Privacy Policy

1.1 User Categories

Happy Numbers serves three distinct categories of users:

• Students (Children): Children under 18 years of age who use Happy Numbers for educational purposes. Student accounts are always created and managed by either Educators or Parents. We do not collect Personal Information directly from students. All student information is provided to us by Educators or Parents who have the authority to provide such information.

• Educators: This category includes:

  • Teachers who create and manage student accounts within their classrooms

  • School administrators who oversee Happy Numbers implementation at their schools

  • District administrators who manage district-wide access

• Parents (Homeschoolers): Parents or legal guardians who create and manage accounts for their own children for homeschooling purposes.

1.2 Account Structure and Data Collection

• Student accounts are always linked to either an Educator account or a Parent account. Students cannot independently create accounts or provide Personal Information to Happy Numbers.

• We collect information about students only from Educators or Parents, not from the students themselves.

• Educators collect and provide student information through their school or district systems.

• Parents provide information about their children when setting up homeschool accounts.

2.1 Categories of Personal Information

For Students (provided by Educators or Parents): The Personal Information we process about Students includes the student's first name and last name, grade level, school name (for school-based accounts), username (created by Educator or Parent), password (set by Educator or Parent), student performance data (automatically generated through platform use), and IP address (automatically collected during platform use).

For Educators (Teachers and Administrators): The Personal Information we process for Educators includes full name, email address, school name and address, telephone number (primarily for administrators), username and password, role/position within the school or district, and IP address.

For Parents (Homeschoolers): The Personal Information we process for Parents includes full name, email address, preferred mailing address for communications, username and password, and IP address.

District and school officials may provide a child’s first/last name, child’s grade level, teacher’s name, and e-mails, as well as the school, to monitor progress and identify students. Personal Information disclosed to us by districts and schools may be subject to additional regulation and protection measures set in the agreements signed with such districts and schools.

2.2 Accuracy of Personal Information and Account Names

Personal Information must be accurate and complete. Users are responsible for ensuring that all information provided to Happy Numbers is current, accurate, and truthful.

Regarding usernames and display names: If nicknames or fictitious names are used instead of legal names, they must:

• Not contain offensive, discriminatory, or inappropriate language

• Not impersonate another person

• Not contain profanity, hate speech, or references to violence

• Be appropriate for an educational environment

• Not violate any third-party rights

We reserve the right to: require users to change usernames or display names that violate these guidelines, suspend or delete accounts that use inappropriate names, delete accounts where deliberately false information has been provided, and request identity verification if we suspect inaccurate information has been provided.

Parents, guardians, and school officials must ensure that children's accounts comply with these requirements.

2.3 Data Ownership and Use Limitations

We don't claim ownership over your data and won't exploit it for unrelated marketing endeavors. Additionally, we uphold strict guidelines regarding children's data, refraining from collecting additional Personal Information from them or using your data to market products to minors.

2.4. Referral Information

When teachers use our invitation feature to invite colleagues, we collect the email addresses and, optionally, the names of the invited colleagues. This information is used solely to facilitate the invitation process and track successful referrals. We rely on the inviting user to ensure they have the necessary permission to share their colleague's contact information with us.

2.5 Student Rostering Through Single Sign-On (SSO) Systems

Happy Numbers integrates with industry-standard Single Sign-On (SSO) platforms, specifically Clever and ClassLink, to streamline account creation and management for schools and districts. These integrations provide automated rostering capabilities that simplify the setup process while maintaining strong data privacy protections.

2.5.1 What is SSO Rostering?

SSO rostering is an automated process that creates and maintains student, teacher, and class accounts by securely connecting Happy Numbers with your school or district's Student Information System (SIS) through Clever or ClassLink. This eliminates the need for manual account creation and ensures that account information stays current as changes occur in your SIS.

2.5.2 How SSO Rostering Works

When your school or district enables Clever or ClassLink integration with Happy Numbers:

• Authorization: Your district administrator authorizes the connection between your SIS and Happy Numbers through the Clever or ClassLink platform

• Data Sync: Clever or ClassLink securely transmits roster information from your SIS to Happy Numbers according to the schedule set by your district (typically daily or weekly)

• Account Creation: Happy Numbers automatically creates and updates accounts based on the roster data received

• Ongoing Maintenance: As students enroll, transfer, or leave, and as class assignments change, these updates are automatically synchronized

2.5.3 Data Shared Through SSO Rostering

When rostering through Clever or ClassLink, Happy Numbers receives only the minimum data necessary to create and maintain functional accounts. The specific data elements include:

2.5.4 District Control and Data Minimization

Your school or district maintains complete control over SSO rostering:

• Selective Sharing: Districts can choose to share only specific schools, grade levels, or classes with Happy Numbers

• Data Mapping: Districts control which specific data fields are shared through Clever or ClassLink settings

• Sharing Rules: Districts can establish rules to limit data sharing to only what is necessary

• Access Management: District administrators can revoke Happy Numbers' access at any time through the SSO platform

Happy Numbers adheres to data minimization principles and requests only the data elements essential for providing our educational services. We do not request or accept unnecessary student information through SSO integrations.

