Privacy Policy

If your organization signed a GoReact Customer Terms Agreement with GoReact, that Agreement governs any conflict with the Privacy Policy below. Please contact with any questions.

Welcome to GoReact! Safekeeping of your data is critical to us and a responsibility that we embrace. This Privacy Policy is published by SpeakWorks, Inc. dba GoReact, 256 W. Center St, Orem UT USA (“GoReact”, “we” or “us”). Here we describe how we collect, use and handle your information when you use our websites, mobile applications, software and/or services (“Service”).


We collect and use the following information to provide, improve and protect our Service:

Account Information. We collect, and associate with your account, information such as your name, email address, phone number, address, and payment information.

Your Content. When you use our Service, we store, process and transmit your files (including items like your videos, recordings, files, comments, other content, and so on) (“Your Content”) and information related to them. This will make it easy for you to do things like share and interact with these items.

Usage Information. In order to improve the Service, we collect information from and about the devices you use to access the Service. This includes things like IP addresses, the type of browser and device you use, the web page you visited before coming to our sites, how you interact with the Service, and identifiers associated with your devices. Your devices (depending on their settings) may also transmit location information to the Service.

Cookies and other technologies. We use technologies like cookies and pixel tags to provide, improve, protect and promote our Service. For example, cookies and other technologies help us with things like remembering your username and preferences for your next visit, understanding how you interact with our Service including things like clicks, mouse actions, text entered and other related information, and then improving the Service based on that information. You can set your browser to not accept cookies, but this will limit your ability to use the Service.

Video information.  You may sometimes use the Service in connection with your participation in an activity in which your image, words, or actions are recorded by the Service. You may or may not be logged in to the Service at the time, and you consent to the use of your image, words, and actions (solely in connection with the Service), regardless of whether or not you are logged in at the time your image, words, or actions are recorded.


On a limited basis, we may share information as described below in order to facilitate delivering the Service to you, but will never sell it to advertisers or other third parties.

Others working on behalf of GoReact. GoReact uses only certain trusted third party partners to help us provide, improve, protect, and promote our Service. These third parties will access your information, but only to perform tasks on our behalf and in compliance with this Privacy Policy. For each such third party, GoReact secures contractual data governance to ensure your data has protections and privacy in their systems consistent with this Privacy Policy and is only used for processing our direct service requests. A current list of each data subprocessor we contract with, and their function, may be found at, and you will be notified (for example, by email) when any new subprocessor is added.

Other users. Our Service displays information like your name or email address to other users only in places where that information is configured to be shared. The disclosure of information from student records, particularly grades and performance information, is governed in the U.S. by the Family Educational Rights and Privacy Act (“FERPA”), and such information is shared only with your course instructor(s) or other institutional administrators as permitted by FERPA.

Organizational Administrators. If your account is associated with a GoReact Organizational Account (as defined in the User Terms), there may be an administrator in your organization that has access to and control of your GoReact account for purposes of managing the Service. Please refer to your organization’s internal policies if you have questions about this.

Legal. We may disclose your information to third parties if we determine that such disclosure is reasonably necessary to (a) comply with the law; (b) protect any person from death or serious bodily injury; (c) prevent fraud or abuse of GoReact or our users; or (d) protect GoReact’s property rights. Please contact with any privacy questions or concerns.


Security. We employ both an internal technical team and external security experts in order to keep your information secure and test for vulnerabilities. All database data managed by GoReact is encrypted both at rest and in transmission. We also continue to work on features to keep your information safe.

Retention and right to deletion. We’ll retain information you store on our Service for as long as we need it to provide you the Service. In most cases, that means information will be kept for at least three (3) years, which most users find helpful in order to retrieve past samples of their work. If you request to delete your account, you may also request that we delete your information, and/or you may also request a copy of your data we have stored in our system. Please note: (a) there might be some latency in deleting this information from our servers and backup storage; (b) feedback you’ve provided for others will remain, and (c) we may retain certain information if necessary to comply with our legal obligations, resolve disputes, or enforce our agreements.


Around the world. To provide you with the Service, we may store, process and transmit information in the United States and locations around the world – including those outside your country. Information may also be stored locally on the devices you use to access the Service. If you are a U.S. customer, your data will only be stored and processed in the United States.

EU Provisions. GoReact offers standard EU model clauses (including GDPR updates) for information security as required for EU customers. Please contact your account representative if you are located within the EU and require these additional terms. You may also have the right to make a GDPR complaint to the relevant Supervisory Authority. A list of Supervisory Authorities is available here:

Privacy Shield. GoReact complies with the EU-U.S. Privacy Shield Framework and Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union, the United Kingdom, and Switzerland to the United States.  GoReact has certified to the Department of Commerce that it adheres to the Privacy Shield Principles.  If there is any conflict between the terms in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification, please visit

With respect to personal data received or transferred pursuant to the Privacy Shield Frameworks, GoReact is subject to the regulatory and enforcement powers of the U.S. Federal Trade Commission.

Pursuant to the Privacy Shield Frameworks, EU, UK, and Swiss individuals have the right to obtain our confirmation of whether we maintain personal information relating to you in the United States. Upon request, we will provide you with access to the personal information that we hold about you. You may also correct or amend any personal information we hold about you that is inaccurate or incomplete. Furthermore, you have the right to request erasure of information that is deemed to have been handled in violation of the Privacy Shield Principles. An individual who seeks access, or who seeks to correct, amend, or delete inaccurate data transferred to the United States under Privacy Shield should direct their query to If requested to remove data, we will respond within a reasonable timeframe.

