Privacy Notice

Last Modified: June 2025

The Commons, Inc. and its affiliates (“The Commons,” the “Company”, “we”, “our”, or “us”) respect your privacy and are committed to protecting it through this Privacy Notice (“Privacy Notice”). This Privacy Notice describes the type of information we may collect from you or that you may provide to us when you visit www.the-commons.app the affiliated subdomains (the “Site”), use our Services (as defined in our Terms of Service) that we provide to you or which are available through our Services and our policies and practices regarding how we collect, use, and disclose that information. If you engage in Services offered by us, then you may be subject to other terms and conditions and disclosures relevant to the Services that are not included in this Privacy Notice.

BY ACCESSING OR BROWSING THE SITE OR USING THE SERVICES, YOU CONSENT TO THE COLLECTION AND USE OF YOUR INFORMATION AS DESCRIBED IN THIS PRIVACY NOTICE, AS MODIFIED FROM TIME TO TIME BY US.

This Privacy Notice applies to information we collect:

  • From schools and school districts (“Institutions”)
  • From students of Institutions (“Students”)
  • From visitors to the Site and our mobile application (“App”) (collectively, with Institutions, and Students, “you” or “user”)
  • In email, text, and other electronic messages between us.
  • When you engage with us to use our Services or request information about our Services.

Students cannot use the App without a school-provided QR code. The App does not collect student accounts, passwords, or personally identifiable information directly from students.

Note for Students and Parents:  The Commons App is designed to support classroom focus and reduce distractions during the school day. Students cannot use the App without a school-provided QR code. The App does not collect student accounts, passwords, or personally identifiable information directly from students. We do not track student location, browsing history, or personal messages. Any school-based data (such as compliance status, permission status, or general screen time activity) is visible only to authorized school staff and is never used for advertising, profiling, or behavior prediction.

The Commons App for students does not require registration, login, or personal data entry. It does not include in-app purchases, advertisements, or public posting features. This Privacy Notice references account creation, order processing, or subscription features only for institutional users or website visitors, not to students using the App as part of a school program.

The Site may provide links to or the ability to connect with non-Company websites, services, social networks, or applications. Clicking on those links or enabling those connections might allow the third-party to collect or share information about you. Those third-party websites or services are beyond the Company’s control. We advise you to check the privacy policies and terms of use of any non-Company websites or services before providing any of your Personal Information to them.

We reserve the right, at any time and without notice to you, to add to, change, update, or modify this Privacy Notice. If we decide to change our Privacy Notice, we will post a new notice on our Site and change the date at the top of the Privacy Notice. Any change, update or modification will be effective immediately upon posting on our Site and will apply to any Personal Information provided to us on and after that date. If we make changes to our Privacy Notice, your continued use of the Site or Services after we make changes is deemed to be your acceptance of those changes, so please check the Privacy Notice periodically for updates.

If we make a material change to this Privacy Notice—particularly one that affects how we collect, use, or share personal information—we will notify our school partners directly. In some cases, schools may choose to notify students and families in accordance with their own privacy and communication policies.

If you have questions about this Privacy Notice or how your school uses The Commons, please contact your school administrator or email us at support@the-commons.app.

I. THE TYPES OF INFORMATION WE COLLECT.

A. Personal Information

We collect “Personal Information,” which is information that can be used to identify you individually.

We collect the following Personal Information from Institution users, e.g. schools and school districts: full name, mailing address, email address, and the full names of students and their grade levels. During onboarding of Institution users, we collect administrator login details such as name, role, email address, and credentials for accessing the school dashboard. Administrators may access the dashboard using secure login credentials or Single Sign-On (SSO), depending on their school’s configuration. SSO integrations are used solely for authentication and do not provide The Commons with access to any additional data beyond what is needed for authorized access.

We also collect personal and organizational contact information from school or district representatives who engage in commercial transactions (including billing, contracting, and other similar transactions) with The Commons. This may include names, roles, email addresses, mailing addresses, billing contacts, and billing details such as ACH, purchase orders, or payment processing credentials. This information is never linked to student usage and is handled in accordance with applicable data privacy and security standards.

