SMART Board 6000S Series (the “6000S”) Privacy Policy

Introduction

The following information explains the privacy policy (the “Policy”) and practices of SMART Technologies ULC (together with its subsidiaries, collectively "SMART", “we” or “us”) regarding the collection, use and disclosure of your personal information. The purpose of this Policy is to clarify what information we collect from you, how we use and disclose this information, and the ways in which you can help manage the information we collect. SMART is devoted to making sure that your privacy rights are respected, and personal data is collected and used in accordance with the current and applicable privacy and data protection law.

SMART supports numerous privacy laws including the European Union’s General Data Protection Regulation (GDPR), and the California Consumer Privacy Act (CCPA).  We currently offer American and European data storage for user created content and we are satisfied our out-of-region user data processors provide appropriate safeguards for the data they handle. The 6000S is not directed to children under the age of 13, and we do not knowingly collect personal information from children under 13. Therefore, the Children's Online Privacy Protection Act (COPPA) does not apply. If you become aware that a child under the age of 13 has provided any personal data to us while using the GX please email us at privacy@smarttech.com and we will investigate the matter and, if appropriate, delete the personal data.

By using the 6000S, you are agreeing to this Policy and consent to SMART's collection, use and disclosure of your personal information as necessary for the identified purposes or as otherwise identified herein.

About 6000S

The SMART 6000S® interactive flat panel display is powered by iQ3, an all-in-one Android (a trademark of Google LLC) experience for SMART 6000S interactive displays. By using the 6000S, you have one-touch access to a full suite of SMART education and third-party applications without connecting to an external computer. These applications include a powerful whiteboard, a built-in web browser, wireless screen sharing, and more. The iQ experience provides a simple, fully integrated experience between personal devices and interactive displays.

Android

The Android operating system is open-source software by Google LLC. While SMART 6000S® currently have their updates usually provided by SMART, there are times when Android connects to Google servers directly. If you’re using an Android device with Google apps, your device periodically contacts Google servers to provide information about your device and connection to Google services. This information includes things like your device type and carrier name, crash reports, which apps you've installed, and, depending on your device settings, other information about how you’re using your Android device. By using Android, you agree to Google’s terms and privacy policy.

Aptoide

Aptoide™ is an online marketplace for mobile applications that runs on the Android operating system and is available on the 6000S as the SMART PlayStore. It is optional to use Aptoide to download third-party apps on to your SMART 6000S®. By using the SMART App Store, you agree to Aptoide’s Privacy Policy and any applications you download will have their own privacy policy. Please refer to each individual application that you use for their privacy policy.

Updates

Our ability to make timely changes is fundamental to delivering superior software to you. Sometimes, material updates will require us to change our Terms and we will notify you of these changes. If our updates do not erode or diminish your rights or obligations under these Terms we may update them without notice.

Data Types

We collect two types of data, depending on your interaction with us:

“Non-Personal Data” means aggregated non-identifiable information, which may be made available or gathered via your access to and interactions with our services. We are not aware of the identity or other identifiers of the individual from which the Non-Personal Data is collected. The Non-Personal Data being collected may include aggregated usage information, as well as technical information transmitted by your device, such as the type of browser or device, type of operation system, device settings and technical software data, etc.

“Personal Data” or “Personal Information” means individually identifiable information, namely information that identifies a natural person (not a corporation) or may, with reasonable effort, be used to identify a natural person.

We do not knowingly collect or process any Personal Data constituting or revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, genetic data, biometric data, data concerning a person's health (“Special Categories of Personal Data”).

It is important to remember that customers and users are two distinct groups. Typically, a SMART customer is an organization (government, business, school, etc.) and not an individual end user (i.e., business person, teacher, student, etc.). Our users are generally not the ones who purchased or setup a trial of the product or service from SMART; our users are accessing the SMART product or service because the customer has granted them access.

Encryption

We encrypt all your credentials and separate them from your personally identifiable information. We do not store any of your login credentials, including passwords as these are managed by our single-sign-on (SSO) providers.

