Updated: July 28, 2021
Respecting your privacy is critically important to achieving our mission of motivating every student. These are our guiding privacy principles:
- We don’t ask you for personal information unless we truly need it.
- We don’t keep your personal information longer than is necessary to provide our services to you.
- We don’t share your personal information with anyone except to comply with the law, provide our services, or protect our rights.
- We don’t rent, sell or exchange your personal information.
- We aim to make it as simple as possible for you to control what’s visible to the public, seen by search engines, kept private, and permanently deleted.
We strive to support as many people as possible, including those with disabilities. If a screen reader makes this policy more accessible to you, we recommend the following browser and screen reader combinations: Chrome and ChromeVox, Safari and VoiceOver (for Mac users), and Firefox and NVDA (for Windows users).
Protecting students and their personal information
Here are some examples of safety and privacy measures on Rito:
- Behaviorally targeted advertising is not permitted on Rito.
- Students can join activities without creating an account.
- Students who have not or cannot provide consent have a limited product experience.
- The platform does not facilitate direct messaging between students.
- Content is subject to proactive content filters and reactive reporting tools.
Rito empowers parents and legal guardians of children younger than the age of consent (in the U.S., this means under 13) who have registered accounts with Rito to exercise their legal rights pursuant to legislation such as COPPA. Parents/guardians can consent to collection and use by Rito of a child's personally identifiable information (PII) without consenting to the disclosure of information to third parties by Rito. Currently, the only personal information we collect from a child younger than 13 is their parent's or guardian’s email address.
Parents/guardians may delete, modify, and review information their children shared with Rito by accessing their child's account. They may also create a parent account to manage their child’s access to Rito. Parents may also request that Rito delete that information and refuse to allow Rito to collect further information from their children by contacting us at firstname.lastname@example.org. Rito may ask additional questions or take other steps to verify the identity of parents/guardians before responding to a request to review or delete their child's information, or a request to refuse further collection from children.
Rito will never require a child to share more information than is reasonably necessary for using Rito. While Rito will assign persistent identifiers to all Rito users to recognize repeat visitors and improve their Rito experience, Rito does not knowingly collect personally identifiable information from children younger than the age of consent without a parent or guardian's consent. If we become aware, despite our intention not to gather this information, that we collected personally identifiable information from a child younger than the age of consent without permission then we will either delete this information or seek to obtain verifiable parental consent from the child’s parent or guardian to collect and use that data to provide the child with Rito services in the future.
How Rito Collects Personal Information
The information that Rito collects depends on the nature of the services you request. For example, fewer data are collected from a student joining a game without an account than from a teacher who creates an account in order to create quizzes and host games. All interactions with the Rito website or app produce metadata that may identify you or could be identifiable information when paired with other information about you. In every case, Rito strives to collect only the minimum necessary information from you as is necessary or appropriate to fulfill the purpose of the visitor's interaction with Rito or that is required by law. Visitors to the Rito website or app may always refuse to supply personally identifying information, however, doing so may prevent you from engaging in certain website-related activities.
Information you provide to Rito
Accounts are not a prerequisite to using Rito, but are required to access some features and to save progress over time. If you create an account, Rito saves the account information you provide. This information may include: an email address, a parent or guardian email address, first name, last name, profile photo, or organization name.
You may choose not to provide specific information or to delete or modify it at any time. These actions may prevent you from engaging with specific services or features that require this information. Additional information may be provided to Rito if you communicate with our support team, participate in user research, marketing campaigns or sweepstakes, or otherwise use the services.
If you engage in a financial transaction with Rito, you may be asked to provide additional information such as a credit card number, billing address or full name.
As you use the service, you may also create academic content including quizzes and certain forms of responses. This information is not typically personally identifying, but it may be deleted at any time either by the relevant account holder or by reaching out to our team at email@example.com.
Information collected automatically
We receive and store some types of information automatically as you use the service. These may include device information such as device model, operating system, and device identifiers such as IDFA and UDID.
Rito also collects log information as you use the service. These data may include information regarding how and when you use the service as well as your browser type, preferred language, time zone, referring site, and internet protocol (IP) address.
We may use your IP address to generate a general approximation of your location to provide the service. Examples include providing the right version of Rito based on your state or country and helping teachers select their school when they sign up. Rito does not collect fine location data such as GPS or bluetooth beacons.
Information from other sources
Depending on how you use the service, Rito may collect information from partners and integrated technologies. For example, if you choose to use Google Login or join using the Google Classroom integration, we may receive information including your name and email address from Google. Rito does not have access to the passwords used to log into your Google accounts.
We may also receive your personal information from another user. For example, a teacher might input your email in order to share a quiz or parent report. If a teacher chooses to enter student information directly into Rito or requires students to sign up via the Google Classroom Integration, Classes on Rito, or a similar rostering functionality, we require that teachers or schools get parental consent before using Rito with children who are under the age when they can grant consent on their own.
Content on Rito may contain links to other websites not affiliated with the service. We are not responsible for the privacy practices of other websites and users need to be aware of the data privacy practices of such sites should they choose to use these links.
As described above, we limit data collection to what we need to provide the requested services. Rito does not knowingly collect data considered sensitive by GDPR such as those related to race or ethnicity, health and biometric information, or political affiliation. In addition to these categories, we do not collect free or reduced lunch eligibility.
Cookies and Web Beacons
How does Rito use this information?
Rito limits its disclosure of both information that could on its own or in combination with other information be used to identify you. We only disclose personally identifying information to Rito employees, contractors and subcontractors that: (i) must access that information in order to process it on Rito's behalf or to provide services available at Rito's website and mobile applications; and, (ii) agree not to disclose that information to others.
