Privacy Policy
VIABLE Lab
Table of Contents
Information We Collect
In Plain Language: We collect information like your name, email, and how you use our tools to provide services and conduct educational research.
The VIABLE Lab collects information to support our educational research and provide services to users of our tools and platforms. The types of information we collect include:
Personal Information
- Name and contact information when you voluntarily provide it
- Email addresses for communication and account management
- Academic or professional affiliation when relevant
- Information provided through contact forms or research participation
Technical Information
- IP addresses and device information
- Browser type and version
- Operating system and device characteristics
- Usage patterns and interaction data with our tools
Educational Data
- Learning analytics and performance data (when using our educational tools)
- Interaction patterns with educational content
- Assessment results and progress information
Sensitive Personal Information
- We do not intentionally collect sensitive personal information
- This includes health data, biometric identifiers, or precise geolocation
- If sensitive data is inadvertently collected, it is promptly deleted
- Special protections apply to any sensitive data in research contexts
How We Use Information
In Plain Language: We use your information to improve our educational tools, conduct research, and provide support. We don't sell your information.
We use collected information for the following purposes:
Research and Development
- Conducting educational research to improve learning technologies
- Developing and improving our educational tools and platforms
- Publishing research findings in academic venues (with appropriate anonymization)
Service Provision
- Providing access to our educational tools and resources
- Personalizing user experience and content delivery
- Technical support and troubleshooting
Communication
- Responding to inquiries and support requests
- Sending updates about our research and tools
- Sharing relevant educational resources and opportunities
Legal Basis for Processing
- Legitimate interests in conducting educational research
- Consent for specific research studies and data collection
- Performance of contract for service provision
- Legal obligations under educational and research regulations
Information Sharing
We are committed to protecting your privacy and do not sell personal information. We may share information in the following limited circumstances:
Notice: We do not sell, rent, or share personal information for commercial purposes.
Research Collaborations
- With approved research partners for collaborative studies
- All sharing follows institutional review board (IRB) protocols
- Data is anonymized or pseudonymized when possible
Legal Requirements
- When required by law or legal process
- To protect rights, property, or safety of users or others
- In connection with legal investigations
Service Providers
- With trusted service providers who assist in our operations
- All providers are bound by confidentiality agreements
- Access is limited to necessary functions only
Research Data
As an academic research lab, we handle research data with special care:
Research Participation
- Participation in research studies is voluntary
- Informed consent is obtained before data collection
- Participants can withdraw at any time
Data Anonymization
- Research data is anonymized or pseudonymized when possible
- Direct identifiers are removed from research datasets
- Aggregated data is used in publications and presentations
Data Retention
- Research data is retained according to institutional policies
- Typically 5-7 years after study completion
- Personal identifiers are deleted when no longer needed
All research protocols are reviewed and approved by the University of Florida Institutional Review Board (IRB).
Data Security
We implement comprehensive security measures to protect your information:
Technical Safeguards
- Encryption of data in transit and at rest
- Secure hosting with regular security updates
- Access controls and authentication systems
Administrative Safeguards
- Regular security training for staff
- Data handling policies and procedures
- Incident response and breach notification protocols
Physical Safeguards
- Secure facilities and equipment
- Controlled access to systems and data
- Regular security audits and assessments
Data Breach Notification
- We will notify affected individuals of any breach of unencrypted personal information within 30 days after discovery, as required by Florida Statute §501.171.
Your Rights
In Plain Language: You can request to see, correct, or delete your personal information. You can also ask us to stop using your data in certain ways.
You have several rights regarding your personal information:
Access and Correction
- Request access to your personal information
- Request corrections to inaccurate information
- Receive information about how your data is used
Data Portability
- Request your data in a portable format
- Transfer data to other services when technically feasible
Deletion and Restriction
- Request deletion of your personal information
- Restrict processing of your data
- Note: Research data may be retained for scientific purposes
Opt-Out Rights
- Opt out of targeted advertising (we do not engage in targeted advertising)
- Opt out of data sharing with third parties
- Opt out of certain research studies
- Manage communication preferences
State Privacy Rights
Residents of certain states have additional privacy rights:
California Residents (CCPA/CPRA)
- Right to know what personal information is collected
- Right to delete personal information
- Right to correct inaccurate personal information
- Right to opt out of sale/sharing (we do not sell data)
- Right to non-discrimination for exercising rights
Florida Residents (FLDBOR)
- Right to access personal information
- Right to correct inaccurate data
- Right to delete personal information
- Right to opt out of targeted advertising
- Right to data portability
Other States
- Colorado, Connecticut, Virginia, and other states have similar rights
- Contact us to exercise your state-specific privacy rights
- We will respond to requests in accordance with applicable legal requirements
How to Exercise Rights
- Email: [email protected]
- Submit requests through our contact form
- We will verify your identity before processing requests
Data Retention
We retain personal information only as long as necessary for the purposes outlined in this policy:
Account Data
- Account information retained while account is active
- Inactive accounts deleted after 2 years of inactivity
- Users can request immediate account deletion
Research Data
- Research data retained for 5-7 years after study completion
- De-identified data may be retained longer for scientific purposes
- Personal identifiers removed when no longer needed
Legal and Safety Data
- Data retained as required by law or regulation
- Security logs retained for 1 year
- Backup data automatically deleted after a reasonable period
International Transfers
We may transfer personal information internationally in connection with our research activities:
Transfer Mechanisms
- Standard Contractual Clauses (SCCs) for EU transfers
- Adequacy decisions where applicable
- Appropriate safeguards for all international transfers
Data Hosting
- Primary data hosting in the United States
- Cloud service providers comply with international standards
- Data encryption in transit and at rest
Research Collaborations
- International research partnerships follow data sharing agreements
- All transfers comply with applicable privacy laws
- Participants informed of international data sharing
Children's Privacy
In Plain Language: Children under 13 need parental permission to use our services. We follow special rules to protect children's privacy.
We take special care when handling information from children:
Age Restrictions
- Our services are generally intended for users 13 and older
- Users under 13 require parental consent under COPPA
- Special protections apply for users under 18
- Teen users (13-17) have additional privacy protections
Parental Rights
- Parents can review their child's personal information
- Parents can request deletion of their child's data
- Parents can refuse further collection of their child's information
- We do not condition participation on disclosure of more information than necessary
Educational Settings
- In educational contexts, we work with schools and teachers
- Comply with FERPA and other educational privacy laws
- Schools may provide consent on behalf of students
- Minimize data collection from minors
- No behavioral advertising to children under 13
Contact Us
If you have questions about this Privacy Policy or our data practices, please contact us:
VIABLE Lab
VIABLE Lab
College of Education
Norman Hall
1221 SW 5th Avenue
Gainesville, FL 32601