Website Privacy Policy
Last Modified: May 2024
Introduction
This Privacy Policy is designed to help you understand how we collect, use, and share your personal information across our digital platforms and services (“Sites and Services”). By accessing or using our services, you agree to the collection, use, and sharing of your information as described in this policy. We are committed to protecting your privacy and ensuring that your personal information is handled safely and responsibly.
Information We Collect
Personal information (also commonly known as personally identifiable information (PII) or personal data) is information that is linked or reasonably linkable to an identified or identifiable individual. We collect the following types of personal information from you through your use of the Sites and Services:
Personal Information You Provide
Depending on how you interact with our Sites and Services, we will collect the following personal information that you voluntarily provide to us for the following purposes:
- Create or sign into an account. If you create an account, you may provide us with your email addresses, first and last names, phone numbers, ZIP/Postal codes.
- Contact us or sign up for email and other outreach. If you contact us, you may similarly provide us with email addresses, first and last names, phone numbers, ZIP/Postal codes.
- Surveys, contests, or promotions.
Personal Information as You Navigate Our Sites
We automatically collect certain personal information through your use of our Sites and our use of cookies and other tracking technologies, such as the following:
- Usage Information. For example, the pages on the Sites you access, the frequency of access, and what you click on while on the Sites.
- Device Information. For example, hardware model, operating system, application version number, and browser.
- Mobile Device Information. Aggregated information about whether the Sites is/are accessed via a mobile device or tablet, and the device type.
- Location Information. Location information from Site visitors.
For more information on our cookie usage see our Cookie Policy.
Personal Information We Collect About You from Other Sources
In some cases, we may receive personal information about you from other sources. The data collected and its usage, storage and retention may vary by data type, the system being accessed, or the service being provided.
How We Use Your Information
The information we collect may be used for:
- Providing, maintaining, and improving our services.
- Communicating with you and personalizing your experience.
- Fulfilling any purpose for which you consented to provide the data.
- In compliance with legal obligations, and to protect against fraud and misuse of our Services.
- Marketing purposes, and to analyze our service usage.
- Performing research to direct business operations or guide marketing activities.
- To protect the security and integrity of our services.
- To monitor compliance with policies and applicable agreements, defend our rights and others, and comply with applicable law.
Data Retention
We retain personal information we collect from you where we have an ongoing legitimate business need to do so (for example, to provide you with a service you have requested or to comply with applicable legal, tax, or accounting requirements). When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymize it, or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible.
Cross-border Data Transfer
Our website operates on a global scale and may transfer your personal information across national borders. We take measures to ensure that such transfers comply with all applicable data protection laws and ensure that your data remains protected to the standards described in this policy. We are committed to ensuring that your data is protected and handled with the utmost care, regardless of where it is processed. If you have any questions or concerns about our cross-border data transfer practices, please review the below section, “Data Privacy Rights (European Union and Similar Jurisdictions),” or contact us using the information provided in the Contact Information section of this privacy policy.
State Privacy Rights and Additional Disclosures
Depending on the state in which you reside, you may have certain privacy rights regarding your personal information. If you are a California resident, please see our "NOTICE TO CALIFORNIA RESIDENTS." For other state residents, your privacy rights may include (if applicable):
- The right to confirm whether or not we are processing your personal information and to access such personal information and the categories of personal information we are processing or have processed.
- The right to obtain a copy of your personal information that we collected from and/or about you in a portable and, to the extent technically feasible, readily usable format.
- The right to obtain a list of specific third parties to which we have disclosed your personal information or any personal information.
- The right to delete personal information that we collected from and/or about you, subject to certain exceptions.
- The right to correct inaccurate personal information that we maintain about you, subject to certain exceptions.
- The right, if applicable, to opt out of the processing of your personal information.
- If we are required by applicable law to obtain your consent to process sensitive personal information, the right to withdraw your consent.
- The right not to receive discriminatory treatment by us for the exercise of your privacy rights.