2.5.5 Security and Privacy Protections

SSO rostering through Clever and ClassLink includes multiple layers of security:

• Encrypted Data Transmission: All data transfers between the SSO platform and Happy Numbers use industry-standard encryption (TLS 1.2 or higher)

• Secure Authentication: Clever and ClassLink use secure authentication protocols to verify the identity of users accessing Happy Numbers

• No Data Sale: Neither Happy Numbers, Clever, nor ClassLink sell student data to third parties

• No Advertising: Student data is never used for advertising purposes by any party

• Compliance Standards: Both Clever and ClassLink are certified for compliance with FERPA, COPPA, and other student data privacy regulations

• Regular Security Audits: Both platforms undergo regular third-party security assessments

2.5.6 OneRoster Standard Compliance

Both Clever and ClassLink utilize the 1EdTech OneRoster standard, an industry-recognized specification for securely exchanging roster data between systems. This standardization ensures consistent data formatting across different applications, interoperability between various educational technology tools, reduced errors in data transmission, enhanced security through standardized protocols.

2.5.7 Manual Rostering Alternative

Schools and districts are not required to use SSO rostering. Manual rostering options remain available:

• CSV File Upload: District administrators can upload roster files directly to Happy Numbers

• Manual Account Creation: Teachers can create student accounts individually through the Happy Numbers interface

• Hybrid Approach: Some schools may use SSO for certain grades or classes while managing others manually

  ∑

Note: When SSO rostering is enabled for a school or district, manual rostering functions are typically disabled to prevent data conflicts and ensure roster integrity.

2.5.8 Data Retention and Deletion

Roster data received through Clever or ClassLink is subject to the same retention and deletion policies described in Sections 7.1 (Subcontractors), 8.3 (Deletion Rights), and 8.4 (Data Retention) of this Privacy Policy:

• When a student is removed from a class or school in your SIS, their access to that class in Happy Numbers is automatically removed

• When a school or district terminates their Happy Numbers subscription, all associated roster data is deleted according to our standard deletion timeline

• Districts can request immediate deletion of all roster data at any time

2.5.9 Parent Rights and Transparency

Parents and guardians maintain all rights regarding their children's information, even when accounts are created through SSO rostering:

• Right to Access: Parents can request to review their child's information at any time

• Right to Correct: Parents can request corrections to inaccurate information

• Right to Delete: Parents can request deletion of their child's account and data

• Notification: Schools should inform parents when implementing SSO systems that share data with educational applications like Happy Numbers

2.5.10 Questions About SSO Rostering

If you have questions about how your school or district's SSO rostering works, or what specific data is being shared:

• For School-Based Accounts: Contact your school or district technology administrator

• For Technical Questions About Happy Numbers: Contact us at support@happynumbers.com or +1-800-815-1574

• For Clever-Specific Questions: Visit https://clever.com/trust/privacy or contact Clever support

• For ClassLink-Specific Questions: Visit https://www.classlink.com/trust or contact ClassLink support

4.1 Third-Party Advertising Platforms

Happy Numbers does not display third-party advertisements on our website or within our platform. However, we advertise our educational services on third-party platforms such as Google Ads, Facebook, Instagram, and other advertising networks to reach Educators and Parents.

When you visit third-party websites or social media platforms, you may see advertisements for Happy Numbers. These advertising platforms may collect information about your browsing activity across different websites to show you relevant advertisements. Under certain state privacy laws, including the California Consumer Privacy Act (CCPA), this may be considered "sharing" of information for cross-context behavioral advertising if we provide customer information to these platforms for advertising purposes.

Analytics on Our Website: We use analytics tools (such as Google Analytics) on our website to understand how visitors interact with our content. These analytics tools may use cookies to collect information such as IP address, browser type, pages visited, and time spent on pages. This information helps us improve our website and services.

Student Protection: We do NOT use advertising tracking technologies on student-facing pages or within student accounts. Students never experience behavioral tracking or see advertisements of any kind while using Happy Numbers.

Note: If at any time Educators or Parents would like to unsubscribe from receiving future emails, we provide detailed unsubscribe instructions at the bottom of each email. We do not collect student emails or attempt to contact students for marketing purposes.

