As of April 28, 2020
- Information collected by third-party websites linked from Shmoop
- Information collected off-line
Please note that if you are a resident of the European Union or California, you have additional rights as set forth below.
Information We Collect
We collect two types of information from you:
- Information you voluntarily provide when registering or participating in activities or using Services on Shmoop; and
- Information collected automatically by using cookies and other tracking technologies from your computer or other device that you use to access the Site or Services, including your geographic location when you use Shmoop.
All personally identifiable information collected from the Site or through the Services will not be shared with any other entity without your expressed consent, other than as described in “Exceptions to Sharing Personally Identifiable Information” below.
To use some parts of our Site or certain of our Services, you must register with Shmoop and create an account (“Registration Information”). When you register, we collect personally identifiable information such as your name and email address. You may provide other personally identifiable information voluntarily (e.g., year in school, gender), but it is not required for registration. If you register for a subscription or purchase a product at our Site, then we may collect credit card and debit card information to provide to our payment processor, including credit/debit card numbers, expiration dates, CV numbers, billing address, shipping address, date of order, payment information, and the product or subscription ordered.
We use this Registration Information to contact you about the Services on our Site about which you have expressed interest, to process subscriptions, and provide you the Services you have purchased or for which you have registered.
Other Voluntarily Submitted Information - User Generated Content
The Services also allow users to submit information and content through the Site and in connection with the Services. This includes, but is not limited to the following:
- Any response, content, or information you provide in connection with the Services. For example, we collect your answers to test prep questions, essays you might write, responses to survey questions or polls, responses to assessment questions in the Heartbeat™ tool, and notes and other content you create.
- We track your progress and performance in connection with the Services you use.
- We collect your contact and other information you provide when providing us feedback, making inquiries, or asking for customer support.
- We collect the optional profile information that you wish to share with other users of the Site and Services.
- We collect other information that you submit voluntarily through our Shmoop message boards, notes, conversations, and other communications.
Automatically Collected Information
In addition to the information you voluntarily send us while visiting Shmoop, like most websites, we gather certain information automatically and store it in log files. This information includes, but is not limited to, internet protocol (IP) addresses, browser type, internet service provider (ISP), referring/exit pages, operating system, mobile device ID, advertising identifiers, date/time stamp, and clickstream data.
We use this information, which does not identify individual users, to analyze trends, administer the site, track users’ movements around the site, and to gather demographic information about our user base as a whole. We may link this automatically-collected data to personally identifiable information.
Our Use of Information
We use the information that we collect on our Site and through the Services for the following purposes:
- provide access to the Site and to provide you with requested Services and customer support and to process and respond to your inquiries;
- personalize, customize, measure, and improve our Services, content, and advertising and otherwise to enhance your experience of the Site;
- analyze the accuracy, effectiveness, usability, or popularity of the Site and Services;
- generate and review reports and data about our user base and service usage patterns;
- compile aggregate data for internal and external business purposes;
- resolve disputes and troubleshoot problems;
- contact you with information, including promotional, marketing, and advertising information and recommendations that we believe may be of interest to you;
We do not share personally identifiable information with third parties without your expressed consent, other than as described in “Exceptions to Sharing Personally Identifiable Information” below. We may provide information in the aggregate about our users to third parties for other purposes, but in this case, all personally identifiable information will be removed.
Student Privacy - FERPA
Shmoop may have access to student education records that are subject to the Family Educational Rights and Privacy Act (FERPA), 20 U.S.C. 1232g, et seq. and the regulations promulgated thereunder. This information is considered confidential and is, therefore, protected from disclosure, except with the consent of the student or in the case of a minor, a parent or legal guardian, or other person authorized to consent on behalf of the student.
To the extent that Shmoop has access to “education records” subject to FERPA, it does so as a service provider to educational institutions. We will only use such education records and personally identifiable information contained therein for the purposes of providing Services to users that access our Services under our contract with the educational institution. We will not use such information to market to the users except to the extent permitted by law or by our contract with the educational institution.
