Privacy Policy - TomorrowToday

1. ABOUT TOMORROWTODAYNOW

We are TomorrowTodayNow, Inc., a Delaware corporation (“TomorrowTodayNow”, “we”, “our” or “us”). We respect your privacy and are committed to protecting it through our compliance with this policy.

2. ABOUT THIS PRIVACY POLICY

This privacy policy (the “Privacy Policy”) applies to the personal information and other information we may collect from you or that you may provide when you visit our website TomorrowToday.com (the “Site”) which includes our software-as-a-service platform (the “Software”), and all other related sites, platforms, applications, and services provided by us (together with the Site and Software, the “Services”). It explains, among other things, how and why we collect data about you when you use our Services, what data we collect, what we do with that data, how we look after it, and what your rights are in relation to it.

We strive to educate parents and kids about how to appropriately safeguard their privacy when using our Services. We are committed to complying with the Children’s Online Privacy Protection Act of 1998 (“COPPA“), which requires us to inform parents and legal guardians about our information collection and use practices. COPPA also requires that we obtain parental consent before we allow children under the age of 13 to access and/or use our Services. We urge kids to check with their parents before entering information through our Site and/or Services, and we recommend that parents discuss with their kids restrictions regarding the online release of Personal Information (as defined below) to anyone they do not know.

PLEASE READ THIS POLICY CAREFULLY TO UNDERSTAND OUR POLICIES AND PRACTICES REGARDING YOUR INFORMATION AND HOW WE WILL TREAT IT. IF YOU DO NOT AGREE WITH OUR POLICIES AND PRACTICES, YOUR CHOICE IS NOT TO USE OUR SERVICES.

By accessing our Site and/or using our Services, or by permitting your child to use our Services, you are agreeing to the terms of this Privacy Policy and the accompanying Terms of Use. This policy may change from time to time (see Section 12 – Changes to This Privacy Policy). Your continued use of the Services after we make changes is deemed to be acceptance of those changes, so please check the policy periodically for updates.

3. DATA WE COLLECT ABOUT YOU

The personal information we collect via or in relation to the Services can be split into three broad categories:

information you provide to us;
information collected automatically; and
information we obtain from third parties.

3.1 Information you provide to us

We may ask for and collect the following information when you use the Services:

Identity and profile information: We require you to provide certain personal information to create an account on the Services. The personal information we may require includes your name, grade, postal address, telephone number, and email address.

We may also collect information such as work, volunteering, or internship experiences, certifications, personal statements, personal projects, values, personality attributes, interests, and skills. Students can upload a profile image to their profile.

Communications: When you communicate with us by email, mail, telephone, or through/via the Services, we collect information about your communication and any information you choose to provide.

3.2 Information we collect automatically

We may use automatic data collection technologies and collect certain information automatically when you use the Services. This information includes:

Interaction information and history: Information about your interactions and history with the Services, including the pages that you visit and links you click on, search history, logs and location data, the time, frequency and duration of your Site visits and Software uses, and what features you used; Information about your computer and internet connection, including your IP address, operating system, and browser type.

The information we collect automatically is only statistical data and does not include personal information. It helps us to improve our Services and to deliver a better and more personalized service, including by enabling us to: estimate our audience size and usage patterns; store information about your preferences, allowing us to customize our Services according to your individual interests; speed up your searches; recognize you when you return to our Services.

We do not support Do Not Track (“DNT”). Do Not Track is a preference you can set in your web browser to inform websites that you do not want to be tracked. You can enable or disable Do Not Track by visiting the preferences or settings page of your web browser. For further details, visit donottrack.us.

3.3 Information we receive from other sources

Service providers and business partners: We may also receive information about you from our service providers and business partners, including companies that assist with analytics, data processing and management, account management, customer and technical support, hosting, and other services which we use to personalize your TomorrowTodayNow experience. We explain in more detail why and how we use this information below.

When we receive information from other sources, we rely on them having the appropriate provisions in place telling you how they collect data and who they may share it with.

4. HOW YOUR PERSONAL DATA IS USED

This section explains how we use and process your personal data:

4.1 Information you provide to us

We will use this information to:

Carry out our obligations arising from any contracts entered into between you and us and to provide you with the Services;
Better understand our users;
Respond to your enquiries or to process your requests in relation to your information;
Notify you about your account and important changes or developments to our Services;
Ensure that the Services are being presented in the most effective manner for you, making the Services easier for you to use and to provide you with a smooth, efficient, safe and tailored experience;
Detect and protect us against error, fraud and other criminal activity, and enforce our agreements;
In any other way we may describe when you provide the information; and
For any other purpose with your consent.

4.2 Information we collect automatically

We will use this information to:

Administer the Services and for internal operations, including troubleshooting, data analysis, testing, research, and statistical purposes;
Improve the Services and user experience to ensure that content is presented in the most effective manner for you;
Allow you to participate in interactive features of our Services, when you choose to do so; and
Keep the Services safe and secure.