We do not collect any personal information directly from Students given that The Commons App does not include login or account creation, and Students do not enter Personal Information. Further, Student App use does not generate any Personal Information. The App is implemented under the direction of participating schools and functions to support student focus, tech balance, and overall well-being under local school policy.

As part of the onboarding process with Institutions, schools may upload basic student roster information—typically including first name, last name, grade level, and, in some cases, a school-issued ID number or email address. This information is used solely to:

  • Generate secure QR codes that pair student devices with the school’s administrative dashboard and enable school-level reporting of compliance and general screen time. These QR codes do not store or transmit any personal student data and are used solely to activate the app within the school’s secure system.
  • Enable school-level reporting of individual compliance status and screen time during school hours, based on the school-provided roster.

The Commons does not log or access app content, browsing history, location data, or personal communications. Reporting is viewable only by authorized school staff and is not used for profiling or advertising purposes.

B. Registration and Transactional Data

Students do not create accounts, register for services, or input login credentials into The Commons App. Any user registration described in this section applies only to school or district administrators accessing secure dashboards or contracting services with The Commons.

If you are using our Site or Services, you are required to submit an email address, password, and additional Personal Information. We may collect and store access information related to your account.

When you have an account with us, the combination of your username and your password is the key to your account with our Services. We recommend that you use a unique combination of letters, numbers, and special characters to create your password. You are responsible for all actions taken in the name of your account. You should not disclose your password to anyone. You may be subject to legally binding actions taken on your behalf. Therefore, if your password has been compromised for any reason, you should immediately notify us at support@the-commons.app and, if available, login to your account at the Site and change your password.

 We may also track and retain the details of all transactions and communications between Customers, target audiences, and other visitors on our Site and Services such as emails, feedback, ratings, sale and purchase of Services, and any other forms of communications. We may use and display your name when you send an email or other communication through our Site or Services.

C. Payment Information

If you use our Services as an Institution, we may collect information related to your transaction. This information includes your payment method (ACH, credit card or debit card number, account, and authentication information), billing information, and shipping and delivery details.

To the extent the Services or any portion thereof is made available for any fee or through a subscription, your access will be granted following payment of the applicable fees to Company. Your account and access to the Services may be suspended in the event of non-payment of applicable fees. We may, but are not obligated to, cancel inactive, or unpaid subscriptions.

You agree to provide accurate and complete billing information, including valid credit card information (if applicable), your name, mailing address, and email address, and to provide The Commons or other third party processor with any changes in such information. 

D. Contact Us Information and Feedback

We may collect information from individuals (including Students) when they voluntarily provide personal information via the Site, such as submitting a support request, signing up for a newsletter, completing a feedback form, or when you submit comments, questions, or suggestions to us using the Contact Us form or by email, including attached files in an email sent to us. These activities are purely optional and occur outside of the App. We do not knowingly collect personal data from children under 13 without verified school consent (which includes parental consent) and a clearly defined educational purpose. Any comments, questions, or emails we receive from you are subject to the terms of this Privacy Notice.

E. Computer and Device Information

We collect information from or about the computers and devices that you use to access the Services, as determined and allowed by the personal settings you have for the computer and device. This includes operating system, device configuration, web log files, and limited technical data. We may use network-based signals—such as Wi-Fi, beacon detection, or general device telemetry—to determine whether a device is present within a designated school zone. These technologies are used solely to activate or deactivate school-directed functions. They do not involve GPS tracking or continuous location monitoring.

We collect operating system, device settings, location, web log files, and other code tracking devices from any device you use to access our Services and any pages at our Site. You can turn-off and adjust settings on your computers and devices that will not allow us to collect information. For example, in many cellular devices, you can turn off location settings by selecting the “Settings” feature, choosing “Privacy” and turning-off “Location.”  Note: The Commons App requires certain device permissions (such as location, motion, and VPN) to function properly in accordance with school policy. These permissions allow the App to activate during school hours, block distracting content, and ensure compliance reporting.

Although these settings may be adjustable in your device’s system preferences, disabling them may result in the App not working as intended. Schools may notify students and families if required permissions are missing.