Except as required or permitted by law, or with consent as noted above, we shall not disclose or share such education records with any third party unless (a) such disclosure is permitted by the terms of our contract with the particular educational institution from which we received the educational records, and (b) the third party has agreed to maintain the confidentiality of the education records to the same extent required of Shmoop under its contract with the educational institution.
In the event any person(s) seek to access protected education records, we will only retrieve such data or information upon receipt of, and in accordance with, written directions, if allowed by law. If we receive a court order or lawfully issued subpoena seeking the release of such data or information, Shmoop will provide notification to relevant users with a copy of the court order or lawfully issued subpoena prior to releasing the requested data or information, if allowed by law or judicial and/or administrative order.
If a student or his or her parent would like to request to access, modify, refuse further collection of, or delete a student’s personally identifiable information that we have been provided under a contract with a school or school district, please contact your school or school district with your request as we may not be able to respond to such requests directly under our contractual confidentiality obligations with the schools and school districts.
We are committed to protecting the privacy of persons less than 13 years of age (“child” or “children”) who use our Site or Services. This policy explains our information collection, disclosure, and parental consent practices with respect to information provided by children and is in accordance with the U.S. Children’s Online Privacy Protection Act (“COPPA”). Shmoop does not knowingly permit any child to register directly for the Site or Services unless we reasonably believe, or have received assurances from the subscribing user or in the case of use under a plan with an educational institution, the administrator, that the child’s parent has consented to such registration and use of the Site and Services. If Shmoop learns that personally identifiable information of a child has been collected on the Site without parental consent, then we will take appropriate steps to delete this information. If you are a parent or guardian and discover that your child has a registered account with the Site without your consent, please email Shmoop at firstname.lastname@example.org and request that Shmoop delete that child's personally identifiable information from its systems.
Registration and Use of the Site
When a child requests to register for the Site or Services, Shmoop will seek consent from the child's identified parent or guardian (“Parent”). We may ask the child to provide certain information for notification and security purposes, including the Parent's email address, the child’s first name and gender, the child’s username, and password. We may also ask for birth dates from children to validate their ages. Please note that children can choose whether to share their information with us, but certain features cannot function without it. As a result, children may not be able to access certain features if required information has not been provided. We will not require a child to provide more information than is reasonably necessary in order to participate in an online activity. Parents may also agree to the collection and use of their child’s information, but not allow disclosure to third parties.
Consistent with the requirements of COPPA, on any child-targeted site or application, or in any instance where we ask for age and determine the user is less than 13 years of age, we will ask for a Parent email address before we collect any personally identifiable information from the child. If you believe your child is participating in an activity that collects personally identifiable information and you or another Parent have NOT received an email providing notice or seeking your consent, please feel free to contact us at email@example.com. We will not use Parent emails provided for parental consent purposes to market to the Parent, unless the Parent has expressly opted in to email marketing or has separately participated in an activity that allows for such email contact.
If you are a Parent and wish to provide direct consent for your child’s registration on the Site and Services, you must first register through the Site and affirmatively verify you are the child’s Parent and consent to the collection of the child’s personally identifiable information.
If, in addition to collecting content that includes personally identifiable information, Shmoop also plans to post the content publicly, share it with a third party for the third party’s own use or allow the child to post content publicly, we will obtain a higher level of parental consent as required by COPPA (verifiable parental consent). Methods by which we will obtain verifiable parental consent include, but are not limited to, requiring a signed consent form by mail, fax or electronic scan, asking for a credit card or other online payment method for verification, or having the Parent speak to a trained customer service representative by telephone or video chat. We will not post a child’s personally identifiable information or content publicly or except as permitted by law or as stated in the section entitled “When Information Collected From Children is Available to Others,” share such personally identifiable information or content with a third party for their third party’s own use without first obtaining verifiable parental consent.
