MESA WEBSITE PRIVACY AND CLIENT INFORMATION POLICIES
Website Privacy Policy
Thank you for your interest in Mesa Cloud, Inc. (“Mesa”, “we”, “our”, or “us”).
This Website Privacy Policy explains how we gather, use, and share personal information from individuals who access or interact with our company’s website or otherwise communicate with us via our company’s website, email, phone or mail. By accessing or interacting with our company’s website or otherwise communicating with us, you accept the information practices described in this Website Privacy Policy.
This Website Privacy Policy does not apply to our handling of students’ and other personal information provided to us as a service provider by schools, districts, local education agencies or other educational institutions that use our technology platform, services and products (“Clients”), or to students’ and other personal information collected by us as a service provider at the direction of Clients. Our handling of such information is governed by our written agreements with our Clients and applicable laws. Please review our Client Information Policy for additional information.
Children’s Privacy Protection
We do not knowingly collect personal information from children under the age of 18 unless we are performing services for a Client and believe we have appropriate permission to do so, as described in our Client Information Policy. If we become aware or otherwise have reason to believe that we have received personal information of a child under the age of 18 without appropriate permission, we will take prompt steps to remove such information. If you suspect that personal information of a child under the age of 18 has been submitted to us without appropriate permission, please contact us at privacy@mesacloud.com.
This Website Privacy Policy explains how we gather, use, and share personal information from individuals who access or interact with our company’s website or otherwise communicate with us via our company’s website, email, phone or mail. By accessing or interacting with our company’s website or otherwise communicating with us, you accept the information practices described in this Website Privacy Policy.
This Website Privacy Policy does not apply to our handling of students’ and other personal information provided to us as a service provider by schools, districts, local education agencies or other educational institutions that use our technology platform, services and products (“Clients”), or to students’ and other personal information collected by us as a service provider at the direction of Clients. Our handling of such information is governed by our written agreements with our Clients and applicable laws. Please review our Client Information Policy for additional information.
Children’s Privacy Protection
We do not knowingly collect personal information from children under the age of 18 unless we are performing services for a Client and believe we have appropriate permission to do so, as described in our Client Information Policy. If we become aware or otherwise have reason to believe that we have received personal information of a child under the age of 18 without appropriate permission, we will take prompt steps to remove such information. If you suspect that personal information of a child under the age of 18 has been submitted to us without appropriate permission, please contact us at privacy@mesacloud.com.
Information We May Gather and How We May Gather It
When You Request Access to Our Website Content and Events. We may request your personal information, such as name, address, telephone number, email address, and school or district information when you access certain content made available on our company website. Likewise, we may request your personal information when you register to attend one of our in-person or virtual events. We may also ask you to create a user account with us if you request access to certain resources made available on our company website.
When You Subscribe to Our Email Lists. You may voluntarily subscribe to our email list(s) to stay informed about our company, events, services and products. In addition to your email address, we may request you to provide your name and school or district information. To be removed from our list, you can click on the “unsubscribe” link in one of our email messages or send your request via email to privacy@mesacloud.com with “REMOVE ME” in the subject line. Please note that your opt-out will apply to communications that are primarily of a marketing nature; we may still send you communications if necessary to respond to your inquiries or requests or provide you with important notices regarding a service or product you have requested or have received.
When Third Parties Share Your Information with Us. We may obtain your personal information from a third party to whom you have given permission to share your personal information. For example, if you subscribe to a resource maintained by a third party and consent to that third party’s sharing your personal information with us, we may receive such information from that third party. We may also obtain information about you from third-party databases or services. We may use this information to improve the accuracy of our records.
