Xello Privacy Policy

By submitting personal information to Xello, you expressly consent to the processing of your personal information in accordance with this Privacy Policy. We promise to limit the use of your personal information collected through Xello to the purposes described in this Privacy Policy.

Illustration of woman, arms crossed with a thought bubble containing a secured padlock

Welcome to Xello!

Xello is provided by Anaca Technologies Ltd. (“Anaca”), located at 1867 Yonge Street, Suite 700, Toronto, Ontario, M5S 1Y5, Canada.

We are committed to protecting your personal information and satisfying all applicable legal requirements, including the Children’s Online Privacy Protection Act (“COPPA”), the Personal Information Protection and Electronic Documents Act (“PIPEDA”), and the Family Educational Rights and Privacy Act (“FERPA”), through our compliance with this Privacy Policy. If any translated version of this policy conflicts with the English version, the English version shall prevail.

How We Collect Your Information

Information Provided by Schools and Districts

Schools and Districts that license Xello provide personal information about their Students to create accounts. This information includes Student ID, First Name, Last Name, Gender, Date of Birth, Current Grade, Current School, and Next Year School. Optionally, as part of the account creation process, Schools and Districts can also provide us with Student email addresses.

Schools and Districts that implement Course Planner provide us with additional personal information about courses Students have taken, including Course Codes, Course Names, Date Courses Completed or Grade Level Completed, Final Grades, Credits Achieved, and the Term Achieved.

Schools and Districts that implement e-Transcript services will provide us with your transcript data for submission to colleges and universities.

Information You Provide

With Xello, you discover the unique pathway that’s right for you using an investigative, discovery-based learning process. As you gain self-knowledge through assessments and reflection, you can save careers, schools, programs, and experiences to form a vibrant, visual roadmap that’s easy to update and share.

Given the purpose of Xello, you have access to a wide range of features for adding personal information, including email address, phone number, mailing address, personal avatar, education goal, favorite clusters, interests, skills, test scores, work experiences, volunteer experiences, high school course plan, future readiness plans, and more.

If you are using Xello as an Educator, you must enter an email address to create your account, as well as your first and last name.

Information Collected Through Technology

When you use Xello, we collect information about how you use Xello (e.g., the pages you view, the links you click, and other actions you take on Xello) and your usage of Xello over time. When using Xello, our servers automatically collect anonymous information that may include your web request, Internet Protocol (“IP”) address, browser type, information about your mobile device, number of clicks, how you interact with links on Xello, pages viewed, and other such information. We may also collect analytics data, or use third-party analytics tools, to help us measure traffic and usage trends for Xello. We do not allow any third-party advertising networks to collect information about the users of Xello.

How We Use Your Information

We use your personal information and the content that you upload, submit, store, and send to Xello for the purpose of helping you create your successful future.

We do not sell or rent your personal information or the content you provide. Nor do we disclose or provide any of the personal information or content you provide to third parties for any purpose except as described in this Privacy Policy.

In addition, we do not use, sell, or rent your personal information or the content you provide for the purpose of advertising.

We may disclose your information in certain special cases, including the following:

  • We are required to do so by law or as ordered by a court.
  • To investigate a possible violation of our Terms of Use.
  • To resolve a technical problem.
  • When directed to do so by an educational institution that has licensed Xello.

We use non-personal, de-identified, and aggregate information for a variety of purposes including improving the design, features, and functionality of Xello, for marketing purposes, for general business purposes, and for administrative purposes.

How We Share Your Information

We may permit certain trusted third parties to track usage, as well as analyze data such as the source address that a page request is coming from, your IP address or domain name, the date and time of the page request, the referring website (if any), and other parameters in the URL. This is collected in order to better understand usage of Xello, and enhance the performance of services to maintain and operate Xello. We may use third parties to host portions of Xello’s delivery infrastructure, operate various features of Xello, store content, send emails, and store and analyze data.

