Privacy and Legal Policies

Thank you for using Scoir! By using this website or any products and services (together, the “Services”) of Scoir, Inc. (“Scoir,” “we,” “us,” “our”), you are agreeing to be bound by these terms and conditions (“Terms”). Please read these Terms carefully, and contact us if you have any questions. By accessing or using our Services, you are also agreeing to be bound by the terms and conditions of our Privacy Policy, Acceptable Use Policy, and Copyright Policy (together, with these Terms, the “Policies”).

Applicability

If your Scoir account was created for you by your school or other organization, our Policies are still applicable to you but some of our Policies terms may be superseded by our terms of service with your school or organization.

Use of Scoir Services

Eligibility to use the Services is subject to these Terms, our other Policies, and applicable law. Certain Services or features may be available only to users of particular ages or roles, or only when access is provided through a school or other organization. Any use or access by a U.S. citizen under the age of 13 without consent of a parent or school administrator acting on behalf of a parent, or by a citizen of a country within the European Union under the age of 16 without parental consent, is prohibited. By creating a Scoir account, we grant you a limited, non-exclusive, non-transferable, and revocable license to use our Services. When you create a Scoir account, you must provide us with accurate, current and complete information. Some of our Services may be software that is downloaded to your computer, phone, tablet, or other device. You agree that we may automatically upgrade those Services, and that these Terms will apply to such upgrades. Scoir reserves the right to delete a user’s account at any time if Scoir determines, in its sole discretion, that such user has violated these Terms, our other Policies, or applicable law, or if such user’s account has been dormant for at least eighteen months.

Your Content

Scoir allows you to create a user profile and submit information, content, and materials through the Services, which may include demographic, academic, and other information about you (“User Content”). User Content may include Personal Data, as defined in our Privacy Policy, and Scoir’s use of such Personal Data is governed by the Privacy Policy.

By using our Services, you grant Scoir a non-exclusive, royalty-free, transferable, sublicensable, worldwide license to use, store, analyze, and create derivative works from your User Content solely to operate, maintain, secure, and improve the Services, including the development and improvement of analytical and automated features. Where User Content includes Personal Data, Scoir uses such data in accordance with the Privacy Policy and, where feasible, in de-identified or aggregated form.

Following termination or deactivation of your account, we may retain your User Content for a commercially reasonable period of time for backup, archival, or audit purposes. Furthermore, Scoir may retain and continue to use your de-identified User Content to improve the Services.

Use of User Content that includes Personal Data is governed by Scoir’s Privacy Policy.

Copyright Policy

Scoir has adopted and implemented a copyright policy in accordance with the Digital Millennium Copyright Act. For more information, please read our Copyright Policy.

Security

Scoir’s data security practices are described in more detail in our Privacy Policy. While we care greatly about security and strive to protect your account information and your User Content, Scoir cannot guarantee that unauthorized third parties will not be able to defeat our security measures. If you suspect any compromise or unauthorized use of your account, please notify us immediately.

Please follow these tips to increase the security of your account:

• Pick a strong password, one that is unique and contains a mix of letters, numbers and symbols.
• Make sure you login to our official site; when in doubt, go to https://app.scoir.com/ to be certain.
• Ensure your computer and browsers are up-to-date with the most recent updates and anti-virus software; only install browser add-ins or plug-ins from publishers that you trust.
• Don't open attachments or install software from an email that looks like it's from Scoir; we'll never ask you to download or open files from an email.
• Be mindful that when using an unsecured Wi-Fi network (one that doesn't require a password), it's possible for someone to see most of the internet traffic sent to and from your device.

Scoir uses Hypertext Transfer Protocol Secure (https://) on the log in and settings pages. This encrypts the credentials you use to log in to Scoir and is designed to keep others from stealing your login credentials, even on an unsecured network.

Third-Party Links, Sites, and Services

Our Services may provide links to third-party websites, content or services. Because we have no control over such third-party websites, you acknowledge and agree that Scoir is not responsible for the availability of such third-party websites, and does not endorse and is not responsible or liable for any content, advertising, products, or other materials on or available from such third-party websites. If you access third-party websites accessible through links from our Services, you do so at your own risk and bear the responsibility of familiarizing yourself with the privacy policies and terms of services of such third-party websites.

Student-Directed Sharing

Certain features of the Services allow students to identify colleges or universities they are interested in or considering. When a student takes such action, the student may direct Scoir to share limited contact information (such as name, email address, school name, or graduation year) with the selected institution so the institution may provide information to the student. This sharing occurs at the student’s request and for the student’s benefit.

