Back to top

Effective Date: [March 27, 2020]

Web Privacy Policy

DigiPen (USA), LLC, dba DigiPen Institute of Technology (“DigiPen”) respects the privacy of people who visit our web site, www.digipen.edu, and other DigiPen sites (individually and collectively referred to herein as the “Site”).

This Privacy Policy reflects the current information practices of DigiPen. If you have questions or concerns about this policy, please contact us at privacy[at]digipen[dot]edu. This Privacy Policy applies solely to information collected by the Site.

Information Collection, Sharing, and Use

DigiPen may collect personal information from users of the Site. DigiPen may also use automated technologies on the Site, such as cookies, to collect non-personally identifiable information about you, such as your IP address or the type of browser you use. A “cookie” is a piece of data stored on the device from which a user accesses the Site and which contains information about the user. Cookies enable DigiPen to recognize you when you revisit the Site and can provide you the benefit of not having to reenter certain information, such as your email address, because the information is stored in the cookie. DigiPen may also use cookies to better operate the Site and help improve web site usage by collecting information such as your IP address, domain name, and operating system. Your browser may include a feature which can be set to alert you of cookies. You do not have to accept all cookies sent to you by the Site. However, you may not be able to use some of the features of the Site if you elect to reject a particular cookie.

We only have access to collect personal information that you voluntarily supply us with. We will not sell or rent this information to anyone. We will not share your information with any third party outside of our organization, other than as necessary to fulfill your request, or as required by law. For example, DigiPen may disclose personal information to third parties (including without limitation, governmental agencies) if required to do so by law or based on the good faith belief that such action is necessary to: (i) conform to the edicts of the law or comply with legal process; (ii) protect and defend the rights or property of DigiPen or its agents or contractors; or (iii) act in urgent circumstances to protect the personal safety of users of DigiPen, the Site, or the public.

Unless you ask us not to, we may contact you in the future to tell you about our programs, upcoming events, educational opportunities, special announcements, or changes to this Privacy Policy. The information we collect from you will be used solely for the purpose intended. For example, if you provide us with admission information, we will use that information for admission purposes. DigiPen may also use the information collected through the Site to: respond to requests for information; improve our Site; or enforce the terms of use for our Site. With respect to tuition, housing, and related payments, DigiPen uses Tuition Management Systems “TMS”. Information collected by TMS is subject to their privacy policy, which is available at this link and in the footer of the TMS payment page. With respect to payment processing, including application fees, enrollment fees, DigiPen Academy related payments, branded items, and apparel purchases, DigiPen uses E-quantum, Paytrace, and EVO Payments as third party payment processors and the submission of your payment information will be subject to the terms of their privacy policies, which can be found on their websites.

With respect to chat widgets, DigiPen uses HappyFox as a third-party service provider. Data collected by the chat widget is necessary to complete the chat transactions and gauge online activity on our site, and is subject to the terms of their privacy policy, which can be found on their website.

Your Access to and Control Over Information

You may opt out of marketing communications from us at any time by contacting us via the email address or phone number given below or by following “unsubscribe” steps for email, as appropriate. At your request, we will remove your personal information from our files.

Security

You are solely responsible for maintaining the secrecy of your passwords or any account information. Please be careful and responsible whenever you are online. While we strive to protect your personal information, DigiPen does not ensure or warrant the security of any information you transmit to us, and you do so at your own risk.

Third-Party Sites and Links

You may access third-party web sites through this Site, and those third-party web sites may collect personal information about you. This Privacy Policy does not cover the information practices of third-party web sites. If you have any questions about the personal information collected by third-party web sites, including how they collect and use personal information, you should contact the third-parties directly. We are not responsible for the content or privacy practices of other sites.

Children’s Privacy

The Site is not intended for or directed to children under the age of 13. Any person who provides their information to DigiPen through the Site represents to DigiPen that they are 13 years of age or older.

Updates

Our Privacy Policy may change from time to time, without notice, and all updates will be reflected on these pages. If you have any questions about our Privacy Policy, please contact us immediately via email at privacy[at]digipen[dot]edu.


EU-U.S. Privacy Shield Policy

This Privacy Shield Policy (“Policy”) applies to all personal information received by DigiPen (USA), LLC, d/b/a DigiPen Institute of Technology (“DIT”, “we”, “our”, or “us”) in the United States from the European Economic Area (EEA) (which includes the member states of the European Union (EU) plus Iceland, Liechtenstein and Norway) and the United Kingdom. This Policy sets out our practices for collecting, using, maintaining, protecting and disclosing that personal information.