6.1 Product Safeguards to Protect Student Users

Private Interactions: Students cannot interact socially with other students within the platform or publicly post information. Student accounts are provisioned by Educators, and Students interact exclusively with the website itself once logged in. This Policy applies only to our services and does not restrict users from posting information on external websites.

6.2. Administrative and Operational Safeguards we use to protect your Personal Information:

Minimizing the Use, Collection, and Retention of Personal Information: We store the minimum information required for the proper functioning of our services. We collect minimum information from single sign-on (SSO) systems such as ClassLink and Clever.

Anonymizing Information: We use a unique tool to prepare databases for test and development environments with complete anonymization of Personal Information. Developers and QA engineers cannot access real personal data throughout the development lifecycle.

Access Enforcement: All employees have personal auditable accounts in all our systems. We use Single Sign-On to grant access to all internal systems. Critical applications, such as the admin panel, have role-based access control for different access levels.

Separation of Duties: We adhere to the principle of minimizing access, which means that, for instance, a content manager can access the BI system with de-identified student problem-solving logs, but they do not have access to the admin panel with Personal Information.

Least Privilege: Our internal systems use a role-based access control model to grant each employee the minimum required access level.

Remote Access: All communication with our servers and systems is encrypted using battle-tested protocols, such as enforced HTTPS with TLS 1.2, SSH, and OpenVPN.

Auditable Events: We collect all change events in our SSO system and admin panel and store them in a database without making any modifications.

Protection of Information at Rest: We store our backups in AWS S3 using the pgBackRest tool with AES-256-CBC encryption. Furthermore, our application servers transparently encrypt Personal Information using a symmetric cipher before storing it in an encrypted database.

Data Backup and Recovery: We continuously back up all production PostgreSQL databases using the pgBackRest tool and retain data for 30 days, including four weekly full backups.

Change Management: Our infrastructure is entirely managed by Infrastructure as Code (IaaC) tools, including a custom in-house CLI tool, Terraform, and Ansible. This means that all the changes can be reviewed through standard development procedures and stored in GitHub.

Employee Training: All employees complete mandatory security and privacy training upon hire and annual refresher training. Employees with access to Personal Information complete additional FERPA and COPPA compliance training.

Vendor Security Assessment: We conduct security assessments of all subcontractors who process Personal Information, including security questionnaires and data processing agreements.

6.3 Password Guidelines

We strive to ensure that your experience with Happy Numbers is one of utmost security and confidence. Your Personal Information is kept safe with a strong password. To ensure no one unauthorized gets into your account or accesses your Personal Information, you should choose a strong password, be careful about who has access to your computer and browser, and always remember to sign off when you are done using your account.

6.4 What We Will Do in Case of a Data Breach

In the event that we become aware of an unauthorized disclosure or data breach:

For School-Based Accounts: The district, school officials, and teachers will be notified within 24 hours by email if the teacher account or any related student accounts are affected. The appropriate person in the school or school district who has purchased the valid school-wide or district-wide Happy Numbers access will be notified by phone.

For Parent (Homeschool) Accounts: Parents will be notified within 24 hours by email if their account or any linked student accounts are affected.

The notification will include the date of the breach, the types of information that were subject to the breach, a general description of what occurred, and steps we are taking to address the breach.

8.1 Verification Process

Please note that to fulfill your request, we may need to obtain further information and documentation, including Personal Information, to confirm your identity and handle your request accordingly. Any additional information provided will be securely stored for legal purposes, specifically as evidence of the individual who submitted the request.

8.2 Access and Correction Rights

You may review, correct, update, or change your Personal Information anytime by accessing your Happy Numbers.com account settings. You can also contact your school or district administrator (for student accounts), email us at support@happynumbers.com, or call us at +1-800-815-1574 if you wish to update your data or have any questions about our privacy practices and your rights.

8.3 Deletion Rights and Account Termination

When Accounts May Be Deleted:

We may suspend or delete accounts under the following circumstances:

• Upon request by the account holder, parent/guardian, or authorized school official

• For violation of our Terms of Service, including use of inappropriate usernames or providing false information

• For prolonged inactivity (accounts inactive for at least one (1) school year)

• If we discover the account was created without proper parental/guardian consent

• For security reasons, such as a compromised account

• Upon termination of a school or district's subscription or contract termination

Deletion Process:

If you would like us to delete your account and your Personal Information from our system, please contact us using the information at the bottom of this page. Upon receiving a valid deletion request, we will:

• Immediately disable account access

• Delete Personal Information from our active systems within seven (7) business days

• Delete Personal Information from backups and third-party systems within 30 days

• Send confirmation of deletion to the requester

• Retain only minimal information required for legal compliance (such as records of the deletion request itself, transaction records for tax purposes, and records necessary to comply with FERPA requirements)

For Educator Accounts: Deleting an Educator account will also affect any student accounts linked to that Educator account according to school or district policies.

