EFFECTIVE DATE: NOVEMBER 23, 2021
COLLECTING INFORMATION ON PERSONS UNDER 16 AND FERPA COMPLIANCE
The Children’s Online Privacy and Protection Act (COPPA) prohibits certain companies from collecting data from children under thirteen years of age. Since other jurisdictions place similar restrictions on children under 16 years of age, we will never knowingly solicit, nor will we accept, personally identifiable information from users under sixteen (16) years of age without parental or guardian consent. We take steps to verify age through the use of a credit card or PayPal account, and if the Student is under 16 years of age, we require the parent or guardian to set up the account and give consent. If a parent or guardian becomes aware that his or her child has provided us with Personal Information without their consent, he or she should contact us at email@example.com
. If we become aware that a child under 16 has provided us with Personal Information, we will take steps to delete such information from our files.To the extent that we work with, coordinate or share data with educational institutions and educators that fall under the Family Educational Rights and Privacy Act of 1974 (“Educators”) we enter into arrangements with those Educators to ensure that data is protected in compliance with the law by requiring them to adhere to our FERPA Notice
INFORMATION WE COLLECT
(“Site”), and online applications (“Apps”) (the Site and Apps collectively referred to as, the (“Service”). In order to help you get the most out of our service, we collect User submitted personally identifiable information, namely information that relates to an identifiable person (“PII”) when you use the Service. We have four kinds of Users for the Service: “Visitors” are people who visit our Site and want more information about our Service, “Students” are Users that wish to purchase music lessons through our Service either directly or through their parents/guardians. “Teachers” are instructors who offer lessons to Students through our Service. “Educators” are staff and teachers from K-12 or colleges that fall under FERPA and which may collect information on Students attendance and performance in connection with their authorized purposes in relation to maintaining education records of the Students enrolled at their institution.For all Users accessing our site, we log their use and what pages they visit in connection with their browser. If they are registered as a Student, Teacher or Educator, we will log their activities in connection with their use of the Service. We also gather non-PII when you use the Service, including type of browser you use, access time, pages viewed, operating system of your computer or device, and mobile network information. PII we collect may include your IP Address, unique device identifier, mobile network and geolocation.
. For Students we collect the Student’s name, address, contact information, user name and password. We also will collect payment information such as a credit card number of the Student or their parent/guardian to be stored with our payments processors, Stripe and PayPal. We will also keep track of Students’ use of the Services and lessons. If the Student is associated with a particular educational institution we may collect the name of your school, grade and classroom instructor. We also collect any feedback to us or regarding Teachers that you post.
For Teachers, we collect the Teacher’s name address, calendar, contact information, user name and password, as well as any photos or other information provided with respect to the services they wish to offer. We also may collect your bank or credit card information to ensure you get compensated for teaching, your Federal Tax ID Number, date of birth or other information for tax reporting purposes and to conduct sex offender background checks. We don’t store payment information PII, it is stored with our payments providers, Stripe and PayPal.
For Educators we collect the names, contact information, institution name and the class or grade represented.
and/or the Digital Advertising Alliance’s website http://www.aboutads.info/choices/
. You also can control advertising cookies from Google, by using its Ads Preference Manager. Please note that to the extent advertising technology is integrated into the Site, you may still receive advertisements even if you opt-out of targeted advertising
HOW WE USE YOUR INFORMATION
We use PII, information from logs and non-PII as necessary to provide the service to you and to help you find, schedule and pay for lessons using the Service.We also use PII, cookies, information from logs and non-PII for the purpose of improving the Service and your customer experience.If Students share any PII in connection with Educators we will only use such Student PII in connection with a legitimate educational purpose and in compliance with FERPA unless the Student or their parent/guardian provides consent to do otherwise. For all other Students (with parental/guardian consent where required by law), we will inform you of Services that may be of interest to you.For Teachers, we will also use such PII as is necessary to conduct sex offender background checks. We will only use such information in connection with determining your eligibility to offer your services on the Site and Services.We also may de-identify to create aggregate statistical information to improve our Services and market the Service.
WHO WE SHARE YOUR INFORMATION WITH
We will not sell, rent, or share PII with third parties outside of our company without your consent, except in the following ways:
To Facilitate the Service.
We share Teacher and Student information between each other to arrange the lessons purchased on the Service, complete the transactions and if arranging the lessons on behalf of Educators, confirm that the lessons have been completed by sharing in each case the names, contact information, appointment dates/times and noting the date/time of completion. We also share feedback that you post.
Law Enforcement and Internal Operations
We sometimes contract with other companies and individuals to perform functions or services on our behalf, such as software maintenance, data hosting, sending email messages, etc. We necessarily have to share such PII as necessary to provide and manage the Service.