We may also share information about you in connection with a merger, financing, acquisition, bankruptcy, dissolution, transaction, or proceeding involving sale, transfer, divestiture, or disclosure of all or a portion of our business or assets to another company. In these circumstances, we will only share information with a company that has agreed to data privacy standards no less stringent than our own.

Third-Party Services

The information we collect and store on your behalf may be provided to third parties that deliver additional services related to the purpose of creating your successful future. Use of these services and sharing of your personal information will only be done at the request and approval of officials at your educational institution.

All third parties have agreed to handle your information in compliance with this Privacy Policy. In addition, they are permitted to use your information for the sole purpose of providing their third-party service.

How We Protect Your Information

Xello is committed to protecting the data and content we store on your behalf. We have numerous systems in place to safeguard against security breaches, denial of service attacks, and destruction of data. These measures include physical security and backups, employee restriction to data, and a comprehensive security breach policy.

All traffic transmitted to and from Xello is safely encrypted using Secure Socket Layers (SSL). We use industry-standard hashing mechanisms for sensitive data, such as passwords, and all backups are securely encrypted. Network infrastructure is monitored 24/7 by an intrusion detection system, while all servers use virus protection with full antivirus pattern updates. Xello maintains a detailed, and frequently tested, disaster recovery plan that includes multiple layers of redundancy in addition to a robust backup strategy.

Anaca employees who require access to your information to perform their function must complete a criminal background check and sign a non-disclosure agreement prior to employment.

While we believe the measures we have implemented reduce the likelihood of security incidents, it is impossible to eliminate every risk associated with misuse or unauthorized access of our systems. As such, we cannot guarantee the security of your personal information, nor can we be held responsible for incidents resulting from a breach in our Terms of Use.

Your Choices About Your Information

Information Provided by Schools and Districts

Information provided by Schools and Districts is controlled by the educational institution. If you have any questions about reviewing, modifying, or deleting the personal information they have provided us, please contact your educational institution directly.

Educational institutions may update account information and modify Xello by signing in to the administrator account.

Information You Provide

Xello offers a robust set of tools and features which allow you to edit or delete personal information and content you have added.

You may also request changes or deletions to personal information and content you provide by emailing us at . We will respond to your request, when permitted by law, within 30 days.

As well, you can update your individual notification preferences for Xello to control certain service-related messaging. Other service-related messaging (such as password reset communication) cannot be disabled.

Data Retention

Following termination or deactivation of an educational institution’s account, Xello will retain your information for a period of 90 days. Should the educational institution decide to renew their contract within this 90-day period, your account and all related information will be restored. At the end of 90 days, all of your information will be permanently deleted.

At any time upon termination of an agreement or otherwise at their discretion, an educational institution can request we delete all student data. We will follow these instructions within 30 days of receipt.

After deletion of your data, we may maintain anonymized or aggregated data, including usage data, for analytics purposes only.

Children’s Privacy

Students are not allowed to create their own accounts in Xello. Student accounts are created under the direction of Educators at a licensed educational institution. Only Educators with an educational interest in a Student have access to that Student’s personal information and content.

In the United States, we are required under the Children’s Online Privacy Protection Act (“COPPA”) to obtain verifiable parental consent in order to collect, use, or disclose personal information from Children under the age of 13. As provided for by COPPA, Xello relies upon the educational institution to obtain parental consent for the online collection of personal information from Children who are Students of the educational institution.

Changes to Our Privacy Policy

We may modify or update this Privacy Policy from time to time, so you should review this page periodically. If we make a material change to this Privacy Policy with respect to how we collect and use your personal information, we will provide at least 30 days’ prior written notice to you by email to the email address specified in your account. You are responsible for ensuring that we have an up-to-date, active, and deliverable email address for you and for periodically visiting this Privacy Policy to check for any changes. Similarly, educational institutions that license Xello for their Students will be notified by email of material changes to our Privacy Policy at least 30 days prior to any changes.