Corsava’s EU Privacy Notice

Last Modified: April 12, 2022

Important Information 

We at Corsava, LLC are committed to protecting your data. The data protection practices set forth in this Privacy Notice (the “Privacy Notice”) are for technology platforms owned by Corsava, LLC (“Corsava”, “we”, “our”, or “us”). This Privacy Notice tells you how Corsava uses Personal Data collected on our technology platform(s). “Personal Data” means any personally identifiable information such as your name, address, date of birth, phone number, and email address. 

By using our technology platform(s), you are accepting the practices described in this Privacy Notice. If you do not agree with the data practices provided in this Privacy Notice, you should not use products and services provided by Corsava. We may make changes to this Privacy Notice at our sole discretion at any time. We will alert you if there is any material change to this Privacy notice.  Your continued use of this Site after we make changes to the Privacy Notice is deemed to be acceptance of those changes. 

For the avoidance of doubt, this Privacy Notice only applies to the extent we process Personal Data in the role of a processor on behalf of our users. If you have executed a Data Protection Agreement with Corsava, the terms of such agreement will supersede this Privacy Notice. 

Your Rights 

You have certain rights relating to your Personal Data, subject to local data protection laws. Depending on the applicable laws and, in particular, if you are located in the EEA, these rights include: 

  • Accessing, correcting, amending, deleting your Personal Data;

  • Objecting to any processing of your Personal Data carried out on the basis of our legitimate interests (right to object). Where we process your Personal Data for direct marketing purposes or share it with third parties for their own direct marketing purposes, you can exercise your right to object at any time to such processing without having to provide any specific reason for such objection;

  • Not being subject to a decision based solely on automated processing, including profiling, which produces legal effects ("Automated Decision-Making"). Automated Decision-Making currently does not take place on our websites or in our services; and

  • To the extent we base the collection, processing and sharing of your Personal Data on your consent, withdrawing your consent at any time, without affecting the lawfulness of the processing based on such consent before its withdrawal.

How to exercise your rights 

To exercise your rights, please contact us at privacy@corsava.com

What This Notice Covers: 

This Privacy Notice applies to the processing of Personal Data collected by us when you: 

  • Use our products and services (where we act as a processor of your Personal Data).

  • As a student, counselor, or parent, create a free account to use our products and services.

  • As a counselor, create a paid account to use our products and services.

 Personal Data Corsava Collects 

The Personal Data that we collect directly from you includes the following: 

  • From Schools:  first name, last name, email address, and business email addresses

  • From Students: first name, last name, graduating class year, gender, zip code, birthdate, preferences for college attributes

  • Automatically collected information: information collected via cookies and web beacons, including IP address, browser name, operating system details, domain name, date of visit, time of visit, and pages viewed, or other similar information

We use common information-gathering tools, such as tools for collecting usage data, cookies, web beacons and similar technologies to automatically collect information that contain Personal Data from your computer or mobile device as you navigate our Site, use our services, or interact with emails we have sent to you.

How Personal Data is Collected 

Personal Data is collected by Corsava when it is shared by you. Corsava collects the minimum information necessary to provide its products and services to you.

How We Use Your Personal Data 

We collect and process your Personal Data for the purposes and on the legal bases identified in the following (where we act as a processor of your Personal Data): 

Where we have entered into a contract: 

  • For the use of our Website including any products and services

  • For managing payments in order to complete a transaction with you

  • In order to provide support for our products and services (you can reach out to us by phone or email)

  • For webinars that you have registered to attend

  • For Corsava promotions

Legitimate interest is the legal basis for processing the following: 

  • To assess and improve your experience on the console (such as analyzing trends or tracking your usage and interactions with our products and services in order to improve your overall experience)

  • For security purposes such as investigations of suspicious activity or for compliance purposes (such as investigating fraud or misuse of our Website)

Corsava processes and discloses Personal Data when cooperating with appropriate regulatory and government authorities. When Corsava processes Personal Data for this purpose, the legal bases for processing shall be for compliance with a legal obligation to which Corsava is subject. 