Teacher or Administrator Consent
With regard to school-based activities, COPPA allows teachers and school administrators to act in the stead of parents to provide consent for the collection of personally identifiable information from children. Schools should always notify parents about these activities.
Email Contact with a Child
On occasion, and as permitted by COPPA, in order to respond to a question or request from a child, Shmoop may need to ask for the child’s online contact information, such as an email address. Shmoop will delete this information immediately after responding to the question or request.
In connection with certain activities or services, we may collect a child’s online contact information, such as an email address, in order to communicate with the child more than once. In such instances we will retain the child’s online contact information to honor the request and for no other purpose such as marketing. Whenever we collect a child’s online contact information for ongoing communications, we will simultaneously require a Parent email address in order to notify the Parent about the collection and use of the child’s information, as well as to provide the Parent an opportunity to prevent further contact with the child. On some occasions a child may be engaged in more than one ongoing communication, and a Parent may be required to "opt-out" of each communication individually.
In the event we collect (or allow others to collect) such information from children on our Site or Services for other purposes, if required by COPPA, we will notify parents and obtain consent prior to such collection.
When Information Collected From Children is Available to Others
In addition to those instances where a child’s personally identifiable information is posted publicly (after receiving verifiable parental consent), we also may share or disclose personally identifiable information collected from children in a limited number of instances, including the following:
- We may share information with our service providers if it is necessary for them to perform a technology support function for us, or for other legitimate educational purposes.
- We may disclose personally identifiable information if permitted or required by law, for example, in response to a court order or a subpoena. To the extent permitted by applicable law, we also may disclose personally identifiable information collected from children (i) in response to a law enforcement or public agency’s (including schools or children services) request; (ii) if we believe disclosure may prevent the instigation of a crime, facilitate an investigation related to public safety or protect the safety of a child using our Site; (iii) to protect the security or integrity of our Site, Services and other technology, as well as the technology of our service providers; or (iv) enable us to take precautions against liability.
Parental Choices and Control
At any time, parents can refuse to permit us to use and collect further personally identifiable information from their children in association with a particular account, and can request that we delete from our records the personally identifiable information we have collected in connection with that account. Please keep in mind that a request to delete records may lead to a termination of an account, membership, or other service.
Where a child has registered for a Shmoop account, we use two methods to allow Parents to access, change, or delete the personally identifiable information that we have collected from their children:
- Parents can request access to and delete their child’s personally identifiable information by logging onto the child’s account. Parents will need their child’s username and password.
- Parents can contact us to request access to, change, or delete their child’s personally identifiable information at firstname.lastname@example.org.
In any correspondence such as email or mail, please include the child’s username and the Parent’s email address and telephone number. To protect children’s privacy and security, we will take reasonable steps to help verify a Parent’s identity before granting access to any personally identifiable information.
We will retain your child’s information for as long as their account is active or as needed to provide them services. If you wish to cancel your child’s account or request that we no longer use that information to provide them Services, please contact us at email@example.com. We will retain and use their information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
If we make material changes to how we use personally identifiable information collected from children, we will notify parents by email in order to obtain parental consent for the new uses of the child’s personally identifiable information.
Our Communication with You
After you register with Shmoop, we may contact you in several ways. Please see our contact us page to opt-out of specific types of messages.
When you register, we will send you a welcome message from Shmoop. We may also respond to your customer service inquiries, your suggestions, or your requests to manage your account. We will communicate with you by email or phone, in accordance with your preferences.
We may send our users emails with information about special offers and promotions. You may opt-out of such communications at the time of registration and on our Contact page or by using the unsubscribe mechanism in the email.
Newsletters, Product Updates, and Notifications
YWe may send our users newsletters, product updates, and other marketing-related notifications by email. You may opt-out from such communication on our Contact page or by using the unsubscribe mechanism in the email.
