For a full list of legal documents including archives, visit Boom Learning Support.
Legal Documents DirectoryEFFECTIVE July 1, 2023 (Archived Version)
1.1 "Subprocessors" are companies we hire to process customer data to help us provide the Services.
1.2 "Subcontractors" are people that work for us as part of a project. We sometimes use subcontractors to perform technical support or training for Educators. Subcontractors do not have access to Student Data.
1.2 "Vendors" provide services we need to perform our business. Examples include tax reporting and payment processing. If a Vendor has access to customer data, we disclose them as a subprocessor. You may have vendors you use also.
You may chose to use third-party authentication services with Boom Learning. Examples include Canvas, Google, Microsoft, Clever, and ClassLink. Your authentication vendor determines what information they deliver to us. At any time, and for any reason, we may block use of any authentication service we determine is a security or privacy risk. Sometimes things go wrong with authentication services.
You may select a vendor to exchange data with us, securely or in an insecure matter. Examples include Canvas, Google, and Microsoft. Your use of those vendors is subject to your agreement with the vendor.
You are liable for for misconduct, design failures, or security risks, deliberate or inadvertent, caused by your vendors. You are liable for failing to correctly configure the vendor's services. You are responsible for evaluating and selecting vendors that meet your legal obligations.
We may enable you to embed links to video from a variety of sources for use in decks delivered to your Students. Examples include ScreenPal, Vimeo, and YouTube (private decks only). You are liable for misconduct, design failures, or security risks, deliberate or inadvertent, by your selected video delivery vendor. You are responsible for evaluating and selecting video delivery vendors that meet your legal obligations. You may have legal obligations to students with respect to disclosure, consent, tracking for advertising purposes, and delivery of advertisements.
We use Zoom and Microsoft for video calls. We may add RingCentral. We may create send you personalized videos using Vidyard. Our YouTube videos are for marketing purposes. YouTube will track your viewing habits. Embedded videos provided by us are from our Vimeo account. Our Vimeo hosted videos have enhanced privacy settings.
The Boom Learning database stores Student, Educator, and Public Author data. The Boom Learning database is encrypted in motion and at rest. This database is hosted by (and thus disclosed to) subprocessors MongoDB (see Section 6) hosted on Amazon Web Services (AWS) under obligations of confidentiality and with no right of use of personal data.
We replicate a subset of teacher and school information from the Boom Learning Database to Azure for performance reasons so we can analyze patterns for product improvement purposes (the "Azure database"). We do not replicate any student data in the Azure database. Learn more about security and privacy measures at the Microsoft Trust Center.
If you download and install one of our Boom Cards native apps, you and your Students will be subject to the tracking and monitoring policies of the applicable applications store. We provide apps through the following applications stores:
Communications sent to our Help Center, which may be from Educators, Public authors, parents, staff, the general public, and occasionally students are stored in the Freshworks ecosystem in the data store appropriate to the form of contact, including FreshDesk (Help tickets), Freshworks Contact Center (voicemail messages and calls), FreshChat (chat contacts), and FreshWorks CRM (purchasing contacts).
The Freshworks data stores may store your contact information, communications sent, device model, IP address, and usage patterns.
If you contact us seeking to purchase Boom Learning, your information additionally will be stored and accessed using Salesloft and Salesforce. These data stores are used with adults only.
Emails and calling services related to sales may be routed through Salesloft and Salesforce. Appointment scheduling uses Calendly.
We send you newsletters, transactional messages, and email using one or more of these methods:
Our email service providers may supply us with a range of information about your communications with us, including IP addresses, your country, state or province, history of reading or receiving newsletters, and your approximate location. The source of this information is your interactions with the email service and/or third-parties.
At your request, we may send you customized help information using your personal data generated with Scribe. Scribe custom tutorials are stored with Scribe.
We use a variety of banking and payment processors. If you pay us money or receive money from us, your name, address, and contact data may be stored in one or more of these systems we use for payment and accounting purposes:
We may add NetSuite.
We may store documents received from you in one of these locations.
We store your contact information with The Hartford to provide you with Insurance certificates. Customer-requested features entered into Atlassian are shared with our development and test teams at A4 Technologies and Poeta Digital.
For tax reporting and payment purposes, your data may be stored with Gusto or ADP (payment and 1099). We may occasionally communicate with you using the Google ecosystem (Forms, Drive, etc.). We may allow you to participate in our Pinterest or Tailwind sites.
We are on social media sites for marketing and community-building purposes. Please see our sales and marketing privacy policy for terms covering your interactions with our marketing properties.
We use Google Analytics G4. We have GDPR controls turned on. We anonymize data we send to Google.