Privacy Policy

Effective from January 1, 2023.


Welcome, and thank you for your interest in Enome, Inc. (“Enome” “us” or “we”) and Goalbook, our web-based platform that provides instructional resources and professional development for organizations such as school districts and schools to plan rigorous and differentiated instruction (collectively, the “Services”), as further described in the Goalbook Terms of Use. This Privacy Policy describes the information that we gather from you, how we use and disclose your information, and the steps we take to protect your information. This Privacy Policy is incorporated into and is subject to the Goalbook Terms of Use. Capitalized terms that are not defined in the Privacy Policy have the meaning given to them in the Terms of Use. By using any of the Services, you are agreeing to the terms of this Privacy Policy and the Terms of Use into which it is incorporated. If you do not agree to this Privacy Policy, you should not use any of the Services or provide to us any of your personal information. Please contact us with any questions or comments about this Privacy Policy, your personally identifiable information, our use and disclosure practices, or your consent choices by email at Enome, Inc. (Goalbook) PO Box 1289 San Mateo, CA 94401

Changes and Updates to this Privacy Policy

Please revisit this page periodically to stay aware of any changes to this Privacy Policy, which may be revised periodically at our sole discretion, as provided in Terms of Use. If we modify the Privacy Policy, we will make it available through the website, and indicate the date of the latest revision. In the event that the modifications materially alter your rights or obligations hereunder we will make reasonable efforts to notify you of the change. For example, we may send a message to your email address, if we have one on file, or generate a pop-up or similar notification when you access the Services for the first time after such material changes are made. Our amended Privacy Policy will automatically take effect 30 days after it is made available through the website, except that (i) we generally only use your personally identifiable information in the manner described in the Privacy Policy in effect when we received that information and (ii) if you do not agree with any changes to the Privacy Policy, you may terminate your account and stop using of the Services. Your continued use of the Services after the revised Privacy Policy has become effective indicates that you have read, understood and agreed to the current version of the Privacy Policy.

Our Commitment to Privacy of Certain Groups

We do not knowingly collect any personally identifiable information from persons under the age of 13 or residents of the European Economic Area (EEA). If you are under 13 or a resident of the EEA, please do not sign up for the Services or provide any information to us.

Information We Collect

  • User-provided Information. When you use the Services you may provide and we may collect what is generally called “personally identifiable” information. For example, you may provide us with personally identifiable information when you register for an account, share resources with others through our private and secure links, or send us customer service-related requests. When you buy products or services from us, we may ask you for your credit or debit card number, type, expiration date, and similar information. Such information is collected and stored by our third-party payment processing company, and use of such information is governed by such company’s applicable terms of service and privacy policy.
  • Information from other Users. We may receive information, including personally identifiable information, from other users of the Services. For example, we may receive personally identifiable information about a student when a user of the Services (such as a teacher or administrator) enters information about a student. We protect this personally identifiable information in accordance with this Privacy Policy.
  • “Cookies” Information. When you use the Services, we may send one or more cookies – small text files containing a string of alphanumeric characters – to your computer. We may use both session cookies and persistent cookies. A session cookie disappears after you close your browser. A persistent cookie remains after you close your browser and may be used by your browser on subsequent visits to our website. Persistent cookies can be removed. Please review your web browser “Help” file to learn the proper way to modify your cookie settings. Please note that if you delete, or choose not to accept, cookies, you may not be able to utilize the features of the Services to their fullest potential.
  • “Automatically Collected” Information. When you use the Services or open one of our HTML emails, we may automatically record certain information from your web browser by using different types of technology, including “clear gifs” or “web beacons.” This “automatically collected” information may include your IP address or other device address or ID, web browser and/or device type, the web pages or sites that you visit just before or just after our website, the pages you view on the Services, and the dates and times that you access the Services. This information is gathered for all users.
  • Information Provided By Contracting Organizations. We may also receive information, including personally identifiable information, under our agreements with users. It is the responsibility of each user to comply with all laws related to the disclosure of such information. For example, this personally identifiable information may include the educational records of students. It is the responsibility of the user to comply with the Federal Educational Rights Privacy Act (FERPA) and all state privacy laws and other laws. Once this information is in our possession, we will protect it in accordance with this Privacy Policy.

How We Use Collected Information

We use the information that you provide or that we collect to operate, maintain, enhance and provide all of the features of the Services. This may include sharing of information with third party service providers solely in order to provide you the Services. We use the information that you provide that we collect to understand and analyze the usage trends and preferences of our users, to improve the Services, and to create new features and functionality. We may use your email address or other personal information to contact you for administrative purposes such as customer service, to address intellectual property infringement, right of privacy violations or defamation issues related to your User Content posted on the Services, or other messages related to the Services. We may use “cookies” information and “automatically collected” information to: (a) personalize our services, such as remembering your information so that you will not have to re-enter it during your visit or the next time you visit our website; (b) monitor and analyze the effectiveness of Service; and (c) monitor aggregate site usage metrics such as total number of visitors and pages viewed.

