Privacy Policy

College Solutions LLC Privacy Policy

Please read this Privacy Policy (“Privacy Policy”) carefully. It explains how information may be collected, used, and disclosed by College Solutions LLC dba CollegeMapper (“CollegeMapper” or “our,” “we,” or “us”) with respect to your (“user,” “you,” or “your”) access and use of CollegeMapper’s site (located at www.CollegeMapper.com) (“Site”), CollegeMapper’s mobile application (“app”), and other services provided by CollegeMapper (“Services”). 

Acknowledging changing privacy requirements, we reserve the right to change or modify this Privacy Policy from time to time and may notify you directly as may be reasonable or permitted, and/or by prominently posting notice of the changes on the Site or through the app. By creating an account with us, using the Site, app, or Services, or submitting any information including personal information to us such as your name, email address, and other non-public information, you agree to be subject to the most current version of this Privacy Policy posted on the Site at the time of your use. We recommend that you check our Site from time to time to inform yourself of any changes in this Privacy Policy or any of our other policies or terms. 

What Is Personal Information?

“Personal Information” means information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular natural human person or household. Personal Information does not include “aggregate” information, which is data we collect about the use of the Services. Our Privacy Policy does not restrict or limit our collection and use of aggregate information, including aggregate user statistics, demographic information, and other data that does not include Personal Information or from which you cannot be identified. 

What Personal Information Do We Collect?

We may collect and use the following categories of Personal Information: 

• Identifiers (e.g., a real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, social security number, driver’s license number, passport number, or other similar identifiers) 
• Information that identifies, relates to, describes, or is capable of being associated with, a particular individual, including, but not limited to, name, signature, social security number, physical characteristics or description, address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information. 
• Commercial information (e.g., records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies) 
• Biometric information 
• Internet or other electronic network activity information (e.g., browsing history, search history, and information regarding a consumer’s interaction with an Internet Web site, application, or advertisement) 
• Geolocation data 
• Audio, electronic, visual, thermal, olfactory, or similar information 
• Professional or employment-related information

You can choose not to provide certain information, but it may delay or prevent us from providing Services to you.

How Do We Collect Information?

We collect most information directly from you—in person, by telephone, text, or email and/or via our Services. However, we may also collect information:

• From publicly accessible sources (e.g., public records);
• Directly from a third party (e.g., sanctions screening providers, credit reporting agencies, or customer due diligence providers);
• From a third party with your consent (e.g., your bank);
• From cookies on our Site; and
• Via our IT systems, including phone logs; automated monitoring of our Services and other technical systems, such as our computer networks and connections, communications systems, email, and instant messaging systems; and other relevant systems.

We treat this information as Personal Information if we combine it with or link it to any identifying information mentioned above. Otherwise, it is used in the aggregate only.

CollegeMapper may allow users to send messages to each other. These messages may be stored for retrieval at later times in order to facilitate user communication.

CollegeMapper may permit users to make transactions. Data will be securely stored when a transaction is made, including the date and type of purchase made.

Even after you remove information from your profile or delete your account, copies of that information may remain viewable elsewhere to the extent it has been shared with others, it was otherwise distributed pursuant to your privacy settings, or it was copied or stored by other users.

How Do We Use the Personal Information We Collect?

In compliance with privacy laws, we only use your Personal Information if we have a proper reason for doing so, e.g.:

• To comply with our legal and regulatory obligations;
• For the performance of our contract with you or to take steps at your request before entering into a contract;
• For our legitimate interests or those of a third party; or
• Where you have given consent.

A legitimate interest is when we have a business or commercial reason to use your information, so long as this is not overridden by your own rights and interests.

The table below explains our uses of Personal Information and the corresponding reason(s):

