- Use of Information
- How We Share Information
- Third-Party Service Providers
- Information Security
- Rights to Your Personal Data
- Data Retention
- Links to Third-Party Sites
- Children’s Privacy
- Additional California Privacy Rights
- How to Contact Us
1. Information We Collect
When you use the Services, we collect and/or process the following types of data:
a. Personal Data.
“Personal Data” means any information relating to an identified or identifiable natural person. An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier. We collect Personal Data that you provide to us when you register for an account on our App or contact us via e-mail. This may include your first or last name, email address, academic records, educational awards, financial information, scholarship information, or your Internet Protocol (“IP”) address. Some information may be used in account or password recovery processes. In California, Personal Data (alternatively, “Personal Information”) includes an identification number, location information, and/or an online identifier.
b. Non-Personal Data.
“Non-Personal Data” does not identify you, but provides insights regarding your use of the Services. We collect Non-Personal Data that may include information about your use of the Services. We also use Google Analytics and automated chat and e-mail marketing software to provide services and functionality to Users.
Personal Data and Non-Personal Data are collectively referenced as “Data.”
2. Use of Information
For Legitimate Interests. We use Non-Personal Data collected by clickstream information collection, web pixels, and cookies to store your preferences, to generate statistical information, to improve our content and the products, services, materials, and other content.
We may identify you from your Personal Data and merge or co-mingle Personal Data and Non-Personal Data, for any lawful business purpose. Except as otherwise stated, we may use information we collect from you for the legitimate business purpose of providing our Services to you, including, but not limited to:
- to respond to your requests and provide user support;
- to evaluate and improve the content of our Services;
- to establish accounts to use the Services;
- to communicate information and promotional materials to you (where you have not expressed a preference otherwise);
- to check on your account status and maintain record of activities in connection with your use of the Services;
- to notify you of any changes to relevant agreements or policies;
- for research analysis;
- to enforce our agreements, terms, conditions, and policies;
- to prevent or investigate fraud (or for risk management purposes), or to comply with a legal obligation, court order, or in order to exercise our legal claims or to defend against legal claims;
- to conduct aggregate analysis and develop business intelligence that helps us to enhance, operate, protect, make informed decisions and report on the performances of our Services;
- to describe our Services to current and prospective business partners and to other third parties for other lawful purposes; and
- for other purposes identified to you and as requested by you (please note that you have the right to withdraw your consent to such use at any time by contacting us via the contact information below).
In addition, we use third‐party e‐mail providers to deliver communications to you. This is an opt-in e-mail program. If you no longer want to receive these e-mail communications, you may opt-out of receiving e-mail communications through the “unsubscribe” link in our emails.
3. How We Share Information
We may share your Data in the following ways and with the following parties:
- We may store portions of your Data in locations outside of the direct control of the Organization (g., on servers or databases co-located with service providers).
- Colleges, universities, or other educational institutions with whom we have partnered;
- Service providers that help us administer and provide the Services (for example, a web hosting company whose services we use to host our platform). These third-party services providers have access to your Personal Data only for the purpose of performing services on our behalf. A list of service providers is provided in Section 4, below;
- As we believe necessary (i) under applicable law; (ii) to enforce applicable terms and conditions; (iii) to protect our rights, privacy, safety or property, and/or that of our affiliates, you, or others; (iv) to detect, prevent, or otherwise address fraud, security or technical issues; (v) to respond to claims that contact information (g., name, e-mail address, etc.) of a third-party has been posted or transmitted without their consent or as a form of harassment; and (vi) to respond to requests from courts, law enforcement agencies, regulatory agencies, and other public and government authorities, which may include authorities outside your country of residence; and
- Pursuant to your express consent.
4. Third-Party Service Providers
We use third-party service providers to help us operate our Services, who may collect, store, and/or process the information detailed herein. We allow access to our database by third parties that provide us with services, but only for the purpose of and to the extent necessary to provide those services.
We use the following third-party service providers:
Constant Contact. Constant Contact provides email marketing services that allows us to customize our e-mails and track how users interact with our communications so that we can study what our users are finding relevant and how to optimize our emails to the greatest benefit for our users. Constant Contact’s policies can be reviewed on its website, https://www.constantcontact.com/forward/privacy-center.
