Swank Digital Campus Data Privacy Policy

 

Swank streaming solutions are video platforms provided to schools and districts, enabling access to feature films and documentaries for educational support. We partner with hundreds of movie studios and independent film makers to offer a library of over 20,000 films to schools. Swank streaming solutions are cloud based SaaS applications hosted in the Microsoft Azure cloud.

What is the security model for this solution?

The Swank streaming platform is hosted in the Microsoft Azure Cloud using Azure App Services.  Azure App Services provide 24-hour threat management and protects the infrastructure and platform against malware, distributed denial-of-service (DDoS), man-in-the-middle attacks (MITM), and other threats.  These safeguards reduce the risk of a potential malicious breach of any data.  All data in our Azure SQL instance is encrypted at rest.

Type of data we collect and purpose

Swank will receive limited personal information from the Licensee’s authenticated users, which may include individual device identifiers (e.g., IP address). If Single Sign-On (SSO) login protocols are used by the institution, Swank may also collect institutional email addresses and first and last names (collectively, “Student Data”). Swank shall use Student Data solely for the purpose of providing, maintaining, and supporting the services as described in this Agreement.

Disclosure of information collected with third party contractors

We will not sell or trade any streaming data with third parties. Please contact our Swank Data Protection Officer for additional information. 

Breach notification response plan

In the event that sensitive data is accessed or obtained by an unauthorized individual, we shall provide notification as soon as possible and no later than within ten (10) days of the incident.

Swank Motion Pictures will follow this process when a breach event is declared. The security breach notification shall include a list of the types of personal information that is reasonably believed to have been the subject of a breach.  If the information is possible to determine at the time the notice is provided, then either (1) the date of the breach, (2) the estimated date of the breach, or (3) the date range within which the breach occurred will be shared. The notification shall also include a general description of the breach incident, if it is possible to determine at the time the notice is provided. Updates will be provided when investigations have completed. 

 

Student Data Privacy

The parties acknowledge that in providing the services, Swank will receive limited personal information from the Licensee’s authenticated users, which may include individual device identifiers (e.g., IP address). Institutional email address, first and last name (“Student Data”) may be collected if SSO login protocols are used by the institution. Swank shall use Student Data solely for the purpose of providing, maintaining, and supporting the services as described in this Agreement. Swank shall not use Student Data for any other purpose, including but not limited to marketing, advertising, or selling Student Data to third parties. Nothing herein shall prohibit Swank from disclosing Student Data, when necessary, to service providers or vendors of Swank that Swank uses in connection with its provision of the services.

Swank acknowledges that it may be designated as a “school official” with a “legitimate educational interest” under the Family Educational Rights and Privacy Act (FERPA). Swank agrees to handle all personally identifiable information from student education records in accordance with FERPA and will not disclose such information except as permitted by law and the terms of this Agreement. Swank agrees to maintain reasonable administrative, technical, and physical security measures to protect the confidentiality and security of Student Data. Upon written request from the Licensee for the deletion of a specific user’s Student Data or to exercise any other rights available under FERPA, Swank will take commercially reasonable steps to delete such data from its systems or to fulfill the request. Swank will not respond directly to any requests Swank receives from students to exercise their rights under FERPA, and instead, will direct all such requests through Licensee.

                          

Questions Regarding This Privacy Policy

Please submit questions to DPO@Swankmp.com

 

Contact Information

If you have questions, concerns or feedback regarding this privacy policy, what data we collect, or what we do with the data collected, please contact:

Data Protection Officer Name: Kevin Dietz

Email: DPO@swankmp.com

Address:                                  

Information Security

10795 Watson Road

St. Louis, MO 63127