We will provide an individual opt-out choice, or opt-in for sensitive data, before we share your data with third parties other than our agents, or before we use it for a purpose other than which it was originally collected or subsequently authorized. To request to limit the use and disclosure of your personal information, please submit a written request to

In certain situations, we may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

GoReact‘s accountability for personal data that it receives in the United States under the Privacy Shield and subsequently transfers to a third party is described in the Privacy Shield Principles. In particular, GoReact remains responsible and liable under the Privacy Shield Principles if third-party agents that it engages to process personal data on its behalf do so in a manner inconsistent with the Principles, unless GoReact proves that it is not responsible for the event giving rise to the damage.

In compliance with the Privacy Shield Principles, GoReact commits to resolve complaints about your privacy and our collection or use of your personal information transferred to the United States pursuant to Privacy Shield. European Union and Swiss individuals with Privacy Shield inquiries or complaints should first contact GoReact at:

GoReact has further committed to refer unresolved privacy complaints under the Privacy Shield Principles to an independent dispute resolution mechanism, the BBB EU PRIVACY SHIELD. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit for more information and to file a complaint. This service is provided free of charge to you.

If your Privacy Shield complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms.  See Privacy Shield Annex 1 at


The California Consumer Privacy Act of 2018 (“CCPA”) relates to residents of California and requires that we make certain disclosures to you and provide you with a means to exercise the other rights residents of California have received under the CCPA.  This section makes those disclosures (in part by pointing you to the locations in this Privacy Policy where the disclosures are made) and describes how you may exercise your rights under the CCPA.

Categories of Information (Source, Collection, and Sharing).  The CCPA requires us to list the categories of information we collect about you and the commercial or business purposes for which the categories of personal information is used.  Those disclosures are made in the “What Information We Collect” section above under the categories “Account Information,” “Your Content,” and “Usage Information.” The categories of information collected and the purposes for that collection have not changed over the last twelve months. 

The source of the information we receive about you is always you or the parties with whom you interact using our Service.  We do not purchase any personal information about you from third parties. 

Your information is only shared in accordance with the “Sharing of Information” section above.  The commercial and business purposes for that sharing is also described in that section.  The categories of information shared and the categories of parties with whom it is shared have not changed in the last twelve months.

Your Rights under the CCPA.  If you are a California resident, you have the following rights:

  • You have the right to request that we disclose the categories and the specific items of personal information about you that we collect, use, disclose, and/or sell and that personal information about you that we have collected, used, disclosed, and/or sold during the twelve months prior to your request.
  • You have the right to not be subjected to any discrimination based on the fact that you have elected to opt out of the sale of your personal information or that you have submitted a request to know or a request to delete under the CCPA.
  • You also have the right to have the personal information we collect about you deleted.  We use a two-step process to verify your identity and to have the information deleted. Your rights to have your personal information deleted are subject to several exceptions, specifically the personal information that is necessary for us to:
    • complete your transaction;
    • provide you a good or service;
    • perform a contract between us and you;
    • protect your security and prosecute those responsible for breaching it;
    • fix our system in the case of a bug;
    • protect the free speech rights of you or other users;
    • comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 et seq.);
    • engage in public or peer-reviewed scientific, historical, or statistical research in the public interests that adheres to all other applicable ethics and privacy laws;
    • comply with a legal obligation; or
    • make other internal and lawful uses of the information that are compatible with the context in which you provided it.
  • To make any request under the CCPA, you must complete the online Data Request Form found at  Typically, your login and password are sufficient to verify your identity, but if we require further information, we will inform you.  In that event, you will be asked to give us your name, e-mail address, and any other information we reasonably require to verify your identity. 
  • We will respond to your request within 10 days after receipt of your request, and we will then take action to verify your identity and fulfill your request, as required by the CCPA.  We will provide you with a CSV copy of your stored data within 45 days of your request, assuming we are able to verify your identity in that period and so long as you provide a correct email address for successful correspondence.  

For more information about your rights under the CCPA, please direct your questions to us at You can also direct questions to our toll free number at 1-855-717-3499.


GoReact collects and uses certain indirect or aggregate information as a result of your use of the Service.  Such information will always be anonymized and will never contain user-identifiable data such as name, email address, or other direct identifiers. Any such de-identification will comply with U.S. FERPA and HIPAA requirements as well as GDPR and the CCPA.


Upon creation of your account in the Service, you will be expressly asked for your consent to how we will store and use your information. We will track that consent, and you will have the ability to withdraw your consent and delete your account at any time from within your user profile in the Service. In addition, while you use the Service, you’ll be able to see on any given activity who will have access to your content, and you may also change and update your information in your user profile.


If we are involved in a reorganization, merger, acquisition or sale of our assets, your information may be transferred as part of that transaction. We will notify you (for example, via a message to the email address associated with your account) of any such transaction and outline your choices in that event.


We may revise this Privacy Policy from time to time, and will post the most current version on our website. If a revision meaningfully reduces your rights, we will notify you through your account and provide an opportunity to consent to the changes.


Have questions or concerns about GoReact, our Service and/or privacy? Contact us at

Effective: 1 July 2020