PRIVACY POLICY

1. EMMA STATEMENT ON PRIVACY

EMMA (platform europeanmoocs.eu) is a MOOC platform developed under the European CiP framework. It is managed by the University of Naples Federico II on behalf of the original Consortium.
The purpose of this Privacy Policy is to explain how EMMA (“EMMA” “us,” “we,” or “our”) collects, uses and shares information about you through our Website, Services, and MOOCs.
This document addresses privacy aspects in EMMA, whereby EMMA refers to the platform and related services. EMMA collects different types of data from the user: personal information, log information and non personally-identifiable information, and information about the user learning experience.
EMMA platform and related services ensure that data is tracked and stored only for EMMA purposes and treated in accordance with the EU directive.
Before accessing the platform, users must be aware of the EMMA Privacy Policy, which informs and regulates data use and describes the purpose of EMMA monitoring services.
EMMA privacy policy is addressed to ALL EMMA users - in any role - when they register to the EMMA platform. EMMA has done all in its power to ensure that the Company providing the Hosting Services for EMMA has put in place all the requisite technical and organisational security measures to prevent unauthorised access to users’ personal information.
The Emma platform may contain links to external websites published by other content providers. These other websites are not under our control and we encourage you to review the privacy policies of each website you visit and use. Your use of our Website is also governed by our Terms and Conditions.

1.1 Definition of personal information

Personal information is information which you provide to EMMA which personally identifies you, such as your name, email address or other data which can be reasonably linked to such information. You provide this when you register for a course, or complete one of our learner surveys, or participate in our public forums or send us an email.

Emma acts in accordance with European legislation for collection and treatment of personal data, and in particular EMMA aims to follow the principles of the OECD Privacy Framework (OECD, 2013):

1. Data should be obtained by lawful and fair means and, where appropriate, with the knowledge or consent of the data subject;
2. Personal data should be relevant to the purposes for which they are to be used, and to the extent necessary for those purposes. Data should be accurate, complete and kept up-to-date;
3. The purposes for which personal data are collected should be specified not later than at the time of data collection;
4. Personal data should not be disclosed, made available or used for purposes other than specified – except with the consent of the data subject or by the authority of the law;
5. Personal data should be protected by reasonable security safeguards against loss or unauthorised access, destruction, use, modification, or disclosure;
6. Information on the existence and nature of personal data, purpose of their use, and the identity and location of the data controller should be available.

Please read this notice carefully to understand what we do with the information you leave through your navigation in Emma.
If you do not understand any aspects of our Privacy Policy you can contact us at info@europeanmoocs.eu.

2. COLLECTION OF INFORMATION

2.1 Data collected in EMMA can be of two types:

1. Data provided by the user, ie through registration forms, questionnaire, mail contacts etc.
2. Data collected through the use of EMMA services, ie navigation, assignments, comment, and/or activity streams.
3. When you publish content or information using the Public setting, be aware that you are allowing everyone, to access and use that information, and to associate it with you (i.e., your name and profile picture).

2.1.1 Personal information - when a user registers in EMMA platform, the following data is being collected and stored: name, email address, country of residence, native language, profession and date of birth. After filling in a profile, the following information is stored: location, gender, educational history or qualifications. Personal information is collected and used with the following purposes:

1. to provide, maintain, protect and improve the quality of the Website and the MOOCs that EMMA offers; this includes conducting anonymised market research;
2. to provide you with personalised feedback;
3. to conduct evidence-based pedagogical improvements;
4. for purposes of scientific research, mainly in the areas of technology-enhanced learning;
5. to fulfil any contractual agreements between you and us (for example, when you register as a Learner in relation to the MOOC);
6. to send you information (by email) about products and services which we think may interest you, email notifications and updates about the Website or MOOCs you are enrolled;
7. to manage your account that you hold with us;
8. to allow you to make full use of EMMA features and services.

Personal information is stored in secured servers. EMMA has put in place technical and organisational security measures to prevent the loss or unauthorised access of users’ personal information (see Annexes).

