Privacy Policy

Effective date: June 18, 2018

Introduction

Student Bridge Inc and its affiliates are committed to protecting the privacy of all individuals who visit the Student Bridge Website located at www.StudentBridge.com, which includes all subdomains, present and future (the “Website”); and use the Student Bridge Services, as described at www.StudentBridge.com. In this policy, the Student Bridge Website and the Student Bridge Services are collectively referred to as the “Services.”

It is Student Bridge’s policy to respect the privacy of its Clients, the Authorized Users of its Clients, and the Authorized Visitors of its Clients who access and/or use the Services. By setting up an Account, accessing, and/or using any of the Services, Client agrees to be bound by the terms of the present Privacy Policy (the “Privacy Policy”). Client will make available to its Authorized Users and Authorized Visitors a Privacy Policy that provides at least as high a level of protection of Personal Information as set forth in this Privacy Policy.

Student Bridge reserves the right, at any time, to modify or replace the Privacy Policy. The most recent version of the Privacy Policy is available at www.StudentBridge.com. Student Bridge will notify Client via email or other direct electronic communication method of any changes that, in Student Bridge’s sole discretion, materially impact use of the Services by Client, its Authorized Users or Authorized Visitors, or the treatment of the Personal Information of Client, its Authorized Users or Authorized Visitors. Client’s use of the Services following the posting of any changes to the Privacy Policy constitutes acceptance of those changes. Client is also encouraged to check the Privacy Policy periodically for changes.

This Privacy Policy covers the treatment of personally identifiable information (“Personal Information”) and other non-identifiable information gathered by Student Bridge when Client, an Authorized User, or an Authorized Visitor is using or accessing the Services. This Privacy Policy does not apply to the practices of any third-party services or to any applications developed by third parties that Student Bridge does not own or control.

This Privacy Policy has been developed also in accordance with the EU General Data Protection Regulation (GDPR).

Personal information Student Bridge may collect and use

When Client first registers for a Student Bridge Account, Student Bridge collects some personal information about Client, its Authorized Users, and its Authorized Visitors such as: Client’s full business name, username, and email address; a unique Student Bridge user ID (an alphanumeric string) which is assigned to Client upon registration; Client’s password, in connection with Client’s Student Bridge Account and Client’s log-in facility; full names, usernames, and email addresses of Authorized Users of Client; the geographic area where Client’s computer and mobile devices and the mobile devices of Client’s Authorized Visitors are used; other optional information as part of Client’s Student Bridge Account profile.

Client may offer links to a third-party from its online applications generated by its Student Bridge Account so that an Authorized Visitor may connect to other third-party services or software, and Student Bridge may access other information related to Authorized Visitors’ social profiles. When that occurs as a first instance, a prompt will inform Client, its Authorized User, or Authorized Visitor of the details that will be accessible by Student Bridge.

When creating a Student Bridge account for Paid Services, Student Bridge collects Client’s credit card or ACH information, billing address, and such other information as is required to complete a commercial transaction on the Student Bridge site.

As a registered Client of Student Bridge, Student Bridge may also collect the following information about Client, its Authorized Users, or Authorized Visitors: full names, social media names, email addresses, general profile information, and academic information of Authorized Visitors; information posted by Client, its Authorized Users, or Authorized Visitors in the form of messages, conversations, or contributions to discussions; documents, images or other files that may be transmitted or published by Client, its Authorized Users, or Authorized Visitors via Services; information Student Bridge may receive relating to communications sent by Client, its Authorized Users, or Authorized Visitors, such as queries or comments concerning the Student Bridge Services; information relating to the real time location of a relevant computer or mobile device, but only where such relevant computer or mobile has been enabled to send Student Bridge location information

Student Bridge uses the collected information for the following general purposes:

  • to identify Client or its Authorized Users logged in to Client’s Student Bridge Account
  • to enable Student Bridge to provide the Services to Client, its Authorized Users and Authorized Visitors
  • to verify transactions Client makes and for billing, security, and authentication
  • to analyze the Website, Services and Student Bridge users, including research into Student Bridge user demographics and user behavior in order to improve the Student Bridge content and Services
  • to contact Client about its account and provide support
  • to share aggregate (non-identifiable) statistics about users of the Student Bridge Services to prospective advertisers and partners
  • to keep Client informed of information about the Student Bridge Services that Client may find useful or which Client has requested from Student Bridge, provided Client has indicated it would like to be contacted for these purposes

By submitting information to Student Bridge when registering, Client consents to the use of the information for these purposes.

Student Bridge may gather Personal Information about users via various methods (phone, email, online forms, in-person meetings) but only if such Personal Information is submitted voluntarily. Student Bridge may use such Personal Information for sales, marketing, and support of the Student Bridge Services. This Personal Information is never shared with third parties.

