PRIVACY POLICY

Last updat­ed April 19, 2023

This pri­va­cy notice for Insti­tute of Expe­ri­en­tial Learn­ing (“Com­pa­ny,” “we,” “us,” or “our”), describes how and why we might col­lect, store, use, and/or share (“process”) your infor­ma­tion when you use our ser­vices (“Ser­vices”), such as when you:

  • Engage with us in oth­er relat­ed ways, includ­ing any sales, mar­ket­ing, or events

Ques­tions or con­cerns? Read­ing this pri­va­cy notice will help you under­stand your pri­va­cy rights and choic­es. If you do not agree with our poli­cies and prac­tices, please do not use our Ser­vices. If you still have any ques­tions or con­cerns, please con­tact us.

SUMMARY OF KEY POINTS

This sum­ma­ry pro­vides key points from our pri­va­cy notice, but you can find out more details about any of these top­ics by click­ing the link fol­low­ing each key point or by using our table of con­tents below to find the sec­tion you are look­ing for.

What per­son­al infor­ma­tion do we process? When you vis­it, use, or nav­i­gate our Ser­vices, we may process per­son­al infor­ma­tion depend­ing on how you inter­act with Insti­tute of Expe­ri­en­tial Learn­ing and the Ser­vices, the choic­es you make, and the prod­ucts and fea­tures you use. Learn more about per­son­al infor­ma­tion you dis­close to us.

Do we process any sen­si­tive per­son­al infor­ma­tion? We do not process sen­si­tive per­son­al information.

Do we receive any infor­ma­tion from third par­ties? We do not receive any infor­ma­tion from third parties.

How do we process your infor­ma­tion? We process your infor­ma­tion to pro­vide, improve, and admin­is­ter our Ser­vices, com­mu­ni­cate with you, for secu­ri­ty and fraud pre­ven­tion, and to com­ply with law. We may also process your infor­ma­tion for oth­er pur­pos­es with your con­sent. We process your infor­ma­tion only when we have a valid legal rea­son to do so. Learn more about how we process your infor­ma­tion.

In what sit­u­a­tions and with which types of par­ties do we share per­son­al infor­ma­tion? We may share infor­ma­tion in spe­cif­ic sit­u­a­tions and with spe­cif­ic cat­e­gories of third par­ties. Learn more about when and with whom we share your per­son­al infor­ma­tion.

How do we keep your infor­ma­tion safe? We have orga­ni­za­tion­al and tech­ni­cal process­es and pro­ce­dures in place to pro­tect your per­son­al infor­ma­tion. How­ev­er, no elec­tron­ic trans­mis­sion over the inter­net or infor­ma­tion stor­age tech­nol­o­gy can be guar­an­teed to be 100% secure, so we can­not promise or guar­an­tee that hack­ers, cyber­crim­i­nals, or oth­er unau­tho­rized third par­ties will not be able to defeat our secu­ri­ty and improp­er­ly col­lect, access, steal, or mod­i­fy your infor­ma­tion. Learn more about how we keep your infor­ma­tion safe.

What are your rights? Depend­ing on where you are locat­ed geo­graph­i­cal­ly, the applic­a­ble pri­va­cy law may mean you have cer­tain rights regard­ing your per­son­al infor­ma­tion. Learn more about your pri­va­cy rights.

How do you exer­cise your rights? The eas­i­est way to exer­cise your rights is by con­tact­ing us. We will con­sid­er and act upon any request in accor­dance with applic­a­ble data pro­tec­tion laws.

Want to learn more about what Insti­tute of Expe­ri­en­tial Learn­ing does with any infor­ma­tion we col­lect? Review the pri­va­cy notice in full.

TABLE OF CONTENTS

1. WHAT INFORMATION DO WE COLLECT?

2. HOW DO WE PROCESS YOUR INFORMATION?

3. WHAT LEGAL BASES DO WE RELY ON TO PROCESS YOUR PERSONAL INFORMATION?

4. WHEN AND WITH WHOM DO WE SHARE YOUR PERSONAL INFORMATION?

5. DO WE USE COOKIES AND OTHER TRACKING TECHNOLOGIES?

6. IS YOUR INFORMATION TRANSFERRED INTERNATIONALLY?

7. HOW LONG DO WE KEEP YOUR INFORMATION?

8. HOW DO WE KEEP YOUR INFORMATION SAFE?

9. DO WE COLLECT INFORMATION FROM MINORS?

10. WHAT ARE YOUR PRIVACY RIGHTS?

11. CONTROLS FOR DO-NOT-TRACK FEATURES

12. DO CALIFORNIA RESIDENTS HAVE SPECIFIC PRIVACY RIGHTS?

13. DO VIRGINIA RESIDENTS HAVE SPECIFIC PRIVACY RIGHTS?

14. DO WE MAKE UPDATES TO THIS NOTICE?

15. HOW CAN YOU CONTACT US ABOUT THIS NOTICE?

16. HOW CAN YOU REVIEW, UPDATE, OR DELETE THE DATA WE COLLECT FROM YOU?

1. WHAT INFORMATION DO WE COLLECT?

Per­son­al infor­ma­tion you dis­close to us

In Short: We col­lect per­son­al infor­ma­tion that you pro­vide to us.

We col­lect per­son­al infor­ma­tion that you vol­un­tar­i­ly pro­vide to us when you express an inter­est in obtain­ing infor­ma­tion about us or our prod­ucts and Ser­vices, when you par­tic­i­pate in activ­i­ties on the Ser­vices, or oth­er­wise when you con­tact us.

