Last Updated: May 24, 2018
At Florida State University International Programs (FSUIP) and our affiliated legal entities, collectively, we understand that privacy is an important issue for our program participants, employees and contractors. We take our role in protecting your privacy seriously: the following paragraphs outline our policies for doing so. Our Policy covers the treatment of all personal information that we collect when you interact with our websites and databases, submit information through our forms, and/or participate in our programs.
Florida State University International Programs (referred to as “we”, “us”, “our” or “the company”) in this policy refers to Florida State University International Programs, the main operating entity of the FSUIP Study Abroad entities, and, collectively to other companies in the FSUIP group or other entities over which FSUIP exercises management control. The affiliated legal entities are:
Florida State University International Programs Association, Inc. (FSUIPA), a US-based not-for-profit corporation; Florida State University International Programs UK, a UK Charity; Florida State University International Programs Italy, an Italian Charity; and the Fundacion de la Comunidad Valenciana FSU Programas Internacionales, a Spanish Charity.
FSUIP is the “data controller” of all personal information that is collected in the United States about FSUIP students, employees, teachers, universities and contractors whose contract originates in the United States for the purposes of the European Union (EU) General Data Protection Regulation (GDPR).
Each separate legal entity referenced above and specified below is the data controller for student, teacher, employee, worker and contractor data where the data or contract originates within the specified European Union country. The contact information for each is listed at the bottom of this document.
UK – Florida State University International Programs Association, UK
Italy – Florida State University International Programs Italy
Spain – Fundacion de la Comunidad Valenciana FSU Programas Internacionales
The Information We Collect
Information We Collect
We collect two types of information: personal information that you provide to us and non-personal information automatically collected through automated means.
Generally, and wherever possible, personal information is collected directly from you, although there may be occasions when information is collected from third parties, such as host or partner universities or a publically maintained record.
Personal information that we might collect includes:
Your contact details to communicate with you. Things like your email address, mailing address, date of birth and phone number.
Your academic information, such as your transcript and educational background to forward to our affiliated institutions so that you may further your education or as a part of the application for employment process.
Your health and medical information and any special needs requests to ensure your specific needs are addressed (e.g. allergies, prescriptions, disabilities, etc).
Your housing assignment and travel plans for programming needs.
Your student or employee identification number, your nationally-issued unique identifier number, or your TIN, your passport and related data to fulfill international immigration regulations, register you with the proper local institutions and authorities, and organize logistics essential to our programs.
Your financial details such as bank account information in order to process student program payments, employee and worker salary deposits, and contractor invoice payments.
Your criminal background reported data, if any, as part of the application process for participation, employment, working or contracting with us.
When you access our website, information of a general nature is automatically recorded. We use web analytics tools that rely on cookies, web beacons, and other automated tracking technologies to help us analyze how users interact with our website, how we can improve our website, how we can personalize your website experience and provide you with information we believe may be of interest to you. This information does not individually identify you as a person. Anonymous information of this kind is statistically evaluated by us to optimize our Internet presence and the underlying technology.
Non-personal information that we might collect automatically includes:
The type of web browser you are using
The operating system you are using
The domain name of your Internet service provider
Our website uses third party tracking technologies like Google Analytics and Google Conversion Tracking. In both cases these technologies rely on the use of “cookies” and “web beacons.” A cookie is a small amount of data which is sent to your browser from a web site’s computers and stored on your computer’s hard drive. Most browsers automatically accept cookies as the default setting. You can modify your browser setting to reject our cookies or to prompt you before accepting a cookie by editing your browser options. However, if a browser is set not to accept cookies or if a user rejects a cookie, some portions of the website and services may not function properly. A web beacon is an electronic image, also called a “gif,” that may be used on our web pages to deliver cookies, count visits and compile statistics on usage and campaign effectiveness or in our emails to tell if an email has been opened and acted upon.
To better understand how Google may use the information collected through Google Analytics to evaluate Users’ and Visitors’ activity on our Site see Google Analytics Privacy and Data Sharing. You can obtain more information about cookies by visiting http://www.allaboutcookies.org.
Why We Collect Your Information
Why We Collect Your Information
As stated above (The Information We Collect), we collect your information for:
Operations: To operate, maintain, enhance and provide all features of our programming to provide the services and information that you request and for which you contract. To operate and manage all features of the company to provide the services and information you would reasonably expect as an employee, worker or contractor.
Improvements: We use the information, other than your Data, to understand and analyze the usage trends and preferences of our visitors and users, to improve our products, services, website, and to develop new products, services, features, and functionality.
Communications: For administrative purposes such as customer service, to address intellectual property infringement, right of privacy violations, or defamation issues related to the customer Data or Personal Data posted on the Service or to provide updates on promotions and events, relating to products and services offered by us and by third parties with whom we work.
We do not sell, rent, trade or share any information gathered with any other companies or third parties who are not directly involved in our operation as a company or in the delivery of your program. This information is used only internally by company administrators and administrators of any company partners in the locations where you study so that they may better understand your needs and provide a better service.
