Now Open!
Stetson Academy Privacy Policy
Stetson Academy (“Stetson”) provides the following information relating to your privacy when using stetsonacademy.com.
Online Privacy Notice
This Online Privacy Notice applies to the information that we collect when you visit Stetson’s main website stetsonacademy.com and other websites that we own or control and link or refer to this Privacy Notice (together, the “Sites”). This Notice describes what information is collected and how this information is processed.
Unless otherwise indicated on a specific Sites, Stetson is the data controller for all information collected under this Notice. Should you have any questions or concerns regarding this notice or the collection of information through the Sites, contact information for Stetson is listed at the end of this Notice.
This Notice does not apply to information collected from or about current or former employees, contractors, volunteers, and other workers of Stetson as part of their employment or working relationship with Stetson.
As a K-8 school in California, Stetson Academy complies with applicable federal and state laws regarding student data privacy, including but not limited to the Family Educational Rights and Privacy Act (FERPA), the Children's Online Privacy Protection Act (COPPA), and the Student Online Personal Information Protection Act (SOPIPA). These laws protect student educational records and personal information collected online.
Personal Information we collect and process:
When you access or use the Sites, we may collect and process the following types of information from you:
“Personal Information” is any information that we can reasonably use to identify you. Examples include your name, address, and contact details such as phone numbers or email addresses.
“Sensitive Personal Information” includes special categories of Personal Information (e.g., racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, genetic data, biometric data, data concerning health, and data concerning a natural person’s sex life or sexual orientation) for which applicable law provides enhanced protections.
The table below describes the Personal Information and Sensitive Personal Information that we collect, why we collect it, and our legal basis for processing it.
|
Purpose of Processing |
Categories of Personal Information |
Legal Basis |
|
As part of our admissions process, we collect applicant Personal Information to evaluate applications. We also may obtain Personal Information from third parties, such as other schools, references, family members, and education partners. |
Name, address, contact details, race/ethnicity, demographic information, educational history, and other relevant information as part of the application package. |
Legitimate Interest: Personal Information collected through the student application process is necessary to evaluate candidates for admissions and for our internal statistical and analytics purposes. Consent: Processing of Sensitive Personal Information for purposes stated above |
|
To support course registration |
Name, Stetson Student ID, contact information |
Legitimate Interest: Personal Information collected for matriculated students, staff, and faculty to register for services. |
|
To process tuition and service payments |
Name, contact information, payment information (e.g., last 4 digits of card, expiration date, Stripe payment intent and method IDs) |
Legitimate Interest: To facilitate payments, refunds, subscriptions, and recurring payments for tuition and services via Stripe |
|
To provide online/hybrid training, online/hybrid academic courses, and other online/hybrid educational programs |
Name, Stetson Student ID, contact information, platform usage and interaction, student-provided data and content |
Legitimate Interest: To facilitate provision, administration, instruction, and quality improvement of platform use, courses, learning, and teaching/instruction to matriculated students, staff, and faculty as appropriate for the service. |
|
To receive brochures or other information |
Name, contact information |
Legitimate Interest: To send brochures or other requested information |
|
To provide for student wellness and safety |
Name, emergency contact information, health information (such as disclosed allergies, IEPs, medical information, police reports, court records) |
Legitimate Interest: To provide a safe and healthy environment for students while under school supervision and ensure their health in cases of emergency Legal Obligation: To comply with educational and health regulations Consent: For processing Sensitive Personal Information |
|
For event registration |
Name, Stetson Student ID, contact information |
Legitimate Interest: To process registration for sports, cultural, educational and other school events |
|
To submit requests for services (e.g., IT, help desk, help line, etc.) |
Name, Stetson Student ID, contact information |
Legitimate Interest: To process service requests from students, staff and faculty Contract: If there is a contract that governs your use of such services, Personal Information is processed pursuant to that contract |
|
Website account registration |
Name, contact information |
Legitimate Interest: For websites that require registration for access, to facilitate the registration |
|
To receive donations |
Name, contact information, payment information |
Legitimate Interest: To collect and process donations/gifts and donor information |
|
To facilitate legitimate functions of the Stetson Parent-Teacher Organization (PTO) |
Names, student affiliations, volunteer preferences; and, with your explicit consent, personal contact information (email addresses, phone numbers, home addresses) |
Legitimate Interest: To support the activities and operations of the Stetson PTO, which are integral to the school community |
|
To issue account credits |
Name, student name(s), partially redacted email. This information is shared with selected officers of the Stetson Academy PTO, so they may administer the Credit Compensation Program. |
Legitimate Interest: To issue and process account credits as part of our Credit Compensation Program. |
|
To maintain student educational records |
Name, contact information, grades, scores, notes, reports, metrics, IEPs, medical information, police reports, court records, previous school records |
Legal Obligation: To comply with FERPA and other educational laws Legitimate Interest: To support student education and administration Consent: For Sensitive Personal Information |
Cookie Policy
This Cookie Policy applies to the cookies we use when you visit Stetson’s main website stetsonacademy.com and other websites that we own or control and link or refer to
this Cookie Policy (together, the “Sites”).