Your rights

Subject to applicable law, including exceptions, you have the following rights with regard to the personal data that we collect about you:

  • right to ask what personal data we have about you and how we use;
  • right to request a copy of the personal data that we hold about you;
  • right to request that we correct or amend your personal data;
  • right to request deletion of your personal data; and
  • right to ask us to stop or limit how we process your personal data.

To protect your privacy and security, we may need to verify your identity before acting on certain requests, to the extent permitted by law. If someone is making the request on your behalf (like an authorized agent) and they don’t provide proof of authority (such as a power of attorney), we may ask for additional evidence, like written authorization, or contact you directly to confirm the request.

If you would like to exercise your rights regarding your personal data, you can do so by:

 
SMART Technologies ULC
Attention: Legal Department
Suite 600, 214-11 Ave SW
Calgary, AB T2R 0K1
CANADA

+1.403.245.0333

Opting out or removing personal information and data retention

We do not sell your data, and we do not share personal data with third parties without your permission.  A list of the third parties we share data to provide our services to you are detailed below.

SMART will only keep personal data for as long as required to provide the service, or to comply with statutory requirements. When the personal data collected is no longer required by us, we and our service providers will perform the necessary procedures for destroying, deleting, erasing, or converting it into an anonymous form as permitted or required under applicable laws.

You may request deletion of your SMART account at any time by e-mailing privacy@smarttech.com or contacting our support department.  SMART will respond to customer requests to delete personal data within 30 days.  Inactive unpaid accounts are deleted after two (2) years.  All data stored locally on the 6000S can be deleted by you at any time.

If you would like to request that your personal information be provided to you for your review, be removed from our services, or be updated, please contact privacy@smarttech.com.

Notification of Breach

If SMART becomes aware of a personal data breach, it shall without undue delay, and where feasible, no later than 72 hours after having become aware of it, notify the affected customer and the supervisory authority (if it was for data where SMART was the Data Controller) in accordance with Article 33 of the GDPR, unless the data breach is unlikely to result in a risk to the rights and freedoms of natural persons. SMART’s communication of a breach shall be in clear and plain language and contain a minimum of:

  1. Contact details of the Data Protection Officer or other contact person,
  2. A description of the nature of the breach,
  3. Likely consequences of the breach,
  4. Advice on steps data subjects can take to protect themselves, and
  5. The measures SMART has taken or proposes to take to address the breach
 

SMART has an internal incident response plan in place to promptly and effectively address any security incidents involving personal data. This plan outlines procedures for identifying, assessing, containing, investigating, and mitigating data breaches to minimize risks to individuals and ensure compliance with applicable data protection laws.

Data security

SMART's business processes are designed and applied to appropriately safeguard your personal information, having regard to the sensitivity and use of that information. Nevertheless, such security measures may not prevent all loss, misuse or alteration of personal information provided to SMART, and SMART is not responsible for any damages or liabilities relating to any such security failures. By using our services, you understand that there is a risk that data and communications, including e-mail and other electronic communications, may be accessed by unauthorized third parties when communicated over the Internet. The foregoing does not affect any liability which cannot be excluded or limited under applicable law.

If you have any questions or concerns regarding the security measures applied to collection, use or disclosure of your personal information please email privacy@smarttech.com.

Third-party apps and services

The 6000S allows you to access or acquire services, websites, links, content, material, or applications from independent third parties (companies or people who aren’t SMART). We do not control how private information is collected by third party apps. Please refer to each individual app that you use for their privacy policy.

Cookies

The 6000S and some of its features use cookies to enhance your experience and provide the functionality of the device. Cookies are small files stored on your device that help the 6000S remember your preferences and settings. Most web browsers and smart devices offer options to manage and control cookies through their settings. However, blocking all cookies may affect the performance and usability of the 6000S. You may choose to accept cookies, and you can delete them later or when you exit your session, ensuring a customized experience each time you use the board.

