LEANTIME PRIVACY POLICY

Date of Last Revision: Aug 2nd, 2023 

Welcome to Leantime!

Hyve5, Inc., d/b/a Leantime (“Leantime”, “we”, “us”, or “our”) is designed to automate grading and/or reporting of spreadsheets in connection with training and assessments in both the corporate and educational contexts.  We understand and appreciate your concerns about privacy and want you to be familiar with how we collect, use and disclose Personal Information (as defined below).  This Privacy Policy explains what Personal Information we collect, how we use and share that information, and your choices concerning our information practices.

This Privacy Policy governs your (“you” or “Users”) use of leantime.io.com and any other Leantime owned or operated websites (including mobile sites) (collectively, the “Site”), mobile applications, widgets and/or any interactive features other online services controlled by Leantime that post a link to this Privacy Policy or otherwise reference that this Privacy Policy applies to information collected through the site, application or other features or services (all of the foregoing collectively referred to as the “Service”).

This Privacy Policy does not apply to our handling of information collected from other Users, such as companies, educational institutions or other third-parties (collectively, “Businesses”).  Data and information collected through such activities are governed by the Businesses’ privacy policies as well as Leantime’s agreement(s) with such Businesses.  If you have questions about a Business’ privacy practices, please reach out to them directly.

Before using the Service or submitting any Personal Information to Leantime, please review this Privacy Policy carefully and contact us if you have any questions.  By using the Service, you agree to the practices and specifically the collection, disclosure, use and retention of Personal Information described in this Privacy Policy.  If you do not agree to this Privacy Policy, please do not access the Site or otherwise use the Service.

1. Personal Information We Collect
2. How We Use Personal Information
3. Sharing And Disclosure of Personal Information
4. Users Outside of the United States
5. State Privacy Rights
6. Children
7. Links To Other Websites
8. Security
9. Your Choices
10. Changes To the Privacy Policy
11. Contact Us

1. PERSONAL INFORMATION WE COLLECT

When you interact with us through the Service, we collect and combine information and data from you, including information that may identify you or otherwise be considered to be “personal information”, “personal data” or “personally identifiable information” under laws that regulate privacy and data protection (“Personal Information”) as follows:

Personal Information You Provide: We collect the following categories of Personal Information from you when you visit the Site, create a Leantime account, subscribe to the Service, or otherwise provide such information to us:

• Identification Information: We collect your name, phone number, email address, mailing address, job title, username, password, contract preferences, contact or authentication data.
• Financial Information: Our payment processor(s) will collect and store the financial information necessary to process your payments for our software services, such as your payment card number and authentication details.  We do not process payments for Users in the United States.
• Communication Information: We may collect information when you contact us with questions or concerns and when you voluntarily respond to questionnaires, surveys or requests for market research seeking your opinion and feedback.  Providing communication information is optional to you.
• Location Information: Our Service may use location-based services in order to locate you, such as using your zip or postal code, IP address or other geolocation information, so that we may verify your location and/or deliver you relevant content based on your location.
• Commercial Information: We may retain a history of the products and services you browse and/or purchase using the Service.
• Social Media Information: We have pages on social media sites like Instagram, Facebook, and Twitter (“Social Media Pages”).  When you interact with our Social Media Pages, we will collect Personal Information that you elect to provide to us, such as your contact details.  In addition, the companies that host our Social Media Pages may provide us with aggregate information and analytics regarding the use of our Social Media Pages.  Your posts, comments, replies to and mention of Leantime may be publicly visible, depending on privacy settings.  We do not have control over the privacy and retention of your Personal Information on Social Media Pages, which are governed by the privacy policies of the parties that operate the platforms that host the Social Media Pages.  We have no responsibility or liability for the manner in which the operators of the Social Media Pages collect, use, disclose, secure or otherwise treat your personal Information.