System and device information

Student Bridge automatically collects and receives certain information from the computer or mobile device of Client, Authorized Users, and Authorized Visitors, including the activities performed on the Student Bridge Website, the type of hardware and software being used (for example, the operating system or browser), and information obtained from cookies (see “Cookies and Related Technologies” below). For example, each time Client, an Authorized User, or an Authorized Visitor visits the Website or otherwise uses the Services, Student Bridge automatically collects the IP address, browser and device type, access times, the web page from which the user came, the regions from which the user navigated the web page, and the web page(s) the user accessed (as applicable) (collectively referred to as “traffic data”). Student Bridge may link this traffic data to Client’s unique Student Bridge user ID to better understand Client’s needs and the needs of Users in the aggregate, diagnose problems, analyze trends, provide services, improve the features and usability of the Services, and better understand and market to Student Bridge customers and website users.

Student Bridge also makes use of non-identifiable information gathered for statistical purposes to keep track of the number of visits to the Services and Website pages with a view to introducing improvements and improve usability of the Services. Student Bridge may share this type of statistical data so that its partners also understand how often people use the Services, so that they, too, may provide Client with an optimal experience. Client’s IP address and other relevant non-identifiable information may be used in order to trace any fraudulent or criminal activity or any activity in violation of the Terms.

Cookies and related technologies

Student Bridge uses tracking technology (“cookies”) on the Website, in the Services, including mobile application identifiers and a unique Student Bridge user ID to help Student Bridge recognize Clients, Authorized Users, and Authorized Visitors across different platforms. By visiting the Website or using the Services, Client agrees to the use of cookies in its browser and HTML-based emails. Cookies are small text files placed on a user’s device when visiting a web site, in order to track use of the site and to improve the user experience.

1) Session Cookies The Services use “session cookies”, which improve the user experience by storing certain information from a user’s current visit on the user’s device, such as login information. These enable Student Bridge to remember a user’s login session so the user can move easily within the Website or the Services. Without these cookies, Student Bridge would not be able to provide the Services to Client, its Authorized Users, and Authorized Visitors. These session cookies have limited functionalities and expirations, and Client and its Authorized Users will be required to re-enter its Student Bridge login information after a certain period of time has elapsed to protect Client against others accidentally accessing its account contents and related Personal Information.

2) Performance and Remarketing Cookies Partners who help us serve advertising on and off the Website and analytics companies may also put cookies on a user’s device. Student Bridge may from time to time use third-party vendors to help deliver ads for relevant Student Bridge products and services to a user when a user visits certain pages on the Student Bridge Website and then visit certain third-party sites.

i) Google Analytics Student Bridge uses a specific cookie in order to facilitate the use of Google Universal Analytics for Clients logged-in to their Account (“Logged-In User). For a Logged-In User, Student Bridge may use the Student Bridge user ID in combination with Google Universal Analytics and Google Analytics to track and analyze the pages of the Services visited. Student Bridge does this only to better understand how Client uses the Services and the Website, with a view to offering improvements for all Student Bridge Users; and to tailor Student Bridge’s business and marketing activities accordingly, both generally and specifically to Student Bridge customers. Google Analytics cookies do not provide Student Bridge with any Personal Information. Users may opt-out of this feature by installing the Google Analytics Opt-out Browser Add-on.

 ii) Google Display Advertising Additionally, Student Bridge uses Google Analytics code that allows for certain forms of display advertising and other advanced features. Subject to change, the Google Display Advertising features Student Bridge currently uses are Remarketing, Google Display Network Impression Reporting, the DoubleClick Campaign Manager Integration, and Google Analytics Demographics and Interest Reporting. These features are used to advertise online; to allow third-party vendors, including Google, to show advertising across the Internet; to allow Student Bridge and third-party vendors, including Google, to use first-party cookies (such as the Google Analytics cookie) and third-party cookies together to inform, optimize, and serve ads based on a user’s past visits to the Website and to report how ad impressions, uses of ad services, and interactions with these ad impressions and ad services are related to visits to the Website. Data from Google's interest-based advertising or third-party audience data (such as age, gender, and interests) is also combined with Google Analytics to better understand the needs of Student Bridge users and to improve the Services. A user may opt out of such display advertising at any time by visiting the user’s Google Ads Settings page or by installing and running the Google Analytics Opt-out Browser Add-on.

