Privacy Policy

Any collection, processing and use (hereinafter "use") of data is solely for the purpose of providing our services. Our services have been designed to use as little personal information as possible. The following statements on data protection describe what data MegaMinds collects and shares, and why. 
Data ProtectionMegaMinds is a 3D rooms platform where users meet inside a website-based virtual room and can meet, learn and collaborate.The data used in MegaMinds can be classified as the following:● Access Management (accounts and authentication)● Real-time experiences (avatars and room state)● Communication (WebRTC)● Content (Files and data uploaded into a room) All database data and backups are encrypted at rest.
All the rooms on MegaMinds are hosted in a shared environment on megaminds.world. (We are also able to host our systems in an isolated infrastructure if required.) Visitors to a room (such as students) are considered guests and leave no permanent record in our databases, with the exception of:● Submissions: When submitting a response to an assessment question within a room, the nickname the user selected is stored together with their reply.● Assignments: When using assignments, the user writes a name to be associated with their room. ● Log Data: We retain access logs, errors and requests to our servers with IP addresses.● Live data: During the session, their nickname and avatar state (position, mute state, etc.) and uploaded files will be synced with all other connected users in a room.
Users (both room owners and guests/visitors/students if permitted) may upload files and create text and other data within a room. The files and content placed within a room are considered persistent and are stored on our servers. All data is encrypted in transit via TLS over HTTPS as the virtual rooms are hosted as websites in a web browser.
User AuthenticationAccounts are used to sign a user in to manage their rooms from our dashboard, and to enter their rooms with elevated privileges such as management, moderation and editing functionality. Our sign-on system supports traditional accounts as well as integrations such as Facebook, Google, and Microsoft. All our authentication systems are managed securely by Auth0, and only dashboard users require accounts.
Secure CommunicationTo allow Voice and Webcam / Screen Sharing, the following data is shared between users using encrypted WebRTC after the user has granted permission:● Microphone audio● Webcam Data● Screen Share data
Teacher AccessWe have created multiple options for controlling room access, such as a checkbox for disabling and enabling access to a room, enabling and disabling text chat, voice, and other permissions. If the link or Room PIN Code (url) is leaked, teachers have the option to reset it. Teachers also have in-room management, such as the ability to mute, remove or hide users within a room.
Security PracticesMegaMinds constantly monitors for vulnerabilities and regularly pushes updates and patches to both features and security quickly with our internal development and operations practices. We employ multiple strategies for data and disaster recovery such as regular backups, internal audits, processes and playbooks. Our development team follows well-architected best practices from the services and solutions we use in our workload.
Data Retention MegaMinds represents and warrants that it will not sell, share, distribute or otherwise grant access to any confidential and personally identifiable information of any kind to any third party.
MegaMinds acknowledges that (a) the student data that results from regular usage in our rooms may include personally identifiable information (“PII data”) from education records that are subject to FERPA ("FERPA Records"); and (b) to the extent that student data includes FERPA Records MegaMinds will be considered a "School Official" (as that term is used in FERPA and its implementing regulations) and will comply with FERPA as required.
Upon receipt of a duly authorized written request, MegaMinds shall purge all PII data from its database pertaining to a user’s account within ten (10) business days. 
In the event that an Agreement is i) terminated prior to the expiration of the Initial Term or any extension thereof, or ii) not renewed upon expiration of the initial Term or any Renewal Term thereof, MegaMinds shall purge all PII data pertaining to the client’s account within sixty (60) days of termination. 
Information We Collect and Share Account Information: Only teachers need an account to use MegaMinds. Students do not require an account.
Room Name and URL: Rooms and room names are publicly accessible to anyone with the URL. MegaMinds stores the name and the URL for the link you share so you and others with the link to the Room can use it again.
Avatar Data: Your selected avatar and name will be shared with other participants in your room. If you’re logged in to your account, we will store your avatar. If you’re not logged into your account, we will not store your avatar.
Voice Data: If your microphone is on, MegaMinds sends the audio to other users in the room. MegaMinds does not store the audio; we only receive it temporarily to transmit it to others in the room.
Chat: If you send messages in MegaMinds, MegaMinds shares it with the other users in the room. MegaMinds does not store chats; we only receive it temporarily to transmit it to others in the room.
Photos You Take, and Photos, Videos, and Objects You Upload: If you take photos in a MegaMinds room or upload photos, videos, or objects to a room, MegaMinds stores them so you can share them within the room. Until you remove them from the room, they will be viewable by anyone who can access the room.