Internet Activity Information: When you visit, use, and interact with the Service, we may receive certain information about your visit, use, or interactions.  For example, we may monitor the number of people that visit the Service, peak hours of visits, which page(s) are visited, the domains our visitors come from (e.g., google.com, yahoo.com, etc.), and which browsers people use to access the Service (e.g., Chrome, Firefox, Microsoft Internet Explorer, etc.), broad geographical information, and navigation pattern.  In particular, the following information is created and automatically logged in our systems:

• Geolocation Information: When browsing our website, we may collect general information regarding your geographic location.
• Cookies Information: Please see the “Cookies” section below to learn more about how we use cookies.
• Usage Information: We collect information about how you use our Service, such as the types of content that you view or engage with, the features you use, the actions you take, and the time, frequency, and duration of your activities.

Personal Information Collected from Other Sources: We may receive Personal Information, such as contact information and marketing preferences, from other sources, such as educational institutions, third-party partners, and publicly available information.

Derived Information: We may infer your preferences for certain products and services based on the Personal Information we collect about you.

Cookies: We use cookies to operate and administer our Site, gather usage data on our Site, and improve your experience on it.  A “cookie” is a piece of information sent to your browser by a website you visit.  Cookies can be stored on your computer for different periods of time.  Some cookies expire after a certain amount of time, or upon logging out (session cookies), others survive after your browser is closed until a defined expiration date set in the cookie (as determined by the third party placing it), and help recognize your computer when you open your browser and browse the Internet again (persistent cookies).  For more details on cookies please visit All About Cookies.

On most web browsers, you will find a “help” section on the toolbar.  Please refer to this section for information on how to receive a notification when you are receiving a new cookie and how to turn cookies off.

Please note that if you limit the ability of websites to set cookies, you may be unable to access certain parts of the Site and you may not be able to benefit from the full functionality of the Site.

Advertising networks may use cookies to collect Personal Information.  Most advertising networks offer you a way to opt out of targeted advertising.  If you would like to find out more information, please visit the Network Advertising Initiative’s online resources and follow the opt-out instructions there.

If you access the Site on your mobile device, you may not be able to control tracking technologies through the settings.

Analytics: We use Google Analytics, a web analytics service provided by Google, Inc.  Google Analytics uses cookies to help us analyze how users use the Site and enhance your experience when you use the Site.  For more information on how Google uses this information, click here.

Online Tracking and Do Not Track Signals: We and our third-party service providers may use cookies, pixels, or other tracking technologies to collect information about your browsing activities over time and across different websites following your use of the Site and use that information to send targeted advertisements.  Our Site currently does not respond to “Do Not Track” (“DNT”) signals and operates as described in this Privacy Policy whether or not a DNT signal is received.  If we do respond to DNT signals in the future, we will update this Privacy Policy to describe how we do so.

2. HOW WE USE PERSONAL INFORMATION

We may use Personal Information for the following purposes:

• To provide, operate, and improve the Service and our business;
• To respond to your inquiries, comments, feedback, or questions;
• To send administrative information to you, for example, information regarding the Service and changes to our terms, conditions, and policies;
• To analyze how you interact with our Service;
• To develop new products and services;
• To prevent fraud, criminal activity, or misuses of our Service, and to ensure the security of our IT systems, architecture, and networks; and
• To comply with legal obligations and legal process and to protect our rights, privacy, safety, or property, and/or that of our affiliates, you, or other third parties.

Research and Development: We may aggregate Personal Information and use the aggregated and de-identified information to analyze the effectiveness of the Service, to improve and add features to the Service, gain anonymous insights into product and brand performance on the Service, and for other similar purposes.  In addition, from time to time, we may analyze the general behavior and characteristics of Users and share aggregated information like general user statistics with prospective business partners.

Communications and Marketing: We may use your Personal Information, such as your email address, to contact you to provide the Service and communicate related information.

If you provide your telephone number, you acknowledge and agree that we may contact you, including but not limited to for promotional, informational and other purposes, using SMS text messages, cellular or telephone calls, and push notifications (if applicable) even if you have opted in to the US National Do Not Call List, any state equivalent Do Not Call List or the internal Do Not Call List of any company, and that such messages and calls may be sent using automatic dialing systems or artificial or prerecorded voice messages.

How Long We Keep Your Information:  We will only keep your Personal Information for as long as it is reasonably necessary for the purposes set out in this Privacy Policy, unless a longer retention period is required or permitted by law (e.g., tax, accounting, or other legal requirements).  When we have no ongoing legitimate business need to process your Personal Information, we will either delete or anonymize such information, or, if this is not possible (for example, because your Personal Information has been stored in backup archives), then we will securely store your Personal Information and isolate it from any further processing until deletion is possible.