User Feedback

We value hearing from our users and are always interested in learning about ways we can make Scoir a better experience and more useful resource for you. If you choose to submit comments, ideas or feedback, you agree that we are free to use them without any restriction or compensation to you. By accepting your submission, Scoir does not waive any rights to use similar or related feedback previously known to Scoir, or developed by its employees, or obtained from sources other than you.

Disclaimer of Warranties

The Services, including, without limitation, all services, functions and materials thereon, are provided on an "as is," "as available" basis without warranty of any kind, either express or implied, including, without limitation, any warranty for information, data, data processing services, uptime or uninterrupted access, any warranties concerning the availability, accuracy, usefulness, correctness, precision, thoroughness, completeness or content of information, and any warranties of title, non-infringement, merchantability or fitness for a particular purpose, and we hereby disclaim any and all such warranties, express and implied. We make no warranty that the Services will meet your requirements. No advice, results or information, whether oral or written, obtained by you from us or through the Services shall create any warranty not expressly made herein. Scoir assumes no responsibility, and shall not be liable for, any damages to, or viruses that may infect, your computer equipment or other property on account of your access to, use of, or browsing in the Services or your downloading of any materials, data, text, images, video, or audio from the Services.

Limitation of Liability

IN NO EVENT, INCLUDING BUT NOT LIMITED TO NEGLIGENCE, SHALL SCOIR, OR ANY OF ITS DIRECTORS, OFFICERS, EMPLOYEES OR AGENTS (COLLECTIVELY, THE “PROTECTED ENTITIES") BE LIABLE FOR ANY DIRECT, INDIRECT, SPECIAL, INCIDENTAL, CONSEQUENTIAL, EXEMPLARY OR PUNITIVE DAMAGES ARISING FROM, OR DIRECTLY OR INDIRECTLY RELATED TO, YOUR ACCESS TO OR USE OF, OR THE INABILITY TO ACCESS OR USE, THE SERVICES OR THE CONTENT, MATERIALS AND FUNCTIONS RELATED THERETO, YOUR PROVISION OF INFORMATION OR SERVICES VIA THE SERVICES, LOST BUSINESS OR LOST SALES, EVEN IF SUCH PROTECTED ENTITY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. SOME JURISDICTIONS DO NOT ALLOW THE LIMITATION OR EXCLUSION OF LIABILITY FOR INCIDENTAL OR CONSEQUENTIAL DAMAGES SO SOME OF THE ABOVE LIMITATIONS MAY NOT APPLY TO CERTAIN USERS. IN NO EVENT SHALL THE PROTECTED ENTITIES BE LIABLE FOR OR IN CONNECTION WITH ANY CONDUCT OF OR CONTENT POSTED, TRANSMITTED, EXCHANGED OR RECEIVED BY OR ON BEHALF OF ANY USER OR THIRD-PARTY ON OR THROUGH THE SERVICES (INCLUDING, WITHOUT LIMITATION, ANY DEFAMATORY, OFFENSIVE OR ILLEGAL USER CONTENT). IN NO EVENT SHALL THE TOTAL AGGREGATE LIABILITY OF THE PROTECTED ENTITIES TO YOU FOR ALL DAMAGES, LOSSES, AND CAUSES OF ACTION (WHETHER IN CONTRACT OR TORT, INCLUDING, BUT NOT LIMITED TO, NEGLIGENCE OR OTHERWISE) ARISING FROM THE TERMS AND CONDITIONS OR YOUR USE OF THE SERVICES EXCEED, IN THE AGGREGATE, THE LESSER OF (A) THE AMOUNT PAID BY YOU TO SCOIR FOR YOUR USE OF THE SERVICES AND (B) ONE HUNDRED U.S. DOLLARS.

Indemnification

You agree to indemnify and hold harmless Scoir, its directors, officers, shareholders, parents, subsidiaries, affiliates, agents, and licensors, from and against all losses, expenses, damages and costs, including reasonable attorneys’ fees, resulting from any violation by you of these Terms. We reserve the right to take over the exclusive defense of any claim for which we are entitled to indemnification under these Terms. In such event, you agree to provide us with such cooperation as is reasonably requested by us.

Amendments and Modifications

Scoir reserves the right to amend, from time to time, these Terms or our Policies. We reserve the right to determine the means and form of providing notice to you of any revisions to these Terms and Policies. By using the Services, you agree to electronically receive legal notices from us if we so choose.  Notwithstanding the foregoing, the current and most recent version of these Terms and Policies will always be posted on our website.  By continuing to access and use the Services after any such revised Terms or Policies become effective, you agree to accept the revised Terms and Policies.