Student Bridge uses other third-party performance and remarketing cookies, and further information on those third-party cookies can be obtained by contacting Student Bridge at the email address below. Student Bridge may also use related technologies including web beacons, bugs, pixels, and software tokens in order to facilitate a user’s use of the Services. Most notably, the Services use software tokens (stored securely on Student Bridge-controlled servers) in order to facilitate the logging in to and the functioning of the Services. Most computer and some mobile web browsers automatically accept cookies; a user can change its browser to prevent automatic acceptance or to notify the user each time a cookie is set. The Network Advertising Initiative has also developed a tool that may help users understand which third parties have currently enabled cookies for their browsers and opt-out of those cookies. More information can be found at http://www.networkadvertising.org/managing/opt_out.asp. Please note however that, by blocking or deleting cookies, a user may not be able to take full advantage of the Website and/or Services. If a user does not want to receive tracking pixels, the user will need to disable HTML images in its email client, and that may affect the user’s ability to view images in other emails that it receives.

GDPR Data Privacy Rights

If you are an EU resident and StudentBridge is processing, and/or transmitting your personal data, then you - as an “EU data subject” – benefit from the following rights and privileges under the General Data Protection Regulation (GDPR) -  

  • Right of Access: You have the right to obtain from us, as controllers, confirmation as to whether or not personal data concerning you are being processed, and, where that is the case, access to the following personal data and information:
    1. The purposes of the processing;
    2. The categories of personal data concerned;
    3. The recipients or categories of recipient to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organizations;
    4. Where possible, the envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period;
    5. The existence of the right to request from us rectification or erasure of personal data or restriction of processing of personal data concerning you or to object to such processing; (f) the right to lodge a complaint with a supervisory authority;
    6. Where the personal data are not collected from you, any available information as to their source; and
    7. The existence of automated decision-making, including profiling, along the lines indicated by Article 22(1) and (4) GDPR, and meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for you.
  • Right to Rectification: You have the right to obtain from us without undue delay the rectification of inaccurate personal data concerning him or her. Taking into account the purposes of the processing, you have the right to have incomplete personal data completed, including by means of providing a supplementary statement.
  • Right to Erasure (“Right to be Forgotten): You have the right to obtain from us the erasure of your personal data without undue delay, and we have the obligation to erase personal data without undue delay when: a) your data are no longer necessary for the purposes for which they were collected; b) you had consented to the processing; c) you have objected to the processing, as per below; d) you persona data had been unlawfully collected; e) your personal data need to be erased as a matter of compliance with a legal obligation.
  • Right to Restriction of Processing: You have the right to obtain from us the restriction of processing if you: a) contest the accuracy of the personal data, until this is verified; b) the processing is unlawful but you don’t want erasure; c) we no longer need the persona data, but you require them to establish, exercise fo defend a legal claim; d) you have objected to processing but there is a need to verify whether our legitimate grounds override your rights to object.
  • Right to Data Portability: Where your personal data have been provided on the basis of your consent or for the performance of a contract, and their processing occurs in an automated way, you have the right to receive the personal data you have provided to us in a structured, commonly used and machine-readable format and have the right to transmit those data– or have directly transmitted - to another controller.
  • Right to Object: You have the right to object, on grounds relating to your particular situation, at any time to processing of your personal data based on a legitimate ground point (e) or (f) of Article 6(1), including profiling based on those provisions. In this case, we can no longer process your personal data unless we show that there is a compelling legitimate ground for the processing which override your interests, rights and freedoms or for our establishment, exercise or defense of legal claims.

When Student Bridge may share Personal Information

Except as provided in the next paragraphs and elsewhere in this Privacy Policy, Student Bridge does not divulge any Personal Information gathered via the Services to third parties. Notwithstanding anything in the Privacy Policy to the contrary, Student Bridge may share any information it has collected about users or that a user has submitted: (1) when the user explicitly consent to the disclosure of such information to a third party when connecting to a third-party service that asks for consent to such sharing; (2) where Student Bridge is legally required to do so, such as in response to court orders or legal process, or to establish, protect, or exercise our legal rights or to defend against legal claims or demands; (3) if Student Bridge believes it is necessary in order to investigate, prevent, or take action regarding illegal activities, fraud, or situations involving potential threats to the rights, property, or personal safety of any person; (4) if Student Bridge believes it is necessary to investigate, prevent, or take action regarding situations that involve abuse of the Services infrastructure or the Internet in general (such as voluminous spamming, denial of service attacks, or attempts to compromise the security of the Website infrastructure or the Services generally); (5) to a parent company, subsidiaries, joint ventures, or other companies under common control with Student Bridge; (6) if Student Bridge is acquired by or merged with another entity (in which case Student Bridge will require such entity to assume Student Bridge’s obligations under this Privacy Policy or inform the user that the user is covered by a new privacy policy); and (7) if this information is not private, is aggregated or is otherwise non-personal information, such as a user’s public user profile information and related public data (such as Tweets, likes, etc.) or the number of users who clicked on a particular link (even if only one did so). Subject to confidentiality obligations consistent with this Privacy Policy, Student Bridge may also disclose information to its affiliates, agents, contractors, and service providers in order to facilitate the functioning of the Services or to perform tasks that are integral to the Services, such as processing transactions, fulfilling requests for information, or providing support services or other tasks, from time to time.