Per­son­al Infor­ma­tion Pro­vid­ed by You. The per­son­al infor­ma­tion that we col­lect depends on the con­text of your inter­ac­tions with us and the Ser­vices, the choic­es you make, and the prod­ucts and fea­tures you use. The per­son­al infor­ma­tion we col­lect may include the following:

  • names
  • phone num­bers
  • email address­es
  • billing address­es
  • debit/credit card numbers

Sen­si­tive Infor­ma­tion. We do not process sen­si­tive information.

Pay­ment Data. We may col­lect data nec­es­sary to process your pay­ment if you make pur­chas­es, such as your pay­ment instru­ment num­ber, and the secu­ri­ty code asso­ci­at­ed with your pay­ment instru­ment. All pay­ment data is stored by Square Pay. You may find their pri­va­cy notice link(s) here: https://squareup.com/us/en/legal/general/square-pay-pn.

All per­son­al infor­ma­tion that you pro­vide to us must be true, com­plete, and accu­rate, and you must noti­fy us of any changes to such per­son­al information.

Infor­ma­tion auto­mat­i­cal­ly collected

In Short: Some infor­ma­tion - such as your Inter­net Pro­to­col (IP) address and/or brows­er and device char­ac­ter­is­tics - is col­lect­ed auto­mat­i­cal­ly when you vis­it our Services.

We auto­mat­i­cal­ly col­lect cer­tain infor­ma­tion when you vis­it, use, or nav­i­gate the Ser­vices. This infor­ma­tion does not reveal your spe­cif­ic iden­ti­ty (like your name or con­tact infor­ma­tion) but may include device and usage infor­ma­tion, such as your IP address, brows­er and device char­ac­ter­is­tics, oper­at­ing sys­tem, lan­guage pref­er­ences, refer­ring URLs, device name, coun­try, loca­tion, infor­ma­tion about how and when you use our Ser­vices, and oth­er tech­ni­cal infor­ma­tion. This infor­ma­tion is pri­mar­i­ly need­ed to main­tain the secu­ri­ty and oper­a­tion of our Ser­vices, and for our inter­nal ana­lyt­ics and report­ing purposes.

Like many busi­ness­es, we also col­lect infor­ma­tion through cook­ies and sim­i­lar technologies.

The infor­ma­tion we col­lect includes:

  • Device Data. We col­lect device data such as infor­ma­tion about your com­put­er, phone, tablet, or oth­er device you use to access the Ser­vices. Depend­ing on the device used, this device data may include infor­ma­tion such as your IP address (or proxy serv­er), device and appli­ca­tion iden­ti­fi­ca­tion num­bers, loca­tion, brows­er type, hard­ware mod­el, Inter­net ser­vice provider and/or mobile car­ri­er, oper­at­ing sys­tem, and sys­tem con­fig­u­ra­tion information.

2. HOW DO WE PROCESS YOUR INFORMATION?

In Short: We process your infor­ma­tion to pro­vide, improve, and admin­is­ter our Ser­vices, com­mu­ni­cate with you, for secu­ri­ty and fraud pre­ven­tion, and to com­ply with law. We may also process your infor­ma­tion for oth­er pur­pos­es with your consent.

We process your per­son­al infor­ma­tion for a vari­ety of rea­sons, depend­ing on how you inter­act with our Ser­vices, including:

  • To deliv­er and facil­i­tate deliv­ery of ser­vices to the user. We may process your infor­ma­tion to pro­vide you with the request­ed service.
  • To respond to user inquiries/offer sup­port to users. We may process your infor­ma­tion to respond to your inquiries and solve any poten­tial issues you might have with the request­ed service.
  • To ful­fill and man­age your orders. We may process your infor­ma­tion to ful­fill and man­age your orders, pay­ments, returns, and exchanges made through the Services.
  • To iden­ti­fy usage trends. We may process infor­ma­tion about how you use our Ser­vices to bet­ter under­stand how they are being used so we can improve them.
  • To save or pro­tect an indi­vid­u­al’s vital inter­est. We may process your infor­ma­tion when nec­es­sary to save or pro­tect an indi­vid­u­al’s vital inter­est, such as to pre­vent harm.

3. WHAT LEGAL BASES DO WE RELY ON TO PROCESS YOUR INFORMATION?

In Short: We only process your per­son­al infor­ma­tion when we believe it is nec­es­sary and we have a valid legal rea­son (i.e., legal basis) to do so under applic­a­ble law, like with your con­sent, to com­ply with laws, to pro­vide you with ser­vices to enter into or ful­fill our con­trac­tu­al oblig­a­tions, to pro­tect your rights, or to ful­fill our legit­i­mate busi­ness interests.

If you are locat­ed in the EU or UK, this sec­tion applies to you.

The Gen­er­al Data Pro­tec­tion Reg­u­la­tion (GDPR) and UK GDPR require us to explain the valid legal bases we rely on in order to process your per­son­al infor­ma­tion. As such, we may rely on the fol­low­ing legal bases to process your per­son­al information:

  • Con­sent. We may process your infor­ma­tion if you have giv­en us per­mis­sion (i.e., con­sent) to use your per­son­al infor­ma­tion for a spe­cif­ic pur­pose. You can with­draw your con­sent at any time. Learn more about with­draw­ing your con­sent.
  • Per­for­mance of a Con­tract. We may process your per­son­al infor­ma­tion when we believe it is nec­es­sary to ful­fill our con­trac­tu­al oblig­a­tions to you, includ­ing pro­vid­ing our Ser­vices or at your request pri­or to enter­ing into a con­tract with you.
  • Legit­i­mate Inter­ests. We may process your infor­ma­tion when we believe it is rea­son­ably nec­es­sary to achieve our legit­i­mate busi­ness inter­ests and those inter­ests do not out­weigh your inter­ests and fun­da­men­tal rights and free­doms. For exam­ple, we may process your per­son­al infor­ma­tion for some of the pur­pos­es described in order to:
  • Ana­lyze how our Ser­vices are used so we can improve them to engage and retain users
  • Legal Oblig­a­tions. We may process your infor­ma­tion where we believe it is nec­es­sary for com­pli­ance with our legal oblig­a­tions, such as to coop­er­ate with a law enforce­ment body or reg­u­la­to­ry agency, exer­cise or defend our legal rights, or dis­close your infor­ma­tion as evi­dence in lit­i­ga­tion in which we are involved.
  • Vital Inter­ests. We may process your infor­ma­tion where we believe it is nec­es­sary to pro­tect your vital inter­ests or the vital inter­ests of a third par­ty, such as sit­u­a­tions involv­ing poten­tial threats to the safe­ty of any person.

If you are locat­ed in Cana­da, this sec­tion applies to you.

We may process your infor­ma­tion if you have giv­en us spe­cif­ic per­mis­sion (i.e., express con­sent) to use your per­son­al infor­ma­tion for a spe­cif­ic pur­pose, or in sit­u­a­tions where your per­mis­sion can be inferred (i.e., implied con­sent). You can with­draw your con­sent at any time.

In some excep­tion­al cas­es, we may be legal­ly per­mit­ted under applic­a­ble law to process your infor­ma­tion with­out your con­sent, includ­ing, for example:

  • If col­lec­tion is clear­ly in the inter­ests of an indi­vid­ual and con­sent can­not be obtained in a time­ly way
  • For inves­ti­ga­tions and fraud detec­tion and prevention
  • For busi­ness trans­ac­tions pro­vid­ed cer­tain con­di­tions are met
  • If it is con­tained in a wit­ness state­ment and the col­lec­tion is nec­es­sary to assess, process, or set­tle an insur­ance claim
  • For iden­ti­fy­ing injured, ill, or deceased per­sons and com­mu­ni­cat­ing with next of kin
  • If we have rea­son­able grounds to believe an indi­vid­ual has been, is, or may be vic­tim of finan­cial abuse
  • If it is rea­son­able to expect col­lec­tion and use with con­sent would com­pro­mise the avail­abil­i­ty or the accu­ra­cy of the infor­ma­tion and the col­lec­tion is rea­son­able for pur­pos­es relat­ed to inves­ti­gat­ing a breach of an agree­ment or a con­tra­ven­tion of the laws of Cana­da or a province
  • If dis­clo­sure is required to com­ply with a sub­poe­na, war­rant, court order, or rules of the court relat­ing to the pro­duc­tion of records
  • If it was pro­duced by an indi­vid­ual in the course of their employ­ment, busi­ness, or pro­fes­sion and the col­lec­tion is con­sis­tent with the pur­pos­es for which the infor­ma­tion was produced
  • If the col­lec­tion is sole­ly for jour­nal­is­tic, artis­tic, or lit­er­ary purposes
  • If the infor­ma­tion is pub­licly avail­able and is spec­i­fied by the regulations

4. WHEN AND WITH WHOM DO WE SHARE YOUR PERSONAL INFORMATION?

In Short: We may share infor­ma­tion in spe­cif­ic sit­u­a­tions described in this sec­tion and/or with the fol­low­ing cat­e­gories of third parties.

Ven­dors, Con­sul­tants, and Oth­er Third-Par­ty Ser­vice Providers. We may share your data with third-par­ty ven­dors, ser­vice providers, con­trac­tors, or agents (“third par­ties”) who per­form ser­vices for us or on our behalf and require access to such infor­ma­tion to do that work. We have con­tracts in place with our third par­ties, which are designed to help safe­guard your per­son­al infor­ma­tion. This means that they can­not do any­thing with your per­son­al infor­ma­tion unless we have instruct­ed them to do it. They will also not share your per­son­al infor­ma­tion with any orga­ni­za­tion apart from us. They also com­mit to pro­tect the data they hold on our behalf and to retain it for the peri­od we instruct. The cat­e­gories of third par­ties we may share per­son­al infor­ma­tion with are as follows:

  • Data Ana­lyt­ics Services
  • Sales & Mar­ket­ing Tools
  • Prod­uct Engi­neer­ing & Design Tools
  • Per­for­mance Mon­i­tor­ing Tools
  • Order Ful­fill­ment Ser­vice Providers

We also may need to share your per­son­al infor­ma­tion in the fol­low­ing situations:

  • Busi­ness Trans­fers. We may share or trans­fer your infor­ma­tion in con­nec­tion with, or dur­ing nego­ti­a­tions of, any merg­er, sale of com­pa­ny assets, financ­ing, or acqui­si­tion of all or a por­tion of our busi­ness to anoth­er company.
  • Affil­i­ates. We may share your infor­ma­tion with our affil­i­ates, in which case we will require those affil­i­ates to hon­or this pri­va­cy notice. Affil­i­ates include our par­ent com­pa­ny and any sub­sidiaries, joint ven­ture part­ners, or oth­er com­pa­nies that we con­trol or that are under com­mon con­trol with us.
  • Busi­ness Part­ners. We may share your infor­ma­tion with our busi­ness part­ners to offer you cer­tain prod­ucts, ser­vices, or promotions.

5. DO WE USE COOKIES AND OTHER TRACKING TECHNOLOGIES?

In Short: We may use cook­ies and oth­er track­ing tech­nolo­gies to col­lect and store your information.