Sharing Your Information
Sharing Your Information
We may share your PII with our affiliated legal entities, technical consultants, host universities, institutions, other third parties who help to deliver required components of your program. We may also share your PII with law enforcement bodies, regulatory or government agencies, court or third parties where the company believes disclosure is necessary (i) as a matter of applicable law or regulation; (ii) to exercise, establish or defend legal rights, or (iii) to protect your vital interests or those of any other person; Official bodies such as those relating to immigration or tax where there is a requirement to report non-compliance or other matters which require disclosure of personal information; our service providers who provide data processing services to us (for example, to support the delivery of, provide functionality on, or help to enhance the security of IT services and our courses), or who otherwise process personal information for purposes that are described in this notice or notified to you when we collect your personal information; As a rule, the company will not use or disclose personal information unless it is reasonably necessary and/or the person about whom the information relates is aware of and has consented to, the use or disclosure of their information. Personal information may be disclosed where an individual has consented to the disclosure, or when the disclosure is done in the best interest of the individual such as the case of a medical emergency, a serious and imminent threat to a person’s life, health or safety, a requirement under law, or authorized by law, or a requirement for an enforcement body. The company establishes contracts with third party organizations affirming that they will also uphold and abide by the same regulations and principles.
Keeping Your Information Secure
Keeping Your Information Secure
The company takes all reasonable and appropriate measures to protect your data from unauthorized access, disclosure, loss, use, modification, or other misuse. Moreover, the company also consistently destroys hard copies of personal information that is no longer required, this destruction is undertaken by secured means. Your personal information is contained behind secured networks (i.e. HTTPS) and is only accessible by a limited number of persons who have special access rights to such systems, and are required to keep the information confidential. In addition, all sensitive/credit information you supply is encrypted via Secure Socket Layer (SSL) technology by a third party
GDPR Information Rights and Practices
GDPR Information Rights And Practices
As of May 25th, 2018, all European Union residents and citizens are granted personal privacy as a fundamental human right. This applies to our employees, workers and contractors and also applies to our participants and teachers while they are residing in Europe during our various programs. As such, under these regulations, the company will not hold onto employee, worker, contractor or participant data for longer than is legally necessary and only for as short as possible to protect individual privacy as well as business interests. Individuals also have the right to rectify any mistakes or incomplete information that may have been provided in order to ensure accurate and complete records. In addition to this is the right to object to the processing of data relating to him or her except in the cases of a specific legal or contractual obligation. The company agrees to not collect more personal data than necessary for its legitimate business interest and contractual obligation of providing pastoral and academic care, employment services and managing business relationships. All customers have the right to revoke consent to the onward transfer of their PII, or to be forgotten so long as there is no conflicting legitimate business, contractual or individual interest. In addition, customers may request to have a copy of their personal data sent to them. All of these rights are afforded free of charge. However, we are not responsible for removing your PII from the lists or systems of any third party who has previously been provided your information in accordance with this Policy. Once data is no longer relevant to our legitimate business purposes or contractual obligation to you, it is anonymized based on the type of information. What information is kept exists strictly for analytical purposes to better serve the interests of future customers.
Your Access to Your Data
Your Access To Your Data
The company will take reasonable steps to ensure that personal information is accurate. To aid this, you may request to see and correct any mistakes present in your record. Additionally, provided there is no legitimate business interest relating to the purpose for which they were collected or otherwise processed or legal requirement you have the right to request that your personal details are removed from our records.
Such requests need to be made to our Data Protection Officer, who then will investigate the validity of the request and shall proceed to take all reasonable steps, including technical measures, to inform controllers which are processing the personal data that the data subject has requested the erasure by such controllers of any links to, or copy or replication of, those personal data.
Requests for removal will not be honored in the cases of the following:
- The removal impinges on the “right of freedom and expression”
- Removal will not allow for the delivery of contractual services, including pastoral care
- There is a corresponding legal obligation which requires processing or holding of financial, medical, housing or judicial records
- Reasons of public interest in the area of public health
- For archiving purposes in the public interest, scientific, historical research, or statistical purposes
- For the establishment, exercise or defense of legal claims
You may opt out of receiving promotional emails or text messages from us at any time by following the instructions in those emails or text messages. If you opt out, we may still send you non-promotional communications, such as messages about your account, or our ongoing employment or business relations, as well as emergency communications regarding our company operations and programs abroad.
Questions of Grievance Procedures
Questions of Grievance Procedures
If an individual believes that their personal information has not been dealt with in accordance with the company’s policies or applicable laws and regulations, they may lodge a complaint to the Data Protection Officer in writing via email listed below. Acknowledgement will be made within 7 working days of receiving the complaint and a response provided within 30 days.
For any questions regarding the company’s compliance of personal information privacy requirements, or to request removal of personal data, please contact our Data Protection Officer by email to IP-Privacy-Policy@fsu.edu
The Data Protection Officer for FSUIP and FSUIPA is:
Mrs. Elizabeth Brenneis, CPA
Florida State University International Programs
Suite A5500, University Center
282 Champions Way
Tallahassee, Florida 32306
Open from Monday to Friday 8:30am to 5:00pm Eastern Time
The Data Protection Officer for FSUIP UK is:
Dr Kathleen Paul
Florida State University London
99 Great Russell Street
London WC1B 3LA
+44 (0)207 813 3223
The Data Protection Officer for Italy is:
Mr. Frank Nero
Borgo degli Albizi, 15
+39 (0)055 247 6938
The Data Protection Officer for Spain is:
Dr. Ignacio Messana
Calle Blanquerias, 2
+34 (0)96 355 9360