Privacy policy.

Chewy’s Class holds the privacy and safety of our parents, guardians, and students in highest regard. We would like to familiarize you with the types of personal data we collect and process, why we need it, who it may be disclosed or released to and under what circumstances, and your rights regarding your personal information.

This Policy applies to Chewy’s Class owned sites, applications, services and technologies. Please take a few minutes to carefully review the policy. By using our sites and services, you acknowledge that you accept and agree to this Privacy Policy.

Please be aware, data processing and reporting information described in this policy is detailed for our Chewy’s Class Full Time students where Chewy’s Class is the virtual K-2 school

We have included privacy contact options below if you have any questions or concerns about our privacy policy or practices. We also encourage you contact us if you have any visual or language accommodations that we can assist you with, such as communicating this policy to you verbally or in alternate languages.

OVERVIEW OF PRIVACY LAWS

Chewy’s Class (hereinafter “CC”, “we”, “us”) is a public body corporate of the State of California aligned with federal and state privacy and education laws. This includes the Family Education Rights Privacy Act (FERPA), the Protection of Pupil Rights Amendment (PPRA), the Children’s Online Privacy Protection Rule (COPPA) and California statues for privacy and education.  That said, we recognize that the strength of privacy laws varies from state to state, and closely follow new and emerging privacy legislation in other states and in Europe that significantly improve privacy rights and protections for you. We have adopted and incorporated guidance from the most progressive privacy laws, including the General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA) as part of our ongoing commitment to the privacy and security protection of data you entrust to us.

PRIVACY POLICY CHANGES

We may update our privacy policy from time to time to in response to legislation changes or technical protection improvements and ask that you periodically check this policy for updates. Most of these updates will not change the types of personal data we process, the purpose or our legal obligations for disclosure or retention requirements that would be considered a material change. If we do make a material change to our Policy, we will post a notice thirty days prior to any changes to our existing data collection and processing practices. The effective date of our most recent update is identified below with a brief summary of the changes.

Summary of Changes. Update to communicate our current data collection processing practices for greater transparency. There are no changes to the personal data categories or pieces of personal data that we process, nor are there any changes to the processing purposes, retention or disclosure requirements that would be considered a material change.

PERSONAL DATA DEFINITIONS AND TERMS

Data Privacy terms and definitions may vary from state to state. For CC, the term Personal Data is defined as:

“Personal Data” means any information that identifies, relates to, describes or is reasonably capable of being associated with or linked, directly or indirectly with an individual.

Personal Data includes, but is not limited to: your name, phone number, email address, your physical or postal address, student ID numbers, accounts and passwords, social security number, date of birth, place of birth, your device IP address, biometric information such as your photograph or fingerprint, education records and any data associated with health or family financial information.

We also use the terms aggregated data and de-identified data when we discuss educational reporting requirements, statistics, and research.

“Aggregated information” means that data that could directly or indirectly identify an individual student has been removed (de-identified) and the remaining data has been combined with multiple records to use for statistical information and summaries.

 For example, information about the graduation rate for a graduating class or school is combined with graduation rates for other schools and districts across California for statewide statistical reporting.  Statistics on the percentages of students by outcomes and student subgroups is publicly posted to demonstrate school, school district and state educational performance and accountability, but cannot identify an individual student, either directly or indirectly.

SOURCES OF DATA

Personal Data includes data that is collected:

  • Directly from you during registration and enrollment, when you upload data or create educational work products, or when you contact us for inquiries or support

  • From your device when you connect to an CC website, application or service

  • From your previous school or primary school of record, acting on your behalf when you or your school initiates registration and enrollment with us.

PARENTAL CONSENT

We obtain and strictly enforce Parent or Guardian Consent prior to setting up any accounts or services for all children, specifically including children under the age of 13 in accordance with the Children’s Online Privacy and Protection Act (COPPA) as well as for students under 18 years of age or are otherwise not legally “eligible” by federal education privacy laws to provide consent on their own behalf as explained below.

Under the Family Educational Rights Privacy Act (FERPA), an “eligible” student is a student who has turned 18 years of age or a student who has not yet turned 18 but who has graduated from high school and attends a postsecondary institution. Eligible students may also include emancipated minors regardless of whether the student has turned 18 years of age. Upon reaching “eligible” status, all rights transfer from the Parent to the student.

For CC Full Time, Flex and Global students, consent is obtained directly from the Parent or Guardian or an eligible student during registration and enrollment. For our franchise students, consent might be obtained on the student’s behalf when the student’s primary school of record enters into an agreement with CC to provide educational services.

WE DO NOT

  • We do not sell your personal information.

  • We do not use or share your information for any advertising or marketing purposes that is not specifically related to your educational services or school purposes, such as school sponsored events, activities, communications and announcements.