Definitions

For purposes of this Policy, the following definitions shall apply:

“Agent” means any third party that collects or uses personal information under the instructions of, and solely for, DIT or to which DIT discloses personal information for use on DIT’s behalf

“DigiPen Institute of Technology” means DigiPen (USA), LLC, d/b/a DigiPen Institute of Technology, DigiPen Housing LLC, and any predecessors and successors in the United States.

“Personal information” means any information or set of information that identifies or could be used by or on behalf of DIT to identify (together with other information) a living individual. Personal information does not include information that is anonymized or aggregated.

“Sensitive information” means any personal information that reveals race, ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, information that concerns health or sex life, and information about criminal or administrative proceedings and sanctions.

EU-U.S. Privacy Shield

DIT complies with the EU-US Privacy Shield Framework as set forth by the US Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union and the United Kingdom to the United States in reliance on Privacy Shield. DIT has certified that it adheres to the Privacy Shield Principles with respect to such data. If there is any conflict between the policies in this privacy policy and data subject rights under the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification page, please visit https://www.privacyshield.gov/.

Principles

Notice

DIT receives personal information about individuals in the EEA and the United Kingdom collected by DIT and its affiliates. This personal information may include basic contact information like name and email address for current and prospective students, as well as billing and academic information of current students such as classes taken and grades.

DIT uses this information to provide our educational services, support for such services, for billing, for marketing communications, and to correspond with students and faculty. This information also facilitates our affiliates’ and franchisees’ services.

DIT also receives information about employees of DIT’s subsidiaries who are located in the European Union and the United Kingdom, and which is transferred in the context of the employment relationship. DIT uses this information for internal employment and human resources purposes. DIT commits to cooperate in investigations by and to comply with the advice of competent EU and UK authorities.

DIT will subject all personal information received via the Privacy Shield to its Privacy Principles.

DIT is subject to the investigative and enforcement authority of the Federal Trade Commission (FTC), is obliged to disclose personal information in response to lawful requests by public authorities, for law enforcement and national security purposes, and has liability for onward transfers to agent third parties unless we can prove we were not a party to the actions giving rise to the damages.

Additionally, an individual may be allowed to invoke binding arbitration to resolve disputes under certain limited conditions. More information is available in the Dispute Resolution section below.

Choice

DIT will offer individuals the opportunity to choose whether their information is to be used for a purpose other than the purpose for which it was originally collected or subsequently authorized by the individual. An individual may opt-out of such uses of their personal information by contacting us at the address given below. DIT does not disclose personal information to non-agent third parties. If this changes, DIT will offer an opt-out or opt-in choice to individuals prior to their data being released.

DIT will not use sensitive personal information for a purpose other than the purpose for which it was originally collected or subsequently authorized by the individual unless DIT has received the individual’s affirmative and explicit consent (opt-in). DIT will treat as sensitive any personal information received from a third party where the third party identifies and treats it as sensitive.

Data Integrity

DIT will use personal information only in ways that are compatible with the purposes for which it was collected or subsequently authorized by the individual. DIT will take reasonable steps to ensure that personal information is relevant to its intended use, accurate, complete and current.

Transfers to Agents

DIT contracts with third parties who perform business functions on our behalf. DIT uses these third parties to manage tuition, housing, and related payments, as well as fee processing. These entities may have access to personal information if needed to perform their functions for DIT. DIT does not disclose personal information to non-agent third parties.

For information received under the Privacy Shield, DIT will require its agents to safeguard personal information consistent with this Policy by contract, obligating the agent to provide at least the same level of protection as is required by the Privacy Shield Principles.

DIT remains liable for onward transfers of personal data where its agent processes personal data inconsistent with the Privacy Shield Principles, unless DIT proves that it is not responsible for the event giving rise to the damage.

Access and Correction

Pursuant to the Privacy Shield Principles DIT acknowledges the individual’s right to access their personal data that has been transferred into the United States. Upon request, DIT will grant individuals reasonable access to personal information that it holds about them. In addition, DIT will take reasonable steps to permit individuals to correct, amend, or delete information that is demonstrated to be inaccurate or incomplete. An individual may request to access their information, or otherwise correct or amend their information. Individuals have the further right to request deletion of information that has been handled in violation of the Principles. EU and UK individuals wishing to exercise their right of access may do so by contacting us at the address given below.

Security

DIT will take reasonable and appropriate precautions to protect personal information in its possession from loss, misuse and unauthorized access, disclosure, alteration and destruction.

Enforcement

DIT will conduct compliance audits of its relevant privacy practices to verify adherence to this Policy. Any employee that DIT determines is in violation of this policy will be subject to disciplinary action.

DIT is subject to the jurisdiction and enforcement authority of the FTC.

