This Notice establishes Kennesaw State University’s (“KSU”) privacy notices for both its website located at kennesaw.edu (“Site”) and in compliance with any applicable data privacy standards and legal requirements regarding the data collected, including compliance with the European Union General Data Protection Regulation (“EU GDPR”). This Notice describes the type of information KSU collects from visitors to this Site, what we do with that information, and how visitors can update and control the use of information collected by this Site.
Kennesaw State University (KSU) is committed to ensuring the privacy of your information. KSU collects two kinds of information on this site: 1) Information that is voluntarily supplied by visiting the site and enrolling in programs and 2) Information that is automatically collected as you navigate the site.
Information voluntarily supplied by visitors seeking to access various features and information includes, among other things, name, address, and phone number. Any personal information that you choose to provide through the Site will be protected in accordance with the provisions of this Notice. If you refuse to provide personal data that is required by KSU in connection with one of KSU’s lawful bases to collect such personal data, such refusal may make it impossible for KSU to provide education, employment, or other requested services.
Links within the university website may direct you to other websites not affiliated with KSU. KSU is not responsible for the privacy practices, policies, actions, web content, services, or products of non-KSU sites to which we link. These links are not intended to, nor do they constitute, an endorsement by KSU of the linked materials. We encourage you to read the privacy statements of other sites for assurance that their practices safeguard your privacy.
KSU does its best to reasonably ensure that the personal information obtained from you is accurate. Visitors may review the information saved or submitted via the Site at any time up to the point when it is purged. If there is an error in your personal information, we will correct the information upon your request, which may be submitted to email@example.com.
We have put in place reasonable physical, technical, and administrative safeguards designed to prevent unauthorized access to the online information we collect and use. While we strive to protect visitor’s personal information by encryption and other means, we cannot guarantee or warrant the security of the information you transmit to us, and if you choose to use the Site, you do so at your own risk.
If you post any data within a public forum on any KSU website, that data is now public.
KSU is committed to maintaining the privacy of your personal information. Any information submitted via the website will only be used for the purposes stated on the submission page. KSU does not actively share personal information gathered from the Site, except:
KSU also complies with the Family Educational Rights and Privacy Act (“FERPA”), which generally prohibits (with some exceptions) the release of education records without student permission. Please visit KSU’s FERPA website for more information.
Kennesaw State University is an institution of higher education involved in education, research, and community engagement. For KSU to educate its students both in class and on-line, engage in world-class research, and provide community services, it is essential, necessary, and KSU has lawful bases to collect, process, use, and maintain data of its students, employees, applicants, research subjects, and others involved in its educational, research, and community programs. The lawful bases include, without limitation, admission, registration, delivery of classroom, on-line, and study abroad education, grades, communications, employment, applied research, development, program analysis for improvements, and records retention. Examples of data that KSU may need to collect in connection with the lawful bases are: name, email address, IP address, physical address or other location identifier, photos, as well as some sensitive personal data obtained with prior consent.
For more information regarding the EU GDPR, please review Kennesaw State’s EU General Data Protection Regulation Compliance Policy. All personal data and sensitive personal data collected or processed by KSU under the scope of the KSU EU General Data Protection Regulation Compliance Policy must comply with the security controls and systems and process requirements and standards of KSU policies.
The majority of KSU’s collection and processing of personal data will fall under the following categories:
There will be some instances where the collection and processing of personal data will be pursuant to other lawful bases.
KSU receives personal data and special categories of sensitive personal data from multiple sources. Most often, this data comes directly from the data subject or under the direction of the data subject who has provided it to a third party (for example, application for admission to KSU through use of the Common App).
Individual data subjects covered by KSU’s EU General Data Protection Regulation Compliance Policy will be afforded the following rights:
Any data subject who wishes to exercise any of the above-mentioned rights under the EU GDPR may do so by submitting a Service Request with the Office of Cybersecurity at firstname.lastname@example.org.
Please see the “Type of Information Collected and Why” section above for details regarding information collected from KSU websites and cookies.
All personal data collected or processed by KSU under the scope of the KSU EU General Data Protection Regulation Compliance Policy must comply with organizational security controls, standards, processes and policies. If you have questions about this Notice or believe that your personal information has been released without your consent or if you wish to correct information held by KSU, please contact us at email@example.com.
KSU will not share your information with third parties except as necessary to meet one of KSU’s lawful purposes.
As an entity of the government of the State of Georgia, KSU is subject to the provisions of the Georgia Open Records Act (ORA). Except for those records that are exempt from disclosure under the ORA, the ORA provides that all citizens are entitled to view the records of state agencies on request and to make copies for a fee. For more information on KSU’s ORA compliance, please visit the Open Records Requests page on the Division of Legal Affairs website.
KSU keeps the data it collects for the time periods specified in the University System of Georgia Records Retention Schedules.
For examples of Student Records Retention Schedules, see: https://www.usg.edu/records_management/schedules/934
For examples of Human Resources (Employment) Records Retention Schedules, see: https://www.usg.edu/records_management/schedules/930