5. Information Security
We take reasonable steps online and offline to safeguard the Personal Data that you provide to us, including Secure Sockets Layer (SSL) encrypted connections (HTTPS) to the website(s) on our Services, secure multi-tiered firewalls, and portions of your data may also be encrypted on our storage server for additional security, secure cloud-based environments and uses server authentication and industry-standard firewalls in an effort to prevent interference or access from outside intruders. We also require unique account identifiers, user names, and passwords that must be entered each time users access the App, or use of secure password credentials to an authorized third party portal.
It is common knowledge that transmission of information via the Internet is not wholly secure, and we cannot guarantee the security of your Personal Data, or any other information, transmitted to or through any of our Services. Any transmission of Personal Data, or other information, is at your own risk. By using our Services, you acknowledge and accept these risks. As a result, we cannot guarantee or warrant the security of any information you disclose or transmit to us or that are otherwise provided to us and we cannot be responsible for the theft, destruction, or inadvertent disclosure of information. It is your responsibility to safeguard any passwords, identification numbers, or other special access features associated with your use of the Services. Any transmission of information is at your own risk.
If you have any questions about security on our Services, or if you become aware of any unauthorized use of an account, loss of your account credentials, or suspect a security breach, notify us immediately via [email protected]. If our security system is breached, we will notify you of the breach to the extent required under applicable law.
6. Rights to Your Personal Data
You may change, edit, update, or delete the information that you provided when you set up your account through our Services through your account settings. You may also request the deletion of this information by sending an e-mail to [email protected]. If you access our Services from certain jurisdictions, such as California, you may have additional rights and options with regard to accessing, reviewing, correcting, and updating your Personal Data, as well as how we use and disclose your Personal Data.
Right to Access. We respect your right to access and control your information, and we will respond to requests for information and, where applicable, will correct, amend, or delete your Personal Data. You may choose to access or update your Personal Data as it exists in our records by logging into the account you have created for yourself on the Services or e-mailing us at [email protected]. Before providing data to you, we will ask for proof of identity and sufficient information about your interaction with us so that we can locate any relevant data. We may also charge you a fee for providing you with a copy of your data (except where this is not permissible under applicable law).
Right to Deletion. You may also have the right to deletion of your Personal Data; however, this is not always possible due to legal requirements, and exceptions may apply. It is your responsibility at all times to ensure that you are in compliance with all applicable rules, policies, and regulations at the institutional, administrative, and federal levels regarding retention of research data.
Right to Opt-Out. You have the right to “opt-out” of the sale of your Personal Data by e-mailing us at [email protected]. If you are a User in California age thirteen (13) to fifteen (15), you are opted out by default, and your Personal Data will not be sold unless you affirmatively opt-in. For Users in California ages twelve (12) or younger, the User’s parent or guardian must affirmatively opt-in to sale of consumer’s personal information.
Updating Communications Preferences. We do send e-mails to users with information about our Services that we believe may be of interest. Users may opt out of receiving e-mail messages by contacting us via e-mail at [email protected] or by clicking on the “unsubscribe” link found at the bottom of every e-mail that we send. Please note that if you opt-out of receiving marketing-related e-mails from us, we may still send you important administrative messages that are required to provide you with our Services, as applicable. If you do not opt-out using the link at the bottom of an e-mail, you will continue to receive electronic communications until you choose to click on the link that will be provided in each e-mail you receive from us.
7. Data Retention
At any time, users may request deletion of their accounts by e-mailing [email protected]. When you delete your account, it cannot be recovered.
Please note that we do retain Non-Personal Data, including aggregated, de-identified data for the purposes described in the section above titled “How We Use Data.”
8. Links to Third-Party Sites
9. Children’s Privacy
We do not sell products or services for purchase by anyone under the age of thirteen (13). In accordance with the Children’s Online Privacy Protection Act (“COPPA”), we will never knowingly request or solicit Personal Data from anyone under the age of thirteen (13) without verifiable parental consent. In the event that we receive actual knowledge that we have collected such Personal Data without the requisite and verifiable parental consent, we will delete that information from our database as quickly as is practical. We reserve the right to request proof of age at any stage so that we can verify that minors are not using the Services.
10. Additional California Privacy Rights
California Civil Code Section 1798.83 permits California residents to request and obtain a list of what Personal Data (if any) we disclosed to third parties for direct marketing purposes in the preceding calendar year and the names and addresses of those third parties. Requests may be made only once a year and are free of charge. Under Section 1798.83, California residents are entitled to request and obtain such information, by e-mailing a request to [email protected].
12. How to Contact Us
By regular mail:
P.O. Box 50953
Nashville, TN 37205