Information Privacy Statement

We collect personal information (such as name, address, phone, e-mail address) only if you provide it to us voluntarily through e-mail, registration forms, information request forms or surveys, or otherwise. Personal information is kept confidential and will not be disclosed to third parties except as may be required by law.

Credit card information and social security numbers are only collected for specific purposes where the information is required for the transaction, such as to register you in a course or program, allocate funds to a USD Campus Card account, or when we accept donations. Any information of that nature is saved on our secure server and is only accessible to authorized employees to process payments or registrations or for other legitimate purposes. Once processed, the information is deleted from the server. Credit card information collected via commercial services such as CASHNet or the Verisign Payment Gateway is not stored on our web server.

Our web server software automatically logs the following information each time someone visits our website: date, time, web browser, IP address, URLs of page requested and referring page, among others. We use the information gathered to help us improve our website.

Personal information:

• Request marketing to be sent to you
• Attend an event
• Register on our website
• Request products or services
• Agree to participate in market research (such as surveys, questionnaires, or forms)
• Provide us with your personal information from your usage of our website and any other information you post on our website, email or otherwise send to us
• Otherwise provide us with information in the course of our interactions with you

Internet Protocol (IP) Address

• An IP address is a number assigned to your computer that identifies you when browsing the Internet. This information is used to improve our service and make it more interesting for you based on general usage statistics. This information may also be used for system administration or diagnostic purposes or to enforce compliance with our privacy policies. Our web server software automatically logs the client and server IP addresses.

Cookies

• Cookies are small pieces of information stored by your web browser on your hard drive when browsing a website. Official USD web pages will not issue "cookies" to anyone who visits those web pages, except for the purpose of remembering log-in information or user preferences. Cookies will never store private information but will only reference such information elsewhere. In those cases, cookies are used only to record security keys with limited lifetimes for your convenience in accessing other secured pages. For example, cookies provide a way to remember your account information and log you in automatically when revisiting a site or automatically populating data on forms. Cookies also provide statistical information that allows us to improve our service based on your preferences and usage behaviors. Web browsers usually accept cookies automatically. However, you can change your browser settings to block cookies.
• USD also uses services which will issue cookies from their own servers and which will be able to track website visitors throughout USD web pages and through any other sites that use those services. USD does not control how those cookies are issued, or the data that they store. Examples of services being used on the USD website which track website visitors are:
  • Google
  • Facebook
  • addthis.com

Social media widgets and integrated services

• The website includes social media features such as Facebook, widgets or interactive mini-programs that run on the Web Site site or mobile apps. These features may collect your IP address, which page you are visiting on the website or app, and may set a cookie to enable the features to function properly. They are either hosted by a third party or directly on the website or mobile app. Your interaction with the features are governed by the privacy policy of the company providing it.

Credit card / transaction information

• We care about the safety and security of your transaction. We use SSL (Secure Sockets Layer) to communicate with your browser software when you register with us online. SSL is the industry standard security protocol, which makes it extremely difficult for anyone else to intercept your credit card or other information that you send us.
• We have partnered with commercial Internet financial services such as CASHNet and Verisign to handle credit card transactions, and we do not store credit card information on USD's servers after the transaction is processed.
• In some cases, USD contracts with commercial services for specific web services, generally related to financial transactions, and links to their sites for those transactions. If you are redirected to another site, something other than "edu" in the URL, privacy and security are governed by the policies of those services and are documented by those sites.

Text Messaging

If you opt in to receive SMS messages from the University of San Diego, we will use your mobile number to send you information related to admissions, events and campus updates. Mobile information and messaging consent will not be shared with third parties or affiliates for marketing or promotional purposes.

We will only use your personal information in the following ways when it is necessary for our legitimate interests:

• to enable us to supply you with the services and in formation that you have requested
• to help us in the development of, and to improve our products and services
• to provide you with information about products or services that may be of interest to you, using the email address which you have provided or via social media
• to invite you to participate in research activities, such as responding to interview questions or completing online surveys
• to send you communications and show you communications on other websites (including social media sites)
• to ensure that content from our website is presented in the most effective manner for you and your computer
• to automatically collect data about visitors to our site (for example browsing patterns) by using cookies
• to maintain our website and ensure network and information security
• to prevent and detect fraud and other criminal offenses

We may disclose information if we have your consent to do so.

We encourage you to review our privacy statement often to stay informed of changes that may affect you, as your continued use of our website and/or receipt of notifications. As we update this statement, we will post those changes on this page so that you are always be aware of what information we collect, how we use it, and under what circumstances we disclose it.

Subject to applicable law, you may have the right to: obtain confirmation that we hold personal data about you, request access to and receive information about the personal data we maintain about you, receive copies of the personal data we maintain about you, update and correct inaccuracies in your personal data, object to the processing of your personal data, and have your personal data blocked, anonymised or deleted, as appropriate. The right to access your personal data may be limited in some circumstances by local law requirements. To exercise these rights, please contact us by emailing privacy@sandiego.edu.

The privacy of communication over the Internet cannot be guaranteed because the it is not a secure medium. USD does not assume any responsibility for any harm, loss or damage you may experience or incur by the sending of personal or confidential information over the Internet by or to USD.

If you voluntarily disclose personal information in public areas of the website or on message boards, we cannot control how that information may be used by third-parties. This information may be collected by third-parties to send you unsolicited messages, advertisements, or for other purposes so please do so with caution.

Never give out your passwords. If you have forgotten your password, a new one will be automatically generated for you by using the "Forgot Username/Password" link on the USDOne login page. Logout of secure areas and close the browser window that you were working within before leaving your computer.

We may share personal data:

• with USD and other affiliated businesses and organizations
• with other people and/or businesses who provide services on our behalf or at our request
• with regulators and law enforcement agencies, where we are required to do so by law, where necessary for the purposes of preventing fraud and other criminal offences and to ensure network and information security

Our website offers the possibility to share content on social media channels, e.g. Facebook. The respective social media provider will directly gather your personal data. Please refer to the privacy policy of the social media providers to learn more about what personal data is collected and used.

We have instituted safeguards to check that our internal procedures meet our high policy standards. Only authorized employees have access to the information you provide us. All personal details are stored in a secure, firewall-protected database. Access to personal information is limited to personnel authorized to use such information for administrative purposes only. Data and passwords are encrypted and can never be retrieved. All e-commerce transactions take place across secure server software (SSL) encryption.

Web servers are generally capable of collecting, storing, and analyzing a variety of information about those who visit the site. Our goal is to keep the information collected at this website secure and to use it only for purposes for which it was intended or to improve the quality of the web service we provide.

When linking to external sites, USD is not responsible for the privacy practices or the content of external sites.

Retention of your information is dictated by state and federal laws, as well as the applicable retention periods outlined in the university's Record Retention Policy. We may keep data which has been anonymised for longer than this period to allow us to carry out analysis of our products and services.

The purpose of the General Data Protection Regulation (GDPR) is to protect the privacy and personal data collected, processed for all European Union citizens.

For an overview of GDPR and the changes effective on May 25, 2018, see Data Privacy and GDPR Executive Overview.