Privacy Policy

Last Updated:  March 2021

I. Introduction

At the Mikva Challenge doing business as Mikva (hereinafter, “Mikva”, “us”, “we”, or “our”), we understand that privacy is important, and we are strongly committed to protecting the privacy of visitors to our websites located at: and/or (hereinafter collectively referred to in the singular as “the Site”).

The following information is designed to help you better understand what information we gather from the Site, information collected when you create an account on our online platform services, how we handle the information once we gather it, whether we disclose it to anyone, and the choices you have regarding our use of, and your ability to correct the information.

When you visit our Site or create an account to access Mikva you will have access to certain services, including, but not limited to curriculum, videos, templates, etc.  Please read this policy carefully. You agree to be bound by this Privacy Policy by opting in to join our mailing list, using this Site, or by creating an account through which we will provide Services.

This policy applies where Mikva is acting as a data controller with respect to the Personal Information (defined below) of visitors to our Site and users of our Services; in other words, where we determine the purposes and means of the processing of that Personal Information.

II. Changes and Updates to this Privacy Policy

We will make changes to this Privacy Policy from time to time. Any changes will take effect immediately for new users and upon the expiration of thirty days after notification for current users. Any use of the Site or Services after the 30-day notice period constitutes your acceptance of any changes.

In the event that we make changes to: (i) the types of information collected; (ii) how we use that information; or (iii) who your information is shared with, we will notify you with a notification banner and you will be given a chance to opt-out or request that we delete your information at that time.

III. Your User Account

In order for Mikva to fulfill its agreement to you when you access Mikva and utilize the Services, you will need to create an account, known as a “User Account.” For additional detail regarding your User Accounts, please see our Terms of Use.

Your school or district administrator MAY be provided access to all or some of your account information including, but not limited to, your name, email address, frequency of use, materials downloaded or accessed, and the like. 

IV. Types of Personal Data Collected

We collect different types of data (collectively, all types of data defined herein are referred to as “Personal Data”) and this Section sets forth: (a) the general categories of Personal Data that we may process; (b) in the case of Personal Data that we did not obtain directly from you, the source and specific categories of that data; (c) the purposes for which we may process Personal Data; and (d) the legal bases of the processing.

A. Personal Information

The first type of Personal Data that we may collect from you is called “Personal Information.” Personal Information allows us to directly identify you. When you create a User Account, place an order for products on our Site, correspond directly with us, and/or when you otherwise use the Services, we may store and process some of the below listed Personal Information, which we collect directly from you:

Types of Information Collected:

  • First Name
  • Last Name
  • Email Address
  • Organization/District/School Name
  • Organization/District/School State
  • Grades 
  • Subjects 

Mikva allows you to freely change, update or request that we delete your Personal Information. Please see Section X for more information.

We may process the above outlined Personal Information obtained directly from you or in some cases your employer (if your employer has purchased access to Mikva on your behalf) for the purposes of operating our Site and providing our Services. The legal basis for this processing is the performance of a contract between you and us and/or taking steps, at your request, to enter into such a contract or to service that contract.

B. Notification Data

The second type of Personal Data that we may collect from you is called “Notification Data.” When you subscribe to or “opt-in” to be added to our mailing lists, we may process certain information, including, your first and last name, and a working email address that you provide to us for the purpose of subscribing to our email notifications and/or newsletters called Notification Data. The Notification Data may be processed for the purposes of sending you the relevant notifications and/or newsletters. The legal basis for this processing is consent.

C. Usage Data

The third type of Personal Data that we may collect from you is called “Usage Data.” As is true of most websites, we may collect certain usage information called Usage Data and automatically store it. Some types of information that may be automatically stored are location information either provided by a computer or mobile device interacting with the Site or associated with your Internet Protocol (“IP”) address (or other related unique device identifier assigned to that device), your device’s browser, browser type, operating system, internet service provider (ISP), referring/exit pages, operating system, date/time stamp, and/or clickstream data, the amount of time spent on particular pages, geographic location and the date and time of activity on our Site, and other similar information. This information may be stored via the functionality of your computer, mobile phone or other device and, if so, Mikva may store and have access to such information. We do not link this automatically collected data to other information we collect about you and we do not engage in behavioral tracking.

We may receive reports based on the use of these technologies by these companies on an individual and aggregated basis. (or) The source of the Usage Data is our analytics tracking system. This Usage Data may be processed for the purposes of analyzing the use of the Site and our Services. The legal basis for this processing is our legitimate interests, namely, monitoring and improving our Site and Services. 

