Help Center
English (US) Deutsch Español Français Italiano 日本語 简体中文

Articles in this section

Visible Body Privacy Notice

Visible Body cares deeply about privacy and transparency. This policy explains our privacy practices as they apply to individuals and educational institutions in- and outside of the United States of America. 

Visible Body Privacy Policy

Effective Date: April 2, 2024
Last updated: May 7, 2025

Visible Body Apps, LLC and its affiliates, including Cengage Learning, Inc. (collectively, “Company” or “we” or us”) operates services, including websites, software, technologies, services, support services, applications including Visible Body mobile apps, Visible Body desktop apps, and Visible Body accounts. Company is committed to respecting the privacy of information and data of the users of our applications and other individuals ("you"). This Privacy Notice describes our policies and practices with respect to the collection and use of information that’s about you (your “Personal Information”). This information can be your name, email address, your contact information, and anything else that tells someone something about you. If you do not agree to the terms set forth herein, please do not use our services. We reserve the right to update this Privacy Notice at any time, and the revision date above provides you with notice that the Privacy Notice has been updated.

For greater detail on additional rights which may apply to you and are not otherwise detailed in this Privacy Notice, please visit our:

Personal Information We Collect

We collect different kinds of Personal Information through our interactions.

Information You Provide Us Directly: You may give us information about you by interacting with our website, by communicating with us via email or contact us page, or by interacting with us over social media on our company pages.

  • Personal Identification Data includes your first name and last name, email address, and Internet Protocol (IP) address.
  • Employment Related Data includes information prior employee information, proof of identification such as drivers license, passport, state identification card, and benefits information.
  • Communication Data includes your discussion with our customer support, other communications you send us, and your feedback that you communicate to us via email or social media.
  • Marketing Data includes information such as names, mailing addresses, and email addresses.

Third Party or Publicly Available Sources: We may receive information about you from third parties. The information we receive includes analytics information for improvement of our website and services.

  • Public information regarding contact details, institutional affiliation and position, from third party companies, such as social networking sites and school websites.
  • Purchase information through product purchases on Fastspring includes your payment and transaction information such as your credit/debit card number, your first and last name, and billing address.
  • Purchase information through product purchases on Apple’s App Store and Google Play includes your user ID.
  • Email tracking information (such as whether you opened an email from us).
  • Third-party authentication service information, such as when you log in with Google, which may connect and share additional information with us.

Technical and Communication Data: When you visit our Company’s website and when we send you marketing emails, we collect certain information automatically using cookies and other technologies, such as web beacons. The cookies may be third party provider cookies provided by Google Analytics and HubSpot.

  • Device Data which includes the device’s hardware information, operating system, platform information, browser type, language preference information, IP address, source of your visit (e.g., how you found our website), and browser plugin types.
  • Website Usage Data which includes information about how you use our products and our services.
  • App information and settings which includes product name, product version, device OS, app language preference, and in-app purchases.

Information from your Visible Body Accounts:

If you use Visible Body Courseware or, in most cases, Visible Body Suite, you will be required to create a Visible Body account. In addition, the Human Anatomy Atlas and Biology apps require you to create a Visible Body account in order to share content and access your User-Created Content across devices. When you create a Visible Body account, we collect the following personal information:

  • Contact information, including your name, email address and your role (e.g., student or instructor);
  • Account creation information including login information, encrypted password, activation and usage information, user-created content (e.g., quizzes, due dates, assignments, saved views, notecards), Google account name if accessed through Google Oauth, and, if accessed through an LMS, LMS user ID.
  • Usage information, including, date and time of activation, date and time of last login, IP address;
  • User-created content, including user created questions, quizzes, due dates, assignments, saved views, notecards;
  • For Visible Body Courseware users, Institutional affiliation, LMS user ID (if available), Assignment usage and progress such as the start time, end time, submission time, and furthest progress.
  • For Human Anatomy Atlas and Biology users, App information and settings, including, product name, product version, device OS, app language preference, in-app purchases.

We may also collect, use and share aggregated data such as statistical or demographic data for any purpose (“Aggregated Data”). Aggregated Data could be derived from your Personal Information, but it is not considered Personal Information because it does not and will not directly or indirectly reveal your identity. For example, we may aggregate your usage data to calculate the percentage of users accessing our products and services. However, if we combine or connect Aggregated Data with your Personal Information so that it can directly or indirectly identify you, we treat the combined data as Personal Information which will be used in accordance with this Privacy Policy.

We do not collect any special categories of sensitive Personal Information about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health, genetic and biometric data, and precise geolocation data).