We may use cook­ies and sim­i­lar track­ing tech­nolo­gies (like web bea­cons and pix­els) to access or store information.

6. IS YOUR INFORMATION TRANSFERRED INTERNATIONALLY?

In Short: We may trans­fer, store, and process your infor­ma­tion in coun­tries oth­er than your own.

Our servers are locat­ed in the Unit­ed States. If you are access­ing our Ser­vices from out­side the Unit­ed States, please be aware that your infor­ma­tion may be trans­ferred to, stored, and processed by us in our facil­i­ties and by those third par­ties with whom we may share your per­son­al infor­ma­tion (see “WHEN AND WITH WHOM DO WE SHARE YOUR PERSONAL INFORMATION?” above), in the Unit­ed States, and oth­er countries.

If you are a res­i­dent in the Euro­pean Eco­nom­ic Area (EEA) or Unit­ed King­dom (UK), then these coun­tries may not nec­es­sar­i­ly have data pro­tec­tion laws or oth­er sim­i­lar laws as com­pre­hen­sive as those in your coun­try. How­ev­er, we will take all nec­es­sary mea­sures to pro­tect your per­son­al infor­ma­tion in accor­dance with this pri­va­cy notice and applic­a­ble law.

Euro­pean Com­mis­sion’s Stan­dard Con­trac­tu­al Clauses:

We have imple­ment­ed mea­sures to pro­tect your per­son­al infor­ma­tion, includ­ing by using the Euro­pean Com­mis­sion’s Stan­dard Con­trac­tu­al Claus­es for trans­fers of per­son­al infor­ma­tion between our group com­pa­nies and between us and our third-par­ty providers. These claus­es require all recip­i­ents to pro­tect all per­son­al infor­ma­tion that they process orig­i­nat­ing from the EEA or UK in accor­dance with Euro­pean data pro­tec­tion laws and reg­u­la­tions. Our Stan­dard Con­trac­tu­al Claus­es can be pro­vid­ed upon request. We have imple­ment­ed sim­i­lar appro­pri­ate safe­guards with our third-par­ty ser­vice providers and part­ners and fur­ther details can be pro­vid­ed upon request.

7. HOW LONG DO WE KEEP YOUR INFORMATION?

In Short: We keep your infor­ma­tion for as long as nec­es­sary to ful­fill the pur­pos­es out­lined in this pri­va­cy notice unless oth­er­wise required by law.

We will only keep your per­son­al infor­ma­tion for as long as it is nec­es­sary for the pur­pos­es set out in this pri­va­cy notice, unless a longer reten­tion peri­od is required or per­mit­ted by law (such as tax, account­ing, or oth­er legal requirements).

When we have no ongo­ing legit­i­mate busi­ness need to process your per­son­al infor­ma­tion, we will either delete or anonymize such infor­ma­tion, or, if this is not pos­si­ble (for exam­ple, because your per­son­al infor­ma­tion has been stored in back­up archives), then we will secure­ly store your per­son­al infor­ma­tion and iso­late it from any fur­ther pro­cess­ing until dele­tion is possible.

8. HOW DO WE KEEP YOUR INFORMATION SAFE?

In Short: We aim to pro­tect your per­son­al infor­ma­tion through a sys­tem of orga­ni­za­tion­al and tech­ni­cal secu­ri­ty measures.

We have imple­ment­ed appro­pri­ate and rea­son­able tech­ni­cal and orga­ni­za­tion­al secu­ri­ty mea­sures designed to pro­tect the secu­ri­ty of any per­son­al infor­ma­tion we process. How­ev­er, despite our safe­guards and efforts to secure your infor­ma­tion, no elec­tron­ic trans­mis­sion over the Inter­net or infor­ma­tion stor­age tech­nol­o­gy can be guar­an­teed to be 100% secure, so we can­not promise or guar­an­tee that hack­ers, cyber­crim­i­nals, or oth­er unau­tho­rized third par­ties will not be able to defeat our secu­ri­ty and improp­er­ly col­lect, access, steal, or mod­i­fy your infor­ma­tion. Although we will do our best to pro­tect your per­son­al infor­ma­tion, trans­mis­sion of per­son­al infor­ma­tion to and from our Ser­vices is at your own risk. You should only access the Ser­vices with­in a secure environment.

9. DO WE COLLECT INFORMATION FROM MINORS?

In Short: We do not know­ing­ly col­lect data from or mar­ket to chil­dren under 18 years of age.

We do not know­ing­ly solic­it data from or mar­ket to chil­dren under 18 years of age. By using the Ser­vices, you rep­re­sent that you are at least 18 or that you are the par­ent or guardian of such a minor and con­sent to such minor depen­den­t’s use of the Ser­vices. If we learn that per­son­al infor­ma­tion from users less than 18 years of age has been col­lect­ed, we will deac­ti­vate the account and take rea­son­able mea­sures to prompt­ly delete such data from our records. If you become aware of any data we may have col­lect­ed from chil­dren under age 18, please con­tact us at info@experientiallearninginstitute.org.

10. WHAT ARE YOUR PRIVACY RIGHTS?

In Short: In some regions, such as the Euro­pean Eco­nom­ic Area (EEA), Unit­ed King­dom (UK), and Cana­da, you have rights that allow you greater access to and con­trol over your per­son­al infor­ma­tion. You may review, change, or ter­mi­nate your account at any time.