If you would like to opt-out of receiving certain communications, see the “Your Choices” section below.

3. SHARING AND DISCLOSURE OF PERSONAL INFORMATION

In certain circumstances we may share the categories of Personal Information described above without further notice to you, unless required by the law, with the following categories of third parties:

• Vendors and Service Providers: To assist us in meeting business operations needs and to perform certain services and functions, we may share Personal Information with vendors and service providers, including providers of hosting services, cloud services, and other information technology services providers, email communication software and email newsletter services, advertising and marketing services, payment processors, customer relationship management and customer support services, and analytics services.  Pursuant to our instructions, these parties will access, process, or store Personal Information in the course of performing their duties to us.
• Business Transfers: If we are involved in a merger, acquisition, financing due diligence, reorganization, bankruptcy, receivership, dissolution, sale of all or a portion of our assets, or transition of service to another provider (collectively and each a “Transaction”), your Personal Information and other information may be shared in the diligence process with counterparties and others assisting with a Transaction and transferred to a successor or affiliate as part of or following that Transaction along with other assets.
• Legal Requirements: If required to do so by law or in the good faith belief that such action is necessary to (a) comply with a legal obligation, including to meet national security or law enforcement requirements, (b) protect and defend our rights or property, (c) prevent fraud, (d) act in urgent circumstances to protect the personal safety of users of the Service, or the public, or (e) protect against legal liability.
• Affiliates: We may share Personal Information with our current and future affiliates, meaning an entity that controls, is controlled by, or is under common control with Leantime.  Our affiliates may use the Personal Information we share in a manner consistent with this Privacy Policy.  Affiliates may be located outside the United States of America.
• Other Users: The Service may contain a community forum and message board where Users are able to create profiles, writings, reviews, photographs, ideas, videos, audio recordings, computer graphics, pictures, data, or other content, including Personal Information (collectively, “User Content”).  The Service may display, reproduce, publish, distribute or otherwise use User Content online or offline in any media or format (currently existing or hereafter developed) and may or may not attribute it to you.  Others may have access to this User Content and may have the ability to share it.

4. USERS OUTSIDE OF THE UNITED STATES

For the purposes described in this Privacy Policy, we may transfer your Personal Information from the European Economic Area (EU Member States, Iceland, Liechtenstein and Norway) and/or the United Kingdom to our U.S. office or a third party outside of the EEA or the UK and in a jurisdiction not subject to an adequacy decision of the European Commission or the UK Government, as applicable.  When we transfer your Personal Information to other third parties outside of the EEA or the UK, for example service providers, we will do this in accordance with applicable data protection laws and will take appropriate safeguards to ensure the integrity and protection of your Personal Information wherever processed.  If you are a resident in the European Economic Area (EEA) or United Kingdom (UK), then these countries may not necessarily have data protection laws or other similar laws as comprehensive as those in your country.  However, we will take all necessary measures to protect your Personal Information in accordance with this Privacy Policy and applicable law.  By providing your Personal Information, you consent to such transfer.

Your Rights in Relation to Your Personal Data Under GDPR and/or UK GDPR

Subject to the applicable provision of the GDPR and/or UK GDPR, you have the following rights with respect to your Personal Information:

• Right of access (commonly known as a “data subject access request”): If you ask us, we will confirm whether we are processing your Personal Information and, if so, provide you with a copy of that Personal Information along with certain other details.  If you require additional copies, we may need to charge a reasonable fee.
• Right to rectification: If your Personal Information is inaccurate or incomplete, you are entitled to ask that we correct or complete it.
• Right to erasure: You may ask us to erase your Personal Information in some circumstances, such as where we no longer need it or you withdraw your consent (where applicable) and there is no other legal basis for processing.
• Right to restrict processing: You may ask us to restrict or ‘block’ the processing of your Personal Information in certain circumstances, such as if you contest its accuracy or object to us processing it.
• Right to data portability: You have the right to obtain your Personal Information from us that you consented to give us or that was provided to us as necessary in connection with our contract with you, and if the processing is carried out by automated means.
• Right to object: You may ask us at any time to stop processing your Personal Information, and we will do so: (a) if we are relying on a legitimate interest (described above) to process your Personal Information, unless we demonstrate compelling legitimate grounds for the processing or your information is needed to establish, exercise, or defend legal claims; or (b) we are processing your Personal Information for direct marketing and, in such case, we may keep minimum information about you (for example, in a suppression list) as necessary for our and your legitimate interest to ensure your opt out choices are respected in the future and to comply with data protection laws.
• Right to withdraw consent: If we rely on your consent to process your Personal Information, you have the right to withdraw that consent at any time, but this will not affect any processing of your information that has already taken place.
• Right to lodge a complaint with the data protection authority: If you have a concern about our privacy practices, including the way we handled your Personal Information, you can report it to the data protection authority that is authorized to hear those concerns (in the United Kingdom, the Information Commissioner’s Office (ICO) at https://ico.org.uk/concerns.

Legal Bases: We may rely on the following legal bases to process your Personal Information:

• Consent.  We may process your information if you have given us permission to use your Personal Information for a specific purpose.
• Performance of a Contract.  We may process your Personal Information when we believe it is necessary to fulfill our contractual obligations to you, including providing our Service or at your request prior to entering into a contract with you.
• Legal Obligations.  We may process your Personal Information when we believe it is necessary for compliance with our legal obligations, such as to cooperate with a law enforcement body or regulatory agency, exercise or defend our legal rights, or disclose your Personal Information as evidence in litigation in which we are involved.
• Vital Interests.  We may process your Personal Information where we believe it is necessary to protect your vital interests or the vital interests of a third party, such as situations involving potential threats to the safety of any person.

To exercise your rights under the GDPR and/or the UK GDPR, please send us your request as set forth in the “Contact Us” section below.

Your Rights in Relation to Your Personal Data if You Are a Resident of Canada

We may process your information inf you have given us specific permission (i.e., express consent) to use your Personal Information for a specific purpose, or in situations where your permission can be inferred (i.e., implied consent).  You can withdraw your consent at any time.  In some exceptional cases, we may be legally permitted under applicable law to process your information without your consent, including, for example:

• If collection is clearly in the interests of an individual and consent cannot be obtained in a timely way;
• For investigations and fraud detection and prevention;
• For business transactions provided certain conditions are met;
• If it is contained in a witness statement and the collection is necessary to assess, process, or settle an insurance claim;
• For identifying injured, ill, or deceased persons and communicating with next of kin;
• If we have reasonable grounds to believe an individual has been, is, or may be victim of financial abuse;
• If it is reasonable to expect collection and use with consent would compromise the availability or the accuracy of the information and the collection is reasonable for purposes related to investigating a breach of an agreement or a contravention of the laws of Canada or a province;
• If disclosure is required to comply with a subpoena, warrant, court order, or rules of the court relating to the production of records;
• If it was produced by an individual in the course of their employment, business, or profession and the collection is consistent with the purposes for which the information was produced;
• If the collection is solely for journalistic, artistic, or literary purposes; or
• If the information is publicly available and is specified by the regulations.

To exercise your rights as a Canadian resident, please send us your request as set forth in the “Contact Us” section below.

5. STATE PRIVACY RIGHTS

Where provided for by law and subject to any applicable exceptions, residents of certain states may have additional rights.  Please see below for the rights associated with certain states.

California Residents

This section of the Privacy Policy applies only to “personal information”, as defined in the California Consumer Privacy Act of 2018 (the “CCPA”), as amended by the California Privacy Rights Act (CPRA) that we collect as a “business” as defined in the CCPA, but does not apply to personal information excluded from the scope of the CCPA.  This section of the Privacy Policy does not apply to you if you are not a California resident or you or are otherwise not entitled to a notice under Section 1798.100 of the CCPA (e.g., because we collect your personal information while interacting with you in your capacity as an employee, controlling owner, director, officer or contractor of an organization while providing or receiving products or services to or from, or performing due diligence on, that organization).  In addition, this section of the Privacy Policy does not apply to personal information covered by a different privacy notice that we give to California residents, such as the privacy notices we give to our job candidates. 