This cookie policy provides you with more information about cookies, what types of cookies we use and how we use them. Our Sites uses cookies with the intention of providing you with a user experience that best suits your needs, while concurrently allowing us to improve the design and functionality of our Sites. Cookies can be adjusted or disabled, and this policy provides you with instructions to do so.
Cookies
A cookie is a file designed to contain a small amount of user and website information stored on a user’s computer. The file interacts with the user and the website to provide a webpage tailored to the user through its awareness of information held within the file. Cookies also have the ability to carry all or parts of the information stored within the file to other websites that the user may visit or to third parties.
Types of Cookies
A third-party cookie is placed by a domain other than that of the website the user is visiting.
A session cookie is temporary, linking the actions of a user during the any given browser session. When the browser is closed, the cookie is deleted.
A permanent cookie, also known as a persistent cookie, is stored for a specific period of time and activates each time the user visits the website that created the cookie.
Our Use of Cookies
We use first-party session and persistent cookies and similar technologies to operate the Sites, maintain login sessions, remember preferences, support security, and measure how the Sites are used. Examples of first-party cookies and similar storage we may set include:
Session and authentication cookies — keep you logged in and associate requests with your account during a visit.
client_id — a device/browser identifier used for security and fraud prevention (for example, linking login sessions to a browser).
persistent_storage — encrypted preferences stored on your device (for example, security-related timing information).
cookie_acknowledged — records that you have seen and accepted our cookie notice.
promo_video_seen — remembers whether you have already been shown the homepage promo video autoplay.
Cart / checkout identifiers — when you shop or enroll while not fully logged in, temporary identifiers may associate your cart with your browser.
We also use third-party technologies for security and analytics:
Cloudflare Turnstile — bot detection and form protection. Cloudflare may set cookies or use challenge tokens as part of verifying that a visitor is human.
Cloudflare (hosting / edge security) — may process IP addresses, request metadata, and security logs to protect the Sites from abuse and DDoS attacks.
Google Analytics 4 — website measurement on public, family-facing pages (described in the next section). Google may set cookies or use similar storage.
Google Fonts — we load certain fonts from Google’s servers, which can receive your IP address and browser request data when a page that uses those fonts is loaded.
These cookies and similar technologies may remain on your browser until they expire or you delete them. Some are erased when you close your browser; others persist for a period of time.
Further general information about cookies and how they work is available at www.allaboutcookies.org
Selected third parties (notably Google, for Analytics measurement on public pages, and Cloudflare, for security) may place cookies or receive technical data when you use the Sites. These parties process that information according to their own privacy policies. We do not permit third-party advertising networks to place ads on the student portal or to target students based on educational data.
Google Analytics and Measurement Tags
We use Google Analytics 4 (measurement ID G-HH25QJ7R8H) on public, family-facing portions of the Sites to understand aggregate traffic, page performance, and conversion events that help us operate and improve Stetson’s website and enrollment funnel. Examples of conversion events we may measure include contact form submissions, account creation, student applications, and purchases or enrollments.
Google Analytics may set cookies or use similar technologies and may receive technical and usage information such as device and browser type, approximate location derived from IP address, pages visited, referring URLs, session duration, and event names. This information is processed by Google LLC under Google’s privacy policy: https://policies.google.com/privacy. For more about how Google Analytics collects and processes data, see: https://support.google.com/analytics/answer/6004245.
Student portal and student accounts. We do not load Google Analytics (or related Google measurement tags) on the student portal or when a visitor is using the Sites as a student. Analytics tags are intended for public marketing and family-facing pages (for example, the homepage, program pages, applications, and contact flows), not for measuring children’s use of educational tools.
