Privacy Policy

This Privacy Policy applies to the products and services of Teaching Writing Online Limited (“Integrito,” “we“, “our“, or “us“) that link to this page, such as our websites, online platforms, and web browser extensions (collectively, our “Service”).

A note about student records: Our Service is intended for providers of educational services, such as Educational Institutions and Educational Institution districts (collectively, “Educational Institutions“), as well as teachers and authorized Educational Institution users and administrators (collectively, “Administrators“). When the Service is used as part of an Educational Institution’s educational curriculum, the Personal Data related to students (“Students“) that is

(i) provided to Integrito by an Educational Institution, or

(ii) collected by Integrito during the provision of the Service to an Educational Institution,

may include information defined as “educational records” by the Family Educational Rights and Privacy Act (“FERPA“) or “covered information” under California’s Student Online Personal Data Protection Act (“SOPIPA“), or other information protected by similar student data privacy laws. We will refer to this information as “Student Records“. Please see the “Student Records” section below to understand the principles that guide our collection, use, and disclosure of Student Records.

The Google API Services User Data Policy, which includes the Limited Use criteria, will be followed by Our Service when using and transferring information obtained from Google APIs to any other app.

To engage in a student data processing agreement with us in accordance with applicable student data privacy legislation, please ask your Educational Institution to get in touch with us if you are an Administrator interested in using

Definitions

Term	Definition
Personal Data	Information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular natural person or household.
Student Records	Personal Data related to students that is (i) provided to Integrito by an Educational Institution, or (ii) collected by Integrito during the provision of the Service to an Educational Institution. May include information defined as “educational records” by FERPA or “covered information” under SOPIPA.
Educational Institution	Providers of educational services, such as schools, school districts, colleges, institutes, etc.
Administrators	Teachers and authorized Educational Institution users and administrators.
Service	Integrito’s websites, online platforms, and web browser extensions.
Controller	The entity that determines the purposes and means of processing personal data.
Processor	The entity that processes personal data on behalf of the Controller.
FERPA	Family Educational Rights and Privacy Act, a US federal law that protects the privacy of student education records.
SOPIPA	Student Online Personal Data Protection Act, a California law that protects student data privacy.
COPPA	Children’s Online Privacy Protection Act, a US federal law that imposes requirements on operators of websites or online services directed to children under 13 years of age.
CCPA	California Consumer Privacy Act, a state statute intended to enhance privacy rights and consumer protection for residents of California.
GDPR	General Data Protection Regulation, a regulation in EU law on data protection and privacy for all individuals within the European Union and the European Economic Area.

Who We Are and What This Privacy Policy Covers

This Privacy Policy applies to information that we collect about you when you use our website – https://integrito.ai/, any of the associated add-ons, subdomains, and/or via any LMS (Learning Management System) that you may use along with our Service.

Throughout this Privacy Policy, we’ll refer to our website, mobile applications, API, and other products and services, associated with https://integrito.ai/ collectively as “Service”.

Are we a Controller?

We process personal information both as a Processor and as a Controller, as defined in the GDPR:

when you are an individual user, buying our Service via the Website, we will in most cases be a Controller;
In cases where your information is provided to us only through your institution, we will be the Processor and your institution is a Controller. We will only delete records per the institution’s specific instructions and will request that you make any requests for access, correction, or deletion of personal information through the institution. We will respond to such requests when received from the institution.

What is Personal Data?

When we use the term “Personal Data” in this Privacy Policy, in connection to any data or information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular natural person or household.

What Personal Data we collect

We use several methods to gather personal information. For instance, whether you create an account on our service, send us messages, sign up for our newsletters, mailing lists, or other forms of communication, take part in a poll, or link our service with another website or service, we might get your personal information. Furthermore, when you use our service, we might automatically gather Personal Data about you. We might occasionally also get your personal information from other sources and outside parties.

