Updated: June 19, 2024
LRN Corporation and its affiliates (“LRN”, “Company”, “we”, “us”) is committed to protecting your privacy and earning your trust. This Website Privacy Statement (this “Privacy Statement”), which is effective as the date stated above, describes LRN’s privacy practices for our website located at https://lrn.com and any related LRN social media channel, website, application, feature, widget or other online service that is owned or controlled by LRN (and their mobile counterparts) that posts a link to and indicates that this Privacy Statement applies, including as part of any webinars, webcasts or events we may host or sponsor from such sites (collectively, the “Website”) and by LRN offline, but expressly excluding any LRN services that state that they are offered under a different privacy statement.
It is our intent to provide you with information about what personal information we collect, how and why, how we use it, who we share it with, how we protect it, how long we keep it and your rights in respect of the personal information that we collect.
Since 1994, LRN has worked to propel organizations forward with the partnership, knowledge, and tools to build ethical culture. More than 2,800 companies and tens of millions of learners worldwide use LRN services and take LRN e-learning courses to help navigate complex regulatory environments and foster ethical, responsible, and inclusive cultures. In working with some of the world’s most respected brands, we create community and common purpose where people can leverage shared values to outbehave and outperform.
When it comes to handling your personal information, consistent with our mission and approach to our client relationships it is not enough for us to merely comply with the law. We believe it is important to set an example for other companies to follow, which includes diligence and transparency with respect to our management of personal information. This Privacy Statement is part of our effort to achieve that.
This Privacy Statement applies to LRN’s processing of personal information as a controller (as such term is defined in the General Data Protection Regulation (EU) 2016/679 (the “GDPR”)) or as a business (as such term is defined under the California Consumer Privacy Act as amended by the California Privacy Rights Act (“CCPA/CPRA”)) or in a correlative capacity under any other applicable laws pertaining to the privacy and protection of personal information, through our Website, in respect of representatives of our business partners and to the limited extent we process personal information in connection with our Client Offerings as a controller or business (e.g., personal information of Client representatives that we process for the administration of our business, and not processed in the capacity of a processor on behalf of our Clients in the provision of the Client Offerings).
To note, except as noted immediately above this Website Privacy does not govern our processing of personal information in respect of the web sites, services, software applications and products which LRN creates, configures, provides, manages and/or hosts on behalf of its business customers (“Clients”), and any derivative and otherwise related products which are developed to work either remotely or on a mobile/tablet device (all of the foregoing offerings collectively “Client Offerings”).
Generally we process personal information in connection with our Client Offerings as a processor (as such term is defined in the GDPR) or service provider (as such term is defined in the CCPA/CPRA) or in a correlative capacity under any other applicable laws pertaining to the privacy and protection of personal information. For information about our processing of personal information we receive associated with our Client Offerings in the capacity of processor or service provider, please see our Client Offerings Privacy Statement.
If you do not agree with our policies and practices as stated herein, please do not use the Website or related services. By accessing the Website or using the related services, you agree to this Privacy Statement.
We may collect information from you directly or indirectly. For example, when you register for one of our webinars or virtual events or sign up to receive our newsletters, podcast or other promotional communications, you provide information directly to us. Other times, information is collected automatically pertaining to your use our Website. In addition, we may also obtain personal information from third parties or that is publicly available.
Some of the information we collect may be considered “personal information” or “personal data” under various applicable laws (referred to herein generally as “personal information,” subject to the definitions provided in the jurisdiction specific sections of this Privacy Statement). We consider information that identifies you as a specific, identified individual (such as your name, phone number, and e-mail address) to be personal information. We will also treat additional information, including IP addresses and cookie identifiers, as personal information where required by applicable law.
You may provide certain kinds of personal information directly by interacting with LRN online and offline (including via social media or Web forms, by telephone, email, text, in person or through postal mail).
When you register for a web seminar, request a demo or free trial, or sign up for or download certain resources available on our Website, you may be requested to provide, among other things, your email address, phone number, job title, employer name and geographic location. We may also collect personal information, typically name and contact information, employer, job title and geographic location of workplace, you voluntarily provide at industry or LRN sponsored in-person events.
We may collect personal information about you from third parties, including from companies we partner with to sponsor online or in-person events, public databases or third parties from whom we purchase data. We may combine this with information we already have about you. This helps us update, expand, and analyze our records, identify prospective customers, and provide information regarding our solutions that may interest you.
We also work with third parties to support delivery of our online services (such as email and content streaming), or those that help us manage events, surveys, meetings and other service-related interactions. Your personal information may be provided to us by those third parties.
We also may collect personal information from online social networks, for example if you take part in a webcast via LinkedIn. We may collect personal information when you click “Share This” or “Like” buttons or otherwise use social media buttons or plug-ins.
Personal information is collected by automated technologies and shared with us when visitors navigate through our Website online. We may track your browsing actions and log your IP address. We track product preferences and content downloads, to make future visits to our Website more efficient.
Other automated collection technologies – such as cookies, beacons, tags, and scripts – are used by us to analyze trends, administer the Website, and track users’ movements around the Website. We, and our third-party partners, also use these technologies to gather demographic information about our user base as individuals and in the aggregate.
You may opt out of us sharing certain personal information with our advertising partners by not accepting our cookies on your internet browser. Keep in mind that declining certain cookies may decrease the functionality of the Website or disable some features. Please see the “Options with respect to Collection of Your Personal Data” section of this Privacy Statement and our Cookie Statement for additional information on how to disable or opt-out of cookies and similar technologies on our Website. California residents, please refer to the California Consumer Privacy Statement for information on opting out of the sale or sharing of your personal information.
As described below you have choices with respect to the collection of certain personal information, but some parts of the Website may not be fully available or functional without such information.
