Marketing Website Privacy Policy

Last Updated: April 2026

Definitions

The following capitalized terms apply throughout this Privacy Policy (or “Policy”). Capitalized terms used in this Policy that are not included below are defined elsewhere in the Policy.

“Aggregated Data” is information about groups or categories of individuals, which does not identify and cannot reasonably be used to identify an individual.

“Data Owner” means an individual that has direct ownership claims over the data in question, or an individual that is an authorized representative of an organization that has ownership claims over the data in question. For instance, with student data, the Data Owner might be the student themselves, the student’s parents, or a district IT administrator that is authorized to manage the district’s student data.

“Derivative Data” means information that is related to a user, but is created and exists within the QuaverEd program. For instance, student assessment data from assessments taken in the QuaverEd platform would be Derivative Data.

“Digital User Metadata” means information related to a user’s device or interaction with the platform (such as browser type, IP address, or device information). This data is generally not used by QuaverEd to directly identify individuals but may be considered personal data under certain laws.

“Individual” or “consumer” means a living natural person.

“Legitimate Interest” is when we have a business or commercial reason to use your information, so long as this is not overridden by your own rights and interests.

“Non-Personal Data” is any information that does not directly or indirectly identify, and cannot reasonably be used to identify, an individual, household, or device.

“Personal Data” is any information that can identify, relate to, describe, or be linked with a consumer or their household. This includes data identified as Personally Identifiable Information (PII) pursuant to the Family Educational Rights and Privacy Act (“FERPA”).

“Process,” “Processing,” or “Processed” means any operation or set of operations performed on Personal Data, including through automated means.

“Sensitive Personal Data” is Personal Data that reveals a consumer’s (a) social security, driver’s license, state identification card, or passport number; (b) account log-in, financial account, debit card, or credit card number in combination with any required security or access code, password, or credentials allowing access to an account; (c) precise geolocation; (d) racial or ethnic origin, religious or philosophical beliefs, or union membership; (e) the contents of a consumer’s mail, email and text messages, unless the business is the intended recipient of the communication; (f) genetic data; (g) the Processing of biometric information for the purpose of uniquely identifying a consumer; (h) Personal Data collected and analyzed concerning a consumer’s health; or (i) Personal Data collected and analyzed concerning a consumer’s sex life or sexual orientation.

“User Data” is a term that encompasses user Personal Data, Digital User Metadata, and Derivative Data.

Introduction and Organizational Info

We, at QuaverEd, are dedicated to serving our customers and contacts to the best of our abilities. Part of our commitment involves the responsible management of Personal Data collected through our Website, and any related interactions. Our primary goals in processing this information include:

• Enhancing the user experience on our platform by understanding customer needs and preferences.
• Providing timely support and responding to inquiries or service requests.
• Improving our products and services to meet the evolving demands of our users.
• Conducting necessary business operations, such as billing and account management.

It is our policy to process Personal Data with the utmost respect for privacy and security. We strive to adhere to all relevant regulations and guidelines to ensure that the data we handle is protected against unauthorized access, disclosure, alteration, and destruction. Our practices are designed to safeguard the confidentiality and integrity of your Personal Data, while enabling us to deliver the services you trust us with.

We have a designated Data Protection Officer (DPO). Should you have any questions or require further information about how we manage Personal Data, please feel free to contact us at PrivacyDirector@QuaverEd.com.

Your privacy is our priority. We are committed to processing your Personal Data transparently and with your safety in mind. This commitment extends to our collaboration with third-party services that may process Personal Data on our behalf, such as in the case of sending invoices.

Scope and Application

Our Privacy Policy is designed to protect the Personal Data of all our stakeholders, including website visitors, registered users, and customers. Whether you are just browsing our Website, using our services as a registered user, or engaging with us as a valued customer, we strive to ensure that your Personal Data is processed with the highest standards of privacy and security. This Policy outlines our practices and your rights related to Personal Data.

QuaverEd collects User Data for educational purposes to fulfill our contractual obligations and provide services to our customers, acting as a School Official with a legitimate educational interest as defined in FERPA.