Device Permissions Required by the App
 The Commons student-facing app requires several device permissions to function in accordance with school policy:

  • Location Permission – Allows the app to detect presence within the designated school zone, ensuring features activate only during school hours. The App does not track precise GPS location. It only detects whether a student is inside or outside the school zone based on Wi-Fi or motion triggers, not continuous tracking.
  • Notification Permission – Enables the app to send alerts about compliance status or missing permissions.
  • Motion Permission – Helps the app optimize performance and battery life while at school.
  • VPN Permission – Establishes a secure connection that filters distracting content during school hours, without logging browsing history. The VPN operates strictly within a school-defined window (e.g., during school hours and within school zone) and is configured to block non-educational content. It does not log browsing history, inspect private content, monitor app usage or affect internet traffic outside of school hours. Once school hours end, the VPN deactivates automatically.

These permissions are used strictly for technical functionality and are never used to collect personal content, track movement outside of school zones, or share data with third parties. Disabling these permissions may prevent the App from working as intended. School administrators may be alerted if a required permission is missing.

F. Transactions & Communications with Third Parties

Note: The App contains no advertising and does not serve targeted content. Any email or digital marketing activities apply only to Site visitors, newsletter subscribers, or school personnel interacting with our Services. Student information is never used for advertising purposes.

The Site and Services may contain applications to enable you to connect to and from social networking sites and we may collect information about you from such social networking sites in order to provide you with a more personalized experience.

Some content, email, or text message marketing campaigns from our Site and Services may be served by third-parties, including advertisers, ad networks and servers, content providers, and application providers. These third parties may use cookies alone or in conjunction with web beacons or other tracking technologies to collect information about you when you use our Services. The information they collect may be associated with your Personal Information or they may collect information, including Personal Information, about your online activities over time and across different websites and other online services. They may use this information to provide you with interest-based (behavioral) advertising or other targeted content.

We may enable third parties to serve advertisements available through our Services, Site, or on third-party websites or other media (e.g., social networking platforms) that enable us and third parties to target advertisements to you for products and services in which you might be interested. Third-party ad network providers, advertisers, sponsors, or traffic measurement services may use cookies, JavaScript, web beacons (including clear GIFs), LSOs and other tracking technologies to measure the effectiveness of their ads and to personalize advertising content to you. These third-party cookies and other technologies are governed by each third-party’s specific privacy statement, not this one. For more information on each of these third parties’ privacy practices and to learn how to opt out, please visit each of their websites and contact them directly. We may provide these third-party advertisers with Personal Information.

We may also receive your personal information if you follow us or any of our brands on social media sites, for example, Meta, Instagram, X, LinkedIn, TikTok, or Pinterest. This applies only to users engaging with our corporate accounts. The Commons student-facing App does not link to, access, or collect data from social media platforms, and no student App data is shared with or influenced by these channels.  We may collect personal information when you communicate with us on these social media sites or use functionalities, widgets, tools, or plugins from social media platforms or networks in connection with our Site and Services. This includes, but is not limited to, when you log into an account, share purchases or content with your friends and followers on social media, or when you click “Like.” You understand and agree that if you make a post on social media or identify us in your social media by tagging us or using a hashtag (#) or “at” (@), your personal information may be publicly available and is subject to the privacy policy of the applicable social media platform. For more information on each of these third parties’ privacy practices and to learn how to opt out, please visit each of their websites and contact them directly.

G. School Partnership Participation

In connection with school partnerships, including but not limited to pilot programs, we may collect limited feedback, usage metrics, and testimonials (written, video, or otherwise) from administrators, educators, and students. We will not publicly share any personally identifiable information (PII) without your or your institution’s express written consent. Any marketing, case study, or promotional use of pilot results will be fully reviewed and approved by participating institutions in advance.

II. HOW WE USE AND SHARE INFORMATION.

A. Provide our Services

We use Personal Information to operate, maintain, and improve the features available through our Site and school-facing services. This may include responding to inquiries submitted through contact forms, facilitating school onboarding, delivering requested materials, and managing curriculum licensing. In the future, we may offer e-commerce functionality for school administrators to purchase curriculum or related services directly through our website.

