This page gives you an overview of what personal information is used on the Anthology Illuminate Platform, where it comes from, where it is hosted, which third party have access to and other data privacy information.
This is a draft version of the information we are planning to make available before the Reporting Tier release milestone of the Anthology Reporting Stack. It includes information that is helpful for data privacy reviews. It is an extract of the template Anthology Illuminate Protection Impact Assessment that we are working on.
What do you think of the data privacy information overview? Is it helpful for you and your Privacy/Legal teams? Is there additional information that you think we should include? Please email us at [email protected]. We are keen to hear your feedback.
This is a draft version. Due to the ongoing development, this information may not be fully comprehensive, is subject to change and may not fully reflect the latest development efforts. We may update this as required.
Purposes
The purpose of the processing is to consolidate existing data of the Anthology SaaS Teaching and Learning systems (see list of source systems below) used by a client in one central client database with consistent architecture, data structure and dictionary and API protocols. This will also allow clients to have direct data access (via Snowflake Read-Only data access) to the consolidated data and allow for reporting and analytics solutions to be built upon the Anthology Illuminate Platform.
Data sources (source systems)
All the data is collected directly from the following source systems, if they are used by the client. No data is directly collected from individuals.
- Blackboard Learn SaaS, if used by client
- Blackboard Mobile App, if used by client
- Collaborate Ultra, if used by client
- SafeAssign, if used by client
- Ally, if used by client
Data subjects (individuals whose data is processed)
All authorized users of the source systems listed above that are used. This typically includes:
- Students and other authorized users
- Teachers, teaching assistants and similar roles
- Administrators
- Guest users invited by the customer or its authorized users (for Collaborate Ultra)
Data categories
The data categories depend on the source systems listed above. They will include personal information about the users and their learning activities. The full list of data elements for each application can be found in the Data Dictionary of Anthology Illuminate.
Blackboard Learn SaaS
- Name or unique identifiers
- Demographic and contact information including institutional email address, address, gender
- Date of birth, gender, nationality, parent/student relationships
- Module, course and degree information such as grade level, teachers, classes/sections/courses, grades, assignments, tests, books, attendance, homework, degree Type
- Access credentials usernames and passwords
- Information related to the devices accessing Learn SaaS, service or browsing history, location data, information provided by social networks (where social network integrations are used), authorized user or customer correspondence
- Learning activity including the type of activity, system, time, the module, course and degree it relates to
- Any information contained in the submitted paper, assignment, blog and discussion posts or other user-generated content
Collaborate Ultra
- Name or unique identifiers
- User types
- Access credentials usernames and passwords
- Information related to the devices accessing Collaborate Ultra, service or browsing history, location data, information provided by social networks, Authorized User or Customer correspondence
- Collaborate session and attendance information, chat information, audio/video recordings and related user activities
Blackboard Mobile Apps
- Unique user identifiers
- Information related to objects the user accessed with context, the type of mobile devise and version used and related user activities information
SafeAssign
- Unique user identifiers
- Information contained in the submitted assignments and the result of assignment processing
- Information related to the originality reports and the related user activities
Ally
- Unique user identifiers
- Information regarding the accessibility reports and the related user activities such as rule name, before and after scores
- Information regarding the alternative formats and the related user activities such an alteration type and before and after scores.
Sensitive Personal Information
While this depends on the client’s use of the data sources below, the data sources listed above generally don’t include any sensitive personal information. Any processing of such information is determined and controlled by our clients.
Hosting information
Location: The Anthology Illuminate client account is hosted in the same region as the client’s source systems. The location is therefore generally as follows:
- US and LATAM clients: US-West
- European, Middle Eastern and African clients: Frankfurt, Germany
- ANZ clients: Sydney, Australia
Clients outside these regions are currently not able to use Anthology Illuminate.
Tenancy: Single-tenant.
Data sharing (sub-processors)
Personal information may be shared with the following sub-processors to provide Anthology Illuminate.
Third party service providers (additional third parties may access the source systems as contractually agreed)
- AWS (US) (hosting infrastructure, data lake pipelines)
- Snowflake (US) (hosting infrastructure, data lake and analytics functionalities)
Anthology affiliates and subsidiaries
Anthology teams around the globe may need access to the client data on Anthology Illuminate for client support, product maintenance and similar purposes. The main client support locations are: United States, Czech Republic, the Netherlands, United Kingdom, Australia, Colombia and India.
Retention and deletion
The retention periods are generally determined by our clients as the data controllers. The deletion depends on the applicable scenario.
Scenario 1: Records are deleted from source systems: The corresponding records in the client’s Anthology Illuminate database are deleted as well (as part of the synchronization process).
Scenario 2: Client terminates all source systems with Anthology: Usual decommissioning of all the data/ servers which will include the decommission of the Anthology Illuminate database in Snowflake. Data is deleted within the contractually agreed time period.
Scenario 3: Client terminates one of the source systems: The data related to the expired source system will be removed from Anthology Illuminate as part of the synchronization process (but the other source systems’ data will remain in Anthology Illuminate).