With Automated Technologies. Just as other similar service providers do, Mesa may gather information that is generated automatically when a user interacts with our company website and email communications, such as IP address, browser type, information about how, how often and when a user engages with our company website and whether an email message from us has been opened. Mesa may gather this information using cookies (small data files on your computer’s browser), web beacons (invisible electronic images embedded on web pages) and similar technologies. In some cases, third parties may deliver cookies to your browser on our behalf. Some of these third party technologies may collect information about your browsing activities over time and across different websites. For example, we use Google Analytics, a web analytics service provided by Google, Inc. (“Google”), which uses cookies to count the number of visitors to our website and how they engage with it (learn more about Google’s practices at https://policies.google.com/privacy?hl=en-US). You can opt out of Google Analytics by downloading and installing the browser plug-in available at:https://tools.google.com/dlpage/gaoptout. Mesa is not responsible for the effectiveness of any browser setting or third-party opt-out options, and the functionality of our website may be affected by your settings and opt-out choices. Please note that our website does not respond to “Do Not Track” (“DNT”) signals at this time. If we do respond to DNT signals in the future, we will update this Website Privacy Policy to describe how we do so.
How We May Use Information
Overall Experience and Support. We may use the information described above to provide you with relevant website content, inform you of service and product offerings, operate and improve our website, and support your overall experience with us. We may use your information to:
- communicate information and notices relating to your use of our company website, services and products;
- provide customer service and respond to your inquiries or requests;
- create a personalized, convenient and enhanced website and visitor experience (for example, designing our website to remember if you have already filled out a form field so you do not need to fill out that field again);
- provide customized content and inform you of offerings we think may be of interest to you;
- monitor usage of our website and diagnose and resolve any issues;
- improve our content and services and the usability of our website; and
- protect the security and integrity of our website and content.
You may opt out of our direct marketing communications by clicking on the “unsubscribe” link in one of our email messages or by sending your request via email to privacy@mesacloud.com with “REMOVE ME” in the subject line. Please note that your opt-out will apply to communications that are primarily of a marketing nature; we may still send you communications if necessary to respond to your inquiries or requests or provide you with important notices regarding a service or product you have requested or have received.
Compliance and Protection. We may use your information to:.
Compliance and Protection. We may use your information to:.
- protect our, your, or others’ rights, privacy, safety or property;
- audit our internal processes for compliance with legal and contractual requirements and internal policies;
- prevent, identify, investigate and deter fraudulent, harmful, unauthorized, unethical or illegal activity, including cyberattacks and identity theft; and
- comply with applicable laws, lawful requests, and legal process, such as to respond to subpoenas or requests from government authorities.
How We May Share Information
We do not sell, rent or market your personal information to other companies without permission. We may share your personal information as follows:
With Our Service Providers. When necessary, we may disclose personal information to a third party that helps us operate our company website or facilitates the activities described in this Website Privacy Policy.
With Content and Event Partners. When you sign-up with us to access certain content contributed by a third party or register for an event co-organized or involving third parties, we may share your name and email address with such third parties, but only after notifying you and giving you an opportunity to not have your information shared.
With Your Permission if You Provide a Testimonial. With your permission, we may display a personal testimonial or endorsement from you about our products and services on our company website and in internal team materials, and we may include your name and school or district if you give us permission.
As Required by Law or to Ensure Safety, Security and Integrity. We may be required to disclose or grant access to personal information to law enforcement, government authorities, and other parties in order to comply with law enforcement requests and legal processes. We may also do so to protect users’, our, or others’ rights, property, or safety.
As Part of a Business Transition. In the event Mesa goes through a business transition, such as a merger with, acquisition by or sale of all or a portion of its assets to another company, or other corporate change, your personal information may be disclosed or transferred to the other company and other relevant parties as part of the process in accordance with applicable law. Any successor entity would be required to comply with applicable law in its handling of personal information.
How We Protect Information
We are committed to protecting the personal information we gather. We implement administrative, technical, and physical security procedures reasonably designed to protect such information. We use security safeguards such as physical access controls to buildings and files, data encryption, Secure Sockets Layer (SSL) cryptography, two-factor authentication, and firewalls to help prevent unauthorized access to the personal information we maintain. Please note that even with safeguards, neither the Internet nor any data storage system can be guaranteed to be 100% secure. We keep your personal information for only as long as necessary for the purposes described in this Website Privacy Policy. We may also retain your personal information to comply with our tax, accounting and financial reporting obligations and as otherwise required by law.