If at any time you wish to opt-out of future newsletters or other promotional emails from us, you may click the “unsubscribe” link in the email or otherwise contact us at privacy@lrn.com. It may take up to 10 business days before you stop receiving promotional emails. This opt-out does not apply to operational communications, for example, order confirmation emails.
If you have supplied us with personal information, for example by entering your contact and other personal information on the “Contact” page of our Website, you may update or delete your contact or other personal information by contacting us at privacy@lrn.com.
Most browsers let you remove or reject cookies. To do this, follow the instructions in your browser settings. To prevent the use of Google Analytics relating to your use of our Website, you can download and install the browser plug-in available here. Many browsers accept cookies by default until you change your settings. Please note that if you set your browser to disable cookies, the Website may not work properly. Similarly, your browser settings may allow you to clear your browser web storage.
Some of our business partners that collect information about users’ activities on or through the Website may be members of organizations or programs that provide choices to individuals regarding the use of their browsing behavior for purposes of targeted advertising. Users may opt out of certain processing and receiving targeted advertising by:
Note that because these opt-out mechanisms are specific to the device or browser on which they are exercised, you will need to opt-out on every browser and device that you use. Please also note that we are not affiliated with any of the third-party data management products that we have referenced above and do not guarantee their performance or continuity.
Some Internet browsers may be configured to send “Do Not Track” signals to the online services that you visit. We currently do not respond to “Do Not Track” or similar signals. To find out more about “Do Not Track,” please visit http://www.allaboutdnt.com. For California residents, please refer to the California Consumer Privacy Statement for information on using the Global Privacy Control signal.
Our Website and services associated with our Website are not intended for use by anyone younger than 18 years old, and we will never knowingly collect personal information from anyone younger than that. If you are under 18, please do not send any information about yourself to us. If we become aware that personal information of anyone younger than 18 has been provided to us for any purpose we will delete the information from our files.
Certain data protection laws require that we have a legal basis for collecting your personal information. The legal basis we rely upon may be different in each circumstance or we may have one or more legal bases for the collection.
When accessing our Website, we collect personal information from you where (1) we have your consent, (2) where your personal information is necessary for us to provide a service (for example, when you register for a webcast), or (3) where we have a legitimate interest to process your information and that legitimate interest is not overridden by your data protection interests or fundamental rights and freedoms. Examples of processing of personal information to further our own legitimate interests, in a manner that does not outweigh your rights and freedoms, may include continuously improving, customizing, and personalizing our Website, including taking steps to protect against fraud, spam, and abuse; analyzing and improving the safety and security of our Website; and, aggregating and/or anonymizing personal information so that it is no longer considered personal information.
Also, in some cases, we may have a legal obligation to process your personal information, or to process your personal information to exercise, establish or defend legal claims.
Consistent with our mission we endeavor to be transparent about our use of your personal information.
As mentioned above, visitors to the Website will provide their name and email address and other personal information when they register for a web seminar, request a demo or free trial, sign up for or download certain resources available on our Website or initiate communications with us on our “Contact” page.
Collecting and using this information allows not only easier, quicker access to our Website, content, and services on subsequent visits but also allows us to secure the information you have provided. As users navigate through the Website, their movements will be tracked and analyzed. Using this information allows us to provide more relevant content and create a better visitor experience. We also use personal information to:
As noted above, we are the controller or business with respect to personal information we receive through our Website for our own business purposes, but where we are acting as a processor or service provider in delivery of our Client Offerings, including providing guidance and services to our Clients, we do so as a processor or service provider as those terms are defined in the GDPR and CCPA/CPRA, respectively, or in a correlative capacity under any other applicable laws pertaining to the privacy and protection of personal information. The information we receive through our Client Offerings and related services is subject to our Client Offerings Privacy Statement.
If you provide personal information about others, or others give us your information, its use is limited to the specific purpose for which it was provided. Typically, this includes your name and business contact information (email address, phone number, job title, geographic location of employer).
Please do not provide personal information about others unless you are authorized or required to do so by applicable law. If applicable law allows you to supply the information, you represent and warrant that you have abided by that law and that it allows us to receive and disclose the information under this Privacy Statement without any further action on our part. You agree to indemnify, defend and hold harmless LRN, including our affiliates and each of our subsidiaries, officers, directors, employees and agents for any failure by you to comply with this paragraph.
We do not sell personal information we receive through our Website or share it other than as outlined in this Privacy Statement. If you are a resident of California please see our California Consumer Privacy Statement for information on the sale and sharing of personal information as those terms are defined under California law, and for information on opting out of the sale or sharing of your personal information.
We may share your personal information with third parties for various reasons, among them email delivery, data hosting, analytics, payment processing and content streaming. These services may collect browsing data that includes IP addresses, referring pages, and users’ movements as they navigate our Website. Other third parties help us with our marketing, including sending marketing communications and analyzing the effectiveness of our marketing efforts. When we share your personal information with a third party, we require that third party to protect the information consistent with this Privacy Statement and limit its use of the information to performing the services they provide to us.
We may make available on our Website, or link to, features that allow you to generate your own content or share information online (e.g., on our blog or LinkedIn). Please do not embed personal information in the content you generate or share personal information online in public forums, because any such information can be collected and used by others. We have no control over, and take no responsibility for, the use, storage, dissemination or erasure of personal information embedded in user-generated content or shared on the Website or linked pages. By posting personal information online in public forums, you may receive unsolicited messages from other parties.
If you make a post on a third-party social media site, such as LinkedIn, or by identifying us in your social media feed by tagging us using a hashtag (#) or “at” (@), your personal information may be publicly available and is subject to the privacy policies of those third-party social media sites. As a reminder, this Privacy Statement describes how we treat your personal information that we collect and process. We recommend you review the privacy policies of any third-party sites you visit to understand their data collection and processing practices.
