THINKING NATION PRIVACY POLICY
Last updated October 22, 2024
INTRODUCTION
This Privacy Policy describes how Thinking Nation Corp. (“TNC”) collects, protects, uses and shares Personally Identifiable Information (“PII”) and other data of Users of its educational products and services (collectively, “Services”). The Services are designed to facilitate and support learning and education in and for the history curriculum of the School.
II. Definitions
For purposes of this Privacy Policy, the following terms and legal authority are defined as follows:
1. “AWS” means Amazon Web Services.
2. “Beacons” means single pixel images, web beacons and other similar technology that TNC may use to (i) track usage of its website, (ii) track response rates to certain activities and promotions within its website, and (iii) identify certain information regarding the time and manner of access to its website such as the type of browser, operating system, domain names, etc.
3. “Cookies” means small text files that TNC may transfer to the User’s local device through the User’s web browser to (i) speed the User’s navigation to TNC’s website, (ii) recognize the User and the User’s access privileges, (iii) track the User’s usage and preferences of TNC’s website, (iv) detect any cookies previously set by the User’s server, and (v) identify certain information regarding the time and manner of access to TNC’s website.
4. “CCPA” means the California Consumer Privacy Act, California Civil Code section 1798.100. CCPA applies to all California residents and it allows them to request that TNC disclose certain information about its collection and use of their PII during the previous twelve (12) months, provided that the requests are made no more than twice within a twelve (12) month period. California residents also may request that TNC delete their collected or stored PII, but TNC may deny this request if the PII is necessary for (i) the completion of the Services for the User, (ii) the detection of security incidents or the protection against malicious, deceptive, fraudulent or illegal activity, (iii) the identification and repair of bugs or errors that impair existing intended functionality, or (iv) the compliance of a legal obligation. California residents may elect to not allow TNC to sell their PII. If TNC wishes to do so involving a California resident between the ages of 13 and 16, TNC must receive affirmative approval from the resident first. If the resident is under the age of 13, TNC must receive affirmative approval from the resident’s parent or guardian first.
5. “CIPA” means the Children’s Internet Protection Act, 47 U.S.C. section 254(h). CIPA sets forth necessary procedures, protections and restrictions for schools to implement regarding (i) children’s access to obscene or harmful content over or through the Internet, (ii) the safety and security of children when using e-mail, chat rooms, etc., (iii) “hacking” and other unlawful on-line activities by children, and (iv) unauthorized disclosure, use and dissemination of children’s PII. Schools may not receive discounts through the E-rate program if they do not comply with CIPA.
6. “COPPA” means the Children’s Online Privacy Protection Act, 15 U.S.C. sections 6501-6506. COPPA applies to operators of websites and online services that collect PII from children under the age of 13 years old. It requires TNC to include in this Privacy Policy (i) a list of all third party operators (and their contact information) that are collecting or receiving PII from TNC, (ii) a description of PII that is collected and how TNC uses it, and (iii) a description of parental rights including the right to provide consent before the collection of a child’s PII, to review the PII collected, to request the deletion of PII, to refuse to allow further collection of PII, to allow the collection of PII but not the disclosure of it to third parties, etc. The School may act as the agent of the parent and provide consent to the collection of PII, so long as the PII is used exclusively for educational purposes.
7. “FERPA” means the United States Family Educational Rights and Privacy Act, 20 U.S.C. section 1232g, 34 CFR Part 99. FERPA provides students with privacy rights and protection for educational PII collected and processed on behalf of educational institutions receiving government funding from the U.S. Department of Education. FERPA provides students with rights to obtain from these educational institutions access to their educational records, as well as correction and amendment of their educational records, even though the CCPA does not apply to non-profit and public educational institutions. The privacy rights of students under FERPA do not apply to directory information.
8. “PII” means information personally identifiable to a specific User including information that relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular User or his, her or their TNC account. This information may include, but is not limited to, the User’s full name, home address, telephone number, email address or other online contact information such as operating system and internet service provider, education records, student records, etc.
9. “School” means a school, school district, college, university or other education institution or education agency that contracts with TNC and uses the Services for the benefit of its students.
10. “Services” mean the TNC educational products and services purchased or utilized by the School.