TWe may send our users updates regarding the Service or their account. These are sent to all registrants of Shmoop on occasions when a significant service change or disruption occurs. You cannot opt-out of such Service-related or account-related emails.
Accessing, Changing and Managing Your Information
You can access or change your personal profile and contact information or delete your account by either logging into your account or contacting customer service at firstname.lastname@example.org.
Security of Your Information
The security of your information is important to us. We use a number of measures to help protect the security of the personally identifiable information submitted to us. However, no method of transmission over the Internet, or method of electronic storage, is 100% secure. Therefore, we cannot guarantee its absolute security and any information you transmit to Shmoop or submit through the Site or the Services is done so at your own risk. If you have questions about security on our Site or Services, please contact us at email@example.com.
Sharing Information within Shmoop
Message Board, Site Sharing Features and Site Contributions
When you use our Site or Services, you have the option to make contributions including, but not limited to, your notes, comments, creative works, or information about yourself, available to other visitors to our Site or Services.
We will, generally, provide you with the option to control the privacy of your contributions or remove your contributions from the Site or Services.
If you use Shmoop’s message boards, chat rooms, conversations, or other Services on the Shmoop site, please be aware that any personally identifiable information you submit there can be read, collected, or used by other users of these forums, and could be used to send you unsolicited messages. We are not responsible for the personally identifiable information you choose to submit in these forums.
If you have not removed or marked private any given piece of identifiable information, Shmoop will assume that you are aware that it is viewable by other users of Shmoop and the public at large.
If you have further questions about your contributions to this Site, please contact us.
Sharing of Personally Identifiable Information
We may disclose your personally identifiable information for certain business and other purposes set forth below.
We provide personally identifiable information to third parties that provide services related to the Site and Services or perform certain activities or functions on our behalf. For example, we use an outside shipping company to fulfill orders, and a credit card processing company to bill you for goods and services. These companies may only use the personally identifiable information to provide such services and perform such functions, and do not retain, share, store, or use personally identifiable information for any other purposes.
Information that you post on the Site and Services (e.g., comments, notes, creative works, and information about yourself) will be made available to other users of the Site.
Schools and School Districts
Certain of the Services are provided to user under contracts we have with schools and school districts. In such cases, your personally identifiable information, including any content or responses you provide in connection with the Services, such as responses to the Heartbeat™ tool, will be disclosed to the school and school district, and their teachers, administrators and other personnel as applicable.
Shmoop may share some or all of your information with our parent company, subsidiaries and corporate affiliates, joint venturers or other companies under common control with us.
Shmoop may disclose personally identifiable information as required by law or to comply with a judicial proceeding, court order, or legal process served on our company. In addition, we reserve the right to disclose your personally identifiable information when we believe that such disclosure is necessary to protect our rights, safety, or property, or the rights, safety, or property of service providers or others. We also may disclose personally identifiable information to third parties in order to resolve disputes that arise in the normal course of business.
In the event that Shmoop University, Inc., goes through a business transition, such as a merger, acquisition by another company, or sale of all or a portion of its assets, or the transfer of the business or assets in a bankruptcy or similar proceeding, the acquirer would have access to or acquire the information maintained by Shmoop University, Inc., which could include personally identifiable information submitted by or collected from users and visitors to our Site and Services.
Third Party Advertisers
We use third-party advertising companies such as Google DFP to serve ads when you visit our Site. These companies may use aggregated information (not including your name, address, email address or telephone number) about your visits to this and other websites in order to provide advertisements about goods and services of interest to you. While this information will not identify you personally, in some instances these third parties may be able to combine this information with other data they have about you, or that they receive from third parties, in a manner that allows them to associate this aggregated data with your personally identifiable information. Please refer to Google’s documentation for more information on their policies: https://www.google.com/policies/technologies/ads/. Or, to learn more about interest-based advertising in general and to opt out, please visit http://www.aboutads.info/choices and http://www.networkadvertising.org/managing/opt_out.asp.