Information You Provide

We collect the following information you provide in connection with our Service:

Account Information, including full name, email address, Educational Institution name, and other account information that you choose to provide to us;
Inquiry and Communication Information, including data from consumer messages received by phone, email, or contact form. For instance, we might ask for your name and residency if you sign up for our waitlist. This data may be used to contact you and improve our services;
Information Collected Through the Use of the Service, including any files, documents, videos, images, data, or information you choose to upload or transmit through your communications with us or your use of the Service.
Information from Administrators, such as Educational Institution name, district, teacher or authorized administrator title, organizational units associated with the Educational Institution, course information and topics, grade levels taught, course work and assignments, course sections, and Student-related information such as topics of study, assignments and content (e.g., homework), and grades. Information from Administrators may include Student Records as further described in the “Student Records” section below.

We use this data to run, maintain, and give you access to the features and functionalities of the Service. We also use it to get in touch with you directly, such when we send you emails. We might also send you emails or messages about the Service (such as account verification, updates or changes to features, technical and security alerts), as well as communications from or about Integrito.

Personal Data Automatically Collected

We may collect some information connected to your device on which you use our Service:

Information We Receive from Third-Party Sites You Connect to/Integrate with Our Service, including Personal Data we may receive about you from third-party platforms, networks, services and/or sites that you integrate with our Service and combine that with information we collect through our Service. For example, if you register through or otherwise grant access to a third-party site or service, such as Google (e.g., Google Classroom, G-Suite including Google Docs, Google Chrome, and Google Drive), we may collect Personal Data that is associated with your third-party site account. This information we collect may include, for example, your name, email address, courses, Student rosters, course materials, information about Google Doc views, version history, comments, authentication action information, and Student submissions, including some Student Records. If you create or upload assessments or other academic or educational resources or materials, we collect the content of these materials and metadata you provide about them. The information we receive from these third-party sites is dependent upon that third party’s policies and your privacy settings on that third-party site. You should always review and, if necessary, adjust your privacy settings on third-party websites and services before linking or connecting them to our Service.
Log Data, including internet protocol (IP) address, operating system, device type and version, browser type and version, browser ID, the URL entered and the referring page/campaign, date/time of visit, other user agent string data, the time spent on our Service, and any errors that may occur during the visit to our Service). Log data may overlap with the other categories of data below.
Analytics data, including the electronic path you take to our services, through our services and when exiting our services, UTM source, as well as your usage and activity on our services, such as the time zone, activity information (first and last active date and time), usage history (flows created, campaigns scheduled, emails opened, total log-ins) as well as the pages, links, objects, products and benefits you view, click or otherwise interact with. We may also analyze the interaction between you and your customer using our Service.
Location data, such as general geographic location that we or our third-party providers may derive from your IP address, or more precise geolocation with your permission when accessing our online services through a mobile device.

We and our third-party providers may use (i) cookies or small data files that are stored on an individual’s computer and (ii) other, related technologies, such as web beacons, pixels, embedded scripts, location-identifying technologies and logging technologies (collectively, “cookies”) to automatically collect this Personal Data. We may also use this information to distinguish you from other users of our Service. This helps us monitor and analyze how you use and interact with our Service. It also helps us and our partners to determine products and services that may be of interest to you. For more information about these practices and your choices regarding cookies, please see the Control Over Your Information and Third Party Tracking and Online Advertising sections below.

Personal Data from Third Parties

We also obtain Personal Data from third parties. We often combine with Personal Data we collect either automatically or directly from an individual. We may receive the same categories of Personal Data as described above from the following third parties:

Other Users or Individuals who Interact with our Service. We may receive your information from other users or other individuals who interact with our Service. For example, if an Educator uses our browser extension to detect AI-generated content in an online document, our Service will process any Personal Data included in the document.