Children

Protecting the safety of children when they use the Internet is very important to Student Bridge. The Services should only be accessed by Authorized Users of Client who are individuals of at least 18 years of age or by Authorized Visitors who are of Minimum Age. “Minimum Age” shall mean 14 (fourteen) years old for the United States, Canada, Germany, Spain, Australia, and South Korea; and 13 (thirteen) years old for all other countries. However, if applicable law requires that a user must be older than such ages in order for Student Bridge to lawfully provide the Services to that user (including the collection, storage, and use of information in accordance with this Privacy Policy), then the Minimum Age would be such older age. The Services are not designed nor intended for use by children under the age of 13.

Security

Student Bridge uses industry best practices to keep any information collected and/or transmitted by the Services secure. This includes the use of HTTPS with TLS (Transport Layer Security), which encrypts all transmitted data, and OAuth 2.0 protocols for authentication and data transfer. Certain Personal Information, such as Student Bridge login details, is encrypted during transmission using TLS. Once validated within the Student Bridge system, passwords are deleted from the system. In addition, Student Bridge uses third-party vendors and hosting partners to provide the necessary hardware, software, networking, storage, and related technology required to run the Services. These vendors have been selected for their high standards of both physical and technological security, including ISO and SSAE16 certifications. When payments are processed via credit card, Student Bridge uses third-party vendors that are PCI-DSS Compliant. Submission of information over the Internet is never entirely secure. Student Bridge cannot guarantee the security of information submitted via the Services while it is in transit over the Internet and any such submission is at Client’s own risk, and this risk is specifically disclaimed in our Terms of Service. It is advisable that Client logs out of its Account at the end of every session and not leave a logged-in account unattended for any period of time, particularly if using a shared computer or device.

All information accessed through StudentBridge.com is in compliance with the required information security mandates of Article 32 of the GDPR. Specifically, Article 32 mandates the following:

  • Implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including inter alia as appropriate -
    • The pseudonymization and encryption of personal data
    • The ability to ensure the ongoing confidentiality, integrity, availability and resilience of processing systems and services.
    • The ability to restore the availability and access to personal data in a timely manner in the event of a physical or technical incident.
    • A process for regularly testing, assessing and evaluating the effectiveness of technical and organizational measures for ensuring the security of the processing.

Please note that refusal to provide Personal Information may result in our inability to provide the Services to you, to manage our relationship with you, or to improve the Services.

 Information storage and international transfers

Student Bridge aligns itself with the Safe Harbor privacy principles as set forth by the U.S. Department of Commerce regarding the collection, storage, use, transfer and other processing of Personal Data transferred from the European Economic Area (“EEA”) or Switzerland to the United States. While Student Bridge itself is not certified by the US Department of Commerce, the information that a Client submits via the Student Bridge Services is hosted on secure servers located in the United States that are certified under the Safe Harbor Scheme for transfers of Personal Information outside the European Economic Area. Safe Harbor is a European Union (EU) directive on data privacy that introduces high standards of data privacy to ensure the free flow of data throughout the European Union member states, and gives the individual the right to review the personal data, correct it, and limit its use. Safe Harbor provides a way for US businesses to demonstrate that they provide adequate protection for personal information transferred to it according to EU data protection standards. Further information on Safe Harbor is available from the US Department of Commerce's website. If you are in the EEA, in transferring your Personal Information to countries outside of the EEA, we will take appropriate steps to make sure that such recipients act in accordance with applicable law. To the extent that we transfer the personal data to recipients who are located outside the European Union or the European Economic Area, we will provide an adequate level of protection of your personal data, including appropriate technical and organizational security measures and through the implementation of appropriate contractual measures to secure such transfer, in compliance with applicable law, and will inform you accordingly.  

Email preferences

Student Bridge uses email as a primary mode of communication with its Clients. A Client can manage its email preferences, such as opting-out or unsubscribing from emails sent by Student Bridge, by adjusting its preferences in its account settings. A Client may also opt out or unsubscribe from any future email communications from within a link provided in each email correspondence that Student Bridge sends.

Users’ rights

Users can contact Student Bridge to obtain a copy of the Personal Information held about a user by Student Bridge. This may be subject to a fee not exceeding any prescribed fee permitted by applicable law. A user can also ask Student Bridge to correct and, where relevant, erase that information. Please note that certain Personal Information may need to be retained by Student Bridge for a period of time following termination of a Client’s Account where this is necessary for legitimate business purposes or required by applicable law.

Contacting us

If you have any questions about this Privacy Policy, please contact:

Attention: Legal Services/Privacy Policy
Student Bridge Inc
2556 Apple Valley Rd, Suite 250
Atlanta, GA 30319
United States
Telephone: 678-242-1400
Email: policy@StudentBridge.com