General Terms

Assignment. These Terms, and any rights and licenses granted hereunder, may not be transferred or assigned by you, but may be assigned by Scoir without restriction. Any attempted transfer or assignment in violation hereof shall be null and void.

Entire Agreement. These Terms and our Policies, together, constitute the entire agreement between you and Scoir with respect to the Services and supersedes all prior or contemporaneous communications and proposals (whether oral, written, or electronic) between you and Scoir with respect to the Services.

Severability. In the event any section or portion of any section of these Terms shall be determined to be invalid or unenforceable for any reason, such invalidity of unenforceability shall not affect the validity and enforceability of the remaining valid and enforceable sections hereof, and the invalid or unenforceable section or portion shall be deemed amended only to the minimum extent necessary to make such section or portion enforceable and compatible with the remaining Terms and, if such portion cannot be so amended, these Terms will be construed as if such invalid or unenforceable section or portion had not been inserted.

No Waiver. No waiver of any portion of these Terms shall be deemed a further or continuing waiver of such term or any other term, and Scoir’s failure to assert any right or provision under these Terms shall not constitute a waiver of such right or provision.

Arbitration. In the event of any dispute that might arise between you and Scoir, you agree to first notify us and attempt to resolve the dispute with us reasonably and informally. If Scoir is unable to informally resolve your dispute to your full satisfaction, we each agree to resolve any remaining claim, dispute, or controversy (excluding claims for injunctive or other equitable relief) arising out of or in connection with or relating to these Terms by binding arbitration by the American Arbitration Association ("AAA") under the Commercial Arbitration Rules and Supplementary Procedures for Consumer Related Disputes then in effect for the AAA, except as provided herein. Unless you and Scoir agree otherwise, the arbitration will be conducted in the county where you reside. Each party will be responsible for paying any AAA filing, administrative and arbitrator fees in accordance with AAA rules. The award rendered by the arbitrator shall include costs of arbitration, reasonable attorneys' fees and reasonable costs for expert and other witnesses, and any judgment on the award rendered by the arbitrator may be entered in any court of competent jurisdiction. Nothing in this section shall prevent either party from seeking injunctive or other equitable relief from the courts for matters related to data security, intellectual property or unauthorized access to the Services. ALL CLAIMS MUST BE BROUGHT IN THE PARTIES' INDIVIDUAL CAPACITY, AND NOT AS A PLAINTIFF OR CLASS MEMBER IN ANY PURPORTED CLASS OR REPRESENTATIVE PROCEEDING, AND, UNLESS WE AGREE OTHERWISE, THE ARBITRATOR MAY NOT CONSOLIDATE MORE THAN ONE PERSON'S CLAIMS. YOU AGREE THAT, BY ENTERING INTO THESE TERMS, YOU AND SCOIR ARE EACH WAIVING THE RIGHT TO A TRIAL BY JURY AND THE RIGHT TO PARTICIPATE IN A CLASS ACTION. If you are under the age of 18, a parent or legal guardian must agree to this arbitration provision on your behalf where required by applicable law.

Governing Law. These Terms shall be governed by and construed in accordance with the laws of the State of Delaware without regard to its conflict of law principles. The parties hereto agree that any dispute arising out of or relating to these Terms shall be brought exclusively in the state or federal courts of competent jurisdiction located within the State of Delaware.

Last updated: January 11, 2026

Scoir, Inc. (“Scoir,” “we,” “us,” “our”) is committed to protecting the privacy of individuals who use our websites, applications, and related services (collectively, the “Services”). This Privacy Policy explains how we collect, use, disclose, and protect information about you and describes choices you may have. You should read this policy together with our Terms of Use and, if applicable, any agreement between Scoir and your school or other organization.

Scope and Roles

Accounts Provided by Schools or Other Organizations. Most student users access Scoir through an account created or administered by a high school or other educational organization (the “School Customer”). In these cases, the School Customer generally acts as the data controller (or “business,” depending on jurisdiction), and Scoir generally acts as a data processor (or “service provider/processor”), processing Personal Data on the School Customer’s behalf and under its instructions.

If you have questions about how your School Customer uses information in connection with Scoir, please contact your School Customer directly.

Accounts Created Directly With Scoir. If you create an account directly via our website (for example, certain student, parent/guardian, or other users), Scoir generally acts as the data controller for your Personal Data.

