TCU Privacy of Information Policy
Information stored on a computer system or sent electronically over a network is the property of the individual who created it. Examination of that information without authorization from the owner is a violation of the owner’s rights to control his or her own property. Systems administrators, however, may gain access to user’s files when it is necessary to maintain or prevent damage to systems or to ensure compliance with other University rules.
Computer systems and networks provide mechanisms for the protection of private information from examination. These mechanisms are necessarily imperfect and any attempt to circumvent them in order to gain unauthorized access to private information (including both stored computer files and messages transmitted over network) will be treated as a violation of privacy and may subject a violator to disciplinary action.
In general, information that the owner would reasonably regard as private must be treated as private by other users. Examples include the contents of electronic mail boxes, the private file storage areas of individual users, and information stored in other areas that are not public. That measures have not been taken to protect such information does not make it permissible for others to inspect it.
On shared and networked computer systems certain information about users and their activities is visible to others. Users are cautioned that certain accounting and directory information (for example, user names and electronic mail addresses), certain records of file names and executed commands, and information stored in public areas, are not private. Nonetheless, such unsecured information about other users must not be manipulated in ways that they might reasonably find intrusive; for example, eavesdropping by computer and systematic monitoring of the behavior of others are likely to be considered invasions of privacy that would be cause for disciplinary action.
Collection of Information by TCU
TCU does not systematically collect or record names, postal or e-mail addresses, phone numbers, gender identity, or other personally identifying data (the “Personal Data”) from visitors to the Site, unless such data is voluntarily submitted by visitors for the purposes outlined below.
TCU will keep your data for as long as it is necessary to fulfill the purpose for which it was collected. We may also retain your records to fulfill a legitimate interest or if legally required to do so.
No transmission of data over the internet can be guaranteed to be completely secure. TCU provides access to information in order to further its mission while maintaining the privacy and accuracy of that information. The information security policy outlines the rights and responsibilities of the individual as well as those of TCU pertaining to information access, storage and delivery.
The University's website does not automatically capture or store personal data from visitors to the site, other than to log your IP address and session information. Session information includes the time and duration of your visit to the site, the files requested, and the browser used. This information will only be accessed by authorized persons of the University or its agents. The information will be retained by the University and will only be used for the purpose of (a) managing the TCU web network, (b) the identification of broken links, and (c) for statistical and audit purposes.
Cookies and Aggregate Information
TCU may compile and provide aggregate statistics about Site visitors, customers, sales, traffic patterns, and related information to third parties, but such information will not specify Personal Data. TCU collects IP addresses as a component of such aggregate information. Such information could, if necessary, be used to identify a user in order to comply with safety or security issues.
You may set your browser to notify you when you receive a cookie (letting you choose whether to accept it) or to disallow cookies altogether, without preventing your access to the Site.
Google Analytics is Google’s analytics tool that helps website and app owners to understand how their visitors engage with their properties. It may use a set of cookies to collect information and report website usage statistics without personally identifying individual visitors to Google. The main cookie used by Google Analytics is the ‘__ga’ cookie.
TCU uses Google Analytics data to monitor web network performance and identify user experience issues with page content and code quality.
You may occasionally be asked to provide personal information to gain access to specific services.
Sensitive Personal Information (SPI) is defined as an individual’s name, address, or telephone number combined with any of the following:
- Social security number or taxpayer ID number
- Credit or debit card number
- Financial/salary data
- Driver’s license number
- Date of birth
- Medical or health information protected under HIPAA
- Biometric Markers (e.g. fingerprint, retina, voice, heartbeat, grip)
- Student related data protected under FERPA
SPI will not be disclosed except as provided by University policy and procedure or legal disclosure requirements. SPI will be protected and secured in accordance with standards outlined in the TCU SPI Policy. Any exceptions will be explained at the point of collection.
TCU may provide certain third-party service providers, including Google Analytics Remarketing, with the cookies it has obtained in order for such service provider to inform, optimize and serve advertisements on other websites a user visits, based on such user's prior visits to the Site. TCU directs these service providers to not use the provided cookies for any purpose other than to provide the advertising services explicitly requested by TCU.
The Self-Regulatory Program for Online Behavioral Advertising and the Digital Advertising Alliance and the Network Advertising Initiative have websites that allow you to register your choice to opt-out of receiving interest-based advertisements from certain companies that participate in such initiatives.
Social Media Engagement
TCU partners with Evertrue, Inc. to monitor user engagement with select University pages on Facebook. The data reported to TCU by Evertrue is provided by the Facebook Graph. Details of the data captured by Facebook and made available to the Facebook Graph are governed by your Facebook privacy settings.
Donor/Constituent Privacy Notice
For full information pertaining to the alumni, donors and friends of the university, please see our University Advancement Donor / Constituent Privacy Notice.
Notice for European Union (EU) Residents
If you are located within the European Economic Area (EEA), TCU acknowledges the rights granted to you under the General Data Protection Regulation (GDPR). In certain cases, you may also have the following rights with respect to your personal data collected and used in EEA processing activities:
- Right to be informed about the processing of your personal data
- Right to obtain access to your personal information held by TCU
- Right to ask for incorrect, inaccurate or incomplete personal data to be corrected
- Right to erasure of your information when it is no longer necessary for TCU to retain it
- Right to restrict or object to processing of your personal information, including sending communications that may be considered direct-marketing materials
- Right to object to automated decision-making and profiling where applicable
For additional information, please refer to the European Economic Area Privacy Notice.
For questions, comments or concerns about privacy or security of personal information, you may contact our Information Security Officer, Mr. Aaron Munoz. He has also been designated as the Data Protection Officer for inquiries related to the GDPR.
Information Security Officer
TCU Box 298820
Sid W Richardson Bldg., Room 151K
Any questions concerning this policy should be directed to: firstname.lastname@example.org.
Last Revised: 1/23/19