If you provide suggestions for improving our Website or services, please be aware that any feedback relating to our Website or social media channels may be publicly shared.
In the event of a merger, acquisition, reorganization, bankruptcy, or other sale of all or a portion of our assets or equity, any user information we control may be transferred to third parties as successors in interest. As part of any transaction of this type, we reserve the right to disclose your personal information in the due diligence and negotiation process of such transaction and to transfer or assign your personal information to third parties. Other than to the extent ordered by a bankruptcy or other court, or as otherwise agreed to by you, the use and disclosure of all transferred user information will be subject to this Privacy Statement.
We may disclose your information to government authorities or other third parties if:
Taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons, we have implemented industry-accepted organizational, physical, and technology-based security measures to protect against loss, misuse, unauthorized access, and alteration of personal information in our systems. We ensure that any employee, contractor, corporation, organization, or vendor who has access to personal information in our systems is subject to legal (including contractual) or professional obligations to safeguard that personal information which obligations are at least as stringent as those undertaken by us under this Privacy Statement.
While we use commercially reasonable, industry-accepted means to protect your personal information, no method of transmission over the Internet or form of electronic storage is completely secure and we cannot guarantee its absolute security.
LRN prohibits unauthorized access or use of personal information stored on its servers. Such access is a violation of law, and we will fully investigate and press charges against any party that has illegally accessed information within our systems.
Where LRN collects your personal information for its own independent business purpose, such as through our Website, or in connection with webinars and events, we do so as a controller or business and will retain your information in accordance with our data retention practices. Typically, we retain your personal information for the time necessary to serve the purpose for which it was originally collected or you authorized, and in accordance with applicable law. For example, we will retain your information for as long as necessary to comply with our legal obligations and rights, to resolve disputes, and to enforce our agreements.
LRN is headquartered in the United States. Your personal information may be stored and processed in any country where we have facilities or in which we engage service providers, and by using the Website you understand that your information will be transferred to countries outside of your country of residence, including the United States, which may have data privacy or protection rules that are different from those of your country. In certain circumstances, courts, law enforcement agencies, regulatory agencies or security authorities in those other countries may be entitled to access your personal information, including for purposes of national security or law enforcement requirements.
LRN complies with the EU-U.S. Data Privacy Framework program (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework program (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce.
LRN has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF and from the United Kingdom (and Gibraltar) in reliance on the UK Extension to the EU-U.S. DPF.
LRN has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF.
If there is any conflict between the terms in this Privacy Statement and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the DPF Principles shall govern. To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit https://www.dataprivacyframework.gov/.
In compliance with the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF, LRN commits to resolve DPF Principles-related complaints about our collection and use of your personal information. European Union, Swiss and United Kingdom individuals with inquiries or complaints regarding our handling of personal data received in reliance on the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, or the Swiss-U.S. DPF should first contact
privacy@lrn.com
LRN Corporation
Legal Department
41 Madison Avenue, 30th floor
New York, New York 10010
United States
LRN has further committed to refer unresolved privacy complaints under the DPF Principles to an independent dispute resolution mechanism, JAMS (an alternative dispute resolution provider based in the U.S., with several locations in the EU and UK and virtual locations), which is available to address unresolved complaints regarding LRN’s compliance with the DPF Principles. For any issues that cannot be resolved through LRN directly, including if you do not receive timely acknowledgment of your complaint or if your complaint is not satisfactorily addressed, please visit JAMS at https://www.jamsadr.com/eu-us-data-privacy-framework for more information and to file a complaint. This service is provided free of charge to you.
If your DPF complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms. See https://www.dataprivacyframework.gov/s/article/G-Arbitration-Procedures-dpf?tabset-35584=2.
LRN is responsible for the processing of personal data it receives, under the Data Privacy Framework, and subsequent transfers to a third party acting as an agent on its behalf. LRN complies with the DPF Principles for all onward transfers of personal data from the EU, United Kingdom, and Switzerland, including the onward transfer liability provisions.
The Federal Trade Commission has jurisdiction over LRN’s compliance with the EU-U.S. Data Privacy Framework (EU-U.S. DPF) and the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF).
We take other appropriate safeguards to require that the personal information we process will remain protected in accordance with this Privacy Statement when transferred internationally, including when processed internationally by third-party service providers and partners. For personal information from the European Economic Area, the United Kingdom, or Switzerland, in addition to adhering to the DPF Principles, we may implement the European Commission’s standard contractual clauses, rely on general derogations or rely on a third-party service provider’s Binding Corporate Rules or other legally approved mechanism for any transfer of personal data to non-European Economic Area, United Kingdom, or Switzerland third-party service providers or business partners.
Individuals from the EU, the United Kingdom and Switzerland have certain rights based on applicable law in those jurisdictions with respect to their personal data (for purposes of this section, as such term is defined under the GDPR).
In addition to the rights granted under this Privacy Statement, data subjects in the EU, the United Kingdom and Switzerland have the following data protection rights under applicable law subject to various exceptions to and limitations of such laws:
To make a request, please contact us by completing the form located here or by emailing us at privacy@lrn.com with “GDPR Data Subject Request” in the subject line. Provide full details relating to your request, including your contact information and any other details you believe are relevant.
We may ask you for proof of identity when making a request to exercise any of these rights. We do this to make sure that we only disclose information where we know we are dealing with the right individual. We will not ask for a fee, unless we think your request is unfounded, repetitive or excessive. Where a fee is necessary, we will inform you before proceeding with your request.
We aim to respond to all valid requests within 10 business days. It may however take us longer if the request is particularly complicated or you have made several requests. We will let you know if we think a response will take longer than one month. To help us respond more quickly, we may ask you to provide more detail about your request, including what you want to receive or are concerned about.
