Effective August 31, 2023

Lightspeed Systems has updated its Privacy Policy as follows:

• Cookies and Other Technologies:
  • Added a link to our Cookie-Richtlinien for additional details on how we handle cookies on our websites
• Added Supplemental Notice for Virginia Data Subjects and their rights under the Virginia Consumer Data Protection Act (“VCDPA”)
• International Data Transfers:
  • Added language detailing Lightspeed Systems’ affirmative commitment to comply with the new EU-U.S. Data Privacy Framework (DPF) and the UK Extension to the EU-U.S. Data Privacy Framework, which replaced Privacy Shield.
  • Added clarifying language to:
    • inform individuals about the possibility, under certain conditions, for the individual to invoke binding arbitration, following the procedures and subject to conditions set forth in Anhang I der DPF-Grundsätze
    • Inform individuals about Lightspeed Systems’ liability in cases of onward transfers to third parties
  • Dispute resolution: Updated alternative dispute resolution provider to Streitbeilegungsverfahren für nationale Programme der BBB

At Lightspeed Systems, we care deeply about your privacy and are committed to being transparent about our privacy practices.

We encourage you to read the full Datenschutzrichtlinie to get more detailed information of our data privacy practices.
Please feel free to contact us with any questions or concerns at [email protected]

Effective December 19th, 2022

Lightspeed Systems has updated its Privacy Policy as follows:

• Added California Privacy Rights Act (CPRA) language under the ‘California Privacy Rights’ section. CPRA is the new California law which amends and expands on the CCPA effective Jan 1, 2023.
• Added the following clarifying language (in italics) on how data is shared with 3^rd parties in the ‘Third Parties – How We May Share Your Data’ section:

Third Parties Supporting our Offerings: Agents and service providers (sub-processors) that act on our behalf to support our services, such as technology services (e.g. web hosting and analytics services), subject to confidentiality obligations set out in the executed contracts with the service providers. We contractually prohibit our service providers from retaining, using, or disclosing information about you for any purpose other than performing the services for us. Please note that these providers have no access to sensitive student data – strict access controls are in place. Additional information about the sub-processors we use to support our service delivery can be found on our Security and Compliance Seite

• Added the following heading and the following language under the ‘Student Safety’ section”

COPPA and Children Under 13

• Students are not allowed to sign up for any Lightspeed Systems solutions.

• Added SDPC and Student Privacy Pledge as its own heading as follows:
  • Wir sind ein Konsortium für den Datenschutz bei Studierenden Unterzeichner und haben unterschrieben Datenschutzverpflichtung für Studierende
• Added the following language under the “Security: How We Store & Protect Your Information” section:
  • Users cannot communicate with untrusted users via our platforms. No personal information is displayed publicly.

Review the full Privacy Policy at: https://www.lightspeedsystems.com/privacy-policy/

Effective June 23rd, 2022

• Updated Lightspeed Systems physical address in the ‘Contacting Lightspeed Systems section to: 12013 Fitzhugh Rd, Austin, TX 78736, USA

Review the full Privacy Policy at: https://www.lightspeedsystems.com/privacy-policy/

Effective May 10th, 2022

Lightspeed Systems has updated its Privacy Policy as follows:

• Added the following language in the ‘California Privacy Rights’ section:

How and when we are expected to handle your request

Wir bestätigen Ihnen den Eingang Ihres verifizierbaren Antrags innerhalb von 10 Tagen und informieren Sie über die weitere Bearbeitung Ihres Antrags.

We will respond to your request within 45 days of its receipt. Should we need more time, we will explain to you the reasons why, and how much more time we need. Should we deny your request, we will explain to you the reasons behind our denial.

We do not charge a fee to process or respond to your verifiable request unless such request is manifestly unfounded or excessive. In such cases, we may charge a reasonable fee, or refuse to act on the request. In either case, we will communicate our choices and explain the reasons behind them.