For the App, in limited cases, such as when a technical support request is submitted, we may use voluntarily provided information to investigate compliance or performance issues through the school’s administrative dashboard. This information is used solely for troubleshooting and is not linked to App usage beyond the scope of the specific support request.

When we have general location information, we use it solely to detect whether a device is within a designated school zone, in order to activate or deactivate app restrictions. No GPS tracking or continuous location monitoring is performed.

The App also tracks compliance status and overall active screen time to help schools support focus and digital balance. Although we do not access browsing history, social media content, or in-app behavior, usage trends may be analyzed in aggregate or at the school level to help administrators support students more effectively. These features operate within a privacy-first, school-directed framework and do not involve behavioral advertising or profiling.

We may use secure third-party analytics platforms to support internal reporting, compliance monitoring, or the creation of dashboards for school administrators. These tools are configured to exclude or encrypt any personally identifiable student data and are used solely to improve performance and support educational outcomes.

We may also use third-party services on our public-facing website for analytics or advertising purposes (e.g., remarketing ads or campaign performance tracking). These services may use their own cookies or tracking technologies, which we do not control. If you have questions about targeted content served to you outside of our platform, please contact the responsible provider directly.

Note: The Commons student-facing App does not include advertising, third-party tracking tools, or personalized marketing. It does not collect personal communications, browsing history, or user-generated content.

B. Consent to Contact By Mobile Phone

By providing us with your mobile phone number, you hereby expressly consent to receive automated text messages (including SMS and MMS) from us at the mobile phone number you provided.  You represent that you are 21 years of age or older and you have the consent of the wireless account holder associated with the mobile phone number you provided.  You are responsible for all charges and fees associated with text messaging imposed by your wireless provider. Message and data rates may apply.

Text messages may be sent using an automatic telephone dialing system or other technology. Your consent to receive autodialed marketing text messages is not required as a condition of purchasing any goods or services. If you have opted in, we may provide updates, special offers, inside news, access to events, ways to enter sweepstakes, instant win games and other marketing offers via text messages through your wireless provider to the mobile number you provided. Message frequency varies.

Note: The Commons App does not collect phone numbers, request mobile device contact information, or send SMS messages. Any texting functionality applies only to individuals who voluntarily provide their number through external channels such as our website, newsletter forms, or support interactions. We do not collect or use phone numbers from students through the App, and no SMS features are used within student-facing services.

C. Internal Analysis and Promotions

We may use non-personal, de-identified, or aggregate information to evaluate and improve our Services. This includes internal analysis for system performance, infrastructure reliability, user experience, and understanding usage patterns across our partner schools. For example, we may use anonymized metrics to estimate general engagement, measure feature usage, or assess platform stability.

We may also use limited Personal Information from school administrators and authorized staff (such as names, roles, email addresses, and login credentials) who access our administrative dashboard to monitor account activity, improve user experience, support training and onboarding, and ensure the security and functionality of the platform.

We work with secure, education-aligned third-party providers to support hosting, identity management, diagnostics, and analytics. These platforms may process limited technical telemetry, such as device type, app version, or crash reports, for the sole purpose of improving platform stability. Where school dashboards display student-level analytics (e.g., compliance and screen time), those insights are based on roster data uploaded by the school and are visible only to authorized school staff within an encrypted environment.

The Commons does not access student content, browsing history, or communications. Usage trends may be provided to administrators to support student well-being or guide interventions. The App may also deliver supportive nudges, such as reminders to stay focused, prompts to re-enable a missing permission, or positive feedback when a student meets expectations, to encourage healthy digital habits and reinforce school policy. These nudges are driven by simple usage metrics, not behavioral modeling or prediction, and are solely controlled by the school. These features are never used for advertising, commercial targeting, or profiling.

In some cases, we may securely outsource infrastructure, analytics, or related services to trusted third-party vendors. These providers are contractually bound by strict confidentiality and FERPA/COPPA compliance obligations and are only granted access to the minimum data necessary for their role.