Privacy Shield Dispute Resolution – For Non-HR Data

In compliance with the Privacy Shield, DIT commits to resolve complaints about your privacy and our collection or use of your personal information. EU and UK individuals with inquiries or complaints regarding this Policy should first contact DIT at the address given below. DIT will investigate and attempt to resolve complaints regarding use and disclosure of personal information by reference to the principles contained in this Policy.

DIT has further committed to refer unresolved privacy complaints under the Privacy Shield Principles to an independent dispute resolution mechanism, BBB EU Privacy Shield. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit the BBB web site at https://bbbprograms.org/programs/bbb-privacy-shield/eu-dispute-resolution for more information and to file a complaint.

Privacy Shield Dispute Resolution – For HR Data

In compliance with the Privacy Shield, DIT commits to resolve complaints about your privacy and our collection or use of your personal information as it pertains to the HR relationship. EU and UK individuals with inquiries or complaints regarding this Policy should first contact DIT at the address given below. DIT will investigate and attempt to resolve complaints regarding use and disclosure of personal information by reference to the principles contained in this Policy.

DIT has further committed to refer unresolved HR privacy complaints under the Privacy Shield Principles to the EU Data Protection Authorities (DPA’s). If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit https://ec.europa.eu/digital-single-market/en/news/list-personal-data-protection-competent-authorities to locate the appropriate DPA office. Please do not refer HR complaints to BBB EU Privacy Shield.

Last Chance Binding Arbitration Option

Finally and in limited circumstances, if your Privacy Shield complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms. See Privacy Shield Annex 1 at https://www.privacyshield.gov/article?id=ANNEX-I-introduction.

Where applicable to the employment relationship, DIT agrees to cooperate and comply with the EU data protection authorities (DPAs) regarding the unresolved complaints of employee of European-affiliated companies who are located in the EU and the United Kingdom. Such employees may direct complaints about their personal information to their respective DPA. For the contact information for your country’s DPA, please contact us at the address given below.

Contact Information

Questions regarding this Policy should be submitted to DIT by mail to:

DigiPen Institute of Technology
9931 Willows Rd NE
Redmond, WA 98052
Or by e-mail to: privacy[at]digipen[dot]edu

Limitations & Changes

We may also be required to disclose an individual’s personal information in response to a lawful request by public authorities or in connection with a legal obligation. Adherence by DIT to these Privacy Shield Principles may also be limited to the extent necessary to meet national security, public interest or law enforcement obligations, and to the extent expressly permitted by an applicable law, rule or regulation. This Policy may be amended from time to time, consistent with the requirements of the Privacy Shield. The amended Policy will be made publicly available via DIT’s website.


California Privacy Rights

California Shine the Light

Residents of the State of California have the right to request information from DigiPen regarding other companies to whom the company has disclosed certain categories of information during the preceding year for those companies’ direct marketing purposes. If you are a California resident and would like to make such a request, please email privacy[at]digipen[dot]edu

California Consumer Privacy Act

The California Consumer Privacy Act (“CCPA”) provides California residents with rights to receive certain disclosures regarding the collection, use, and sharing of “Personal Information,” as well as rights to know/access, delete, and limit sharing of Personal Information. The CCPA defines “Personal Information” as “information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household.” Certain information we collect may be exempt from the CCPA because it is considered public information (i.e., it is made available by a government entity) or covered by a specific federal privacy law, such as the Gramm–Leach–Bliley Act, the Health Insurance Portability and Accountability Act, or the Fair Credit Reporting Act.

To the extent that we collect Personal Information that is subject to the CCPA, that information, our practices, and your rights are described below.

Right to Notice at Collection Regarding the Categories of Personal Information Collected

You have the right to receive notice of the categories of Personal Information we collect, and the purposes for which those categories of Personal Information will be used. This notice should be provided at or before the time of collection. The categories we use to describe the information are those enumerated in the CCPA.

  • Personal Identifiers:

    • We collect your name, phone number, and email address and contact address when you create an account, complete a transaction, or apply for admission into one of our programs. If you choose to create an account, you will also be asked to create a username, which may sometimes be your email address, and we will assign one or more unique identifiers to your profile. We use this information to provide the Site and our services and products, process your application to our programs, respond to your requests, and send information and advertisements to you.

    • We collect your social media handle and basic account information when you interact with the Site through social media.

    • We collect a unique numerical identifier, assigned to you by a first-party cookie, automatically when you use the Site in order to identify you, provide the Site, keep you logged in to the Site, prevent fraud, and provide you with targeted information and offers.

