Product Teardown Privacy Statement
Introduction
Product Teardown is committed to supporting the privacy of its users. This Privacy Statement explains how we handle and use the personal information we collect about you.
What personal information we collect
While specific information may vary for particular individuals, we may collect, use, store and transfer different kinds of personal information about you, which we have grouped together as follows:
- Username/login information – for example, your edX user name.
How we collect personal information about you
We collect personal information directly from you when you voluntarily provide it. We do not collect personal information about you from any other source. You may opt out of providing any personal information, by skipping the prompt to enter your username.
How we use your personal information
We use your personal information for a number of legitimate purposes all in support of the Institute and its mission. Specifically, we use your personal information to:
- Research purposes, including specifically, to relate user activity in the app to corresponding performance in the edX class.
If you have concerns about any of these purposes, or how we communicate with you, please contact us at 2.008x-admin@mit.edu. We will always respect a request by you to stop processing your personal information (subject to our legal obligations).
When we share your personal information
We do not share your personal information with any third party.
How your information is stored and secured
MIT uses risk-assessed administrative, technical and physical security measures to protect your personal information. All data is stored in an AWS instance with industry standard security and log-in protocols and access controls.
How long we keep your personal information
We intend to keep your personal information until such time as you request the information be deleted.
Rights for Individuals in the European Economic Area
You have the right in certain circumstances to (1) access your personal information; (2) to correct or erase information; (3) restrict processing; and (4) object to communications, direct marketing, or profiling. To the extent applicable, the EU’s General Data Protection Regulation provides further information about your rights. You also have the right to lodge complaints with your national or regional data protection authority.
If you are inclined to exercise these rights, we request an opportunity to discuss with you any concerns you may have. To protect the personal information we hold, we may also request further information to verify your identify when exercising these rights. Upon a request to erase information, we will maintain a core set of personal data to ensure we do not contact you inadvertently in the future, as well as any information necessary for MIT archival purposes. We may also need to retain some financial information for legal purposes, including US IRS compliance. In the event of an actual or threatened legal claim, we may retain your information for purposes of establishing, defending against or exercising our rights with respect to such claim.
By providing information directly to MIT, you consent to the transfer of your personal information outside of the European Economic Area to the United States. You understand that the current laws and regulations of the United States may not provide the same level of protection as the data and privacy laws and regulations of the EEA.
You are under no statutory or contractual obligation to provide any personal data to us.
Additional Information
We may change this Privacy Statement from time to time. If we make any significant changes in the way we treat your personal information we will make this clear on our MIT websites or by contacting you directly.
The controller for your personal information is MIT. If you are in the EU and wish to assert any of your applicable GDPR rights, please contact dataprotection@mit.edu.
This policy was last updated in MAY 2022.