Common use of Additional Data Security Measures Clause in Contracts

Additional Data Security Measures. [Box 30] See Vendor's Privacy Policy and associated information. DATA GOVERNANCE LETTER Imagine Learning® (hereafter “we”, “us”, “our”) hereby informs you that we share the following information with the following third parties: • Our products and services are hosted in Amazon Web Services (AWS) and Microsoft Azure. Both providers are certified and compliant with a number of standards, including FERPA, ISO 27001, NIST 800, SOC II, and many others (for details, please visit xxxxx://xxx.xxxxxx.xxx/compliance/ and xxxxx://xxx.xxxxxxxxx.xxx/en-us/trustcenter/compliance, respectively). In providing our products and services to you, PII and non-PII is stored and processed in these environments. • We provide Lexile assessment tools within our Imagine Language & Literacy product, and we have partnered with MetaMetrics® to provide this service. If a school or district participates in these in-product assessments, we are obligated to provide MetaMetrics® with non-PII information regarding how many Imagine Learning users have completed an assessment. No directory or otherwise personally-identifiable information is shared. • Xxxxxxx.xx provides Imagine Learning with centralized logging services. Although efforts are made to reduce the amount of PII stored, some identifying information is required to make troubleshooting and audit trails possible. Logs are retained for a rolling window of 30 days and purged thereafter. It should also be noted that the actual servers hosting this service are running in AWS (with its accompanying compliance and safeguards), and that we control the access keys. Xxxxxxx.xx is not authorized to access the data without our permission.

Additional Data Security Measures. As described in Imagine Learning's Privacy Policy (xxxxx://xxxxxxxxxxxxxxx.xxx/privacy/policy) [Box 30] See Vendor's Privacy Policy and associated information. DATA GOVERNANCE LETTER Imagine Learning® (hereafter “we”, “us”, “our”) hereby informs you that we share the following information with the following third parties: • Our products and services are hosted in Amazon Web Services (AWS) and Microsoft Azure. Both providers are certified and compliant with a number of standards, including FERPA, ISO 27001, NIST 800, SOC II, and many others (for details, please visit xxxxx://xxx.xxxxxx.xxx/compliance/ and xxxxx://xxx.xxxxxxxxx.xxx/en-us/trustcenter/compliance, respectively). In providing our products and services to you, PII and non-PII is stored and processed in these environments. • We provide Lexile assessment tools within our Imagine Language & Literacy product, and we have partnered with MetaMetrics® to provide this service. If a school or district participates in these in-product assessments, we are obligated to provide MetaMetrics® with non-PII information regarding how many Imagine Learning users have completed an assessment. No directory or otherwise personally-identifiable information is shared. • Xxxxxxx.xx provides Imagine Learning with centralized logging services. Although efforts are made to reduce the amount of PII stored, some identifying information is required to make troubleshooting and audit trails possible. Logs are retained for a rolling window of 30 days and purged thereafter. It should also be noted that the actual servers hosting this service are running in AWS (with its accompanying compliance and safeguards), and that we control the access keys. Xxxxxxx.xx is not authorized to access the data without our permission.