Cookies, web beacons and other tracking technologies on our products and services 

Corsava uses cookies and other tracking technologies when users interact with our products and services. Cookies are small text files that are placed on your computer by a website. Each one of these cookies contain an identification number, IP address, and the time and date last accessed. Corsava does NOT use these cookies contained within our products and services for targeted advertising. 

Below are the three types of cookies that are used on Corsava’s platform for its products and services. 

  • Necessary Cookies: Necessary cookies help make a website usable by enabling basic functions like page navigation and access to secure areas of the website. The website cannot function properly without these cookies.

  • Statistics Cookies: Statistics cookies help website owners to understand how visitors interact with websites by collecting and reporting information anonymously.

  • Marketing Cookies: Marketing cookies are used to track visitors across websites. The intention is to display ads that are relevant and engaging for the individual user and thereby more valuable for publishers and third-party advertisers. 

Most browsers are set up to accept cookies. If you choose, you may refuse to accept cookies or set up your browser so that it notifies you when you receive a cookie. 

Third-Party Use of Cookies and Other Tracking Technologies

Some content or applications, including advertisements, on the Website are served by third-parties, including advertisers, ad networks and servers, content providers, and application providers. These third parties may use cookies alone or in conjunction with web beacons or other tracking technologies to collect information about you when you use our website. The information they collect may be associated with your personal information or they may collect information, including personal information, about your online activities over time and across different websites and other online services. They may use this information to provide you with interest-based (behavioral) advertising or other targeted content. 

We do not control these third parties' tracking technologies or how they may be used. If you have any questions about an advertisement or other targeted content, you should contact the responsible provider directly. For information about how you can opt out of receiving targeted advertising from many providers, see Choices About How We Use and Disclose Your Information below.

Choices About How We Use and Disclose Your Information

We strive to provide you with choices regarding the personal information you provide to us. We have created mechanisms to provide you with the following control over your information: 

  • Disclosure of Your Information for Third-Party Advertising. If you do not want us to share your personal information with unaffiliated or non-agent third parties for promotional purposes, you can opt-out by sending us an email with your request to privacy@corsava.com.

  • Tracking Technologies and Advertising. You can set your browser to refuse all or some browser cookies, or to alert you when cookies are being sent. To learn how you can manage your Flash cookie settings, visit the Flash player settings page on Adobe's website. If you disable or refuse cookies, please note that some parts of this site may then be inaccessible or not function properly.

  • Promotional Offers from the Company. If you do not wish to have your email address or other contact information used by the Company to promote our own or third parties' products or services, you can opt-out by sending us an email with your request to privacy@corsava.com. If we have sent you a promotional email, you may send us a return email asking to be omitted from future email distributions. 

  • Targeted Advertising. If you do not want us to use information that we collect or that you provide to us to deliver advertisements according to our advertisers' target-audience preferences, you can opt-out by sending us an email with your request to privacy@corsava.com. We do not control third parties' collection or use of your information to serve interest-based advertising. However, these third parties may provide you with ways to choose not to have your information collected or used in this way. You can opt out of receiving targeted ads from members of the Network Advertising Initiative ("NAI") on the NAI's website.

With Whom Do We Share Personal Data? 

We use third-party businesses to provide products and perform specialized services for data processing. When we provide Personal Data to these businesses, they are not permitted to use the Personal Data for any reason outside of the scope for which we contracted them. 

The ways in which we share your Personal Data include the following: 

  • When we use our third-party processors (such as Amazon Web Services) in the performance of our services. This is required for us to provide our services to you. We execute contracts with our third parties to ensure they fulfill their data protection obligations.

  • When you register for a webinar, it is generally done through one of our third-party partners. 

  • With Corsava affiliates and other companies that become part of Corsava in the future.

  • We will disclose your information to a buyer or other successor in the event of a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding. You will be alerted if this occurs, and you may request to have your personal data deleted from our systems, where possible. Finally, we will disclose your information for other legitimate business purposes.

Corsava reserves the right to disclose your Personal Data under the following conditions: (1) when permitted or required by law; (2) when trying to protect against or prevent actual or potential fraud or unauthorized transactions; or (3) when investigating suspected fraud which has already taken place. 

Sale of Personal Data 

Corsava will never sell your Personal Data. 

