Below are definitions for key terms that are used in our Terms of Service and both our Services Privacy Policy and Website Privacy Policy.
Application Data Caches
An application data cache is a data repository on a device. It can, for example, enable a web application to run without an internet connection and improve the performance of the application by enabling faster loading of content.
Behaviorally-targeted advertising
Behaviorally-targeted advertising is defined by the Digital Advertising Alliance (DAA) as "the collection of data online from a particular computer or device regarding Web viewing behaviors over time and across non-affiliate Web sites for the purpose of using such data to predict user preferences or interests to deliver advertising to that computer or device based on preferences or interests known or inferred from the data collected." Behaviorally-Targeted Advertising does not include i) Contextual Targeting; ii) advertising or marketing to an individual in response to that individuals specific request for information or feedback; or iii) processing personal information solely for measuring or reporting advertising performance, reach or frequency.
The definition has largely been accepted by the Federal Trade Commission, and is described in similar fashion in its Self-Regulatory Principles for Online Behavioral Advertising. This type of advertising is precluded by the Children’s Online Privacy Protection Act (COPPA) for children under 13 without prior, verifiable parental consent, as well as by the existing self-regulatory advertising groups, including DAA and the Network Advertising Initiative (NAI).
*Also see the definition of targeted advertising in our Student Data Protection Addendum for more information on the prohibition of using Student Data for targeted advertising to students.
Contextual targeting
Contextual targeting (also referred to as contextually relevant advertising) is defined by DAA as advertisements that are delivered “based on the content of a Web page, a search query, or a user’s contemporaneous behavior on the Web site.” NAI expands a bit further explaining, “the ad selected depends upon the content of the page on which it is served, or ‘first party’ marketing in which ads are customized or products are suggested based on the content of the page or users’ activity on the page (including the content they view or the searches they perform).”
The FTC echoes this in policy statements and in comments surrounding COPPA. There, the FTC notes that contextual targeting, “is more transparent and presents fewer privacy concerns as compared to the aggregation and use of data across sites and over time for marketing purposes.” Contextual targeting is permitted under COPPA.
Cookies and similar technologies
Cookies
A cookie is a small text file containing a string of characters that is placed on your browser or device when you visit a website. When you visit the website again, the cookie allows that site to recognize your browser. Cookies may store user preferences and other information. Cookies may involve the transmission of information from us to you and from you directly to us, to another party on our behalf, or to another party in accordance with its privacy policy. For example, cookies can store your session information for easy sign-in to a website or your language preferences or may allow sites to record your browsing activities – like what pages and content you’ve looked at, when you visited, and whether you clicked on a piece of content. The site or service that places a particular cookie has permission to read the contents of that cookie each time it communicates with your browser. Some cookies are set by the site you are visiting, and others are set by that site’s service partners.
Cookies may be placed in your browser by third-party advertising companies when you view content off of our site (such as an embedded YouTube video) to help deliver the ads you see online. These “third-party cookies” may be used to “remember” parts of your online activities in order to deliver ads tailored to your interests. For example, if you read an article online about running, a cookie may be used to note your interest in running. As you continue to surf the web, you may see coupons to save money on running shoes. We do not allow any third parties to place cookies on our Platform for advertising purposes in any areas where a student or child is using our Services and is logged into his or her account.
Please see our Online Tracking Technologies Policy for more information.
Other similar technologies
Other technologies are used for similar purposes as a cookie on other platforms where cookies are not available or applicable, such as the Advertising ID available on Android mobile devices and the Identifiers for Advertiser (“IDFA’) on iOS devices. Most modern mobile devices (iOS, Android, and Windows 10 and above) provide mobile advertising identifiers. These are randomly-generated numbers that are associated with your device that often come with options to reset the identifier and opt-out of advertising across apps (“Cross-App Advertising”) and in some cases (such as with the IDFA) opt-in to advertising. They are included to provide advertisers a method to identify your devices without using a permanent device identifier, like your phone’s serial number. We do not use any of these technologies on our Platform in any areas where a student or child is using our Services and is logged into his or her Account.
We do not use any of these technologies where a student or child using our service is logged into his or her account.
Learn more about how Blueprint uses cookies in our Online Tracking Technologies Policy.
De-Identified
De-Identified or De-Identified Data is information that has all direct and indirect personal identifiers removed such that the data cannot reasonably be used to identify, describe, or contact an individual. This includes, but is not limited to, persistent unique identifiers, name, ID numbers, and date of birth.