Additional Information
International Use. Mesa is based in the United States and its website, communications, services and products are intended primarily for use within the United States. If you are located outside of the United States, please be aware that any information Mesa collects may be transferred to and processed outside of your home country or territory where the data protection laws may not be the same as your home country or territory. We will protect your personal information in accordance with this Website Privacy Policy.
Links to Other Websites and Services. Our company website may include links to other websites we think may be of interest to you and others who visit our website. These other websites are not owned or operated by Mesa and we do not have any control over them. The responsibility for these websites and how your information may be collected, used or shared when you access them belongs to the companies that own and operate them. We encourage you to read the privacy policies of these websites.
Correcting Information. If you would like to update or correct any information you have provided to us, please send an email to privacy@mesacloudinc.com.
Changes to This Website Privacy Policy
We reserve the right to modify this Website Privacy Policy at any time. We will post any adjustments to our Website Privacy Policy on this web page, and the revised version will be effective when it is posted (or as otherwise indicated at the time of posting). In addition, this page will indicate the date that our Website Privacy Policy was last changed. Your continued use of our website and services after a revised version becomes effective indicates that you accept the revised version. If our practices regarding previously collected personal information change in a way that would be materially different, we will make reasonable efforts to provide notice of any such changes.
Questions and Contact Information
Please email us at privacy@mesacloud.com with any questions.
We do not sell, rent or market your personal information to other companies without permission. We may share your personal information as follows:
With Our Service Providers. When necessary, we may disclose personal information to a third party that helps us operate our company website or facilitates the activities described in this Website Privacy Policy.
With Content and Event Partners. When you sign-up with us to access certain content contributed by a third party or register for an event co-organized or involving third parties, we may share your name and email address with such third parties, but only after notifying you and giving you an opportunity to not have your information shared.
With Your Permission if You Provide a Testimonial. With your permission, we may display a personal testimonial or endorsement from you about our products and services on our company website and in internal team materials, and we may include your name and school or district if you give us permission.
As Required by Law or to Ensure Safety, Security and Integrity. We may be required to disclose or grant access to personal information to law enforcement, government authorities, and other parties in order to comply with law enforcement requests and legal processes. We may also do so to protect users’, our, or others’ rights, property, or safety.
As Part of a Business Transition. In the event Mesa goes through a business transition, such as a merger with, acquisition by or sale of all or a portion of its assets to another company, or other corporate change, your personal information may be disclosed or transferred to the other company and other relevant parties as part of the process in accordance with applicable law. Any successor entity would be required to comply with applicable law in its handling of personal information.
How We Protect Information
We are committed to protecting the personal information we gather. We implement administrative, technical, and physical security procedures reasonably designed to protect such information. We use security safeguards such as physical access controls to buildings and files, data encryption, Secure Sockets Layer (SSL) cryptography, two-factor authentication, and firewalls to help prevent unauthorized access to the personal information we maintain. Please note that even with safeguards, neither the Internet nor any data storage system can be guaranteed to be 100% secure. We keep your personal information for only as long as necessary for the purposes described in this Website Privacy Policy. We may also retain your personal information to comply with our tax, accounting and financial reporting obligations and as otherwise required by law.
Additional Information
International Use. Mesa is based in the United States and its website, communications, services and products are intended primarily for use within the United States. If you are located outside of the United States, please be aware that any information Mesa collects may be transferred to and processed outside of your home country or territory where the data protection laws may not be the same as your home country or territory. We will protect your personal information in accordance with this Website Privacy Policy.
Links to Other Websites and Services. Our company website may include links to other websites we think may be of interest to you and others who visit our website. These other websites are not owned or operated by Mesa and we do not have any control over them. The responsibility for these websites and how your information may be collected, used or shared when you access them belongs to the companies that own and operate them. We encourage you to read the privacy policies of these websites.
