What Is Personal Information?
What Personal Information Do We Collect?
We may collect and use the following categories of Personal Information:
You can choose not to provide certain information, but it may delay or prevent us from providing Services to you.
How Do We Collect Information?
We collect most information directly from you—in person, by telephone, text, or email and/or via our Services. However, we may also collect information:
We treat this information as Personal Information if we combine it with or link it to any identifying information mentioned above. Otherwise, it is used in the aggregate only.
CollegeMapper may allow users to send messages to each other. These messages may be stored for retrieval at later times in order to facilitate user communication.
CollegeMapper may permit users to make transactions. Data will be securely stored when a transaction is made, including the date and type of purchase made.
Even after you remove information from your profile or delete your account, copies of that information may remain viewable elsewhere to the extent it has been shared with others, it was otherwise distributed pursuant to your privacy settings, or it was copied or stored by other users.
How Do We Use the Personal Information We Collect?
In compliance with privacy laws, we only use your Personal Information if we have a proper reason for doing so, e.g.:
A legitimate interest is when we have a business or commercial reason to use your information, so long as this is not overridden by your own rights and interests.
The table below explains our uses of Personal Information and the corresponding reason(s):
|Uses of Personal Information||Reasons|
|To provide Services to you||For the performance of our contract with you or to take steps at your request before entering into a contract|
|To prevent and detect fraud or abuse||For our legitimate interests or those of a third party, i.e. to minimize fraud that could be damaging for us, a third party or for you|
|Conducting checks to identify our customers and verify their identityOther processing necessary to comply with professional, legal, and regulatory obligations that apply to our business, e.g. under health and safety regulation or rules issued by our professional regulator||To comply with our legal and regulatory obligations|
|Gathering and providing information required by or relating to audits, inquiries, or investigations by regulatory entities||To comply with our legal and regulatory obligations|
|Ensuring business policies are followed, e.g. policies covering security and internet use||For our legitimate interests or those of a third party, i.e. to make sure we are following our own internal procedures so we can improve our Services|
|Operational reasons, such as improving efficiency, training, and quality control||For our legitimate interests or those of a third party, i.e. to be as efficient as we can so we can improve our Services|
|Ensuring the confidentiality of commercially sensitive information||For our legitimate interests or those of a third party, i.e. to protect trade secrets and other commercially valuable informationTo comply with our legal and regulatory obligations|
|Statistical analysis to help us manage our business, e.g. in relation to our financial performance, customer base, product or service range, or other efficiency measures||For our legitimate interests or those of a third party, i.e. to be as efficient as we can so we can improve our Services|
|Preventing unauthorized access and modifications to our systems||For our legitimate interests or those of a third party, i.e. to prevent and detect criminal activity that could be damaging for us and for youTo comply with our legal and regulatory obligations|
|Updating and enhancing customer records||For the performance of our contract with you or to take steps at your request before entering into a contractTo comply with our legal and regulatory obligationsFor our legitimate interests or those of a third party, e.g. making sure that we can keep in touch with our customers about existing orders and new products|
|Ensuring safe working practices, staff administration, and assessments, and to enforce our policies and terms||To comply with our legal and regulatory obligationsFor our legitimate interests or those of a third party, e.g. to make sure we are following our own internal procedures and working efficiently so we can deliver the best service to you|
|Marketing our Services and those of selected third parties to:existing and former customers;third parties who have previously expressed an interest in our Services;third parties with whom we have had no previous dealings.||For our legitimate interests or those of a third party, i.e. to promote our business to existing and former customers|
|Credit reference checks via external credit reference agencies||For our legitimate interests or those of a third party, i.e. to ensure our customers are likely to be able to pay for our Services|
|External audits and quality checks, e.g. security accreditation and the audit of our accounts||For our legitimate interests or a those of a third party, i.e. to maintain our accreditations so we can demonstrate we operate at the highest standardsTo comply with our legal and regulatory obligations|
We also may use such to perform functions as otherwise described to you at the time of collection.
Do We Share Personal Information With Third Parties?