Any individual over the age of 18 years old who establishes a QuaverEd account or purchases a QuaverEd license authorizes QuaverEd to collect and utilize their User Data. QuaverEd is authorized to collect and utilize User Data for users under the age of 18 (students) when a parent, guardian, or educator of such student (a) establishes a QuaverEd account for the student user; (b) instructs the student user to establish a QuaverEd account; or (c) directs the student user to complete educational tasks (assignments, activities, and the like) utilizing the QuaverEd platform. QuaverEd is also authorized to collect and utilize User Data for any users created as a result of bulk User Data exchange from an educational organization administrative entity.

Data Collection and Processing

Our commitment to transparency and data protection extends to how we collect and use your Personal Data. We gather Personal Data through various interactions, including but not limited to, when you access our Website, utilize our services or products, such as Curriculum and Service Provider, or directly provide information to us.

Non-Personal Data

During your interaction with our Website and services, we may collect aggregated, non-personal non-identifiable information. We are not aware of the identity of the user from which the Non-Personal Data is collected. We may collect Non-Personal Data regarding your use of our Website, such as the scope, frequency, latency, pages accessed and viewed, time and date stamp, interactions with content and materials displayed through our Website, language preference, and other technical information regarding the device used to access the Website. We may sometimes Process and anonymize or aggregate Personal Data and identifiable information in a manner that creates a new set of data that will be Non-Personal Data. Such a new data set can no longer be associated with any identified natural person. Non-Personal Data may be used by us without limitation and for any purpose. If we combine Personal Data with Non-Personal Data, the combined information will be treated as Personal Data.

Student Personal Data

QuaverEd does not require that any student Personal Data be entered into our platform. QuaverEd offers the option of creating student accounts, but student accounts are not required. If an educational entity wants to utilize QuaverEd’s student account functionality, in order to do so, the educational entity may choose what Personal Data to share with the QuaverEd platform. Student accounts may be created utilizing anonymous credentials. To make student account management more effective and intuitive, student Personal Data may be shared with QuaverEd. Student names, emails, IDs, and more can be shared with QuaverEd to make it easier for students to log in and for teachers to identify students within the program.

In compliance with COPPA, QuaverEd does not collect Personal Data directly from any user under the age of 13 without the explicit consent of an authorizing adult, such as the teacher, district representative, or guardian. Any data entry forms on QuaverEd, including but not limited to account sign up forms, contact forms, and more, require that users certify that they are over the age of 13 before entering any Personal Data, or they require explicit authorization from an authorizing adult to collect such information from the student user. QuaverEd does not request Personal Data directly from users under the age of 13 without the authorization of an authorizing adult through approved methods, including but not limited to email, phone, or in-site forms.

Personal Data

We may collect from you, directly or indirectly, during your access or interaction with our services and Website, individually identifiable information, namely information that identifies an individual or may, with reasonable effort, be used to identify an individual. We may also collect Personal Data from our adult educational users, including but not limited to teachers, school counselors, principals, and district administrators. For these users, we require name and email address. This identifying information is critical for the creation, protection, and maintenance of a QuaverEd licensed user account.

Adult users, including but not limited to teachers, counselors, administrators, and parents, may be asked to share Personal Data with QuaverEd to support critical account functionality or powerful educational features. Teachers may also choose to enter student Personal Data to utilize our powerful educational tools, such as assessments and gradebook functionality. Teachers must only enter student Personal Data if they have obtained proper consent from the students’ parents or educational organization.

Digital User Metadata

QuaverEd also collects Digital User Metadata, such as IP address, device, and browser information. This information is to allow us to better serve our users. For instance, we monitor the devices and browser versions used to access QuaverEd so that we can ensure that our platform continues to run smoothly on those devices and browser versions.

Derivative Data

QuaverEd collects Derivative Data, such as usage data, access data, assessment data, and more. This data is used for various educational purposes. Usage and access data is reported to educational organization leadership (school supervisors and district administrators) to provide insight into how their users are utilizing QuaverEd. Assessment data allows teachers to measure, track, and report student progress from within the QuaverEd platform.

Data Collection Protocols

Collecting Data from Users. All User Data is collected over secure channels. Data collected within QuaverEd’s program is always transferred securely using HTTPS and TLS protocols. If a user needs to deliver sensitive data to QuaverEd outside of the program itself, an sFTP transfer will be utilized.