Changes to the policy

We reserve the right to change this Privacy Policy from time to time to reflect changes to our products and services, operations, or to meet new legal and regulatory requirements. The most recent version of the Policy will always be posted on the website, and the updated date will be reflected in the “Last Modified” heading.

Any material amendments will be communicated to customers 30 days in advance and become binding once posted online.

Required data that SMART processes for customers

Processor Country Data is Processed/Stored Purpose Data Collected/Processed
SMART Technologies ULC Canada Required. When a SMART 6000S interactive display with iQ is used, it automatically reports the following categories of non-PII back to SMART so we can determine if the product needs an automatic update (over the air (OTA)) and from what server to deliver that update from. All Users (anonymous):
  • Model number
  • OS and OS version
  • App build details (version)
  • Brand (SMART)
  • 6000S configuration (Legacy, ENT, or EDU)
  • Browser
  • Information obtained from partial IP address:
    • City
    • Country
    • Region
  • Screen DPI
  • Screen height and width
  • Timestamp of when data was collected
  • Firmware Version (iQ version)
  • Hardware SKU
  • Last seen (when the last report came)
  • Panel family-type (what model panel the iQ appliance is in)
Blue Ocean Contact Centers, Inc. Canada Live Customer Support All Callers (identifiable):
  • Title
  • First and last name
  • Organization calling on behalf of
  • Address
  • Shipping address if parts needed
  • Email
  • Phone number
  • Serial number of the product
  • Issue reported
  • Attachments (pictures, emails, etc.)
  • Existing incident number (if any)
  • Preferred reseller
  • Comments about service received
  • Call recording (if not opted out of)
Call Miner Canada

Support

Optional. Processing for telephone interactions (option to opt-out of call recordings), required for e-mail. Call Miner is a sub-processor providing omnichannel interaction analytics powered by AI and machine learning. Call Miner analyzes customer support interactions, including recorded calls and e-mails, which are temporarily stored in CallMiner. The metadata is retained in CallMiner for analysis of the customer experience and trending information regarding the interactions between agent and customer.

Call Miner Privacy and Security

 Identifiable:
  • Customer name
  • Caller name (can use company title only if preferred for GDPR reasons)
  • Email (can provide non-PII version to comply with GDPR)
  • Title
  • Phone
  • Address
  • Description of the issue and any shared details to help solve the problem

Third-party sub-processors for non-signed-in users

Processor Country Data is Processed/Stored Purpose Data Collected/Processed
Amazon Web Services, Inc., Amazon Web Services EMEA SARL USA or Germany

Optional usage analytics; data is stored and processed prior to being sent to MixPanel.

Can be turned off within the product.

All Users (anonymous and can be turned off):
  • See metadata fields below in the MixPanel section
Google LLC, Google Germany GmbH USA or Germany Required when accessing GMS certified applications on iQ4. Android connects to Google servers directly, and depending on your Android privacy settings, may provide information about your device and connection to Google services in accordance with Google’s Privacy Policy and Terms. All Users (identifiable but optional use):
  • Device type and carrier name
  • Crash reports
  • Other information about how you’re using your Android device
HubSpot, Inc. Germany Required customer communications All Customers (identifiable):
  • Contact information (name, e-mail address, address, phone number)
  • Purchase information (product)
MixPanel, Inc. USA

Optional usage analytics and visualization.

Can be turned off within the product.

All Users (anonymous and can be turned off):
  • Device serial number
  • DP data version
  • DP debug
  • DP import version
  • Firmware version
  • Front io FW version
  • HW part number
  • HW revision
  • Library version
  • FW version
  • Mainboard FW version
  • Manufacturer
  • Model
  • Country code
  • MP lib
  • NFC FW version
  • Operating system
  • OS version
  • Panel codename
  • Panel model name
  • Panel part number
  • Panel size
  • Panel subfamily type
  • Pen FW version
  • Pen tray FW version
  • Region
  • Screen DPI
  • Screen height
  • Screen width
  • Touch FW version
  • UTC event time
  • Widevine level
  • Wi-fi (yes/no)

Third Party Sub-Processors for Signed-In Users to SMART Board®, iQ Whiteboard, or Files Library Application

Sub-Processor Country Data is Processed/Stored Purpose Data Collected/Processed
Amazon Web Services, Inc., Amazon Web Services EMEA SARL USA or Germany Optional usage analytics; data is stored and processed prior to being sent to MixPanel. Reports can be turned off within the product.