• Added the following language under the ‘How to Contact Lightspeed Systems’ section:
  • Wir sind ein Konsortium für den Datenschutz bei Studierenden signatory

Review the full Privacy Policy at: https://www.lightspeedsystems.com/privacy-policy/

Effective June 4th, 2021

Lightspeed Systems has updated its privacy policy as follows:

• Added the following language under the ‘Applicability of This Privacy Policy’ section:
  • Bitte beachten Sie, dass jede Schule ihre Instanz der Dienste und alle damit verbundenen Daten, die innerhalb dieser Instanz verarbeitet werden („Schuldaten“), kontrolliert. Wenn Sie Fragen zu den Datenschutzpraktiken einer Schule haben, wenden Sie sich bitte an die jeweilige Schule. Weitere Informationen darüber, wer für die Daten verantwortlich ist und unter welchen Umständen, finden Sie in der „Ihre Rechte in Bezug auf Ihre Daten“ Abschnitt weiter unten.
• Added California Privacy Rights Act (CCPA) Notification under the ‘California Privacy Rights’ section.
  • Added the CCPA table detailing the categories of personal information collected by Lightspeed Systems and categories of 3^rd parties to whom information is shared/disclosed for business purpose
• Added ‘Supplemental Notice for Nevada Residents’
• Added the following language under the ‘Your Data: How We Collect and Use Information’ section:
  • Mitarbeiter- und Stellenbewerbungen: Please see our Datenschutzrichtlinie für Bewerber und Mitarbeiter
• Added contact details for Lightspeed Systems EU and UK GDPR representatives under the ‘European Union and United Kingdom’ section, pursuant to the GDPR Article 27 requirements.

Effective December 18th, 2020

Lightspeed Systems has updated its privacy policy as follows:

• Added the following language under the ‘Security: How We Store and Protect Your Information’ section:
  • “For more detailed information on our data security practices, please visit our Trust page”

Review the full Privacy Policy at: https://www.lightspeedsystems.com/privacy-policy/

Effective July 28th, 2020

Lightspeed Systems has updated its privacy policy as follows:

• We updated Section 10 to address the invalidation of the Privacy Shield by the European Court of Justice.
• Effective April 13th, 2020
• Lightspeed Systems has updated its privacy policy as follows:
• We improved the format of our privacy policy to make it easier to find and understand the information relevant to you.
• We added Section 1 ‘Applicability of This Privacy Policy’ to describe what our policy applies to.
• We added Section 6 to address California Consumer Privacy (CCPA) rights
• We rearranged and inserted Section 8 to make it clear how long we retain your information
• We updated Section 9 – Data Retention: We removed “or within 90 days” to clarify analytics, reporting and logging data may be kept longer than 90 days to fulfil service agreements.
• We added Section 10 to address both European Union and United Kingdom
• We added Section 11 to address our Legal Basis of Processing Information
• We added the following language under the ‘How To Contact Lightspeed Systems’ section: We have signed the Datenschutzverpflichtung für Studierende!

Review the full Privacy Policy at: https://www.lightspeedsystems.com/privacy-policy/

Effective July 10th, 2020

Lightspeed Systems has updated its privacy policy as follows:

• Added a link to our COPPA Notice under the ‘Student Safety’ as follows:
  • Please read Lightspeed’s COPPA Notice here

Effective November 2019

Lightspeed Systems has updated its privacy policy as follows.

• Added language to Section 1, Third Party Analytics to clarify we do NOT perform remarketing. “We do NOT use these for remarketing.”
• Added language to Section 5, Security to identify key security practices in place. “Practices:

We have in place and maintain procedures and practices to ensure data security. These include a Data Governance Team, Security Policy, Privacy Inquiry Policy, Incident Response Plan, Privacy/Security by Design, Vendor Assessments, Security Assessments and regular specific Security Training.”

Bitte beachten Sie, dass trotz unserer Bemühungen keine Sicherheitsmaßnahmen perfekt oder undurchdringlich sind. Wir haben bewährte Verfahren zum Schutz Ihrer und unserer Daten implementiert, können jedoch nicht garantieren, dass diese Maßnahmen perfekt sind.

Wenn wir von einer Sicherheitsverletzung erfahren, benachrichtigen wir Sie gemäß unserem Incident Response Plan oder gemäß den geltenden Datenverarbeitungs-/Datenfreigabevereinbarungen. Je nachdem, wo Sie leben, haben Sie möglicherweise das Recht, eine schriftliche Benachrichtigung über eine Sicherheitsverletzung zu erhalten.

Review the full Privacy Policy at: https://www.lightspeedsystems.com/privacy-policy/

Effective March 2019

Lightspeed Systems has updated its privacy policy as follows.

