Reminiscent Road Media LLC d/b/a The Scholar's Ascent ("we," "us," or "The Scholar's Ascent") operates thescholarsascent.org, the Assessment Center at assessment.thescholarsascent.org, and related educational services. This policy covers the Assessment Center, Lexicon, learning tools, digital resources, account dashboards, parent/educator features, and related communications.
This Privacy Policy is a notice about our data practices, not a request for consent. Where consent is legally required, we obtain it separately from the appropriate adult, school, or user.
For a shorter explanation written for scholars, families, and educators, visit our Privacy Center.
Table of Contents
- Who We Are (Operator)
- School-Authorized and Direct-Family Use
- Information We Collect
- How We Use Your Information
- Automated Systems & AI-Assisted Technology
- Assessment Integrity Monitoring
- Information Sharing and Disclosure
- Data Storage and Security
- Children's Privacy (COPPA Compliance)
- Your Rights and Choices
- Cookies and Tracking
- Data Retention
- Security Incidents
- Governing Law
- Changes to This Policy
- Contact Information
0. Who We Are (Operator)
The Scholar's Ascent is operated by Reminiscent Road Media LLC, a Texas limited liability company ("RRM"), doing business as The Scholar's Ascent. RRM is the current service operator. When a school authorizes the Assessment Center under an applicable agreement, RRM processes the school's education records only to provide the authorized service and under the school's direction. A future affiliated-entity transfer is not effective unless we provide the notice and obtain any agreement or consent required by law or contract.
0a. School-Authorized and Direct-Family Use
School-Authorized Use
The school controls its education records. We process those records only for the school-authorized educational purpose, subject to the applicable agreement and the school's direct control. A teacher's Clever authorization alone is not treated as proof that the school authorized under-13 data collection. Before production classroom activation, we require the school authority and notices applicable to that use. A parent or eligible student should normally begin a FERPA access, correction, or deletion request with the school; we support the school's verified direction.
Direct-to-Family Use
For a family subscription or other direct account, the adult account holder controls the account relationship. We obtain verifiable parental or guardian consent before collecting personal information online from a child under 13 unless a properly authorized school may consent as the parent's agent for a school-only educational purpose.
1. Information We Collect
We collect information in several ways depending on how you interact with our platform.
a. Account Information
- Full name and email address
- Authentication credentials handled by Google Firebase Authentication; we do not receive plaintext passwords
- Profile photo (when signing in via Google authentication)
- User role: student, parent, or educator
b. Payment Information
- Payment transactions are processed securely through Stripe. We do not store credit card numbers, CVVs, or full payment card details on our servers.
- We may retain transaction records such as purchase history, subscription status, and billing email for account management purposes.
c. Usage and Progress Data
- Quiz scores, vocabulary progress, and Lexicon activity (including flashcard usage)
- Video watch history and episode completion status
- Learning streaks, badges earned, and gamification milestones
- Dashboard activity and workbook/planner interactions
d. Portfolio Uploads
- Documents, images, and videos uploaded by users as part of their academic portfolio
e. Referral Data
- Referral codes and information about who referred whom, used for our referral rewards program
f. Communications
- Messages exchanged between users and our administrative team through the platform
g. Lead Capture and Contact Forms
- Email addresses submitted through our newsletter sign-up and free study guide download
- Name, email, subject, and message content submitted through our contact form
h. Automatically Collected Information
- Security and delivery logs such as IP address, request time, requested path, browser/device information, and error information
- Local browser storage used for authentication, progress, preferences, and resume state
- With your optional analytics choice on eligible public marketing pages, pseudonymous device, page, referral, and engagement events
- Cookies and similar technologies described in Section 7
i. School-Authorized Clever Information
During Clever Library authorization, Clever provides the account role and provider identifiers needed to complete sign-in and retrieve the sections the teacher may choose. The current Assessment Center integration does not persist raw Clever user or section identifiers, OAuth access tokens, teacher or student names, email addresses, profile photos, or demographic fields. It converts provider identifiers into keyed opaque mappings and persists only the educator alias, selected-section label, subject and grade when supplied, roster count and membership links, synchronization state, and timestamps needed for sign-in, provisioning, account linking, and classroom workflows. These opaque mappings and classroom links remain identifiable to the authorizing school and are protected student information, not anonymous data. We do not request API v3.1 disability, Section 504, gifted, free/reduced-lunch, IEP, ELL, home-language, attendance, or other sensitive demographic fields for the Library integration. If a future version begins using additional Clever fields, we will update this notice and obtain the school direction or consent required before that change takes effect.