Collecting Data From Administrative Entities (School or District IT). QuaverEd receives User Data from schools and districts utilizing secure exchange protocols agreed upon by both parties. These secure exchange methods include but are not limited to sFTP transfers and API exchange using HTTPS and TLS protocols. All data exchanges of this nature are set up with the administrative entity’s approval and participation. Administrative entities must obtain proper consent from their students’ parents or guardians before sharing student data with QuaverEd.

Sensitive Personal Data

As part of our Website and provision of services to you, we do not knowingly Process any Sensitive Personal Data, including data that constitutes or reveals racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, genetic data, biometric data, data concerning a person’s health or data concerning a person’s sex life or sexual orientation.

Lawful Basis for Processing (GDPR)

The table below details the Processing of data, the purpose, lawful basis, and Processing operations pursuant to GDPR:

Please note that the Processing operation for each purpose of use and lawful basis detailed in the table above may vary. Such Processing usually includes a set of operations made by automated means, such as collection, storage, use, disclosure by transmission, erasure, or destruction.

Categories of Personal Data Collected (CCPA/CPRA)

In the twelve (12) months prior to the “last updated” date of this Policy, and pursuant to the California Consumer Privacy Act (“CCPA”) and California Privacy Rights Act (“CPRA”), we have collected the following categories of Personal Data:

We may also use certain Personal Data to comply with professional or regulatory obligations or to prevent potentially prohibited or illegal activities, fraud, misappropriation, infringements, identity theft, and any other misuse of the Website, as well as to protect the security or integrity of our services and the Website, and to take precautions against legal liability. Such Processing is based on our Legitimate Interests.

We may also use certain Personal Data for the following purposes:

• To fulfill or meet the reason you provided the information
• Creating, protecting, and maintaining a QuaverEd licensed user account
• To ensure our platform continues to run smoothly on supported devices and browser versions
• To provide insight on how users are utilizing QuaverEd
• Customizing and adapting user experience
• Authentication and security
• Content delivery
• Communication efforts
• Analytics and performance tracking
• Displaying videos
• Providing access to exclusive content
• To send you our promotional materials or those of our affiliates, business partners, service providers, and advertising networks
• Tag management
• User engagement and retention
• To provide class rosters
• Communication of critical account communications
• To provide, support, personalize, and further develop our Website, products, and/or services
• To provide you with support and to respond to your inquiries
• To enforce or apply our policies and other agreements, including for billing and collection purposes
• To personalize your website experience and to deliver content relevant to your interests
• To respond to law enforcement requests and as required by applicable law, court order, or governmental regulations
• Compliance with legal obligations
• To evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets
• Where you consent

How We Collect Information

QuaverEd has various methods for collecting the categories of Personal Data listed above in Data Collection and Processing. Data may be collected directly from users or shared by administrative entities, such as school or district IT departments. Depending on the nature of your interaction with us, we may collect information from you as follows:

Directly from you. For example, we obtain information from you when you contact us through the Website, sign up for offers, updates, data entry forms, and other communications, complete forms on or through the Website, create or update an account, submit reviews and other content to the Website, or participate in surveys, sweepstakes, contests, or promotions offered on or through the Website.

Automatically. We may use cookies or similar tracking technologies (such as pixels, tags, agent, etc.) to gather some information automatically, including:

• Details of your visits to our Website, including traffic data, browser activity location data, logs, and other communication data and the resources that you access and use on the Website.
• Information about your computer and internet connection, including your IP address, operating system, device, and browser type.
• Information about the types of marketing communications that you open and/or to which you respond.
• Page URLs and referrers.

We may share this information with third parties, including analytics and marketing business partners.

Data Utilization

We advertise through various digital platforms and temporarily capture Digital User Metadata. QuaverEd may use limited Digital User Metadata to measure the effectiveness of advertising and improve outreach efforts. We do not use student data for advertising purposes and do not target advertising to users under 18.

Specific User Data elements are utilized for differing purposes. For instance, a student’s name might be used to populate a teacher’s class roster in QuaverEd and allow the teacher to identify the student within the program. A teacher’s email address might be used for critical account communications.

Data Storage and Protection

Data Storage

Personal Data is stored in secure servers located in the United States. For services that require international data transfer, we ensure that such transfers comply with all applicable laws and maintain data protection standards equivalent to those in our primary location or as required by applicable law.