When We Disclose Information

Your privacy is very important to us, and we are not in the business of selling your information. Any information, including personally identifiable information, that you voluntarily choose to include in an area of the Services accessible to other users, such as when you share resources with others through our private and secure links, will be available to anyone who has access to that content, including other users. Once you make your personally identifiable information available in this way, it may be collected and used by the recipients. We work with third-party service providers to provide website and application development, hosting, maintenance, and other services for us related to the operation of the Services. We may disclose your personally identifiable information to the extent it is necessary for these third-party service providers to complete their contractual obligations to us. Such disclosure is made under these third-party service provider terms, and limited to using the information for the purpose of providing the Services. We gather certain information automatically and store it in log files. This information may include IP addresses, browser type, internet service provider (“ISP”), referring/exit pages, operating system, date and time stamp, clickstream data and other data. We use this information to manage and operate the Services. We automatically collect and aggregate non-personally identifiable information to: (i) comply with various reporting obligations; (ii) for business or marketing purposes; or (iii) to assist us in understanding our users’ interests, habits, and usage patterns for certain programs, content, services, advertisements, promotions, and/or functionality available through the Services. We may also disclose your information if required to do so by law or in the good-faith belief that such action is necessary to comply with state and federal laws (such as U.S. Copyright law), in response to a court order, judicial or other government subpoena or warrant, or to otherwise cooperate with law enforcement activity. We also reserve the right to disclose your information when we believe, in good faith, that disclosure is appropriate or necessary to take precautions against liability; to protect us and others from fraudulent, abusive, or unlawful uses or activity; to investigate and defend ourselves against any third party claims or allegations; to assist government enforcement agencies; to protect the security or integrity of us and the Services; or to protect the rights, property, or personal safety of Enome, our users, or others. In the event that we are acquired by or merged with a third-party entity, we reserve the right to transfer or assign the information we have collected from you as part of such merger, acquisition, sale, or other change of control. You will be notified by email or a prominent notice on our Services of any change in ownership or uses of your personal information, as well as any choices you may have regarding your personal information.

Your Choices

You may, of course, decline to share certain personally identifiable information with us, in which case we may not be able to provide to you some of the features and functionality of the Services. You may update or correct your profile information and preferences at any time by accessing your account preferences page through the Services. You may request deletion of your account, including all profile information and any library data you stored on our system, by writing an email request from your email account to Please note that while your changes are reflected promptly in active user databases, we may retain information you submit for a variety of purposes, including backups and archiving, prevention of fraud and abuse, and analytics.

Third Party Services:

Our website may contain links to Web sites and services provided by third parties. Any personally identifiable information you provide on third party sites or services is provided directly to that third party and is subject to that third party’s policies, if any, governing privacy and security. We are not responsible for the content or privacy and security practices and policies of third party sites or services to which links are displayed on our website. We encourage you to learn about third parties’ privacy and security policies before providing them with personally identifiable information.

Our Commitment to Data Security

We use commercially reasonable physical, managerial, and technical safeguards to preserve the integrity and security of your personally identifiable information. We cannot, however, ensure or warrant the security of any information you transmit to us, and you do so at your own risk. Once we receive your transmission of information, we make commercially reasonable efforts to ensure the security of our systems. We do not guarantee that such information may not be accessed, disclosed, altered, or destroyed by breach of any of our physical, technical, or managerial safeguards. If we learn of a security systems breach, then we may attempt to notify you electronically so that you can take appropriate protective steps. We may post a notice through our website if a security breach occurs. Depending on where you live, you may have a legal right to receive notice of a security breach in writing. You may receive a free written notice of a security breach by notify us at

International Visitors

The website and Services are hosted in the United States. If you choose to use the Services from the European Union or other regions of the world with laws governing data collection and use that may differ from U.S. law, then please note that you are transferring your personally identifiable information outside of those regions to the United States and by providing your personally identifiable information on the Services you consent to that transfer.