In some regions (like the EEA, UK, and Cana­da), you have cer­tain rights under applic­a­ble data pro­tec­tion laws. These may include the right (i) to request access and obtain a copy of your per­son­al infor­ma­tion, (ii) to request rec­ti­fi­ca­tion or era­sure; (iii) to restrict the pro­cess­ing of your per­son­al infor­ma­tion; and (iv) if applic­a­ble, to data porta­bil­i­ty. In cer­tain cir­cum­stances, you may also have the right to object to the pro­cess­ing of your per­son­al infor­ma­tion. You can make such a request by con­tact­ing us by using the con­tact details pro­vid­ed in the sec­tion “HOW CAN YOU CONTACT US ABOUT THIS NOTICE?” below.

We will con­sid­er and act upon any request in accor­dance with applic­a­ble data pro­tec­tion laws.

If you are locat­ed in the EEA or UK and you believe we are unlaw­ful­ly pro­cess­ing your per­son­al infor­ma­tion, you also have the right to com­plain to your Mem­ber State data pro­tec­tion author­i­ty or UK data pro­tec­tion author­i­ty.

If you are locat­ed in Switzer­land, you may con­tact the Fed­er­al Data Pro­tec­tion and Infor­ma­tion Com­mis­sion­er.

With­draw­ing your con­sent: If we are rely­ing on your con­sent to process your per­son­al infor­ma­tion, which may be express and/or implied con­sent depend­ing on the applic­a­ble law, you have the right to with­draw your con­sent at any time. You can with­draw your con­sent at any time by con­tact­ing us by using the con­tact details pro­vid­ed in the sec­tion “HOW CAN YOU CONTACT US ABOUT THIS NOTICE?” below.

How­ev­er, please note that this will not affect the law­ful­ness of the pro­cess­ing before its with­draw­al nor, when applic­a­ble law allows, will it affect the pro­cess­ing of your per­son­al infor­ma­tion con­duct­ed in reliance on law­ful pro­cess­ing grounds oth­er than consent.

Opt­ing out of mar­ket­ing and pro­mo­tion­al com­mu­ni­ca­tions: You can unsub­scribe from our mar­ket­ing and pro­mo­tion­al com­mu­ni­ca­tions at any time by click­ing on the unsub­scribe link in the emails that we send, or by con­tact­ing us using the details pro­vid­ed in the sec­tion “HOW CAN YOU CONTACT US ABOUT THIS NOTICE?” below. You will then be removed from the mar­ket­ing lists. How­ev­er, we may still com­mu­ni­cate with you - for exam­ple, to send you ser­vice-relat­ed mes­sages that are nec­es­sary for the admin­is­tra­tion and use of your account, to respond to ser­vice requests, or for oth­er non-mar­ket­ing purposes.

Cook­ies and sim­i­lar tech­nolo­gies: Most Web browsers are set to accept cook­ies by default. If you pre­fer, you can usu­al­ly choose to set your brows­er to remove cook­ies and to reject cook­ies. If you choose to remove cook­ies or reject cook­ies, this could affect cer­tain fea­tures or ser­vices of our Ser­vices. You may also opt out of inter­est-based adver­tis­ing by adver­tis­ers on our Services.

If you have ques­tions or com­ments about your pri­va­cy rights, you may email us at info@experientiallearninginstitute.org.

11. CONTROLS FOR DO-NOT-TRACK FEATURES

Most web browsers and some mobile oper­at­ing sys­tems and mobile appli­ca­tions include a Do-Not-Track (“DNT”) fea­ture or set­ting you can acti­vate to sig­nal your pri­va­cy pref­er­ence not to have data about your online brows­ing activ­i­ties mon­i­tored and col­lect­ed. At this stage no uni­form tech­nol­o­gy stan­dard for rec­og­niz­ing and imple­ment­ing DNT sig­nals has been final­ized. As such, we do not cur­rent­ly respond to DNT brows­er sig­nals or any oth­er mech­a­nism that auto­mat­i­cal­ly com­mu­ni­cates your choice not to be tracked online. If a stan­dard for online track­ing is adopt­ed that we must fol­low in the future, we will inform you about that prac­tice in a revised ver­sion of this pri­va­cy notice.

12. DO CALIFORNIA RESIDENTS HAVE SPECIFIC PRIVACY RIGHTS?

In Short: Yes, if you are a res­i­dent of Cal­i­for­nia, you are grant­ed spe­cif­ic rights regard­ing access to your per­son­al information.

Cal­i­for­nia Civ­il Code Sec­tion 1798.83, also known as the “Shine The Light” law, per­mits our users who are Cal­i­for­nia res­i­dents to request and obtain from us, once a year and free of charge, infor­ma­tion about cat­e­gories of per­son­al infor­ma­tion (if any) we dis­closed to third par­ties for direct mar­ket­ing pur­pos­es and the names and address­es of all third par­ties with which we shared per­son­al infor­ma­tion in the imme­di­ate­ly pre­ced­ing cal­en­dar year. If you are a Cal­i­for­nia res­i­dent and would like to make such a request, please sub­mit your request in writ­ing to us using the con­tact infor­ma­tion pro­vid­ed below.

If you are under 18 years of age, reside in Cal­i­for­nia, and have a reg­is­tered account with Ser­vices, you have the right to request removal of unwant­ed data that you pub­licly post on the Ser­vices. To request removal of such data, please con­tact us using the con­tact infor­ma­tion pro­vid­ed below and include the email address asso­ci­at­ed with your account and a state­ment that you reside in Cal­i­for­nia. We will make sure the data is not pub­licly dis­played on the Ser­vices, but please be aware that the data may not be com­plete­ly or com­pre­hen­sive­ly removed from all our sys­tems (e.g., back­ups, etc.).