We partner with reputable data hosting providers committed to using state-of-the-art security measures. These partners are selected based on their adherence to stringent data protection standards.

Data Protection Measures

Encryption: To protect data during transfer and at rest, we employ robust encryption technologies.

Access control: Access to Personal Data is strictly limited to authorized personnel who have a legitimate business need to access the data. We enforce strict access controls and regularly review permissions.

Security audits and monitoring: Regular security audits are conducted to identify and remediate potential vulnerabilities. We also monitor our systems for unusual activities to prevent unauthorized access.

Data Sharing and Disclosure

We do not sell, trade, rent, or share Personal Data in exchange for money. However, under certain privacy laws, our use of your Personal Data may nonetheless be considered a “sale” of Personal Data. We do share your Personal Data with third parties, as outlined in this Policy, or as otherwise permitted by law. We may share Aggregated Data, Non-Personal Data, and other information that does not identify any individual with our business partners, affiliates, service providers, and advertisers for the purposes outlined in this Policy, without restriction.

Pursuant to CCPA/CPRA, in the twelve (12) months prior to the “last updated” date of this Policy, we have disclosed the following categories of Personal Data for a business purpose:

Third-Party Service Providers

We may share your information with third-party service providers who perform services on our behalf. Such third parties may have access to Personal Data on a need-to-know basis and will be contractually obliged to keep your information confidential. These partners are prohibited from using your Personal Data for any purpose other than to provide these services to QuaverEd.

For more information on cookies and tracking technologies, please see our Cookie Policy.

Subcontractors

QuaverEd sometimes employs subcontractors to fulfill our duties to our customers. Any subcontractors employed by QuaverEd who are given any access to User Data are held to QuaverEd’s strict protocols and standards regarding the handling and protection of that data.

Data Processing Agreements

When we share your data with third-party service providers, we do so under the protection of Data Processing Agreements (DPAs) that ensure your information is managed in accordance with GDPR and other relevant data protection laws. These agreements mandate that third parties implement adequate technical and organizational measures to ensure the security of your data.

Transparency and Control

We believe in transparency and providing you with control over your Personal Data. You will always be informed about any significant changes to our sharing practices, and where applicable, you will have the option to consent to such changes. For any queries or concerns about how we share and disclose Personal Data, please reach out to us at PrivacyDirector@QuaverEd.com or +1 (866) 917-3633.

User Rights and Choices

European Economic Area (GDPR – EEA) and United Kingdom (GDPR UK)

GDPR provides consumers (EU residents) with specific rights regarding their Personal Data. If you are an EU resident, this section describes your GDPR rights and explains how to exercise those rights. The scope of your rights as described herein may further be limited by the Union or Member State law to which we might be subject.

If you are a resident of the EU or UK and using the Website, we are the “controller” of your Personal Data for the purposes of GDPR (EEA and UK). Under GDPR (EEA and UK), you may have the following rights:

• Right of access (Art. 15 GDPR): You have the right to request access to the Personal Data we hold about you and to obtain information about how we process it.
• Right to rectification (Art. 16 GDPR): If you believe that any Personal Data we hold about you is incorrect or incomplete, you have the right to request its correction or completion.
• Right to erasure — “Right to be Forgotten” (Art. 17 GDPR): You have the right to request the deletion of your Personal Data when it is no longer necessary for the purposes for which it was collected, among other circumstances.
• Right to restriction of processing (Art. 18 GDPR): You have the right to request that we restrict the processing of your Personal Data under certain conditions.
• Right to data portability (Art. 20 GDPR): You have the right to receive your Personal Data in a structured, commonly used, and machine-readable format and to transmit those data to another controller.
• Right to object (Art. 21 GDPR): You have the right to object to the processing of your Personal Data under certain conditions, including processing for direct marketing.
• Right to withdraw consent (Art. 7(3) GDPR): Where the processing of your Personal Data is based on your consent, you have the right to withdraw that consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.
• Right Not to Be Subject to Automated Decision-Making (Art. 22 GDPR): You have the right not to be subject to decisions based solely on automated processing, including profiling, that produce legal or similarly significant effects. We do not engage in automated processing or profiling.
• Right to lodge a complaint (Art. 77 GDPR): You have the right to lodge a complaint with a supervisory authority or the UK Information Commissioner’s Office (https://ico.org.uk/for-the-public), if you believe our processing of your Personal Data violates applicable data protection laws.