• Information. You can request the following information about how we have collected and used your personal information during the past twelve months:
  • The categories of personal information that we have collected.
  • The categories of sources from which we collected personal information.
  • The business or commercial purpose for collecting and/or selling personal information.
  • The categories of third parties with whom we share personal information.
  • The categories of personal information that we sold or disclosed for a business purpose.
  • The categories of third parties to whom the personal information was sold or disclosed for a business purpose.
• Access. You can request a copy of the personal information that we have collected about you during the past 12 months
• Deletion. You can ask us to delete the personal information that we have collected from you.
• Nondiscrimination. You are entitled to exercise the rights described above free from discriminatory treatment prohibited by the CCPA.

You may submit a request to exercise your information, access and deletion rights above by contacting us as set forth in the “Contact Us” section below.  We will need to verify your identity to process your requests and we reserve the right to confirm your California residency.  Government identification may be required.  If you wish to designate an authorized agent to make a request on your behalf, we will need to verify both your and your agent’s identities, which may require submission of government identification.  Your agent must also provide valid power of attorney or other proof of authority acceptable to us in our sole discretion.  We cannot process your request if you do not provide us with sufficient detail to allow us to understand and respond to it.  In certain cases, we may be permitted by law to deny your request.

Virginia Residents

Under the Virginia Consumer Data Protection Act (DCPA):

“Consumer” means a natural person who is a resident of the Commonwealth of Virginia acting only in an individual or household context.  It does not include a natural person acting in a commercial or employment context.

“Personal data” means any information that is linked or reasonably linkable to an identified or identifiable natural person.  “Personal data” does not include de-identified data or publicly available information.

“Sale of personal data” means the exchange of personal data for monetary consideration.

If this definition of “consumer” applies to you, we must adhere to certain rights and obligations regarding your personal data.

Your rights with respect to your personal data:

• Right to be informed whether or not we are processing your personal data;
• Right to access your personal data;
• Right to correct inaccuracies in your personal data;
• Right to request deletion of your personal data;
• Right to obtain a copy of the personal data your previously shared with us; and
• Right to opt out of the processing of your personal data if it is used for targeted advertising, the sale of personal data, or profiling in furtherance of decisions that produce legal or similarly significant effects.

We have not sold any personal data to third parties for business or commercial purposes.  We will not sell personal data in the future belonging to website visitors, users, and other consumers.

You may contact us by email as set forth in the “Contact Us” section below.  If you are using an authorized agent to exercise your rights, we may deny a request if the authorized agent does not submit proof that they have been validly authorized to act on your behalf.  We may request that you provide additional information reasonably necessary to verify you and your consumer’s request.  If you submit the request through an authorized agent, we may need to collect additional information to verify your identity before processing your request.  Upon receiving your request, we will respond without undue delay, but in all cases, within 45 days of receipt.  The response period may be extended once by 45 additional days when reasonably necessary.  We will inform you of any such extension within the initial 45-day response period, together with the reason for the extension.

Connecticut Residents

Under the Connecticut Data Privacy Act (CTDPA):

“Consumer” means an individual who is a resident of Connecticut, and does not include an individual acting in a commercial or employment context or as an employee, owner, director, officer or contractor of a company, partnership, sole proprietorship, nonprofit or government agency.

“Personal data” means any information that is linked or reasonably linkable to an identified or identifiable individual.  “Personal data” does not include de-identified data or publicly available information.

“Sale of personal data” means the exchange of personal data for monetary or other valuable consideration.

If this definition of “consumer” applies to you, we must adhere to certain rights and obligations regarding your personal data.

Your rights with respect to your personal data:

• Right to access personal data that we have collected on you;
• Right to correct inaccuracies in your personal data.;
• Right to delete your personal data, including personal data that we collected through third parties;
• Right to obtain a copy of your personal data in a portable and readily usable format that allows you to transfer the data to another controller with ease; and
• Right to opt-out of: the sale of your personal data; the processing of personal data for the purposes of targeted advertising; and profiling that may have a legal or other significant impact on you.

Colorado Residents

Under the Colorado Privacy Act (CPA):

“Consumer” means an individual who is a Colorado resident acting only in an individual or household context, and does not include an individual acting in a commercial or employment context.