Required for storage. We offer both an American and European data storage option.

AWS Privacy
AWS GDPR

 Usage Analytics
All Users (anonymous and can be turned off):
  • See metadata fields below in the MixPanel section
Storage
Guests (anonymous)
  • Self-chosen display name
  • Created content
Signed-in User (identifiable)
  • Account information
  • First and last name
  • Email
  • Created content
  • SMART user ID
  • Organization ID
  • Aggregate activity of user
Google LLC, Google Germany GmbH USA or Germany and Belgium (Firebase)

Google Cloud Datastore
Required for login and account administration for SSO login with Google, Microsoft, Salesforce.

Google Firebase
Required for basic functionality (Firebase is a Backend-as-a-Service (BaaS) cloud-computing solution we use for real time (temporary) automated computer processing).

Google Memcache
Required for sign-in process, short term shared cache.

Google Single-Sign-On (SSO)
Optional and only used if you use Google as your single-sign-on (SSO) provider. Google provides SMART with required account details.

Google Drive Integration
Optional and used for browsing and editing Google Drive files in the Files Library.


 Signed-in User (identifiable):
  • First and last name
  • Email
  • Profile picture (if set)
  • SMART user ID
  • External user ID
  • Account information
  • Created content
FIREBASE
Guests (anonymous)
  • Self-chosen display name
  • Created content
Signed-in User (identifiable)
  • Account information
  • First and last name
  • SMART user ID
  • Created content
HubSpot, Inc. Germany Optional (express opt-in) marketing communications People Who Expressly Opted-In To Marketing Communications:
  • Contact information (name, e-mail address, address, phone number)
  • Purchase Information (product)
Microsoft, Inc., Microsoft Deutschland GmbH USA or Germany

Optional and only used if you use Microsoft as your single-sign-on (SSO) provider. Microsoft provides SMART with required account details.

 User (identifiable):
  • Account information
  • First and last name
  • Email
  • Profile picture (if set)
MixPanel, Inc. USA Required for product improvement and service monitoring. MixPanel allows us to analyze how our de-identified users interact with the board. It is designed to identify trends, understand common aggregated usage behavior, and helps us make better decisions on how to improve the usability and features of our product. This data is also used to track how long it takes our servers to complete actions like open files, which helps us measure service health and up/downtime.

Mixpanel Privacy
Mixpanel GDPR 		All Users (anonymous):
  • Device serial number
  • DP data version
  • DP debug
  • DP import version
  • Firmware version
  • Front IO FW version
  • HW part number
  • HW revision
  • Library version
  • FW version
  • Mainboard FW version
  • Manufacturer
  • Model
  • Country code
  • MP lib
  • NFC FW version
  • Operating system
  • OS version
  • Panel codename
  • Panel model name
  • Panel part number
  • Panel size
  • Panel subfamily type
  • Pen FW version
  • Pen tray FW version
  • Region
  • Screen DPI
  • Screen height
  • Screen width
  • Touch FW version
  • UTC event time
  • Widevine level
  • Wi-fi
Radix USA or Germany (uses AWS)

Optional remote management (allows remote controlling and configuration)

 If user is signed in via Google Mobile Services (GMS) then the following Google data is shared with Radix
  • - Google Account ID (e-mail address for owner/user)

HAVE A QUESTION FOR US? You can do so by:

 
SMART Technologies ULC
Attention: Legal Department
Suite 600, 214-11 Ave SW
Calgary, AB T2R 0K1
CANADA
+1.403.245.0333
Last Modified: March 17, 2025