ASU provides online information and services to students, employees and the public to supplement services provided on campus. This privacy statement provides information required by Arizona law about privacy, confidentiality and related policies for individuals who use our Web sites and online services. Individual Web sites may provide additional information about privacy. ACD 125 (ASU Computer, Internet and Electronic Communications Policy) provides additional information about the use of computing and communications systems at ASU and is available at www.asu.edu/aad/manuals/acd/acd125.html.
Additionally, Arizona State University is committed to complying fully with the Children's Online Privacy Protection Act of 1998. The Federal Trade Commission provides more information about the Children's Online Privacy Protection Act at www.ftc.gov/privacy/privacyinitiatives/childrens.html.
The ASU Web site contains links to external Web sites. ASU is not responsible for the privacy practices or policies of those sites not housed on ASU servers. For sites not housed on ASU servers, we recommend that users review applicable privacy practices and policies.
The ASU Web site may be used by a participant to voluntarily share information online so that a child can participate in activities (e.g., summer camps, classes, programs) or so that a child can receive mailed or e-mailed information from ASU (newsletters, class schedules, recruitment information). The ASU Web site offers invitations for children to sign up to receive mailings, newsletters and recruitment information from Arizona State University. When a child or young person voluntarily signs up with ASU, the child may be asked to provide:
Arizona State University, through its Web sites, does not condition a child’s participation in any of our online activities on the disclosure of more information than is reasonably necessary to participate in the activity.
Within two business days of ASU receiving this information, the child’s parent will receive a notification e-mail informing him or her of the child’s request to receive by e-mail or mail newsletters and other promotional mailings on an ongoing basis. The parental notification e-mail will also notify the parent that his/her child’s information may also be used to conduct ASU recruitment activities. This notification gives the parent the option to have his or her child’s information removed from the Arizona State University database.
All information collected for ASU is used to send the child mailings or electronic correspondence from ASU as well as from other ASU departments. The information may also be used to conduct ASU recruitment activities. This information will not be transferred, disclosed or shared with a third party and will not be used for other purposes. Parents with questions will find contact information below.
A variety of ASU departments offer online visitors the opportunity to send electronic postcards or e-messages to family or friends. ASU may ask for a name and e-mail address, but does not require a person to submit personally identifiable information about him/herself in order to send an electronic postcard or e-message to family or friends. We do, however, ask a person to submit the e-mail address of the recipient of such electronic postcards or e-mail messages.
ASU may also provide the opportunity to send e-mail to ASU. ASU requests no personally identifiable information except an e-mail address, which is used solely for the purpose of responding to messages and/or requests. All information collected for electronic postcards and e-mail messages is used only to send the requested electronic postcard or e-mail message and to respond to e-mail questions and/or requests and is deleted from our system once the electronic postcard, e-mail message or e-mail response is sent.
In addition to information actively provided by individuals using ASU Web sites, the ASU Web servers routinely record the following information each time the sites are used:
ASU uses this information to monitor and preserve the functioning and integrity of the system. ASU may use such aggregate information to improve access to content based on visitors’ browsers and operating system types to make content available to as many online visitors as possible. ASU does not link the log data collected to the personal information that one submits online when participating in or signing up for ASU programs and activities.
In cases of suspected violations of ASU policies, especially unauthorized access to computing systems, the system administrator concerned may authorize detailed session logging. This may involve capturing and retaining a complete keystroke log of an entire session. In addition, a system administrator for the equipment involved may authorize limited searching of user files on individual or networked computers to gather evidence on a suspected violation.
ASU does not store any personal information in cookies nor do we link or combine information collected through cookies to any personal information that children submit online when participating in ASU activities. Additionally, cookies can be disabled on most personal computers by indicating this in the preferences or options menus in the browser.
Parents can print out and mail or fax a signed form that allows them to review any identifiable information collected about their underage child, have this information deleted, and/or request that there be no further collection or use of their underage child’s information. ASU will take steps to verify the identity of anyone requesting information about a child and to ensure that the person is in fact the child’s parent or legal guardian. You can link to the form here. Parents with questions will find contact information below.
ASU Web sites provide access to information and services for students, employees and members of the public. If you prefer not to provide any information to the university online, you may cancel the transaction and contact the administrative unit responsible for the service to learn about available options for conducting business in person, by mail or by telephone.
ASU does not sell or distribute confidential information it collects online to individuals or entities not affiliated with the university, except in the very limited circumstances described below. Non-confidential information may be sold or distributed pursuant to Arizona Public Records law.
University and Arizona Board of Regents policies protect the confidentiality of student educational records and employee personnel information. These policies explain what information may be shared with the public or anyone who requests it. They also explain what information is protected as confidential; confidential information will not be disclosed without the consent of the student or employee, except under subpoena or court order or in case of an emergency.
Student records. Student records are protected by the federal Family Education Rights and Privacy Act (FERPA), Arizona law and university policy. Information about student access to education records and protection of education records is available in SSM 107-01 (Release of Student Information: www.asu.edu/aad/manuals/ssm/ssm107-01.html). That policy also provides information on a student’s right to limit access to otherwise public directory information. The ASU Office of General Counsel (OGC) briefing paper on FERPA also provides general information: www.asu.edu/counsel/brief/ferpa.html.
Chat rooms, forums, message boards and news groups. ASU does not routinely retain logs or copies of chat rooms, forums, message boards or news groups available to its users. Information disclosed in these areas is public, however. Academic chat rooms and discussions conducted in connection with ASU classes may be logged but may be treated as confidential educational records under FERPA.
Employee records. Employee records are protected by Arizona Board of Regents policy 6-912, by university policies ACD 811 (Access to and Release of Official Personnel Records Information: www.asu.edu/aad/manuals/acd/acd811.html) and SPP 1101 (Personnel Records: www.asu.edu/aad/manuals/spp/spp1101.html) and by Arizona law.
Public records law. Under the Arizona Public Records Law, ASU may be required to provide information in university records to a third party. Commercial users may purchase public record information, such as non-confidential lists of students and employees. Confidential information protected by FERPA or by other laws or Board policy will not be disclosed in response to a public records request. Additional information about Arizona public records law is available here: www.asu.edu/counsel/brief/pubrecsfaq.html.
Contractors. From time to time, individuals or companies under contract with the university may have access to confidential information in the course of the service they provide to the university, but those entities are not permitted to use or re-disclose that information for unauthorized purposes. No other entities are authorized to collect information through ASU’s sites.
Although every effort is made to secure network communications, ASU cannot ensure the privacy of online communications. Individuals using online services should also take steps to protect personal information, such as closing the Web browser when finished using the site. Failure to do so may result in personal information being viewed by someone else using the same computer.
ASU takes steps to ensure that personally identifiable information collected is secure, including limiting the number of people who have access to our database servers as well as electronic security systems with password protections that guard against unauthorized access.
ASU accepts credit card payments online for a variety of goods and services. Unless otherwise noted on the site, all university credit card transactions are encrypted. Confidential information entered to complete a transaction will not be used by ASU for any other purpose unless the purpose is described on the site.
Under the Computer, Internet and Electronic Communications Policy, university-owned computers and equipment may be examined by authorized individuals to detect illegal software and to evaluate the security of the network.