Policies

Payment or a verified purchase order must be received before items ship. We offer NET 30 payment terms for approved schools. 

Payments for invoices not received within 90 days may be subject to an additional collections fee.

Tech to School's devices can be returned for a full refund within 30 days of receipt with the exception of certain special order items or sourced inventory such as new Chromebooks, new PCS, cases, carts, imaging equipment and accessories.

Tech to School offers free ground shipping on devices to the contiguous U.S. Shipping to Hawaii and Alaska is available for an additional cost. Carts and other 3rd party devices may incur additional shipping charges.

Tech to School cannot guarantee compatibility with Apple’s DEP or ASM.

Your rights under the California Consumer Privacy Act

The California Consumer Privacy Act (CCPA) provides you with rights regarding how your data or personal information is treated. Under the legislation, California residents can choose to opt out of the “sale” of their personal information to third parties. Based on the CCPA definition, “sale” refers to data collection for the purpose of creating advertising and other communications. Learn more about CCPA and your privacy rights.

How to opt out:

By clicking on the link below, we will no longer collect or sell your personal information. This applies to both third-parties and the data we collect to help personalize your experience on our website or through other communications.

Do not sell my personal information

Tech to School ("Tech to School," "we," "us," or "our") provides technology devices and IT services to schools, school districts, and other organizations, and operates the Clara customer portal. This Privacy Policy explains what information we collect, how we use it, who we share it with, and the choices and rights you have.

This policy covers the Tech to School website and storefront, the Clara portal (clara.techtoschool.com, clarak12.com, clara.education), and the forms and services we provide to our customers.

**A note on student data:** Some of our customers are schools and districts. We are committed to protecting student privacy and complying with applicable student-data privacy laws, including the Family Educational Rights and Privacy Act (FERPA) and state student-data privacy laws such as California's Student Online Personal Information Protection Act (SOPIPA). See the **Student Data Privacy** section below for details.

---

1. Who this policy applies to

This policy applies to:

- **Visitors** to our website and storefront.

- **Customers** — the schools, districts, and organizations that purchase devices and services from us.

- **Customer users** — the individual staff members at our customer organizations who use the Clara portal and interact with us.

This policy does **not** create privacy obligations directly to students. Where we process student information, we do so on behalf of and at the direction of the school or district, under the terms of our data privacy agreement with that school or district. See **Student Data Privacy** below.

---

2. Information we collect

Information about customer organizations

When a school, district, or organization becomes our customer, we collect information needed to provide our products and services, including: organization name, addresses, website, tax-exempt status, account and billing information, payment terms, and order and invoice history.

Information about individual users

We collect information about the individual people who interact with us or use the Clara portal, including: name, title, email address, phone number, optional mailing address, role, portal login activity, and communication preferences.

Device information

To provide device-management services, we maintain records about the devices our customers purchase or manage through us, including: device identifiers (serial numbers, asset tags), manufacturer, model, hardware specifications, MAC address (where available), device ownership and assignment history, and repair, audit, and enrollment service history.

Support and communications

When you contact us or submit a support request, we collect the content of your communications, including support request descriptions, messages, and any attachments you provide. We also maintain records of email correspondence related to your account, orders, and support.

Operational credentials provided by customers

To perform device enrollment, provisioning, and management services that a customer requests, we may hold operational credentials the customer provides or delegates — such as device passcodes, enrollment account passwords, network passwords, and delegated administrative access to the customer's device-management environments (for example, Google Admin or Apple School Manager). We treat these credentials as highly sensitive. They are encrypted at rest, access is restricted and logged, and we use them solely to perform the services the customer has requested. See **How we protect information** below.

Financial and credit information

For customers who apply for credit terms or financing, we collect information necessary to evaluate and administer those arrangements, including organization tax identification, authorized signer information, and an electronic signature. This information is collected through our application forms and is used solely for credit, billing, and account-administration purposes. Our use of automated analysis to assist with credit review processes this information only to support our own decision-making and is not used to train third-party AI models.

Technical information

When you use the Clara portal, we collect limited technical information:

- A session cookie (`tts.sid`) that keeps you logged in. It is strictly necessary for the portal to function.

- Your IP address and browser user-agent, captured only when you authenticate (log in, verify a magic link, or submit a form) — not on routine page views.

We do **not** use behavioral analytics, advertising trackers, session-replay tools, or cross-site tracking on the Clara portal.

Information from forms and integrations

We collect information you provide through our forms (such as contact updates, surveys, and applications). Where a customer chooses to connect Clara to their own IT systems (for example, an IT service-management integration), we process the data that integration is configured to exchange, as directed by the customer.

---

3. How we use information

We use the information we collect to:

- Provide, operate, and support our products and the Clara portal;

- Process and fulfill orders, manage devices, and provide repair, warranty, provisioning, and buyback services;

- Communicate with you about your account, orders, repairs, and support requests;

- Administer credit, billing, and payments;

- Maintain the security and integrity of our systems;

- Improve our products and services; and

- Comply with our legal obligations.

**Artificial intelligence.** The Clara portal includes an AI assistant ("Ask Clara") that helps users find information about their own orders, devices, coverage, and support requests. When you use it, your question and relevant account context are processed by our AI service provider to generate a response. **Your data — including any student information — is not used to train third-party AI models, and we do not use it to build advertising or marketing profiles.**

---

4. How we share information

We do **not sell** your personal information, and we do not share it for cross-context behavioral advertising.

We share information only in these limited circumstances:

- **Service providers (subprocessors).** We use third-party service providers to operate our business and the Clara portal — for example, cloud hosting, backups, email delivery, authentication, shipping and logistics, accounting, and our AI assistant. These providers process information only to provide their service to us and are required to protect it. A list of the categories of service providers we use is available on request, and for school customers, in the subprocessor exhibit to our data privacy agreement.