Advertising tags. We do not currently load a separate Google Ads (AW-) tag on the Sites. Conversion-style events (such as application or purchase) may still be recorded in Google Analytics for measurement. Stetson does not use Google Analytics to create interest-based advertisements directed at students, and we do not use student educational data for targeted advertising.
Opt-out. You can limit Google Analytics by using the Google Analytics Opt-out Browser Add-on, by adjusting your browser’s cookie settings, or by using industry tools described in the Interest-Based Advertisements section below. Blocking analytics cookies will not prevent you from using essential features of the Sites, though it may limit our ability to understand site performance.
Adjusting Cookie Settings
You can change your cookie settings by reviewing your internet browser’s cookie
options. The links below to popular browsers may help you understand your cookie
options better. Typically, such information can be found under the browser’s ‘Help’, ‘Preferences’ or ‘Options’ menus.
Interest-Based Advertisements
Stetson does not sell your Personal Information to third parties for their direct marketing, and we do not run third-party advertising networks on the student portal or use student educational records to target ads to students. We also do not create interest-based ad profiles of students for advertising purposes.
On public, family-facing pages, we use Google Analytics (and may record conversion events) so we can understand how prospective families find and use the Sites. Google may process that measurement data under its own policies. That measurement activity is different from Stetson placing third-party display ads on the Sites or selling personal information for advertising. If Google or other industry participants show ads elsewhere on the internet based on their own data practices, those practices are governed by those companies’ policies.
To learn more about interest-based ads or to opt-out of receiving third-party interest based ads, please visit www.optout.aboutads.info or Google’s ad settings at https://adssettings.google.com/. Please note that if you opt out of interest-based advertising, you may still see advertisements – they will just not be tailored to your interests. Also note that deleting browser cookies can remove the cookie preferences you have made, so you may need to opt-out again in the future.
Blocking Cookies
Should you choose to decline or block cookies by adjusting your browser settings, including cookies essential to the Sites, please note that all or parts of our Sites may not be functional or accessible to you. Additionally, be advised that our Sites will issue cookies as soon you visit the Sites, unless your browser cookie settings are adjusted to prevent such an occurrence.
Sharing your Personal Information
We share your information internally at Stetson to facilitate and manage the purposes listed above. This includes third parties whom Stetson engages to process information on our behalf for the purposes stated above, such as:
Mailgun — email delivery and related delivery/open/click analytics for transactional and marketing messages.
Stripe — payment processing for tuition, fees, and other charges.
Cloudflare — web hosting edge services, DDoS protection, security logs, and Turnstile bot protection on forms.
Google — Google Analytics 4 website measurement on public family-facing pages (see Google Analytics and Measurement Tags above); Google Fonts delivery; and related Google privacy practices linked in that section.
Pusher — realtime messaging features used in certain authenticated experiences (for example, staff or portal notifications), which may process connection and channel identifiers.
Clever and approved educational apps — single sign-on and instructional tools, as described in Educational Technology and Third-Party Services below.
Stetson may also share your personal data with government and law enforcement agencies or regulators to 1) comply with a legal process, subpoena, order or other legal or regulatory requirement applicable to us; 2) enforce our terms of use or other policies; or 3) pursue available legal remedies or defend against legal claims. We may share student records (e.g., scores, grades, notes, reports, metrics, previous records) with other schools upon receipt of a valid records request, in compliance with FERPA. Stetson does not sell your Personal Information to third parties for their use in direct marketing, advertising, or promotion of their products or services.
Educational Technology and Third-Party Services
In addition to our own Sites and services, we use various third-party educational applications and tools to support instruction, including Clever for single sign-on and app integration. These tools may collect student data such as names, student IDs, progress metrics, and usage logs, which are shared only for educational purposes at the school's direction. We require data privacy agreements (DPAs) with these vendors to ensure compliance with FERPA, COPPA, and SOPIPA, including that student data is protected, not sold, used only for authorized educational activities, and deleted upon contract end in accordance with AB 1584. All apps are vetted annually for privacy compliance, and we provide school consent on behalf of parents for educational use under COPPA where applicable. Parents can request a full list of apps, inspect related student data under FERPA, opt out of non-essential tools, or contact us for more details. We also conduct staff training on data privacy and provide annual notices about our practices.