Why We Use Your Personal Information

Your Personal Information is used for the purpose it was collected, such as responding to your inquiry or completing your transaction for our Service. In some cases, Personal Information is required to perform certain functions. You voluntarily decide if you want to provide us with your information. You may be asked to provide your Personal Information to:

  • Create, register, and maintain your Visible Body account;
  • Deliver services, products, and information as requested;
  • Subscribe you to our services;
  • To send you promotional materials or inform you of new features, functionality, services, products, events, and other updates that may be of interest to you;
  • Respond to questions or comments from you;
  • Provide customer service and technical support;
  • Detect, prevent, and address technical issues;
  • To review your application for a job post;
  • Post your testimonials on our website;
  • Address legal issues, including (i) complying with our obligations to retain certain business records; (ii) establishing, exercising, or defending legal claims; (iii) complying with laws, regulations, court orders, or other legal processes; (iv) detecting and preventing fraud or intellectual property infringement claims, violations of our contracts or agreements (including user agreements or agreements with third parties), violations of law, or other misuses of our products or services; and (v) protecting our rights or property, or yours or others’ health, safety, welfare, rights, or property; and
  • Allow you to exercise your consumer access rights.
  • To carry out our obligations and enforce our rights.
  • In any other way we may describe when you provide the information.
  • For any other purpose with your express consent.

In addition, we may process your personal data for the following reasons:

  • To carry out our obligations and enforce our rights.
  • In any other way we may describe when you provide the information.
  • For any other purpose with your express consent.

We may use information that is not Personal Information for any purpose. For example, we may aggregate usage data from many people in a way that does not identify any individuals to calculate the percentage of users accessing a feature on our website. Such aggregated or anonymized data will not identify you or be traced back to your Personal Information.

How We Share Your Personal Information

We will not sell, share, rent or disclose to third parties any Personal Information, such as names, mailing address, email addresses, telephone numbers, and other Personal Information that you provide to us, unless we secure your permission to do so, except that we may disclose your Personal Information for the purposes described above to the following third parties:

  • Our vendors and service providers, such as those that assist with the provision of services, marketing, analytics, data storage, or content management, or that provide consulting or professional services to Company.
  • Law enforcement, government agencies, or other authorities in order to comply with laws, regulations, court order or other legal obligations, or to protect and defend our legal interests.
  • The institution you are affiliated with, if you use our products through your affiliation with an institution, such as a college or university, in order to track activation of applications and to provide learning management services, such as Visible Body Courseware (for example, your name, your email address, and your quiz scores will be provided to your instructor).
  • Our authorized resellers and distributors, if you have requested information on a Visible Body product sold by one of our resellers or distributors.
  • We may share your data with your consent or at your express request.

Cookies and Automatic Data Collection Technologies

Our website may use automatic data collection technologies to distinguish you from other website users. This helps us deliver a better and more personalized experience when you browse our website. It also allows us to improve our website by enabling us to:

  • Estimate our audience size and usage patterns.
  • Store your preferences, so we may customize our website according to your individual interests.
  • Recognize you when you return to our website.

The technologies we use for this automatic data collection may include:

  • Cookies (or browser cookies). A cookie is a small file placed on the hard drive of your computer.
  • Web Beacons, Pixel Tags, Clear Gifs. Our website pages and emails may contain small transparent embedded images or objects known as web beacons (also referred to as clear gifs, pixel tags, and single-pixel gifs) that permit us, for example, to count website page visitors or email readers, or to compile other similar statistics such as recording website content popularity or verifying system and server integrity.

You can set your browser to refuse all or some browser cookies, or to alert you when websites set or access cookies. However, if you disable or refuse cookies, please note that some parts of these websites may become inaccessible or not function properly.


De-identified Information

You agree that we may collect and use technical data and related information, including but not limited to technical information about your device, system and application software, and peripherals, that is gathered periodically. We may use this information, as long as it is in a form that does not personally identify you, to improve our products or to provide services or technologies to you.


Generated Content

Some of our online activities enable users to submit their own content. Please remember that any Personal Data you submit or post as user-generated content in these circumstances could in some cases be seen by others or become public. You should exercise caution when deciding to disclose your personal, financial or other information in such submissions or posts. We cannot prevent others from using that information in a manner that may violate this Privacy Notice, the law or your personal privacy and safety. We are not responsible for the results of such postings.


Transfer of Information to the United States

Company is headquartered in the United States. Personal Information processed by our Products, including Visible Body Courseware and Visible Body Suite, will be processed in the United States. Personal Information that you provide or we collect in order to deliver requested information may be processed in the United States or in other countries, such as Canada and Ireland. Although the United States has received an "adequacy" determination for the EU-US Data Privacy Framework (“DPF”) from the European Union, the DPF does not apply to the Company. With respect to transfer from the European Union, Company relies on derogations for specific situations. In particular, Company transfers Personal Information to the United States only with your consent, to perform on a contract with you (or in your interest), or to fulfill compelling legitimate interests of Company in a manner that does not outweigh your rights and freedoms. Company endeavors to apply suitable safeguards to protect the privacy and security of your Personal Information and to use it in a manner that is consistent with this Privacy Notice. Company does not collect sensitive data (known as special categories of data in the European Union).


Data Retention

Unless otherwise noted in this Privacy Notice or in the Education Privacy Notice, Company retains Personal Information as reasonably necessary to provide services to you, and thereafter for as long as necessary to comply with our legal or contractual obligations. We periodically delete information regarding prospective customers if we determine the information is no longer needed for that purpose. Personal information will be removed from live databases upon written request or after an established period following termination of an agreement. Information stored in backups is not actively purged but instead naturally ages itself. Visible Body does not retain backups of Personal Information for more than one year.


