Privacy Policy


Effective: March 11, 2024


Everything we do is focused on improving student success and educational outcomes. We believe that students have the right to benefit from their data and enhance their likelihood to complete their academic and learning journey. In order to support students and higher education institutions, we collect data critical to improving educational outcomes as requested by our partner institutions.

As FERPA-compliant stewards of institutional information, we prioritize student privacy. We do not sell data to third parties and we work to protect data through industry best practices, including through encryption and de-identification.

By using our Sites and Services you accept that your personal information will be handled as described in this Policy. Your use of our Sites and Services, as well as any related privacy dispute, is subject to this Policy.

For specific security or privacy questions, please email


Your privacy is important to us. In this Privacy Policy, we describe how we collect, use, and disclose information that we obtain about visitors to our websites,,, and, (the “Sites”), users of our applications and related services (“the Services”), and information received from our customers and employees. It also describes your choices regarding the collection, use, access, and correction of your personal information.

In this Privacy Policy, any use of the words “you”, “yours,” or similar expressions refers to users of the Sites and Civitas Services, as well as any other individuals whose information we collect and process. References to “we”, “us, “our” or similar expressions refer to Civitas Learning, Inc., AdviseStream, Inc., and ClearScholar, Inc. (collectively, “Civitas”). This policy does not extend to anyone whose personal information is not under our control or management, including data that is collected by other unrelated websites that you may visit before or after this website, and which are not governed by this Privacy Policy. We are not responsible for the data protection or privacy policies of any other websites and accept no responsibility or liability for those policies. Please carefully check the policies of other websites and services you use before you visit or submit personal information.


We may collect information about you directly from you, as well as through your use of our Sites or Services. In addition, we may receive your information from educational institutions where you are currently, or were previously, enrolled as a student or worked as an employee. This information helps us to update, improve and analyze our Sites and Services, identify new customers, and provide products and services that may be of interest to you. If you provide us with personal information about others, or if others give us your information, we will only use that information for the specific reason for which it was provided to us or for other purposes set out in this Policy.

Information We Collect Directly From You

The type of information we collect from you depends on your interaction with our Sites and our Services. Most of our Services require users to have a registered account in order to access the application. You may register for a Service directly, or you may be registered by your educational institution. Registration information may include your email address, name, and business title.

If you contact us directly (including through our customer service platform), we may collect your name, email address, phone number, and any information that you choose to provide to us, either through our Sites or Services. You may also register for our events, webinars, or publications. We may collect and use your registration information, including payment information, to complete your registration or to deliver the content you request.

If you are a student user, we may also collect information about your classes, degree, career goals, course plans, and any other information collected through your use of our Sites or Services, such as communications you make through our services to your advisor.

We also collect and process common human resources data from employees and contractors as necessary.

Information that We Collect About You from Your Educational Institution

If you are a student, we may also receive information about you from your educational institution. This may include information from your educational institution’s student information system or learning management systems. These databases typically include personal information such as a student’s name, date of birth, student ID, and home address, as well as educational data, employment data, demographic data, and other data that is collected by your educational institution about you. We may also use the information we collect from your educational institution and our Services to derive additional data about you.

Information We Collect Automatically

We may automatically collect the following types of information about your use of our Sites and Services through cookies and other technologies, including for example, your browser type and operating system; your IP address; information about the device you use to access our Sites and Services; how you use the Sites and Services; login and logout timestamps, and the length of time you use our Sites or Services. We may combine this information with other information that we have collected about you, including, where applicable, your name, and other personal information. Please see the section “Cookies and Other Tracking Mechanisms” below for more information.


Users of our Sites and Services residing in certain countries or areas, such as the EU, are afforded certain rights regarding their personal information. Except where an exception or exemption applies, these rights may include the ability to request access to, correct, and/or deletion of your personal information that we hold, as well as the right to request information about our data collection practices and the right not to be treated any differently for exercising any of the foregoing rights. While these rights are not globally applicable, our users and customers are entitled to access their personal information that we hold.

Civitas has no direct relationship with many of the individuals whose personal information it processes. Therefore, if you seek to access, correct, amend, or delete data associated with this Sites or our Services, you should first direct your request to your educational institution or employer. I

f you wish, you may also direct questions or any of the above requests regarding your privacy rights by contacting us at Residents of California may also designate an authorized agent to exercise certain privacy rights on their behalf, and should make any such request by contacting the above email address. We will respond to your request within a reasonable timeframe, unless, for reasons beyond our control, a longer response time is necessary, in which case, you will be advised accordingly. Please note that we may retain certain information as required by law or as necessary for our legitimate business purposes as described below.