Correcting Information. If you would like to update or correct any information you have provided to us, please send an email to privacy@mesacloudinc.com.
Changes to This Website Privacy Policy
We reserve the right to modify this Website Privacy Policy at any time. We will post any adjustments to our Website Privacy Policy on this web page, and the revised version will be effective when it is posted (or as otherwise indicated at the time of posting). In addition, this page will indicate the date that our Website Privacy Policy was last changed. Your continued use of our website and services after a revised version becomes effective indicates that you accept the revised version. If our practices regarding previously collected personal information change in a way that would be materially different, we will make reasonable efforts to provide notice of any such changes.
Questions and Contact Information
Please email us at privacy@mesacloud.com with any questions.
Client Information Policy
Schools, Districts, Local Education Agencies, Educational Institutions
Mesa Cloud, Inc. (“Mesa”, “we”, “our”, or “us”) has a vision for a world in which every student thrives in school, every student benefits from an excellent education, and every student graduates prepared with the knowledge, skills and mindsets they need to thrive in the world. In realizing that vision, we are on a mission to improve education for every student.
This Client Information Policy applies to personal information provided to Mesa as a service provider by schools, districts, local education agencies or other educational institutions that use its technology platform, services and products pursuant to a written agreement (“Clients”), or collected by Mesa as a service provider at the direction of Clients. Mesa’s written agreements with Clients and applicable laws govern its handling of personal information gathered in its capacity as a service provider.
This Client Information Policy does not apply to personal information gathered when individuals access or interact with Mesa’s company website or otherwise communicate with Mesa via its company website, email, phone or mail. For information about Mesa’s practices relating to such information, please review Mesa’s Website Privacy Policy.
No marketing, sale or rental of students’ personal information; no advertising to students
Mesa does not market, sell or rent any student’s personal information and it does not engage in, inform, influence or enable advertising to students. Mesa will only use students’ information for purposes authorized by Clients and applicable law.
Compliance with U.S. student privacy laws
Mesa is committed to complying with applicable U.S. federal and state laws governing students’ privacy, including the Family Educational Rights and Privacy Act (FERPA), the Pupil Privacy Protection Amendment (PPRA) and the Children’s Online Privacy Protection Act (COPPA). Clients are responsible for consent or notification in instances where parental or guardian consent or notification is required. Mesa will collect information from students directly only as requested and instructed by the Client and only for the purposes of providing services to the Client.
Information collected
By using Mesa’s technology platform, products and services, Clients and their users authorize us to collect, use and share information as described in their written agreements with Mesa and allowed by applicable law. Mesa collects personal information only to the extent it believes necessary to provide its services and as allowed by Clients and applicable laws.
The specific information Mesa collects will depend on the services being provided to a Client, the relevant written agreement and applicable law. Mesa may collect:
Student information. When a Client, its teachers and staff members, students, students’ parents and guardians and other authorized users use Mesa’s technology platform, products and services, they may share information with Mesa, such as student rosters, academic reports, and responses to surveys, which may contain a student’s personal information, such as name, grade and contact information. A Client may request Mesa to conduct student surveys on behalf of the Client, and students may share personal information in their responses. A Client may also request Mesa to provide students with designated user accounts, and Mesa may require personal information, such as name and email address, in order to create and differentiate such user accounts. Mesa collects personal information from students directly only if and as instructed by a Client. Clients are responsible for obtaining any required consents and providing any required disclosures to parents and guardians.
A Client that suspects personal information of a child under the age of 18 has been submitted without appropriate permission should inform their account representative or contact Mesa at privacy@mesacloud.com.
Client user information. A Client’s teachers, staff members and other authorized users may access Mesa’s technology platform, products and services through designated user accounts. Mesa may collect and use these individuals’ personal information such as name and email address to create and differentiate such user accounts. A Client may also request Mesa to conduct teacher and staff surveys on behalf of the Client, and teachers and staff members may share personal information in responses to these surveys.