Information we receive from authentication services you connect to our Service: Some parts of our Service may allow you to login through a third-party social network or authentication service such as Google. These services will authenticate your identity and provide you the option to share certain Personal Data with us, which could include your [your profile information, profile picture, gender, username, user ID associated with your social media account, age range, language, country, and any other information you permit the social network to share with third parties]. The data we receive is dependent on that third party’s policies and your privacy settings on that third-party site. We use this information to operate, maintain, and provide to you the features and functionality of the Service. We may also send you service-related emails or messages (e.g., account verification, purchase confirmation, customer support, changes, or updates to features of the Service, technical and security notices).

Other Sources: We may also collect Personal Data about individuals that we do not otherwise have from, for example, publicly available sources, third-party data providers, or through transactions such as mergers and acquisitions. We use this information to operate, maintain, and provide to you the features and functionality of the Service, generate leads, as well as to communicate directly with you, such as to send you email messages about products and services that may be of interest to you.

How We Can Receive Your Information

We may get that information from you if you are an individual user via website registration or our partners (LMS, educational institution, etc.), through contracts or other legal arrangements you have with us or our partners, to deliver contractual/legal obligations. Your permission and consent (if we rely on it) can be collected by us directly, or we may receive your personal information from third parties to whom you have given consent to pass this information on to us.

Information we receive from other sources

We work with third parties (including, for example, subcontractors in technical, payment, and delivery services, advertising networks, analytics providers, search information providers, credit reference agencies, and background checking agencies) and may receive information about you from them as part of the service we provide you, or for other legal reasons.

Files

We may collect and store the files you upload, download, or access with the Website. Please do not share with us the files you are not permitted to use. Please do not upload or share with us the files that contain your personal information or the personal information of third parties without permission. We may not guarantee that such personal information will be secured, although we use all precautions and best practices for data storage.

Why do we collect Personal Data?

We collect your personal information for a variety of purposes related to providing our Service to you and operating our business. Here are the main reasons:

To deliver the Service you’ve requested from us as part of any contracts or agreements between us
For essential business operations like managing our company activities on a day-to-day basis
To verify your identity and ensure you have proper access to the Service when you use them
To keep you informed about updates, news, and other communications related to our Service via email, newsletters etc.
To make you aware of new products, services or promotions we think may interest you for marketing purposes
To personalize and improve your experience using our Service, including recognizing you and remembering your preferences
To analyze how our Service are being used so we can understand usage trends and make improvements
For research and analytical purposes, such as detecting artificial intelligence usage or analyzing writing styles
To test, monitor, update and maintain the proper functioning and security of our Service
To detect and prevent fraudulent, harmful or illegal activities that could impact you, us, our partners or others
To uphold our legal rights and obligations under contracts, resolve disputes, and protect our business interests
To comply with any applicable laws, regulations or other legal requirements we are subject to
For any other specific purposes where you have provided your personal information to us

Grounds of collecting information from you

We primarily rely upon the following:

Contractual obligations. We are obliged to process your data to provide you with our Service because we have entered into a commercial contract. This mostly applies to individual customers.
We rely upon the official authority of the Data Controller (meaning the institution that is our customer) to process its student’s data in such a way that is needed for their educational processes. This mostly apply to situations where the Educational institution if our client and provides us with Personal Data of its students.

Though we do not rely on consent as the primary basis for data processing, we still gather and log it to make sure transparency is achieved, and our users can read this Policy.

Whom might we share your information with?

We may also share, transmit, disclose, grant access to, make available, and provide Personal Data with and to third parties, as follows:

Connected entities: We may share some Personal Data with companies owned or controlled by us (i.e., any organization we own or control) or our ultimate holding company (i.e., any organization that owns or controls us).

Your Educational Institution: If you interact with our Service through your Educational Institution, we may disclose your information to it.

Customer Service and Communication Providers: We may share Personal Data with third parties who assist us in providing our customer service and facilitating our communications with individuals that submit inquiries.

Email services providers: We coordinate and share Personal Data with our marketing providers in order to communicate with individuals about the Service we make available.

Other Service Providers: We also share Personal Data with our other service providers, such as vendors who help us with data analysis, fraud prevention, infrastructure provisioning, analytics services, IT services, product fulfillment, and web hosting.

