Purpose
Birchwood University is committed to ensuring the privacy and accuracy of your confidential information. As part of its commitment to maintaining the privacy of its users, Birchwood University has developed this privacy statement to educate users about privacy issues and to inform users about specific privacy policies and guidelines employed at Birchwood University.
Scope
This policy is effective specifically for the birchwoodu.org website and domain, and any student information systems learning management systems, or student or public communications platforms utilized by the University, collectively known as the
University’s Technology Service.
"University’s Technology Services” – include all University technologies and related forms such as the University website, mobile applications, text, surveys, referral or request for information forms, University chat boards, etc. where you may provide personal information voluntarily through the use of technology platforms and the completion of forms required for business purposes.
Consent
By visiting the birchwoodu.org domain and/or completing applications and forms, as applicable, or using Birchwood University student information systems and learning management systems, and similar you are indicating acceptance of the terms of this Privacy Statement and conditions in use.
Additionally, by submitting a request for information form you give Birchwood University your informed consent to be contacted at the contact information provided and for the receipt of educational information via email, telephonic, or SMS/text messaging services using automated technology.
For individuals located outside of the United States by visiting the Birchwoodu.org domain and/or completing applications and forms or submitting a request for information form as described above, you also provide consent for the transfer of your data, as applicable, to the United States.
Consent is not required for admission or enrollment acceptance or to receive services.
Information Gathered by Birchwood University
By using the University’s Technology Services such as Birchwoodu.org or Birchwood University student information systems and learning management systems, and similar, the University may collect Personal Information that you knowingly and voluntarily provide when completing applications and forms, including the request for information or referral forms, sending emails, registering for classes or other programs or responding to surveys or questionnaires.
1. “Personal Information” means any non-public information (paper or electronic) that can be used to distinguish, identify, or contact a specific individual. This includes account information, social security numbers, grades, and financial or health data as well as any other information that is not considered public. Also included is all information required to be protected under the Gramm-Leach-Bliley Act (“GBLA”), namely, (a) any non-public personal information (i) a student or other third party provides in order to obtain a financial service from Birchwood University, (ii) about a student or other third party resulting from any transaction with Birchwood University involving a financial service, or (iii) otherwise obtained about a student or other third party in connection with providing a financial service to that person; and (b) personally identifiable information as defined under state cybersecurity laws.
2. For State of California residents “personal information” under the CCPA (California Consumer Privacy Act) includes any information that “identifies, relates to, describes, references, or could reasonably be linked, directly or indirectly, with a particular consumer or household,”.
When you visit the Birchwoodu.org domain and website our web servers may generate temporary logs that may contain the following Personal Information:
1. Name, contact information, and other identifiers such as geolocation data.
2. The IP address from which you access our domain and website.
3. The Internet address of the website from which you linked to our domain and website.
4. The type of browser and operating system used to access our domain and website.
5. The date and time you access our domain and website.
6. The pages, files, documents, and links that you visit in our domain and website.
7. Aggregate information collected by the School or School’s Official internet analytics services.
Use of Gathered Information
While Birchwood University has not and will not share, provide, or sell Personal Information with third parties for their own marketing purposes the University may actively share your information to:
1. Analyze, facilitate, manage and improve our services.
2. Provide support and personalize experiences.
3. Administer and improve admission and registration applications and financial services.
4. Market and promote our programs and other services or provide other information we think may interest you.
5. Secure and protect our domain and services and prevent misconduct.
6. Respond to subpoenas, court orders, or any other legal requirements from government and law enforcement agencies or regulators.
7. Protect and defend the legal rights of the University and protect your safety and/or the public’s safety.
The University may also share Personal Information with third parties or vendors whom the University has engaged as School Officials who help the University with marketing, advertising, or promotion.
1. “School Officials” means employees of the University, including faculty and staff, as well as certain individuals such as vendors or contractors, performing work for the University under proper authorization.