Uses of Personal Information	Reasons
To provide Services to you	For the performance of our contract with you or to take steps at your request before entering into a contract
To prevent and detect fraud or abuse	For our legitimate interests or those of a third party, i.e. to minimize fraud that could be damaging for us, a third party or for you
Conducting checks to identify our customers and verify their identityOther processing necessary to comply with professional, legal, and regulatory obligations that apply to our business, e.g. under health and safety regulation or rules issued by our professional regulator	To comply with our legal and regulatory obligations
Gathering and providing information required by or relating to audits, inquiries, or investigations by regulatory entities	To comply with our legal and regulatory obligations
Ensuring business policies are followed, e.g. policies covering security and internet use	For our legitimate interests or those of a third party, i.e. to make sure we are following our own internal procedures so we can improve our Services
Operational reasons, such as improving efficiency, training, and quality control	For our legitimate interests or those of a third party, i.e. to be as efficient as we can so we can improve our Services
Ensuring the confidentiality of commercially sensitive information	For our legitimate interests or those of a third party, i.e. to protect trade secrets and other commercially valuable informationTo comply with our legal and regulatory obligations
Statistical analysis to help us manage our business, e.g. in relation to our financial performance, customer base, product or service range, or other efficiency measures	For our legitimate interests or those of a third party, i.e. to be as efficient as we can so we can improve our Services
Preventing unauthorized access and modifications to our systems	For our legitimate interests or those of a third party, i.e. to prevent and detect criminal activity that could be damaging for us and for youTo comply with our legal and regulatory obligations
Updating and enhancing customer records	For the performance of our contract with you or to take steps at your request before entering into a contractTo comply with our legal and regulatory obligationsFor our legitimate interests or those of a third party, e.g. making sure that we can keep in touch with our customers about existing orders and new products
Ensuring safe working practices, staff administration, and assessments, and to enforce our policies and terms	To comply with our legal and regulatory obligationsFor our legitimate interests or those of a third party, e.g. to make sure we are following our own internal procedures and working efficiently so we can deliver the best service to you
Marketing our Services and those of selected third parties to:existing and former customers;third parties who have previously expressed an interest in our Services;third parties with whom we have had no previous dealings.	For our legitimate interests or those of a third party, i.e. to promote our business to existing and former customers
Credit reference checks via external credit reference agencies	For our legitimate interests or those of a third party, i.e. to ensure our customers are likely to be able to pay for our Services
External audits and quality checks, e.g. security accreditation and the audit of our accounts	For our legitimate interests or a those of a third party, i.e. to maintain our accreditations so we can demonstrate we operate at the highest standardsTo comply with our legal and regulatory obligations

We also may use such to perform functions as otherwise described to you at the time of collection.

Do We Share Personal Information With Third Parties?

We want you to understand when and with whom we may share personal or other information we have collected about you or your activities on our Site or while using our Services. We routinely share Personal Information with:

• Our affiliates and business partners;
• Our service providers and those with whom we’ve contracted in connection with our Services, such as payment service providers, marketing agencies, and website hosts;
• Third parties approved by you, including social media sites you choose to link to your account or third-party payment providers;
• Credit reporting agencies;
• Our insurers and brokers; and
• Our financial and legal institutions.

We may disclose and exchange information with law enforcement agencies and regulatory bodies to comply with our legal and regulatory obligations, to establish or exercise our legal rights; to defend against legal claims; or as otherwise required by law. In such cases, we may raise or waive any legal objection or right available to us, in our sole discretion. We may disclose and exchange information connection with a substantial corporate transaction, such as the sale of our business, a divestiture, merger, consolidation, or asset sale, or in the unlikely event of bankruptcy

We do not sell your Personal Information to third parties  .

Any third parties to whom we may disclose Personal Information may have their own privacy policies which describe how they use and disclose Personal Information. Those policies will govern use, handling, and disclosure of your Personal Information once we have shared it with those third parties as described in this Privacy Policy. If you want to learn more about their privacy practices, we encourage you to visit the websites of those third parties. These entities or their servers may be located either inside or outside the United States.

We may share aggregated and non-personal information we collect under any of the above circumstances. We may also share it with third parties to develop and deliver targeted advertising on the Site and on websites of third parties. We may combine non-personal information we collect with additional non-personal information collected from other sources. We also may share aggregated information with third parties, including advisors, advertisers, and investors, for the purpose of conducting general business analysis. For example, we may tell our advertisers the number of visitors to our website and the most popular features or services accessed. This information does not contain any personal information and may be used to develop website content and services that we hope you and other users will find of interest and to target content and advertising.

Cookies

Cookies are small data files stored on your hard drive or in device memory that helps improve your experience. We use industry standard technologies to collect non-personal identifiable information, and this may include sending cookies to your computer or mobile device. We may also collect information using web beacons (also known as “tracking pixels”). Web beacons are electronic images that may be used in connection with the Website or emails and help deliver cookies, count visits, understand usage and campaign effectiveness and determine whether an email has been opened and acted upon. For more information about cookies, and how to disable them, please see the “Your Control” section, below.