j. Assessment, Accommodation, Family, and Integrity Information
- Assessment responses, scores, mastery and weak-area indicators, misconceptions, attempts, retakes, regrades, feedback, and teacher notifications
- Educator-selected accommodations such as extended time, reduced question counts, speech or text supports, bilingual supports, pull-out settings, and whether AI-assisted grading is skipped
- Aggregate typing cadence, keystroke counts and bursts, paste events, response length, tab/fullscreen events, network-address hashes, and anomaly indicators during applicable assessments
- Uploaded student work or syllabus images and typed scholar or guardian names when a user submits those materials
- Guardian name, email, account identifier, consent record, network-address hash, and family account-link information where family features are used
k. Generative-AI Boundary
Google generative AI is disabled in the company Assessment Center for student-facing, student-triggered, and other minor-accessible runtime workflows. We do not send Clever data, student responses, student work images, accommodations, integrity evidence, or teacher classroom data from that application to Google generative AI. A separate adult-only, content-only teacher authoring service is not active and cannot be enabled unless the provider confirms the exact use in writing, education/privacy counsel approves it, and the technical boundary prevents student personal information from being submitted. Some static educational or marketing content may have been developed with AI assistance before publication; a person reviews that content before it is published.
2. How We Use Your Information
We use the information we collect for the following purposes:
- Providing and improving our services — delivering personalized educational content, tracking academic progress, powering the Lexicon tool, and enabling dashboard features
- Account management — creating and maintaining user accounts, authenticating logins, and managing subscriptions
- Communication — sending transactional emails (account confirmation, password resets, purchase receipts), responding to support inquiries, and delivering platform notifications
- Gamification and engagement — calculating streaks, awarding badges, and maintaining leaderboards to motivate learning
- Parent/Educator portal — enabling parents and educators to monitor student progress, manage linked accounts, and receive progress reports
- Referral program — tracking and rewarding successful referrals
- Marketing — sending newsletters and educational resources to users who have opted in (you may unsubscribe at any time)
- Analytics and improvement — using optional public-site analytics and service diagnostics to understand performance and usability; school education records are not used for advertising analytics
- Safety and compliance — detecting and preventing fraud, enforcing our terms of service, and complying with legal obligations
2b. Automated Systems & AI-Assisted Technology
Automated Decision-Making & Personalization
The Platform uses automated systems to enhance your learning experience. These include:
- Assessment scoring — Your responses to our self-discovery assessments (Scholar Strengths Spectrum, Compass Profile, Team Dynamic, Career Navigator) are scored by deterministic algorithms, not AI. Scores are calculated using fixed formulas based on established psychological frameworks.
- Streak and engagement tracking — The Platform automatically calculates login streaks, awards badges, and sends engagement notifications based on your activity patterns.
- Leaderboard rankings — Hall of Fame rankings are calculated automatically from your activity data (lessons completed, badges earned, streak length).
- Stage promotion eligibility — The system automatically determines when you meet advancement thresholds based on lesson completion and grade level.
No automated system on this Platform is intended to make a final consequential decision without authorized human review. Account suspensions, promotion-request reviews, complaint resolutions, grades of record, discipline, enrollment, and access decisions remain with the authorized adult or administrator.
AI-Assisted Content and Assessment Workflows
Certain static content on this Platform was developed with AI assistance and reviewed by a person before publication. The company Assessment Center does not currently run Google generative AI on student responses, student work images, accommodations, integrity evidence, Clever data, or classroom records. Assessment delivery and supported auto-scoring use deterministic rules; teachers remain responsible for reviewing results and making final grading, instructional, and discipline decisions.
Google Cloud's current Generative AI Service terms prohibit using those services as part of a website or customer application directed toward or likely to be accessed by people under 18. For that reason, changing models or moving to Vertex AI is not treated as permission to process K–12 application data. Any future adult-only content-authoring feature must remain separate from minor-accessible workflows, accept no student personal information, and pass written provider, counsel, security, and notice review before activation.
Children’s Data & Automated Systems
For users under 13, automated features may include deterministic scoring, progress indicators, accommodations, and rule-based integrity events described above; they do not include Google generative-AI processing in the company Assessment Center. These features remain subject to authorized adult review and are not used for targeted advertising or as the sole basis for a consequential decision. Engagement emails for minors are sent to the parent/guardian or school-authorized adult address on file, not directly to the child.