V. How Do We Use Your Personal Data

Mikva uses your Personal Data, Notification Data, and Usage Data that you supply directly to us as outlined above to provide you with the Services. We may use your Personal Data to:

  • (i) assign you an internal account number and create your account;
  • (ii) respond to technical support and customer service issues;
  • (iii) allow delivery and billing for our products and services, and to communicate with you concerning your account (including verifying authorization of credit card usage before any purchase of content or services);
  • (iv) improve our products and services by providing personalized content recommendations, language and location customization, and/or personalized help and instructions;
  • (v) ask you if you would like to participate in surveys about products, services, news and events;
  • (vi) provide you with news, free newsletters, updates, promotions, and special offers;
  • (vii) better understand how our Services are used, including Web traffic patterns and what types of content are most popular with users of our Services in order to improve existing services;
  • (viii) provide anonymous reporting for internal and external partners;
  • (ix) in connection with the creation of electronic or digital badges or credentials;
  • (x) help to manage improper behavior by individuals using the Site and to verify accounts and activity, to monitor suspicious or fraudulent activity.

VI. Sharing Your Personal Data with Other Companies

Mikva will not sell or share your Personal Data to third parties unless it is required to comport with the functionality of the Site or the Services, except in limited circumstances including:

  • (i) When you elect to share your Personal Data with another company or organization, including your employer.
  • (ii) When you direct us to share your Personal Data with third-party websites or platforms.
  • (iii) Mikva may share your Personal Data with its trusted service providers who work with Mikva. Our trusted service providers are contractually required to keep this personal information secure and to only use it for the purposes for which it is provided. For example, financial transactions relating to the Site and our Services are handled by our payment services providers, Amazon Web Services, Nexternal, Badgr, FormAssembly, Salesforce, CVENT, and Constant Contact. We will share transaction data with our payment services providers only to the extent necessary for the purposes of processing your payments, refunding such payments and dealing with complaints and queries relating to such payments and refunds.
  • (iv) We may disclose any Personal Data that we collect to our insurers and/or professional advisers insofar as reasonably necessary for the purposes of obtaining or maintaining insurance coverage, managing risks, and/or obtaining professional advice.
  • (v) In addition, as our business changes, we may buy or sell various assets. In the event all or a portion of the assets owned or controlled by Mikva or any subsidiary or affiliated entities are sold, assigned, transferred or acquired by another company, Personal Data from and/or about the users our Site and Services may be among the transferred assets, but in that event the acquiring entity shall be contractually required to keep this personal information secure and to only use it for the purposes for which it is provided.

Mikva does not share user or consumer information with third parties for marketing purposes.

VII. Other Uses of Information Collected

We may also provide access to any Personal Data in our possession in order to cooperate with official investigations or legal proceedings, including, for example, in response to subpoenas, search warrants, court orders, or other legal process. Mikva may also disclose your Personal Data if required to do so by law or in the good faith belief that such action is necessary to protect and defend the rights or property of Mikva, or our affiliated companies, their employees and agents; enforce our Terms of Use; protect against fraud or other illegal activity or for risk management purposes; permit us to pursue available remedies or limit the damages that we may sustain; or act in urgent circumstances to protect the personal safety of users of Mikva Services or the public at large.

VIII. Third Party Web Sites and Share Functionality

The Site may contain links to third party websites that are not owned or controlled by Mikva. Mikva has no control over and assumes no responsibility for any share functionality or the content, privacy policies, or practices of any third party website or application, unless specifically outlined in this Privacy Policy. By using this Site and/or its Services, you expressly relieve Mikva from any and all liability arising from your use of any share functionality or third party Site accessed from the Site or your sharing of any of your Personal Information.

IX. Data Security

Mikva safeguards the security of the data you send us with commercially reasonable physical, electronic, and managerial security measures. All information you provide to us is stored on our secure servers behind firewalls.

We urge you to take every precaution to protect your Personal Information when you are on the Internet. For example, to make purchases from the Site you must use an SSL-enabled browser. Mikva uses industry-standard Secure Sockets Layer (SSL) encryption on web pages used to complete a purchase. This protects the confidentiality of your personal and credit card information while it is transmitted over the Internet.

The information the Site collects may be stored locally on your device and may, subject to applicable law, be transmitted to our servers, which may be outside the country where you are located. We may use third-party products and services to secure or store your information.

If any of your Personal Information or account information changes or if you have reason to believe that your User Account is no longer secure, you must update it by using the appropriate update mechanism on the Site, if available. Otherwise, contact Mikva using the contact information in Section XV below.