We want you to understand when and with whom we may share personal or other information we have collected about you or your activities on our Site or while using our Services. We routinely share Personal Information with:
We may disclose and exchange information with law enforcement agencies and regulatory bodies to comply with our legal and regulatory obligations, to establish or exercise our legal rights; to defend against legal claims; or as otherwise required by law. In such cases, we may raise or waive any legal objection or right available to us, in our sole discretion. We may disclose and exchange information connection with a substantial corporate transaction, such as the sale of our business, a divestiture, merger, consolidation, or asset sale, or in the unlikely event of bankruptcy
We do not sell your Personal Information to third parties .
We may share aggregated and non-personal information we collect under any of the above circumstances. We may also share it with third parties to develop and deliver targeted advertising on the Site and on websites of third parties. We may combine non-personal information we collect with additional non-personal information collected from other sources. We also may share aggregated information with third parties, including advisors, advertisers, and investors, for the purpose of conducting general business analysis. For example, we may tell our advertisers the number of visitors to our website and the most popular features or services accessed. This information does not contain any personal information and may be used to develop website content and services that we hope you and other users will find of interest and to target content and advertising.
Cookies are small data files stored on your hard drive or in device memory that helps improve your experience. We use industry standard technologies to collect non-personal identifiable information, and this may include sending cookies to your computer or mobile device. We may also collect information using web beacons (also known as “tracking pixels”). Web beacons are electronic images that may be used in connection with the Website or emails and help deliver cookies, count visits, understand usage and campaign effectiveness and determine whether an email has been opened and acted upon. For more information about cookies, and how to disable them, please see the “Your Control” section, below.
By providing your email address to us, you affirmatively and expressly consent to receiving commercial emails from us and from our third party providers and affiliates. These parties may send you commercial emails in order to deliver information about the Site, information about developments relevant to our services, special offers, and other information, including but not limited to updates to the Site. You may unsubscribe from these commercial messages at any time by clicking on the “unsubscribe” link included in any email or by contacting us via email at email@example.com or at the mailing address provided below. Opting out of commercial messages does not affect our communications with you via telephone or email related to any business we may have with you or other transactional emails.
Information Collected from Children
The Site is not directed to, nor do we knowingly collect Personal Information from, children under the age of 13. If you become aware that your child or any child under your care has provided us with information without your consent, please contact us as indicated below.
You can choose not to provide us with certain information, but that may result in you being unable to use certain features of our Site and the Services because such information may be required in order for you to register as a member; purchase products or services; participate in a contest, promotion, survey, or sweepstakes; ask a question; or initiate other transactions on our Site.
Most web browsers are set to accept cookies by default. If you prefer, you can usually choose to set your browser to remove or reject browser cookies. If you choose to reject all cookies, you may be unable to use certain Site features. Some browsers have incorporated “Do Not Track” features. Most of these features, when turned on, send a signal or preference to the website or online service provider indicating that the user does not wish to be tracked.
Please contact us at firstname.lastname@example.org if you no longer wish to receive communications regarding the Services. It may take up to ten (10) days for us to process an opt-out request. We may send you other types of transactional and relationship email communications, such as service announcements, administrative notices, and surveys, without offering you the opportunity to opt out of receiving them. Please note that changing information in your account or otherwise opting out of receipt of promotional email communications will only affect future activities or communications from us. If we have already provided your information to a third party before you have changed your preferences or updated your information, you may have to change your preferences directly with that third party.
You may tell us not to share your personal information with third parties for direct marketing purposes by contacting us as indicated below.
If you want to view, delete, or modify your Personal Information, you may do so by making a request as set forth below. Please note that we may be required to keep certain information and not delete it (or to keep information for a certain amount of time, in which case we will comply with your deletion request only after we have fulfilled such requirements). When we delete any Personal Information or other data, it will be deleted from the active database, but may remain in our archives.
We reserve the right to verify the identity of any person making a request to opt-out or to delete or modify Personal Information; provided, however, that we will have no liability of any kind resulting from false or erroneous requests or any change or deletion made by us for any reason.
We store Personal Information for only as long as reasonably necessary to fulfill the purposes described above, as we determine is necessary for business records, and as required under applicable law.
What Steps Do We Take To Protect Your Information?
We take reasonable measures to protect your Personal Information in an effort to prevent loss, misuse, and unauthorized access, disclosure, alteration, and destruction. Please be aware, however, that despite our efforts, no security measures are perfect or impenetrable and no method of data transmission can be guaranteed against any interception or other type of misuse.