4.3 Information we receive from other sources

We may combine this information with information you give to us and information we collect about you. We may use this information and the combined information for the purposes set out above (depending on the information we receive).

5. SHARING YOUR PERSONAL DATA

The following describes the ways we may share your personal information in the normal course of business and in order to provide our Services.

With your consent: We will disclose your personal information when and if you have agreed that we may do so. We will make this clear to you at the point at which we collect your personal information, including the purpose(s) for which we will use the personal information.

Intended purpose: We will use your personal information to fulfill the purpose for which you provide it, or for any other purpose disclosed by us when you provide the information.

Service providers: We use contractors, service providers, and other third parties to facilitate or outsource some aspects of our Services and some of these service providers will process your personal information. These third parties’ collection and use of information are subject to their own privacy policies, which you can read here: [Third-Party Service Providers Privacy Policies Links — Google Analytics; AWS]

If required by law: We may be required to disclose your personal information by law, in response to a valid order of a court or other authority, or to respond to regulatory requests or requests relating to criminal investigations.

Change of control: We may transfer your personal information to a buyer or other successor in the event of a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of TomorrowTodayNow’s assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which personal information held by TomorrowTodayNow about our Services users is among the assets transferred. If this happens, you will be informed of this transfer.

Enforcing our terms of use: We may disclose your personal information to enforce or apply our terms of use [Link To Terms Of Use] and other agreements.

Protecting our rights: We may disclose your personal information if we feel this is necessary in order to protect or defend our legitimate rights and interests and/or to ensure the safety and security of the Services.

We do not disclose your personal information to third parties for their direct marketing purposes.

6. DATA SECURITY

TomorrowTodayNow (either itself or through third party service providers) maintains a variety of commercially reasonable electronic and procedural safeguards designed to protect your personal information from unauthorized access, use, alteration and disclosure. For example, TomorrowTodayNow uses accepted tools and techniques to protect against unauthorized access to TomorrowTodayNow’s systems. You should be aware that TomorrowTodayNow has no control over the security of other sites on the Internet that you might visit or with which you might interact even when a link may appear to another site from one of the Services. You must play your part in the safety and security of your information. Where we have given you (or where you have chosen) a password for access to certain parts of our Services, you are responsible for keeping this password confidential and thus must not to share your password with anyone. TomorrowTodayNow wants you to feel confident using the Services, but no system can be completely secure. Therefore, although TomorrowTodayNow takes steps to secure your information, TomorrowTodayNow does not promise, and you should not expect, that your personal information or communications will always remain secure. In the event of a breach of the confidentiality or security of your information, including your personal information, TomorrowTodayNow will notify you as necessary and if possible so you can take appropriate protective steps. TomorrowTodayNow may notify you under such circumstances using the e-mail address(es) that TomorrowTodayNow has on record for you. You also should carefully handle and disclose your personal information.

7. UPDATING AND RETENTION OF YOUR DATA

For instructions on accessing or correcting your information, or to request a copy of the information we hold about you, please contact us in by email (see Section 11 for contact information). Please note that we may not accommodate a request to change information if we believe the change would violate any law or legal requirement or cause the information to be incorrect.

We retain your personal information as long as we are providing the Services to you. We retain your personal information after we cease providing Services to you, even if you delete your account, to the extent necessary to fulfill your request (for example, keeping your email address to make sure it’s not on our mailing list); to comply with our legal and regulatory obligations; for the purpose of fraud monitoring, detection and prevention; to comply with our tax, accounting, and financial reporting obligations; or where we are required to retain the data by our contractual commitments to our partners. Where we retain data, we do so in accordance with any limitation periods and records retention obligations that are imposed by applicable law. Even if you delete your account and we delete your information from our systems, keep in mind that the deletion by our third-party providers may not be immediate and that the deleted information may persist in backup copies for a reasonable period of time.

8. DATA PRIVACY

COMPLIANCE WITH COPPA

We are committed to complying with the Children’s Online Privacy Protection Act (COPPA) and do not knowingly collect personal information from children under 13 without verifiable parental consent. The following outlines our compliance with COPPA:

Account Creation. Children under 13 are not allowed to create their own accounts on the Services. Student accounts are created under the direction of schools or educators. Only educators or administrators authorized by the school have access to the student’s personal information and content within the Services.

Parental Consent. In the United States, we are required under COPPA to obtain verifiable parental consent before collecting, using, or disclosing personal information from children under 13. We rely on schools to obtain this parental consent for the online collection of personal information from students who are under their supervision.

Collection of Information. In addition to the information provided by schools and educators, we automatically collect some information from any use of our Services as stated in this Privacy Policy.