When you use our website, we share information that we may collect from you, such as your email (in hashed form), IP address or information about your browser or operating system, with our partner/service provider, LiveRamp Inc and its group companies (‘LiveRamp’). LiveRamp may use our first party cookie on your browser to match your shared information to their marketing databases in order to provide back a pseudonymous privacy-centric identifier for our use in real time bidding in digital advertising. These third parties may in turn link further demographic or interest-based information to your browser. To opt out of this use, please head here.
Links to Other Sites
This Site contains links to other sites that are not owned or controlled by Shmoop University, Inc. Please be aware that we are not responsible for the privacy practices of those other sites. We encourage you to be aware of this when you leave our Site, and to read the privacy statements of each and every website that collects personally identifiable information. This privacy statement applies only to information collected by this Site or the Services.
Cookies; Do Not Track
The Site may include links to other websites and other content from third-party businesses. We permit third parties to track your actions through cookies and web beacons over time and across different websites or platforms.
In addition, you may be able to adjust your browser settings or other settings so that “do not track” requests are sent to the websites and mobile applications that you use. However, Shmoop will not disable tracking technology that may be active on the Site in response to any “do not track” requests that are sent to the Site.
Testimonials and User Feedback
From time to time, we will publish comments from users who have shared positive testimonials about our Site and Services. When we publish such content, we will identify those users only by their first and last name or a screenname, and their city, state, and school. We may also retweet your feedback and testimonials through our Twitter account, provided that we will not retweet feedback and testimonials from children under 13 without parental consent.
International Users - Applicable Law
EU Data Subjects
If you are a resident of the European Union, we comply with the General Data Protection Regulation (“GDPR”) to the extent it is applicable to your personally identifiable information (for purposes of this section, this term is the same as “personal data” as defined in the GDPR). For purposes of the GDPR, the controller is Shmoop University, Inc., PO Box 15550, Scottsdale, AZ 85267.
We rely on the following legal basis for processing of your personally identifiable information:
- Consent: we rely on your consent to process personally identifiable information in certain circumstances, such as in the case of processing personally identifiable information for children under 16 or in responding to your requests, or when we ask you to opt-in to certain marketing. Please note that if we rely on consent, you may withdraw your consent at any time, but such withdrawal will not affect the lawfulness of the processing prior to the withdrawal. The collection and processing of personally identifiable information based on your consent is in accordance with Art. 6 para. 1(a) GDPR.
- Necessary to perform a contract: we process personally identifiable information as necessary for the performance of contracts with you, including to provide Services. For example, we are not able to provide our Services unless you provide us with necessary personally identifiable information, such as the registration information described above. This collection and processing of personally identifiable information is based on Art. 6 para. 1(b) GDPR (necessary for the performance of a contract with you).
- Performance of a legal obligation: we process personally identifiable information as necessary to perform our legal obligations, such as complying with the laws in the jurisdiction in which you reside. This collection and processing of personally identifiable information is based on Art. 6 para. 1(c) GDPR (necessary for compliance with a legal obligation to which the controller is subject).
- Legitimate Interest: we process personally identifiable information based upon our legitimate interest (except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject that require protection of personally identifiable information), such as to improve our Site and Services, to market our Site and Services, to exercise or defend legal claims, and to protect our rights, property, and interest, and those of our users, and in the case of business transitions. Such processing is based on Art. 6 para 1(f) GDPR.
If you are a data subject of the European Union, you have the following rights:
- Access, Correction, and Erasure Requests: You have the right to:
- contact us to confirm whether we are processing your personally identifiable information;
- receive information on how your personally identifiable information is processed;
- obtain a copy of your personally identifiable information;
- request that we update or correct your personally identifiable information; and
- request that we delete personally identifiable information in certain circumstances.