Rito does not rent, sell or exchange potentially personally-identifying and personally-identifying information to any third party without your consent. Other than to Rito’s employees, contractors and affiliated organizations, as described above, Rito discloses potentially personally-identifying and personally-identifying information only when required to do so by law such as to comply with a court order, or when Rito believes in good faith that disclosure is reasonably necessary to protect the property, or legal rights or safety of Rito, third parties or the public at large.
The information we collect helps us to provide the service, maintain a consistent experience, and improve it or develop new services. Examples of how this information is used include:
- Providing access to your account and saving progress over time.
- Personalizing your experience based on factors such as general location, preferred language and areas of study.
- Helping teachers identify and support individual students.
- Analyzing engagement with specific features over time.
We also use personal information to enforce our policies, comply with the law, and promote safety on the platform. These efforts protect the property, or legal rights or safety of Rito, third parties or the public at large. Examples of these efforts include:
- Preventing security breaches and fraud.
- Protecting users from inappropriate content.
- Verifying the identity of a user
- Complying with privacy legislation.
Communicating with you
If you are a registered Rito user, Rito may occasionally send you communications via email (if provided) or push notification (for mobile app users) to tell you about new features, get your feedback, and to keep you up to date with what's going on with Rito and our products. By registering to use our service you consent to the receipt of these communications, including text communications. You may choose to participate in sweepstakes and promotions which may have additional information regarding the use of Personal Information. If you send us a request (for example via a support email or via one of our feedback mechanisms), we reserve the right to publish it in order to help us clarify or respond to your request or to help us support other users. We engage in these activities where we have a legitimate interest or with your consent. You may choose to stop receiving such communications by unsubscribing from emails and by disabling push notifications.
Advertising, Analytics and Marketing
In order to provide the service, we work with analytics providers to understand how Rito is being used and advertising networks to display contextual advertisements.
Advertising partners are not permitted to engage in behavioral targeting nor are they permitted to share or sell personal data. Rito does not share data for third-party advertising nor do we use data to track and target advertisements on other third-party websites or services. Data profiles are not used to serve advertisements. All advertising partners must comply with COPPA, GDPR, and privacy commitments made by Rito. Account information such as name and email address are not shared with these partners nor do they have access to your Rito account credentials.
Aggregated demographic and activity data may be used for research purposes.
How is my information shared?
As described in this policy, Rito only shares your personal information when it is necessary to offer the service, comply with law, or with your permission.
- In order to provide and improve Rito, a limited number of third-party services require access to your personal information. For example, your account data are saved in a data center so that you can log in from any device. Third party services are contractually prohibited from using your information except to provide the service. A list of third party services that may process personal data on our behalf can be found here.
- Third-party services that transfer the personal information of EU residents are contractually bound to comply with GDPR.
- Rito may need to disclose your information to a third party to comply with the law or a valid legal request. In such cases, we will let you know in advance unless we are legally prohibited from doing so.
- If Rito (or substantially all of its assets) are acquired by another company, personal information will be transferred to a new owner. In such a transfer, you will be notified and the new owner may continue to use your personal information as set forth in this policy.
- Rito may aggregate statistics about the behavior of visitors to our website and app to improve our services. For instance, Rito may monitor the most popular quizzes on the Rito site. Rito may display this information publicly or provide it to others.
Managing your personal information
Data Subject Rights
You have the right to delete, access, update, correct errors in, and export for transfer any of your personal information. Rito makes these data subject rights available to you regardless of which country or US state you reside in.
Managing the subsequent use and disclosure of your personal information.
If your personally identifiable information changes, or if you no longer want to use Rito, you may review, edit, or delete it by visiting Rito’ Settings page, found at http://www.ritoapp.com/settings. Parents may remove, delete or update an account or any information concerning their child that is posted on Rito by visiting their child’s settings page, working with their child’s teacher or by contacting us at firstname.lastname@example.org.
Certain activity on Rito may be displayed to other users, such as commentary on quiz content, blog posts, support articles, feedback forums or our blog, or the information on your Rito Profile and quizzes that you have made public. You should be aware that any information you provide in these areas may be read, collected, and used by others who access them. You may delete this information or change sharing settings directly. If you are unable to do this or need help, please contact our team at email@example.com
We will retain your information for as long as your account is active or as needed to provide you services. In most cases, we delete user accounts if they have been inactive for more than twelve months. We may retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
You may delete your account or update your information at any time by visiting www.ritoapp.com.
Rito follows generally accepted industry standards to protect the personal information submitted to us, both during transmission and once we receive it. Our security measures include the use of access-controlled data centers, encryption of all data in transit, and the encryption of user password data both in transit and at rest. No method of transmission over the Internet, or method of electronic storage, however, is 100% secure.
In the event of a security breach, we will notify affected account holders within the amount of time required by law so that you can take steps to keep your data safe.
If you have any questions about Rito security practices, you can contact us at firstname.lastname@example.org. Rito reserves the right not to disclose our policies, procedures and the technologies and methods we employ to advance the security of your data so as to safeguard our practices.
Additional Information for California Residents
If you reside in California you are entitled to exercise certain rights outlined in the California Consumer Protection Act (CCPA).
You may delete your account or update your information at any time by visiting www.ritoapp.com.
You may request access to the personal information we’ve collected by emailing our team at email@example.com. Rito will not discriminate against you for exercising these rights.
2630 National Dr.,
Garland, TX 75041
Any additional questions, comments or complaints may be addressed to our Data Protection Officer, Connor Pierson, who may be reached by either of these methods of contact.
Rito reserves the right to modify this privacy statement at any time, so please review it frequently. If we make a material change to our practices regarding your personally identifiable information, we will notify, by email, and/ or by means of a notice on our Web site prior to the change becoming effective and seek your consent for those new practices.