Birchwood University also complies with the Family Educational Rights and Privacy Act (“FERPA”) administered by the U.S. Department of Education. FERPA protects students’ personal identifiable information (PII) and prohibits the release of education records without students’ permission or consent.
The law allows us to share your account information or other personal information with non-affiliated companies when the information is used for financial transactions (Gramm-Leach-Bliley Act, Part V, § 14-15). The following are circumstances when non-affiliated parties might be given personal information:
1. Services providers to the extent necessary to enable us to provide you with the products and services you have requested, process transactions, and maintain accounts.
2. Credit reporting agencies in accordance with the Fair Credit Reporting Act.
3. In connection with a proposed or actual sale, merger, transfer, or exchange of all or a portion of a business or operating unit.
4. When legally required to comply with a properly authorized civil, criminal, or regulatory investigation, or subpoena or summons by Federal, State, or local authorities.
5. When otherwise required to comply with Federal, State, or local laws, rules, and other applicable legal requirements.
Cookies
We use unique identifiers called “Cookies” to collect anonymous non-personally identifiable information. Cookies are small pieces of code that are saved by your browser. The cookies include information about your device, browser, area code, zip code, and IP address and are used to provide you with a more customized user experience and improve the design and functionality of our website.
We may share cookies with third parties to better understand how you use our websites and the type of devices you use to personalize content and deliver relevant advertisements of interest to you. These third parties may collect information about your online activities over time and across different websites when he or she uses our sites.
You may refuse to accept cookies by activating the appropriate setting on your device or browser. However, you may be unable to use certain features of the Birchwood University website dependent on your selection. You can change your cookie settings by reviewing your internet browser’s cookie options. Typically, such information can be found under the browser’s ‘Help’, ‘Preferences’, or ‘Options’ menus.
External Third-Party Content
Please note that this Privacy Policy applies only to the Personal Information that the University collects from you, the University’s Site, or the University’s Technology Services.
Some pages within the Birchwoodu.org domain may contain content that is served by external third parties. Please be aware that when you visit pages that contain external third-party content, information such as your IP address, date, browser, and requested page are transmitted from your computer to that third party. Birchwood University is not responsible for the privacy practices or the content of these external third parties and such links are not intended to be an endorsement of those sites or their content.
Sites within Birchwood University may enable you to pay for products or services online with a credit card. Although Birchwood University makes every effort to ensure that the third parties providing these transactions are encrypted, Birchwood University is not responsible for the privacy practices of these external third parties.
Security
Although no computer system is 100% secure, Birchwood University has deployed extensive security measures to protect against the loss, misuse, or alteration of the information collected through the Universitys’ services and under our control. Birchwood University maintains physical, electronic, and procedural safeguards that comply with federal standards to guard your nonpublic Personal Information. We continually review our policies and practices, monitor our computer networks, and independently test the strength of our security to help us ensure the safety of Confidential Information. These security measures and our systems are routinely audited and updated by Birchwood University security specialists.
Digital Millennium Copyright Act (DMCA)
The Digital Millennium Copyright Act (DMCA), described as the most dramatic change to copyright law in a generation, was the 105th Congress’s effort to update copyright law for the digital environment. Please be aware that in accordance with Section 512(i)(1)(a) of the DMCA, Birchwood University reserves the right to terminate the computing services of users who repeatedly infringe upon the rights of copyright owners.
California Privacy Act (CCPA)
For State of California residents, through your use of the University’s Technology Services such as Birchwoodu.org or Birchwood University student information systems and learning management systems, and similar, the University may collect Personal Information that you knowingly and voluntarily provide when completing applications and forms, sending emails, registering for classes or other programs or responding to surveys, we may collect “Personal Information. “Personal Information” may include:
1. Email address, account name, Social Security number, driver’s license number, and passport number.
2. Personal information under California’s records destruction law (Cal. Civ. Code §1798.80(e)).
3. Characteristics of protected classifications under California or federal law.
4. Commercial information, including records of personal property, products, or services purchased, obtained, or considered.