To mitigate this risk, you should use secure usernames and passwords and carefully protect them from disclosure and implement updated internet security and virus protection on your computer. If you suspect that your computer’s security or your information has been compromised or your password accessed or used by an unauthorized third party, immediately change your password.
If we become aware of a security systems breach, we may attempt to notify you electronically so that you can take appropriate protective steps. We may post a notice through the Site if a security breach occurs. We may also send an email to you at the email address you have provided to use in these circumstances. Depending on where you live, you may have a legal right to receive notice of a security breach in writing.
Users should also be aware of how they handle and disclose their Personal Information and should avoid sending personal information through insecure email. Please refer to the Federal Trade Commission’s website at http://www.business.ftc.gov/privacy-and-security/consumer-privacy for information about how to protect yourself against identity theft.
The following provisions apply only to residents of the state of California:
CCCPA. You have the right under the California Consumer Privacy Act of 2018 (CCPA) and certain other privacy and data protection laws, as applicable, to exercise free of charge:
|Disclosure of Personal Information We Collect About You||You have the right to know:The categories of Personal Information we have collected about you;The categories of sources from which the Personal Information is collected;Our business or commercial purpose for collecting or selling Personal Information;The categories of third parties with whom we share Personal Information, if any; andThe specific pieces of Personal Information we have collected about you.Please note that we are not required to:Retain any Personal Information about you that was collected for a single one-time transaction if, in the ordinary course of business, that information about you is not retained;Reidentify or otherwise link any data that, in the ordinary course of business, is not maintained in a manner that would be considered Personal Information; orProvide the Personal Information to you more than twice in a 12-month period.|
|Personal Information Sold or Used for a Business Purpose||In connection with any Personal Information we may sell or disclose to a third party for a business purpose, you have the right to know:The categories of Personal Information about you that we sold and the categories of third parties to whom the Personal Information was sold; andThe categories of Personal Information that we disclosed about you for a business purpose.You have the right under the California Consumer Privacy Act of 2018 (CCPA) and certain other privacy and data protection laws, as applicable, to opt-out of the sale of your Personal Information.|
|Right to Deletion||Subject to certain exceptions set out below, on receipt of a verifiable request from you, we will:Delete your Personal Information from our records; andDirect any service providers to delete your Personal Information from their records.Please note that we may not delete your Personal Information if it is necessary to:Complete the transaction for which the Personal Information was collected, fulfill the terms of a written warranty or product recall conducted in accordance with federal law, provide a good or service requested by you, or reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform a contract between you and us;Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity; or prosecute those responsible for that activity;Debug to identify and repair errors that impair existing intended functionality;Exercise free speech, ensure the right of another consumer to exercise his or her right of free speech, or exercise another right provided for by law;Comply with the California Electronic Communications Privacy Act;Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when our deletion of the information is likely to render impossible or seriously impair the achievement of such research, provided we have obtained your informed consent;Enable solely internal uses that are reasonably aligned with your expectations based on your relationship with us;Comply with an existing legal obligation; orOtherwise use your Personal Information, internally, in a lawful manner that is compatible with the context in which you provided the information.|
|Protection Against Discrimination||You have the right to not be discriminated against by us because you exercised any of your rights under the CCPA. This means we cannot, among other things:Deny goods or services to you;Charge different prices or rates for goods or services, including through the use of discounts or other benefits or imposing penalties;Provide a different level or quality of goods or services to you; orSuggest that you will receive a different price or rate for goods or services or a different level or quality of goods or services.Please note that we may charge a different price or rate or provide a different level or quality of goods and/or services to you, if that difference is reasonably related to the value provided to our business by your Personal Information.|
Please note that you may only make a CCPA-related data access or data portability disclosure request twice within a 12-month period.
If you choose to contact directly by email@example.com, you will need to provide us with:
We are not obligated to make a data access or data portability disclosure if we cannot verify that the person making the request is the person about whom we collected information, or is someone authorized to act on such person’s behalf.
Any Personal Information we collect from you to verify your identity in connection with you request will be used solely for the purposes of verification.
Last Updated: September, 2020