Privacy Policy for CollegeSimple
Last Updated: May 23, 2026
Welcome to CollegeSimple (accessible at joincollegesimple.com). This Privacy Policy is a legally binding commitment detailing the exact lifecycle of data within our platform. It outlines how we collect, use, and protect your information when you utilize our Dual-Counseling System, AI Counselor (Cora), and other admissions tools.
1. Children's Privacy and COPPA Compliance
- We strictly adhereto the federal Children's Online Privacy Protection Act (COPPA).
- CollegeSimple is not directed at children under the age of 13.
- To maintain compliance, we implement a rigorous age-verification gateway during the registration process, requiring users to verify they are over 13 years of age.
- If we discover we have inadvertently collected personal information from a child under 13, we will immediately delete that data to avoid federal liability.
- Parents or legal guardians may request the immediate deletion of inadvertently collected minor data by contacting us directly at team@collegesimple.com.
2. Information Collection and Payment Processing
- To provide our $20/month premium services, we must collect basic account information.
- We utilize a third-party payment gateway, Stripe, to securely route and process financial data.
- Raw, unencrypted credit card numbersnever touch, pass through, or reside on CollegeSimple's personal servers or databases.
- All cardholder data functions are entirely outsourced to this compliant third-party provider, and we do not store your full financial details.
3. Artificial Intelligence and Data Usage
- CollegeSimple integrates generative artificial intelligence (AI) to power tools like our Essay Editor and AI Counselor, Cora.
- Any feedback,essay drafts, or text you submit into the platform's text boxes are processed to generate the requested service output.
- In alignment with Federal Trade Commission (FTC) guidelines, we mandate transparency regarding our technology; our AI tools are designed to assist and refine, not to replicate a human expert identically or guarantee accuracy.
4. Data Security and Massachusetts Law (201 CMR 17.00)
- Because CollegeSimple operates within the jurisdiction of Massachusetts, we are strictly subject to the Massachusetts Standards for the Protection of Personal Information of Residents of the Commonwealth (201 CMR 17.00).
- We proactively address administrative, technical, and physical safeguards to protect your personal information.
- We maintain a Comprehensive Written Information Security Program (WISP) internally, which dictates strict access controls, multi-factor authentication for our personnel, and encryption protocols for data.
- We enforce data minimization policies, limiting the initial collection of personal data to only what is strictly necessary to perform the service.
- When data is no longer required for business or legal purposes, it is destroyed in a manner that leaves it entirely unrecoverable.
5. State and Federal Privacy Exemptions
- CCPA/CPRA: CollegeSimple currently falls under the statutory exemptions for the California Consumer Privacy Act (CCPA) due to our early-stage revenue and user volume thresholds. However, we proactively embrace CCPA principles by transparently declaring the data we collect, confirming that we do not sell data to third parties, and providing mechanisms for users to request data modification or obliteration.
- FERPA: As a private, direct-to-consumer digital startup, CollegeSimple is not a federally funded educational institution. Therefore, we are not statutorily bound by the Family Educational Rights and Privacy Act (FERPA). We do, however, mimic its data protection principles as an industry best practice.
6. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy, or if you need to request the deletion of your data, please contact us at team@collegesimple.com.