Collection of Personal Information from Children

Our Website is not intended for children under 13 years of age. We do not knowingly collect Personal Information from children under 13. If you are under 13, do not use or provide any information on this Website or on or through any of its features, including your name, address, telephone number, or email address. If we learn we have collected or received Personal Information from a child under 13 without verification of parental consent, we will delete that information. If you believe we might have any information from or about a child under 13, please contact us immediately.


Third-Party Links

This website contains links to other sites. We are not responsible for the privacy practices of such other sites. We encourage visitors to be aware when they leave our site, and to read the privacy policies of each and every website that collects Personal Information. Except as otherwise provided herein, this privacy statement applies solely to information collected by this website.


Security

While we have instituted security measures to protect the information and systems that we maintain, we cannot guarantee that all transmissions to and from our websites are secure. We also require our service providers and business partners to whom we disclose the information to do the same. We will continue to improve our physical, electronic, and administrative safeguards. However, the Internet environment is not 100% secure, and we cannot guarantee that information we collect will never be accessed in an unauthorized way. If your communication includes Personal Information that you do not wish to provide electronically, please contact us by postal mail or telephone. Once we have received your information, we will employ reasonable procedures and security features to guard against unauthorized access.


Your Rights

Opt Out/Deletion of Personal Information

You may opt out of having your Personal Information collected by not completing online forms, signing up for services, or creating an account. To opt out after submitting Personal Information, you must contact us at support@visiblebody.com. To request that we delete Personal Information that you have previously provided to us, please fill out this form, and we will endeavor promptly to delete such information at your request. Notwithstanding the foregoing, we cannot delete Student Data, as defined in the Education Privacy Notice, without permission from the applicable school.

If you want to stop using your account, you may request that we delete it by filling out this form. When you delete an account, you will not be able to use our services and your information will not be capable of being viewed through our site. When we delete an account, we remove from our database any personally identifiable information you had previously provided. However, even after you submit a request to delete your information, copies of your information including but not limited to name and email address may be retained by us as backup copies for legal and compliance reasons.

Opt out of Promotional or Marketing Communications

If you do not want to receive promotional or marketing communications from Company, you may opt-out of receiving those communications at any time by clicking the "unsubscribe" link at the end of our emails. If you choose to unsubscribe, we will retain your contact information to ensure that we do not contact you again.

European Economic Area and United Kingdom Privacy Rights

If you are located in the European Union, Iceland, Liechtenstein or Norway (the “European Economic Area” or “EEA”) or in the United Kingdom (“UK”), you are entitled to additional rights regarding our use of your Personal Information. To learn more, see the EU-UK Privacy Rights Notice.

California Privacy Rights

If you are a California resident, California law may provide you with additional rights regarding our use of your Personal Information. To learn more about your California privacy rights, see California Privacy Rights Notice.


Reporting of Data Breaches

We make reasonable efforts to monitor and detect any data breach affecting Personal Information. In the unlikely event that a data breach results in the disclosure of your Personal Information to third parties, we will make all reasonable efforts to inform you, in compliance with applicable law.


Changes to Privacy Notice

Company reserves the right to change this policy at any time, without notice, by posting the new or revised privacy policy and the new revision date at this location: https://www.visiblebody.com/privacy.


Contact Information

If you have questions about how we handle your personal data, please contact us by email at support@visiblebody.com or by mail at:

Cengage Learning, Inc.
3 Center Plz, #700
Boston, MA 02108
Attn: Visible Body Information

For Personal Information subject to European data protection laws, Cengage Learning, Inc. is the controller of the Personal Information.

 

Education Privacy Notice (FERPA)

Effective Date: April 2, 2024
Last Updated: May 7, 2025

Visible Body Apps, LLC and its affiliates, including Cengage Learning, Inc. (collectively, “Company” or “we” or us”) operates services, including websites, software, technologies, services, support services, applications including Visible Body mobile apps, Visible Body desktop apps, and Visible Body accounts. Company is committed to respecting the privacy of information and data of the users of our applications and other individuals ("you"). This Education Privacy Notice describes our policies and practices with respect to the collection and use of information that falls within the definition of “education records” under the Family Educational Rights and Privacy Act (“FERPA”) that are collected in connection with or through use of our products or services, including any Personal Information contained therein (“Student Data”). For definitions of certain capitalized terms, please refer to the Privacy Notice.

Information We Collect

Through our interactions, we may collect different kinds of Student Data about you which we have grouped together as follows:

Information Collected from Educators and Educational Institutions:

  • Educator data including IP address, full name, course name, assignment name, email address, school name, user role, and Visible Body Account Login information (username and password).
  • Content submitted by educators, such as questions, quizzes, flashcards, and notes.

Information Collected from Students

  • Student data including full name of the student, email address, school name, instructor name, course name, user role, Visible Body Account Login information (username and password).
  • Student in-app performance
  • Student work, including responses to quiz questions
  • Content submitted by students, such as flashcards and notes.