To address the withdrawal of the United Kingdom from the European Union (Brexit) we have updated our Framework Compliance to include the United Kingdom. The wording in Bold have been added.

Framework Compliance: Lightspeed Systems, Inc. complies with the EU-U.S. Privacy Shield Framework (Privacy Shield) as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union and the United Kingdom, to the United States in reliance on Privacy Shield. Lightspeed Systems, Inc. has certified to the Department of Commerce that it adheres to the Privacy Shield Principles with respect to such information. If there is any conflict between the terms in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification, please visit https://www.privacyshield.gov/.

Review the full Privacy Policy at: https://www.lightspeedsystems.com/privacy-policy/

Effective April 2018

Lightspeed Systems has updated its privacy policy as follows.

Nutzungsbedingungen Updated “terms and conditions” to “terms of use”. This eliminates confusion and matches the document name. We also added a hyperlink to the terms of use document to make it easier to find.

Review the full Privacy Policy at: https://www.lightspeedsystems.com/privacy-policy/

Effective September 2017

Lightspeed Systems has updated its privacy policy as follows.

Employment Applications

In connection with a job application or inquiry, we may collect data about you, including your educational background, résumé or curriculum vitae, and other information, including your ethnicity or criminal background information where required or permitted by law. We may use this information throughout Lightspeed Systems for the purpose of employment consideration. We will keep the information for future consideration unless you direct us not to do so.

Verantwortlicher

By providing Lightspeed Systems, Inc. information via our website, Tradeshow, Lightspeed event, Partner event, e-mails, phone calls, chat or support cases, and maintained in our systems, you authorize Lightspeed Systems, Inc. to serve as the Data Controller.

Auftragsverarbeiter

By licensing to use Lightspeed Systems, Inc. services, you authorize Lightspeed Systems, Inc. to serve as the Data Processor for the licensed services.

Further, Lightspeed Systems, Inc. recognizes its potential liability when onward transferring EU individuals’ data received pursuant to the EU-US Privacy Shield. An individual has the ability, under certain conditions, to invoke binding arbitration for complaints regarding Privacy Shield compliance not resolved by any of the other Privacy Shield mechanisms. Please refer to Annex I of the Privacy Shield for additional information.

Adult users of Lightspeed Systems, Inc. Services should contact their educational institution or other organization providing the Service about access requests to be forgotten, electronic copies of data, requests for data deletion, and/or data depersonalization.

User-data retention

Following termination or deactivation of a School account, Lightspeed Systems, Inc. may retain profile information and content for a commercially reasonable time for backup, archival, or audit purposes, but all Student Data associated with the School will be deleted in accordance with Lightspeed Systems, Inc. Data Deletion policy, or in accordance with active DPA, DSA or SLA, or within 90 days.

Datenportabilität

License holders of Lightspeed Systems, Inc. products may request in writing that the data they provided be returned to them in electronic format. Within a reasonable time Lightspeed Systems, Inc. will return the data provided by the license holder for the products they have licensed.

Individuals who provided information via our websites, Tradeshow, Lightspeed event, Partner event, e-mail or phone call may request in writing that the data they provided be returned to them in electronic format. Within a reasonable time Lightspeed Systems, Inc. will return the data provided.

For Data, we collect from visitors of our websites

Account information and settings: Adult users and visitors of the Lightspeed Systems, Inc. website have a right to access the data collected and used by Lightspeed Systems, Inc. To make requests to access or change account information, be forgotten, electronic copies of data, data deletion, and/or data depersonalization, please contact us via the contact information below. Users and visitors may opt out of receiving future promotional electronic mailings from Lightspeed Systems, Inc. by following the unsubscribe procedures indicated in the mailing.

Children’s data: Lightspeed Systems, Inc. does not knowingly solicit or attempt to collect information from children via its websites. We ask that anyone under the age of 13 not use our websites or submit information to us. Please contact us via the contact information below if you have any questions, concerns, need to access, change, or delete the Personal Information that has been submitted by a child.

User-data retention: Lightspeed Systems, Inc. may retain profile information and content for a commercially reasonable time. We may maintain anonymized or aggregated data, including usage data, for analytics purposes. If you have any questions about data retention or deletion, please contact us via the contact information below.

You also have a right to raise any data protection-related concerns with the supervisory data protection authority in your jurisdiction.

Review the full Privacy Policy here.