5. Biometric information.
6. Internet or network activity.
7. Geolocation data.
8. Audio, electronic, visual, thermal, olfactory, or similar information.
9. Professional or employment-related information.
10. Education information that is not publicly available is personally identifiable information, as defined in the Family Educational Rights and Privacy Act (20 USC § 1232(g), 34 CFR Part 99).
11. Inferences are drawn from any of the information listed above to create a profile about a consumer reflecting the consumer’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.
Personal Information under the CCPA does not include aggregate consumer information,” which is defined as data that is “not linked or reasonably linkable to any consumer or household, including via a device,” as well as information that is publicly available from federal, state, or local government records.
As a California resident pursuant to the CCPA, you have certain rights. This Privacy Notice summarizes what these rights are and how you can exercise these rights. More detail about each right, including exceptions and limitations, can be found in Title 1.81.5. California Consumer Privacy Act of 2018.
Right to access data
California law permits users who are California residents to request and obtain at no cost an annual list of the third parties to whom Birchwood University has provided or disclosed personnel identifiable information (PII) in the immediately preceding calendar year. California residents shall only be entitled to have this information provided at most once per calendar year.
Once we receive and confirm your verifiable consumer request, we will disclose to you within thirty (45) days of the receipt of such request:
1. The categories and sources of personal information we collect about you.
2. Our business or commercial purpose for collecting or selling that personal information.
3. a list of categories of Personal Data provided to a third party for its own direct marketing purposes; and,
4. the names of any third parties that received the California resident’s Personal Data within the preceding calendar year from us.
Right to opt-in to sharing of minor Personal Information
If you are a California resident, under 16 and a registered user of the Services, you may ask us to opt-in to share posts to the Services by submitting a verifiable consumer request to us at the address below.
Right to be forgotten
Also, California residents have the right to request the deletion any of personal information that we have collected from you, subject to certain exceptions listed in the California Electronic Communications Privacy Act if retaining the information is necessary for us to facilitate your account or respond to requests under the law. Once we receive and confirm your verifiable consumer request, we will delete (and direct our school officials to delete) your personal information from our records, unless an exception applies.
Right to opt-out from having the information sold
Under California’s Privacy law, Cal. Civ. Code § 1798.83, California residents may opt out of the sharing of Personal Information with educational partners who are School Officials for direct marketing purposes. However, although the University may actively share your information to facilitate, manage and improve our services the University will not share, provide, or sell Personal Information with school officials for their own marketing purposes.
To exercise these rights as a California citizen, or If you have additional questions about the University’s Privacy Policy or related items submit a verifiable consumer request by E-mail at privacy@Birchwoodu.org. or by writing to us at the address below:
Attn: Office of Regulatory Affairs and Compliance
Birchwood University
6100 Lake Ellenor Drive, Suite 100E, Orlando, FL 32809
A verifiable consumer request should contain your name and state of residence or student identifier as applicable, and the specific request as related to the rights described above. We will only use personal information provided in a verifiable consumer request to verify the requestor's identity or authority to make the request.
General Data Protection Regulation (GDPR)
Your Personal Information may be stored and processed by service providers using cloud technology, and you understand that your information will be transferred to countries outside of your country of residence, including the United States, which may have data protection rules that are different from those of your country. In certain circumstances, courts, law enforcement agencies, regulatory agencies, or security authorities in those other countries may be entitled to access your Personal Information.
The University may receive your Personal Information when you visit the University’s websites, apply for or take online courses or programs, voluntarily communicate with the University or request services, or otherwise, interact with the University while in the EU.
This GDPR Privacy Notice applies to you if:
1. You are a “Person” or “Data Subject” which is a natural person, not a corporation, partnership, or other legal entity who is physically present in the EU;
2. “Personal Information”—means any identifiable information that you voluntarily provide, or we collect while you are physically present in the EU and not while you are outside the EEA;
3. And the Personal Information is provided to the University:
- During the course of application and enrollment into the University or University’s programs;
- While you are enrolled in the University programs;
- While you are participating in University activities or surveys;
- While you are communicating with University services.
