Web Applications and Mobile Apps Privacy Policy

Effective Date: Nov. 29, 2017 

Last Updated: May 16, 2023 

We at Walsworth Publishing Company, Inc. (“Walsworth”) know that your privacy is  important. This privacy policy is designed to assist you in understanding how we will collect  and use certain personal data. Specifically, this privacy policy only applies to personal data  that is processed in (i) our mobile applications Yearbook Snap and Yearbook AR (the  “Mobile Apps”), the Community Upload information system, and (ii) the Yearbook 360 web  applications (collectively, the “Services”). If we make any material changes to this privacy  policy, we will notify you in accordance with the process described in the Changes to This  Privacy Policy section of this privacy policy. By using our Services, you consent to our  processing of your personal data as described in this privacy policy. 

GDPR Compliance 

Walsworth complies with applicable data protection regulations and is committed to GDPR  compliance across its relevant services effective May 25, 2018. We also work closely with  our customers and partners to meet contractual obligations for our procedures, products  and services. 

Controllership 

In the scope of this privacy policy, Walsworth acts as a joint data controller with Amazon  AWS for the PII we process in the Members Only and Online Design web applications, as  well as in the Mobile Apps and the Community Upload information system. 

Data We Process 

Data We Automatically Collect 

When you access our Services, whether by computer, mobile phone or other device, we  automatically collect certain data about your use of our Websites and Services using  technologies such as cookies. This data may include without limitation: 

  • geographical location and IDs of your computer, mobile or other device; bandwidth used;
  • system and connection performance;
  • browser type and version;
  • operating system;
  • referral source;
  • length of visit;
  • page views;
  • your mobile carrier; and
  • IP address or other unique identifier for your computer, mobile phone or other device.

When you download and use our Mobile Apps, we may also collect additional data about  your mobile device, including the hardware model, operating system and version, mobile  network data and time zone.

This data is not linked to personal data (called “PII”) except your IP address, which may be  personally identifying. 

Your PII That We Process 

In some situations you or someone else may provide us with your PII. Such PII could  include: 

  • your name;
  • street address;
  • telephone number;
  • email address;
  • photographic image that includes facial or other distinguishing characteristics; and any other data we collect about you that by itself is not PII but if combined with PII could be used to personally identify you.

Your PII may be provided to us when you or someone else: 

  • submits content to our Services;
  • registers for certain services, or registers an account or profile to access, visit, or use certain portions of our Services;
  • requests technical or customer support;
  • any other transactions occurring on or in relation to our Services.

Cookies 

A “cookie” is a small file stored on your computer that contains data about you, your  computer, or your use of our Services. By showing how and when visitors use the Services,  cookies help us identify how many unique users visit us, save user preferences, and track  user trends and patterns. We use session cookies, which are cookies that are deleted when  you leave our Services and persistent cookies, which are cookies that remain after you  leave our Services so that you are recognized when you return. 

The use of cookies is industry standard so your browser may be set to accept cookies. If  you would prefer not to accept cookies, you can alter the configuration of your browser to  reject all cookies or some cookies. Note, if you reject certain cookies, you may not be able  to access all of the features of our Services. 

How We Use Your PII: 

Walsworth will use data we automatically collect to improve your experience on our  Services; 

More specifically, Walsworth May Use IP Addresses To: 

  • help diagnose problems with our web servers;
  • administer our servers;
  • analyze trends;
  • track users’ movement;
  • gather broad demographic information for aggregate use in order for us to improve the Services; and
  • deliver customized content.

Walsworth Will Use PII To: 

  • Respond to your inquiries, and/or other requests or questions;
  • enable your use of the Services; and
  • print and distribute yearbooks based on behalf of, and under the instruction of, Walsworth’s client.

You may opt to receive email marketing communications relating to our business which we  think may be of interest to you, email messages containing company news, product or  service information, and certain email marketing communications relating to third parties  such as our affiliates and/or carefully-selected third parties. 

Lawful Basis of Processing 

Walsworth processes PII on the basis of your consent, as provided by you to Walsworth’s  client. You have the right to object to our processing of your PII done on this basis, by  revoking your consent. To do this, please contact Walsworth’s client to whom you provided  your consent initially. 

Sharing PII with Service Providers 

We may use third parties to perform certain services on our behalf. We may share your PII,  including payment card information if applicable, with these third parties solely to enable  them to perform the services for us. 

Such third parties include those: 

  • hosting our Services;
  • managing the functionality of our Services;
  • providing marketing automation or analytics software as a service;
  • providing cloud storage.

We require that those third party vendors maintain at least the same level of confidentiality,  integrity, and availability that we maintain for such PII. Walsworth remains liable for the  protection of your PII that we transfer to our service providers, except to the extent that we  are not responsible for the event giving rise to any unauthorized or improper processing. 

Other Disclosure of PII 

Consistent with any legal obligations, we may disclose your PII (i) to the extent required by  law or if we have a good-faith belief that such disclosure is necessary in order to comply  with official investigations or legal proceedings initiated by governmental and/or law  enforcement officials, or private parties, including but not limited to: in response to  subpoenas, search warrants, or court orders or (ii) if we sell or transfer all or a portion of our  company’s business interests, assets (or both), or in connection with a corporate merger,  consolidation, restructuring, or other company change or (iii) to our subsidiaries or affiliates  only if necessary for business operational purposes. 