  • We do not publish student photos, video, audio recordings or student work without the written student and parent or guardian consent (see our Media Release Form)

  • We do not allow students to use cell phones or other electronic devices to capture, record or transmit videos, pictures or audio recordings of any other students or staff members without prior approval and consent from the school, parent/guardian and student

  • We do not disclose “Directory Information” as defined in the Family Educational Rights Privacy Act (FERPA) to any external entities, including military recruiters and universities

  • We do not collect or process your data for any purposes that are not legally required or necessary for legitimate educational interest

  • Retain personal data beyond what is necessary to provide CC educational services and support, to comply with federal, state, and local education records retention requirements; to comply with legal orders or retention requirements specified in a contract or similar agreement between your primary schools of record and CC.

WHAT WE COLLECT AND WHY

We have organized the types of data we process by overall subject areas detailed below to give you a meaningful context of what the data is why we need it, and how it is used. Nevertheless, the specific categories and pieces of personal data will vary based on the individual student type, course choices and selections, and may not be identified here. Please contact us using a method in the ‘How to Contact Us’ section if you would like to know more about any type of personal data we process that may not be described here.

Cookies. When visitors or users connect to an CC website, application or technology within our environment, we automatically send “cookies” to your device. Cookies are small data files our servers send to your device, referred to as “session cookies” and persistent cookies”. Session cookies are removed when you close your browser or session. Persistent cookies are stored on your device and are used to remember your preferences and settings, enable and optimize site navigation and function, and collect statistical information from your device on how the application or service is performing and enables us to monitor performance, administer and troubleshoot any service or functionality problems.

Persistent cookies used for statistics and analytics may contain information about your device and browser, such as your device ID and IP address, your browser type and version, and your device Operating System,  On a case by case basis, we may need to combine this information with additional logs, such as your account login and session information if we need to assist you to troubleshoot and resolve technical problems. We do not use, disclose or share any of our cookies or analytics data for behavioral targeting of advertising to students.

Do Not Track Signals. Do Not Track (DNT) is a privacy preference you can set in your web browser, which allows you to opt out of tracking by websites and online services. CC does not perform any tracking for advertising or marketing purposes and therefore does not respond to DNT signals.

Application Use Statistics. We collect general usage data about the number of visitors that visit our site and internal environment to see infrastructure and application performance trends, load times, errors and slow transactions. We use this data to ensure our infrastructure and applications are sized effectively for performance during peak usage times and the overall traffic volume, monitoring and troubleshooting of any issues that would degrade student performance, and improve our education applications, products and services

Application Licensing Data. For our Global users, we collect license usage logs showing per-seat and per course license usage data.  The License usage data includes the student’s first and last name, ID, email address and course usage information. We use this data for license and course statistics and analysis, to ensure students have the access needed for their courses and troubleshoot any license problems preventing course accessibility and usage.

Application and Security Logging.  When you are connected to an CC website, application or technology within our learning environment, we automatically collect information about your device, which may include; your IP address, your Operating System information, your browser information and version, your site interaction and usage activity. We may correlate this information with other security relevant logs if we need to investigate security incidents, protect against malicious, deceptive, fraudulent, or illegal activity and remove or prosecute those responsible for that activity. We keep security relevant logging data for at least one year but may keep for longer periods if needed for security events and incident investigations. Logs associated with security incidents or illegal activity may be shared with CC Incident Response service partners, law enforcement and legal personnel to investigate and prosecute illegal activity.

Assessments. We create, administer and record information related to student assessment, including; discussion based assessments, module exams, quizzes, segment exams, observation data and statewide assessments such as California Standards Assessments (FSA), and related statewide assessment data. The amount of personal data needed will be dependent on the type of assessment, but generally includes; the student first and last name, grade-level, gender, Student ID(s),  the test date, the course subject, the school and school district ID, and performance scores.  We use assessment information to determine student progress and needs, aid in placement determinations, record student achievement, and maintain accountability and performance reporting required by the California State Board of Education.

Attendance. For our CC students, we record daily and cumulative attendance. Attendance Reporting data includes the student’s first and last name,, birthdate, gender, grade-level, daily and the annual cumulative days present, daily, and cumulative days absent, prior school, enrollment entry date with CC and withdrawal date if applicable.

Communications. When visitors and guests that are not registered with CC yet contact us by phone, email, Facebook or twitter message, we ask  for your first and last name, your email address and/or phone number to respond and maintain contact with you until your question is answered or assistance is completed to your satisfaction. If you contact us using the ‘Request Info’ link to request information about our educational offerings, we also ask whether you are a parent, student, teacher, school administrator or other interested visitor, which educational offerings you would like to know more about, and what Country and State you are located in to determine what educational offerings are right for you.

Conduct and Discipline. This subject area contains data related to student conduct, disciplinary and behavioral information, from minor infractions up to major incidents including suspensions and expulsions. 

Demographics. For our full-time students, we collect student demographics information that may indicate highly sensitive information about the student and their family. This information is strictly controlled and limited to a minimum number of staff needed to administer these educational programs and services.

Enrollment and Registration. When a parent/guardian or eligible student registers and enrolls with us under the CC program, we collect data including; the Parent/Guardian and Student’s contact information described below, the student demographics information,

Media Consent. Names, images and/or course work of CC students will not be published in print video/form, or on our website without the written student and guardian consent.   We will specifically request your consent to use your student’s name, photos or video for internal CC media.