Your information may be transferred to the following countries outside of the EU: the United States, Ireland, and Denmark. These transfers are conducted pursuant to Standard Contractual Clauses approved by the European Commission. You may obtain a copy of the applicable safeguards by contacting us at PrivacyDirector@QuaverEd.com.

Please check the laws of your country to determine what rights may apply to you. Our intention is to honor all applicable data protection laws.

For more information on how to exercise these rights, see Exercising Your Rights, including the Appeal Process.

Compliance with United States Privacy Laws

The California Consumer Privacy Act provides residents of California specific rights regarding their Personal Data. Additionally, at the time this Policy was last updated, certain states besides California — including Colorado, Connecticut, Delaware, Florida, Indiana, Iowa, Kentucky, Maryland, Minnesota, Montana, Nebraska, New Hampshire, New Jersey, Oregon, Rhode Island, Tennessee, Texas, Utah, and Virginia — have enacted laws that may provide their state residents with the following rights:

• Right to Know: You may request that we disclose to you what Personal Data we have collected, used, shared, or sold about you, and why we collected, used, shared, or sold that information, including the categories and specific pieces of Personal Data collected in the past 12 months, the sources from which we collected that information, our business or commercial purpose for collecting such information, the categories and specific pieces of Personal Data disclosed to third parties, and the categories and specific pieces of Personal Data sold to third parties.
• Right to Delete: You may request that we delete Personal Data we have collected about you, subject to certain exceptions permitted by law.
• Right to Correct: You may ask us to correct inaccurate information that we have about you.
• Right to Limit: You can request us to only use your Sensitive Personal Data (for example, your social security number, your genetic data, etc.) for limited purposes, such as providing you with the services you requested.
• Right to Data Portability: You have the right to request a copy of the Personal Data we have about you in a format that you can reasonably transfer to a third party.
• Right to Opt-Out: You have the right to opt out of the “sale” or “sharing” of your Personal Data or targeted advertising. You can exercise your right to opt-out by submitting your request through the link on our Website and as described in Exercising Your Rights.
• Right to Non-Discrimination: We will not discriminate against you for exercising any of your privacy rights. We will not deny you goods or services, charge you different prices or rates, or provide you a different level or quality of goods or services.

We will not engage in retaliatory conduct against our own employees, applicants for employment, or independent contractors who exercise their rights under applicable law.

You should check the laws of your state of residence to determine whether these rights apply to you. The exact scope of these rights may vary by state. Data privacy laws are constantly evolving, and the list of states herein may not be all-inclusive.

California Shine the Light Act

We may share Website visitors’ Personal Data with third parties for those parties’ direct marketing use. If you are a California resident, California Civil Code Section 1798.83 permits you to request information regarding the disclosure of your Personal Data by the Company to third parties for the third parties’ direct marketing purposes.

Nevada

Nevada provides its residents with a limited right to opt-out of certain Personal Data sales. Residents who wish to exercise this sale opt-out right may do so as provided for in the Exercising Your Rights section.

Exercising Your Rights

To exercise your data privacy rights, please contact us at PrivacyDirector@QuaverEd.com or by phone at +1 (866) 917-3633. We will respond to your request in accordance with applicable data protection laws and within the timeframes stipulated by those laws. Please note, in some cases, we may need to verify your identity as part of the process to ensure the security of your Personal Data.

The verifiable consumer request must:

• Provide sufficient information that allows us to reasonably verify you are the person about whom we collected Personal Data or an authorized representative. We may require authentication that is reasonable in light of the nature of the Personal Data privacy request made.
• Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.

Only you, or someone legally authorized to act on your behalf, may make a verifiable consumer request related to your Personal Data. You may also make a verifiable consumer request on behalf of your minor child. To designate an authorized agent, please email PrivacyDirector@QuaverEd.com and include your agent’s information.

Once you make a request to exercise your data privacy rights, we will wait at least twelve (12) months before asking you to reauthorize Personal Data sales or sharing. However, you may change your mind and opt back in to our use of your Personal Data by contacting us as provided in the Contact Us section below.