Information Automatically Collected by Technology

  • Device Data which includes the device’s IP address, hardware information, operating system, platform information, browser type, language information, and browser plugin types.
  • Usage Data which includes information about how students and faculty use our products.

Usage Data collected automatically may be linked to Educators’ and Students’ Visible Body Accounts. Automatic collection technologies, such as cookies described in our Privacy Notice, may be used.


Reason for Using Your Student Data

Student Data is collected through the products and services primarily to allow students and educators to access, use, and support the products and services. Specifically, we use your Student Data:

  • To deliver and support Visible Body Courseware;
  • To register and authenticate student Visible Body Accounts; and
  • To communicate with students.

We do not use or disclose Student Data or Personal Information for research, analysis, or product or services development.


Disclosure of Your Student Data

We will provide any Student Data to the educational institution at such institution’s request as it relates to students or their use of our products and services. We do not disclose your Student Data to any third party, except:

  • As directed by the applicable educational institution or personnel;
  • To our third party service providers so they can provide our service offerings;
  • To comply with legal processes or respond to governmental requests;

FERPA and COPPA

Company is a vendor to educational agencies and institutions, and Company is subject to FERPA and regulations under 34 C.F.R. §99.33(a) related to the use and redisclosure of personally identifiable information. Company will not disclose a student’s personally identifiable information without consent of the parent or guardian or a student who is 18 years or older, unless FERPA or applicable laws permit the disclosure of such information.

Company designs its products and services to comply with all applicable laws, including FERPA and the Children’s Online Privacy Protection Act (“COPPA”). As between Company and the applicable educational institution, all Student Data subject to FERPA and COPPA is the property of such educational institution. Company relies on the educational institutions to obtain any parent, guardian or other consents required under applicable law or district policy for us to collect, process or maintain Personal Information or Student Data.

For more information about FERPA, COPPA, and further federal student and child data rights, please visit:

New York Parents’ Bill of Rights

Company is committed to complying with the New York State Parents’ Bill of Rights for Data Privacy and Security to the extent it applies to education technology contractors, and to supporting affiliated educational institutions in meeting their obligations thereunder.

For more information about New York State Education Law §2-d and the New York State Parents’ Bill of Rights, please visit:

User Access and Consumer Rights

Eligible students or their parents or guardians may have the legal right (including under FERPA, COPPA and the U.S. State Privacy Laws (e.g., California Consumer Privacy Act (CCPA))) to access, correct, export or delete certain of their own information or content, or to make certain choices. To make a request, please contact your school or school district. We will help them provide the requested access or make appropriate corrections. If we receive such requests directly, we will refer those inquiries to the applicable educational institution to the extent required or permitted by applicable law or contract.


Third Party Links

Our websites include links to other websites whose privacy policies may differ from this Education Privacy Notice. If you submit Student Data to any of those sites, such information is subject to third party privacy statements. We strongly encourage you to carefully read the privacy statement of any website you visit.


Retention

Subject to applicable privacy and data protection laws including the Family Educational Rights Act, we retain Personal Information as reasonably necessary to provide services to you, and thereafter for as long as necessary to comply with our legal or contractual obligations. We periodically delete information regarding prospective customers if we determine the information is no longer needed for that purpose. Personal information will be removed from live databases upon written request or after an established period following termination of an agreement. Information stored in backups is not actively purged but instead naturally ages itself. Visible Body does not retain backups of Personal Information for more than one year.


Children

Our products and services are not intended for children under 13 years of age. We will not knowingly solicit or collect Student Data or Personal Information from children under 13, or the relevant minimum age under applicable local legal requirements, except as permitted under applicable law. If we learn that we have received information directly from a child under 13 without his or her parent’s or legal guardian’s consent, we will make commercially reasonable efforts to delete such information.

Your Rights and Choices

Your rights may vary depending on where you are located. Please refer to our Privacy Notice for more details.


Data Security

While we have instituted security measures to protect the information and systems that we maintain, we cannot guarantee that all transmissions to and from our websites are secure. We also require our service providers and business partners to whom we disclose the information to do the same. We will continue to improve our physical, electronic, and administrative safeguards. However, the Internet environment is not 100% secure, and we cannot guarantee that information we collect will never be accessed in an unauthorized way. If your communication includes Personal Information that you do not wish to provide electronically, please contact us by postal mail or telephone. Once we have received your information, we will employ reasonable procedures and security features to guard against unauthorized access.


Changes To This Education Privacy Notice

Changes to this Education Privacy Notice will be posted on this site, along with information on any material changes. Company reserves the right to update or modify this Education Privacy Notice at any time and without prior notice.


Contact Us

If you have any questions about this Education Privacy Notice or our use of your Personal Information, please contact us:

By mail:

Cengage Learning, Inc.
3 Center Plz, #700
Boston, MA 02108
Attn: Visible Body Student Privacy

By email:

support@visiblebody.com


California Privacy Rights Notice (CCPA)

Effective Date: April 2, 2024
Last Updated: May 7, 2025


Visible Body Apps, LLC and its affiliates, including Cengage Learning, Inc. (collectively, “Company” or “we” or us”) operates services, including websites, software, technologies, services, support services, applications including Visible Body mobile apps, Visible Body desktop apps, and Visible Body accounts. Company is committed to respecting the privacy of information and data of the users of our applications and other individuals ("you"). This California Privacy Rights Notice applies solely to visitors, users, and others who reside in the State of California (“consumers” or “you”). We adopt this notice to comply with the California Consumer Privacy Act of 2018 (“CCPA”) and other California privacy laws. Any terms defined in the CCPA have the same meaning when used in this notice.

