DigiPen (USA) Corporation, dba DigiPen Institute of Technology (“DigiPen”) respects the privacy of people who visit our web site, www.digipen.edu, as well as our sub-web sites: projectfun.digipen.edu, games.digipen.edu, news.digipen.edu, explore.digipen.edu, and gallery.digipen.edu (individually and collectively referred to herein as the “Site”).
We only have access to or collect personal information that you voluntarily supply us with. We will not sell or rent this information to anyone. We will not share your information with any third party outside of our organization, other than as necessary to fulfill your request, or as required by law. For example, DigiPen may disclose personal information to third parties (including without limitation, governmental agencies) if required to do so by law or based on the good faith belief that such action is necessary to: (i) conform to the edicts of the law or comply with legal process; (ii) protect and defend the rights or property of DigiPen or its agents or contractors; or (iii) act in urgent circumstances to protect the personal safety of users of DigiPen, the Site, or the public.
You may opt out of any future contacts from us at any time by contacting us via the email address or phone number given below or by following “unsubscribe” steps for email, as appropriate. At your request, we will remove your personal information from our files.
You are solely responsible for maintaining the secrecy of your passwords or any account information. Please be careful and responsible whenever you are online. While we strive to protect your personal information, DigiPen does not ensure or warrant the security of any information you transmit to us, and you do so at your own risk.
The Site is not intended for or directed to children under the age of 13. Any person who provides their information to DigiPen through the Site represents to DigiPen that they are 13 years of age or older.
This Privacy Shield Policy (“Policy”) applies to all personal information received by DigiPen (USA) Corporation, d/b/a DigiPen Institute of Technology (“DIT”, “we”, “our”, or “us”) in the United States from the European Economic Area (EEA) (which includes the member states of the European Union (EU) plus Iceland, Liechtenstein and Norway). This Policy sets out our practices for collecting, using, maintaining, protecting and disclosing that personal information.
For purposes of this Policy, the following definitions shall apply:
“Agent” means any third party that collects or uses personal information under the instructions of, and solely for, DIT or to which DIT discloses personal information for use on DIT’s behalf.
“DigiPen Institute of Technology” means DigiPen (USA) Corporation, d/b/a DigiPen Institute of Technology, DigiPen Housing LLC, and any predecessors and successors in the United States.
“Personal information” means any information or set of information that identifies or could be used by or on behalf of DIT to identify (together with other information) a living individual. Personal information does not include information that is anonymized or aggregated.
“Sensitive information” means any personal information that reveals race, ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, information that concerns health or sex life, and information about criminal or administrative proceedings and sanctions.
DIT participates in and complies with the EU-U.S. Privacy Shield Framework (“Privacy Shield”) as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information from European Union member countries. DIT has certified that it adheres to the Privacy Shield Principles of Notice, Choice, Accountability for Onward Transfers, Security, Data Integrity and Purpose Limitation, Access, and Recourse, Enforcement, and Liability, which are the basis for the principles of this Policy. If there is any conflict between this Policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view DIT’s certification, please visit https://www.privacyshield.gov/.
DIT receives personal information about individuals in the EEA collected by DIT and its affiliates. This personal information may include basic contact information like name and email address for current and prospective students, as well as billing and academic information of current students such as classes taken and grades.
DIT uses this information to provide our educational services, support for such services, for billing, for marketing communications, and to correspond with students and faculty. This information also facilitates our affiliates’ and franchisees’ services.
DIT also receives information about employees of DIT’s subsidiaries who are located in the European Union, and which is transferred in the context of the employment relationship. DIT uses this information for internal employment and human resources purposes. DIT commits to cooperate in investigations by and to comply with the advice of competent EU authorities.
DIT will subject all personal information received via the Privacy Shield to its Privacy Principles.
DIT is subject to the investigative and enforcement authority of the Federal Trade Commission (FTC), is obliged to disclose personal information in response to lawful requests by public authorities, for law enforcement and national security purposes, and has potential liability for onward transfers to third parties.