“Personal data” means information that is linked or reasonably linkable to an identified or indefinable individual.  “Personal data” does not include de-identified data or publicly available information.

“Sale of personal data” means the exchange of personal data for monetary or other valuable consideration by a controller to a third party.

If this definition of “consumer” applies to you, we must adhere to certain rights and obligations regarding your personal data.

Your rights with respect to your personal data:

• Right to determine whether we are processing your personal data;
• Right to access your personal data;
• Right to request deletion of your personal data provided by or obtained about you;
• Right to obtain a copy of your personal data that you previously provided to us; and
• Right to opt out of having your personal data process for the purposes of:
  • targeted advertising;
  • the sale of personal data; or
  • profiling to further solely automated decisions and decision-making that produce legal or similarly significant effects concerning you.

For more information about the possibility of submitting an opt-out request, please refer to the Your Choices section below, or submit a data subject access request. 

The information we collect, use, and disclose about you will vary depending on how you interact with the [Services].  To find out more please visit the following sections of this Privacy Policy: Personal Information We Collect, How We User Personal Information, and Sharing and Disclosure of Personal Information.  If you would like to exercise any of these rights, you may do so by contacting us as set forth in the “Contact Us” section below.  After we receive your request, we may request additional information from you to verify your identity.  Your authorized agent may submit requests in the same manner, although we may require the agent to present signed written permission to act on your behalf, and you may also be required to independently verify your identity with us and confirm that you have provided the agent permission to submit the request.

6. CHILDREN

We do not intentionally collect Personal Information from individuals in the U.S. who are under the age of 13.  If a child under 13 submits Personal Information to Leantime and we learn that the Personal Information is the information of a child under the age of 13, we will attempt to delete the information as soon as possible.  If you believe that we might have any Personal Information from a child under the age of 13, please contact us as set forth in the “Contact Us” section below.

7. LINKS TO OTHER WEBSITES

The Service may contain links to other websites and services not operated or controlled by Leantime, including Dispensaries and social media services (“Third Party Services”).  The information that you share with Third Party Services will be governed by the specific privacy policies and terms of service of the Third Party Services and not by this Privacy Policy.  By providing these links we do not imply that we endorse or have reviewed these Third Party Services.  Please contact the Third Party Services directly for information on their privacy practices and policies.

8. SECURITY

You use the Service at your own risk.  We implement commercially reasonable technical, administrative, and organizational measures to protect Personal Information both online and offline from loss, misuse, and unauthorized access, disclosure, alteration, or destruction.  However, no Internet or e-mail transmission is ever fully secure or error free.  In particular, e-mail sent to or from us may not be secure.  Therefore, you should take special care in deciding what information you send to us via the Service or e-mail.  Please keep this in mind when disclosing any Personal Information to Leantime via the Internet.  In addition, we are not responsible for circumvention of any privacy settings or security measures contained on the Service, or Third Party Services.

9. YOUR CHOICES

In certain circumstances providing Personal Information is optional.  However, if you choose not to provide Personal Information that is needed to use some features of our Service, you may be unable to use those features.  You can also contact us to request updates or corrections to your Personal Information.  If you have questions or concerns about other Personal Information collected by us, or are unable to use your Leantime account and would like assistance accessing that information, please contact us as set forth in the “Contact Us” section below.

You may opt out of marketing-related communications by following the opt out or unsubscribe instructions contained in the marketing communication we send you, or by updating your settings through your account.  If you unsubscribe from our marketing lists, you will no longer receive marketing communications from us but we will continue to contact you to provide the Service, regarding management of your account, other administrative matters, and to respond to your requests.

10. CHANGES TO THE PRIVACY POLICY

The Service and our business may change from time to time.  As a result, we may change this Privacy Policy at any time.  When we do, we will post an updated version on this page, unless another type of notice is required by applicable law.  By continuing to use our Service or providing us with Personal Information after we have posted an updated Privacy Policy, you consent to the revised Privacy Policy and practices described in it.

11. CONTACT US

If you have any questions or complaints about our Privacy Policy or information practices, would like to request a version of this notice in an accessible format, or would like to contact us in regards to any of the topics discussed above, please feel free to contact us at our designated request address: [email protected].