We may not always be able to do what you have asked, for example if it would impact the duty of confidentiality we owe to others, or if we are otherwise legally entitled to deal with the request in a different way. If for some reason access or another request is denied, we will provide an explanation as to why it is denied.
If you are a California resident, for more information about your privacy rights please see our California Consumer Privacy Statement.
The law requires us to verify that any request submitted was made by someone with the legal right to access the information. Therefore, before accessing or divulging any information pursuant to a data access request, we may request that you provide us with additional information so we can verify your identity and legal authority, particularly where the information provided with the request is insufficient to confirm legal authority and/or identity.
To make a request, please contact us by completing the form located here or by emailing us at privacy@lrn.com with “Data Subject Request” in the subject line and provide full details about your request, including your contact information and anything you believe is relevant. We will provide a response to an access request within the timeframes required by law. If we cannot substantively respond in a timely manner, we will notify you and provide the reason for the delay.
Under certain circumstances, we may not fulfill your request, such as when doing so would interfere with our regulatory or legal obligations, when we cannot verify your identity, if your request involves disproportionate cost or effort as provided under applicable law, or when the law allows or requires us to retain that information. In all such cases, however, we will respond to your request within a reasonable time, as required by law, and provide an explanation.
This Privacy Statement will be reviewed at least every 12 months and updated to reflect our personal information handling practices. We reserve the right to amend this Privacy Statement at any time, for any reason, without additional notice to you, other than through posting the updated Privacy Statement on our Website. We invite you to return to this page to ensure you are informed of any updates we make about how we collect, use, and protect customer information. You can see when this Privacy Statement was last updated by checking the “last updated” date displayed at the beginning of this Privacy Statement.
If you have questions about the way we handle personal information, please contact us at privacy@lrn.com. You may also reach us at:
LRN Corporation
Legal Department
41 Madison Avenue, 30th floor
New York, New York 10010
Toll-Free: 866.439.3071
Updated: June 19, 2024
LRN Corporation and its affiliates (“LRN”, “Company”, “we”, “us”) is committed to protecting your privacy and earning your trust. Since 1994, LRN has helped more than 15 million people in more than 2800 companies worldwide navigate complex legal and regulatory environments and foster ethical cultures. LRN is the trusted long-term partner to more than 400 client companies, including some of the most respected and successful businesses in the world, which has enabled us to create an active and growing community with a common interest. Together we acquire and disseminate proven strategic and tactical insights and develop solutions based on real-world experiences.
When it comes to handling your personal information, consistent with our mission and approach to our Client relationships it is not enough for us to merely comply with the law. We believe it is important to set an example for other companies to follow, which includes diligence and transparency with respect to our management of personal information. This Client Offerings Privacy Statement (“Privacy Statement”) is part of our effort to achieve that.
This Privacy Statement applies to the web sites, services, software applications and products which LRN creates, configures, provides manages and/or hosts on behalf of its business customers (“Clients”) for such products and services, and any derivative products which are developed to work either remotely or on a mobile/tablet device (all of the foregoing offerings collectively “Client Offerings”). It does not apply to any website, mobile app, service, or product that does not display or link to this Privacy Statement or that contains its own privacy statement. For information about how we use personal information we receive in connection with operating our business, including our Website, please visit our Website Privacy Notice.
If you do not agree with our policies and practices set forth in this Privacy Statement, please do not use the Client Offerings. By accessing or using the Client Offerings (and, if you are a Client, by permitting any of your employees, consultants or other authorized users to access or use the Client Offerings), you agree to this Privacy Statement.
As part of the Client Offerings, you may interact with us online (through the Client Offerings) or by email, telephone or ordinary mail and in doing so, you may share your personal information with us. The information received by LRN in delivering the Client Offerings is collected on behalf of our Clients and is processed by us according to the contract with each Client, which contract also governs such Client’s and our ownership or other rights and responsibilities with respect to all such information.
To note, if you are an end user of any of our Client Offerings, our Client that is making the Client Offering available to you is likely to be either your employer, contractor or another business or commercial partner of yours who wanted to provide training or other services to you via a Client Offering. All references in this Privacy Statement to Clients should be considered in that light.
How we collect personal information
Some of the information we collect in connection with our Client Offerings may be considered “personal information” or “personal data” under various applicable laws (referred to herein generally as “personal information,” subject to the definitions provided in the jurisdiction specific sections of this Privacy Statement). We consider information that identifies you as a specific, identified individual (such as your name, phone number, and e-mail address) to be personal information. We will also treat additional information, including IP addresses and cookie identifiers, as personal information where required by applicable law.
We may collect personal information from you directly or indirectly. For example, when your employer or other related company purchases one of our solutions, you or our Client which your account is associated with provide personal information directly to us through your participation in training through our Client Offerings. Other times, personal information may be collected automatically as you use our Client Offerings as we outline in this Privacy Statement. In addition, we also may receive personal information from our Clients or third party vendors or other associates of our Clients.
We collect personal information through the Client Offerings on behalf of our Clients which use our solutions. Our Clients determine what specific personal information is collected, used, stored, shared or deleted within the Client Offerings purchased by them, and the purposes for which such information is processed. LRN acts as a service provider (as such term is defined under the California Consumer Privacy Act as amended by the California Privacy Rights Act (“CCPA/CPRA”)) or data processor (as such term is defined in the General Data Protection Regulation (EU) 2016/679 (the “GDPR”)) (or in a correlative capacity under any other applicable laws pertaining to the privacy and protection of personal information) of this personal information under the terms of our contract with the applicable Client, who is the business (as such term is defined in the CCPA/CPRA) or data controller (as such term is defined under the GDPR) with respect to such personal information. Other than as required to process such information as instructed by our Clients, we make no decisions regarding the personal information we receive from you in connection with the use of the Client Offerings.
