GDPR Privacy Notice
Privacy Notice for the Center for Global Education
John Carroll University Center for Global Education within the University’s Division of Academic Affairs (“Academic Affairs”) is committed to safeguarding the privacy of personal data. This Privacy Notice outlines the collection, use, and disclosure of personal information provided to the University by students, applicants for faculty positions and research subjects. When information is submitted to Academic Affairs, or you use the University’s websites and other services, you consent to the collection, use, and disclosure of that information as described in this Privacy Notice.
University Use of Information
Academic Affairs collects and processes Information and Sensitive Information from individuals who are students only as necessary in the exercise of the University’s legitimate interests, functions and responsibilities as a higher education institution. Academic Affairs also collects and processes Information and Sensitive Information from individuals who are research subjects in the exercise of scientific or historical research, or for statistical purposes. Academic Affairs also collects and processes Information from individuals who are applicants for faculty positions in order to enter into or administer a contract for employment with the University. Information is collected from students and shared with internal and external parties to register or enroll persons in the University, provide and administer housing to students, manage a student account, provide academic advising, develop and deliver education programs, track academic progress, analyze and improve education programs, recruitment, regulatory reporting, visa requirements, auditing, maintenance of accreditation, and other related University processes and functions. Academic Affairs also uses Information and Sensitive Information to conduct general demographic and statistical research to improve University programs. Sensitive Information is collected, processed and shared internally and externally, as necessary, applicable and appropriate, to identify appropriate support services or activities, provide reasonable accommodations, enforce University policies or comply with applicable laws. Finally, Information and Sensitive Information may be shared by Academic Affairs with third parties who have entered into contracts with the University to perform functions on behalf of the University, subject to the obligation of confidentiality and safeguarding from unauthorized disclosure.
For purposes of this Privacy Notice, Sensitive Information is defined as race, ethnic origin, religious or philosophical beliefs, health data, sexual orientation, and criminal convictions.
For purposes of this Privacy Notice, Information refers to any other information concerning a natural person that is created by or provided to Academic Affairs from or concerning students, applicants for faculty employment and research subjects.
Third Party Use of Sensitive Information
We may disclose your Sensitive Information and other Information as follows:
- Consent: We may disclose Sensitive Information and other Information if we have your consent to do so.
- Emergency Circumstances: We may share your Information and Sensitive Information when necessary to protect your interests and you are physically or legally incapable of providing consent.
- Employment Necessity: We may share your Sensitive Information when necessary for administering employment or social security benefits in accordance with applicable law or any applicable collective bargaining agreement, subject to the imposition of appropriate safeguards to prevent further unauthorized disclosure.
- Charitable Organizations: We may share your Information with University Advancement in connection with charitable giving, subject to the imposition of appropriate safeguards to prevent further unauthorized disclosure.
- Public Information: We may share your Information and Sensitive Information if you have manifestly made it public.
- Archiving: We may share your Information and Sensitive Information for archiving purposes in the public interest, and for historical research and statistical purposes.
Performance of a Contract: We may share your Information when necessary to administer a contract you have with the University.
- Legal Obligation: We may share your Information when the disclosure is required or permitted by international, federal and state laws and regulations.
Service Providers: We use third parties who have entered into a contract with the University to support the administration of University operations and policies. In such cases, we share your Information with such third parties subject to the imposition of appropriate safeguards to prevent further unauthorized disclosure.
- University Affiliated Programs: We may share your Information with parties that are affiliated with the University for the purpose of contacting you about goods, services, charitable giving or experiences that may be of interest to you.
- De-Identified and Aggregate Information: We may use and disclose Information in de-identified or aggregate form without limitation.
We implement appropriate technical and organizational security measures to protect your information when you transmit it to us and when we store it on our information technology systems.
Cookies and Other Technology
Retention and Destruction of Your Information
Your information will be retained by the University in accordance with applicable federal laws and the applicable retention periods in the Record Retention Schedule adopted by each department. Your information will be destroyed upon your request unless applicable law requires destruction after the expiration of an applicable retention period. The manner of destruction shall be appropriate to preserve and ensure the confidentiality of your information given the level of sensitivity, value and criticality to the University.
You have the right to request access to, a copy of, rectification, restriction in the use of, or erasure of your information in accordance with all applicable laws. The erasure of your information shall be subject to the retention periods of applicable federal law and the Record Retention Schedule adopted by each department. If you have provided consent to the use of your information, you have the right to withdraw consent without affecting the lawfulness of the University’s use of the information prior to receipt of your request.
Students may exercise these rights by accessing your student account maintained by the University’s information technology systems using their login credentials, or by contacting the University’s Registrar, Michelle Reynard, at email@example.com. Applicants for employment as faculty may exercise these rights by accessing their account created in the University’s information technology systems, or by contacting the appropriate member of Human Resources.
Information created in the European Union will be transferred out of the European Union to the University. If you feel the University has not complied with applicable foreign laws regulating such information, you have the right to file a complaint with the appropriate supervisory authority in the European Union.
The University’s Policies concerning data privacy, including GDPR rights, can be found at: http://sites.jcu.edu/privacy/
Updates to This Policy
We may update or change this policy at any time. Your continued use of the University’s website and third party applications after any such change indicates your acceptance of these changes.
Last updated 6/11/18