To opt-out of Targeted Advertising, you or your authorized representative can click on the following link: Manage Cookie Preferences

To opt-out of the sale or sharing of your Personal Data, you or your authorized representative can click on the following link: Do Not Sell or Share My Personal Data

You may also enable, where available, a universal tool that automatically communicates your opt-out preferences, such as the Global Privacy Control.

In addition, you have other mechanisms to control your information, including:

• Tracking Technologies and Advertising. You can set your browser to refuse all or some browser cookies, or to alert you when cookies are being sent. If you disable or refuse cookies, please note that some parts of this site may be inaccessible or not function properly. For more information, see our Cookie Policy.
• Disclosure of Your Information for Third-Party Advertising. You can opt out of receiving targeted ads from members of the Network Advertising Initiative (“NAI”) on the NAI’s website at https://optout.networkadvertising.org/?c=1.

Responding to Your Data Privacy Request

We endeavor to confirm receipt of all data privacy requests within ten (10) business days. We endeavor to substantively respond to a verifiable consumer request within forty-five (45) days of its receipt, or as required by applicable law. If we require more time (up to another 45 days), we will inform you of the reason and extension period in writing.

The information in our response will cover the 12-month period preceding our receipt of your request. If we cannot comply with your request or any portion of your request, our response will explain the reasons we cannot comply.

We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded.

Sensitive Data and/or Biometric Data

We only process Sensitive Personal Data with your prior consent and only for specific purposes that are clearly disclosed at the time of collection. You may withdraw your consent at any time by submitting your request through the link on our website or by email to PrivacyDirector@QuaverEd.com.

Appeal Process

To appeal a decision we may make regarding your data privacy request, please contact us within 60 days of receiving our response by submitting your request through the link on our website or by using one of the following methods:

• Email: PrivacyDirector@QuaverEd.com
• Phone: (866) 917-3633

In your appeal request, please include your original request, the date of our response, and a brief explanation of why you believe our decision was incorrect.

Cookies and Tracking Technologies

At QuaverEd, we value your privacy and are committed to being transparent about our use of cookies and other tracking technologies on our Website. These technologies play a crucial role in ensuring the smooth operation of our digital platforms, enhancing your user experience, and providing insights that help us improve.

Understanding Cookies and Tracking Technologies

Cookies are small data files placed on your device that enable us to remember your preferences and collect information about your website usage. Tracking technologies, such as web beacons and pixel tags, help us understand how you interact with our Website and which pages you visit.

How We Use These Technologies

Essential cookies: These are necessary for the Website’s functionality, such as authentication and security. They do not require consent.

Performance and analytics cookies: These collect information about how visitors use our Website, which pages are visited most frequently, and if error messages are received from web pages. These cookies help us improve our Website.

Functional cookies: These enable the Website to provide enhanced functionality and personalization, like remembering your preferences.

Advertising and targeting cookies: These are used to deliver advertisements more relevant to you and your interests. They are also used to limit the number of times you see an advertisement and help measure the effectiveness of the advertising campaign.

Your Choices and Consent

Upon your first visit, our Website will present you with a cookie consent banner, where you can:

• Accept all cookies: Consent to the use of all cookies and tracking technologies.
• Reject non-essential cookies: Only essential cookies will be used to provide you with necessary website functions.
• Customize your preferences: Choose which categories of cookies you wish to allow.

Where we use third-party advertising cookies, such third parties may receive and independently collect, through the use of such tracking technologies, some or all types of Personal Data detailed above, as well as additional data sets, including to combine such information with other information they have independently collected relating to your online activities across their network of websites, for the purpose of enhanced targeting functionality and delivering personalized ads. These third parties collect and use this information under their own privacy policies, and we are not responsible for their privacy practices.

Although we do not sell your Personal Data in exchange for money, we do engage in targeted advertising on the Website. This type of advertising activity may be considered a “sale” of Personal Data under certain U.S. Privacy Laws and may also be referred to as “targeted advertising.” We do not use student data for advertising purposes and do not target advertising to users under 18.

We also honor browser-based opt-out signals, such as the Global Privacy Control (GPC) and Universal Opt-Out Mechanisms (UOOM), by automatically disabling non-essential cookies when such signals are detected.