Considering that Walsworth processes PII for purposes that include printing and distributing  yearbooks on behalf of Walsworth’s clients, certain PII that is submitted to the Services may  be made public to the extent you have consented to such disclosure.

If we must disclose your PII in order to comply with official investigations or legal  proceedings initiated by governmental and/or law enforcement officials, we may not be able  to ensure that such recipients of your PII will maintain the privacy or security of your PII. 

We reserve the right to use aggregated, anonymous data, which does not include any PII,  about our Services’ users as a group for any legal business purpose, such as analyzing  usage trends and seeking compatible advertisers, sponsors, clients, and customers. 

Except as provided in this privacy policy, we will maintain the confidentiality of PII we  process. 

Data Security 

Walsworth’s most important concern is the protection and reliability of customer data. Our  services are hosted in the AWS cloud, giving our infrastructure the most rigorous physical  security controls available today. Scans are performed regularly to ensure that any software  vulnerabilities are quickly found and patched. Application penetration tests are performed  monthly by Walsworth and annually by an independent third-party. All services have failover  points and redundant hardware with daily backups. Access to systems is restricted to  specific individuals who have a need-to-know access requirement and who are bound by  confidentiality obligations. Access is monitored and audited for compliance. 

Walsworth uses the current Transport Layer Security (TLS) encryption algorithms (also  known as HTTPS) for all transmitted data. This includes the transmission of usernames and  passwords on our applications. Deprecated encryption technologies are continually  scanned and flagged for replacement. 

Walsworth has implemented and follows commercially reasonable measures to protect  against unauthorized access to, and unlawful interception or processing of, PII.  Unfortunately, data transmission over the Internet is never 100% secure so we cannot  guarantee the security of any data you transmit to us or from our Websites and Services;  therefore, you use our Websites and Services at your own risk. 

If you register on our Websites and/or Services you are responsible for protecting the  security of your username and password. You are responsible for any transaction made  using your username and password. 

Data Retention 

PII processed in the Services is retained for as long as is necessary for us to perform our  obligations under the contract entered into between Walsworth and the institution that has  engaged Walsworth. PII collected via the Websites is retained for as long as we have a  legitimate interest in the processing of such PII. Note that we keep backup copies of our  databases as part of our disaster recovery/business continuity plans, and it may not be  reasonably possible for us to delete data from such backups. 

Posting In Public Areas of Our Websites 

You may choose to participate in our message boards and other public areas (together  “Public Spaces”) where you can engage in social networking, interact with others, and  submit writings, computer graphics, pictures, questions, comments, testimonials,  suggestions or other content, including PII. If there is data that you do not wish to disclose 

to third parties, we suggest that you not post it. Others will be able to view and access such  data and they may be able to use it and share it with third parties at their sole discretion. 

Testimonials 

We may select and post customer testimonials on our Websites, which may contain PII  such as your name and the city, state and country in which you live. We will obtain your  consent prior to posting any testimonial with your name. 

If you would like us to remove or delete your name or testimonial from our Websites, you may contact us at privacyquestions@walsworth.com

Note that copies of data that you have updated, modified, or deleted may remain viewable  in cached and archived pages of our Websites for a period of time. 

Access, Review & Opting Out 

To the extent that the Services include such ability, you may login at the applicable  Walsworth Service to view, edit, or delete your PII from our records. Alternatively you may  submit your request to view, edit, or delete your PII directly to the relevant Walsworth client. 

You are responsible for maintaining the accuracy of the PII you submit to us, such as your  contact information provided as part of registration. 

Please note that if you opt out of promotional/marketing emails, you may continue to receive  certain communications from us, such as administrative and services announcements and  messages about your account/profile. 

When you edit or delete your PII, the PII that you remove may remain in our databases or  backup media because it is not always possible to completely remove or delete data from  those locations. Similarly, once PII has been published in hardcopy (e.g., in yearbooks) it  

becomes public information and cannot be corrected, edited, or deleted from such  yearbooks. 

Children’s Privacy 

Our Websites, Mobile Apps and Services are not directed at, or intended for use by,  children under the age of 13. Children should always get permission from a parent or  guardian before sending PII over the Internet. If you believe your child may have provided  us with PII, you can contact the institution that has engaged Walsworth to lodge your  request that the PII be deleted. 

Changes to This Privacy Policy 

We may update this privacy policy from time to time by posting a new version on our  Websites. You should visit this page occasionally to ensure you agree with any changes.  We will post our revised privacy policy on our Websites and update the “Effective Date”  above to reflect the date of the changes. You are responsible for maintaining the accuracy  of the PII you submit to us, such as your contact information provided as part of registration. 

By continuing to use our Websites and/or Services after we post any such changes, you  accept the privacy policy as modified. 

Questions or Concerns, Contact Us 

If you have any questions about this privacy policy or our treatment of your PII, please 

contact the institution that has engaged Walsworth to provide the Services, or write to our  privacy officer by email at privacyquestions@walsworth.com or by postal mail at: Attn: Director of Technology 

Walsworth Publishing Company, Inc. 

306 North Kansas Ave. 

Marceline, MO 64658 

USA 

We will respond within four weeks of receiving your inquiry. If you need to communicate  with us regarding your credit card or other payment information please contact us by phone  at 1-800-369-2646. If you are not 13 years of age or older, you must have your parent or  legal guardian’s permission to call this number.