CCPA Pri­va­cy Notice

The Cal­i­for­nia Code of Reg­u­la­tions defines a “res­i­dent” as:

(1) every indi­vid­ual who is in the State of Cal­i­for­nia for oth­er than a tem­po­rary or tran­si­to­ry pur­pose and

(2) every indi­vid­ual who is domi­ciled in the State of Cal­i­for­nia who is out­side the State of Cal­i­for­nia for a tem­po­rary or tran­si­to­ry purpose

All oth­er indi­vid­u­als are defined as “non-res­i­dents.”

If this def­i­n­i­tion of “res­i­dent” applies to you, we must adhere to cer­tain rights and oblig­a­tions regard­ing your per­son­al information.

What cat­e­gories of per­son­al infor­ma­tion do we collect?

We have col­lect­ed the fol­low­ing cat­e­gories of per­son­al infor­ma­tion in the past twelve (12) months:

Cat­e­go­ry Exam­ples Col­lect­ed
A. Iden­ti­fiers Con­tact details, such as real name, alias, postal address, tele­phone or mobile con­tact num­ber, unique per­son­al iden­ti­fi­er, online iden­ti­fi­er, Inter­net Pro­to­col address, email address, and account name YES
B. Per­son­al infor­ma­tion cat­e­gories list­ed in the Cal­i­for­nia Cus­tomer Records statute Name, con­tact infor­ma­tion, edu­ca­tion, employ­ment, employ­ment his­to­ry, and finan­cial information YES
C. Pro­tect­ed clas­si­fi­ca­tion char­ac­ter­is­tics under Cal­i­for­nia or fed­er­al law Gen­der and date of birth NO
D. Com­mer­cial information Trans­ac­tion infor­ma­tion, pur­chase his­to­ry, finan­cial details, and pay­ment information NO
E. Bio­met­ric information Fin­ger­prints and voiceprints NO
F. Inter­net or oth­er sim­i­lar net­work activity Brows­ing his­to­ry, search his­to­ry, online behav­ior, inter­est data, and inter­ac­tions with our and oth­er web­sites, appli­ca­tions, sys­tems, and advertisements NO
G. Geolo­ca­tion data Device loca­tion NO
H. Audio, elec­tron­ic, visu­al, ther­mal, olfac­to­ry, or sim­i­lar information Images and audio, video or call record­ings cre­at­ed in con­nec­tion with our busi­ness activities NO
I. Pro­fes­sion­al or employ­ment-relat­ed information Busi­ness con­tact details in order to pro­vide you our Ser­vices at a busi­ness lev­el or job title, work his­to­ry, and pro­fes­sion­al qual­i­fi­ca­tions if you apply for a job with us NO
J. Edu­ca­tion Information Stu­dent records and direc­to­ry information NO
K. Infer­ences drawn from oth­er per­son­al information Infer­ences drawn from any of the col­lect­ed per­son­al infor­ma­tion list­ed above to cre­ate a pro­file or sum­ma­ry about, for exam­ple, an indi­vid­u­al’s pref­er­ences and characteristics NO
L. Sen­si­tive Per­son­al Information NO

We will use and retain the col­lect­ed per­son­al infor­ma­tion as need­ed to pro­vide the Ser­vices or for:

  • Cat­e­go­ry A - As long as the user has an account with us
  • Cat­e­go­ry B - As long as the user has an account with us

We may also col­lect oth­er per­son­al infor­ma­tion out­side of these cat­e­gories through instances where you inter­act with us in per­son, online, or by phone or mail in the con­text of:

  • Receiv­ing help through our cus­tomer sup­port channels;
  • Par­tic­i­pa­tion in cus­tomer sur­veys or con­tests; and
  • Facil­i­ta­tion in the deliv­ery of our Ser­vices and to respond to your inquiries.

How do we use and share your per­son­al information?

Insti­tute of Expe­ri­en­tial Learn­ing col­lects and shares your per­son­al infor­ma­tion through:

  • Tar­get­ing cookies/Marketing cookies

More infor­ma­tion about our data col­lec­tion and shar­ing prac­tices can be found in this pri­va­cy notice.

You may con­tact us by vis­it­ing https://experientiallearninginstitute.org/contact/, or by refer­ring to the con­tact details at the bot­tom of this document.

If you are using an autho­rized agent to exer­cise your right to opt out we may deny a request if the autho­rized agent does not sub­mit proof that they have been valid­ly autho­rized to act on your behalf.

Will your infor­ma­tion be shared with any­one else?

We may dis­close your per­son­al infor­ma­tion with our ser­vice providers pur­suant to a writ­ten con­tract between us and each ser­vice provider. Each ser­vice provider is a for-prof­it enti­ty that process­es the infor­ma­tion on our behalf, fol­low­ing the same strict pri­va­cy pro­tec­tion oblig­a­tions man­dat­ed by the CCPA.

We may use your per­son­al infor­ma­tion for our own busi­ness pur­pos­es, such as for under­tak­ing inter­nal research for tech­no­log­i­cal devel­op­ment and demon­stra­tion. This is not con­sid­ered to be “sell­ing” of your per­son­al information.

Insti­tute of Expe­ri­en­tial Learn­ing has not sold or shared any per­son­al infor­ma­tion to third par­ties for a busi­ness or com­mer­cial pur­pose in the pre­ced­ing twelve (12) months. Insti­tute of Expe­ri­en­tial Learn­ing has dis­closed the fol­low­ing cat­e­gories of per­son­al infor­ma­tion to third par­ties for a busi­ness or com­mer­cial pur­pose in the pre­ced­ing twelve (12) months:

  • Cat­e­go­ry A. Iden­ti­fiers, such as con­tact details like your real name, alias, postal address, tele­phone or mobile con­tact num­ber, unique per­son­al iden­ti­fi­er, online iden­ti­fi­er, Inter­net Pro­to­col address, email address, and account name.
  • Cat­e­go­ry B. Per­son­al Infor­ma­tion, as defined in the Cal­i­for­nia Cus­tomer Records law, such as your name, con­tact infor­ma­tion, edu­ca­tion, employ­ment, employ­ment his­to­ry, and finan­cial information.

