Collection of your Personal Information
We collect no personal information or data from families attending our schools unless the families voluntarily choose to provide information to us.
We collect personally identifiable information, such as your email address, name, home or work address or telephone number or financial information for purposes of processing the information to serve your family’s school tuition needs. Subject to your consent, We may also collect anonymous demographic information, which is not unique to you, such as your ZIP code, age, gender, preferences, interests and favorites.
There is also information about your computer hardware and software that is automatically collected by Us through your use of this site. This information can include: your IP address, browser type, domain names, access times and referring website addresses. This information is used by Us for the operation of the service, to maintain quality of the service, and to provide general statistics regarding use of this site.
Where applicable, we encourage you to review the privacy statements of Web sites you choose to link to from this site so that you can understand how those Web sites collect, use and share your information. We are not responsible for the privacy statements or other content on Web sites outside of this site.
Use of your Personal Information
We collect and use the personal information you provide to operate this site and deliver the services you have requested. If applicable, We may also use your personally identifiable information to inform you of other products/services available from Us. We may also contact you via surveys to conduct research about your opinion of current services or of potential new services that may be offered.
We do not sell, rent or lease customer lists to third parties. We may, from time to time, contact you on behalf of external business partners about a particular offering that may be of interest to you. In those cases, your unique personally identifiable information (e-mail, name, address, telephone number) is not transferred to the third party. In addition, We may share data with trusted partners to help us perform statistical analysis, send you email or postal mail, provide customer support, or arrange for deliveries. All such third parties are prohibited from using your personal information except to provide these services to Us, and they are required to maintain the confidentiality of your information.
We do not use or disclose sensitive personal information, such as race, religion, or political affiliations, without your explicit consent.
Where applicable, we keep track of the sites and pages our customers visit in order to determine what services are the most popular. This data is used to deliver customized content and advertising to customers whose behavior indicates that they are interested in a particular subject area.
We will disclose your personal information, without notice, only if required to do so by law or in the good faith belief that such action is necessary to: (a) conform to the edicts of the law or comply with legal process served on Us or the site; (b) protect and defend Our rights or property; and, (c) act under exigent circumstances to protect the personal safety of Our users, or the public.
Our site uses “cookies” to help you personalize your online experience. A cookie is a text file that is placed on your hard disk by a Web page server. Cookies cannot be used to run programs or deliver viruses to your computer. Cookies are uniquely assigned to you and can only be read by a web server in the domain that issued the cookie to you.
One of the primary purposes of cookies is to provide a convenience feature to save you time. The purpose of a cookie is to tell the Web server that you have returned to a specific page. For example, if you register with Our site or services, a cookie helps the site to recall your specific information on subsequent visits. This simplifies the process of recording your personal information, such as billing addresses, shipping addresses, and so on. When you return to the same site, the information you previously provided can be retrieved, so you can easily use the features that you customized.
You have the ability to accept or decline cookies. Most Web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. If you choose to decline cookies, you may not be able to fully experience the interactive features of the Websites you visit.
Security of your Personal Information
We secure your personal information from unauthorized access, use or disclosure. We secure the personally identifiable information you provide on computer servers in a controlled, secure environment, protected from unauthorized access, use or disclosure. When personal information is transmitted to other Web sites, it is protected through the use of encryption, such as the Secure Socket Layer (SSL) protocol.
We partner with Caspio Bridge to host our application and database on Caspio’s Compliance Professional Platform. When you access the Application, the personal information you choose to provide is protected by the following security and authentication measures in the Caspio database (please note, that some details have been excluded in order to protect the integrity of these security solutions):
Caspio is using Amazon Web Services (AWS) as its infrastructure provider. AWS has built a reputation for providing some of the most secure and best-run data centers in the world. AWS is: (i) SOC 1 and 2 / SSAE 16 / ISAE 3402 Certified (formerly SAS70) (ii) SOC 3 Certified (iii) ISO 27001 Security Certified (iv) Authorized by U.S. General Services Administration to operate at the FISMA Moderate level (v) Capable of supporting Payment Card Industry (PCI) compliant applications when AWS and Caspio-provided security controls are used in tandem
Network and Systems Layer
Caspio servers and firewalls are configured to allow only the absolute minimum level of access. All unnecessary users, protocols, and ports are disabled and monitored. Operating systems and third-party software are kept current with the latest upgrades and patches recommended by their vendors. Caspio databases and backups can only be accessed through trusted and secure authentication.
Caspio employees do not have direct access to the servers, except where necessary for system management, maintenance, monitoring, and backups. With Caspio’s Compliance Professional platform, only select, qualified and highly trained personnel are authorized to access our applications and database, and only when we specifically grant that access. Caspio follows rigorous hiring practices and background checks for administrative, IT, support, and sales positions. Caspio’s dedicated team of trained support engineers may only log into our database when explicitly authorized by us, and only to resolve problems or issues reported by us or when contractually authorized. This can (and will) only be done by SOH’s account Admin establishing a temporary log in for our support personnel to access your account. All account logins are tracked for reference, if needed.
Encryption at Rest
All data managed inside the Application is always encrypted when not being actively accessed and utilized. This provides peace of mind in knowing that if the database is ever accessed by an unauthorized person, the data is protected from unauthorized exposure. Caspio is using Transparent Data Encryption (TDE) for Microsoft SQL Server for Encrypting Data at Rest. The SQL Server encryption module creates data and key-encrypting keys to encrypt the database. The key-encrypting keys specific to Caspio’s SQL Server are themselves encrypted by a periodically-rotated, 256-bit AES master key. This master key is unique and is securely stored in systems which are separate from Caspio Bridge.
Changes to this Statement
We will occasionally update this Statement of Privacy to reflect company and customer feedback. We encourage you to periodically review this Statement to be informed of how We are protecting your information.
We welcome your comments regarding this Statement of Privacy. If you believe that We have not adhered to this Statement, please contact US at firstname.lastname@example.org. We will use commercially reasonable efforts to promptly determine and remedy the problem.