For EU residents, anywhere we use the term De-Identified, we will apply the General Data Protection Regulation (GDRP) definition of "pseudonymization" which states that pseudonymization is "the processing of personal data in such a way that the data can no longer be attributed to a specific data subject without the use of additional information.” Additionally, consistent with the GDPR, we will ensure that the “additional information” is kept separately and subject to technical and organizational measures to ensure non-attribution to an identified or identifiable person.
Blueprint commits to maintaining and using De-Identified Data only in a de-identified form and will not attempt to re-identify the information, except that the Blueprint may attempt to re-identify the information solely for the purpose of determining whether or not its de-identification processes are sufficient.
Device
A device is a computer that can be used to access our website or services. For example, a device could be a desktop, tablet or smartphone.
Educational Purposes
Consistent with the Student Privacy Pledge, ‘educational or school purposes’ are services or functions that customarily take place at the direction of the educational institution/agency or their teacher/employee, for which the institutions or agency would otherwise use its own employees, and that aid in the administration or improvement of educational and school activities (e.g., instruction, administration, and development and improvement of products/services (including new products) intended for educational/school use). Additionally, consistent with the Student Privacy Pledge, this does not preclude the use of student personal information for adaptive learning or customized student learning or education purposes. We also consider “educational purposes” to be services or functions that a child’s parent or legal guardian directs Blueprint (such as through setting up their child’s account, or otherwise providing their consent to us) to provide to their child for educational or learning activities outside of school (e.g. learning activities at home).
Education Records
Education records shall have the meaning set forth under the Family Educational Rights and Privacy Act (“FERPA”) cited as 20 U.S.C. § 1232g(a)(4); 34 CFR Part 99. Certain Student Data elements will also be considered education records.
HTTP referrer
An HTTP Referrer is information transmitted to a destination webpage by a web browser, typically when you click a link to that webpage. The HTTP Referrer contains the URL of the last webpage the browser visited.
IP address
Every device connected to the Internet is assigned a number known as an Internet protocol (IP) address. These numbers are usually assigned in geographic blocks and are typically controlled by your Internet Service Provider (ISP), your company, or your university. An IP address may be used to identify the location from which a device is connecting to the Internet. IP address can be used to combat fraud and compliance with geographical legal restrictions and can be used to target advertising. When Blueprint stores an IP address, we store it in truncated or encrypted form. Additionally, we only use IP address information collected from students under 13 for internal business purposes.
Local storage
Local storage enables websites to store and retrieve data in a browser on a device. When used in “local storage” mode, it enables data to be stored across sessions (for example, so that the data are retrievable even after the browser has been closed and reopened). One technology that facilitates web storage is HTML 5. Other technologies include local shared objects, sometimes known as “Flash Cookies”. For more information, please see our Online Tracking Technologies Policy.
Mobile application
A mobile application or mobile “app” is an application software designed to run on mobile devices, such as smartphones and tablet computers. Mobile apps frequently serve to provide users with similar services as those accessed on PCs. Mobile apps differ from desktop applications that run on desktop computers, and with web applications which run in web browsers in that they run directly on the mobile device.
Non-personally Identifiable Information
This is information that on its own does not permit direct association with any specific individual. For example, we consider the following to be non-personally identifiable information: your zip code, approximate location (e.g. region, city, zip), your browser type, and non-unique device identifiers. We also consider aggregated, de-identified and/or anonymized data to be non-personally identifiable information. Anything that is personal information is excluded from the definition of non-personal information. Not all jurisdictions have the same definition for personal information and non-personally identifiable information.
Persistent identifiers
This is a persistent and unique identifier that can be used to recognize a user over time and across different websites or online services. For example, this can be an IP address, a unique device identifier or a device serial number.
Personal Information
Personal information is data that can be used to identify or contact a particular individual, such as the individual’s name, email address or billing information, or other data which can be reasonably linked to that data or to that individual’s specific computer or device. When anonymous or non-personal information is directly or indirectly linked with personal information, this anonymous or non-personal information is also treated as personal information. We will consider persistent identifiers that are not anonymized, De-Identified or aggregated as personal information. Not all jurisdictions have the same definition for personal information and non-personally identifiable information. Additionally, please check here for the definition of personal information under the Children’s Online Privacy Protection Act (“COPPA”) which we follow for any personal information collected from children under 13. Please also see the COPPA FAQ for more information.