We may also use contact information submitted via our public-facing website (e.g., through demo requests, support forms, or newsletter signups) to respond to inquiries and improve engagement with institutional users.

D. Marketing Purposes

If you provide us with feedback, we will collect that information and we may use it in our marketing materials, use it on our Site or Services, or disclose it for any purpose we choose. Your Personal Information will not be disclosed or associated with any feedback that we use or disclose unless you have given us permission to use your Personal Information for this purpose. We may use computer and device information for marketing purposes, to examine traffic to the Site and Services and improve the Site and Services to provide you a better experience.

E. Legal Requirement 

We may disclose Personal Information, non-personal information, and aggregate information:

(a)  to comply with laws, cooperate and respond to requests and claims, or comply with legal process served on us (e.g., a lawful subpoena, warrant, or court order);

(b)  to enforce or apply our Terms of Service, policies, or agreements (including to initiate, render, bill, and collect for amounts owed to us);

(c)  to protect and defend us or our user's rights or property, the Site, Services, our employees, visitors, or the public (including protecting and defending from fraudulent, abusive, or unlawful use of the Site or Services); or

(d)  if we reasonably believe that an emergency involving immediate danger of death or serious physical injury to any person requires disclosure of communications or justifies disclosure of records without delay.

When applicable, disclosures of student-related information are strictly limited to authorized school personnel and made in accordance with FERPA, COPPA, and other relevant privacy regulations.

F. Company Sale

We may disclose certain information we collect during negotiations of any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company. Any such purchaser will be subject to all applicable federal and state laws, including student privacy laws. If we decide to move forward with a transaction, we will also ensure that any successor entity echoes our commitment to student privacy.

III. HOW YOU CAN MANAGE YOUR INFORMATION

When you browse our Site, we automatically receive your computer’s IP Address in order to provide us with information that helps us learn about your browser and operating system. With the exception of your IP Address, you may choose not to provide us with any Personal Information. In that case, you can still visit and browse our Site, but you will not have access to or be able to use our Services.

A. Account Settings

Individuals who set up an account with us may elect to receive or stop receiving information from us or any third-party as described by this Privacy Notice. If you receive email communications from our Services, you may use the unsubscribe link contained in the email. Please contact us at support@the-commons.app if you need assistance.

B. Request Changes

Schools and authorized institutional representatives may request updates, corrections or deletions of Personal Information by sending an email with the request and a detailed description of the specific content or information to support@the-commons.app. Please be aware that such a request does not ensure complete or comprehensive removal of the content or information you have posted and that there may be circumstances in which the law does not require or allow removal even if requested.

Parents or students wishing to review, modify, or remove any student-related information must contact their school directly, as the schools hold all Student personal information. We honor such requests when submitted by an authorized school official in accordance with applicable privacy laws. 

Please be aware that we cannot always delete records of past interactions and transactions. For example, we are required to retain records relating to previous sales and purchases for financial reporting and compliance reasons.

C. Manage Your Security Settings

The Commons does not use cookies on its Site. For third-party websites that may be linked to The Commons Site, you may manage how your browser handles cookies and related technologies by adjusting its privacy and security settings. Browsers are different, so refer to instructions related to your browser to learn about cookie-related and other privacy and security settings that may be available. You can opt-out of being targeted by certain third-party advertising companies online at http://www.networkadvertising.org/choices/.

You may manage how your mobile browser handles cookies and related technologies by adjusting your mobile device privacy and security settings. Please refer to instructions provided by your mobile service provider or the manufacturer of your device to learn how to adjust your settings.

Users in the United States may opt out of many third-party ad networks. For example, you may go to the Digital Advertising Alliance (“DAA”) Consumer Choice Page for information about opting out of interest-based advertising and your choices regarding how information is used by DAA companies. You may also go to the Network Advertising Initiative’s (“NAI”) Consumer Opt-Out Page for information about opting out of interest-based advertising and your choices regarding having information used by NAI members. The NAI’s main webpage is located at www.networkadvertising.org.