If you would like to stop receiving promotional information on services from us, you may remove yourself by following the instructions at the bottom of the email.If you are in the European Economic Area (EEA), you have the right to access the information we have about you, as well as the right to request that we correct it, complete it, erase it, stop using it for certain purposes, or transfer certain information to you. To make any such request, please contact us at firstname.lastname@example.org
. In order to protect your privacy, we may take steps to verify your identity when we receive your request.To access or change your PII, log into your account and you can review and update your information. To request access to any PII you are unable to access yourself, please contact us at email@example.com
. In order to protect your privacy, we may take steps to verify your identity before sharing PII with you.To delete your account, send an email to firstname.lastname@example.org
with the account holder’s name, email address, and phone number requesting that your account be deleted. The account will generally be deleted from Virtu.Academy’s site within 14 business days. If you delete your account we can no longer provide access to parts of the Service to you. We may retain PII or payment information as required by law or for record keeping to defend legal claims.
Stripe and Payments Processing.
We utilize Stripe and PayPal as payment gateways for payments. Data Processing takes place in the United States and Stripe and PayPal are each self-certified under the EU-U.S. and Swiss-US Privacy Shield. Users should review Stripe’s Security Policy
or PayPal’s Privacy Statement
before initiating transactions on the Site.
HOW WE PROTECT YOUR INFORMATION
We have implemented reasonable administrative, technical and physical security measures to protect your personal information under our control against unauthorized access, destruction or alteration. For example:SSL encryption (https) everywhere where we deal with PII.Password protection on your account.Hashing of passwords.Data is kept on secure, encrypted servers, located in the US.Restricting staff access to PII protected by password logs and two factor authentication.Regular staff privacy and security training.Tokenization of payments, customer ID, and payment information by payment providers.However, because no security system can be 100% effective, we cannot completely guarantee the security of any information we store, process or transmit.Payments Encryption: Virtu.Academy utilizes only PCI-DSS compliant third party payment processors to ensure the security of your personal information through Stripe and PayPal.
PROCESSING IN THE UNITED STATES
The Service is operated in the United States of America. Information we collect from you will be processed in the United States. The laws of the United States may not protect the privacy of your information at the same level as provided by the laws of your country. In an effort to safeguard individual privacy, we enter into agreements using standard contract clauses, approved by the European Commission, with our service providers and Affiliates that transfer Personal Information to the United States. You will not lose any rights or choices you have about the use of your Personal Information when it is transferred to the United States.
THIRD PARTY WEBSITES
We may link to other websites. When you click on one of these links, you are ‘clicking’ to another website. Virtu.Academy does not control the data collection or privacy practices of such third party sites. We encourage you to read the privacy policies of any third party sites, as their collection, use and storage practices and policies may differ from ours.
NOTICE ABOUT “DO NOT TRACK”
“Do Not Track” or DNT is a feature enabled on some browsers that sends a signal to request that a web application disable its tracking or cross-site user tracking. At present, our Site does not respond to or alter its practices when a DNT signal is received.
YOUR CALIFORNIA PRIVACY RIGHTS
California residents who have an established business relationship with Us may make a written request to Virtu.Academy about whether Virtu.Academy has disclosed any PII to any third parties for the third parties' direct marketing purposes during the prior calendar year. To make such a request, please send an email to email@example.com or write us:
2001 L Street, NW
Suite 500, #50059
Washington, DC 20036MS/MMS MOBILE MESSAGING MARKETING PROGRAM
We respect your privacy. We will only use information you provide through the Program to transmit your mobile messages and respond to you, if necessary. This includes, but is not limited to, sharing information with platform providers, phone companies, and other vendors who assist us in the delivery of mobile messages. WE DO NOT SELL, RENT, LOAN, TRADE, LEASE, OR OTHERWISE TRANSFER FOR PROFIT ANY PHONE NUMBERS OR CUSTOMER INFORMATION COLLECTED THROUGH THE PROGRAM TO ANY THIRD PARTY. Nonetheless, We reserve the right at all times to disclose any information as necessary to satisfy any law, regulation or governmental request, to avoid liability, or to protect Our rights or property. When you complete forms online or otherwise provide Us information in connection with the Program, you agree to provide accurate, complete, and true information. You agree not to use a false or misleading name or a name that you are not authorized to use. If, in Our sole discretion, We believe that any such information is untrue, inaccurate, or incomplete, or you have opted into the Program for an ulterior purpose, We may refuse you access to the Program and pursue any appropriate legal remedies.
California Civil Code Section 1798.83 permits Users of the Program that are California residents to request certain information regarding our disclosure of the information you provide through the Program to third parties for their direct marketing purposes. To make such a request, please contact us at the following address:
2001 L Street, NW
Suite 500, #50059
Washington, DC 20036