The Renaissance International Campus, LLC ("TRC," "we," "us," or "our") operates the website at trc.international and the related online English programs and student services (collectively, the "Services"). This Privacy Policy explains what personal information we collect, how we use it, who we share it with, and the rights you have over your information.
We are a U.S.-based company headquartered in Miami, Florida. This Privacy Policy is written to comply with U.S. federal law, the California Consumer Privacy Act (CCPA) as amended by the CPRA, and the comprehensive state privacy laws of Virginia, Colorado, Connecticut, Utah, Texas, Oregon, Montana, Iowa, Delaware, New Hampshire, Nebraska, New Jersey, Tennessee, Minnesota, Maryland, Indiana, Kentucky, and Rhode Island as in force in May 2026.
01Scope of this Privacy Policy
This Privacy Policy applies to personal information we collect through the Services. It does not apply to information collected by third-party websites or services that link from our site, even if we recommend them, and it does not apply to information you provide directly to third parties outside the Services (for example, the official Cambridge English, IELTS, or TOEFL testing bodies).
This Privacy Policy supplements (and does not modify) any signed enrollment agreement between you and TRC. In the event of a conflict, the signed enrollment agreement governs.
02Who is responsible for your personal information
The data controller (and, for purposes of state privacy laws, the "business" or "controller") for personal information collected through the Services is The Renaissance International Campus, LLC, a Florida limited liability company with its principal place of business in Miami, Florida.
Where we engage service providers to process personal information on our behalf, those providers act as our "service providers" or "processors" and are bound by written contracts that restrict their use of the information to the purposes we authorize.
03Categories of personal information we collect
Under the California Consumer Privacy Act (CCPA) as amended by the CPRA and most other state laws, personal information is grouped into statutory categories. The categories we collect, the sources, the business or commercial purpose, and the categories of third parties to whom we may disclose them are summarized below.
- Identifiers — your name, postal or email address, account login, IP address, device identifiers, advertising identifiers. Source: directly from you, automatically when you use the Services, from service providers.
- Customer-record information (Cal. Civ. Code §1798.80) — name, contact information, payment information you submit at enrollment. Source: directly from you and from payment processors.
- Characteristics of protected classifications — age range, nationality if you provide it. We do not knowingly collect characteristics such as race, sexual orientation, religion, or disability except as you voluntarily share for accommodations.
- Commercial information — enquiry history, programs requested, enrollment and payment history.
- Internet or other electronic network activity — pages viewed, time on page, click events, referrer, browser type, device type, interactions with our forms and learning materials.
- Geolocation data — approximate location derived from IP address. We do not collect precise geolocation.
- Sensory information — voice recordings of cohort sessions where you opt in and video recordings where session capture is enabled. See "Recordings" in our Terms.
- Professional or employment information — only if you voluntarily provide it as part of a corporate enrollment.
- Education information — placement test responses and results, assignment submissions, progress data, certificates earned. Note: we are not an institution covered by FERPA (see Section 24).
- Inferences drawn from the above — your likely English level, the program most appropriate for you, content recommendations.
04Sources of personal information
- Directly from you when you complete a form, take the placement test, enroll in a program, message a mentor, or otherwise interact with the Services.
- Automatically from your device when you use the Services (cookies, analytics tools, server logs).
- From our service providers (payment processors, email delivery providers, analytics providers, examination bodies for score reporting where you authorize that release).
- From publicly available sources, only where you have made the information public (for example, a public LinkedIn profile you reference in an application).
- From a parent or legal guardian if you are a minor and your guardian completes part of the enrollment on your behalf.
05Business and commercial purposes for processing
We use personal information for the following business and commercial purposes, each of which corresponds to a permissible purpose under the CCPA, the VCDPA, the CPA, the CTDPA, the UCPA, the TDPSA, the OCPA, the MCDPA, the MODPA, and the other applicable U.S. state privacy laws:
- To provide, operate, and improve the Services.
- To respond to your enquiries, place you in the right program, and provide customer support.
- To process enrollments, payments, refunds, and chargebacks.
- To deliver course materials, track academic progress, conduct placement and mock exams, and issue Letters of Academic Attainment and program certificates.
- To send transactional communications (enrollment confirmations, schedule reminders, exam-day instructions, password resets, refund notifications).
- To send marketing communications when you have opted in or where permitted by law; you can unsubscribe at any time.
- To personalize content and program recommendations.
- To measure aggregate site performance and user experience (analytics).
- To prevent, detect, and investigate fraud, abuse, security incidents, and illegal activity.
- To enforce our Terms of Service and other agreements.
- To comply with legal obligations and respond to subpoenas and lawful requests from government authorities.
- To establish, exercise, or defend legal claims.