Definitions

“De-Identified Data” means information that cannot reasonably be used to infer information about, or otherwise be linked to, a particular individual, and that we maintain in de-identified form. De-Identified Data is not treated as Personal Data under many privacy laws.

“Personal Data” (or “personal information”) means information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked to an individual or household.

“Sensitive Personal Data” (or “Sensitive Personal Information”) means Personal Data that is subject to heightened protection requirements under applicable privacy laws. Depending on how it is collected and used, this may include:

• account login credentials and security information;
• student identification numbers or similar unique identifiers;
• precise date of birth;
• information derived from a user’s address or location that is used to estimate household, socioeconomic, or affordability characteristics (including household income estimates based on census or similar statistical data); and
• precise geolocation data, where collected.

Scoir processes Sensitive Personal Data only as reasonably necessary to provide the Services, support educational planning and guidance features, protect account security, prevent fraud and misuse, comply with legal obligations, and for other purposes permitted by applicable law. Scoir does not use Sensitive Personal Data for advertising or marketing purposes.

Information We Collect

We collect information in the following ways:

Information You Provide. When you create an account, we may collect your name, email address, user type (e.g., student, parent/guardian, counselor, teacher, admissions representative), affiliated organization (e.g., school or college). For student users, we may also collect a student identification number, graduation year, and date of birth (or other verification information) to confirm identity.

Depending on your role and how the Services are configured, you may provide:

• profile photo, home address, phone number;
• academic information (e.g., GPA, standardized test scores), extracurricular activities, notes, messages, documents and forms you upload or complete; and
• parent/guardian financial inputs used for cost estimates (where enabled).

You can choose not to provide certain optional information, but this may limit features.

Information Provided by Schools and Other Users. A School Customer or authorized user may provide information to create or manage your account (e.g., roster data), invite you to register, or support program administration.

Information from Connected Third-Party Services. If you (or your School Customer) connect third-party services (e.g., single sign-on via Google) or integrate partner tools, we may receive information from those services as permitted by your settings and their policies (e.g., name, email address, authentication tokens, and other integration data).

Device and Usage Information. When you access the Services, we automatically collect certain information such as IP address, device type, operating system, browser type, identifiers, pages viewed, features used, timestamps, and diagnostic logs. This helps us operate, secure, and improve the Services.

Cookies and Similar Technologies. We use cookies and similar technologies (e.g., pixels, local storage) to operate the Services, remember preferences, enable support tools, and understand usage. We may use tools such as analytics and customer support platforms to help us with these purposes.

We use cookies and similar technologies for strictly limited purposes, such as operating the Services, remembering preferences, providing customer support features, and performing non-advertising analytics. We do not use these technologies to engage in cross-context behavioral advertising, and we do not permit third parties to use information collected through our Services for their own advertising purposes.

You can control cookies through browser settings. Some features may not function properly if you disable cookies.

We do not respond to browser “Do Not Track” signals because no consistent industry standard exists; however, we honor applicable opt-out and limitation rights under state privacy laws as described below.

Universal Opt-Out Preference Signals. Where required by law (including Colorado and Maryland), Scoir will recognize and honor opt-out preference signals communicated through a universal opt-out mechanism (such as the Global Privacy Control) for applicable opt-out rights.

How We Use Personal Data

We use Personal Data to:

• Provide and operate the Services (account creation, authentication, requested features, communications and collaboration functions).
• Support users (respond to inquiries, troubleshoot issues, manage support tickets).
• Secure and protect the Services (fraud prevention, abuse monitoring, access controls, audit logging, security investigations).
• Improve and develop the Services (debugging, performance analysis, feature improvements, user experience enhancements).
• Communicate with you (service notices, operational updates, security alerts, feature announcements). Where required by law, we will obtain consent for marketing communications, and you can opt out at any time.

We limit the Personal Data we collect and process to what is reasonably necessary and proportionate to provide and maintain the Services and for the purposes described in this Privacy Policy.

Analytics, Insights, and Educational Guidance Features. To support college and career readiness functionality, Scoir may use analytics and statistical techniques to generate insights (e.g., trends, benchmarks, feature performance, and educational guidance features). We apply the following safeguards:

• No targeted advertising. We do not use Personal Data to deliver targeted advertising.
• No sale of Personal Data. We do not sell Personal Data.
• Educational-purpose orientation. When analytics are used to provide recommendations or insights, they are intended to support educational planning and the user experience within the Services.
• No solely automated “significant effect” decisions. Scoir does not use solely automated processing to make decisions that produce legal or similarly significant effects about a student (such as eligibility decisions) without appropriate human involvement and oversight where applicable.
• De-Identification for broader analysis. We may use De-Identified Data for research, benchmarking, reporting, and improving product performance and reliability.