2.1.2 Questionnaires - users of the EMMA platform are expected to fill three types of questionnaires: 1) the entry questionnaire to identify user expectations related to MOOCs and their previous experience of MOOCs; 2) the mini-survey with the aim of collect feedback related to certain MOOCs. Finally, 3) the exit questionnaire aiming at getting feedback about the EMMA experience as a whole. Surveys data are anonymized. The integration between descriptive data and opinions delivered may be used for users profiling. This does not mean that it is not  possible to connect the data to a specific individual and to his/her identity.

2.1.3 Tracking - EMMA tracks most of your actions related to participation in our MOOCs, your performance in MOOCs and patterns of learning, for the aim of learning analytics. Learning analytics is designed for the EMMA platform to raise awareness of the learning and teaching process within MOOCs, and to provide feedback for MOOC designers and instructors.
2.1.3.1 Learning analytics in EMMA aims to establish a feedback loop for the MOOC instructors and facilitators and provide an overview of the course interactions in: a) an aggregated manner in the learning analytics dashboard within the EMMA platform and b) at a more detailed level as a retrospective analysis based on the facilitators’ requests in the context of specific MOOCs.

2.1.3.2 Data subjects in EMMA, whose data has been collected, are the MOOC participants; this includes the MOOC authors/facilitators who have designed and delivered their MOOCs on the EMMA platform, and learners who participate in EMMA MOOCs.

2.1.3.3. The following data is collected in EMMA platform for the purpose of learning analytics:

1. Access log to the servers
2. User visits in different pages (lessons, units, assignments);
3. User posts and  comments in conversation tool;
4. User posts and comments in blog;
5. User submissions, results and comments in assignment functionality;
6. User submissions of peer-assessment;
7. Time spent on different activities.

2.1.3.4 Data pushed to the dashboard is mainly aggregated and does not contain personal information.

2.1.3.5 the MOOC facilitator dashboard enables teachers to visualise:

1. Overview - aggregated view of the frequency and time spent by the participants on different actions in different lessons and units;
2. Lessons - more detailed aggregated view under each lesson based on the frequency of user activity;
3. Enrollment - Enrolled and  unenrolled users. First and last name of the users will be displayed in that view, also the username, which is linked as an e-mail address;
4. Activity stream - xAPI statements based overview of the 100 most recent activities in the specific MOOC context. Only users’ first name is displayed to demonstrate recent activities of the participants;
5. Social Network Analysis - Interactions between the MOOC participants are visualized with the first name.

2.1.3.6 the MOOC learners’ dashboard enables learners to visualise:

1. Progress - data related to the specific learner is visualised, data related to other MOOC participants is aggregated;
2. Activity stream - xAPI statements based overview of the 100 most recent activities in the specific MOOC context. First name of user only is displayed;
3. Social Network Analysis - Interactions between the MOOC participants are visualised with first name of user only.

2.2. EMMA can collect, store and use information that you voluntarily disclose to us through your learning journey. If you contact us, we may also keep a record of that correspondence.

2.3. EMMA may also collect data relating to your visits to the Website that can record your use of our Website and its MOOCs including, for example, details of how long you have used the Website and the MOOC.

2.4. EMMA may combine data that you have provided in your profile with other data collected from you while studying the MOOC and other users’ data to provide you with a better learner support.

2.5. No individual learning analytics will be knowingly made available to other people outside the Platform.

2.6. We may also collect your computer IP address.

3. CONSENT

3.1. The EMMA platform is hosted on servers located in Iceland. Data concerning registration to the platform, platform language cookies, data related to MOOC enrollments and assignment results are all collected and stored on those servers.  Since Iceland belongs to the European Economic Area (EEA), the EEA legislation on privacy and the protection of personal data has been implemented. To find out more about how EMMA servers are protected,  please check the annexes to this document.
However, some data - mainly concerning user monitoring (questionnaires, logs, tracking)  may be stored in European Countries. In this case, data protection and security measures are covered by EU legislation (Data Protection Directive 95/46/EC).

3.1.1 You are asked for consent before any data is collected, in accordance with the European Union (EU) Data Protection Directive 95/46/EC.

3.1.2 Registration is not allowed without user consent to Privacy and Terms and Conditions policies.

3.1.3 The Website may, from time to time, contain links to the websites of third parties. If you follow a link to any of these websites, please bear in mind that these websites have their own privacy policies and that we do not accept responsibility or liability for any of these policies. Please check these policies before you submit any personal information to these websites.

4. YOUR RIGHTS

4.1. You have the right to know what kind of data is being collected about you and for what purposes, how your data are processed, and this information must be available in a clear and understandable way.

4.2. You have the right to access, cancel or correct any information that we hold about you.

4.3. You have the right to unsubscribe from the platform and email communications.

4.4. You have the right to be treated with respect, regardless of race, religion, gender, sexual orientation, maternity, marital or family status, disability, age or national origin.

5. SECURITY

5.1. EMMA cares for your privacy, and procedural and technological measures are in place to protect your Personal Information. Such procedures protect the confidentiality of the Personal Information or user traffic that EMMA creates, receives, stores and transmits.

5.2. EMMA has done all in its power to ensure that the Company providing the Hosting Services for EMMA has put in place all the requisite technical and organisational security measures to prevent unauthorised access to users’ personal information. As far as security measures under the direct control of EMMA are concerned, we ensure:

1. Authenticated access control using a password or pin number - all administrator users accessing the system will be required to use passwords;
2. Firewall measures;
3. Security Socket Layer - SSL "Secure Sockets Layer" installed;
4. Regular back-ups of the system

5.2. EMMA protects all stored data from misuse and respects the rights of the data owners which are guaranteed by the European Union's (EU) Data Protection Directive 95/46/EC. 
5.3. EMMA protects all personal data no matter where it is sent, processed or stored, even outside the EU, and therefore must comply with the EU standard contractual clauses.

5.5. EMMA may disclose your Personal Information only:
(a) if we are required to do so by law, regulation or other government authority or otherwise in cooperation with an investigation of a governmental authority;
(b) to enforce the Emma Terms and Conditions of Use;
(c) to protect the safety of users of the EMMA platform and services.

6. COOKIES AND SIMILAR TECHNOLOGIES

6.1. EMMA uses cookies. Cookies are text files containing small amounts of information which are downloaded to your device when you visit a website.  Cookies are used by our servers to identify the user and its device.  We use cookies that look at the language of preference on the platform and content to help manage our personalisation tools, adapt to the user needs and improve the user experience. Informed consent on cookies is required by the so-called “Cookies Law” on the home page on the EMMA Platform.

Cookies features:

1. Cookie name(s):        __utma, __utmb, __utmc, __utmv, __utmz are for example the names of Cookies used by Google Analytics; emmaLang is the name of the Cookie used by Emma to identify user’ platform language in order to facilitate navigation.
2. Data stored:   A random unique number or string of letters and numbers to identify your browser, the times and dates that you interacted with the site recently and the marketing materials or referring pages that led you to the site.
3. Expiry: Cookies expire 2 years after your last visit to the website. Others are deleted after 6 months, 30 minutes and the moment you close your browser.

6.2. EMMA uses Google Analytics.  Google Analytics is a web analytics service provided by Google, Inc. (“Google”), to help us see how our website is used. The data collected by Google Analytics is used to analyse how frequently the same people revisit the Website, how the Website is found (from advertising or referring websites), and which pages are most frequently viewed. This information is combined with data from other users to create an overall picture of Website use.

7. CHANGES/MODIFICATIONS IN OUR PRIVACY POLICY

We will review our privacy policy from time to time. Our privacy policies are subject to change and modification. Any change, update, or modification will be effective immediately upon posting on our Site.  Any material change to this Privacy Policy will be made known by changing the effective date (located at the bottom of this page). An alert will also be published on the EMMA platform to inform users of any significant changes. Please return to this page periodically to make sure that you are up to date with the most current version of this Privacy Policy.

For any additional information please contact: support@europeanmoocs.eu
Effective as of 31/07/ 2016