Effective Date April 15, 2019
COLLECTING INFORMATION ON PERSONS UNDER 16 AND FERPA COMPLIANCE
The Children’s Online Privacy and Protection Act (COPPA), prohibits companies from collecting data on children under thirteen years of age. Since many other jurisdictions within the U.S. place similar restrictions on children under 16 years of age, In accordance with Federal Children's Online Privacy Protection Act of 1998 (COPPA), we will never knowingly solicit, nor will we accept, personally identifiable information from users under sixteen (16) years of age without parental or guardian consent. We verify age through the use of a credit card or PayPal account, and if the Student is under 16 years of age, we require the parent or guardian to set up the account and give consent. If a parent or guardian becomes aware that his or her child has provided us with Personal Information without their consent, he or she should contact us at firstname.lastname@example.org. If we become aware that a child under 16 has provided us with Personal Information, we will delete such information from our files.
To the extent that we work with, coordinate or share data with educational institutions and educators that fall under the Family Educational Rights and Privacy Act of 1974 (“Educators”) we enter into arrangements with those Educators to ensure that data is protected in compliance with the law by requiring them to adhere to our FERPA Notice terms.
INFORMATION WE COLLECT
For all Users accessing our site, we log their use and what pages they visit in connection with their browser. If they are registered as a Student, Teacher or Educator, we will log their activities in connection with their use of the Services. We also gather non-PII when you use the Service, including type of browser you use, access time, pages viewed, and we collect information about the computer or mobile device you use to access the Service, including without limitation operating system and unique device identifiers and mobile network information. We also collect potentially identifying PII in your IP Address, mobile network and your geolocation.
Students. For Students we collect the Student’s name, address, contact information, user name and password. We also will collect payment information such as a credit card number of the Student or their parent/guardian to be stored with our payments processor, Stripe. We will also keep track of Students’ use of the Services and lessons. If the Student is associated with a particular educational institution we may collect the name of your school, grade and classroom instructor. We also collect any feedback to us or regarding Teachers that you post.
Teachers. For Teachers, we collect the Teacher’s name address, calendar, contact information, user name and password, as well as any photos or other information provided with respect to the services they wish to offer. We also may collect your bank or credit card information to ensure you get compensated for teaching, your Federal Tax ID Number, date of birth or other information for tax reporting purposes and to conduct sex offender background checks. We don’t store payment information PII, it is stored with our payments providers, Stripe and PayPal.
Educators. For Educators we collect the names, contact information, institution name and the class or grade represented.
HOW WE USE YOUR INFORMATION
We use PII , information from logs and non-PII and potentially identifying PII as necessary to provide the services to you, help you find, schedule and pay for lessons using the Site and Services,
We also use PII, cookies, information from logs and non-PII and potentially identifying PII for the purpose of improving the Site, Services and your customer experience.
If Students share any PII in connection with Educators we will only use such Student PII in connection with a legitimate educational purpose and in compliance with FERPA unless the Student or their parent/guardian provides consent to do otherwise. For all other Students (with parental/guardian consent where required by law), we will inform you of Services that may be of interest to you.
For Teachers, we will also use such PII as is necessary to conduct sex offender background checks. We will only use such information in connection with determine your eligibility to offer your services on the Site and Services.
We also may de-identify to create aggregate statistical information to improve our Services and market the Site.
WHO WE SHARE YOUR INFORMATION WITH
We will not sell, rent, or share PII with third parties outside of our company without your consent, except in the following ways:
To Facilitate the Services.
We share Teacher and Student information between each other to arrange the lessons purchased on the Services, complete the transactions and if arranging the lessons on behalf of Educators, confirm that the lessons have been completed by sharing in each case the names, contact information, appointment dates/times and noting the date/time of completion. We also share feedback that you post.
Law Enforcement and Internal Operations
We sometimes contract with other companies and individuals to perform functions or services on our behalf, such as software maintenance, data hosting, sending email messages, etc. We necessarily have to share such PII as necessary to provide and manage the Services.
If you would like to stop receiving information on services from us, you may remove yourself by following the instructions at the bottom of the email.
To access or change your PII, log into your account and you can review and update your information. To request access to any PII you are unable to access yourself, please contact us at email@example.com. In order to protect your privacy, we will take steps to verify your identity before sharing PII with you.
To delete your account, send an email to firstname.lastname@example.org with the student’s name, email address, and phone number requesting that your account be deleted. The account and will be deleted from Virtu.Academy’s site within 14 business days. If you delete your account we can no longer provide access to the Services to you. We may retain PII or payment information as required by law or for record keeping to defend legal claims.
Stripe and Payments Processing. We utilize Stripe and PayPal as payment gateways for payments. Data Processing takes place in the United States and Stripe and PayPal are each self-certified under the EU-U.S. and Swiss-US Privacy Shield. Users should review Stripe’s Security Policy or PayPal’s Privacy Statement before initiating transactions on the Site.
HOW WE PROTECT YOUR INFORMATION
We have implemented reasonable administrative, technical and physical security measures to protect your personal information under our control against unauthorized access, destruction or alteration. For example:
SSL encryption (https) everywhere where we deal with personal data.
Password protection on your account.
Hashing of passwords
Data is kept on secure, encrypted servers.
Restricting staff access to PII protected by password logs and two factor authentication.
Tokenization of payments, customer ID, and payment information by payment providers.
However, because no security system can be 100% effective, we cannot completely guarantee the security of any information we store, process or transmit.
Payments Encryption: Virtu.Academy utilizes only PCI-DSS compliant third party payment processors to ensure the security of your personal information through Stripe and PayPal.
THIRD PARTY WEBSITES
We may link to other websites. When you click on one of these links, you are ‘clicking’ to another website. Virtu.Academy does not control the data collection or privacy practices of such third party sites. We encourage you to read the privacy policies of any third party sites, as their collection, use and storage practices and policies may differ from ours.
NOTICE ABOUT “DO NOT TRACK”
“Do Not Track” or DNT is a feature enabled on some browsers that sends a signal to request that a web application disable its tracking or cross-site user tracking. At present, our Site does not respond to or alter its practices when a DNT signal is received.
YOUR CALIFORNIA PRIVACY RIGHTS
California residents who have an established business relationship with Us may make a written request to VIrtu.Academy about whether Virtu.Academy has disclosed any PII to any third parties for the third parties' direct marketing purposes during the prior calendar year. We have not done so in the past calendar year. To make such an additional request, please send an email or write us: email@example.com
940 Tuxedo Blvd.
St. Louis, Missouri 63119