For Parent Accounts: Deleting a Parent account will also delete any student accounts linked to that Parent account.

Exception: We may retain Personal Information if we have a legal obligation to retain the record, if retention is necessary to resolve disputes or enforce our agreements, or if required by a school or district agreement.

8.4 Data Retention

During Active Use: We store your Personal Information as long as it is necessary to provide the Services. Personal Information linked to your account will be retained until you decide to delete your account or until we no longer require the data to offer our Services.

After Service Termination: As soon as the Services are no longer in use by the district or school:

• Default deletion: We will delete all Personal Information, including the backups we and our trusted third parties hold, within 60 days after June 30th of the current calendar year

• Upon request: We will delete any Personal Information within seven (7) business days from our website and within 30 days from our trusted third parties

Data Portability: Upon request by the school or district, we can transfer any children's Personal Information to the school, district, or their designated third party.

9.1 Our Marketing Practices

Happy Numbers is committed to responsible and transparent marketing practices, particularly given our work with children and educational institutions.

We market our services exclusively to  eachers, school administrators, parents, and school districts through professional development events, educational conferences, email campaigns, social media advertising (Facebook, Instagram), search engine marketing (Google Ads), direct sales outreach including outbound calls to schools and districts (Sales Development Representatives may contact publicly available school and district contacts), display advertising on educational and parenting websites, content marketing through our blog, conference participation, educational webinars and workshops, and partnership programs with schools and educational organizations.

We NEVER market directly to children under 18 years of age.

9.2 What We Advertise

Our marketing communications may include information about our educational programs and curriculum offerings, updates to features and new learning content, success stories and case studies (with permission and anonymized data), professional development opportunities for educators, pricing information and subscription offers, educational tips and best practices, and free trial opportunities.

For marketing purposes, we may use contact information you've provided (with consent), aggregated de-identified usage data to improve our marketing messages, demographic information to target appropriate audiences, and website analytics to understand how visitors interact with our marketing content.

We do NOT use student Personal Information for marketing purposes, student performance data for marketing or advertising, or any Personal Information from children for targeted advertising.

9.3 Opt-Out Rights

You can opt out of marketing communications at any time by clicking the "unsubscribe" link at the bottom of any marketing email, adjusting your communication preferences in your account settings, contacting us at support@happynumbers.com, or calling us at +1- 800-815-1574. Please note that even if you opt out of marketing communications, you will still receive transactional emails (account creation, password resets), service announcements and critical updates, legally required communications, and billing and subscription notifications.

9.4 Third-Party Marketing

We do not sell or rent your Personal Information to third parties for their marketing purposes. We do not allow third-party advertising on our educational platform or student-facing interfaces.

11.1 We Do Not Collect Information Directly From Children

We do not knowingly collect any personally identifiable information directly from children under the age of 18. All student information is provided to us by:

• Educators (teachers, school administrators, district administrators) who have the authority to provide such information on behalf of their students, OR

• Parents or legal guardians who provide information about their own children for homeschooling purposes

Student accounts are always created and managed by Educators or Parents, never by the students themselves.

If we discover that we have inadvertently collected Personal Information directly from a child without it being provided by an authorized Educator or Parent, we will promptly delete the information.

11.2 How Student Information is Provided

• Through Educator Accounts: Teachers and administrators create student accounts and provide student information through their school or district systems

• Through Parent Accounts: Parents create and manage accounts for their children for homeschooling purposes

• Through SSO Systems: Schools may use single sign-on systems (like Clever or ClassLink) to provide student roster information to Happy Numbers

We assure you that we value the privacy of student records and will not use any personally identifiable information for targeted advertising purposes. Furthermore, we will strictly adhere to our Privacy Policy and Terms of Service, using the student record information solely for necessary or explicitly authorized purposes.

11.3 Parental Consent

Before student accounts can be created on our website, we require consent from authorized parties.

For school-based accounts, schools and districts that obtain licenses to use HappyNumbers.com act as the authorized party providing consent on behalf of parents/guardians. Individual teachers creating accounts within their school must have authorization from their school or district. We follow the necessary steps to confirm proper authorization to set up student accounts.

For homeschool accounts, parents or legal guardians must create the account themselves, providing verifiable consent through the account creation process. Parents provide consent by creating and managing their children's accounts directly.