11. “SOPIPA” means the Student Online Personal Information Protection Act California Business and Professions Code sections 22580-22585. SOPIPA applies to websites, online services and mobile apps that are designed, marketed and used primarily for k-12 school purposes. It prohibits TNC from (i) selling student information, (ii) using student information collected from its Services to target advertising, (iii) creating advertising profiles of students; and (iv) the disclosure of PII unless required by law, for education or School purposes only, or as part of the maintenance and development of its Services. SOPIPA requires TNC to use proper business security practices and to delete data upon request from the School or parent.
12. “SSL” means secure socket layers.
13. “User” means a student, instructor, teacher or administrator, who is an authorized end-user of the Services.
III. Use and Disclosure
TNC collects, processes and uses data in order to provide the Services and for other education-related purposes. This data may include PII. TNC may use and disclose PII and other data to the User’s School, and may use and disclose PII and other data as requested or authorized by the School, or by an applicable governmental educational agency or authority, for administrative, audit and evaluation purposes, such as to evaluate the educational efficacy and efficiency of the Services.
TNC also may collect, use and disclose PII and other data: (a) with the User’s consent or the consent of the User’s parent if applicable or required by law; (b) in response to a subpoena, court order or legal process, to the extent permitted or required by law; (c) to protect the health, safety and security of the Services, TNC’s website, and User and other person’s data, assets and
systems, consistent with applicable law; (d) in connection with a sale, joint venture or other transfer of some or all of TNC’s company or its assets, subject to the commitment of the acquiring entity to comply with this Privacy Policy; (e) to prevent, detect, investigate or address actual or suspected security breaches, fraud or other illegal activities or misconduct; or (f) in order to exercise its legal rights, including the enforcement of any applicable contract with the User or the School.
TNC may disclose PII and other data to affiliated TNC companies and other companies and organizations who perform work for TNC. These companies are obligated to protect the confidentiality of the PII and other data consistent with this Privacy Policy.
IV. Third-Party Analytic Services
TNC may use a third-party service, such as Google Analytics, to collect anonymous visitor data from and on its website. If TNC uses a third-party service to collect this data, the third-party service will not collect PII associated with this data. The third-party service however may collect non-PII anonymous visitor data like IP addresses, browser types (such as Internet Explorer, Chrome, Firefox, Mozilla, Safari, etc.), the accessing apps, or referring websites. TNC may use this information for appropriate education-related purposes including, but not limited to, the (i) providing of anonymous statistical analysis of web page traffic patterns, (ii) administration and audit of the Services, and (iii) confirmation of User and other compliance with the applicable terms, conditions and rules associated with the Services and TNC’s website.
V. Marketing and Advertising
TNC will not use PII or other data for marketing purposes and will not knowingly direct or send marketing communications to a User. TNC does not permit third-party advertising networks or similar services to access or collect PII or other data from TNC’s website or within the Services.
VI. No Sale of Personal Information
TNC does not sell or rent PII or other data. While TNC does not sell PII or other data, Users may email a request for no sale of their PII to help@thinkingnation.org.
VII. Compliance with Legal Authority Regarding Data Protection
TNC and School each will comply with all applicable provisions of CCPA, CIPA, COPPA, FERPA, SOPIPA and any other applicable law including California Education Code sections 49060 – 49085. School shall be responsible for the full satisfaction of and compliance with the requirements described in California Education Code section 49073.1. School also will solicit, procure, receive and maintain any and all consents required by law for User access to and use of the Services.
VIII. Security and Destruction of Student Records
To protect PII and other data from unauthorized and unintended access, use and disclosure, TNC maintains a comprehensive information privacy and security program and employs reasonable and appropriate physical, administrative and technical safeguards. This program includes the use of SSL and secure firewalls, and all PII and other data are stored in highly secure AWS data centers. TNC performs periodic risk assessments of its information security program and prioritizes prompt remediation of identified security vulnerabilities.
TNC however cannot and does not guarantee that there will never be a security breach. In the event of a security breach, TNC will communicate and cooperate with the School to notify the Users and their parents, if appropriate.