The following table lists the third-party apps we currently use, along with links to their privacy policies and notes on compliance:
|
App |
Key Privacy Practices and Compliance |
Assessment for California K-8 School Use |
Privacy Policy Link |
|
IXL |
Complies with FERPA (treats data as education records), COPPA (relies on schools for consent for under-13 users), and SOPIPA (no selling data, used only for educational purposes). Data includes student progress, no targeted ads. Security includes encryption and access controls. |
Highly suitable; designed for educational use with strong compliance. |
|
|
Khan Academy |
Complies with FERPA (school contracts govern data) and COPPA (schools consent for under-13). No selling data, no targeted ads for students. Data includes progress and usage; security via encryption. No explicit SOPIPA mention but aligns via Student Privacy Pledge. |
Suitable for K-8; education-focused with school account controls. |
|
|
Kindle (Amazon) |
General Amazon policy complies with COPPA (parental consent for under-13 via child profiles); no specific FERPA or SOPIPA. Data collection includes reading habits, but can be minimized. Security via encryption. Amazon Kids+ has stronger child protections. |
Limited suitability; not ed-specific, potential for non-educational data use. Use child profiles only. |
https://www.amazon.com/gp/help/customer/display.html?nodeId=468496 |
|
Brave |
Privacy-focused browser; no data selling, local storage of history. Complies with CCPA but no mentions of COPPA, FERPA, or SOPIPA. No child-specific provisions. |
Not ideal; general browser, lacks ed compliance for student data. Minimal collection helps, but no guarantees for minors. |
|
|
Duolingo |
COPPA compliant (minimal data for under-13, parental email consent); school features allow teacher access to progress. No ads/tracking for children. No explicit FERPA/SOPIPA, but data not sold. |
Partially suitable; good for language learning but verify school consent aligns with laws. |
|
|
Epic |
COPPA mentioned in general; collects reading data with parental consent. No FERPA/SOPIPA specifics, but ed-focused for kids books. |
Suitable if school-managed; designed for children, no selling data. |
|
|
Hoopla |
General library app; collects borrowing data. No specific COPPA/FERPA/SOPIPA, but tied to library cards with privacy protections. |
Limited; depends on library policies. Minimal for ed use. |
|
|
Kahoot |
Strong compliance with FERPA (acts as school official), COPPA (school consent), SOPIPA (no selling/ads). Minimal data collection; security measures in place. |
Highly suitable; quiz tool for classrooms. |
|
|
Kids A-Z |
Part of Learning A-Z; complies with COPPA/FERPA (school consent, no selling). Data for reading progress; security encryption. |
Suitable for literacy; ed-specific. |
|
|
Starfall |
COPPA/FERPA compliant; no personal info from children. Educational content only. |
Highly suitable for early learning. |
|
|
Tynker |
Coding for kids; COPPA compliant (parental consent), aligns with FERPA/SOPIPA via no selling/ads. Student progress data secured. |
Suitable; ed-focused. |
|
|
Tinkercad |
Complies with FERPA (school official), COPPA (CARU Safe Harbor), SOPIPA (no ads/selling). Student DPA available; child privacy statement. |
Highly suitable for 3D design. |
Stetson PTO
We may share certain information with the Stetson Parent-Teacher Organization (PTO) and its officers to support legitimate PTO activities and functions. This information may include, but is not limited to, names, student affiliations, and volunteer preferences. However, personal contact information, such as email addresses, phone numbers, and home addresses, will only be shared with the Stetson PTO if you provide explicit consent by opting in to such sharing.
Non-personally identifiable information we collect and process
Standard technical and usage information such as browser type, page views, session duration, device information, approximate geolocation derived from IP address, navigation within the Sites, and email interaction data (for example, opens and clicks via Mailgun tracking), often in aggregate form, is collected to improve the Sites, update content, enhance security, and support family-facing marketing and enrollment measurement. We review this information using our own systems (including server and security logs, which may be processed by Cloudflare) and, on public family-facing pages, using Google Analytics as described above. Email engagement metrics are processed with Mailgun. We do not use Google Analytics to measure student portal activity.
Information Security
Stetson takes the security of your Personal Information seriously. When you submit sensitive information via the website, your information is protected both online and offline.