The cat­e­gories of third par­ties to whom we dis­closed per­son­al infor­ma­tion for a busi­ness or com­mer­cial pur­pose can be found under “WHEN AND WITH WHOM DO WE SHARE YOUR PERSONAL INFORMATION?”.

Your rights with respect to your per­son­al data

Right to request dele­tion of the data - Request to delete

You can ask for the dele­tion of your per­son­al infor­ma­tion. If you ask us to delete your per­son­al infor­ma­tion, we will respect your request and delete your per­son­al infor­ma­tion, sub­ject to cer­tain excep­tions pro­vid­ed by law, such as (but not lim­it­ed to) the exer­cise by anoth­er con­sumer of his or her right to free speech, our com­pli­ance require­ments result­ing from a legal oblig­a­tion, or any pro­cess­ing that may be required to pro­tect against ille­gal activities.

Right to be informed - Request to know

Depend­ing on the cir­cum­stances, you have a right to know:

  • whether we col­lect and use your per­son­al information;
  • the cat­e­gories of per­son­al infor­ma­tion that we collect;
  • the pur­pos­es for which the col­lect­ed per­son­al infor­ma­tion is used;
  • whether we sell or share per­son­al infor­ma­tion to third parties;
  • the cat­e­gories of per­son­al infor­ma­tion that we sold, shared, or dis­closed for a busi­ness purpose;
  • the cat­e­gories of third par­ties to whom the per­son­al infor­ma­tion was sold, shared, or dis­closed for a busi­ness purpose;
  • the busi­ness or com­mer­cial pur­pose for col­lect­ing, sell­ing, or shar­ing per­son­al infor­ma­tion; and
  • the spe­cif­ic pieces of per­son­al infor­ma­tion we col­lect­ed about you.

In accor­dance with applic­a­ble law, we are not oblig­at­ed to pro­vide or delete con­sumer infor­ma­tion that is de-iden­ti­fied in response to a con­sumer request or to re-iden­ti­fy indi­vid­ual data to ver­i­fy a con­sumer request.

Right to Non-Dis­crim­i­na­tion for the Exer­cise of a Con­sumer’s Pri­va­cy Rights

We will not dis­crim­i­nate against you if you exer­cise your pri­va­cy rights.

Right to Lim­it Use and Dis­clo­sure of Sen­si­tive Per­son­al Information

We do not process con­sumer’s sen­si­tive per­son­al information.

Ver­i­fi­ca­tion process

Upon receiv­ing your request, we will need to ver­i­fy your iden­ti­ty to deter­mine you are the same per­son about whom we have the infor­ma­tion in our sys­tem. These ver­i­fi­ca­tion efforts require us to ask you to pro­vide infor­ma­tion so that we can match it with infor­ma­tion you have pre­vi­ous­ly pro­vid­ed us. For instance, depend­ing on the type of request you sub­mit, we may ask you to pro­vide cer­tain infor­ma­tion so that we can match the infor­ma­tion you pro­vide with the infor­ma­tion we already have on file, or we may con­tact you through a com­mu­ni­ca­tion method (e.g., phone or email) that you have pre­vi­ous­ly pro­vid­ed to us. We may also use oth­er ver­i­fi­ca­tion meth­ods as the cir­cum­stances dictate.

We will only use per­son­al infor­ma­tion pro­vid­ed in your request to ver­i­fy your iden­ti­ty or author­i­ty to make the request. To the extent pos­si­ble, we will avoid request­ing addi­tion­al infor­ma­tion from you for the pur­pos­es of ver­i­fi­ca­tion. How­ev­er, if we can­not ver­i­fy your iden­ti­ty from the infor­ma­tion already main­tained by us, we may request that you pro­vide addi­tion­al infor­ma­tion for the pur­pos­es of ver­i­fy­ing your iden­ti­ty and for secu­ri­ty or fraud-pre­ven­tion pur­pos­es. We will delete such addi­tion­al­ly pro­vid­ed infor­ma­tion as soon as we fin­ish ver­i­fy­ing you.

Oth­er pri­va­cy rights

  • You may object to the pro­cess­ing of your per­son­al information.
  • You may request cor­rec­tion of your per­son­al data if it is incor­rect or no longer rel­e­vant, or ask to restrict the pro­cess­ing of the information.
  • You can des­ig­nate an autho­rized agent to make a request under the CCPA on your behalf. We may deny a request from an autho­rized agent that does not sub­mit proof that they have been valid­ly autho­rized to act on your behalf in accor­dance with the CCPA.
  • You may request to opt out from future sell­ing or shar­ing of your per­son­al infor­ma­tion to third par­ties. Upon receiv­ing an opt-out request, we will act upon the request as soon as fea­si­bly pos­si­ble, but no lat­er than fif­teen (15) days from the date of the request submission.

To exer­cise these rights, you can con­tact us by vis­it­ing https://experientiallearninginstitute.org/contact/, or by refer­ring to the con­tact details at the bot­tom of this doc­u­ment. If you have a com­plaint about how we han­dle your data, we would like to hear from you.

