
Privacy Policy
Effective Date: March 25, 2025
Introduction
Boxlight, Inc. is committed to protecting your privacy and personal data. This Privacy Policy outlines how we collect, use, share, and safeguard personal data collected through your use of our websites, software, cloud platforms, and other online services (collectively, the "Products").
All references to “Boxlight”, “the Company”, “we”, and “our” include Boxlight, Inc., located at 2750 Premiere Parkway, Suite 900, Duluth, GA 30097, and its wholly owned subsidiaries, unless expressly stated otherwise. This Privacy Policy is incorporated into and governed by the Boxlight Terms of Use.
Click here to manage your Cookie consent for this website.
Scope and Applicability
This Privacy Policy applies to all websites, software, cloud services, and hardware solutions offered by Boxlight, Inc. and its wholly owned subsidiaries. This includes any personal data collected during marketing, sales, technical support, or customer account management interactions.
Data Collection
We collect personal data directly from you, automatically from your devices, and from third-party sources. Data types include contact information, login credentials, payment information, device identifiers, web activity, geolocation, and communications metadata. We may also use third-party services for demographic enrichment and analytics.
Legal Basis for Processing
We process personal data based on (1) contractual necessity, (2) legitimate business interest, (3) compliance with legal obligations, and (4) where applicable, consent. Each processing activity is reviewed for purpose limitation and data minimization.
Use of Personal Data
We use personal data for account setup and management, service delivery, product functionality, diagnostics, security monitoring, product improvement, regulatory compliance, and promotional communications (with opt-out options).
Data Sharing and Disclosure
We disclose data to (a) service providers under written data protection agreements, (b) affiliates under common corporate control, (c) authorized resellers and representatives, (d) regulators and law enforcement upon valid request, and (e) others when legally required or with user consent. We do not sell personal information.
Cookies and Similar Technologies
Our Sites use cookies, beacons, tags, and scripts for security, analytics, personalization, and marketing. Users may manage cookie preferences through browser settings or our cookie management tool. For a full list of cookies and their purposes, see our Cookies Policy.
Children’s and Student Data
In compliance with the Children’s Online Privacy Protection Act (COPPA) and the Family Educational Rights and Privacy Act (FERPA), Boxlight limits the collection of student data to what is necessary for the provision of educational Products and Services.
Our Products are not intended for use by individuals under the age of 13 unless such access is authorized and facilitated by a school, district, or educator acting in compliance with applicable law. By facilitating student access, educators confirm they have obtained required parental or guardian consent.
We do not knowingly collect personal data from children under 13 without proper educational authorization. Student data is processed solely for authorized educational purposes, and access is limited in accordance with our security practices. Educators may access, update, or delete student data via administrative settings or by contacting [email protected].
Data Security
We implement administrative, technical, and physical safeguards aligned with industry best practices. This includes access controls, encryption in transit and at rest, network segmentation, logging, monitoring, and breach detection. Staff undergo regular data privacy training. Any data breach will be disclosed in accordance with applicable law.
International Data Transfers
Boxlight complies with the EU-U.S. Data Privacy Framework, UK Extension, and Swiss-U.S. DPF. We also utilize Standard Contractual Clauses (SCCs) for other transfers, as needed. Personal data may be stored and processed in the United States or other jurisdictions with appropriate safeguards.
Data Retention
We retain data in accordance with our corporate retention schedule, which reflects contractual requirements, regulatory mandates, and internal risk assessments. Data is securely deleted or anonymized when no longer needed. Retention periods vary by data type and use case.
Your Rights
Depending on your jurisdiction, you may have the right to access, correct, delete, restrict, or object to the processing of your personal data. You may also have the right to withdraw consent or opt out of marketing. Requests can be submitted via [email protected] and are subject to verification procedures.
Do Not Track
Boxlight does not respond to browser 'Do Not Track' signals, as there is no universally accepted standard for compliance at this time.
Changes to This Policy
We may revise this Privacy Policy from time to time. If material changes are made, we will notify users via email or our websites. The effective date will always be noted at the top of the policy.
Contact Information:
Boxlight, Inc.
Attn: Data Protection Lead
2750 Premier Parkway, Suite 900
Duluth, GA 30097
Email: [email protected]
Phone: (360) 464-2119
Cookies and Similar Technologies
Our Sites use cookies and similar tracking technologies to collect and use data as described below. We categorize cookies as follows:
- Strictly Necessary Cookies: Essential for site functionality.
- Functional Cookies: Remember user preferences and login sessions.
- Performance/Analytical Cookies: Measure traffic and usage patterns.
- Targeting Cookies: Deliver advertising relevant to your interests.
Below is a representative list of cookies we use:
Provider | Cookie Name | Purpose | Duration
Google Analytics | _ga | Used to distinguish users | 2 years
Google Analytics | _gid | Used to distinguish users | 24 hours
HubSpot | hubspotutk | Visitor tracking | 13 months
WordPress | PHPSESSID | Session ID | Session
GDPR Plugin | moove_gdpr_popup | Cookie consent storage | 2 years
You can manage cookies through your browser settings or by using our cookie consent tool. Blocking cookies may affect certain functionality on our Sites. For full details, please visit our Cookies Policy.
Google Integrations in MyClass (MimioConnect)
MyClass integrates with Google Classroom SSO to allow roster synchronization, assignment sharing, and grade passback. Upon initial login with a teacher account, MyClass requests permission to access class roster data. Student email addresses are used for login validation and retained only while actively linked to an account or class.
MyClass also integrates with Google Drive APIs to allow file upload and sharing within lessons. Copies of uploaded content remain within MyClass until deleted or the associated lesson is removed.
Google API Scopes Used:
- drive.readonly: Access read-only file metadata and content
- classroom.profile.emails: View class member email addresses
Use of data received from Google APIs complies with the Google API Services User Data Policy, including the Limited Use requirements. We do not use or transfer Google data for advertising or unrelated purposes.
Human access to such data occurs only with user consent, for security or compliance, or under internal anonymized analytics. For full details, refer to our Google Integration Addendum.