06Sensitive personal information
Under California law, "sensitive personal information" includes categories such as Social Security and other government-issued identifiers, financial account credentials, precise geolocation, racial or ethnic origin, religious or philosophical beliefs, union membership, mail or email contents not addressed to TRC, genetic data, biometric data for unique identification, health information, and sex life or sexual orientation data.
We do not knowingly collect or process sensitive personal information for any purpose other than what is necessary to provide the Services you have requested, to detect security incidents, to resist malicious or illegal activity, or to perform other purposes for which the right to limit does not apply under California Civil Code §1798.121.
We do not use or disclose sensitive personal information for the purpose of inferring characteristics about a consumer.
07Right to limit use of sensitive personal information
California consumers have the right to limit our use and disclosure of sensitive personal information to those uses necessary to perform the services or provide the goods reasonably expected by an average consumer. Because we do not use sensitive personal information beyond those purposes, no separate action is required on your part — but you may submit a request to confirm by emailing [email protected] with the subject line "Limit Use of Sensitive PI."
08Categories of third parties we share with
We share personal information with service providers acting on our behalf, with examination bodies you have authorized, and as required by law. Current and anticipated categories of recipients include:
- Hosting and infrastructure — Vercel, Inc. (United States) for website delivery and content distribution.
- Analytics — Vercel Analytics and Vercel Speed Insights for aggregate, non-personally-identifying site performance metrics.
- Email delivery — Resend or an equivalent transactional email provider for enrollment, support, and admissions emails.
- Payment processing — to be confirmed at launch; the processor receives only the information needed to complete your payment and is bound by PCI-DSS requirements.
- Customer support tooling — internal email and ticketing; if a third-party help-desk provider is engaged, it will be added to this policy.
- Examination bodies (Cambridge Assessment English, British Council and IDP for IELTS, ETS for TOEFL) — only with your explicit registration request and only for the information required to register you for the exam.
- Professional advisors — our auditors, lawyers, and insurers, under duty of confidentiality.
- Successors in interest — in connection with a merger, acquisition, financing, reorganization, bankruptcy, or sale of assets, in which case we will require the recipient to honor this Privacy Policy or provide notice and a meaningful opportunity to opt out.
- Government authorities — where required by subpoena, court order, or applicable law, and where we believe disclosure is necessary to protect rights, property, or safety.
09Sale and sharing of personal information
We do not sell personal information for monetary consideration. We do not share personal information for cross-context behavioral advertising as those terms are defined under the CCPA.
We do not knowingly sell or share personal information of consumers under the age of sixteen (16) without the affirmative authorization of the consumer (if between 13 and 16) or the consumer's parent or guardian (if under 13).
If we ever change this practice, we will update this Privacy Policy and provide a clear "Do Not Sell or Share My Personal Information" mechanism — including a prominent link on the homepage and in the footer — at least thirty (30) days before any such practice takes effect.
10Do Not Sell or Share My Personal Information
As stated in the preceding section, we do not sell or share personal information for cross-context behavioral advertising. To confirm this practice in writing, or to opt out in advance of any future change, you may:
(a) email [email protected] with the subject line "Do Not Sell or Share," or (b) configure your browser to send the Global Privacy Control (GPC) signal, which we honor automatically across our Services.
We will not discriminate against you for exercising this right.
11Automated decision-making technology and profiling
Under the California Privacy Protection Agency's regulations on Automated Decision-making Technology (ADMT), risk assessments, and cybersecurity audits in effect since January 1, 2026, businesses must disclose the use of ADMT in decisions that produce legal or similarly significant effects on a consumer and must provide opt-out and pre-use notice rights.
TRC does not currently use ADMT to make decisions that produce legal or similarly significant effects on consumers. The placement test grades your responses against a fixed CEFR rubric and your result is reviewed by a human advisor before any program recommendation. Admissions, financial aid, and disciplinary decisions are made by humans.
We do use lightweight automated systems to recommend learning resources (for example, suggesting library items at your current CEFR level). These recommendations are not significant decisions; you are always free to ignore them or choose any other material in the library.
If we ever introduce ADMT that would produce legal or similarly significant effects, we will provide a pre-use notice, an opt-out, and a right to access information about the logic involved, before such use begins.
12Your privacy rights — overview
Depending on your state of residence, you have one or more of the following rights regarding the personal information we hold about you:
- Right to know — what personal information we have collected, the sources, the business or commercial purpose, the categories of third parties to whom we disclose it, and the specific pieces of personal information we hold about you.
- Right to access / portability — a copy of your personal information in a portable, readily usable format.
- Right to correct inaccurate personal information.
- Right to delete — subject to legal exceptions (for example, completion of a transaction, security, debugging, legal compliance, internal uses reasonably aligned with your expectations).