The processing of personal information by us on behalf of our Clients is subject to the policies and laws applying to our Clients and our contracts with such Clients. Questions about how a Client uses, shares, or processes your personal information should be directed to such Client. Unless prohibited by law, we will honor our Client’s (which could often be your employer other training provider) instructions with respect to your personal information.
When we collect personal information through our Client Offerings, we do so as a processor, or service provider, as instructed by our Client, the business or controller. Certain data protection laws require that businesses or controllers have a lawful or legal basis for collecting personal information. The lawfulness of our collection of personal information in connection with our Client Offerings is determined by the business or controller with respect to such information, which is our Client. If you have questions about the legal basis or lawfulness of personal information processed in connection with the Client Offerings, please contact that Client (e.g., your employer or other training provider) directly.
You may provide certain kinds of personal information directly by interacting with the Client Offerings (whether you’re an employer or employee or other stakeholder) or offline (by phone, email, mail or in person–for example through discussions with your supervisor).
Depending on the software service, users will provide different types of personal information. The type of personal information we collect is determined by our Client. Access to personal information is strictly limited and requires a username and password, or PIN, helping to secure the information and making ongoing training or incident tracking easier to access and complete.
Types of personal information typically collected include:
The completeness and accuracy of the information shared is the responsibility of the employer or employee or other stakeholder.
When the employer, employee, or any other stakeholder furnishes your personal information to LRN, it shall be construed as an affirmation that consent has been granted to LRN to collect, process, and store such information in connection with the use of the Client offerings.
Purposes of collecting such personal information include delivering training and tracking completion, communication of company policies and compliance tracking and reporting, as well as record-retention and related use.
In very limited circumstances, personal information is collected by automated technologies – such as cookies, beacons, tags, and scripts – within the Client Offering being used. In most cases these Client Offering cookies are required but, in some cases, they may be optional (and subject to settings you can choose). More information about our use of cookies is available here.
Other personal information, such as IP addresses, browser, devices and operating system details may be automatically collected from users of the Client Offerings. Doing so protects and secures the integrity of our systems and the data we process. They may be shared with law enforcement to enforce our rights, ensure the security and integrity of our systems, to assess the usability of our offering or as otherwise required by applicable law.
When we provide our Clients with our Client Offerings, that often requires them to share personal information about their employees, contractors and other authorized users and persons engaging with us. The kinds of personal information typically collected are names, business contact details (such as email addresses), and job titles. When your employer or other training provider or business partner gives us your information, we use it only for the specific purpose for which it was provided pursuant to their instructions. Collecting this personal information helps us deliver our services and comply with Client contracts.
Our Clients determine what personal information is collected by us and how it is used. We are a processor of the personal information collected and process such information solely in accordance with our Client’s instructions. We primarily use it in these ways:
Collecting and using this information allows not only easier, quicker access to our Client Offerings, content, and services on subsequent visits but also allows us to secure the information provided. As users navigate through the Client Offerings, their movements will be tracked and analyzed, allowing us to improve our services, page response times and users’ experiences.
If you provide personal information about others when using our Client Offerings, or others give us your information, its use is limited to the specific purpose for which it was provided. Typically, this includes your name and business contact information email address, job title, geographic location of employer or any other organizational information that our applicable Client utilizes with the Client Offerings.
You may not provide personal information of or about others unless you are authorized or required to do so by applicable law. If applicable law allows you to supply the information, you represent and warrant that you have abided by that law and that it allows us to receive and disclose the information under this Privacy Policy without any further action on our part. You agree to indemnify, defend and hold harmless LRN, our affiliates and each of their subsidiaries, officers, directors, employees and agents for any failure by you to comply with this paragraph.
Please note that personal information we receive within any Client Offering is never sold and only shared with our Client as outlined in this Privacy Statement.
Once your personal information is collected in the Client Offerings, as detailed above, we may share it with third parties for various reasons. As mentioned above, if you are an end user of our Client Offerings, to the extent that these third parties are our Clients, they would typically be your employer or another business with which you are affiliated that is providing training or other Client Offerings of ours to you.
In some cases, we use third parties to help deliver our services to our Clients and their end users. These third parties are restricted by contract from processing any personal information except to provide and deliver those services to us.
Other third parties help us analyze how our Client Offerings are used. Such analysis improves the quality of those services and helps us to deliver them in a timely and functional manner. We may use anonymized or de-identified personal information collected through the Client Offerings to create data sets for our purposes. Those sets may or may not include information that could reasonably be linked to an identifiable individual.
As noted previously, we share your personal information with the applicable Client in accordance with our contract with that Client. When we share personal information with our third-party service providers, we require that third party to protect the information consistent with this Privacy Statement and applicable law and to limit use of the information strictly to performing the services they provide to us.
In the event of a merger, acquisition, reorganization, bankruptcy, or other sale of all or a portion of our assets, any user information controlled by us may be among the assets transferred to third parties as successors in interest. As part of any transaction of this type, we reserve the right to disclose your personal information in the due diligence and negotiation process of such transaction and to transfer or assign your personal information controlled by us to third parties subject to our contract with the applicable Client. Other than to the extent ordered by a bankruptcy or other court, or as otherwise agreed to by you or the applicable Client, the use and disclosure of all transferred user information will be subject to this Privacy Statement.
We may disclose your information to government authorities or other third parties if:
Taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons, we have implemented industry-accepted organizational, physical, and technology-based security measures to protect against loss, misuse, unauthorized access, and alteration of personal information in our systems. We ensure that any employee, contractor, corporation, organization, or vendor who has access to personal information in our systems is subject to legal (including contractual) or professional obligations to safeguard that personal information which obligations are at least as stringent as those undertaken by us under this Privacy Statement.
