Privacy Practices
NovaWayFinder and Lexi handle learner, organization, evidence, assessment, and competency data. These practices describe how the pilot should collect, use, share, and protect that information.
Information We Collect
The platform may collect information needed to operate learner and organization workflows.
- Account information such as name, email, phone number, role, and organization association.
- Learner profile information such as education, work history, skills, goals, resumes, and portfolio items.
- Evidence files, PLAR submissions, competency claims, assessment notes, and validation outcomes.
- Organization information such as organization name, acronym, sector, website, contacts, cohorts, frameworks, and learners.
- Technical information such as sign-in activity, browser/device details, application logs, and security events.
How We Use Information
Information is used to provide and improve the NovaWayFinder and Lexi services.
- Create and manage learner, assessor, Organization Admin, and SuperAdmin accounts.
- Support learner portfolios, resumes, evidence vaults, PLAR, assessments, cohorts, and competency tracking.
- Help organizations administer their frameworks, learners, reports, and assessment workflows.
- Maintain security, prevent unauthorized access, troubleshoot issues, and improve reliability.
- Generate operational and aggregate reports for authorized admins.
Organization Access
When a learner is invited by or linked to an organization, authorized staff for that organization may access the learner information needed to administer cohorts, PLAR, competency assessment, support, and reporting. Organization staff should only access information for legitimate program or assessment purposes.
Learners Without An Organization
Learners may create a NovaWayFinder account without being linked to an organization. In that case, their profile is not automatically available to any organization. An organization association may be created later through invitation, learner consent, or an approved administrative process.
Sharing And Visibility
Learners should control when they share portfolios, resumes, or validated claims outside the platform. Some information may be visible to authorized organization staff when it is part of a program, assessment, cohort, PLAR workflow, or support request.
AI-Assisted Features
AI-assisted features may help summarize, organize, or draft learner-facing content. Users should review AI-assisted output before relying on it. Sensitive information should only be entered when it is necessary for the task and appropriate under organization policy.
Security
The platform should use reasonable technical and administrative safeguards.
- Role-based access controls for learners, Organization Admins, assessors, and SuperAdmins.
- Organization scoping so staff only see data they are authorized to see.
- Secure password handling through the application identity system.
- Logging and monitoring for troubleshooting and security review.
Retention
Records should be kept only as long as needed for learner access, organization administration, evidence review, reporting, legal requirements, or contractual obligations. Retention rules may vary by organization, program, and jurisdiction.
Corrections And Requests
Users may ask to correct inaccurate profile information or request help understanding what information is associated with their account. Some assessment, audit, credential, or organization records may need to be retained to preserve program integrity.
Questions
Privacy questions should be directed to the appropriate organization administrator or L3ED project contact. Production deployment should include a formal contact address and escalation process.