Teacher and staff members who reach out to Mesa directly to inquire about its services and products or for other support may identify themselves and share other personal information. They may also share personal information, such as name and email address, when registering for professional development webinars and other events hosted by Mesa. Mesa’s Website Privacy Policy explains how Mesa handles personal information about individuals who access or interact with Mesa’s company website or otherwise communicate with Mesa via its company website, email, phone or mail.
Parent, guardian and others’ information. When a Client, its teachers and staff members, students and other authorized users use Mesa’s services, they may share personal information about a parent or guardian, such as the parent’s or guardian’s contact information. A Client may also request Mesa to conduct family surveys on behalf of the Client, and parents and guardians may share personal information in responses to these surveys. From time to time, Clients request Mesa to conduct community surveys and invite other stakeholders to submit survey responses, which may include personal information.
Parents and guardians and others who reach out to Mesa directly to inquire about its services and products or for other support may identify themselves and share other personal information. They may also share personal information, such as name and email address, when registering for informational webinars and other events hosted by Mesa. Mesa’s Website Privacy Policy explains how Mesa handles personal information about individuals who access or interact with Mesa’s company website or otherwise communicate with Mesa via its company website, email, phone or mail.
Automatically generated information. Just as other similar service providers do, Mesa may gather information that is generated automatically when a user interacts with its technology platform, products and services, website, and email communications, such as IP address, browser type, information about how, how often and when a user engages with a page or feature and whether an email message from Mesa has been opened. Mesa may gather this information using cookies (small data files on a computer’s browser), web beacons (invisible electronic images embedded on web pages) and similar technologies. In some cases, third parties may deliver cookies to the user’s browser on Mesa’s behalf. For example, Mesa uses Google Analytics, a web analytics service provided by Google, Inc. (“Google”), which uses cookies to help Mesa measure engagement with its technology platform.
Mesa does not use or sell automatically generated information to market or advertise to students. It does not use automated technologies, and it does not allow third parties to use automated technologies, including cookies, to market or advertise to students.
Use of information
By using Mesa’s technology platform, products and services, Clients and their users authorize Mesa to collect, use and share information as described in their written agreements with Mesa and allowed by applicable law. Mesa uses personal information only to the extent it believes necessary to provide its service and as allowed by Clients and applicable laws.
Mesa’s specific use of information will depend on the services being provided to a Client, the relevant written agreement and applicable law. Mesa may use personal information for:
Administering surveys and providing other services for Clients. Mesa may use personal information to configure surveys correctly and to administer them efficiently and accurately. For example, upon a Client’s request, it may use email addresses and physical mailing addresses as necessary to distribute surveys and ensure maximum opportunity for participation in a school climate survey. Mesa may also use personal information to facilitate a Client’s use of Mesa’s platform to support student goals and measure progress towards such goals.
Providing reports and insights to Clients. Mesa may use personal information to provide Clients with reports and insights that help them improve their students’ educational experiences. Mesa cooperates with Clients in providing access to such reports to Client’s intended audiences only.
Research and development. Mesa may use personal information for educational research and development purposes in accordance with its written contracts and applicable laws. For example, Mesa may test tools that could improve reporting, demonstrate the effectiveness of its services, perform validity and benchmarking studies, develop new product features, and make other usability improvements. We may also anonymize and aggregate personal information for additional purposes with Clients’ permission or as allowed under applicable law.
Providing customer support for Clients. Mesa may receive personal information from individuals contacting customer support. Having this information helps Mesa provide efficient and more effective support.
Communicating with Clients as part of the services. Mesa may use personal information to communicate with Clients and their teachers, staff members and other authorized users in connection with the services. For example, the Mesa platform may send a reminder to a teacher to update an intervention plan or notify a teacher that a student response has been submitted. Mesa may also share product recommendations with Clients and notify them about new products, services and features, provide other updates and announce events and programs.