International Transfers of Personal Data 

Your Personal Data will be collected, transferred to, and stored by us in the United States or by our affiliates in other countries where we operate. In the event that your Personal Data is processed outside the European Economic Area (EEA), we will ensure that the recipient of your Personal Data offers an adequate level of protection by entering into an agreement to abide by Standard Contractual Clauses for the transfer of data as approved by the European Commission (Art. 46 GDPR), or another mechanism approved by the EU. 

Data Security and Retention 

Your Personal Data is kept secure. Only authorized employees, agents, and contractors (who have agreed to keep information secure and confidential) have access to this information. To provide our products and services, we use third party businesses (“Third Party” or “Third Parties”) to perform specialized services for data processing. When we provide data to these businesses, they are not permitted to use data outside of the scope for which we contracted them. 

We (and our third-party service providers) use a variety of industry standard security measures to prevent unauthorized access, use, or disclosure of your Personal Data. These security measures consist of but are not limited to data encryption and physical security. No method of transmission or method of electronic storage over the internet is 100% secure. Therefore, while we strive to use commercially acceptable means to protect your Personal Data, we cannot guarantee its absolute security. 

Corsava will retain your Personal Data for the period necessary to fulfill the purpose outlined in this Product Privacy Notice or until you request its deletion, unless a longer retention period is required by applicable data privacy law. 

We take reasonable steps to ensure that your Personal Data is accurate, complete, current, and otherwise reliable for its intended use. We will not process Personal Data in a way that is incompatible with the purposes for which it was collected. If your Personal Data has been disclosed to a third party, and it has been deemed incorrect by you, Corsava will work with third parties (such as our subprocessors) to request a correction to the information. 

If Corsava obtains knowledge that one of our service providers or employees is in violation of this Product Privacy Notice, Corsava will take commercially reasonable steps to prevent or stop the unauthorized use or disclosure of your Personal Data. Corsava takes data privacy seriously. Therefore, we agree to take commercially reasonable measures to ensure the proper handling of your Personal Data by our employees and service providers. 

More Important Information 

Protected Health Information, Payment Card Information and other Sensitive Information. 

Corsava does not need, nor does it request, any protected health information (“PHI”) governed by the Health Insurance Portability and Accountability Act and its implementing regulations (“HIPAA”), nor does it need or request any non-public consumer personally identifiable information or financial information governed by the Gramm-Leach-Bliley Act (“GLBA”) or payment card information covered by the Payment Card Industry Data Security Standards (“PCI DSS”) in order to provide its products and services. You should never disclose, or allow to be disclosed, PHI, information protected by PCI DSS or GLBA, or other sensitive information to Corsava. In the event that a user discloses such information (which would be a violation of this Privacy Notice), you acknowledge that Corsava does not take steps to ensure its products are HIPAA or PCI compliant. All obligations of the aforementioned regulations remain solely with you, on behalf of your organization. 

Children Under the Age of 13

Our Website is not intended for children under 13 years of age. No one under the age of 13 may provide any personal information to or on the Website. We do not knowingly collect personal information from children under 13. If you are under 13, do not use or provide any information on this Website or through any of its features, register on the Website, make any purchases through the Website, use any of the interactive or public comment features of this Website, or provide any information about yourself to us, including your name, address, telephone number, email address, or any screen name or username you may use. If we learn we have collected or received personal information from a child under 13 without verification of parental consent, we will delete that information. If you believe we might have any information from or about a child under 13, please contact us at privacy@corsava.com.

California residents under 16 years of age may have additional rights regarding the collection and sale of their personal information. Please see our Privacy Statement for California Residents for more information.

Contacting Us 

To exercise your rights regarding your Personal Data, or if you have questions regarding this Product Privacy Notice or our data protection practices, please send an email to privacy@corsava.com. Alternatively, you may send notice by way of mail at the address listed below: 

Corsava, LLC

8248 McGroarty St.

Sunland, CA 91040

We are committed to working with you to obtain a fair resolution of any complaint or concern about your data. If, however, you believe that we have not been able to assist with your complaint or concern, and you are located in the EEA, you have the right to lodge a complaint with the competent supervisory authority.