Opting out from one or more companies listed on the DAA Consumer Choice Page or the NAI Consumer Opt-Out Page will opt you out from those companies’ delivery of interest-based content or ads to you, but it does not mean you will no longer receive any advertising through the Services. You may continue to receive advertisements, for example, based on the particular website that you are viewing (i.e., contextually based ads). Also, if your browsers are configured to reject cookies when you opt-out on the DAA or NAI websites, your opt-out may not be effective. Additional information is available on the DAA’s website at www.youradchoices.com or the NAI’s website.

We do not control these third parties’ tracking technologies or how they may be used. If you have any questions about an advertisement or other targeted content, you should contact the responsible third party provider directly.

D.  Links to Other Websites

Please be aware that, on our Site, we may provide links to third-party websites as a service to our visitors, and that we are not responsible for the content or information collection practices of those pages. Please note that these websites' privacy policies may differ from our Privacy Notice. We encourage you to review and understand the privacy practices at third-party websites before providing them with information.

E. Opt Out 

You may opt out of receiving emails or text messages from us at any time either by texting the word “STOP” to any text message using the mobile device that is receiving the messages, by using the unsubscribe link contained in the email, or by contacting the sender. If you are unable to resolve this through these means, contact us at support@the-commons.app. Despite your election to opt-out, we may send you emails or contact you by other means regarding your account, transactions, and your activities with the Services.

F. Changes to the Service

We may change any short code or telephone number we use to operate the texting services at any time and will notify you of these changes. You acknowledge that any messages, including any STOP requests, you send to a short code or telephone number we have changed may not be received and we will not be responsible for honoring requests made in such messages. Please contact us at support@the-commons.app if you need assistance.

IV. WHAT ELSE SHOULD YOU KNOW ABOUT OUR PRIVACY PRACTICES

A. Security

We follow generally accepted industry standards to protect Personal Information, including your email address, submitted to us, both during transmission and once we receive it. However, no method of transmission over the Internet, or method of electronic storage, is 100% secure. Therefore, while we strive to use commercially acceptable means to protect your Personal Information, we cannot guarantee its absolute security. Any transmission of Personal Information is at your own risk. We are not responsible for circumvention of any privacy settings or security measures contained on the Services.

  • We use industry standard end-to-end encryption for all communications between our servers, the Commons App, and school dashboards. Also any data stored on our systems—such as student roster data provided by schools, QR code mappings, and compliance records—is encrypted .
  • Access to student-related data is restricted to authorized school personnel using secure authentication and role-based access controls (RBAC).
  • The Commons student-facing App does not store or transmit personal communications, browsing history, GPS data, or any sensitive personal information.
  • All access is logged and monitored for security, and we conduct regular security reviews and audits to ensure compliance with education privacy standards.

The safety and security of your information also depends on you. Where we have given you (or where you have chosen) a password for access to certain parts of our Services, you are responsible for keeping this password confidential. We ask you not to share your password with anyone. Administrator login credentials for the school dashboard are encrypted in transit and at rest, and access is restricted to authorized personnel using secure authentication protocols.

B. FERPA

The Commons may disclose Student information to fulfill the purpose for which you provide it and to enforce or apply agreements with The Commons.

The Commons adheres to the Family Educational Rights and Privacy Act (FERPA), as applicable, when it is providing Services to Institutions in the United States and acting as an authorized “school official” through its relationships with the Institutions as an educational partner. The Commons works with Institutions to ensure compliance with FERPA and applicable privacy laws, including by designing its App in a privacy-forward manner such that it only contains de-identified data concerning students. FERPA is a federal law that affords students (or parents/guardians for students under 18 or not enrolled in a post-secondary Institution) certain rights with respect to their education records.

C. COPPA

The Commons complies with the Children's Online Privacy Protection Act (COPPA). The Commons offers its Services to Students at K-12 Institutions, but only through partnerships with Institutions (not through any accounts with Students directly). Institutions hold all Student Personal Information, and The Commons does not collect any Personal Information from Students, including any personal information from Students under the age of 13. In fact, Students do not create accounts, enter personal data, or access the App independently — a school-issued QR code activates the App, and usage is governed entirely by the school’s policy and authority. Such Institutions also work with parents to obtain any necessary consents needed.