- As part of the admissions process evaluate applications. We also may obtain Personal Information from third parties, such as other schools, references, employers, and education as part of application submission.
- As part of the program or course registration and scheduling process.
- To communicate University activities, messages, and special events.
The University requires Personal Information for a variety of purposes to provide requested services, including, but not limited to:
As a Data Subject pursuant to the GDPR, you have certain rights. This GDPR Privacy Notice summarizes what these rights under the GDPR involve and how you can exercise these rights. More detail about each right, including exceptions and limitations, can be found in Articles 15-21 and 77 of the GDPR.
Right of access
You have the right to request that the University confirm whether it is processing your Personal Information.
Right of correction
You have the right to request that the University correct any inaccurate Personal Information that it maintains about you.
Right to erasure
You have the right to request the erasure of Personal Information that the University maintains about you in certain circumstances. These circumstances are identified in Article 17 of the GDPR and include that the Personal Information is no longer necessary in relation to the purpose(s) for which it was collected.
Right to restrict processing of Personal Information
You have the right to request that the University restrict the processing of your Personal Information where one of the reasons identified in Article 18 of the GDPR applies. These reasons include that the Personal Information is inaccurate, the processing is unlawful, or the University no longer needs the Personal Information.
Right to data portability
Where the basis for processing is either consent or performance of a contract between you and the University, and where the processing is carried out by automated means, you have the right to receive the Personal Information that you have provided to the University. The University will provide the Personal Information in a structured, commonly used, and machine-readable format. Where technically feasible and upon your request, the University will transmit the Personal Information directly to another entity.
Right to withdraw consent
If the basis for processing your Personal Information is consent, you may revoke your consent at any time. Upon receipt of your notice withdrawing consent, and if there are no other legal grounds for the processing, the University will stop processing the Personal Information unless the processing is necessary for the establishment, exercise, or defense of legal claims. Revoking consent does not affect the lawfulness of processing that occurred before the revocation.
Right to file a complaint
You have the right to submit a complaint with an EU supervisory authority, specifically one in the EU Member State of your habitual residence, Birchwood University of work, or Birchwood University of the alleged violation if you believe that the University’s processing of your Personal Information violates the GDPR. For more information on the process for submitting a complaint, consult the relevant EU supervisory authority:
To exercise these rights as a Data Subject pursuant to the GDPR or If you have additional questions about the University’s Privacy Policy or related items submit a verifiable consumer request by E-mail at privacy@Birchwoodu.org. or by writing to us at the address below.
Attn: Office of Regulatory Affairs and Compliance
Birchwood University
6100 Lake Ellenor Drive, Suite 100E, Orlando, FL 32809
A verifiable consumer request should contain your name and EU member state or student identifier as applicable, and the specific request as related to the GDPR rights described above. We will only use personal information provided in a verifiable consumer request to verify the requestor's identity or authority to make the request.
Notifications
Opt-out Options
Although Birchwood University will not share, provide, or sell Personal Information with third parties for their own marketing purposes, if you want to notify Birchwood University will that you do not want Birchwood University will to share non-transactional information with non-affiliated companies, contact us by E-mail at privacy@Birchwoodu.org. Or if you have additional questions about the University’s Privacy Policy or related items please contact Birchwood University, Inc. in writing at the address noted below.
Attn: Office of Regulatory Affairs and Compliance
Birchwood University
6100 Lake Ellenor Drive, Suite 100E, Orlando, FL 32809
A verifiable consumer request should contain your name and state of residence or student identifier as applicable, and the specific request as related to the rights described above. We will only use personal information provided in a verifiable consumer request to verify the requestor's identity or authority to make the request. The University reserves the right to update and change this Privacy Policy from time to time without notice to comply with legal requirements and/or reflect changes within the University’s privacy policy and practices. Changes to the Privacy Policy will be posted on the Birchwoodu.org website.