    • We collect payment information when you provide it to us, which may include your credit card number when you complete a transaction. You have the option to store this information to your account. We use this information to streamline and facilitate payments and transactions.

    • We collect your IP address automatically when you use the Site. We use this information to identify you, gauge online activity on our website, measure the effectiveness of online services, applications, and tools, and serve targeted advertisements based on your online activities.

    • We collect your Device ID automatically when you use the Site. We use this information to monitor your use and the effectiveness of the Site, to identify you, and to provide you with targeted information and offers.

    • We collect your Social Security number if you submit financial aid documents to us. We use this information to process any financial aid documents and facilitate the process of providing you with such financial aid.

    • We collect medical information and health information about you if you use certain medical or social services provided by us. We use this information to provide such services to you, including mental health counseling or Disability Support Services.

  • Protected Classifications: We also collect your age, date of birth, race, and ethnic origin when we process your application for admission into our programs or financial aid documents. We may collect your disability status if you use our Disability Support Services in order to provide you with such services.

  • Commercial Information: When you engage in transactions with us, we create records of goods or services purchased or considered, as well as purchasing or consuming histories. We use this information to measure the effectiveness of the Site and to provide you with targeted information and advertisements.

  • Internet or Other Electronic Network Activity Information: We collect information about your browsing history, search history, information regarding your interaction with websites, and applications or advertisements automatically when you utilize the Site. We use this information to gauge online activity on our website, measure the effectiveness of online services, applications, and tools, and to serve targeted advertisements based on your online activities.

  • Geolocation Data: As described above, we collect your IP address automatically when you use the Site. We may be able to determine your general location based on the IP address.

  • Audio, electronic, visual, thermal, olfactory, or similar information: If you contact us via phone, we may record the call. We will notify you if a call is being recorded at the beginning of the call. If you enroll in our programs, we collect your photographic or video image to provide you with a student badge.

  • Professional or employment-related information: If you submit a résumé as part of an application, we collect information about your current employer and your employment history. We use this information to process your application into our programs and conduct background and other screening activities. If you are a student, we use this information to connect you to employers that may be interested in hiring our students.

  • Education information: We collect information about the institutions you have attended and the level of education you have attained. We use this information to process your application into our programs or for employment and to conduct background and other screening activities.

  • Inferences drawn to create a profile about a consumer reflecting the consumer’s preferences or characteristics: We may analyze your actual or likely preferences through a series of computer processes. On some occasions, we may add our observations to your internal profile. We use this information to gauge and develop our marketing activities, measure the appeal and effectiveness of the Site, applications, and tools, and to provide you with targeted information, advertisements, and offers.

We may use any of the categories of information listed above for other business or operational purposes compatible with the context in which the Personal Information was collected.

We may share any of the above-listed information with Service Providers, which are companies that we engage for business purposes to conduct activities on our behalf. Service Providers are restricted from using Personal Information for any purpose that is not related to our engagement. The categories of Service Providers with whom we share information and the services they provide are described in our Privacy Policy above.

Right to Know About Personal Information Collected, Disclosed, or Sold

You have the right to request that we disclose to you the Personal Information we collect, use, disclose, or sell. Our collection, use, disclosure, and sale of Personal Information is described in our Privacy Policy above.

Right to Know/Access Information

You have the right to request access to Personal Information collected about you and information regarding the source of that information, the purposes for which we collect it, and the third parties and service providers with whom we share it. You may submit such a request as described below. To protect our customers’ Personal Information, we are required to verify your identify before we can act on your request.

Right to Request Deletion of Information

You have the right to request in certain circumstances that we delete any Personal Information that we have collected directly from you. You may submit such a request as described below. To protect our customers’ Personal Information, we are required to verify your identify before we can act on your request. We may have a reason under the law why we do not have to comply with your request, or why we may comply with it in a more limited way than you anticipated. If we do, we will explain that to you in our response.

How to Submit a Request

You may submit a request to exercise your rights to know/access or delete your Personal Information through any one of three means:

Verification Procedures

In order to process your request to know/access or delete Personal Information we collect, disclose, or sell, we must verify your request. We do this by asking you to:

  • provide personal identifiers, such as your name, email address, and or birthdate (if available), we can match against information we may have collected from you previously; and

  • confirm your request using the email or telephone account stated in the request.

Authorized Agent

You may authorize another individual or a business registered with the California Secretary of State, called an authorized agent, to make requests on your behalf. We require that you and the individual complete notarized affidavits in order to verify the identity of the authorized agent and confirm that you have authorized them to act on your behalf. Parents of minor children may submit a birth of the child certificate in lieu of an affidavit, in order to make requests on the child’s behalf. Please see our required affidavits here.