If The Commons learns it has collected or received Personal Information from an individual who was ineligible to access or use the Sites or Services, The Commons will take steps to remove such information. If you believe The Commons might have any information from or about a user who is ineligible to use the Sites or Services, please contact us immediately at support@the-commons.app.

D. SOPIPA

We comply with the Student Online Personal Information Protection Act (SOPIPA). Specifically, we do not use any student information for targeted advertising or behaviorally profiling a student for non-educational purposes. We do not sell, rent, or lease student personal information to third parties. Student data is used solely for educational purposes as authorized by the school or educational institution. We implement reasonable security procedures and practices to protect student data from unauthorized access, destruction, use, modification, or disclosure. We do not create a student profile unless it is required to provide the service or is authorized by the school. Any third-party service providers engaged by us are contractually bound to comply with SOPIPA’s requirements.

E. CalOPPA

In compliance with the California Online Privacy Protection Act (CalOPPA), we post this Privacy Notice clearly on our website, including a link to it on our homepage. This Privacy Notice identifies the types of Personal Information we collect, how the information is used and with whom it may be shared, how users can review and request changes to their information, the effective date of this policy and how we will notify users of any material changes. We do not permit third-party behavioral tracking on our site or services. We may use de-identified analytics and crash diagnostic tools solely to improve Site performance and user experience. These tools do not track users across third-party sites and are not used for targeted advertising.

V. CALIFORNIA PRIVACY RIGHTS; CALIFORNIA CONSUMER PRIVACY ACT (“CCPA”) AS AMENDED BY THE CALIFORNIA PRIVACY RIGHTS ACT (“CPRA”), AND OTHER STATE PRIVACY LAWS

A. Categories of Personal Information Collected

Under the CCPA, as amended by the CPRA, California created a variety of privacy rights for California consumers. Additional states have also passed laws extending similar privacy rights to their consumers. We use this notice to make disclosures required by these state laws.

You have the right to know what personal information we have collected about you, including the categories of Personal Information, the categories of sources from which the personal information is collected, the business or commercial purposes for collecting, selling, or sharing personal information, the categories of third parties to whom the business discloses personal information, and the specific pieces of Personal Information we have collected about you. Note: These disclosures apply to Site visitors, school administrators, or individuals engaging directly with The Commons, not to student data provided by schools under FERPA or other educational privacy laws.

We collect the following categories of information: identifiers (such as your name and email address), Personal Information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)) (such as your name and contact information), internet or other similar network activity, geolocation data, and inferences drawn from the collected Personal Information. This information is collected directly from you when you provide it to us (for example when you submit a form requesting more information) or automatically as you navigate through the Services. We use this information for one or more legitimate business purposes, including to improve our Services, offer information about our Services to you, and allow you to purchase and use our Services. The specific pieces of information we have collected about you vary, depending on whether you are browsing the website or are a customer, but we explained these different types of Personal Information in Section 1.A of this Privacy Notice.

We do not sell Personal Information as defined under California, Colorado, Nevada, Virginia, Utah, Connecticut, or California state laws. Further, we do not share your Personal Information as that term is defined under California and other applicable U.S. state laws.

We may collect general location data solely to determine presence within a designated school zone. This is used to activate or deactivate school-directed functions within the app. The Commons does not use GPS tracking or collect continuous location information.

B. Rights

If you are a resident of California or any other state which has passed laws extending similar privacy laws to their consumers, you have rights under your respective states’ consumer privacy statutes:

  • Right of Access: You can access your collected personal information by contacting us at support@the-commons.app.
  • Right to correct, update, or delete: You can request to correct, update, or delete your personal information by contacting us at support@the-commons.app. We cannot make changes to or delete your information in some situations where it is necessary for us to maintain your information, for example if we need the information to comply with applicable law.
  • Right to Request Disclosure of Information Collected: Please contact us at support@the-commons.app to request further information about the categories of personal information we have collected about you, where we collected your personal information, and for what purpose we use your personal information.
  • Right to Disclosure of Information Sold or Shared and Right to Opt-Out of the Sale or Sharing of your Personal Information: You have the right to know what information of yours we have sold, and you have the right to opt-out of any sale of your information. We do not sell or share any of your information. If you have any questions about these rights, please contact us at support@the-commons.app.
  • Rights to Disclosure of Sensitive Information: You have a right to know how we collect, process, and disclose “Sensitive Personal Information” (SPI). SPI includes highly sensitive data such as: social security number; driver’s license; passport number; financial account information and log-in credentials; precise geolocation data; genetic data; and ethnic origin. We do not collect and process any SPI. Please note that Company does not directly collect payment information and is not a money-services business. If this functionality is made available in the Services, it is provided by an unaffiliated third party, and like any other third-party service, subject to their terms of use. Notwithstanding the foregoing, Company may send you invoices according to an applicable agreement between you and the Company. If you have any questions about the disclosure of SPI, please contact us at support@the-commons.app.
  • Right to Retention Details: You have a right to know the length of time we retain each category of Personal Information or if that is not feasible, the criteria we will use to determine that retention period. If you have any questions about this right or our data retention protocol, please contact us at support@the-commons.app. Company stores and retains data including Personal Information for so long as may be required under the terms of an applicable agreement, or for so long as may be required to comply with a legal obligation, resolve disputes, maintain security, prevent fraud and abuse, enforce our terms of service, or fulfill your request to “unsubscribe” from further messages from us. Questions regarding data storage, recovery, and deletion should be directed to: support@the-commons.app.
  • Right to Non-Discrimination: We do not and will not discriminate against you if you exercise your rights under the CCPA, CPRA, or any other state statute extending similar privacy rights to their consumers.

When you contact us regarding any of your rights, we will verify your identity before we provide any information. If you have any questions or comments about your rights, please contact us at support@the-commons.app.

VI. EXERCISING YOUR RIGHTS UNDER THE CCPA, CPRA, and other state privacy laws

A. Submitting a Request

To exercise the rights described in this Privacy Notice, please submit a verifiable consumer request to us via email to: support@the-commons.app.

Only you, or someone legally authorized to act on your behalf (if in California, the person legally authorized to act on your behalf must be registered with the California Secretary of State), may make a verifiable consumer request related to your Personal Information. You may only make a verifiable consumer request for access or data portability twice within a 12-month period. The verifiable consumer request must provide sufficient information that allows Company to reasonably verify you are the person about whom we collected Personal Information or an authorized representative, which may include the user’s:

  • First name;
  • Last name;
  • Email address; and
  • Any other information that the Company deems necessary.

Please describe your request with sufficient detail that allows Company to properly understand, evaluate, and respond to your request.

 B. Verifying Requests

Company cannot respond to your request or provide you with Personal Information if Company cannot verify your identity or authority to make the request and confirm the Personal Information that relates to you. If Company cannot initially verify your identity or authority, Company will follow internal procedures to verify your identity and authority. Company attempts to respond to a verifiable consumer request within forty-five (45) days of its receipt. If Company requires more time (up to 45 days), Company will inform you of the reason and extension period in writing.

If you have an account with Company, Company will deliver Company’s written response to that account. If you do not have an account with Company, Company will deliver Company’s written response by mail or electronically, at your option.

Any disclosures Company provides will only cover the 12-month period preceding the verifiable consumer request’s receipt. The response Company provides will also explain the reasons Company cannot comply with a request, if applicable. For data portability requests, and to the extent that Company is able, we will select a format to provide your Personal Information that is readily usable and should allow you to transmit the Personal Information from one entity to another entity. If we are not able to do so, we will let you know.

Company does not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If Company determines that the request warrants a fee, Company will tell you why Company made that decision and provide you with a cost estimate before completing your request.

If you have any questions or comments about your rights under the CCPA, CPRA, or any other state’s consumer privacy statute, please contact us at support@the-commons.app.

 C. State Privacy Rights

You may have rights under your respective state’s consumer privacy statutes. The exact scope of these rights may vary by state to state. To exercise any of these rights, please contact us via email at support@the-commons.app.

VII. CONTACT US

To learn more about our privacy practices or this Privacy Notice, you may contact us at support@the-commons.app.