11.4 Rights Regarding Student Information

For school-based student accounts, parents or guardians have the right to review, correct, delete, receive a copy or refuse further collection or use of their child's Personal Information. Requests should be directed through the school or district, or directly to Happy Numbers. Educators with authorized access can also review and manage student information within their scope of authority.

For homeschool student accounts, parents have the right to review, correct, delete, receive a copy, or refuse further collection or use of their child's Personal Information at any time by contacting us. To exercise these rights, please contact us using the information provided at the end of this Privacy Policy.

12.1 Data Collection and Anonymization

Participation in the Leaderboard is at the class level, not the individual student level. The Leaderboard displays a single, combined score based on aggregated class performance data. We never calculate, display, or share individual student scores or Personal Information (PII) on the Leaderboard. To ensure privacy, all participating classes are assigned a system-generated, anonymous name in place of real school, teacher, or class names. Furthermore, Leaderboards are only visible to authorized, logged-in users (students and teachers) on our platform.

12.2 Data Use Limitation and Control

The data collected and used for the Leaderboard is restricted only for this feature's functionality. We adhere to our commitment to never sell or share this data with any third parties for marketing or advertising purposes. This feature is optional, and teachers retain complete control, possessing the right to opt out their class at any time by emailing support@happynumbers.com. Upon opting out, the class is fully removed from all Leaderboards, and its data is no longer displayed.

13.1. Personal Information We Collect:

In the last 12 months, we collected the following categories of Personal Information from our users (as described in Section 2 of our Privacy Policy):

• Identifiers (such as the child’s first/last name, the user’s parent’s, teacher’s, school administrator’s) e-mail, the user’s (parent’s or teacher’s, the child’s grade level, school, school address, username, password), school administrator’s (or teacher’s, in rare cases) telephone number;

• Internet or other electronic network activity information (such as browsing history, IP address)

• Inferences drawn from personal information (such as user preferences)

• Education information regarding the child’s grade level

• Data on students’ performance

13.2. Purpose of Collection:

In the last 12 months, we used the Personal Information we collected for the purposes described in Section 5 of our Privacy Policy

13.3. Disclosure of Personal Information:

In the last 12 months, we disclosed the personal information we collected to the recipients in the way described in Section 7 of our Privacy Policy.

13.4. Your CCPA Rights:

As a California resident, you have the following rights under the CCPA:

• Right to know: You have the right to request information about Personal Information we may collect, use, and disclose;

• Right to delete: You have the right to request the deletion of your Personal Information;

• Right to opt-out: You have the right to opt out of the sale of your Personal Information. We do not sell personal data of California residents under 18 years old without their opt-in authorization or their parent/guardian's authorization. Opted-in residents can opt out of future sales at any time. For the avoidance of doubt, we do not sell or rent user data to third parties;

• Right to non-discrimination: We will not discriminate against you for exercising your CCPA rights.

For Educators and Parents: You may exercise these rights on behalf of students whose accounts are linked to yours.

13.5. FERPA and COPPA Compliance:

In addition to CCPA, we comply with the Family Educational Rights and Privacy Act (FERPA) and the Children's Online Privacy Protection Act (COPPA). We take appropriate measures to protect the privacy and security of personal information collected from children under the age of 13 by COPPA requirements. For educational records protected under FERPA, we ensure compliance with the applicable regulations.

We do NOT sell Personal Information. We have not sold personal information in the last 12 months and do not sell personal information of minors under 18 years of age.

We do NOT share Personal Information for cross-context behavioral advertising purposes.

13.6. Contact Us:

If you have any questions or concerns regarding our data privacy practices or wish to exercise your CCPA rights, please get in touch with us at:

Happy Numbers Inc.,
2261 Market Street STE 22178
San Francisco, CA 94114
USA
support@happynumbers.com
Phone: +1-800-815-1574
Fax: +1-650-618-8611

Please note that we may require certain information to verify your identity before processing your requests.

We reserve the right to update or modify this CCPA Notice for Data Privacy Policy at any time. Any changes will be posted on our website with the updated effective date.

15.1 Dispute Resolution

For Consumer Users: Before initiating any legal proceeding, we encourage you to contact us to attempt to resolve any disputes informally.

For School and District Agreements: Dispute resolution procedures may be governed by separate agreements between Happy Numbers and educational institutions.

15.2 Class Action Waiver

To the extent permitted by applicable law, you agree that any dispute resolution proceedings will be conducted on an individual basis and not in a class, consolidated, or representative action.

Exception: This class action waiver does not apply where prohibited by law or for claims that cannot be waived under consumer protection laws.