2c. Assessment Integrity Monitoring
For an assessment where an educator enables integrity controls, The Scholar's Ascent records limited events during the active assessment window. These events are not used for targeted advertising, commercial profiling, or passive monitoring outside the applicable assessment.
- Tab switch and fullscreen monitoring — During a locked assessment, we detect when the student navigates away from the assessment tab or exits fullscreen. Events are logged so the student's teacher can review them.
- Keystroke timing and paste detection — On written-response questions, we record aggregate typing cadence and whether content was pasted into the response field. This helps teachers identify responses that may have been copied from external sources or AI tools.
- Teacher-reviewed only — Integrity-monitoring events are visible only to the student's assigned teacher and authorized administrators. They are never sold, shared with advertisers, or used to build commercial profiles.
- Assessment scope only — Monitoring begins when a locked assessment starts and ends when the student submits or exits. No monitoring occurs during lessons, open practice, or general platform browsing.
- Retention — Integrity logs are retained alongside the associated assessment record and are deleted on the same schedule as other student assessment data (see Data Retention).
For users under 13, the applicable direct notice or school notice identifies the integrity processing before it is enabled. In school-authorized use, a parent should request access through the school; in direct-family use, the verified parent or guardian may contact us.
3. Information Sharing and Disclosure
We do not sell personal information, sensitive personal information, or biometric data. We do not use or disclose student information for targeted advertising. We share data only to provide an authorized feature, comply with law, protect the service, or complete a disclosed transaction.
a. Third-Party Service Providers
Service providers receive only the categories of information needed for the enabled feature, subject to the provider terms and contracts that apply to that specific product. Before releasing children's personal information to a service provider, we require the confidentiality, security, and integrity assurances required by applicable law:
- Firebase (Google) — authentication, real-time database, cloud storage, and hosting
- Stripe — secure payment processing for subscriptions and purchases
- Resend — transactional email delivery (account confirmations, receipts, notifications)
- Google Analytics for Firebase — optional pseudonymous device and usage events on eligible public marketing pages after opt-in; not enabled for authenticated dashboards or student assessment routes
- Google Fonts — web-font delivery on public pages, which exposes ordinary request metadata such as IP address and browser information to Google
- Clever — optional educator-authorized identity and classroom provisioning for the Assessment Center
- Google AI services — not enabled as a runtime subprocessor for Clever data, student data, teacher classroom data, or minor-accessible Assessment Center workflows; limited internal assistance may be used to develop static content that is reviewed before publication
See the current service list and purposes in our Trust & Support Center.
b. Parent/Educator Access
A verified parent, guardian, educator, or school administrator may view only the student information authorized for that relationship. A student linked to more than one teacher or section receives a server-validated active classroom context; selecting a teacher or class in the browser does not itself grant access.
c. Legal Requirements
We may disclose information if required to do so by law, in response to valid legal processes (such as a subpoena or court order), or to protect the rights, property, or safety of The Scholar's Ascent, our users, or the public.
d. Business Transfers and Affiliated Entities
In a merger, acquisition, sale of assets, or internal reorganization, information may transfer only subject to applicable law and existing school agreements. We will provide required notice, and a transfer will not expand the permitted purpose of school-authorized student information without the school's direction and any legally required consent.
e. De-Identified Information
If we create de-identified information, we will take reasonable measures to prevent it from being linked to a person, publicly commit to maintain and use it without attempting to re-identify anyone, and require any recipient to honor the same restriction. We do not treat a scholar alias by itself as anonymous when a school can reconnect it to a student.
4. Data Storage and Security
We take the security of your data seriously and implement appropriate technical and organizational measures to protect it.
- Encryption — Application traffic uses HTTPS. Google Firebase Authentication handles password credentials under its authentication service; TSA does not receive plaintext passwords.
- Cloud infrastructure — Data is hosted with Google Cloud/Firebase using provider-managed encryption at rest and HTTPS in transit. Provider assurance reports apply to the covered services identified in Google's documentation; they are not a certification of our entire application.
- Application attestation — Company-hosted teacher and student assessment routes use Firebase App Check with reCAPTCHA Enterprise. Google receives ordinary request, browser/device, interaction, network, and risk-signal information needed to determine whether a request came from the registered application. This control is used for security and abuse prevention, not advertising or student evaluation.
- Access controls — The company SaaS integration uses verified identity, tenant and role claims, server-mediated authoritative writes, and tenant-scoped records. Administrative access is limited by operational role and logged where the workflow supports audit logging.