- Right to opt out of sale or sharing of personal information.
- Right to opt out of targeted advertising.
- Right to opt out of profiling in furtherance of decisions that produce legal or similarly significant effects.
- Right to limit use of sensitive personal information.
- Right to non-discrimination for exercising any of these rights.
- Right to appeal our decision on a privacy request, where applicable.
- Right to designate an authorized agent to submit a request on your behalf.
13California-specific privacy rights (CCPA / CPRA)
California residents have all of the rights listed above and, in addition:
(i) the right to a "Notice at Collection" describing the categories of personal information being collected and the purposes at or before the point of collection — provided by this Privacy Policy and any contextual notice on a relevant form; (ii) the right to know financial incentives offered, if any (we do not offer any — see Section 23); (iii) the right to receive a response within forty-five (45) days, extendable once by an additional forty-five days where reasonably necessary; (iv) the right to opt out of automated decision-making technology used for decisions producing legal or similarly significant effects (see Section 11); (v) the right to authorized-agent submission with proper verification.
California Shine the Light (Civil Code §1798.83): California residents may request a list of categories of personal information disclosed to third parties for those parties' direct marketing purposes during the prior calendar year. We do not disclose personal information for third-party direct marketing.
14Virginia, Colorado, Connecticut, Utah, Texas, Oregon, Montana
If you are a resident of Virginia, Colorado, Connecticut, Utah, Texas, Oregon, or Montana, you have rights similar to those described above, including the rights to know, access, correct, delete, port, opt out of sale, opt out of targeted advertising, and opt out of profiling for decisions with legal or similarly significant effects (the exact scope varies by state).
Colorado, Connecticut, Texas, and Oregon require us to honor Universal Opt-Out Mechanisms such as the Global Privacy Control. Montana, Delaware, New Hampshire, Nebraska, New Jersey, Minnesota, and Maryland also recognize these signals to varying extents. We honor the GPC signal in all of these jurisdictions.
Where state law provides a right to appeal a denial of a privacy request, you may appeal within forty-five (45) days of our decision by replying to our written response. We will respond to your appeal within sixty (60) days.
15Other state privacy rights
Residents of Iowa, Delaware, New Hampshire, Nebraska, New Jersey, Tennessee, Minnesota, Maryland, Indiana, Kentucky, and Rhode Island have rights under their respective state laws (ICDPA, DPDPA, NHPA, NDPA, NJDPA, TIPA, MCDPA, MODPA, INCDPA, KCDPA, DTPPA) that took effect at various dates through 2025 and 2026. We honor these rights in line with the broader framework described above.
Maryland's Online Data Privacy Act (effective October 1, 2025; enforcement from April 1, 2026) imposes additional data-minimization duties and stricter limits on the processing of sensitive personal information, which we apply to all U.S. residents.
Indiana's, Kentucky's, and Rhode Island's comprehensive privacy laws took effect on January 1, 2026.
17Identity verification of consumer requests
To protect you against fraudulent requests, we verify the identity of any person submitting a privacy request. The level of verification we require is proportionate to the sensitivity of the data and the risk of harm from improper disclosure.
For non-sensitive requests (for example, the right to know categories collected), we may match the request against the email address we have on file. For sensitive requests (for example, the right to access specific pieces of personal information), we may ask you to confirm two or three data points associated with your account.
We will not require you to create an account in order to submit a request, but if you already have an account, signing in is the simplest verification path.
18How to exercise your rights
Email [email protected] describing the right you wish to exercise, the personal information at issue, and enough information for us to verify your identity. You may also submit a request by writing to the postal address at the foot of this policy.
We aim to acknowledge your request within ten (10) business days and to respond fully within forty-five (45) days. Where reasonably necessary, we may extend the response window by an additional forty-five days, in which case we will explain the reason.
We do not charge a fee for verifying or responding to a request, except where the request is manifestly unfounded or excessive, in which case we may charge a reasonable fee or refuse to act, in line with applicable state law.
19Right to appeal
If we decline to act on your privacy request, you may appeal by replying to our written response within forty-five (45) days. Your appeal should explain why you believe our response was incorrect.
We will respond to your appeal within sixty (60) days. If the appeal is denied, you may submit a complaint to your state attorney general or, in California, to the California Privacy Protection Agency at cppa.ca.gov.
20Universal opt-out signals
We honor the Global Privacy Control (GPC) browser signal as a valid opt-out of the sale and sharing of personal information and of targeted advertising in jurisdictions that recognize these signals, including California, Colorado, Connecticut, Texas, Oregon, Delaware, New Hampshire, Nebraska, New Jersey, Minnesota, and Maryland.
Because TRC does not currently sell or share personal information for cross-context behavioral advertising, the practical effect of the GPC signal is to maintain that state of affairs and to be recorded in our logs as evidence of your preference.
