Scoir is extremely committed to the privacy of our users and the protection of their data, which is why we are a proud signatory to the Student Data Privacy Pledge. This policy explains the ways we protect, use, and share the information we collect about our users.
This policy applies across all websites that we own and operate and all features and functionality we provide thereon, including our online and mobile products, and any other apps or services we may offer, such as online training. For the purpose of this policy, we refer to them collectively as our “Services”.
When we refer to “Personal Data” we mean (i) personally identifiable information that specifically identifies you as an individual, such as your name, email, address, birthdate, identification numbers, and the names of high schools or colleges that you attend or to which you apply; (ii) information about the use of our Service and the characteristics and activities of users of the Services, from which any personal information has been removed; and (iii) and information that has been aggregated and anonymized so as to prevent association with any personally identifiable information.
We may need to update this policy from time to time. Updates may include any combination of modifications, deletions, and additions to these terms and conditions. We will endeavor to notify you by email of any material changes, but we will not be liable for any failure to do so. If any future change to this policy is unacceptable to you or causes you to no longer be in compliance with this policy, you must terminate and immediately stop using the Services. Your continued use of the Services following any revision to this policy constitutes your acceptance of any and all such changes.
Last updated: May 29, 2018
You can click on any of the following header links to jump to the relevant section:
Who We Are
References to “we” or “our” or “us” mean SCOIR, Inc., a Delaware corporation (file number 5291550). Our headquarters is located in West Chester, Pennsylvania but we have other offices in other locations across the United States of America.
We provide an easy-to-use college and career readiness platform for students and educational institutions. If you want to find out more about who we are, check out our About Us page.
Our Services are intended for both personal use and use by organizations, which means we serve different roles as they relate to European Union data protection policies. Where the Services are made available to you through an organization (e.g., your school), that organization is the controller of your Personal Data and we act on behalf of that organization as the processor of your Personal Data. When you create a user account independent of any organization, we act as a controller in relation to your Personal Data.
Our Principles of Data Protection
Our approach to data protection is built around four key principles. They’re at the heart of everything we do relating to Personal Data.
- Transparency: We take a human approach to how we process Personal Data by being open, honest and transparent.
- Enablement: We enable connections and efficient use of Personal Data to empower productivity, growth, and opportunity.
- Security: We champion industry leading approaches to securing the Personal Data entrusted to us.
- Stewardship: We accept the responsibility that comes with processing Personal Data.
How We Collect Personal Data
When you visit our websites, join us on social media, participate in online events, or contact us with questions or request support, we collect Personal Data about you so that we know who you are and can tailor our Services accordingly. We categorize the ways we collect data as follows:
Account holder information: When you create an account on our website to use our Services, we ask you to select your user type (i.e., student, parent, counselor, teacher, admissions rep) and related organization (i.e., high school or college), and to provide us with your full name, email address, and password. If you are a student user, we might also ask you to provide a student identification number, registration code, and birthdate in order to confirm your identity.
Information you provide to us directly: When you use our Services, you have the option of adding a profile photo, mailing address, and phone number to your profile information. You also have the option of adding notes, uploading or completing documents and forms, setting preferences, and sending and receiving messages. If you are a student user, you have the option to expand your profile with your graduation year, academic information (e.g., GPA, standardized test scores), and other personal details (e.g., extracurricular activities). If you are a parent user, you have the option of adding financial information about your family so you can calculate the estimate cost of attendance of different colleges. If you are a counselor or admissions rep, you might provide information about your educational organization, technology systems, and professional contacts. You do not have to provide us with such information if you do not want to, but it might preclude you from accessing or utilizing certain features of the Services.
Information provided by other users of the Services: Other users may provide information about you when they create an account in order to invite you to the Services or for recordkeeping. For example, in instances where the Services are made available to you through an educational organization, an administrator might create user accounts for students, parents, and teachers associated with their educational organization and invite you to register your account and use the Services. Information provided by educational organizations to create user accounts may contain some or all of the Personal Data listed above.
Device and Connection Information: We automatically collect some Personal Data about you when you visit our websites or use our Services, like your IP address, device type, operating system, and browser type. We also collect Personal Data when you navigate through our websites and Services, including what pages you looked at, what links you clicked on, and when you used our Services. How much of this information we collect depends on the type and settings of the device you use to access the Services. This Personal Data helps us get a better understanding of how you’re using our Services so that we can continue to provide the best experience possible, such as by personalizing the content you see.
- ZenDesk enables us to identify you when you create a support ticket, access our help center, or engage with us via live chat.
- HubSpot enables us to personalize your experience and communications with us.
- Filepicker.io enables you to more easily upload documents for use within our Services.
- Facebook, LinkedIn, Twitter, and Instagram are mediums through which we engage with users and measure the effectiveness of Services, communications, and campaigns.
If you would prefer not to accept cookies, most browsers will allow you to: (i) change your browser settings to notify you when you receive a cookie, which lets you choose whether or not to accept it; (ii) disable existing cookies; or (iii) set your browser to automatically reject cookies. You can find out more about how Google uses your data at http://www.google.com/analytics and you may opt-out of Google Analytics tracking by visiting https://tools.google.com/dlpage/gaoptout. Please note that doing so may negatively impact your experience using the Services, as some features and services on our Services may not work properly. Depending on your mobile device and operating system, you may not be able to delete or block all cookies. You may also set your email options to prevent the automatic downloading of images that may contain technologies that would allow us to know whether you have opened our email and clicked certain links contained in it.
Although we do our best to honor your privacy preferences, we are unable to respond to web browsers' "do not track" signals, which provide a method to opt-out of the collection of information about a user’s browsing activity, because no “do not track” standard has been adopted.
How We Use Personal Data
We only use information we collect about you for lawful and legitimate business purposes. First and foremost, we use your Personal Data to register your account and to provide you with the Services. We also may use your Personal Data:
To communicate with you. This may include:
- providing you with information you’ve requested from us (like training or education materials) or information related to the Services you are utilizing;
- operational communications, like updates to our websites and Services, security updates, or assistance with using our Services;
- marketing notices about us and product features we think you might be interested in, in accordance with your marketing preferences; and
- solicitations for your feedback or to take part in any research that we might be conducting.
To support you: This may include assisting with the resolution of technical support issues or other issues relating to the websites or Services, whether by email, in-app support or otherwise.
To improve and expand our Services: This may include tracking and monitoring your use of our website and Services so we can improve navigation, or by carrying out technical analysis of our websites and Services so that we can optimize your user experience and provide you with more efficient tools.
To protect our systems, users, and data: This may include tracking and monitoring to detect and prevent any fraudulent or malicious activity, and make sure that everyone is using our websites and Services appropriately and in accordance with our Terms of Service.
To analyze, aggregate, and report: We may use the Personal Data we collect about you and other users of our Services to produce aggregated and anonymized analytics and reports.
How We Share Personal Data
We do not use Personal Data for marketing or advertising purposes and we will never share, rent, or disclose Personal Data to third parties for marketing or advertising purposes. We may share Personal Data in the following limited circumstances.
When you, or your sponsoring educational institution, request us to: We share Personal Data among users as needed to perform the Services and/or at the direction of the educational organization administering your account. For example, if you are a student user, your Personal Data may be shared between and among authorized school counselors or, when you request a letter of recommendation, with an authorized teacher, or, when you apply for admission to a college or university, with authorized admissions personnel of such college or university. This sharing will depend on the settings and functionality selected by the educational organization administering your account.
With third-party service providers pursuant to confidentiality provisions: We may share Personal Data with trusted third-party service providers who perform technology services on our behalf, such as integrated third-party application providers and web hosting service providers, but strictly for the purpose of performing their services for us. Contractors and service providers who may have access to Personal Data in the course of performing their services are subject to confidentiality and data security requirements.
When required by law or to enforce our terms of service: We may be required to share Personal Data with law enforcement or other third parties when compelled to do so by court order or other legal process, to comply with statutes or regulations, to enforce our Terms of Service, or if we believe in good faith that the disclosure is necessary to protect the rights, property or personal safety of our users.
When anonymized to render it non-personally identifiable: We may share Personal Data in an aggregated and anonymized form that does not reasonably identify any individual. For example, we may use and share aggregate or anonymized data to study and improve our Services, user functionality, and product offerings.
In the event of a change of control: If we sell, divest or transfer our business, we will not transfer your Personal Data unless the new owner intends to maintain and provide the Services as a going concern, and provided that the new owner has agreed to data privacy standards no less stringent than our own. In such case we will provide you with notice and an opportunity to opt-out of the transfer of personally identifiable information.
Our Policy Toward Children
We understand the importance of protecting children’s privacy, especially in an online environment. Our website and Services are not designed for or directed at children, and children under the age of 13 are not permitted to use the Services. We do not knowingly collect personally identifiable information from children under the age of 13 or, for citizens of countries within the European Union, children under the age of 16 without parental consent. If we become aware that we have unknowingly collected personally identifiable information from a child contrary to this policy, we will make commercially reasonable efforts to delete such information from our database. If a parent or guardian becomes aware that his or her child has provided us with personal information without her/his consent, she/he should contact us at firstname.lastname@example.org.
We are very concerned about safeguarding the confidentiality of your Personal Data. We employ multiple layers of physical, technological, and administrative measures designed to protect your Personal Data from unauthorized access. However, despite our efforts we cannot guarantee unauthorized personnel will not gain access to your Personal Data. You should note that in using the Services, your Personal Data will travel through third party infrastructures that may not be under our direct control. If you receive an email asking you to update your personal information, do not reply and please contact us at email@example.com.
International Data Transfers (for non-US citizens)
We primarily store Personal Data on servers located and operated within the United States of America. If you use the Services outside of the United States of America, we may transfer and store your Personal Data from the country where you are located to the United States of America. Therefore, our collection and use of your Personal Data is subject to U.S. laws related to privacy and use of personal data and information. These laws are different and may be less protective than those applicable to you in your country of residence. By accepting the terms of this policy, you acknowledge, agree and consent to (i) the transfer to and processing of Personal Data on servers located outside of the country where you reside; (ii) our collection and use of your Personal Data as described herein and in accordance with the laws of the United States of America; and (iii) that you may be taking a risk by using the Services.
Changing or Deleting Your Personal Data
If you require assistance with deleting your account, please contact us at firstname.lastname@example.org.
The length of time we keep your Personal Data depends on what it is. We’ll retain, in accordance with generally accepted data retention policies and best practices, your Personal Data for as long as we have a relationship with you and for a period of time afterwards where we have a legitimate, ongoing business need to retain it. Following that period, we’ll make sure it’s deleted or anonymized.
Data Breach Notification
In the event that our systems become comprised and our user’s Personal Data is access by any unauthorized person or entity, we will notify affected users and/or relevant authorities and organization of such breach within 72 hours of our discovery of the incident. Where we act as a processor of your Personal Data on behalf of an educational institution, such notice will be provided to your educational institution.
You have certain rights with how your Personal Data is processed which are described below. In some circumstances, we may not be able to fully comply with your requests, or we may ask you to provide us with additional information in connection with your request, which may be Personal Data, for example, if we need to verify your identity or the nature of your request. In such situations, however, we will still respond to let you know of our decision.
Right of Information: You have the right to know how your data is being processed.
Right of Access: You have the right to access and request copies of your data that’s being collected.
Right of Rectification: You have the right to modify or update your Personal Data if incorrect data is being used.
Right to Erasure: You have the right to delete any Personal Data that has been collected.
Right to Restriction: You have the right to prevent a company from processing certain types of Personal Data.
Right to Data Portability: You have the right to access your Personal Data and transfer it between controllers.
Right to Object: You have the right to withdraw consent to the processing of your data for public interest, marketing or research.
Right to Reject Automated Decisions: You have the right to object to your data being processed by automatic systems.
6/12/17: Refined language clarifying that we do not share information with any third-parties, nor do we present any paid advertisements; Specified our notification process when changes are made to this policy.