- **At your direction.** Where you connect Clara to your own systems or ask us to share information, we do so as directed.

- **Legal requirements.** We may disclose information where required by law, regulation, legal process, or governmental request, or to protect the rights, safety, and security of Tech to School, our customers, or others.

- **Business transfers.** If Tech to School is involved in a merger, acquisition, or sale of assets, information may be transferred as part of that transaction, subject to the commitments in this policy.

All of our service providers that process customer data store it within the United States.

---

5. How we protect information

We maintain administrative, technical, and physical safeguards designed to protect the information we hold, including:

- **Encryption in transit** (TLS) for data moving between you and our services.

- **Encryption at rest** for highly sensitive credentials, including device passcodes, enrollment and network passwords, delegated administrative tokens, and the optional student-name field, using industry-standard AES-256-GCM encryption.

- **Access controls** that limit which staff can access customer data, with administrative access restricted to a small number of personnel.

- **Authentication controls**, including single sign-on for staff and passwordless or federated login options for portal users.

- **Backups** maintained within the United States to support recovery.

- **Monitoring** of our systems for availability and integrity.

No system can be guaranteed perfectly secure. If we become aware of a security incident affecting your information, we will notify affected customers and comply with applicable breach-notification laws. For school customers, our breach-notification commitments are specified in our data privacy agreement.

---

6. Data retention

We retain customer and account information for as long as needed to provide our services, maintain accurate business and device-lifecycle records, and meet our legal, accounting, and contractual obligations. Device ownership and service history is retained to maintain an accurate lifecycle record of devices.

Customers may request deletion or return of their data as described below and, for school customers, under the terms of our data privacy agreement.

---

7. Your rights and choices

Access, correction, and deletion

You may request to access, correct, or delete the personal information we hold about you. For customer organizations, we will return or delete customer data upon written request, generally within 60 days of account termination, and will provide an export of your data upon written request, generally within 30 days. To make a request, contact us at **support@techtoschool.com**.

California residents (CCPA/CPRA)

If you are a California resident, you have the right to:

- Know what categories of personal information we collect and how we use and share it;

- Request access to and deletion of your personal information;

- Correct inaccurate personal information; and

- Not be discriminated against for exercising your rights.

We do **not** sell personal information and do **not** share it for cross-context behavioral advertising. The categories of personal information we collect are described in **Information we collect** above. To exercise your California rights, contact **privacy@techtoschool.com**.

Note: Student information governed by FERPA and state student-data privacy laws is handled under those laws and our agreements with schools, not under CCPA (which excludes information covered by FERPA).

Email preferences

You can opt out of non-essential and marketing emails using the unsubscribe link in those emails or by contacting us. We will still send you essential service communications (such as order, repair, and account notifications).

---

8. Student Data Privacy

Many of our customers are schools and school districts. When we provide services to a school or district, we may process information about students on the school's behalf. We take this responsibility seriously.

Our commitments regarding student data

- **We act on the school's behalf.** Where we process student information, we do so as a "school official" with a legitimate educational interest under FERPA, performing a device-management or support function the school would otherwise perform itself, under the school's direction and control.

- **We use student data only to provide our services.** We do not use student information for any commercial purpose unrelated to our services.

- **We do not sell student data.**

- **We do not use student data for targeted advertising**, and we do not build advertising or marketing profiles of students.

- **We do not use student data to train third-party AI models.**

- **We protect student data** with the security measures described in this policy.

- **We return or delete student data** at the school's request.

What student data we process

Clara is a device-management and IT-services platform. **It is not an educational system of record, and it does not require student educational records to function.** We do not collect student IDs, grades, attendance, enrollment rosters, demographics, or academic records.

The only structured student-identifying information we may hold is an **optional student name** that a school may choose to provide to label a device repair or shipment (for example, to identify whose device is being serviced). This field is optional, provided at the school's discretion, and encrypted at rest.

Student names may also appear incidentally where school staff include them in free-text support requests, repair notes, or attachments they submit to us. We do not request or rely on this information.

In the future, Clara may offer the ability to associate a device with a student name or school-provided student identifier for device-management purposes (for example, to track which device is assigned to which student). Any such information will be processed solely for device-management purposes, under the same commitments and agreements described here.

Schools and districts

Schools and districts that use our services enter into a data privacy agreement with us that governs the handling of student data, including FERPA and applicable state-law commitments. We support the Student Data Privacy Consortium (SDPC) National Data Privacy Agreement framework. To request our data privacy agreement or discuss student-data privacy, contact **privacy@techtoschool.com**.

Parents

If you are a parent or guardian with questions about your child's information, please contact your child's school or district, which controls the information and can direct requests to us as needed.

---

9. Children's privacy

Our services are provided to schools, districts, and organizations — not directly to children. We do not knowingly allow children to create accounts or use the Clara portal directly. Where we process information about students, we do so on behalf of schools as described in **Student Data Privacy** above.

---

10. Data location and international users

Tech to School operates in the United States, and we store and process data in the United States. Our service providers that process customer data also store it within the United States. We do not currently transfer customer data outside the United States. Our services are intended for customers and users in the United States.

---

11. Changes to this policy

We may update this Privacy Policy from time to time. When we make material changes, we will update the "Last updated" date above and, where appropriate or required, notify affected customers. For school customers, changes affecting student data will be handled in accordance with our data privacy agreements.

---

12. Contact us

If you have questions about this Privacy Policy or how we handle your information, or if you wish to exercise your rights, contact us at:

**Tech to School**

2002 Martin Ave, Santa Clara, CA 95050

**support@techtoschool.com**