Business Transaction or Reorganization: We may take part in or be involved with a corporate business transaction, such as a merger, acquisition, joint venture, or financing or sale of company assets. We may disclose Personal Data to a third-party during negotiation of, in connection with or as an asset in such a corporate business transaction. Personal Data may also be disclosed in the event of insolvency, bankruptcy, or receivership.

Legal Obligations and Rights: We may disclose Personal Data to third parties, such as legal advisors and law enforcement:

in connection with the establishment, exercise, or defence of legal claims.
to comply with laws or to respond to lawful requests and legal process.
to protect the rights and property of Integrito, our agents, customers, and others, including to enforce our agreements, policies, and terms of service.
to detect, suppress, or prevent fraud.
to reduce credit risk and collect debts owed to us.
to protect the health and safety of us, our customers, or any person.
as otherwise required by applicable law.

With Your Consent: In addition to the sharing described in this Privacy Policy, we may share information about you with third parties whenever you consent to or directly instruct us to.

Student Records

We consider Student Records to be confidential and do not use Student Records for any purpose other than to provide the Service on the Educational Institution’s behalf, in accordance with contractual agreements with the said institution. When the Service is used as part of an Educational Institution’s educational curriculum, the Personal Data related to Students that is (i) provided to Integrito by an Educational Institution, or (ii) collected by Integrito during the provision of the Service to the Educational Institution, may include information defined as “educational records” by the Family Educational Rights and Privacy Act (“FERPA”) or “covered information” under California’s Student Online Personal Data Protection Act (“SOPIPA”), or other information protected by similar student data privacy laws. This is included into the definition of “Student Records.”

As between us and the Educational Institution, Student Records are owned and controlled by the Educational Institution. Our collection and use of Student Records is governed by our contracts with the Educational Institution and by applicable privacy laws. For example, we provide the Service to an Educational Institution as a “Educational Institution Official” under FERPA, and we work with Educational Institutions to help protect Personal Data from the Student’s educational record, as required by the FERPA.

We collect, maintain, use and share Student Records only for an authorized educational purpose and as described in our agreement with the Educational Institution, or as directed by the Educational Institution or by the Student’s parent or legal guardian (each, a “Parent”).

We do not use or disclose Student Records for targeted advertising purposes.

We do not build a personal profile of a Student other than in furtherance of an educational purpose.

We maintain a comprehensive data security program designed to protect the types of Student Records maintained by the Service.

We will clearly and transparently disclose our data policies and practices to our users.

We do not sell Student Records unless the sale is part of a corporate transaction, such as a merger, acquisition, bankruptcy, or other sale of assets, in which case we will require the new owner to continue to honour the terms provided in this Privacy Policy.

We will not make any material changes to our Privacy Policy or contractual agreements that relate to the collection or use of Student Records without first giving notice to the Educational Institution and providing a choice before the Student Records are used in a materially different manner than was disclosed when the information was collected.

How We Share and Disclose Student Records

We share Student Records only as necessary to deliver our Service to specific Educational Institutions, in line with our contractual agreements or with explicit permission from the Educational Institution or Parent.

Authorized Educational Institution representatives, such as administrators, may have access to Student Records and usage information. Depending on how we utilized by the Educational Institution and our agreement terms, we may also grant Students and/or their Parents access to certain data about the Student. This allows them to monitor usage and assess the effectiveness of the Service within the Educational Institution.

We also entrust some Student Records to vetted service providers who require access to fulfill their duties on our behalf, subject to appropriate data protection agreements. A list of our current service providers is available on request.

Additionally, we may disclose Student Records in relation to business transactions or to meet our legal obligations, as outlined in the “Our Disclosure of Personal Data” section of our Privacy Policy.