Other Information We Receive: We use technical, interaction, error, and website analytics data to help us improve the MegaMinds experiences:
Technical Data: We receive data about the type of device you use to interact with MegaMinds, as well as its operating system, language, the name and version of browser, and other data needed to load and operate a room.
Interaction Data: We receive data about your interactions with MegaMinds, such as the number of rooms created, the number of users in a particular room, the start and end time of a your interaction with MegaMinds, the amount of time you interact with MegaMinds, the first time in a particular month or day that you begins to use MegaMinds.
Error Data: When MegaMinds crashes or fails, MegaMinds receives error messages which may include the room URL, response time for requests, the page you were on when you encountered the error, your operating system, browser information, and your IP address.
Website Analytics Data : We use Google Analytics (GA) to better understand how you interact with MegaMinds. For example, we collect de-identified information about the number of rooms you create or enter, your interactions with buttons and menus, your session length, your location (country, state/province, and city), language settings, your browser type and version, viewport size, and screen resolution. You can opt-out of GA data collection by installing the Google Analytics Opt-out Browser Add-on.
Who MegaMinds May Disclose Information To: Amazon Web Services (AWS): MegaMinds uses Amazon’s cloud storage service to store the information collected through MegaMinds. You can read AWS’s Privacy Notice for more information.
Search Providers: You can search for images, GIFs, and 3D Models to share in MegaMinds. When you search, we will send your searches to supported third parties to fulfill the search. MegaMinds does not store your search queries or the search results. We support the following providers:● Tenor● Sketchfab
What We Mean By "Personal Information": For us, "personal information" means information which either directly identifies you (like your name, email address, or billing information) or can be reasonably linked or combined to identify you (like an account identification number or IP address). We’ll always tell you what personal information we’re collecting from you. 
Any information that falls outside of this is "non-personal information."
If we store your personal information with information that is non-personal, we will consider the combination as personal information. If we remove all personal information from a set of data then the remaining is non-personal information.
How We Learn Information About You: We learn information about you when:- you give it to us directly (e.g., when you choose to send us crash reports);- we collect it automatically through our products and services (e.g., when your Firefox browser checks with us to see if is up to date);- someone else tells us information about you (e.g., when Thunderbird works with your email providers to set up your account); - or when we try and understand more about you based on information you've given to us (e.g., when we use your IP address to customize language for some of our services).
What We Do With Your Information Once We Have It: When you give us information, we will use it in the ways for which you've given us permission. Generally, we use your information to help us provide and improve our products and services for you.
When We Share Your Information With Others:- When we have asked and received your permission to share it.- For processing or providing products and services to you, but only if those entities receiving your information are contractually obligated to handle the data in ways that are approved by MegaMinds.- When the law requires it. We follow the law whenever we receive requests about you from a government or related to a lawsuit. We'll notify you when we're asked to hand over your personal information in this way unless we're legally prohibited from doing so. When we receive requests like this, we'll only release your personal information if we have a good faith belief that the law requires us to do so. Nothing in this policy is intended to limit any legal defenses or objections that you may have to a third party's request to disclose your information.- When we believe it is necessary to prevent harm to you or someone else. We will only share your information in this way if we have a good faith belief that it is reasonably necessary to protect the rights, property or safety of you, our other users, MegaMinds or the public.- If our organizational structure or status changes (if we undergo a restructuring, are acquired, or go bankrupt) we may pass your information to a successor or affiliate.
How We Store And Protect Your Personal Information: We are committed to protecting your personal information once we have it. We implement physical, business and technical security measures. Despite our efforts, if we learn of a security breach, we'll notify you so that you can take appropriate protective steps.
We also don't want your personal information for any longer than we need it, so we only keep it long enough to do what we collected it for. Once we don't need it, we take steps to destroy it unless we are required by law to keep it longer.
What If We Change This Privacy Policy Or Any Of Our Privacy Notices?We may need to change this policy and our notices. The updates will be posted online. If the changes are substantive, we will announce the update through MegaMinds usual channels for such announcements such as blog posts and forums. Your continued use of the product or service after the effective date of such changes constitutes your acceptance of such changes. To make your review more convenient, we will post an effective date at the top of the page.
Contact MegaMindsIf you want to make a correction to your information, or you have any questions about our privacy policies, please get in touch with:
moc.sdnimagemog%40tcatnocAttn: MegaMinds - Privacy