- Right to Object to Processing: You have the right to request that we cease processing your personally identifiable information for marketing activities, including profiling for statistical purposes where such processing is based upon our legitimate business interests, unless we are able to demonstrate a compelling legitimate basis for such processing or we need to process your personally identifiable information for the establishment, exercise, or defense of a legal claim.
- Right to Restrict Processing: You have the right to request that we limit the processing of your personally identifiable information:
- while we are evaluating or in the process of responding to a request by you to update or correct your personally identifiable information where such processing is unlawful and you do not want us to delete your data;
- where we no longer require such data, but you want us to retain the data for the establishment, exercise, or defense of a legal claim; and
- where you have submitted an objection to processing based upon our legitimate business interests, pending our response to such request
- Data Portability Requests: You have the right to request that we provide you or a third party that you designate with certain of your personally identifiable information in a commonly used, machine readable format. Please note, however, that data portability rights apply only to personally identifiable information that we have obtained directly from you and only where our processing is based upon consent or the performance of a contract.
If you believe our processing of your personally identifiable information violates data protection laws, you have a legal right to lodge a complaint with a supervisory authority responsible for data protection. You may do so in the EU member state of your habitual residence, your place of work, or the place of the alleged violation.
EU data subjects can submit requests by contacting us at firstname.lastname@example.org. We will respond to all such requests within 30 days of our receipt of the request, unless there are extenuating circumstances, in which event we may take up to 60 days to respond. We will inform you if we expect our response to take longer than 30 days. Please note, however, that certain personally identifiable information may be exempt from such rights pursuant to applicable data protection laws. In addition, we will not respond to any request unless we are able to appropriately verify the requester’s identity. We may charge you a reasonable fee for subsequent copies of personally identifiable information that you request. In addition, if we consider that a request is manifestly unfounded or excessive, we may either request a reasonable fee to deal with the request or refuse to deal with the request.
Retention of Your Information
Notice of Privacy Rights to California Residents
Section 1798.83 of the California Civil Code permits California residents to request from a business, with whom the California resident has an established business relationship, information related to the personally identifiable information disclosed by those parties to third parties for direct marketing purposes and the names and addresses of the third parties with whom the business has shared such information during the immediately preceding calendar year. Although we do not disclose your personally identifiable information to third parties for their direct marketing, you may make one request each year by emailing us at email@example.com or sending a letter to:
Shmoop University Inc.,
PO Box 15550
Scottsdale, AZ 85267
Although we do not sell the personally identifiable information of Nevada residents, out of an abundance of caution and according to Nevada law, any Nevada resident who wants to opt out of the sale of personally identifiable information may submit a request by contacting us at firstname.lastname@example.org. Please note that we will take reasonable steps to verify your identity and the authenticity of the request.
Your Rights Under the California Consumer Privacy Act
If you are a California resident who has provided personally identifiable information to Shmoop University, Inc., or a California resident that reasonably believes that Shmoop University, Inc., collected or stores their personally identifiable information, you may exercise your rights under the CCPA and submit your requests by emailing: email@example.com.
Although we do not sell consumers’ personally identifiable information as defined under the CCPA, out of an abundance of caution and according to California law, any California consumer who wants to opt out of the sale of personally identifiable information may submit a request by contacting us at firstname.lastname@example.org. If we think the CCPA opt-out applies, we will process the request in accordance with the CCPA.
You have the right to request Shmoop University Inc. to:
- Disclose if we have collected personally identifiable information about you;
- Disclose the categories of personally identifiable information that we have collected about you (if any); the categories of sources from which the personally identifiable information is collected; the business or commercial purpose for collecting or selling personally identifiable information; and the categories of third parties with whom the business shares personally identifiable information;
- Disclose the specific pieces of personally identifiable information that we have collected about you (if any); and
- Delete personally identifiable information we have collected about you (if you satisfy the conditions set out in the CCPA).
In order to submit a request, we will need to verify your identity. If you have an account with us that is password-protected, we may verify your identity through our existing authentication practices for your account.