Enhancing Clients’ experience with customizations and usability improvements. Mesa may use automatically generated information to enhance users’ experiences, such as monitoring and improving the effectiveness of Mesa’s platform. It may also use such information to measure engagement with its platform and diagnose and fix technology problems.
Sharing and disclosure of information
Mesa shares personal information only to the extent allowed under written agreements with Clients or with their permission, this Client Information Policy and applicable laws as follows:
Upon Client request. Mesa may share information, including personal information, with third parties per a Client’s written request and authorization. For example, a school may instruct Mesa to disclose personal information about a student to a parent or legal guardian.
With service providers. Mesa may disclose information to third parties as necessary for them to facilitate and help us provide our services. For example, if a Client agreement requires Mesa to mail paper surveys to students’ families, Mesa will provide the students’ addresses to a delivery service such as FedEx or the United States Postal Service so the surveys can be delivered to those households. In any such instances, Mesa only contracts with third parties who maintain data privacy and security, and retention policies that are consistent with or exceed, the principles of this Client Information Policy.
As required by law or to ensure safety. Mesa may be required to disclose or grant access to personal information to law enforcement, government authorities, and other parties in order to comply with law enforcement requests and legal processes. It may also do so to protect users’, our, or others’ rights, property, or safety.
In a business transition. In the event Mesa goes through a business transition, such as a merger with, acquisition by or sale of all or a portion of its assets to another company, or other corporate change, including without limitation during the course of any due diligence process, personal information maintained by Mesa may be disclosed or transferred to the other company and other relevant parties as part of the process in accordance with applicable law and written agreements with Clients. Any successor entity would be required to comply with applicable law in its handling of personal information and to maintain data privacy and security, and retention policies that are consistent with, or exceed, the principles of this Client Information Policy.
Access to student or education records
Parents or guardians may contact their school or district with inquiries and requests about their child’s personal information, including requests to access their child’s personal information or have it deleted and requests that certain personal information not be collected or used. If a parent or legal guardian contacts Mesa with a request or inquiry about their child’s personal information, Mesa will notify the Client of the request, unless Mesa’s written agreement with the Client or applicable law requires otherwise.
Information security safeguards
Mesa treats personal information received from Clients as confidential. Mesa implements administrative, technical, and physical security procedures reasonably designed to protect the personal information stored on its servers, which are located in the United States. Mesa uses security safeguards such as physical access controls to buildings and files, data encryption, Secure Sockets Layer (SSL) cryptography, two-factor authentication, and firewalls to help prevent unauthorized access. Mesa employees who may have access to personal information are required to protect such information. Please note that even with safeguards, neither the Internet nor any data storage system can be guaranteed to be 100% secure. In the event of a breach of security, we take steps to notify Clients and for mitigation as required under our written agreements with Clients and applicable laws. Unless otherwise required by written agreement with a Client, or otherwise requested in writing by a Client, Mesa will retain that Client’s information for as long as they remain a Client and as long as necessary to continue providing services to that Client. Mesa may also preserve information to comply with its tax, accounting and financial reporting obligations or if it believes it is otherwise legally or contractually obligated to do so.
Written agreements
If this Client Information Policy expressly contradicts a Client’s written agreement with Mesa as to data privacy and security practices, the written agreement will govern to the extent of the contradiction.
Changes to this Policy
Mesa may modify this Client Information Policy to reflect new legal requirements or as its information practices evolve. With regard to any material changes to this Client Information Policy, then-current clients will be notified of such via email and will be required to acknowledge the change. We will post any adjustments to this Client Information Policy on this web page, and the revised version will be effective when it is posted (or as otherwise indicated at the time of posting). The effective date of any version of this Client Information Policy will always be posted.
Questions and Contact information
Clients may contact Mesa at privacy@mesacloud.com or their account representative with questions about this Client Information Policy.