At the conclusion of the school year, all data collected and stored within the system, including personally identifiable information (PII) of students, will be securely stored in the platform and retained for a period of four (4) years, provided that the partner remains contracted with TNC. This secure retention allows for ongoing tracking of student and teacher progress. In the event that the contract is terminated, all data, including PII and educational records, will be securely destroyed to ensure privacy and compliance with applicable data protection regulations.
IX. Feedback and De-Identified Data
TNC may provide Users with the opportunity on a voluntary basis to evaluate and provide feedback regarding the Services. TNC may use and disclose such data in de-identified form, as well as other de-identified data collected and processed through the Services, so it may deliver, maintain, support, evaluate and improve the Services, conduct educational research, develop new products and programs, and for other legitimate educational purposes.
TNC may use de-identified data to publicly report student performance for marketing purposes. De-identified data is not considered PII under this Privacy Policy.
TNC may communicate with Users by email to provide updates and information about the Services and to request User evaluation and feedback about the Services. TNC will provide Users with a means or method to express their email preferences or unsubscribe to emails in accordance with applicable law.
X. Cookies and Other Technologies Used to Collect Information
TNC may receive and store certain User information through the use of Cookies, Beacons and other similar technologies. Users and Schools have a variety of tools to control the use of, block and delete Cookies, Beacons and similar technologies. Disabling or blocking Cookies, Beacons and these other similar technologies may prevent or impair the required functionality and use of the Services, and TNC recommends that you do not block or delete them.
XI. Use of Artificial Intelligence
Thinking Nation Corporation (TNC) may use Artificial Intelligence (“AI”) technologies, including custom large language models (LLMs) to enhance its educational services, such as through automated content analysis, rubric-based scoring, or the generation of personalized feedback. These AI tools are designed to assist educators by providing consistent, standards-aligned feedback aligned to Thinking Nation’s proprietary rubrics. They support — but do not replace — the professional judgment of teachers and administrators.
Importantly, students do not interact with AI systems or chatbots directly. All AI-generated feedback is derived from students’ written responses and is delivered through educator-mediated platforms or reports. AI is used solely as a tool to apply Thinking Nation’s standardized rubrics in order to support student growth and instructional decision-making.
TNC reviews all AI-driven processes regularly to ensure fairness, transparency, and compliance with applicable education and privacy laws. Data used in AI models is either anonymized or de-identified, where appropriate. TNC does not use AI to make high-stakes decisions about students without human review and oversight.
XII: International Use
If Users access the Services from beyond the physical borders of the United States, this access may be through or to servers or systems located in the foreign country from where the Services were accessed. In this situation, PII and other data will be transmitted, stored and shared in accordance with and subject to this Privacy Policy and the privacy laws of the United States which may not be equivalent to the laws in effect elsewhere. Users will have no expectation of or right to privacy laws greater than or different from those set forth in this Privacy Policy.
XIII. User PII Responsibilities
To help protect the privacy and security of their PII, Users shall (i) protect, secure and never share their passwords; (ii) only access the Services using secure networks; (iii) maintain updated internet security and virus protection software on their devices and computer systems; (iv) immediately change a password and request their School to contact TNC if there is a suspicion or indication that their password has been compromised; and (v) immediately request their School to contact TNC if they have a security or privacy concern or issue.
XIV. Account Removal
In the event a User or User’s parent, when appropriate, wishes to delete or remove the User’s PII or account, please send an email to help@thinkingnation.org.
XV. Technical Assistance
Students may not request technical assistance or support directly from TNC. Only instructors, teachers or administrators of a School may request technical assistance or support directly from TNC, and they may only do so by sending an email to help@thinkingnation.org.
XVI. Changes to the Privacy Policy
TNC reserves the right to change, amend, edit or revise this Privacy Policy at any time and for any reason or no reason, so every User and School must review this Privacy Policy regularly. Notice of any change, amendment, edit or revision to this Privacy Policy may be distributed and delivered by TNC through any commercially reasonable manner, including but not limited to, an updated posting on the TNC website, and will become effective immediately upon the distribution or delivery of the notice without further acceptance or approval by the User or School. Continued access or use of the Services by the User or School after the distribution or delivery date of the notice shall be deemed to be full and complete acceptance and approval by the User or School. If a User or School has any question or concern regarding any change, amendment, edit or revision to the Privacy Policy, please send an email to help@thinkingnation.org.