21How long we keep your information
We retain personal information only for as long as needed to fulfill the purposes for which it was collected, to comply with legal obligations, to resolve disputes, and to enforce our agreements. Specifically:
- Enrollment records (transcripts, certificates, mock-exam results): seven (7) years after program completion, to support future academic verification requests.
- Payment and accounting records: seven (7) years, as required by tax and accounting law.
- Marketing-list data: until you unsubscribe, then deleted within thirty (30) days.
- Server logs and security event logs: ninety (90) days, then archived for up to one (1) additional year before deletion.
- Customer-support conversations: two (2) years from the date of the last message.
- Contact form submissions: ninety (90) days after we close the enquiry, then deleted unless you have become an enrolled student.
23Security
We implement administrative, technical, and physical safeguards designed to protect personal information against unauthorised access, disclosure, alteration, and destruction. These include encrypted transit (HTTPS/TLS 1.2+), encrypted storage where appropriate, the principle of least privilege for staff access, multi-factor authentication for administrative accounts, regular security reviews of our infrastructure, vendor security due diligence, and periodic backups.
No method of transmission or storage is completely secure; we cannot guarantee absolute security but we work to maintain a level of protection appropriate to the sensitivity of the information and to the standards expected under U.S. state privacy laws.
24Data breach notification
If a security incident results in the unauthorised acquisition of unencrypted personal information that triggers a notification obligation under state law (such as California Civil Code §1798.82), we will notify affected residents in the most expedient time possible and without unreasonable delay, consistent with the legitimate needs of law enforcement and any measures necessary to determine the scope of the breach and restore reasonable integrity to the data system.
Where required, we will also notify the relevant state attorneys general and, for Maryland breaches affecting Maryland residents, the Office of the Maryland Attorney General. We will offer credit-monitoring or identity-protection services where appropriate and legally required.
25Notice of financial incentives
We do not currently offer financial incentives or price or service differences in exchange for the collection, retention, sale, or sharing of personal information. If we ever introduce such a program — for example, a referral bonus tied to your contact information — we will publish a separate notice and obtain your opt-in consent first.
26Children under 13
Our Services are directed to students aged sixteen (16) and older. We do not knowingly collect personal information from children under thirteen (13) in violation of the Children's Online Privacy Protection Act (COPPA) or the FTC's amended COPPA Rule (compliance deadline April 22, 2026).
If you believe a child under thirteen (13) has provided us with personal information, please contact us at [email protected] and we will delete the information promptly. We will not condition a child's participation in any activity on the disclosure of more personal information than is reasonably necessary.
27Education records — FERPA acknowledgement
The Family Educational Rights and Privacy Act (FERPA) applies to educational institutions that receive funding from the U.S. Department of Education. TRC is a private English-language institution that does not receive U.S. Department of Education funding, and therefore FERPA does not apply to the education records we maintain.
Notwithstanding, we treat enrollment records, placement test results, and assessment data with care comparable to FERPA expectations. Where a student is concurrently enrolled at a FERPA-covered institution and that institution has requested verification of program completion, we will release information only with the student's signed authorization (or that of a parent or legal guardian if the student is a minor).
28Third-party links and integrations
The Services may contain links to third-party websites (for example, university admissions pages, examination bodies, social media). We are not responsible for the privacy practices of those third parties. We encourage you to read the privacy policy of every site you visit before submitting personal information.
29International users
TRC is based in the United States and our infrastructure is hosted in the United States. If you access the Services from outside the United States, your personal information will be transferred to, stored in, and processed in the United States. By using the Services you consent to that transfer.
We provide the Services on a U.S.-law basis and do not currently market the Services in any jurisdiction that prohibits transfer of personal data to the United States. If applicable laws in your country require additional safeguards or notices, please contact us so we can address your request.
30Changes to this Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices or applicable law. The "Last updated" and "Effective date" entries at the top of this page indicate when the policy was most recently revised.
Material changes will be communicated by email to enrolled students and via a prominent notice on the Services for at least thirty (30) days before the change takes effect. Your continued use of the Services after the effective date constitutes acceptance of the updated policy.
31Contact us
If you have questions about this Privacy Policy or wish to exercise your rights, contact our Privacy Office at [email protected] or by mail to:
The Renaissance International Campus, LLC. Attention: Privacy Office 350 Lincoln Rd, Suite #441 (2nd Floor) Miami Beach, FL 33139, United States.
For questions specific to California residents, you may also contact the California Privacy Protection Agency at cppa.ca.gov. For questions specific to your state, the relevant state attorney general's office may be reached through usa.gov/state-attorney-general.
Questions about this document?
Email our team at [email protected] and we will respond within one business day.
[email protected]