If you have any questions regarding our accessibility options, please read our article on Accessibility and Preferences Options. If this CCPA Notice is provided offline, please request an accessible version of our CCPA Notice.


Information We Collect

We collect information that identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or device (“personal information”). In particular, we have collected the following categories of personal information from consumers within the last twelve (12) months:

 

Category Examples Collected
A. Identifiers. A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, Social Security number, driver’s license number, passport number, or other similar identifiers. YES
B. Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)). A name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information. Some personal information included in this category may overlap with other categories. YES
C. Protected classification characteristics under California or federal law. Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information). NO
D. Commercial information. Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies. YES
E. Biometric information. Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as, fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data. NO
F. Internet or other similar network activity. Browsing history, search history, information on a consumer’s interaction with a website, application, or advertisement. YES
G. Geolocation data. Physical location or movements. NO
H. Sensory data. Audio, electronic, visual, thermal, olfactory, or similar information. NO
I. Professional or employment-related information. Current or past job history or performance evaluations. YES
J. Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)). Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records. NO
K. Inferences drawn from other personal information. Profile reflecting a person’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes. NO
L. Sensitive Personal Information Social security numbers, driver’s license, state identification card, passport number, financial account login in combination with security or access code, password or credentials, or precise geolocation. NO

Personal Information does not include:

  • Publicly available information from government records.
  • De-identified or aggregated consumer information.
  • Information excluded from the CCPA’s scope, such as:
    • health or medical information covered by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the California Confidentiality of Medical Information Act (CMIA) or clinical trial data;
    • personal information covered by certain sector-specific privacy laws, including the Fair Credit Reporting Act (FRCA), the Gramm-Leach-Bliley Act (GLBA) or California Financial Information Privacy Act (FIPA), and the Driver’s Privacy Protection Act of 1994.


How We Collect Personal Information

We use different methods and sources to collect information from and about you, including through:

  • Direct interactions. You may give us information about you by interacting with our website, communicating with us via email or contact us page, or by interacting with us over social media.
  • Third party or publicly available sources. We may receive information about you from third parties, including educational institutions. For more detail, please refer to our Privacy Notice or Education Privacy Notice.
  • Technical and Communication Data. When you visit our website and when we send you marketing emails, we collect certain information automatically using cookies and other technologies, such as web beacons. The cookies and web beacons may be third party provider cookies provided by Google Analytics and Hubspot.

Use of Personal Information

We may use or disclose the personal information we collect for one or more of the following business purposes:

  • Create, register, and maintain your Visible Body account;
  • Deliver services, products, and information as requested;
  • Subscribe you to our services;
  • To send you promotional materials or inform you of new features, functionality, services, products, events, and other updates that may be of interest to you;
  • Respond to questions or comments from you;
  • Provide customer service and technical support;
  • Detect, prevent, and address technical issues;
  • To review your application for a job post;
  • Post your testimonials on our website;
  • Address legal issues, including (i) complying with our obligations to retain certain business records; (ii) establishing, exercising, or defending legal claims; (iii) complying with laws, regulations, court orders, or other legal processes; (iv) detecting and preventing fraud or intellectual property infringement claims, violations of our contracts or agreements (including user agreements or agreements with third parties), violations of law, or other misuses of our products or services; and (v) protecting our rights or property, or yours or others’ health, safety, welfare, rights, or property; and
  • Allow you to exercise your consumer access rights.
  • To carry out our obligations and enforce our rights.
  • In any other way we may describe when you provide the information.
  • For any other purpose with your express consent.

We will not collect additional categories of personal information or use the personal information we collect for materially different, unrelated, or incompatible purposes without providing you notice.

In the preceding twelve (12) months, we have used your personal information from the following categories for business purposes:

  • Category A: Identifiers
  • Category B: Personal Information categories listed in the California Customer Records statute
  • Category C: Commercial information
  • Category F: Internet or other similar network activity
  • Category I: Professional or employment-related information

Sharing Personal Information

We may disclose your personal information to a third party for a business purpose. When we disclose personal information for a business purpose, we enter into a contract that describes the purpose and requires the recipient to both keep that personal information confidential and not use it for any purpose except performing the contract.

In the preceding twelve (12) months, we have disclosed the following categories of personal information for a business purpose:

  • Category A: Identifiers
  • Category B: California Customer Records personal information categories
  • Category C: Commercial information
  • Category F: Internet or other similar network activity
  • Category I: Professional or employment-related information

We disclose your personal information for a business purpose to the following categories of third parties:

  • Our vendors and service providers such as those that assist with the provision of services, marketing, analytics, data storage, or content management, or that provide consulting or professional services.
  • The institution you are affiliated with, if you use our products through your affiliation with an institution, such as a college or university.
  • Our authorized resellers and distributors, if you have requested information on a Visible Body product sold by one of our resellers or distributors.