Please note, the Family Educational Rights Privacy Act (FERPA) defines ‘Directory Information’ as “information that is generally not considered harmful or an invasion of privacy if released and can also be disclosed to outside organizations without a parent’s prior written consent”. For CC students where we your primary school of record , we do not release directory information to any non CC affiliated external entities, including military recruiters and universities.

Parent/Guardian and Student Contact Information. When a parent/guardian or eligible student registers with us, we collect; the student’s first and last name, email address, phone number, home or postal address and username for initial student account setup, grade-level, student-type, parent or guardian full name, username for initial parent/guardian account creation tied to the student account, relationship to student, email, phone and contact preferences, including text message Opt-In preferences to receive school communications over text. We use this information to: respond to questions or assistance tickets when you contact us, facilitate communications between students, parents, educators and support staff tyour student’s personalized learning, relay school communications and announcements, notify you of school sponsored events, activities and educational services, grants and scholarships opportunities that you may be interested in; features and updates to our learning environment platforms, applications or educational content.

Parent/Guardian IDs. This data category refers to the CC Parent/Guardian account identifiers that are tied to the student’s account. Data associated with the Parent/Guardian ID includes the parent contact information, email address, account name, password and security questions. These accounts are used for Parent/Guardian login to monitor the student’s progress, communicate with teachers and staff to support their student’s learning needs.

Schedules. For CC students, we collect information on student requested courses by grade-level and term to match the courses needed with teachers certified for the required courses. This data includes the student first and last name,

CONDITIONS FOR RELEASE OR DISCLOSURE

Parents of Eligible Students. Under the Family Educational Rights Privacy Act, parents can request and access the records of the “eligible student” without the student’s consent if the student is a dependent for tax purposes.

Legal Obligations. We may be required to disclose information about education records, including discipline records in response to subpoenas, court orders, ongoing legal action or litigation, the Department of Juvenile Justice, and law enforcement authorities with legal orders or interagency agreements.

Cyber Security Incidents. We monitor CC system and application logs to prevent, detect and investigate security events and incidents, protect against malicious, deceptive, fraudulent, or illegal activity and remove or prosecute those responsible for that activity. We may provide evidence from incident investigations to law enforcement officials, including the local police or the Federal Bureau of Investigation (FBI) and legal counsel to facilitate criminal investigations and prosecution.

HOW WE PROTECT PERSONAL DATA

CC uses industry standards and best practices policies, procedures and techniques to provide defense in depth protection for our systems and your data. This includes, but is not limited to:

  • We utilize next generation application and network-based firewalls, associated technologies and techniques to prevent and detect a wide range of ongoing threats and vulnerabilities.

  • We employ multiple access control methods and techniques to limit student data access to the minimum number of authorized staff needed to administer and provide educational services.

  • We use Identification and Authentication controls and techniques for systems, devices and users, including multi-factor authentication.

  • We adhere to strict personnel security procedures to verify all CC employees undergo background checks and fingerprinting.

  • All CC employees must complete security and privacy training prior to accessing CC systems containing student personal data.

  • We utilize a continuous process to detect and resolve newly discovered vulnerabilities.

  • We perform internal and external penetration tests as part of our ongoing Risk Assessment process.

  • We enable system and security relevant logging at multiple levels and forward these logs for near real time monitoring and detection of security events and incidents.

  • We regularly conduct full and partial system backups to enable complete and timely restoration of systems, data and services following an outage, event or incident.

YOUR RIGHTS

RIGHT TO ACCESS. You have the right to access, inspect and review your personal data. For CC parents/guardians and eligible students, your personal data is accessible from your CC account home and student records tab. If you have any problems or need assistance to access your records, please contact us using one of the contact options below for assistance.

RIGHT TO CORRECT. You have the right to request correction or amendment to the content of your student education record on the grounds that it is inaccurate, misleading, or in violation of your privacy rights. Please contact us using one of the contact options below to request corrections or amendments, with a clear description of the record and why it should be changed. If CC decides not to amend your personal data, we will notify you of the decision and reasons, as well as your right to request a hearing regarding the request for amendment. Additional information regarding the hearing procedures will be provided to the parent/guardian or eligible student when notified of the right to a hearing. If the hearing results in a decision not to correct the requested record, you have the right to place a statement in the record commenting on the contested information and why you disagree with the decision.

RIGHT TO WITHDRAW CONSENT. You have the right to provide written consent before a school discloses personally identifiable information from your education record except for the legally authorized purposes discussed in the disclosures section above. For our CC students, we follow a do-not-disclose by default policy. Parents/guardians and eligible students may choose to Opt-In and consent to disclose for specific purposes, such as our Media Consent Form. You have the right to change your consent choices or preferences at any time. Please contact us using one of the contact options below for assistance.

EXERCISE YOUR RIGHTS. We encourage Parents/Guardians and eligible students to not only understand your rights concerning your personal data, but to exercise your rights without fear of discrimination or reprisal. We will not reduce, degrade or deny any of the existing education services or protections we provide when you exercise your privacy rights.