While we use commercially reasonable, industry-accepted means to protect your personal information, no method of transmission over the Internet or form of electronic storage is completely secure and we cannot guarantee its absolute security.
LRN prohibits unauthorized access or use of personal information stored on its servers. Such access is a violation of law, and we will fully investigate and, where warranted, intend to press charges against any party that has illegally accessed information within our systems.
To learn more about our security control implementations, please click here.
Personal information collected by LRN through our Client Offerings will be retained or deleted as directed by our Clients or as per terms of the contract. Should you have any questions about how long your personal information is retained, please contact the applicable Client (e.g., your employer or other business affiliate of yours that has provided our Client Offering(s) to you) directly.
LRN is headquartered in the United States. Your personal information may be stored and processed in any country where we have facilities or in which we engage service providers, and by using the Client Offerings you understand that your information will be transferred to countries outside of your country of residence, including the United States, which may have data privacy or protection rules that are different from those of your country. In certain circumstances, courts, law enforcement agencies, regulatory agencies or security authorities in those other countries may be entitled to access your personal information, including for purposes of national security or law enforcement requirements.
LRN complies with the EU-U.S. Data Privacy Framework program (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework program (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce.
LRN has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF and from the United Kingdom (and Gibraltar) in reliance on the UK Extension to the EU-U.S. DPF.
LRN has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF.
If there is any conflict between the terms in this Privacy Statement and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the DPF Principles shall govern. To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit https://www.dataprivacyframework.gov/.
In compliance with the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF, LRN commits to resolve DPF Principles-related complaints about our collection and use of your personal information. European Union, Swiss and United Kingdom individuals with inquiries or complaints regarding our handling of personal data received in reliance on the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, or the Swiss-U.S. DPF should first contact
privacy@lrn.com
LRN Corporation
Legal Department
41 Madison Avenue, 30th floor
New York, New York 10010
United States
LRN has further committed to refer unresolved privacy complaints under the DPF Principles to an independent dispute resolution mechanism, JAMS (an alternative dispute resolution provider based in the U.S., with several locations in the EU and UK and virtual locations), which is available to address unresolved complaints regarding LRN’s compliance with the DPF Principles. For any issues that cannot be resolved through LRN directly, including if you do not receive timely acknowledgment of your complaint or if your complaint is not satisfactorily addressed, please visit JAMS at https://www.jamsadr.com/eu-us-data-privacy-framework for more information and to file a complaint. This service is provided free of charge to you.
If your DPF complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms. See https://www.dataprivacyframework.gov/framework-article/G-Arbitration-Procedures.
LRN is responsible for the processing of personal data it receives, under the Data Privacy Framework, and subsequent transfers to a third party acting as an agent on its behalf. LRN complies with the DPF Principles for all onward transfers of personal data from the EU, United Kingdom, and Switzerland, including the onward transfer liability provisions.
The Federal Trade Commission has jurisdiction over LRN’s compliance with the EU-U.S. Data Privacy Framework (EU-U.S. DPF) and the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF).
We take other appropriate safeguards to require that the personal information we process will remain protected in accordance with this Privacy Statement when transferred internationally, including when processed internationally by third-party service providers and partners. For personal information from the European Economic Area, the United Kingdom, or Switzerland, in addition to adhering to the DPF Principles, we may implement the European Commission’s standard contractual clauses, rely on general derogations or rely on a third-party service provider’s Binding Corporate Rules or other legally approved mechanism for any transfer of personal data to non-European Economic Area, United Kingdom, or Switzerland third-party service providers or business partners.
As mentioned above, we receive personal information through our Client Offerings as processors or service providers for our Clients, who, as controllers or businesses, determine the lawfulness of our collection and the purpose for the processing. The personal information collected from end users of the Client Offerings is managed by the Client according to their own internal policies and procedures.
Accordingly, anyone seeking to exercise data protection rights granted by applicable law should direct their request to the relevant company or organization that is our Client (typically their employer or other business affiliate of theirs that has provided our Client Offering(s)).
Inquiries made to LRN requesting access, alteration or deletion of personal information or other requests under applicable law will be forwarded to our applicable Client for resolution. LRN is not permitted to respond substantively to any such requests but will support our Clients in their obligations in respect of such requests, unless otherwise required by law.
Certain data protection laws of the EU (GDPR), United Kingdom (Data Protection Act 2018) and Switzerland (Swiss Federal Data Protection Act) provide that controllers of personal information honor certain rights granted to data subjects who reside in the applicable country. As noted previously, LRN is a data processor to its Clients who are data controllers under these laws in jurisdictions where they are applicable. LRN is fully committed to supporting its Clients in their compliance with applicable law. If you are a data subject from the European Union, United Kingdom or Switzerland, and wish to exercise your rights in relation to personal data LRN may have collected on behalf of its Client, please contact that Client directly to exercise your rights.
Notwithstanding the foregoing, if you have questions or complaints about the way we handle personal information, please contact us via the below contact details. We will promptly manage any complaints received from an individual.
privacy@lrn.com
LRN Corporation
Legal Department
41 Madison Avenue, 30th floor
New York, New York 10010
United States
If we receive a request from a data subject that is properly directed to one of our Clients, provided you supply us with sufficient information to identify the relevant Client then we will refer the request to that Client for review and response.
The CCPA/CPRA provides specific rights to those who live in California and requires that businesses subject to CCPA/CPRA ensure those rights are honored. Certain LRN Clients may be subject to CCPA/CPRA and LRN is committed to supporting its Clients in their compliance therewith. If you are a California resident and wish to exercise your rights in relation to personal information LRN may have collected on behalf of its Client (which may be your employer, contractor or other business or commercial partner), please contact that Client directly to exercise your rights. If we receive a request under the CCPA/CPRA from a California resident that is properly directed to one of our Clients, we will refer the request to that Client for review and response.