Sale of Personal Information/Targeted Advertising

In the preceding twelve (12) months, we have not sold any personal information or shared any personal information for cross-context behavioral advertising/targeted advertising.


Using your Sensitive Personal Information

Sensitive personal information means personal information that reveals (A) a consumer’s social security number, driver’s license, state identification card, or passport number; (B) a consumer’s account log-in, financial account, debit card, or credit card number in combination with any required security or access code, password, or credentials allowing access to an account; (C) a consumer’s precise geolocation; (D) a consumer’s racial or ethnic origin, religious or philosophical beliefs, or union membership; (E) the contents of a consumer’s mail, email, and text messages unless the business is the intended recipient of the communication; (F) consumer’s genetic data; (G) biometric information for the purpose of uniquely identifying a consumer; (H) personal information collected and analyzed concerning a consumer’s health; or (I) personal information collected and analyzed concerning a consumer’s sex life or sexual orientation.

In the preceding twelve (12) months, we have not collected or used sensitive personal information.

This information is used to process your payment for the products and services and deliver the products and services to you. Because this is the only use of sensitive personal information and our use is reasonably necessary and proportionate to the purpose, we are not required to post a notice of right to the limit use of sensitive personal information.


Your Rights and Choices

The CCPA provides consumers (California residents) with specific rights regarding their personal information. This section describes your CCPA rights and explains how to exercise those rights.


Access to Specific Information and Data Portability Rights

You have the right to request that we disclose certain information to you about our collection and use of your personal information over the past twelve (12) months. Once we receive and confirm your verifiable consumer request, we will disclose to you:

  • The categories of personal information we collected about you.
  • The categories of sources for the personal information we collected about you.
  • Our business or commercial purpose for collecting or selling/sharing that personal information.
  • The categories of third parties with whom we share that personal information.
  • The specific pieces of personal information we collected about you (also called a data portability request).
  • If we disclosed your personal information for a business purpose, the personal information categories that each category of recipient obtained.

Deletion and Correction Request Rights

You have the right to request that we delete and/or correct any of your personal information that we collected from you and retained, subject to certain exceptions such as the Family Educational Rights and Privacy Act. For more information on your Education Rights, please see the Education Privacy Notice.

Once we receive and confirm your verifiable consumer request, we will delete (and direct our service providers to delete) your personal information from our records, unless an exception applies.

We may deny your deletion/correction request if retaining the information is necessary for us or our service providers to:

  • Complete the transaction for which we collected the personal information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform our contract with you.
  • Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities.
  • Debug products to identify and repair errors that impair existing intended functionality.
  • Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law.
  • Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 seq.).
  • Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information’s deletion may likely render impossible or seriously impair the research’s achievement, if you previously provided informed consent.
  • Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us.
  • Comply with a legal obligation.
  • Make other internal and lawful uses of that information that are compatible with the context in which you provided it.

Further, we cannot delete Student Data, as defined in the Education Privacy Notice, without permission from the applicable school.


Your Right to Opt-Out of Sale or Sharing Your Information

We do not sell or disclose personal information with third parties that would be considered a “sale” under the CCPA. Since we do share your personal information for targeted advertising or cross-context behavioral advertising, you are opted-out of “sale” or “sharing” (as defined by the CCPA) your personal information by default.

Opt-out Preference Signals

Opt-out preference signals or Global Privacy Controls (GPC) provide consumers with a simple and easy-to-use method by which consumers interacting with us online can automatically exercise their opt-out of sale/sharing rights.

We do not process opt-out preference signals because we do not “sell” or “share” your personal information.


Exercising Access, Data Portability, Deletion, and Correction

To exercise your access, portability, deletion, or opt-out rights described above, please submit a verifiable consumer request to us by completing the following request form or contact us at support@visiblebody.com or by mail at:

Cengage Learning, Inc.
3 Center Plz, #700
Boston, MA 02108
Attn: Visible Body CCPA Consumer Access Request

Only you or a person registered with the California Secretary of State that you authorize to act on your behalf, may make a verifiable consumer request related to your personal information. You may only make a verifiable consumer request for access or data portability twice within a 12-month period. The verifiable consumer request must:

  • Provide sufficient information that allows us to reasonably verify you are the person or an authorized representative of the person we collected personal information on.
  • Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.

We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you. Making a verifiable consumer request does not require you to create an account with us. We will only use personal information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request.


Response Timing and Format to Respond To Your Request

Within ten (10) business days after receiving your request to delete, correct, or request to know, we will confirm receipt of your request and provide you information about how the business will process the request. We endeavor to respond to a verifiable consumer request within 45 days of its receipt. If we require more time (up to 90 days), we will inform you of the reason and extension period in writing.

If you have an account with us, we will deliver our written response to that account. If you do not have an account with us, we will deliver our written response by mail or electronically, at your option. Any disclosures we provide will only cover the 12-month period preceding the verifiable consumer request’s receipt. The response we provide will also explain the reasons we cannot comply with a request, if applicable. For data portability requests, we will select a format to provide your personal information that is readily usable and should allow you to transmit the information from one entity to another entity without hindrance.