How We Use Anonymized Data

We may create, utilize, and share anonymized data for various educational purposes. These include adapting learning experiences, personalizing student content, suggesting education-related services, and improving our own Service. We might also use this anonymized information to enhance other educational platforms or technologies, as allowed by law. The term “anonymized data” refers to information that has been stripped of all personal identifiers, making it impossible to reasonably link the data back to any specific individual. This process ensures that there’s no practical way to use the remaining information to identify a person.

Age Limitations, COPPA compliance

We do not knowingly collect any information from children under the age of 13 in the United States or other countries unless and until the relevant institution has provided consent and authorization for a student under 13 to use the products and services and for us to collect information from such students. Where a client Educational Institution instructs us to collect personal information from children under the age of 13, we collect, use, process and retain such information solely to provide the educational services on behalf of the client and for the purposes set forth in our agreement with the client. We collect only as much information as is necessary to provide the Service and the client may access, delete, or withdraw consent for continued processing of the child’s information at any time. If you have any questions about reviewing, modifying, or deleting the personal information of a child under the age of 13, please contact your Educational Institution directly.

Please contact us at [email protected] if you believe we have inadvertently collected personal information from a child under 13 without proper consent. This will allow us to delete such information as soon as possible.

COPPA: We rely on FTC’s explanations that COPPA’s requirements do not apply to sites that contract with Educational Institutions to offer online programs for the benefit of the Educational Institutions and their students, and collect personal information only for these purposes (FTC FAQ). We do not collect any information for purposes other than educational.

Where we store and process your Personal Data

We primarily store and process your Personal Data in the EU/European Economic Area or USA (“EEA”). For data transfers outside the EEA we use the Standard Contractual Clauses (EU Directive 95/46/EC), which meet the adequate mechanism requirements of all EU members.

Anyway, we put in place appropriate technical and organizational measures to protect Personal Data.

Transmission and storage of your Personal Data

We shall use best practice to ensure your data is encrypted to the standard required to protect your Personal Data.

How long will we keep your Personal Data? Data retention

We only keep Student Records for as long as needed to support educational goals, unless the Educational Institution gives us permission to retain them longer.

Important: Educational Institutions are responsible for:

Keeping class registers up to date
Managing Student Data they no longer need by requesting its deletion

For Educational Institution’s representatives using our Service: If you need to access or delete Student Records, or close your account, please contact us at [email protected].

For Parents or Students: If you want to access or delete Student Records, or close your account, please ask your Educational Institution to handle this request.

If you have questions about our Data Retention Policy, we can provide you with a copy. Please contact: [email protected].

If you choose not to give your personal information to us

If the Personal Data is necessary in order to provide Service to you under a contract between you and Integrito or Educational Institution and Integrito, we will have to refuse entering into that contract or providing the Service before you give us your personal information which is essential for us to be able to provide them.

Your Rights

We will respect your legal rights to your Personal Data.

Below are the rights that you have under law, and what we do to protect those rights:

Legal right	What we do to protect your rights
The right to be informed	We are publishing this Privacy Policy to keep you informed as to what we do with your personal information. We strive to be transparent about how we use your data. Furthermore, we will also answer all your questions regarding this Policy sent to the [email protected].
The right to access	You have the right to access your information. Please contact our Data Protection Officer at [email protected]. if you wish to access the personal information we hold about you. In cases when your institution registers you with us, please contact us via your institution.
The right to rectification	If the information we hold about you is inaccurate or incomplete, you have the right to ask us to rectify it. If that data has been passed to a third party with your consent or for legal reasons, then we must also ask them to rectify the data. Please contact our Data Protection Officer if you need us to rectify your information: [email protected]. In cases when your institution registers you with us, please contact us via your institution.
The right to erasure	This is sometimes called ‘the right to be forgotten’. If you want us to erase all your Personal Data, and we do not have any legal reason to continue to process and hold it, please contact our Data Protection Officer: [email protected]. In cases when your institution registers you with us, please contact us via your institution.
The right to restrict processing	You have the right to ask us to restrict how we process your data. This means we are permitted to store the data but not further process it. We keep just enough data to make sure we respect your request in the future. If you want us to restrict the processing of your data, please contact our Data Protection Office: [email protected]. In cases when your institution registers you with us, please contact us via your institution.
The right to data portability	We must allow you to obtain and reuse your Personal Data for your own purposes across services in a safe and secure way without affecting the usability of your data. Please contact our Data Protection Officer if you want information on how to port your data elsewhere: [email protected]. This right only applies to Personal Data that you have provided to us as the Data Controller. The data must be held by us by consent or for the performance of a contract.
The right to object	You have the right to object to us processing your data even if it is based on our legitimate interests, the exercise of official authority, direct marketing (including data aggregation), and processing for purposeless statistics. If you wish to object, please contact our Data Protection Officer: [email protected]. In cases when your institution registers you with us, please contact us via your institution.
The right to withdraw consent	If we rely on consent to process your data, but you have changed your mind later, you have the right to withdraw your consent at any time, and we must stop processing your data. If you want to withdraw your consent, please contact our Data Protection Officer: [email protected].
The right to appeal to a Supervisory Authority	You have the right to appeal to the ICO if you feel that we have not responded to your requests to solve a problem. You can find their contact details here: https://ico.org.uk/concerns/.