Cookie Policy

This policy describes the use of cookies and other technologies. Like many websites, DigiPen uses first-party cookies and third-party cookies on www.digipen.edu and their subdomains (the “Sites”). By using DigiPen’s Sites, you consent to our use of cookies and other technologies as described below.

What are cookies?

Cookies are text files containing small amounts of information which are downloaded to your computer or mobile device when you visit a website or mobile application. Cookies are then sent back to the originating site on each subsequent visit, or to another site that recognizes the cookies.

How to Manage Your Cookie Preferences

Most web browsers allow you to modify and manage your browsing preferences. You can modify your web browser to refuse cookies or to delete certain cookies. You may be able to manage other technologies in the same way that you manage cookies using your browser’s preferences. On your mobile device, you may also have a “Limit Ad Tracking” setting (on iOS devices) or a setting to “Opt out of Interest-Based Ads” (on Android) which allows you to limit the use of information about your use of apps for purposes of serving ads targeted to your interests.

There is no accepted standard on how to respond to Do Not Track signals, and DigiPen does not respond to such signals. Rather, you may visit aboutads.info to receive more information about the collection and use of information about your online activities for online behavioral advertising or to learn how to opt out of having your data used for online behavioral advertising by Digital Advertising Alliance (DAA) participating companies. European users can also visit youronlinechoices.com to learn how to opt out of having their data used for online behavioral advertising by European Interactive Digital Advertising Alliance (EDAA) member companies.

Please note that if you choose to block cookies, you may impair our Sites or prevent certain elements of our Sites from functioning. Also, if you delete your cookies in the future you will need to opt again and if you use multiple web browsers, you may need to opt again.

Please note that even if you opt out using the mechanisms above, you may still receive advertisements when using DigiPen’s Sites.

Types of Cookies and Technologies Used

First-Party Cookies

DigiPen uses a number of first-party cookies, most of which expire when the user’s browser is closed. Generally, these cookies help to store user information (i.e. language preferences) or ensure that users are aware of specific events related to their campus.

Third-Party Cookies

DigiPen uses the following third-party technologies:

  • Google Analytics
    We use Google Analytics to track the behavior of website visitors. Their third-party tracking cookies are used on all of our sites and subdomains and provide us with information used to learn where our visitors are coming from (e.g., traffic sources), how visitors interact with our site (e.g., how many pages they view, how long they stay during a visit, etc.), what kind of devices are used to access our site, etc. We use this data in aggregate to analyze the effectiveness of our website and to improve user experience. We do not track user demographics (this is an opt-in feature for Google Analytics customers). Our sites are still functional for users who choose to disable this cookie. Analytics cookies used by Google are persistent cookies that expire after two years.

  • Adobe Typekit
    We use Typekit (from Adobe) to display specific typefaces on the Sites. Adobe uses cookies within Typekit to collect information about the fonts and typography being served on our sites and to track usage statistics. The information collected is used for the purposes of billing and compliance, and may include the following:

    • Fonts served
    • Kit ID
    • Account ID (identifies the customer the kit is from)
    • Service providing the fonts (e.g., Typekit or Edge Web Fonts)
    • Application requesting the fonts (e.g., Adobe Muse)
    • Server serving the fonts (e.g., Typekit servers or Enterprise CDN)
    • Hostname of page loading the fonts
    • The amount of time it takes the web browser to download the fonts
    • The amount of time it takes from the web browser downloading the fonts until the fonts are applied

    More information is available here: Adobe Cookie Policy.

  • ClickDimensions
    ClickDimensions is a cloud-based marketing automation platform that uses cookies to provide information about site visitors including amount of time spent on a page and names of pages visited. This information is anonymous until a visitor requests information and opts into our email marketing list, at which time their anonymous browsing history will be linked with their record.

  • YouTube
    DigiPen embeds videos from our official YouTube channel using YouTube’s privacy-enhanced mode. This mode may involve the use of cookies. To find out more please visit YouTube’s embedding videos information page.

  • reCAPTCHA (Google)
    We use reCAPTCHA, a security service provided by Google, on our sites. reCAPTCHA distinguishes whether an input is made by a person or by automated processing. reCAPTCHA does so by using cookies to analyze how users interact with the site. reCAPTCHA may collect personal information such as your IP address and other data required by Google for the reCAPTCHA services. The information generated by reCAPTCHA will be transmitted to and stored by Google for analysis and will be subject to Google’s Privacy Policy and Terms of Use. To learn more about reCAPTCHA, click here.


Questions or Comments

If you have any questions or comments about this policy, please contact us at privacy[at]digipen[dot]edu.