We primarily use the information that we collect or receive about you to respond to your requests and improve our Sites and Services. We also may use your information, including personal information, for the following purposes:

  • To respond to your inquiries and for other customer service purposes;
  • To keep your personal information secure and protect our Sites and Services (including to verify user identities and prevent fraud and abuse);
  • To personalize your experiences while using our Sites and Services;
  • To enable us to provide you with our Services, and to improve and promote our Services;
  • For research, historical, and analytical purposes;
  • For marketing and promotional purposes. For example, we may use your information, such as your email address, to send you news and newsletters or to otherwise contact you about products or information we think may interest you;
  • To better understand how users access and use our Sites both on an aggregated and individualized basis; and
  • As permitted or required by law.


We partner with a third party to manage our advertising on other sites. Our third party partner may use cookies or similar technologies in order to provide you advertising based upon your browsing activities and interests. You can opt-out of online behavioral advertising cookies and similar technologies by using the Digital Advertising Alliance’s Consumer Choice Tool available here, or if located in the European Union or the United Kingdom you can visit here. Please note you may continue to receive generic ads.

We and our third-party service providers use cookies and similar technologies to analyze trends to track information about your use of our Sites or Services and gather demographic information about our user base as a whole. We may combine this information with other personal information we collect from you (and our third party service providers may do so on our behalf). You can control the use of cookies at the individual browser level, but if you choose to disable cookies, it may limit your use of certain features or functions on our websites or service. By continuing to use our Sites and Services, you are agreeing to our use of cookies as described in this Policy.

Cookies: Cookies are small files that are placed onto your device (e.g., computer, smartphone or other electronic device) that store information when you visit a website. Pixel tags (also called web beacons, clear gifs, or tags) are a similar technology that consists of small images or snippets of code that can help the website owners learn how you interact with websites and emails. Some cookies allow us to make it easier for you to navigate our Sites and Services, to deliver relevant local resources, remember browser preferences, and improve our visitors’ experiences on the sites.

There are two types of cookies: session and persistent cookies.

  • Session Cookies: Session cookies exist only during an online session. They are typically deleted from your computer when you close your browser or turn off your computer. We use session cookies to allow our systems to uniquely identify you during a session or while you are logged into the Sites or a Service. This allows us to process your online transactions and requests and verify your identity, after you have logged in, as you move through our Sites.
  • Persistent Cookies: Persistent cookies remain on your computer after you have closed your browser or turned off your computer. We use persistent cookies to track aggregate and statistical information about user activity.

Disabling Cookies: Most web browsers automatically accept cookies, but if you prefer, you can edit your browser options to block them in the future. The Help portion of the toolbar on most browsers will tell you how to prevent your computer from accepting new cookies, how to have the browser notify you when you receive a new cookie, or how to disable cookies altogether. Visitors to our Sites who disable cookies will be able to browse certain areas of the Sites, such as the cart feature, which holds your order, but some features may not function.

More information about cookies can be found at and

Third Party Analytics

We use automated means to evaluate usage of our Sites and Services. We use these tools to help us improve our performance and user experiences. These entities may use cookies and other tracking technologies to perform their services. We do not disclose your personal information to these third parties. Do-Not-Track Signals Our systems do not recognize browser “do-not-track” requests. You may, however, disable certain tracking as discussed above (e.g., by disabling or declining cookies).


Data protection law in Europe requires a “lawful basis” for collecting and retaining personal information from residents of the European Economic Area and the UK.

Our lawful bases include, but are not limited to:

  • Performing the contract we have with you: In certain circumstances, we need your personal data to comply with our contractual obligation to deliver our services, and assist with any questions you may have.
  • Legal compliance: Sometimes the law says we need to collect and use your data.
  • When you give your consent: For some processing and data collection, we will seek your consent before collecting and using your information. To the extent we rely on your consent for data processing or collection, you may withdraw your consent at any time by contacting us as described at the bottom of this Policy.
  • Legitimate interests: This is a term in data protection law that allows us to process your Personal Information if we have a fair reason to use your data, and only if we do so in ways which do not hurt your interests and rights. We sometimes require your data to pursue our legitimate interests in running our business, including fraud prevention, improving our Sites and Services, quality assurance, and marketing purposes, as long as our use of your data does not materially impact your rights, freedom or interests. This allows us to improve and develop the quality of our Services and the online experience we offer all our customers.


Civitas does not sell or rent any of your personal information, and we will never disclose your personal information publicly without your consent. However, we may disclose your information with certain trusted third-party processors to help us provide, improve, promote, or protect our services. For example, we may store your data on a third-party data storage service to support delivery of our services. We may also disclose your data to third-parties to provide services such as processing your payment transactions, improving our Services, or to provide other services. Whenever we disclose data to such third-party services, we require that they use your information only for the purposes we’ve authorized, and that they protect your personal information at least to the same standards we do. We also reserve the right to disclose personal information when it is reasonably necessary to conduct our business, to protect our legal rights and property, and to comply with the law or law enforcement. Otherwise, your personal information is never disclosed to any individual or other organization in a way that is inconsistent with this Policy.