This Privacy Statement will be reviewed at least every 12 months and updated to reflect our personal information handling practices. We reserve the right to amend this Privacy Statement at any time, for any reason, without additional notice to you, other than through posting the updated Privacy Statement within our Client Offerings. We invite you to return to this page to ensure you are informed of any updates we make about how we collect, use, and protect personal information on behalf of our Clients. You can see when this Privacy Statement was last updated by checking the “last updated” date displayed at the beginning of this Statement.
If you have questions about the way we handle personal information, please contact us at privacy@lrn.com. You may also reach us at:
LRN Corporation
Legal Department
41 Madison Avenue, 30th floor
New York, New York 10010
Toll-Free: 866.439.3071
Updated: June 19, 2024
This California Consumer Privacy Statement (“CA Privacy Statement”) supplements LRN’s Website Privacy Statement https://lrn.com/privacy-policy . This CA Privacy Statement applies to California consumers, including visitors of LRN’s Website and representatives of LRN’s Clients and business partners whose personal information is processed by LRN for purposes of its business. This CA Privacy Statement does not apply to LRN’s personnel or job applicants, or to end users of LRN’s Client Offerings (whose personal information is processed by LRN on behalf of its Clients as outlined in LRN’s Client Offerings Privacy Statement https://lrn.com/privacy-policy).
This CA Privacy Statement uses certain terms that have meanings given to them in the California Consumer Privacy Act of 2018 (as amended by the California Privacy Rights Act of 2020) and its implementing regulations (collectively, the “CCPA/CPRA”).
We may collect (and may have collected from and after January 1, 2022) the following categories of personal information about you:
We may use (and may have used from and after January 1, 2022) the categories of personal information listed above for the purposes described in the LRN Website Privacy Statement and for the following Business Purposes as described in the CCPA/CPRA:
LRN does not collect or process, and has not collected or processed, sensitive personal information with the purpose of inferring characteristics about consumers or otherwise used or disclosed sensitive personal information for purposes to which the right to limit use and disclosure applies under the CCPA/CPRA.
We will retain your personal information for the time period reasonably necessary to achieve the purposes described in our Website Privacy Statement and this CA Privacy Statement, or any other notice provided at the time of collection, taking into account applicable statutes of limitation and records retention requirements under applicable law.
From and after January 1, 2022, we may have obtained personal information about you from the following categories of sources:
We do not sell your personal information in exchange for monetary compensation. We may disclose your personal information by allowing certain third parties (such as online advertising services, advertising networks and social networks) to collect personal information via automated technologies on our Website for cross-context behavioral advertising purposes. Under California law, these kinds of disclosures may be considered a “sale” when the personal information is exchanged for non-monetary consideration, or “sharing” when the personal information is disclosed for cross-context behavioral advertising purposes. You have the right to opt out of these types of disclosures of your information.
We may sell or share for cross-context behavioral advertising purposes (and may have sold or shared from and after January 1, 2022) the following categories of personal information about you to online advertising services, advertising networks and social networks:
We do not have actual knowledge that we sell or share the personal information of minors under 18 years of age.
From and after January 1, 2022, we may have disclosed each of the following categories of personal information about you for a business purpose:
to each of the following categories of third parties:
In addition to the categories of third parties identified above, from and after January 1, 2022, we may have disclosed personal information about you to government entities (e.g., in response to law enforcement requests) and third parties in connection with corporate transactions (e.g., mergers, acquisitions, joint venture, reorganization, divestitures, dissolution or liquidation).
You have certain choices regarding your personal information, as described below.
Access: You have the right to request, twice in a 12-month period, that we disclose to you the personal information we have collected, used, disclosed and sold or shared about you during the past 12 months or such longer period as may be required under the CCPA/CPRA.
Correction: You have the right to request that we correct the personal information we maintain about you if that information is inaccurate.
Deletion: You have the right to request that we delete certain personal information we have collected from you.
Opt-Out of Sale or Sharing: You have the right to opt-out of the sale of your personal information or the sharing of your personal information for cross-context behavioral advertising purposes.
To submit a request to access, correct, or delete your personal information, please complete the form located here or email us at privacy@lrn.com, with “CA Data Subject Request” in the request details or subject line and provide full details about your request, including your contact information, or call us toll-free at 866.439.3071.
To opt-out of the sale or sharing of your personal information, complete the form located here or email us at privacy@lrn.com, with “CA Data Subject Request” in the request details or subject line and provide full details about your request, including your contact information. You may also opt-out of the sale or sharing of your personal information by using the Global Privacy Control signal.
You can designate an authorized agent to make a request under the CCPA/CPRA on your behalf if (a) the authorized agent is a natural person or a business entity and the agent provides proof that You gave the agent signed permission to submit the request; and (b) You directly confirm with LRN that you provided the authorized agent with permission to submit the request. If you provide an authorized agent with power of attorney pursuant to Probate Code sections 4121 to 4130, it may not be necessary to perform these steps and we will respond to any request from such authorized agent in accordance with the CCPA/CPRA. To submit a request as an authorized agent on behalf of a consumer, please email us at privacy@lrn.com with the subject line “Authorized Agent CA Privacy Request.”
To help protect your privacy and maintain security, we will take reasonable steps to verify your identity before granting you access to your personal information or complying with your request. For example, if you have an online account with us, we may verify your identity by requiring you to sign into your account. Alternatively, or if you do not have an online account with us, we may require you to provide us information to enable us to verify your identity, for example your corporate email address, phone number, or job title. In addition, if you ask us to provide you with specific pieces of personal information, we may require you to sign a declaration under penalty of perjury that you are the consumer whose personal information is the subject of the request.