- AI separation — Google generative AI is disabled in student-facing, student-triggered, and other minor-accessible company Assessment Center workflows. Changing models or using Vertex AI does not override that boundary.
- Alias-first design — Ordinary assessment displays and SaaS scholar records use aliases, but provider identifiers, guardian links, uploads, and user-entered content can still identify a person and receive the same protections.
- Payments — Card entry occurs on Stripe-hosted payment surfaces. We retain account-level customer, transaction, subscription, and invoice references, but do not receive full card numbers or CVVs.
While we strive to protect your information, no method of electronic transmission or storage is 100% secure. We encourage you to use a strong, unique password for your account and to keep your login credentials confidential.
5. Children's Privacy (COPPA)
The Scholar's Ascent serves students as young as kindergarten. COPPA places the duty to provide notice, obtain valid authorization, minimize data, protect it, and honor review/deletion rights on us as the covered operator.
a. Parent or School Authorization
For direct-to-family use, an under-13 account must remain restricted until the parent or guardian receives the required direct notice and provides consent through a method that is legally sufficient for the enabled data practices. The direct-family under-13 production flow remains a compliance gate while its parent-verification steps are being finalized. For school-authorized use, a school may act as the parent's agent only for the educational service used for the benefit of the school and for no other commercial purpose. We provide the school the required notice and use a method reasonably designed to verify that the authorization came from an appropriate school adult rather than a child. We do not shift our COPPA compliance responsibility to a teacher, school, or family.
b. Minimal Data Collection for Children
For users under 13, we collect only the minimum information necessary to provide our educational services:
- A scholar alias or adult-chosen display name
- Only the account, classroom, progress, assessment, support, and family-link information needed for the enabled feature
- User-submitted work only when the feature requires it
We avoid collecting a child’s personal email or full legal name where the service can operate with a scholar alias. School-authorized roster data, assessment records, uploaded work, and accommodation selections may nevertheless be identifiable to the authorizing school. Communications are routed to the parent/guardian or authorized school adult.
c. No Behavioral Advertising to Children
We do not serve targeted or behavioral advertising to users identified as children under 13. We do not share children's data with third parties for marketing purposes.
d. Parental Rights
Parents and guardians have the right to:
- Review the personal information collected from their child
- Request the deletion of their child's personal information
- Refuse to allow further collection or use of their child's information
- Manage and update their child's account settings at any time through the parent portal
For a school-authorized account, begin with the school so it can verify the request and direct our response. For direct-family use, contact info@thescholarsascent.org.
e. Safety Measures
The service does not provide child-directed public chat or open social posting. Communications intended for a minor are routed through an authorized parent, guardian, or school adult. Access to student records is limited to the student and verified adults with an authorized educational or family relationship; platform personnel do not receive routine access merely because they administer the service.
6. Your Rights and Choices
Depending on the data and legal context, you may have rights to confirm processing, access a portable copy, correct, delete, and opt out of targeted advertising, sale, or qualifying profiling. We do not sell personal data or use it for targeted advertising.
a. Access and Portability
For a direct account, you may request a copy of the personal data we control. For school-controlled education records, submit the request to the school; we assist the school and do not override its verification or record-control process.
b. Correction
You may update or correct your personal information at any time through your account settings or by contacting us.
c. Deletion
You may request deletion of a direct account and associated personal data. We complete a verified product-data deletion within 30 days, subject to the retention exceptions described below. For school-controlled records, the controlling school directs deletion.
d. Marketing Opt-Out
You may unsubscribe from marketing emails at any time by clicking the "unsubscribe" link included in every marketing email or by contacting us directly. Transactional emails (such as purchase confirmations and security alerts) are not affected by marketing opt-out.
e. Optional Analytics
Firebase Analytics is off unless you allow it in the Privacy Center. It remains disabled on authenticated dashboards and student assessment routes.
f. Texas Requests and Appeals
Texas residents may send an authenticated request to info@thescholarsascent.org with the subject “Texas privacy request.” We respond without undue delay and within 45 days where the Texas Data Privacy and Security Act applies; when reasonably necessary, we may extend once by another 45 days after giving timely notice and a reason. If we decline a request, we explain why and how to appeal. Submit an appeal by replying with the subject “Texas privacy appeal.” If we deny the appeal, we provide information for contacting the Texas Attorney General. We do not discriminate against anyone for exercising a privacy right.
7. Cookies and Tracking
We use browser storage and similar technologies for authentication, security, progress, preferences, and optional public-site analytics.
a. Types of Cookies We Use
- Essential cookies — Required for the platform to function properly, including authentication tokens and session management. These cannot be disabled.