If you are a resident of California, we follow the definition of personal information as set forth under the California Consumer Privacy Act of 2018 as amended (“CCPA), and its implementing regulations, including amendment by the California Privacy Rights and Enforcement Act of 2020 (“CPRA”) and its implementing regulations.
Pixel tag
A pixel tag is a type of technology placed on a website, or within the body of an email for the purpose of tracking activity on websites or when emails are opened or accessed, and is often used in combination with cookies. Pixel refers to the software code that is placed within a web page in order to trigger the placing of cookies and transmits information to us or our third party service providers. This enables two websites to share information. The resulting connection can include information such as a device’s IP address, the time a person viewed the pixel, an identifier associated with the browser or device, the type of browser being used and the URL of the web page from which the pixel was viewed. A pixel tag is also known as a web beacon or Clear GIFs. There may or may not be a visible graphic image associated with the pixel, and often the image is designed to blend into the background of a web page or email.
Sell
“Sell” or “selling”, consistent with the Student Privacy Pledge, does not include or apply to a purchase, merger or other type of acquisition of a company by another entity, provided that the company or successor entity continues to treat the personal information in a manner consistent with our Blueprint Services Privacy Policy with respect to the previously acquired personal information.
Sell also does not include sharing, transferring or disclosing of Student Data or other personal information with a service provider that is necessary to perform a business purpose (such as detecting security incidents, debugging and repairing, analytics, storage or other processing activities) provided that the service provider does not further use or sell the Student Data or Personal Information except as necessary to perform the business purpose. Blueprint is also not “selling” personal information if a user directs Blueprint to intentionally disclose Personal Information or uses Blueprint to intentionally interact with a third party, provided the third party does not also sell the personal information.
If you are a resident of California, we follow the definition of sell or sale as set forth under the California Consumer Privacy Act of 2018 as amended (“CCPA) and its implementing regulations, including amendment by the California Privacy Rights and Enforcement Act of 2020 (“CPRA”) and its implementing regulations.
Sensitive Personal Information
“Sensitive Personal Information” is a specific category of Personal Information that includes Personal Information that reveals: (a) A consumer’s social security, driver’s license, state identification card, or passport number (b) A consumer’s account log-in, financial account, debit card, or credit card number in combination with any required security or access code, password, or credentials allowing access to an account (c) A consumer’s precise geolocation (within 1,850 feet) (d) A consumer’s racial or ethnic origin, citizenship, immigration, religious or philosophical beliefs, or union membership (e) The contents of a consumer’s mail, email, and text messages unless the business is the intended recipient of the communication (f) A consumer’s genetic data.
Server log data
Like most websites, our servers automatically record the page requests made when you visit our websites. These “server logs” or “log data” typically include your web request, IP address, browser type, browser language, the date and time of your request and one or more cookies that may uniquely identify your browser.
Share or Sharing
Share,” “shared,” or “sharing” means sharing, renting, releasing, disclosing, disseminating, making available, transferring, or otherwise communicating orally, in writing, or by electronic or other means, personal information to a third party for cross-context behavioral advertising, whether or not for monetary or other valuable consideration.
Student Data
“Student Data” means any Personal Information, whether gathered by Blueprint or provided by a school or its users, students, or students’ parents/guardians for a school purpose, that is descriptive of the student including, but not limited to, information in the student’s educational record or email, first and last name, birthdate, home or physical address, telephone number, email address, or other information allowing physical or online contact, discipline records, videos, test results, special education data, juvenile dependency records, grades, evaluations, criminal records, medical records, health records, social security numbers, biometric information, disabilities, socioeconomic information, food purchases, political affiliations, religious information text messages, documents, student identifies, search activity, photos, voice recordings, geolocation information, or any other information or identification number that would provide information about a specific student. To the extent U.S. law applies, Student Data may include Education Records. Student Data as specified in Exhibit A to our Student Data Privacy Addendum is confirmed to be collected or processed by Blueprint pursuant to our Services. Student Data shall not include De-Identified Data or information that has been anonymized, or anonymous usage data regarding a student’s use of our Services.
Unique device identifier
A unique device identifier (sometimes called a universally unique ID or UUID) is a string of characters that is incorporated into a device by its manufacturer and can be used to uniquely identify that device (for example an IMEI-number of a mobile phone). Different device identifiers vary in how permanent they are, whether they can be reset by users, and how they can be accessed. A given device may have several different unique device identifiers. Unique device identifiers can be used for various purposes, including security and fraud detection, syncing services such as a user’s email inbox, remembering the user’s preferences and providing relevant advertising.