We do not "sell" personal information as that term may be commonly interpreted, but we engage in online activities that may technically be defined as a “sale” of personal information under certain state law. We also use cookies and other tracking technologies to display advertisements about our university customers to you on nonaffiliated websites, applications, and online services.
To exercise your rights, please submit a request by contacting us at [email protected]. If legally required, we will comply with your request upon verification of your identity and, to the extent applicable, the identity of the individual on whose behalf you are making such request. If we refuse to take action regarding your request, you may appeal our decision by replying to the email you received from us in response to your request.
Data Privacy Rights (European Union and Similar Jurisdictions)
If you are located in the EU, EEA (European Economic Area), UK, Switzerland, or a jurisdiction with a similar law, the GDPR or its local equivalent may grant you certain rights under the law. In particular, the right to access, correct, and delete the personal information we hold about you.
We are considered the Data Controller (or equivalent distinction) with regard to your personal information. You can find our contact information as described herein or in other portions of the Service.
In certain circumstances, you may have the following data protection rights:
- The right to access, update, or delete the personal information we have on you.
- The right of rectification. You have the right to have your personal information rectified if that information is inaccurate or incomplete.
- The right to object. You have the right to object to our processing of your personal information.
- The right of restriction. You have the right to request that we restrict the processing of your personal information.
- The right to data portability. You have the right to be provided with a copy of the personal information we have on you in a structured, machine-readable and commonly used format.
- The right to withdraw consent. You also have the right to withdraw your consent at any time where we relied on your consent to process your personal information.
In order to make a request regarding your personal information, please contact us as described below.
If you have a comment, question, or complaint about how we are handling your personal information, we hope that you contact us as described herein order to allow us to resolve the matter. In addition, depending on the country in which you are located, you may submit a complaint regarding the processing of your personal information to a regulatory authority.
Legal Basis for Processing under GDPR
If you are located in the EEA or a jurisdiction that requires a similar legal basis for processing, our legal basis for collecting and using the personal information described in this Policy depends on the personal information we collect and the specific context in which we collect it.
We may process personal information because:
- We need to perform a contract with you;
- You have given us consent to do so;
- The processing is in our legitimate interest to offer the Services, when that legitimate interest is not overridden by your rights;
- To comply with the law.
Where personal information is processed based on consent, you may have the right to withdraw such consent at any time. To do so, please contact us as described below. If there is a different legal basis that would permit us to continue processing your personal information after withdrawing consent, we will notify you of that legal basis at the time of your request.
Childrens Policy
Our website is not directed at children under the age 16, and we do not knowingly collect personal information from children under this age. If you are under 16, please do not use this website or provide personal information to us. If we learn that we have collected personal information from a child under the age required by law without verification of parental consent, we will delete that information as quickly as possible. If you believe that we might have any information from or about a child under the applicable age, please contact us using the information provided in the Contact Information section of this privacy policy.
Consequently, we do not intentionally solicit personal information from minors or send them requests for personal information. This policy is designed to comply with applicable laws and regulations regarding the privacy of children and to ensure that our services are not directed towards children.
Data Security
We implement technical and organizational security measures to protect your personal information from unauthorized access, use, alteration, and disclosure. However, no internet-based site can be 100% secure, so we cannot guarantee the absolute security of your information.
The safety and security of your information also depends on you. Where we have given you (or where you have chosen) a password for access to certain parts of our website, you are responsible for keeping this password confidential. We ask you not to share your password with anyone. We urge you to be careful about giving out information in public areas of the Website like message boards. The information you share in public areas may be viewed by any user of the Website.
Updates to Our Privacy Policy
We may update our Privacy Policy periodically. We will notify you of any changes by posting the new policy on this page. You are advised to review this Privacy Policy periodically for any changes.
Contact Information
If you have any questions about this Privacy Policy, please contact us via email at [email protected].
To report a security issue or discovered vulnerability, please email [email protected] with a description of the issue, the steps you took to create the issue, and if known, mitigations for the issue. Our vulnerability management team will review all reports and acknowledge receiving your email.
To exercise your rights or choices regarding data access, correction, or deletion you may submit a request to [email protected].