Supplemental California Privacy Notice

This Privacy Notice for California Residents supplements our main privacy policy and applies to visitors, users, and others who live in California and whose personal information Enome processes as a “business.” It does not apply to personal information we collect in the following circumstances:
  • From employees or job applicants in their capacity as employees or job applicants;
  • Personal information we collect from employees, owners, directors, officers, or contractors of businesses in the course of our provision or receipt of business-related services; and
  • Information that we process as a service provider on behalf of other businesses. Please see our main privacy policy for more information on how we process information as a service provider.
A. Categories of Personal Information that We Collect and Share
The CCPA defines “sale” and “personal information” very broadly. Certain uses of your data described above may constitute a sale under the CCPA, as we currently understand it. If you would like to opt out of our use of your information for purposes that are considered a “sale” under California law, you may do so by sending an email to If you want us to delete tracking cookies that enable targeted advertising, which allow us to provide promotions and offers relevant to you, you may do so by sending an email to If you clear your cookies after you asked us to delete tracking cookies, we will not be able to know that you made this request so you will need to opt-out again. You can also submit a sale opt-out request by emailing us at and include “CCPA OPT-OUT REQUEST” in the email subject line. Please note that we do not knowingly sell the personal information of minors under 16 years of age without legally-required affirmative authorization. The CCPA requires us to give California residents certain information about the categories of personal information we collect and how we use it, the categories of sources of the information, categories of third parties to whom we disclosed the information during the past twelve months for business purposes, and the categories of third parties to which we sold or shared personal information in the past twelve months. While we have set out the categories below as required by the CCPA, you can review our main privacy policy for more detailed information that describes our collection, disclosure, and use. Depending on how you interact with us, we may collect and disclose the categories of information summarized below. Please note that we may also disclose all personal information to (a) comply with federal, state, or local laws; (b) comply with a civil, criminal, or regulatory inquiry, investigation, subpoena, or summons by federal, state, or local authorities; (c) cooperate with law enforcement agencies concerning conduct or activity that we believe may violate federal, state, or local law, (d) when we sell, transfer or otherwise share some or all of our business or assets, including your personal information, in connection with a business transaction (or potential business transaction), or (e) to professional advisors, such as lawyers, bankers, auditors and insurers, where necessary in the course of the professional services that they render to us.
B. Categories of Business/Commercial Purposes for Our Use of Your Information
All of the categories of personal information we collect about you (as detailed above) are used for the following purposes:
  • Providing our Services
  • For our operational purposes
  • Improving our existing Services and developing new products and services
  • Detecting, protecting against, and prosecuting security incidents and fraudulent or illegal activity
  • Bug detection, error reporting, and activities to maintain the quality or safety of our Services
  • Uses disclosed in our privacy policy
  • Other uses that we may notify you about
C. California Residents’ Privacy Rights
Subject to certain restrictions, California residents have the right under the CCPA to request that we:
  • Provide you the categories of personal information we have collected or disclosed about you in the last twelve months; the categories of sources of such information; the business or commercial purpose for collecting or selling your personal information; and the categories of third parties with whom we shared personal information.
  • Provide access to and/or a copy of certain information we hold about you.
  • Delete certain information we have about you.
  • Honor your opt-out of the “sale” of your personal information.
  • Correct inaccurate personal information we have about you.
You may have the right to receive information about the financial incentives that we offer to you (if any). You also have the right to not be discriminated against (as provided for in applicable law) for exercising your access, deletion, or sale opt-out rights. We will not discriminate against you for exercising your rights. Certain information may be exempt from such requests under applicable law. For example, we need certain types of information so that we can provide the Services to you. Asking us to delete your information may impact your ability to use our Services, including closure of your user account and you may no longer be able to access or use all or parts of the Services. If you would like to exercise any of these CCPA rights, you may send an email to Please include “CCPA REQUEST” in the email subject line and include, in the body of the email, your name (First and Last), email address, state and zip code of residence, and a description of the CCPA rights you wish to exercise. After submitting your request(s), we are required to verify your request(s) to ensure it is not fraudulent. To verify your request, we will contact you via the email address you provided with, or to submit, your request. Further, we may require you to confirm ownership of the email address associated with your request or provide additional information necessary to verify the validity of your request. For example, we may ask for you to provide additional information to determine if it matches information we have. Please be sure to check your SPAM/junk folder in case the email is filtered out by your mail system. If you do not receive an email from us regarding your request(s) within 48 hours, your request or contact information may not have been submitted properly, and you will need to submit a new request. You may also designate an authorized agent to make a request on your behalf. To do so, you must provide us with a copy of written authorization or a power of attorney, signed by you, for the agent to act on your behalf. You will still need to verify your identity directly with us.
D. Data Retention
We retain your information for as long as is necessary to provide the Services or for other necessary purposes such as complying with our legal obligations, resolving disputes, and enforcing our agreements. In determining how long to retain information, we consider the amount, nature and sensitivity of the information, the potential risk of harm from unauthorized use or disclosure of the information, the purposes for which we process the information, applicable legal requirements, and our legitimate interests. The purposes for which we process information (as well as the other factors listed above) may dictate different retention periods for the same types of information. If you opt out of email marketing, we maintain your email on our suppression list for an extended time to comply with your request. We may delete or de-identify your information sooner if we receive a verifiable deletion request, subject to exemptions under applicable law. We may retain cached or archived copies of your information.