- Functionality cookies — Remember your preferences, such as language settings and display options, to personalize your experience.
- Optional analytics identifiers — After opt-in, Google Analytics for Firebase may process pseudonymous device and usage events on eligible public marketing pages. It is not enabled for authenticated dashboards or student assessment routes.
b. Third-Party Cookies
Stripe may set cookies on Stripe-hosted checkout and billing pages. Google Analytics for Firebase may set or read identifiers only after the optional choice described above. On company-hosted teacher and student assessment routes, reCAPTCHA Enterprise may set the necessary _GRECAPTCHA cookie and process browser, device, interaction, network, and risk signals to issue Firebase App Check tokens for security and abuse prevention. App Check is essential to those protected routes and is not used for advertising, grading, discipline, or behavioral profiling.
c. Managing Cookies
You can change optional analytics in the Privacy Center. Browser controls can also block or delete storage, though doing so may sign you out or remove saved local progress and preferences.
d. Browser Privacy Signals
Because optional analytics requires an affirmative choice, it remains off when no choice has been stored. We do not sell data or run targeted advertising, so there is no sale or targeted-advertising processing to opt out of through a browser signal.
8. Data Retention
We retain personal information only for the documented educational, account, security, contractual, or legal purpose. A school agreement controls if it requires a shorter period.
- Assessment Center education records — Detailed responses, scores, feedback, accommodations, uploads, and integrity records are ordinarily retained for the applicable July-through-June school year, then deleted or de-identified unless the school instructs us otherwise under its agreement.
- Verified deletion requests — Individual records are deleted within 30 days of a verified request from the controlling school or authorized direct-family account, unless law or an agreement requires a shorter period.
- School termination — School-controlled personal data is deleted or returned within 60 days after service termination unless the applicable agreement requires a shorter period.
- Clever provisioning — Clever identity, role, section, and roster links are retained only while needed for the authorized integration or until access is revoked and the applicable deletion period expires.
- Guardian consent and family links — Retained while the linked account is active and as needed to document authorization, then deleted under the applicable account schedule.
- Pending child-consent records — If legally sufficient parental consent is not completed within a reasonable time, the child and parent contact information collected only to seek that consent is deleted.
- Minimal permanent records — We may retain alias non-reuse markers, school year, opt-in Hall of Fame entries, counts-only deletion certificates, and security/audit evidence that does not contain direct sensitive student content.
- Backups — Deleted information is removed from ordinary access and may remain temporarily in access-restricted backups used only for disaster recovery. A numeric maximum backup lifespan has not yet been operationally verified; external school student-data processing remains gated on establishing and testing that maximum.
- Billing and legal records — Transaction and contract records may be retained as required for tax, accounting, dispute, or legal obligations.
- Lead capture data — Email addresses collected through our newsletter or free study guide offer are retained until you unsubscribe, at which point they are removed within 30 days.
- Contact form submissions — Messages submitted through our contact form are retained for up to 1 year to allow for follow-up and quality assurance.
8a. Security Incidents
Report a suspected security issue to info@thescholarsascent.org without including student records, passwords, PINs, or access tokens. If we confirm unauthorized access to school-controlled student information, we will notify the affected school without unreasonable delay and within the timing required by applicable law and the controlling agreement. The school controls family notice for its education records unless law requires us to notify directly. Direct-account users will receive any notice required by applicable law.
8b. Governing Law
Texas law applies to this notice where applicable. Contractual governing-law, venue, and dispute terms appear in the Terms of Service or controlling school agreement; this privacy notice does not reduce non-waivable rights under other applicable law.
9. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will:
- Update the "Last Updated" date at the top of this page
- Post a prominent notice on our website
- Send required notice to the account holder or controlling school for material changes
A policy update does not expand the purpose for which we may use school-authorized student information. We will not use a general “continued use” clause to add advertising, commercial profiling, generalized model training, or another materially different purpose. We will obtain the school's direction and any consent required by law or agreement before a new purpose takes effect.
10. Contact Information
If you have any questions, concerns, or requests related to this Privacy Policy or your personal data, please contact us:
- Reminiscent Road Media LLC d/b/a The Scholar's Ascent
- Mailing Address: 12828 Willow Centre Dr, Ste D49, Houston, TX 77066
- Email: info@thescholarsascent.org
- Website: thescholarsascent.org
We acknowledge privacy inquiries promptly. The response deadline depends on the request and controlling law or school agreement; the Texas process is described in Section 6.