California Consumer Privacy Act

This section provides additional details about the personal information we collect about California consumers and the rights afforded to them under the California Consumer Privacy Act or “CCPA.”

For more details about the personal information we have collected over the last 12 months, including the categories of sources, please see the “Information we collect about you” section above. We collect this information for the business and commercial purposes described in the “Why do we collect Personal Data?” section above. We share this information with the categories of third parties described in the “Third Parties” section.

Do Not Sell: We do not sell (as such a term is defined in the CCPA) the personal information we collect (and will not sell it without providing a right to opt-out). Please note that we do use third-party cookies for the purposes as further described in our Cookie Policy.

Subject to certain limitations, the CCPA provides California consumers the right to request to know more details about the categories or specific pieces of personal information we collect (including how we use and disclose this information), to delete their personal information, to opt out of any “sales” that may be occurring, and to not be discriminated against for exercising these rights.

California consumers may make a request pursuant to their rights under the CCPA by contacting us at [email protected]. We will verify your request using the information associated with your account, including your email address. Government identification may be required. Consumers can also designate an authorized agent to exercise these rights on their behalf.

Links to Other Websites

From time to time, our website may contain links to and from the websites of our partner networks, advertisers, and affiliates. If you follow a link to any of these websites, please note that these websites may have their own Privacy Policys and that we do not accept any responsibility or liability for any such notices. Please check these notices, where available, before you submit any Personal Data to these websites.

Third Parties

We do use some third-party services and products on which you may find information in this List of Subprocessors, including what data we share with them, or they provide to us, the service they provide to us, and links to their respective privacy policies.

This list may change over time, and we’ll work hard to keep it up-to-date. If you have any questions, please get in touch with us.

Changes to this Privacy Policy

We may change this Privacy Policy from time to time. Laws, regulations, and industry standards evolve, which may make those changes necessary, or we may make changes to our business. We will post the changes to this page and encourage you to review them to stay informed. If we make changes that materially alter your privacy rights, we will provide additional notice, such as via email or through the Website. If you disagree with the changes to this Privacy Policy, you should deactivate your account.

The Laws and Regulations

Personal Data protection laws that we follow:

The Data Protection Act 2018 (UK)
REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016 on the protection of natural persons with regard to the processing of Personal Data and on the free movement of such data and repealing General Data Protection Regulation (“GDPR”).
Children’s Online Privacy Protection Act (“COPPA”) US
California Consumer Privacy Act (“CCPA”) US

How can you reach us?

This is our registered address, company number, and contact information:
Teaching Writing Online Limited
Dixcart House Addlestone Road,
Bourne Business Park, Addlestone,
Surrey, United Kingdom, KT15 2LE
Company Registration Number: 09737975
ICO Registration Number: ZA253571
Email: [email protected].