If you designate an authorized agent to make a request on your behalf, depending on whether you have an online account with us, we may require that you verify your identity as set forth above. We also may require you to provide the authorized agent a written confirmation that you have authorized the agent to act on your behalf and the scope of such authorization.
If we are unable to verify that the individual submitting the request is the same individual about whom we have collected information (or someone authorized by that individual to act on their behalf), we will not be able to process the request.
LRN does not share personal information with third parties for their direct marketing purposes (as defined by California Civil Code Section 1798.83).
If you are a California resident and you have questions about our practices with respect to sharing information with third parties for their direct marketing purposes and your ability to exercise choice, please send your request as provided below under the caption “Additional information.”
If you choose to exercise any of your rights under the CCPA/CPRA, you have the right to not receive discriminatory treatment by us. To the extent permitted by applicable law, we may charge a reasonable fee to comply with your request. For questions or concerns about our privacy policies and practices, please contact us at privacy@lrn.com. You may also call us at 866.439.3071 or mail us at 41 Madison Avenue, 30th floor, New York, New York 10010, Attn: Data Protection Officer
Updated: June 19, 2024
In addition to cookies that are strictly necessary to operate this website, we use the following types of cookies to improve your experience and our services: Personalization cookies to enhance your experience (e.g. remember settings), Essential cookies required to enable basic website functionality, Advertising/Targeting cookies, which are set by third parties with whom we execute advertising campaigns and allow us to provide you with advertisements relevant to you and Analytics cookies, which help us understand how its website performs, how visitors interact with the site.
You may withdraw your consent to cookies at any time once you have entered the website through a link to our Manage preferences or you can find Cookie Settings icon at the left bottom of each page on the website.
This website https://lrn.com (“the website”) uses cookies, pixel tags, Web Beacons, and other web technologies such as CAPTCHA’s to improve the website’s performance, to enhance your browsing experience and to protect the website against spam robots. Certain areas of the website also use cookies to understand more about you, so we can offer you more personalized browsing experience. We use a simple counter, without storing any information on your device, to count the number of visitors who accept or decline our cookies.
You can find out more about cookies and how to manage them in the information below. You can change your cookie settings and disable some or all cookies for the website at any time at our Cookie Settings page (click button on the left side bottom of the page). As described in our Privacy Policy you can also change your browser settings and take other actions so that cookies cannot be placed on your device.
If you have any questions in relation to the cookies we use, please contact us.
LRN occasionally advertises on third-party web sites. As part of our effort to track the success of our advertising campaigns, we may at times use a visitor identification technology such as “web beacons”, or “action tags”, which count visitors who have come to the website after being exposed to an LRN banner ad on a third-party site. We do not use this technology to access your personal information and it is only used to compile aggregated statistics about visitors who come to the website to gauge the effectiveness of our ads.
A “cookie” is a technology that allows the website to store tokens of information (an “identifier”) in your browser used by the website while you are on the website. Cookies are then sent back to the website on each subsequent visit, or to another webpage that recognizes that cookie. Cookies are used in order to make the website work, or to work more efficiently, as well as to provide information to the owners of the website.
Cookies do lots of different jobs, like letting you navigate between pages efficiently, remembering your preferences, and generally improving the user experience. Cookies may tell us, for example, whether you have visited the website before or whether you are a new visitor. They can also help to ensure that adverts you see online are more relevant to you and your interests.
When landing on the website, you have been given the opportunity to accept cookies used on the website, to accept certain categories of cookies and decline others, or to decline all cookies. If you have accepted our use of some or all cookies, the following information relates to cookies used on our website only and not to cookies that may be used by third party sites linked from our website.
There are two broad categories of cookies:
Cookies can remain on your computer or mobile device for different periods of time. Some cookies are “session cookies”, meaning that they exist only while your browser is open. These are deleted automatically once you close your browser. Other cookies are “permanent cookies”, meaning that they survive after your browser is closed. They can be used by the website to recognize your computer when you open your browser and browse the Internet again.
The website uses cookies that perform four functions, as classified below:
In addition, we also utilize cookies on certain pages of the website to communicate with third party data suppliers in order to extrapolate your digital behavior. This helps us to understand and target more relevant advertising in the future. The information we receive is all aggregated and anonymous, but will include statistics such as demographics, online behavior, product interests and lifestyle.
Targeting and tracking cookies are provided via trusted third party suppliers. Should you require more information regarding our suppliers and how these cookies operate please contact us.
You have the right to choose whether or not to accept cookies and we explain how you can exercise this right below. However, please note that if you choose to refuse cookies you may not be able to use the full functionality of the website.
You can change your cookie settings at any time at our Cookie Settings page (click button on the left side bottom of the page).
As an alternative, you can block cookies by activating the setting on your browser that allows you to refuse the setting of all or some cookies. However, if you use your browser settings to block all cookies (including essential cookies) you may not be able to access all or parts of our website. Our Privacy Policy describes changes you can make to your browser settings and other actions you can take so that cookies cannot be placed on your device.
If you accept some or all cookies on the website you still have the option of setting your browser to notify you when you receive a cookie, so that you may determine whether to accept it or not.
If you have disabled one or more cookies, we may still use information collected from cookies prior to your disabled preference being set; however, we will stop using the disabled cookie to collect any further information.
We will occasionally update this Cookie Statement to reflect changes in our practices and services. When we post changes to this Cookie Statement, we will revise the “Updated” date at the top of this Cookie Statement. If we make any material changes in the way we collect, use, and/or share information held in cookies, we will notify you by prominently posting notice of the changes on the website. We recommend that you check this page from time to time to inform yourself of any changes in this Cookie Statement or any of our other policies.