Where a School Customer is the controller, Scoir processes data for analytics consistent with the School Customer’s instructions and applicable agreements. We do not process Personal Data to profile users in furtherance of decisions that produce legal or similarly significant effects, and we do not use Sensitive Personal Data for profiling except as strictly necessary to provide the Services requested.

How We Disclose Personal Data

We do not use Personal Data for advertising purposes and do not disclose Personal Data to third parties for their own advertising purposes. We may disclose Personal Data as follows:

Disclosures at Your Direction or at a School’s Direction. We disclose Personal Data among authorized users as needed to deliver the Services and as configured by your School Customer or you (e.g., sharing student information with counselors, teachers, or admissions personnel when you choose to share or when a School Customer enables certain workflows).

Service Providers. We use trusted vendors to perform services on our behalf (e.g., hosting, security, customer support tools, analytics, file upload tools). These vendors are permitted to process Personal Data only to provide services to Scoir and must comply with confidentiality, security, and contractual restrictions.

Legal, Safety, and Compliance. We may disclose Personal Data if we believe it is necessary to comply with law, protect rights and safety, investigate fraud or security incidents, or enforce our agreements.

Business Transfers. If Scoir is involved in a merger, acquisition, financing, reorganization, bankruptcy, or sale of assets, information may be transferred as part of that transaction. We will require appropriate confidentiality and privacy protections consistent with this Policy.

Children and Student Privacy

Children Under 13 (COPPA). Children under 13 may use the Services only if their account is created and administered by a School Customer (or with verifiable parental consent where applicable). We do not knowingly collect Personal Data from children under 13 through direct-to-consumer registration flows intended for the general public. Parents/guardians who believe we may have collected Personal Data from a child under 13 outside of appropriate consent channels may contact us at privacy@scoir.com.

Student Education Records (FERPA Context). Where Scoir processes student information on behalf of a School Customer, Scoir acts as a “school official” under the School Customer’s direction and contractual requirements, which may include FERPA-aligned protections. For school-managed accounts, privacy requests may need to be directed to the School Customer.

Data Security

We maintain administrative, technical, and physical safeguards designed to protect Personal Data. No system is 100% secure; you should use a strong password and protect your account credentials. If you believe your account has been compromised, contact us at privacy@scoir.com.

International Data Transfers

Scoir is based in the United States and stores and processes information in the U.S. If you access the Services from outside the U.S., your information may be transferred to and processed in the U.S., where privacy laws may differ. Additional details for EEA/UK users appear in the GDPR Annex below.

Data Retention

We retain Personal Data as long as reasonably necessary to:

• provide the Services;
• maintain business records;
• comply with legal obligations;
• resolve disputes;
• enforce agreements; and
• protect against fraud and abuse.

For School Customer-managed accounts, retention is governed by our agreement with the School Customer and their instructions, subject to applicable law. We may retain certain limited data after account closure for security, compliance, and fraud prevention. We may also retain or convert data to De-Identified Data. Retention periods may vary based on account type (school-managed vs direct-to-consumer), legal requirements, and security/fraud prevention needs.

Your Privacy Rights and Choices

Depending on where you live and whether your account is school-managed or direct-to-consumer, you may have rights such as access, correction, deletion, and portability. Some rights may be limited where:

• we are required to keep information for legal reasons;
• keeping information is necessary for security or fraud prevention; or
• the request would adversely affect others.

How to Exercise Your Rights. Email privacy@scoir.com with the subject line “Privacy Request.” To protect your account, we may verify your identity and/or authority to make the request. If you have a school-managed account, we may direct you to your School Customer or coordinate with them.

Appeals. If we decline to take action on your request, you may appeal our decision by emailing privacy@scoir.com with the subject line “Privacy Appeal.” We will respond to your appeal within the timeframe required by applicable law. If your appeal is denied, we will provide you with information on how to submit a complaint to your state Attorney General or other regulator, where applicable.

Updates to This Policy

We may update this Privacy Policy from time to time. If changes are material, we will provide notice as required by law (for example via email or within the Services). Your continued use of the Services after the effective date means you accept the updated Policy.

Contact Us

Company: Scoir, Inc. (Delaware)

Email: privacy@scoir.com

Address: Attn: Privacy Officer, 1887 Whitney Mesa Dr PMB 1138, Henderson, NV 89014 U.S.A.