If you do not have an account with us, and your request concerns “categories” of personally identifiable information collected, we can request from you two data points of personally identifiable information to verify your identity. If you do not have an account with us, and your request concerns specific personally identifiable information, we can request from you at least three data points of personally identifiable information as well as a signed declaration with penalty of perjury to verify your identity.
Please note that following your verified request, we will send you your personally identifiable information from the following email address: email@example.com. (Any response to your request, including any personally identifiable information may be sent as an encrypted file.)
Please note that once you have submitted a request, we will send you a receipt, acknowledging your request, within 10 business days. If, for some reason, you do not receive such a receipt within 10 business days of your submitted request, please send us an email to firstname.lastname@example.org as an error may have occurred.
We will process and respond to your request within 45 calendar days after it is received (in some cases, as is allowed under the CCPA, this process may be extended by an additional 45-90 calendar days).
Please note you may only make two requests to know in a 12-month period, and the information provided need only cover the 12-month period prior to our receipt of your request.
As a California resident, you also have the right to designate an agent to exercise these rights on your behalf. We may require proof that you have designated the authorized agent to act on your behalf and to verify your identity directly with us. Please contact us at email@example.com for more information if you wish to submit a request through an authorized agent.
We hereby inform you that if you exercise any of your rights under the CCPA, we may not deny you goods or services for that reason, or subject you to different prices than those paid by other consumers, unless provided otherwise under the CCPA, Federal, or State law.
Notice of Information We Collect
Pursuant to California Civil Section 1798.100(b), this serves as notice of the categories of personally identifiable information that we collect through the Site and Services and the commercial purposes for which the information was collected. Please note that all of the categories of personally identifiable information we collect about you (as detailed below) come from the following categories of sources:
- You, including through your use of our services;
- Automatically collected from you;
- Our affiliate companies; and
- Third parties, such as schools and school districts.
In particular, we have collected the following categories of personally identifiable information from California consumers within the last twelve (12) months:
A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, or other similar identifiers.
|Shmoop may collect a name, and email address for account creation & use purposes. IP addresses may also be collected as part of typical infrastructure management practices.|
|B. Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)).||YES
Name, signature, address, telephone number, bank account number, credit card number, debit card number, or other financial information.
|Shmoop may collect a name, and email address for account creation & use purposes and credit card, debit card and bank information for payment transactions.|
|D. Commercial information, including records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies||YES
Records relating to subscriptions ordered by users.
|Shmoop may collect this information to process subscriptions, to manage user accounts, to respond to user inquiries, to provide the Services, to identify, develop and market the Services, and for accounting and legal purposes.|
|G. Geolocation Data||YES
We only track IP addresses which can indicate the geographical location of a user. We do not track the location of mobile devices.
|We use this information to verify users and monitor usage of the Site and Services, to deliver the Services, to improve our Site and Services and for internal research purposes.|
|J. Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)).||YES
Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records.
|When requested by Shmoop customers (schools), elements of “rostering” may be collected to assign students to specific classrooms, allowing for teacher-student alignment.|
|K. Inferences drawn from any of the information identified in this subdivision to create a profile about a consumer reflecting the consumer’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.||YES
Cognitive and emotional assessments using the Heartbeat™ Tool
|We use this information to provide students, parents, schools and school districts an assessment of a student’s emotional and cognitive state.|
Notice of Disclosures of Personal Information for a Business Purpose
- A. Identifiers;
- B. Personal information categories listed in the California Customer Records statute;
- J. Non-public education information; and
- Inferences from the Heartbeat™ tool.
We also disclose this information to our service providers. When we disclose personally identifiable information for a business purpose to a service provider, we enter a contract that describes the purpose and requires the recipient to both keep that personally identifiable information confidential and not use it for any purpose except performing the contract.
Shmoop University Inc.,
PO Box 15550
Scottsdale, AZ 85267