Civitas retains personal information as long as is necessary for the purposes set out above. This is a case by case determination that depends on things like the nature of the data, why it is collected, why it is processed, and relevant legal or operation retention needs. For example, we may retain your data to effectively provide you the Services, as well as to improve our historical and statistical analytics. We may also be legally required to hold some types of information to fulfil our statutory obligations. We review our retention periods for personal information on a regular basis. When no longer required for any of the purposes set out in this Policy, we will destroy, erase, or anonymize your information. Legal requirements may also necessitate our retaining some or all of the personal information we hold for a period of time that is longer than we might otherwise hold it, including to resolve disputes, enforce our agreements, or to protect our legal rights.


We take security seriously, and the security of your personal data is important to us. We have implemented commercially reasonable and industry standard precautions to protect the information we collect from loss, misuse, and unauthorized access, disclosure, alteration, and destruction. Please be aware no data security measures can guarantee 100% security.


Civitas does not knowingly collect any personal information from children under the age of 13, and children under 13 are not permitted to register for or use our services. If we become aware that a child under age 13 has provided us with personally identifiable information, we’ll delete it, unless another exception such as parental consent applies.


n certain situations, Civitas may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

We may also disclose your personal information as required by law, such as to comply with a subpoena or other legal process, when we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a government request.


We store personal information about website visitors and subscribers within the European Economic Area (the “EEA”), the UK, the United States, and other countries and territories. As a US-based company, to facilitate our operations, we may transfer and access such personal information from the United States, and other countries where our trusted third-party vendors may reside.

If you are visiting our Sites or use our Services from the EEA or other regions with laws governing data collection and use, please note that you are agreeing to the transfer of your personal information to the United States and other jurisdictions in which we operate. By providing your personal information, you consent to any transfer and processing in accordance with this Policy.

Civitas is a global company with servers around the world, and your personal information may at times be processed on servers located outside of the country where you live. Although data protection laws vary among countries, regardless of where your personal information is processed, we apply the same protections described in this Privacy Policy. We also comply with certain legal frameworks relating to the transfer of data, such as the frameworks described below.

Civitas Learning, Inc., AdviseStream, Inc., and ClearScholar, Inc. participate in the EU-US Data Privacy Framework and the UK Extension to the EU-US Data Privacy Framework (collectively, the “Data Privacy Frameworks”) as set forth by the US Department of Commerce regarding the processing of personal information from the European Economic Area and the United Kingdom and Gibraltar. Civitas Learning, Inc., AdviseStream, Inc., and ClearScholar, Inc. have further certified that we adhere to the principles of the Data Privacy Frameworks. Click to learn more about the Data Privacy Frameworks. If there is any conflict between the terms in this Privacy Policy and the Data Privacy Frameworks principles, the principles shall govern.

If Civitas transfers personal information received under the Data Privacy Frameworks to a third party, the third party’s processing of the personal information must also be in compliance with our Data Privacy Frameworks obligations, and we will remain liable under the Data Privacy Frameworks for any failure to do so by the third party, unless we prove we are not responsible for the event giving rise to the damage.

Civitas is subject to the investigatory and enforcement powers of the US Federal Trade Commission. In certain situations, Civitas may be required to disclose the personal information we process under the Data Privacy Frameworks in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.


If you have questions or comments about this Privacy Policy, or if you are not completely satisfied with this Privacy Policy or its application by us, we invite you to convey your questions, concerns, or suggestions to our Data Protection Officer at, or write us at:

Attention: Data Protection Officer
Civitas Learning
6705 W Hwy 290, Suite 607, PMB 1205
Austin, TX 78735

Civitas strives to satisfy our customers’ and visitors’ privacy concerns. We will reply as quickly as possible and inform you of the steps, if any, that have been or will be taken in order to address your concern or implement the suggestion. However, if you have contacted Civitas about your issue and are still unhappy with our response, and if you are also a resident of the European Economic Area or the UK, you may contact your local Data Protection Authority (DPA) regarding your issue. More information is available here.

If you have a question or complaint about our handling of your personal information under the Data Privacy Frameworks, please contact us at If you have complaints related to the Data Privacy Frameworks that Civitas cannot resolve directly, we have chosen to cooperate with an alternative dispute resolution provider, namely, VersaSafe. VeraSafe is based in the United States. If you do not receive timely acknowledgment of your DPF Principles-related complaint from us, or if we have not addressed your DPF Principles- related complaint to your satisfaction, please visit resolution/submit-dispute/ for more information or to file a complaint. The services of VeraSafe are provided at no cost to you.

As further explained in the Data Privacy Frameworks principles, binding arbitration is available to address complaints not resolved by other means. More information can be found here:


This Policy is current as of the Effective Date set forth above. Privacy laws and practices are constantly developing, and so our policies and procedures are under continual review, and we may change this Policy from time to time, so please be sure to check back periodically. We will post any changes to this Policy on our Sites. If we make any changes to this Policy that materially affect our practices with regard to the personal information that we have previously collected from you, we will endeavor to provide you with notice in advance of such change by highlighting the change on our Sites.