Commitment to Data Security
CommonLit is committed to being a leader in student data privacy and security.
What student data does CommonLit collect?
Schools may provide CommonLit with information such as names, email addresses, and grade levels.
Students may provide the same information, along with passwords. CommonLit also generates student usernames.
CommonLit also collects user content from students in relation to their use of the site, including annotations, written responses, and quiz scores.
How does CommonLit use this information?
For students with digital CommonLit accounts, CommonLit uses student personal information to provide and maintain the digital platform and its Services. CommonLit does not serve ads or use personal information collected for advertising purposes. CommonLit may de-identify student information, such as quiz scores, to perform internal research and development to improve its services.
CommonLit Never Uses Student Data To Advertise Or Market.
CommonLit will never use any Student Data to advertise or market to students or their parents. CommonLit does not sell or trade student data. Data mining or scanning of user content for the purpose of advertising or marketing to students or their parents is prohibited.
How does CommonLit secure student data?
CommonLit stores and process Student Data in accordance with industry best practices. This includes encryption and appropriate administrative, physical, and technical safeguards to secure Student Data from unauthorized access, disclosure, and use. We conduct periodic risk assessments and remediate any identified security vulnerabilities in a timely manner.
When might CommonLit disclose personal information?
CommonLit will not share personal information with companies, organizations, and individuals outside of CommonLit unless one of the following circumstances applies:
- With parental or guardian consent, which may be obtained through schools.
- With a student’s school or district, since CommonLit accounts are school-managed accounts.
- For external processing by subcontractors and third party analytics providers.
- For legal reasons.
What choices do parents and guardians have?
Parents can consent to the collection and use of their child’s information by CommonLit. If parents consent to their child’s use of CommonLit, they can access or request deletion of their child’s CommonLit account by contacting their child’s school.
CommonLit offers a free online reading program, as well as digital downloads of nearly every text in its library. If a parent does not grant consent for a child to create a digital account, they can still access CommonLit content. Parents can instruct teachers to download CommonLit’s PDFs so students can complete the same assignments as their peers. Parents who elect their children use this option should be aware that many differentiation tools for struggling readers are only available on the digital platform.
What rights do European users have?
CommonLit operates and stores data in the United States.
- Provide Access to personal information and info on how we process your personal information
- Correct inaccuracies in your personal information
- Delete your personal information
- Transfer your personal information upon your request
- Restrict how we process your personal information
- Object to how we use your personal information
Where can you learn more?
If you have questions about the use of CommonLit accounts or the choices available to you, please contact firstname.lastname@example.org. If you have discovered a security vulnerability in CommonLit, we would appreciate your help in disclosing it to us in a responsible manner. We can securely receive disclosures at our vulnerability disclosure form. Please do not send vulnerability reports over email.
The CommonLit services are provided to all under CommonLit’s Terms of Service agreement: https://www.commonlit.org/terms.