Additionally, an individual may be allowed to invoke binding arbitration to resolve disputes under certain limited conditions. More information is available in the Dispute Resolution section below.
DIT will offer individuals the opportunity to choose whether their information is to be used for a purpose other than the purpose for which it was originally collected or subsequently authorized by the individual. An individual may opt-out of such uses of their personal information by contacting us at the address given below. DIT does not disclose personal information to non-agent third parties. If this changes, DIT will offer an opt-out to individuals.
DIT will not use sensitive personal information for a purpose other than the purpose for which it was originally collected or subsequently authorized by the individual unless DIT has received the individual’s affirmative and explicit consent (opt-in). DIT will treat as sensitive any personal information received from a third party where the third party identifies and treats it as sensitive.
DIT will use personal information only in ways that are compatible with the purposes for which it was collected or subsequently authorized by the individual. DIT will take reasonable steps to ensure that personal information is relevant to its intended use, accurate, complete and current.
Transfers to Agents
DIT contracts with third parties who perform business functions on our behalf. DIT uses these third parties to manage tuition, housing, and related payments, as well as fee processing. These entities may have access to personal information if needed to perform their functions for DIT. DIT does not disclose personal information to non-agent third parties.
For information received under the Privacy Shield, DIT will require its agents to safeguard personal information consistent with this Policy by contract, obligating the agent to provide at least the same level of protection as is required by the Privacy Shield Principles.
Under certain circumstances, DIT may bear liability for onward transfers of personal data where its agent processes personal data inconsistent with the Privacy Shield Principles, unless DIT proves that it is not responsible for the event giving rise to the damage.
Access and Correction
Upon request, DIT will grant individuals reasonable access to personal information that it holds about them. In addition, DIT will take reasonable steps to permit individuals to correct, amend, or delete information that is demonstrated to be inaccurate or incomplete. An individual may request to access their information, or otherwise correct, amend, or delete their information by contacting us at the address given below.
DIT will take reasonable and appropriate precautions to protect personal information in its possession from loss, misuse and unauthorized access, disclosure, alteration and destruction.
DIT will conduct compliance audits of its relevant privacy practices to verify adherence to this Policy. Any employee that DIT determines is in violation of this policy will be subject to disciplinary action.
DIT is subject to the investigative and enforcement authority of the FTC.
Dispute Resolution—Privacy Shield
In compliance with the Privacy Shield, DIT commits to resolve complaints about your privacy and our collection or use of your personal information. EU individuals with inquiries or complaints regarding this Policy should first contact DIT at the address given below. DIT will investigate and attempt to resolve complaints regarding use and disclosure of personal information by reference to the principles contained in this Policy.
DIT commits to cooperating with European Data Protection Authorities (“DPAs”).
DIT has further committed to refer unresolved privacy complaints under the Privacy Shield Principles to the Council of Better Business Bureaus (“BBB”). If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit the BBB web site at http://www.bbb.org/EU-privacy-shield for more information and to file a complaint. Under certain limited conditions, an individual may be able to invoke binding arbitration as provided under the Privacy Shield to address an otherwise unresolved complaint.
Questions regarding this Policy should be submitted to DIT by mail to:
DigiPen Institute of Technology
9931 Willows Rd NE
Redmond, WA 98052
Or by e-mail to: privacy[at]digipen[dot]edu
We may also be required to disclose an individual’s personal information in response to a lawful request by public authorities or in connection with a legal obligation. Adherence by DIT to these Privacy Shield Principles may also be limited to the extent necessary to meet national security, public interest or law enforcement obligations, and to the extent expressly permitted by an applicable law, rule or regulation. This Policy may be amended from time to time, consistent with the requirements of the Privacy Shield. The amended Policy will be made publicly available via DIT’s website.
Effective Date: [02-27-2017]