X. Exercise Your Rights

Your principal rights under data protection law are:

  • (i) the right to access—you have the right to request information on Personal Data or Personal Information collected, used, disclosed or processed by Mikva.
  • (ii) the right to request rectification—you have the right to have any inaccurate Personal Information about you rectified and, taking into account the purposes of the processing, and to have any incomplete Personal Information about you completed.
  • (iii) the right to request erasure—in some circumstances you have the right to the erasure of your Personal Information without undue delay.
    • If you want us to erase your personal information, please contact us at and we will readily fulfill your request.  Please be aware that in deleting your personal information, we may need to delete your User Account. We may contest your request to change information if we believe the change would violate any law or legal requirement or cause the information to be incorrect.
  • (iv) the right to restrict processing or object to our processing of your data or Personal Information.
  • (v) the right to data portability.
  • (vi) the right to complain to a supervisory authority—see Section XV regarding information about how to contact Mikva.
  • (vii) the right to withdraw consent in whole or in part, to the collection, use, disclosure or processing of your Personal Data for purposes of dispatch of advertising material, direct selling or for the fulfillment of marketing surveys or commercial communication (e-mail).

Please be aware that if you do not allow us to collect Personal Data from you, we may not be able to deliver the Services to you, and some of the Services may not be able to take into account your preferences required to utilize the Services.

XI. Use by Minors and Children Under 13 Prohibited

The Site and the Services are directed to adults. They are not directed to minors or children under the age of 13. We ask that children under the age of 13 do not use our products and services or visit our website.  We comply with the Children's Online Privacy Protection Act and do not permit registration by and will not knowingly collect personally identifiable information from anyone under 13. If we learn we have collected or received personal information from a child under 13 without verification of parental consent, we will delete that information, or upon request, we will provide it to parents or guardians upon verifying their identity and relationship to the child. If you believe we might have any information from or about a child under 13, please contact Mikva’s Privacy Director.  It is our policy to comply with applicable laws protecting the safety of children in the use of electronic devices. This requirement will be posted wherever we collect data within the Site, such as during the registration process.

XII. Compliance with FERPA

Mikva complies with the Family Educational Rights and Privacy Act of 1974 (FERPA), which is a federal law that protects the privacy of student education records. We do not knowingly collect, process, or store any personally identifiable information about any student under the age of 18. In the event that any personally identifiable information about any student is uploaded or input into the site or is used in connection with the Services, we will immediately remove any such information and to the extent possible, delete it from our servers. We reserve the right to create a hard copy of any such information, as may be necessary.

XIII. Retaining and Deleting Personal Data

We retain your Personal Information, Usage Data, or Notification Data for as long as your account is active and a reasonable period thereafter in case you decide to re-activate the Services. We may retain your Personal Data where such retention is necessary for compliance with a legal obligation to which we are subject, or in order to protect your vital interests or the vital interests of another natural person.

In most cases, we will retain your account information and Personal Information for a period of three years of non-activity. After such time, we will either delete your information or, if this is not possible (for example, because the information has been stored in backup archives), then we will securely store your information and isolate it from any further use until deletion is possible.

If the Services are made available to you through your employer or school, or school district, we retain your information as long as required by the administrator of your account.

If you have elected to receive marketing emails from us, we retain your Notification Data about your marketing preferences for a reasonable period of time from the date you last expressed interest in our Services, such as when you last opened an email from us or ceased using your account. We retain Usage Data for a reasonable period of time from the date such information was created.

XIV. Notice of Compliance to California Residents

California law requires that we provide you with a summary of your privacy rights under the California Civil Code and the California Business and Professional Code, including the California Consumer Protection Action of 2018 (CCPA) and the California Online Privacy Protection Act (CalOPPA). As required by the California Act, this Privacy Policy identifies the categories of personally identifiable information that we collect through our website about individual consumers who use or visit our website and the categories of third-party persons or entities with whom such personally identifiable information may be shared.

Depending on the visitor’s activity at our website, certain “personally identifiable information” (as that term is defined in the California Act) may be collected, in addition to information set forth in other sections of this document. For purposes of the California Act, the term “personally identifiable information” means individually identifiable information about an individual consumer collected online by us from an individual and maintained by us in an accessible form, and may include any of the following:

(1) A first and last name;

(2) A home or other physical address, including street name and name of a city or town;

(3) An email address;

(4) A telephone number;

(5) Any other identifier that permits the physical or online contacting of a specific individual;

(6) Information concerning a user that the website collects online from the user, and maintains in personally identifiable form, in combination with an identifier described within this privacy policy.

See Section X, above, for a description of the process maintained by the Company for an individual consumer who uses or visits our website to review and request changes to any of his or her personally identifiable information that is collected through our website. 

See Section II, above, for a description of the process by which the Company notifies consumers who use or visit our website of material changes to the Company’s Privacy Policy.  The effective date of this Privacy Policy is set forth at the beginning of this Section.

Note that Mikva will also honor the rights set forth herein for non-California residents.

XV. Contact Us

Please direct any inquiries or complaints as outlined in this Privacy Policy to our Privacy Director using the below information.

Mikva Challenge

Attn: Privacy Policy

200 S Michigan

Suite 1000

Chicago, IL 60604