We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.


Non-Discrimination

We will not discriminate against you for exercising any of your CCPA rights. Unless permitted by the CCPA, we will not:

  • Deny you goods or services.
  • Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties.
  • Provide you a different level or quality of goods or services.
  • Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.

Notice of Financial Incentives

We do not offer financial incentives or pricing discounts for providing your personal information or registering a Visible Body account with us.


Changes to Our Privacy Notice

We reserve the right to amend this privacy notice at our discretion and at any time. When we make changes to this privacy notice, we will notify you by email or through a notice on our website homepage.


Contact Information

If you have any questions or comments about this notice, our Privacy Notice, any other notice, the ways in which we collect and use your personal information, your choices and rights regarding such use, or wish to exercise your rights under California law, please do not hesitate to contact us at:

Cengage Learning, Inc.
3 Center Plz, #700
Boston, MA 02108
Attn: Visible Body CCPA Consumer Access Request

Or at support@visiblebody.com


EU-UK Privacy Rights Notice

Effective Date: April 2, 2024
Last Updated: May 7, 2025


This EU-UK Privacy Rights Notice (the “EU-UK Notice”) provides information about the collection, use, processing and sharing of data about individuals located in the European Union, United Kingdom (UK), Iceland, Liechtenstein or Norway (the “European Economic Area” or “EEA”).

With respect to individuals in the UK, references to the GDPR in this EEA Notice are to be read as referring to the UK’s similar legislation, the Data Protection Act 2018.

In this EU-UK Notice:

  • GDPR means the European Union’s General Data Protection Regulation;
  • Personal Data means information relating to an identified or identifiable individual; an identifiable individual is one who can be identified, directly or indirectly, by use of any identifier or factor specific to that individual; and
  • GDPR Processing Activities means the collection, use, processing or sharing of Personal Data when those activities are within the scope of the GDPR.

This EU-UK Notice applies only to the use of Personal Data in GDPR Processing Activities. In this EU-UK Notice, the words “Company,” “we,” “us” or “our” refer to Visible Body Apps, LLC and its affiliates, including Cengage Learning, Inc., and we are the data controller of the GDPR Processing Activities. This EU-UK Notice applies to GDPR Processing Activities by any means, including hardcopy (such as paper applications or forms) and electronic means (such as websites and mobile applications).


A. Why We Process Personal Data

We collect several categories of Personal Data in circumstances that may involve GDPR Processing Activities, including data you provide, data collected automatically (potentially including location data), and data we obtain from third party sources.

We use the Personal Data that we collect, dependent on your status as a customer or prospective customer, to:

  • Data Collected when you create a Visible Body account. Personal data collected includes first name and last name, email address, username, and password, Internet Protocol (IP) address. The purpose of the collection is to provide you with our contractually obligated service offerings.
  • Data collected when you complete a transaction. Personal data collected may include Purchase information through product purchases on Apple’s App Store or Google Play, including your user ID, and through product purchases on Fastspring, including your first and last name, and billing address. The purpose is to process your personal data to perform the contractual obligations between Visible Body and you.
  • Data collected when you subscribe to our newsletters and updates and provide information on our social media page. Personal data collected may include name, mailing address, and email address. The purpose is our legitimate interest to provide you with promotional materials or inform you of new features, functionality, services, products, events, and other updates that may be of interest to you.
  • Data collected when you use contact us. Personal data collected may include communication data such as your discussion with our customer support, other communications you send us, and your feedback that you communicate to us via email or social media. The purpose is our legitimate interest to respond to questions or comments from you, and improve our services, including the functionality and usefulness of our website and emails, as well as customization of the content and layout of our website based on your comments and feedback.
  • Data collected when you access our website. We may obtain certain personal data automatically when you use one of our websites or mobile applications, such as your IP address. The purpose is our legitimate interest to detect, prevent, and address technical issues, and gather analysis or valuable information enabling us to monitor the usage of our websites.
  • Data collected when you inform us of a claim. Personal data collected may include your name, physical address, email address, credit card or financial account number. The purpose may include contractual obligations, defending legal claims, and complying with laws, regulations, court orders, or other legal processes.
  • Data collected to exercise data subject access requests. Personal data collected may include your name, email address, and your selected access request. The purpose is to comply with our legal obligations.

If we process your personal data for any other purposes, we will describe the data collected and the purpose when we collect the personal data.

The ways in which we collect and use your data vary depending on the relationship between you and us. The following sections of this EU-UK Notice describe in more detail how we collect and use Personal Data in various circumstances that may involve GDPR Processing Activities.


B. Data Subjects from Whom We Collect Personal Data

The Data Subject who we collected personal data include the following:

  • Visible Body Account holders who login to their accounts, including students and faculty.
  • Prospective customers.
  • Visitors to the website who provide comments and questions.
  • All visitors to the website.