13. DO VIRGINIA RESIDENTS HAVE SPECIFIC PRIVACY RIGHTS?

In Short: Yes, if you are a res­i­dent of Vir­ginia, you may be grant­ed spe­cif­ic rights regard­ing access to and use of your per­son­al information.

Vir­ginia CDPA Pri­va­cy Notice

Under the Vir­ginia Con­sumer Data Pro­tec­tion Act (CDPA):

“Con­sumer” means a nat­ur­al per­son who is a res­i­dent of the Com­mon­wealth act­ing only in an indi­vid­ual or house­hold con­text. It does not include a nat­ur­al per­son act­ing in a com­mer­cial or employ­ment context.

“Per­son­al data” means any infor­ma­tion that is linked or rea­son­ably link­able to an iden­ti­fied or iden­ti­fi­able nat­ur­al per­son. “Per­son­al data” does not include de-iden­ti­fied data or pub­licly avail­able information.

“Sale of per­son­al data” means the exchange of per­son­al data for mon­e­tary consideration.

If this def­i­n­i­tion “con­sumer” applies to you, we must adhere to cer­tain rights and oblig­a­tions regard­ing your per­son­al data.

The infor­ma­tion we col­lect, use, and dis­close about you will vary depend­ing on how you inter­act with Insti­tute of Expe­ri­en­tial Learn­ing and our Ser­vices. To find out more, please vis­it the fol­low­ing links:

Your rights with respect to your per­son­al data

  • Right to be informed whether or not we are pro­cess­ing your per­son­al data
  • Right to access your per­son­al data
  • Right to cor­rect inac­cu­ra­cies in your per­son­al data
  • Right to request dele­tion of your per­son­al data
  • Right to obtain a copy of the per­son­al data you pre­vi­ous­ly shared with us
  • Right to opt out of the pro­cess­ing of your per­son­al data if it is used for tar­get­ed adver­tis­ing, the sale of per­son­al data, or pro­fil­ing in fur­ther­ance of deci­sions that pro­duce legal or sim­i­lar­ly sig­nif­i­cant effects (“pro­fil­ing”)

Insti­tute of Expe­ri­en­tial Learn­ing has not sold any per­son­al data to third par­ties for busi­ness or com­mer­cial pur­pos­es. Insti­tute of Expe­ri­en­tial Learn­ing will not sell per­son­al data in the future belong­ing to web­site vis­i­tors, users, and oth­er consumers.

Exer­cise your rights pro­vid­ed under the Vir­ginia CDPA

More infor­ma­tion about our data col­lec­tion and shar­ing prac­tices can be found in this pri­va­cy notice.

You may con­tact us by email at info@experientiallearninginstitute.org, by vis­it­ing https://experientiallearninginstitute.org/contact/, or by refer­ring to the con­tact details at the bot­tom of this document.

If you are using an autho­rized agent to exer­cise your rights, we may deny a request if the autho­rized agent does not sub­mit proof that they have been valid­ly autho­rized to act on your behalf.

Ver­i­fi­ca­tion process

We may request that you pro­vide addi­tion­al infor­ma­tion rea­son­ably nec­es­sary to ver­i­fy you and your con­sumer’s request. If you sub­mit the request through an autho­rized agent, we may need to col­lect addi­tion­al infor­ma­tion to ver­i­fy your iden­ti­ty before pro­cess­ing your request.

Upon receiv­ing your request, we will respond with­out undue delay, but in all cas­es, with­in forty-five (45) days of receipt. The response peri­od may be extend­ed once by forty-five (45) addi­tion­al days when rea­son­ably nec­es­sary. We will inform you of any such exten­sion with­in the ini­tial 45-day response peri­od, togeth­er with the rea­son for the extension.

Right to appeal

If we decline to take action regard­ing your request, we will inform you of our deci­sion and rea­son­ing behind it. If you wish to appeal our deci­sion, please email us at info@experientiallearninginstitute.org. With­in six­ty (60) days of receipt of an appeal, we will inform you in writ­ing of any action tak­en or not tak­en in response to the appeal, includ­ing a writ­ten expla­na­tion of the rea­sons for the deci­sions. If your appeal if denied, you may con­tact the Attor­ney Gen­er­al to sub­mit a com­plaint.

14. DO WE MAKE UPDATES TO THIS NOTICE?

In Short: Yes, we will update this notice as nec­es­sary to stay com­pli­ant with rel­e­vant laws.

We may update this pri­va­cy notice from time to time. The updat­ed ver­sion will be indi­cat­ed by an updat­ed “Revised” date and the updat­ed ver­sion will be effec­tive as soon as it is acces­si­ble. If we make mate­r­i­al changes to this pri­va­cy notice, we may noti­fy you either by promi­nent­ly post­ing a notice of such changes or by direct­ly send­ing you a noti­fi­ca­tion. We encour­age you to review this pri­va­cy notice fre­quent­ly to be informed of how we are pro­tect­ing your information.

15. HOW CAN YOU CONTACT US ABOUT THIS NOTICE?

If you have ques­tions or com­ments about this notice, you may email us at info@experientiallearninginstitute.org or by post to:

Insti­tute of Expe­ri­en­tial Learning
2 Brate­nahl Place 14D
Brate­nahl, OH 44108
Unit­ed States

16. HOW CAN YOU REVIEW, UPDATE, OR DELETE THE DATA WE COLLECT FROM YOU?

Based on the applic­a­ble laws of your coun­try, you may have the right to request access to the per­son­al infor­ma­tion we col­lect from you, change that infor­ma­tion, or delete it. To request to review, update, or delete your per­son­al infor­ma­tion, please vis­it: https://experientiallearninginstitute.org/contact/.