California Privacy Notice (CPRA)

This section applies only to California residents to the extent Scoir is acting as a “business” under the California Consumer Privacy Act, as amended by the California Privacy Rights Act (“CPRA”). This Addendum does not apply where Scoir is acting as a “service provider/processor” on behalf of a School Customer and the School Customer controls the Personal Data.

A. Categories of Personal Information Collected

In the past 12 months, Scoir may have collected the following categories (depending on your use and account type):

1. Identifiers (name, email, contact information, IP address, online identifiers)
2. Customer records information (account credentials; graduation year; school name)
3. Characteristics / demographic information (e.g., birthdate)
4. Internet or network activity (usage data, log data, pages/features used)
5. Geolocation data (approximate location derived from IP address)
6. Audio/visual (profile photo, where provided)
7. Education information (academic information; activities; documents and forms you upload/complete)
8. Inferences (limited inferences about preferences or likely feature usage based on activity, used to improve user experience within the Services)

B. Use and Limitation of Sensitive Personal Information

Scoir collects and uses Sensitive Personal Information solely for purposes that are reasonably necessary to provide the Services requested by users or their educational institutions, including:

• account creation, authentication, and security;
• educational planning, affordability estimation, and student guidance features;
• fraud prevention, system integrity, and safety; and
• compliance with legal obligations.

Scoir does not use Sensitive Personal Information for targeted advertising, cross-context behavioral advertising, or to sell or share such information as those terms are defined under California law.

Right to Limit. California residents have the right to request that a business limit its use and disclosure of Sensitive Personal Information to the purposes permitted by the CPRA. Because Scoir uses and discloses Sensitive Personal Information only for the purposes described above, which are purposes permitted by the CPRA, Scoir does not use or disclose Sensitive Personal Information for additional purposes that would require offering a separate “Limit the Use of My Sensitive Personal Information” link.

If you nonetheless wish to submit a request to limit the use or disclosure of your Sensitive Personal Information, you may do so by contacting us at privacy@scoir.com, and we will evaluate and respond to the request in accordance with applicable law.

C. Sources of Personal Information

We collect Personal Information from:

• you directly;
• your School Customer (for school-managed accounts) and other authorized users;
• integrated third-party services you choose to connect; and
• your devices and browsers via cookies and similar technologies.

D. Purposes for Collection and Use

We collect and use Personal Information for the purposes described in Section 3, including providing the Services, support, security, and improvements. When using the Services, a student may opt-in to share certain Personal Information with specific colleges that the student identifies. Scoir may disclose the student’s basic contact information (e.g., name, email, name of school, graduation year) to those colleges so the colleges can provide additional information to assist the student in making a more informed application decision. Scoir discloses this information only when the student takes affirmative action to request or enable the disclosure and only to the specific college(s) selected by the student. This disclosure is initiated by the student and is not a sale or sharing of Personal Information under California law, even where the college maintains a paid subscription to Scoir’s services.

E. Disclosures of Personal Information

In the past 12 months, we may have disclosed the categories of Personal Information listed above to:

• service providers/processors (e.g., hosting, security, support, analytics, file upload tools);
• other users within the Services at your direction or per School Customer configuration;
• authorities or other parties for legal and security reasons; and
• entities involved in a business transfer.

F. Sale and Sharing of Personal Information

Scoir does not:

• sell Personal Information; and
• share Personal Information for cross-context behavioral advertising (as those terms are defined under California law).

We also do not knowingly sell or share the Personal Information of consumers under 16 years of age, as those terms are defined under California law. This does not prohibit a student from choosing to share their information with a college, university, or other educational institution at the student’s request and for the student’s benefit.

G. Retention of Personal Information

We retain Personal Information as described above, based on factors such as account lifecycle, contractual obligations, legal requirements, and security needs.

H. California Privacy Rights

Subject to certain exceptions, California residents may have the right to:

• Know/Access: request information about our collection, use, and disclosure of Personal Information and request access to specific pieces of Personal Information.
• Delete: request deletion of Personal Information.
• Correct: request correction of inaccurate Personal Information.
• Opt-Out of Sale/Sharing: Scoir does not sell Personal Information or share it for cross-context behavioral advertising.
• Limit Use/Disclosure of Sensitive Personal Information: Scoir uses Sensitive Personal Information only as permitted to provide the Services and for security/compliance; you may still contact us with a limitation request.
• Non-Discrimination: you will not be discriminated against for exercising CPRA rights.

How to Submit a California Privacy Request. Email privacy@scoir.com with “California Privacy Request” in the subject line. We will verify your request using information associated with your account. Authorized agents may submit requests on your behalf where permitted by law, subject to verification of authority.

Additional U.S. State Privacy Rights

Depending on where you live and subject to certain exceptions, you may have the right to: (a) confirm whether we process your Personal Data and access it; (b) correct inaccuracies; (c) delete Personal Data; (d) obtain a copy of certain Personal Data in a portable format; and (e) opt out of certain processing, including targeted advertising, the sale of Personal Data, and profiling in furtherance of decisions that produce legal or similarly significant effects. To exercise these rights, email privacy@scoir.com with the subject line “Privacy Request.” You may also appeal a denied request as described above.

GDPR Annex for EEA and UK Users

This Annex applies to individuals located in the European Economic Area (“EEA”) or the United Kingdom (“UK”) who use the Services in a context where Scoir is a controller (for example, direct-to-consumer accounts). Where your account is provided by a School Customer, the School Customer is typically the controller and Scoir is the processor; you should direct many privacy requests to your School Customer.

1. Data Controller and Contact Information

Controller: Scoir, Inc.

Contact: privacy@scoir.com

EU/UK Representative / DPO: Scoir has not appointed an EU/UK representative or DPO where not required by law.

2. Legal Bases for Processing

We process Personal Data under one or more of the following bases (as applicable):

• Contract: to provide the Services you request.
• Legitimate interests: to secure, maintain, and improve the Services, prevent fraud, and support users (balanced against your rights).
• Consent: for certain optional features or communications where required.
• Legal obligations: to comply with applicable laws.

3. Your Rights Under GDPR

You may have the right to:

• access, rectification, erasure;
• restriction, objection;
• data portability;
• withdraw consent (where processing is based on consent); and
• lodge a complaint with your local supervisory authority.

To exercise rights, contact privacy@scoir.com. We may need to verify your identity.

4. International Data Transfers

Scoir stores and processes data in the United States. Where GDPR applies, we rely on appropriate safeguards for international transfers, such as Standard Contractual Clauses (and, where applicable, supplementary measures).

5. Data Retention

We retain Personal Data as described above, using account lifecycle and necessity criteria.

6. Automated Decision-Making

Scoir does not use solely automated decision-making that produces legal or similarly significant effects on individuals without appropriate safeguards where applicable.

Last updated: January 11, 2026

This Acceptable Use Policy (“AUP”) describes permitted and prohibited uses of the websites, applications, and related services (the “Services”) of Scoir, Inc. ("Scoir”). This AUP applies to all users and should be read together with Scoir’s Terms of Use and Privacy Policy.

Scoir’s Services are designed to support college and career exploration, planning, and related educational activities. Users are expected to use the Services responsibly, lawfully, and in a manner consistent with their intended educational purpose.

General Principles

• The Services are not public forums.
• Information entered into the Services is intended for personal use or for sharing only with specific, authorized recipients as enabled by the Services.
• Users are responsible for all activity that occurs under their accounts.
• Scoir may suspend or terminate access to the Services if a user violates this AUP, the Terms of Use, or applicable law.

Prohibited Content and Information Use

You may not use the Services to upload, submit, transmit, or store any information or materials that:

• are unlawful, fraudulent, deceptive, or misleading;
• are defamatory, threatening, harassing, hateful, or abusive;
• depict or promote violence, self-harm, or illegal activity;
• are sexually explicit, pornographic, or exploitative;
• infringe or misappropriate the intellectual property or other rights of any person or entity;
• invade another person’s privacy or disclose another person’s personal information without authorization; or
• contain malicious code, malware, or other harmful components.

Prohibited Activities

You may not:

• access or attempt to access non-public areas of the Services, Scoir’s systems, or the systems of Scoir’s service providers without authorization;
• probe, scan, or test the vulnerability of any system or network or attempt to bypass security or authentication measures;
• scrape, harvest, download, or extract data from the Services except as expressly permitted by Scoir;
• reverse engineer, decompile, or attempt to derive source code from the Services;
• interfere with or disrupt the operation of the Services or any user’s access to them;
• impersonate another person or entity or misrepresent your affiliation;
• use the Services to send unsolicited communications or for unauthorized commercial purposes;
• use information obtained through the Services for purposes unrelated to educational planning or authorized institutional use;
• share your account credentials or allow others to access your account; or
• encourage or assist any other person to engage in conduct that violates this AUP.