Use of Information. We do not require children to provide more personal information than is reasonably necessary to participate in the Services. If we discover that we have collected information from a child under 13 in a manner inconsistent with COPPA, we will take appropriate steps to either delete the information or seek parental consent for that collection.

Disclosure of Information. We do not disclose personal information about children to third parties, except to service providers necessary to provide the Services, as required by law, or to protect the security of the Services or other users. Information collected from students (including personal information and information collected automatically) is never used or disclosed for third-party advertising or for any first- or third-party behaviorally targeted advertising. Children’s personal information is never sold or rented to anyone, including marketers or advertisers.

Parental Access and Control. Parents can access the Services via their child’s account.

COMPLIANCE WITH FERPA

In accordance with the “direct control” provisions of the Federal Education Rights and Privacy Act (FERPA), our partner educational institutions can provide consent for the disclosure of certain education records and non-personally identifiable student information under the “school official” and “educational purposes” provisions of FERPA. We are committed to complying with FERPA and all applicable laws regarding the privacy and security of such education records and student information.

Legitimate Educational Interest
We will only access and use education records and student information provided by the educational institution to perform the specific institutional services or functions for which we have been contracted. We will not use or disclose such education records and student information for any other purpose unless required by law or expressly authorized by the educational institution.

Direct Control by Educational Institution
We acknowledge that the educational institution maintains direct control over the education records and student information that we process or handle. We agree to act under the direction of the educational institution in handling these records and information, and we will comply with any instructions or policies provided by the institution regarding their use, maintenance, and security.

Prohibition on Unauthorized Disclosure
We will not disclose any personally identifiable information (PII) from education records and student information to third parties except as permitted by FERPA or as directed by the educational institution. We understand that FERPA prohibits the re-disclosure of PII without the explicit consent of the student (or the student’s parent, as applicable) unless an exception under FERPA applies.

Security Measures
We will implement appropriate administrative, physical, and technical safeguards to protect the privacy and security of education records and student information in our custody, consistent with FERPA requirements and industry best practices. This includes measures to prevent unauthorized access, use, or disclosure of education records and student information.

Data Breach Notification
In the event of any unauthorized access, use, or disclosure of education records and student information, we will promptly notify the educational institution in accordance with FERPA and applicable state laws. We will cooperate fully with the educational institution to address the breach and mitigate any potential harm to students.

Return or Destruction of Records
Upon the termination of our agreement with the educational institution, or upon the educational institution’s request, we will return or destroy all education records and student information in our possession, in accordance with this Privacy Policy and in compliance with FERPA requirements. If destruction is not feasible, we will continue to protect the confidentiality of the records in accordance with FERPA and will not use or disclose them.

Training and Awareness
We will ensure that our employees, agents, and subcontractors who have access to education records and student information are trained on FERPA’s requirements and are aware of their obligations to protect the privacy and security of these records and information.

Amendments
We agree that any amendments to FERPA or related regulations that impose additional requirements on the handling of education records and student information shall be automatically incorporated into this Privacy Policy, and we will take necessary steps to comply with any new requirements.

CONTACT

If you have any questions about our practices or need assistance with parental consent, please contact us at support@tomorrowtodaynow.com.

9. VISITING THE SITE AND SERVICES FROM OUTSIDE THE UNITED STATES

This Privacy Policy is intended to cover collection of information on the Services from residents of the United States and is not directed to the residents of any other country. If you are visiting the Site or using the Services from outside the United States, please be aware that your information may be transferred to, stored, and processed in the United States where TomorrowTodayNow’s servers are located and TomorrowTodayNow’s central database is operated. By using the Services, you understand that your information may be transferred to TomorrowTodayNow’s facilities and those third parties with whom TomorrowTodayNow shares it as described in this Privacy Policy. You are responsible for ensuring that information you share conforms to all local data protection laws.

10. LINKS

The Services may contain content, services and other materials that link to websites operated by third parties. We have no control over those other sites, and this Privacy Policy does not apply to them. Please refer to the privacy policies of those sites for more information on how the operators of those sites collect and use your Personal Information.

11. CONTACT; MORE INFORMATION

It is our goal to make our privacy practices easy to understand. If you have questions or concerns about this privacy policy or if you would like more detailed information about our privacy practices, please contact us at:

TomorrowTodayNow, Inc.
Elke Wong

345 East 52nd Street, NY, NY 10022
support@tomorrowtodaynow.com

12. CHANGES TO THIS PRIVACY POLICY

This Privacy Policy may change from time to time and, if it does, the up-to-date version will always be available on our Services. If we make changes to this Privacy Policy, we will post the revised Privacy Policy on the Services and update the “Last updated” date at the top of this page. Please be sure to periodically check this page to ensure that you are aware of any changes to this Privacy Policy. Any material changes to this Privacy Policy will be communicated to registered users by a notification to their account and/or by posting a notice of the change on the Services. Please understand that your continued use of our Services following the posting of changes constitutes your acceptance of such changes.