For Interest-Based Advertising (“IBA”) opt-out options on desktop and mobile websites, please visit:

• Digital Advertising Alliance (US): https://www.aboutads.info/choices/
• Digital Advertising Alliance (Canada): https://youradchoices.ca/en/tools
• Digital Advertising Alliance (EU): https://www.youronlinechoices.com/
• Network Advertising Initiative: https://optout.networkadvertising.org/?c=1

We may update our use of cookies and tracking technologies to improve our services or comply with legal requirements. We will notify you of any significant changes and seek your consent where necessary.

For more detailed information about the cookies we use, their purposes, and how you can manage your preferences, please visit our detailed Cookie Policy.

International Data Transfers and Retention

At QuaverEd, we may transfer your Personal Data to locations outside of your country of residence, including to countries that may have different data protection laws than those in your jurisdiction. We want to assure you that any such transfers are conducted with the utmost care and in compliance with applicable data protection regulations, including the General Data Protection Regulation (GDPR).

Wherever your Personal Data is transferred, stored or Processed by us, we will take reasonable steps to safeguard the privacy of your Personal Data. These steps may include implementing standard contractual clauses (e.g., the “Standard Contractual Clauses” approved by the European Commission), obtaining your consent, or other lawful means of transferring Personal Data. By using the Website, you acknowledge that your Personal Data will be stored and/or Processed as set forth above. If you have any concerns about how your data is being transferred, stored, or Processed, please contact us as provided in the Contact Us section below.

Data Retention

QuaverEd retains Personal Data as long as it is needed to provide our services and operate our Website. We will not retain your Personal Data for longer than necessary for the purposes set out in this Policy. Different retention periods apply for different types of Personal Data. When the data is no longer needed, QuaverEd will de-identify any User Data so that it can no longer be associated to any real individual. QuaverEd will retain the de-identified User Data solely for internal research and product development purposes.

User data also may be destroyed when it is no longer needed. Data authorized for destruction will be securely destroyed following industry best practices, such as NIST SP 800-88. Depending on the data storage format, the destruction method will vary.

Children’s Privacy

At QuaverEd, we are committed to protecting the privacy of children who use our services. We recognize the importance of safeguarding the personal information of minors, and we take steps to ensure compliance with applicable laws and regulations, including the Children’s Online Privacy Protection Act (COPPA) in the United States and similar regulations in other jurisdictions.

Age Requirements

Our services and Website are not intended for children under the age of 13. We do not knowingly collect Personal Data from children under this age without verifiable parental consent. If you are under the age of 13, please do not use our services or Website, or provide any Personal Data to us.

Collection and Use of Children’s Information

If we become aware that we have inadvertently collected Personal Data from a child under the age of 13 without verifiable parental consent, we will take prompt steps to delete such information from our records. If you believe that we may have collected Personal Data from a child under the age of 13 without parental consent, please contact us immediately at PrivacyDirector@QuaverEd.com or +1 (866) 917-3633.

Verifiable Parental Consent

For certain features or services that may be directed towards children, we may obtain verifiable parental consent before collecting, using, or disclosing Personal Data from a child. Verifiable parental consent may be obtained through methods such as:

• Providing a consent form to be signed and returned by the child’s parent or guardian.
• Verifying a parent’s identity through a credit card transaction or other means.

Parental Rights

Parents or legal guardians of children under the age of 13 have the right to review, update, or delete any Personal Data collected from their child. To exercise these rights or to request the deletion of a child’s information, please contact us at PrivacyDirector@QuaverEd.com or +1 (866) 917-3633.

Direct Marketing and Communications

At QuaverEd, we may use your Personal Data to send you direct marketing communications about our products, services, promotions, and other relevant information that we believe may be of interest to you. We are committed to ensuring that our direct marketing practices are transparent, lawful, and in compliance with applicable data protection laws, including the General Data Protection Regulation (GDPR) and the ePrivacy Directive.

Obtaining Consent for Direct Marketing

Opt-in consent: We will obtain your explicit opt-in consent before sending you direct marketing communications, where required by law. This means that you will have the opportunity to actively consent to receiving marketing messages from us before we send them to you.