Commercial Messages

By providing your email address to us, you affirmatively and expressly consent to receiving commercial emails from us and from our third party providers and affiliates. These parties may send you commercial emails in order to deliver information about the Site, information about developments relevant to our services, special offers, and other information, including but not limited to updates to the Site. You may unsubscribe from these commercial messages at any time by clicking on the “unsubscribe” link included in any email or by contacting us via email at info@collegemapper.com or at the mailing address provided below. Opting out of commercial messages does not affect our communications with you via telephone or email related to any business we may have with you or other transactional emails.

Information Collected from Children

The Site is not directed to, nor do we knowingly collect Personal Information from, children under the age of 13. If you become aware that your child or any child under your care has provided us with information without your consent, please contact us as indicated below.

Your Control

You can choose not to provide us with certain information, but that may result in you being unable to use certain features of our Site and the Services because such information may be required in order for you to register as a member; purchase products or services; participate in a contest, promotion, survey, or sweepstakes; ask a question; or initiate other transactions on our Site.

Most web browsers are set to accept cookies by default. If you prefer, you can usually choose to set your browser to remove or reject browser cookies. If you choose to reject all cookies, you may be unable to use certain Site features. Some browsers have incorporated “Do Not Track” features. Most of these features, when turned on, send a signal or preference to the website or online service provider indicating that the user does not wish to be tracked. 

Please contact us at info@collegemapper.com if you no longer wish to receive communications regarding the Services. It may take up to ten (10) days for us to process an opt-out request. We may send you other types of transactional and relationship email communications, such as service announcements, administrative notices, and surveys, without offering you the opportunity to opt out of receiving them. Please note that changing information in your account or otherwise opting out of receipt of promotional email communications will only affect future activities or communications from us. If we have already provided your information to a third party before you have changed your preferences or updated your information, you may have to change your preferences directly with that third party.

You may tell us not to share your personal information with third parties for direct marketing purposes by contacting us as indicated below.

Corrections, Retention

If you want to view, delete, or modify your Personal Information, you may do so by making a request as set forth below. Please note that we may be required to keep certain information and not delete it (or to keep information for a certain amount of time, in which case we will comply with your deletion request only after we have fulfilled such requirements). When we delete any Personal Information or other data, it will be deleted from the active database, but may remain in our archives.

We reserve the right to verify the identity of any person making a request to opt-out or to delete or modify Personal Information; provided, however, that we will have no liability of any kind resulting from false or erroneous requests or any change or deletion made by us for any reason. 

We store Personal Information for only as long as reasonably necessary to fulfill the purposes described above, as we determine is necessary for business records, and as required under applicable law.

Social Media

The Site may include social media features, such as the Facebook Like button, and widgets, such as the ShareThis button or interactive mini-programs that run on the Site. These features may collect your IP address, which page you are visiting on the Site, and may set a cookie to enable the feature to function properly. Social media features and widgets are either hosted by a third party or hosted directly on the Site. Your interactions with these features, including any Personal Information you provide via these features, are governed by the privacy policy of the company providing it.

What Steps Do We Take To Protect Your Information?

We take reasonable measures to protect your Personal Information in an effort to prevent loss, misuse, and unauthorized access, disclosure, alteration, and destruction. Please be aware, however, that despite our efforts, no security measures are perfect or impenetrable and no method of data transmission can be guaranteed against any interception or other type of misuse.

To mitigate this risk, you should use secure usernames and passwords and carefully protect them from disclosure and implement updated internet security and virus protection on your computer. If you suspect that your computer’s security or your information has been compromised or your password accessed or used by an unauthorized third party, immediately change your password.

If we become aware of a security systems breach, we may attempt to notify you electronically so that you can take appropriate protective steps. We may post a notice through the Site if a security breach occurs. We may also send an email to you at the email address you have provided to use in these circumstances. Depending on where you live, you may have a legal right to receive notice of a security breach in writing.

Users should also be aware of how they handle and disclose their Personal Information and should avoid sending personal information through insecure email. Please refer to the Federal Trade Commission’s website at http://www.business.ftc.gov/privacy-and-security/consumer-privacy for information about how to protect yourself against identity theft.

We also may update this Privacy Policy from time to time. When we do so, we will post the new Privacy Policy on the Site and your continued use of the Services is deemed to be acceptance of such updates or changes. We encourage you to check the date of our Privacy Policy when you access and use the Site for any updates or changes.

California Rights 

The following provisions apply only to residents of the state of California:

Do Not Track. Section 22575 of the California Business & Professions Code requires website and online service operators to disclose whether they honor web browser “Do Not Track” settings. There is currently no common standard for responding to Do Not Track signals or even in the Do Not Track signal itself. We currently do not have any technology implemented to process Do Not Track Signals. We also have no access to or control over other parties’ Personal Information collection practices. You should carefully review the privacy policy and terms of any website you visit. For more information about Do Not Track, please visit www.allaboutdnt.org

CCCPA. You have the right under the California Consumer Privacy Act of 2018 (CCPA) and certain other privacy and data protection laws, as applicable, to exercise free of charge:

Disclosure of Personal Information We Collect About You	You have the right to know:The categories of Personal Information we have collected about you;The categories of sources from which the Personal Information is collected;Our business or commercial purpose for collecting or selling Personal Information;The categories of third parties with whom we share Personal Information, if any; andThe specific pieces of Personal Information we have collected about you.Please note that we are not required to:Retain any Personal Information about you that was collected for a single one-time transaction if, in the ordinary course of business, that information about you is not retained;Reidentify or otherwise link any data that, in the ordinary course of business, is not maintained in a manner that would be considered Personal Information; orProvide the Personal Information to you more than twice in a 12-month period.
Personal Information Sold or Used for a Business Purpose	In connection with any Personal Information we may sell or disclose to a third party for a business purpose, you have the right to know:The categories of Personal Information about you that we sold and the categories of third parties to whom the Personal Information was sold; andThe categories of Personal Information that we disclosed about you for a business purpose.You have the right under the California Consumer Privacy Act of 2018 (CCPA) and certain other privacy and data protection laws, as applicable, to opt-out of the sale of your Personal Information.
Right to Deletion	Subject to certain exceptions set out below, on receipt of a verifiable request from you, we will:Delete your Personal Information from our records; andDirect any service providers to delete your Personal Information from their records.Please note that we may not delete your Personal Information if it is necessary to:Complete the transaction for which the Personal Information was collected, fulfill the terms of a written warranty or product recall conducted in accordance with federal law, provide a good or service requested by you, or reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform a contract between you and us;Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity; or prosecute those responsible for that activity;Debug to identify and repair errors that impair existing intended functionality;Exercise free speech, ensure the right of another consumer to exercise his or her right of free speech, or exercise another right provided for by law;Comply with the California Electronic Communications Privacy Act;Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when our deletion of the information is likely to render impossible or seriously impair the achievement of such research, provided we have obtained your informed consent;Enable solely internal uses that are reasonably aligned with your expectations based on your relationship with us;Comply with an existing legal obligation; orOtherwise use your Personal Information, internally, in a lawful manner that is compatible with the context in which you provided the information.
Protection Against Discrimination	You have the right to not be discriminated against by us because you exercised any of your rights under the CCPA. This means we cannot, among other things:Deny goods or services to you;Charge different prices or rates for goods or services, including through the use of discounts or other benefits or imposing penalties;Provide a different level or quality of goods or services to you; orSuggest that you will receive a different price or rate for goods or services or a different level or quality of goods or services.Please note that we may charge a different price or rate or provide a different level or quality of goods and/or services to you, if that difference is reasonably related to the value provided to our business by your Personal Information.

International Visitors

The Site is hosted in and provided from the United States and is intended for visitors located within the United States. If you choose to use the Site from the European Union or other regions of the world with laws governing data collection and use that may differ from US law, then please note that you may be transferring information, including Personal Information you provide, outside of those regions to the US for storage and processing. Also, we may transfer your data from the US to other countries or regions in connection with storage and processing of data, fulfilling your requests, and operating the Site. By providing any information, including Personal Information, to us, you consent to the transfer, storage, use, and processing of such in accordance with this Privacy Policy.

Questions?

If you would like to exercise any of your rights as described in this Privacy Policy, please email us at info@collegemapper.com

Please note that you may only make a CCPA-related data access or data portability disclosure request twice within a 12-month period.

If you choose to contact directly by info@collegemapper.com, you will need to provide us with:

• Enough information to identify you [(e.g., your full name, address and customer or matter reference number))];
• Proof of your identity and address (e.g., a copy of your driving license or passport and a recent utility or credit card bill); and
• A description of what right you want to exercise and the information to which your request relates.

We are not obligated to make a data access or data portability disclosure if we cannot verify that the person making the request is the person about whom we collected information, or is someone authorized to act on such person’s behalf.

Any Personal Information we collect from you to verify your identity in connection with you request will be used solely for the purposes of verification.

If you have any questions about our Privacy Policy, please contact us at [info@CollegeMapper.com].

Last Updated: September, 2020