Wherever we collect sensitive information that information is encrypted and transmitted to us in a secure way. For example, we do not store your credit card information directly. Instead, it is passed directly to a third-party credit card processing merchant using 128- bit SSL encryption. We retain only your credit card's brand, last 4 digits and expiration date to assist with any billing related issues.
While we use encryption to protect sensitive information transmitted online, we also protect your information offline. Only employees who require access to your information to perform a specific job (for example, billing or customer service) are granted access to personally identifiable information. The computers and servers in which we store personally identifiable information are kept in a secure environment. Paper documents containing sensitive information are only retained for as long as necessary and are shredded upon disposal
Marketing
Personal Information you submit through our Sites, such as your name, address and other contact information, may be collected by Stetson for internal marketing and development purposes as well as to respond to your inquiries, complete a transaction for you, or fulfill other forms of customer service. We use Mailgun to send emails and track delivery, failures, opens, and clicks for analytics and improvement. You can choose not to receive marketing from us by “unsubscribing” using the instructions in any marketing email you receive from us.
Document Retention
We keep your Personal Information for as long as needed to fulfill the particular purpose for which it was collected. We may also retain your records if legally required or to fulfill a legitimate interest. Most educational records are retained indefinitely in compliance with applicable laws.
FERPA Compliance
Under the Family Educational Rights and Privacy Act (FERPA), parents or eligible students have the right to inspect and review the student's education records, request amendment of inaccurate or misleading records, consent to disclosures of personally identifiable information (with certain exceptions), and file complaints with the U.S. Department of Education. For more information, contact us using the details below.
COPPA Compliance
In compliance with the Children’s Online Privacy Protection Act (COPPA), we distinguish between (1) educational services and (2) the public marketing website:
Educational services, student portal, and approved classroom apps. As an educational institution, we collect and maintain personal information from our students, including those under 13, with parental or guardian consent obtained through enrollment agreements, permission slips, or other verification methods (for example, email, phone, or signed consent). For approved educational tools used solely for school purposes and not for commercial activities unrelated to education, Stetson may provide school consent on behalf of parents under COPPA, as described in Educational Technology and Third-Party Services above and in our enrollment materials. Student portal activity is not measured with Google Analytics.
Public marketing website. Our public Sites (homepage, program pages, applications, contact forms, and similar family-facing content) are directed primarily to parents and guardians. We do not knowingly solicit personal information from children under 13 for commercial use without verifiable parental consent. Website measurement tools such as Google Analytics on those public pages are intended to understand adult/family visitor traffic and enrollment funnels, not to profile children for advertising.
Student information collected for school purposes is protected in accordance with our privacy policies and applicable laws (including FERPA, COPPA, and SOPIPA). We do not knowingly collect personal information from children under 13 without the required consent. If we become aware that we have collected personal information from a child under 13 without such consent, we will take steps to delete that information. Parents may contact us using the details below to review or request deletion of personal information collected online from their child, subject to legal exceptions (including education-record retention requirements). By using the Stetson Sites, you represent that you have the necessary permissions and consents to do so, including parental consent if you are under 13, or that you are at least 18 years old (or a parent/guardian acting for your child).
California Privacy Rights
As an educational institution, Stetson Academy is generally exempt from the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA). However, we voluntarily provide California residents with certain rights, including the right to request access to or deletion of your personal information, subject to verification and legal exceptions (e.g., FERPA protections). To exercise these rights, contact us using the details below. We do not sell or share personal information for cross-context behavioral advertising.
Limitation of Liability
YOU UNDERSTAND AND AGREE THAT ANY DISPUTE OVER THE PRIVACY OF YOUR INFORMATION IS SUBJECT TO THE TERMS AND CONDITIONS OF THIS PRIVACY POLICY (INCLUDING ANY INDEMNIFICATION AND LIMITATIONS ON DAMAGES CONTAINED THEREIN).
Updates to Privacy Policy
Stetson reserves the right to modify this Privacy Notice at any time, so you should check it periodically. If we make changes that are material, we will provide you with appropriate notice before such changes take effect. Your continued use of the Sites after any change in this Privacy Policy will constitute your acceptance of such change.
Contact Information
For more information on how we collect and process your Personal Information, or if you have any complaints please contact us via telephone at 707-471-5101 or by email at [email protected].
Effective Date
The effective date of this policy is July 9, 2026.
Transitional Kindergarten
Stetson Academy offers the best kindergarten readiness program around
Read More