security measures to protect your personal data. NovoEd leverages the Amazon Web Services (AWS) cloud infrastructure, which has been designed and managed in alignment with industry regulations, standards, and best-practices. AWS has achieved ISO 27001 certification and has been validated as a Level 1 service provider under the Payment Card Industry (PCI) Data Security Standard (DSS). Amazon undergoes annual SOC 1 audits and has been successfully evaluated at the Moderate level for Federal government systems as well as DIACAP Level 2 for DoD systems. AWS has also achieved certification for the following standards: HIPAA, SSAE 16, ISAE 3402, SOC 2, SOC 2, FedRAMP Agency Authority to Operate (ATOs), DIACAP, FISMA, ITAR, FIPS 140-2, CSA STAR, and others. Amazon’s security policies are available at http://aws.amazon.com/security/
Data collected and use of data
NovoEd collects and uses personal data for providing services for our online learning platform and delivery on online courses.
Personal data is submitted by organizations providing courses as well as the end users enrolled in the course. Only a user’s name and email are required to use NovoEd and most other data is submitted at the user’s discretion. Personal data collected by NovoEd includes
- First and last name
- Email address
- Education institutions attended
- Job Title
- Location (city, state, postal code, country)
- Short bio
- Localization data (timezone, language)
- Posts and comments made by the user and files uploads by the user in various social spaces and submissions in the platform (e.g. assignments, discussions, team/group workspaces)
- Other profile data as supplied by customer/users
NovoEd uses Google Analytics to track user clicking behavior, session length, device used per session and other page level data for optimizing the future versions of the product. We utilize cookies for remembering user's login on the browser, but not for tracking purposes. Our website does not utilize Adware or Flash. However, our customers are able to add tools and widgets to their online courses that utilize either of the above tracking technologies. Our customers are responsible for identifying such tools used in addition to the NovoEd platform and NovoEd does not have agency over these tools or knowledge about their presence in courses.
Links to additional privacy information:
You can view a list of Data Processors/sub-processors used by NovoEd in the attachment NovoEd Subprocessors.xlsx.pdf
We value your privacy and take security extremely seriously; if you have any concerns around privacy, please reach out to us at [email protected]