Our policy is to only collect and retain as much data as needed for specific services,
You do not need to allow cookies or provide personal information in to access the tasselturner.com website. The following basic information is indirectly collected in our system logs when using the Tassel Turner platform. We may use this information internally to improve the platform, or in rare cases for auditability purposes.
For platform users such as students and staff, we only collect the necessary data to provide the requested platform services. The exact data collected on the platform will be configured by an authorized system administrator. This may include Personal Identifiable Information (PII) for students and other users.
For accountability, customer support, and auditing purposes, detailed user activity is tracked. This includes author, time, and location data for general data interactions.
We avoid accessing your data as much as possible, but there are a few cases where we will need to do so.
Whenever possible we seek your express consent before accessing any data you have created using the platform. Whenever our support agents access your data all activity is logged, and generally performed using a read-only technical support user controlled by your system administrator.
We may on occasion review aggregate system metrics, request logs, or network data in order to improve the platform or address service issues.
As a Tassel Turner user you can control how your private information is used in several ways.
As a Tassel Turner administrator you can configure precise roles and permissions, enable and disable functionality, and customize the platform to support your institution’s data collection needs and obligations.
Companion applications for Tassel Turner on mobile and desktop platforms do not harvest or otherwise collect user or system data. Mobile applications do not require any extra permissions, and desktop applications do not require any administrative privileges. For some optional features, the applications require access to the internet for non-personal service authentication with platform APIs.
We only retain your data in the platform for as long as necessary to serve the purpose for which it was collected or to comply with legal or regulatory requirements.
The Tassel Turner platform allows you to delete your data at any time, and create your own retention policy schedules for automatic deletion. When your Tassel Turner contract concludes, we will delete all your platform data, including backups and logs.
We do not sell, trade, lease, or otherwise share your data with any third party, and have designed the platform for secure isolation and data ownership rights in mind.
When using the Tassel Turner platform to integrate with other services, you may exchange Tassel Turner data with those external services. For example, by authenticating with a single-sign-on service or configuring social media web hooks. Please be aware that we cannot control the security and integrity of your data outside of our platform.
The tasselturner.com site and other platform sites may link to external sites that are not operated by us. Please be aware that we have no control over the content and practices of these sites, and cannot accept responsibility or liability for their respective privacy policies or action/inaction.
Tassel Turner follows a shared responsibility model common to software as a service (SaaS) environments. While the infrastructure and workload responsibilities are sustained by us, our clients are necessarily responsible for other areas of the platform, specifically in regard to the ownership of data, user consent, and freedom of information laws.
We comply with GDPR, the CPA, the CCPA, and many other regulations, frameworks, and best practices.
Bellwether Inc. is incorporated in the state of Florida and subject to US law. To date Bellwether has never been served a subpoena, FISA order, or National Security Letter to access Tassel Turner user data.
All platform data storage and processing can be strictly limited to your institution’s authorized legal territories. The platform infrastructure is designed around regional portability and can be hosted to comply with data residency laws.
When your institution does contracts with Tassel Turner we require the contact information of the relevant appointed agents which we may store in third party business systems, for example for invoicing, bug reports, or CRM.
At your request, we will designate an individual data protection officer as a contact point for all data privacy concerns and communications.
When you contact us with questions, a support request, or for other correspondence, we keep a record of those communications (including your contact information) for future reference when replying to further correspondence.
We are happy to sign an applicable Data Processing Addendum (DPA) or similar agreement to help your institution comply with its data governance obligations.
We do not intend to ever terminate, sell, or transfer ownership of the Tassel Turner platform and services. However, in the unlikely event this occurs we will notify all affected parties and provide a generous grace period to remove and/or migrate any data.
We reserve the right to change this policy from time to time, in which case the changes will be noted below. In the case of a meaningful change we will aim to proactively notify any affected parties and include a prominent notice on this website.