Account Responsibility

You are responsible for maintaining the confidentiality of your account credentials and for all activities that occur under your account. You must promptly notify Scoir of any suspected unauthorized access or security incident involving your account.

Enforcement

Scoir reserves the right to investigate suspected violations of this AUP and to take appropriate action, which may include restricting access, suspending or terminating accounts, or cooperating with law enforcement, consistent with applicable law and our Privacy Policy. Enforcement actions are taken in accordance with Scoir’s Terms of Use and Privacy Policy.

Last updated: January 11, 2026

Scoir, Inc. (“Scoir”) respects the intellectual property rights of others and expects users of our products and services (the “Services”) to do the same. This Copyright Policy explains how Scoir addresses claims of copyright infringement in connection with content stored or processed through the Services. This Copyright Policy should be read together with Scoir’s Terms of Use and Privacy Policy.

Scope of This Policy

Scoir’s Services may allow users to upload, submit, or store documents, information, or other materials for personal use or for sharing with specific schools, colleges, or other authorized recipients at the user’s direction. Content uploaded to Scoir is not publicly displayed and is accessible only to the user and authorized parties as configured within the Services.

Reporting Copyright Infringement (DMCA Notice)

If you believe that copyrighted material has been uploaded to or made available through the Services in a way that infringes your copyright, you may submit a notice of alleged infringement in accordance with the Digital Millennium Copyright Act (“DMCA”), 17 U.S.C. § 512.

Your notice must include the following information:

1. Identification of the copyrighted work claimed to have been infringed, or a representative list if multiple works are involved.
2. Identification of the material claimed to be infringing and sufficient information to allow Scoir to locate the material within the Services.
3. Your name, mailing address, telephone number, and email address.
4. A statement that you have a good faith belief that the use of the material is not authorized by the copyright owner, its agent, or the law.
5. A statement, made under penalty of perjury, that the information in the notice is accurate and that you are the copyright owner or authorized to act on the owner’s behalf.
6. Your physical or electronic signature.

Notices should be sent to Scoir’s Designated Copyright Agent:

• Email: copyright@scoir.com
• Mail: Scoir, Inc. Attn: Copyright Agent 1887 Whitney Mesa Dr PMB 1138 Henderson, NV 89014 USA

Scoir’s Response to Notices

Upon receipt of a valid DMCA notice, Scoir will take appropriate action in accordance with applicable law, which may include removing or disabling access to the identified material. Scoir may notify the user who uploaded or submitted the material that a copyright claim has been received, consistent with applicable law and our Privacy Policy.

Counter-Notices

If you believe that material you submitted was removed or disabled as a result of mistake or misidentification, you may submit a counter-notice as permitted under the DMCA. A counter-notice must include:

1. Your name, address, and telephone number.
2. Identification of the material that was removed or disabled and sufficient information to locate it.
3. A statement under penalty of perjury that you have a good faith belief that the material was removed or disabled as a result of mistake or misidentification.
4. A statement consenting to the jurisdiction of the U.S. federal district court for the district in which your address is located (or, if outside the United States, a district where Scoir may be found) and that you will accept service of process from the person who submitted the original notice.
5. Your physical or electronic signature.

Counter-notices should be sent to copyright@scoir.com.

Repeat Infringement

In appropriate circumstances and at Scoir’s discretion, Scoir may suspend or terminate accounts of users who repeatedly submit infringing material.

Accuracy of Notices

Please ensure that all information provided in a DMCA notice or counter-notice is accurate. Under 17 U.S.C. § 512(f), any person who knowingly materially misrepresents that material is infringing or was removed or disabled by mistake may be subject to liability

Last updated: January 11, 2026

To support the delivery of our services, Scoir may engage and use third-party data processors (each, a "Subprocessor") that have or potentially will have access to, or which might process, certain customer data. We carefully evaluate the security, privacy, and confidentiality practices of all proposed subprocessors in our vendor selection process. This page provides important information about the identity, location and role of each of our Subprocessor.

Scoir is committed to providing digital experiences that are accessible to the widest possible audience, regardless of technology or ability.

Our websites strive to conform to level AA of the World Wide Web Consortium (W3C) Web Content Accessibility Guidelines 2.1. These guidelines explain how to make web content more accessible for people with disabilities. Conformance with these guidelines will help make our websites more user friendly for all people.

We are continually working to ensure that all areas of our websites meet these guidelines. In the meantime, should you experience any difficulty in accessing our pages please don't hesitate to contact us at accessibility@scoir.com