C. Recipients of Personal Data

We share your Personal Data with third parties including service providers, social media platforms, and government authorities for the following purposes:

  • Educational Institutions. We may disclose your names, email addresses, Visible Body Suite quiz scores and activation status to your educational institution.
  • Service Providers. For purposes such as marketing and analytics; event registration and coordination; providing course platforms or tools that enable or enhance our offerings; receiving research insights and analytics; system maintenance and security; facilitating other transactions with you; and assisting with our legal compliance.
  • Legal Process, Safety and Terms Enforcement. We may disclose your Personal Data to legal or government regulatory authorities as required by applicable law. We may also disclose your Personal Data to third parties in connection with claims, disputes or litigation, when otherwise required by applicable law, or if we determine its disclosure is necessary to protect the health, safety, rights or property of you, us or others, or to enforce our legal rights or contractual commitments that you have made.

D. Data Retention

Unless otherwise noted in this Privacy Notice or in the Education Privacy Notice, Company retains Personal Information as reasonably necessary to provide services to you, and thereafter for as long as necessary to comply with our legal or contractual obligations. We periodically delete information regarding prospective customers if we determine the information is no longer needed for that purpose. Personal information will be removed from live databases upon written request or after an established period following termination of an agreement. Information stored in backups is not actively purged but instead naturally ages itself. Visible Body does not retain backups of Personal Information for more than one year.


E. International Data Transfers

Much of our Personal Data processing takes place in the United States, though sometimes we or third parties with whom we share data, as discussed above, may process data in other countries. The data privacy laws in the United States and other countries outside the EEA and the UK may provide less protection than such laws in the EEA or the UK. In the event we transfer your Personal Data outside the EEA or outside the UK as part of our GDPR Processing Activities, we rely where required on appropriate or suitable safeguards or specific derogations recognized under the GDPR or under UK law.

The European Commission has adopted standard data protection clauses, also applicable in the UK, which provide safeguards for Personal Data transferred outside of the EEA or the UK. We may use Standard Contractual Clauses when transferring Personal Data from a country in the EEA or from the UK to a country outside the EEA or the UK. If so and your Personal Data are affected, you can request a copy of the Standard Contractual Clauses relevant to your Personal Data by contacting us as set forth in the “Contact Us” section below.


F. Your Data Subject Access Rights

Upon your reasonable, good faith request we will provide you with information about whether we hold any of your Personal Data as part of our GDPR Processing Activities, to the extent required by and in accordance with applicable law. In certain cases, you may also have a right, with respect to your Personal Data collected and used in the GDPR Processing Activities, to:

  • correct or update any of your Personal Data that is inaccurate;
  • restrict or limit the ways in which we use your Personal Data;
  • object to the processing of your Personal Data;
  • request the deletion of your Personal Data; and
  • obtain a copy of your Personal Data in an easily accessible format.
  • For personal data that you specifically consented to for our processing, you have the right to withdraw the consent.

To submit a request, please send an email message to support@visiblebody.com. Because we want to avoid processing your Personal Data at the direction of someone other than you, we will ask you for information verifying your identity. We will respond to your request within a reasonable timeframe.

Subject to certain legal limits, you also have the right to withdraw your consent to our processing of your Personal Data as part of our GDPR Processing Activities, where our processing is solely based on your consent. In some cases, you can do this by discontinuing use of the services involved in the GDPR Processing Activities. This would include by closing all of your online accounts with us and contacting us at support@visiblebody.com to request that your Personal Data be deleted. If you withdraw your consent to the use or sharing of your Personal Data for the purposes set out in this EU-UK Notice or the other Visible Body privacy notices, you may not have access to some or all of the related services, and we might not be able to provide you some or all of the services.

Please note that, in certain cases, we may continue to process your Personal Data after you have withdrawn consent and requested that we delete your Personal Data, if we have a legal basis to do so. For example, we may retain certain data if we need to do so to comply with an independent legal obligation, if we still need the data for the lawful purposes for which we obtained the data, or if it is necessary to do so to pursue our legitimate interest in keeping our services and operations safe and secure or to safeguard our rights or the rights or safety of others.

If you have any complaints regarding our privacy practices, you have the right to make a complaint with your national data protection authority (i.e., supervisory authority).


G. User Generated Content

Some of our online activities enable users to submit their own content. Please remember that any Personal Data you submit or post as user-generated content in these circumstances could in some cases be seen by others or become public. You should exercise caution when deciding to disclose your personal, financial or other information in such submissions or posts. We cannot prevent others from using that information in a manner that may violate this EU-UK Notice, the law or your personal privacy and safety. We are not responsible for the results of such postings.


H. Updates to the EU-UK Notice

We may update this EU-UK Notice from time to time without prior notice by posting revised EU-UK Notice to this site. You can determine when this EU-UK Notice was last revised by checking the Last Updated date at the beginning of this EU-UK Notice.


I. Contact Us

If you have any questions, comments, requests or concerns about this EU-UK Notice or other privacy-related matters, you may contact us in the following ways:

Email: support@visiblebody.com

Mail: Cengage Learning, Inc.
3 Center Plz, #700
Boston, MA 02108
Attn: Visible Body GDPR Information

Was this article helpful?
26 out of 29 found this helpful
Return to top

Related articles