Unsubscribe option: Every direct marketing communication we send will include clear instructions on how to unsubscribe or opt-out from receiving future marketing communications. You can exercise your right to opt-out at any time, and we will promptly honor your request to stop sending you marketing messages.

Types of Direct Marketing Communications

We may use your Personal Data to send you direct marketing communications via various channels, including:

• Email
• Geotargeted marketing

Managing Your Preferences

You have control over the direct marketing communications you receive from us. You can manage your communication preferences by using the unsubscribe link provided in our marketing emails or text messages.

Data Security

QuaverEd has a robust data security program in place to ensure the protection of the data we handle and to comply with legal regulations, including FERPA and COPPA. We have a comprehensive data security manual detailing procedures for data collection, use, storage, transfer, destruction, and security incident response. All QuaverEd employees with access to sensitive data undergo criminal background checks, attend annual data security training, and sign confidentiality agreements.

All student Personal Data is stored encrypted in place at all times utilizing at least 256-bit encryption protocols. All User Data is stored in access-restricted systems within the United States. Only authorized QuaverEd employees can access sensitive data, and only to serve the needs of our users.

QuaverEd is a digital platform with a sophisticated web architecture. While all systems are designed and managed by QuaverEd, our web hosting infrastructure is provided by Amazon Web Services (AWS). User Data is stored securely on AWS infrastructure within the United States. AWS acts as a data processor and does not access or use User Data except as necessary to provide hosting services. AWS meets or exceeds QuaverEd’s strict protocols for data security, and it is our understanding that it complies with all federal and state statutes, including FERPA.

QuaverEd does not accept responsibility for unauthorized disclosure of User Data that occurs as a direct result of customer or user negligence. Users should utilize strong passwords and access QuaverEd utilizing secure networks. Users should never share their access credentials or personal data with any unauthorized parties or over any insecure channels.

Data Breach Notification Procedures

At QuaverEd, we understand the importance of protecting your Personal Data and take proactive measures to safeguard it. In the event of a data breach that poses a risk to your privacy rights and freedoms, we have established clear procedures for promptly identifying, assessing, and mitigating the impact of the breach. Our data breach notification procedures are designed to comply with applicable data protection laws and regulations, including the General Data Protection Regulation (GDPR).

Detection and Assessment

Internal monitoring: We employ robust security measures and monitoring systems to detect and respond to potential data breaches promptly.

Assessment of breach impact: Upon discovery of a data breach, we will conduct a thorough assessment to determine the nature and scope of the breach, including the types of Personal Data involved and the potential impact on affected individuals.

Notification Obligations

Regulatory authorities: If required by law, we will notify the relevant data protection authorities of the data breach within 24 hours of confirming and assessing the breach, following the procedures specified by applicable regulations.

Affected individuals: If a data breach poses a significant risk to your privacy rights and freedoms, we will notify you within 24 hours of confirming and assessing the breach, providing clear and concise information about the breach, the types of Personal Data affected, and the steps you can take to protect yourself.

Communication Channels

Email notification: We may notify affected individuals via email, using the contact information provided to us, if feasible and appropriate.

Support and Assistance

In the event of a data breach, we are committed to providing affected individuals with the support and assistance they need, including guidance on steps they can take to mitigate the potential risks associated with the breach. If you have any questions or concerns about a data breach or believe you may have been affected, please contact us immediately at PrivacyDirector@QuaverEd.com or +1 (866) 917-3633.

Policy Updates and Changes

At QuaverEd, we are committed to keeping you informed about how we handle your Personal Data and any changes to our privacy practices. We may update this Privacy Policy from time to time to reflect changes in legal requirements, industry standards, or our business operations. We want to assure you that any updates will be communicated transparently and in accordance with applicable data protection laws.

Notification of Changes

Notification process: In the event of significant changes to our Privacy Policy that may affect your rights or the way we handle your Personal Data, we will provide notice through prominent means, such as email, our Website, or other appropriate channels. We will also indicate the effective date of the updated policy at the top of the document.

Reviewing changes: We encourage you to review our Privacy Policy periodically to stay informed about how we collect, use, and protect your Personal Data. Your continued use of our services and Website after any changes to the Policy signifies your acceptance of the updated terms.

Contact Us

If you have any questions or concerns about our Privacy Policy or any updates to it, please don’t hesitate to contact us: