Privacy Policy
The eCHECKUP TO GO Programs (the “Programs”) respect your privacy and are committed to protecting it to the extent possible, subject to applicable state and federal law, through our compliance with our privacy policies.
This Notice applies to the information that we collect when you visit the eCHECKUP TO GO main website (www.echeckuptogo.com) and other websites that comprise the Programs or on which we have linked or referred to this Notice (together, the “Sites”). This Notice describes how this information is collected, processed, maintained, protected, and disclosed. Unless otherwise indicated on a specific Site, the SDSU Research Foundation is the data controller for all information collected under this Notice.
Except as specifically described, our Sites are operated in accordance with the laws of the United States. Please read this Notice carefully to understand our policies and practices regarding your information and how we will treat it. This Notice reflects the Programs’ current practices and may change from time to time, so please check the Notice periodically for updates.
This privacy policy discloses the privacy practices for subscribers to the eCHECKUP TO GO Programs, for individuals completing any of the Programs, and for individuals requesting information from the Programs. This privacy policy applies solely to information collected by the eCHECKUP TO GO Programs. It will notify you of the following:
- What personally identifiable information is collected from you through the web site, how it is used and with whom it may be shared.
- The choices available to you regarding the use of your data.
- The security procedures in place to protect the misuse of your information.
- How you can correct any inaccuracies in the information.
Information Collection, Use, and Sharing
In this Notice, “personal information” means any information that identifies or describes an individual user of the Sites, including, but not limited to, the user’s name, email address, password, and information that reveals any network location or identity. If you are located in the European Economic Area (EEA), “personal information” includes all personal data as defined under EEA laws (including “sensitive personal information” which is provided enhanced protections under those laws).
We collect personal information about users only as allowed by law and limit the collection of personal information to what is relevant and necessary to accomplish the service requested by the user. We collect personal information that you send to the eCHECKUP TO GO Programs, or permit us to obtain from third parties, for purposes relevant to the services provided by eCHECKUP TO GO.
User-Provided Information
You may be required to provide personal information to access or use certain parts of our Sites, or features of our Sites or services. If you do not provide the requested personal information, you may not be able to access or use the features of our Sites or service where such information is requested.
Depending upon the nature of the application, the personal information that you may provide may include: contact information (name, mailing address, telephone number and/or email address, etc.); demographic information (age, student status, etc.); and profile information (username, password, relationship to the eCHECKUP TO GO Programs, etc.).
Emails and Social Media Sites: If you correspond with us by email, mail or via social media, we may retain the content of your communication or social media posting, the email or social media account address from which it is sent, and our response. We collect information automatically using technology when you visit our Sites or social media pages or when you open one of our emails as described in this Notice.
The specific personal information (and sensitive personal information) we collect, why we collect it, and our legal basis for processing it, is periodically reassessed.
It is the policy of the eCHECKUP TO GO Programs to limit the collection and safeguard the privacy of personal information we collect. Our information management practices conform to the requirements of the Information Practices Act of 1977 (Civil Code Section 1798, et seq.), the Public Records Act (California Government Code Section 6250, et seq.), California Government Code Section 11015.5, the Family Educational Rights and Privacy Act (FERPA) (20 U.S.C. § 1232g; 34 CFR Part 99), and other applicable laws pertaining to information privacy. In the event of a conflict between this Notice and the Public Records Act, the Information Practices Act, FERPA, or other law governing the disclosure of University records, the applicable law will control.
Any information acquired by the eCHECKUP TO GO Programs through the Sites is subject to the limitations set forth in the Information Practices Act. The Programs will not distribute or share electronically collected personal information (as defined in subdivision (d) of California Government Code Section 11015.5) about users to any third party without the permission of the user, except in narrow circumstances set forth in this Notice. The Programs will not sell any electronically collected personal information to any third party. Such electronically-collected personal information is exempt from requests made pursuant to the California Public Records Act (Chapter 3.5 (commencing with Section 6250) of Division 7 of Title 1).
How we use the information we collect
We use information that we collect about you or that you provide to us, including any personal information:
- To provide you with information that you request from us.
- To process application/program requests.
- To collect and process payment information.
- To process service requests from students, staff, faculty, and other members of the campus community.
- To respond to your questions, requests, comments or complaints and determine your satisfaction with our events, programs and services.
- To operate, maintain, and provide to you the features, services, and functionality of the Sites and its contents, and to monitor and improve our site and the user experience.
- To provide information about the eCHECKUP TO GO Programs and send you related information including brochures and other eCHECKUP TO GO Programs materials.
- To notify you about changes to our Sites or any services we offer or provide through it.
- To compare and review your personal information for errors, omissions and accuracy.
- To prevent, detect or investigate any fraudulent, abusive or illegal act.
- To allow you to participate in interactive features on our Sites.
- In any other way we may describe when you provide the information.
- For any other purpose with your consent.
We may also use your personal information for operational and other lawful purposes such as security, analytics, operations, fraud detection and prevention, reporting, making back-ups and legal compliance.
We use cookies, clear gifs, and log file information to: (a) monitor the effectiveness of our Sites and services; (c) monitor aggregate metrics such as the total number of visitors and traffic; (d) diagnose or fix technology problems; and (e) help you efficiently access information.
At the time we collect personal information, we strive to tell users about the purpose for which the information is collected as well as the general or specific uses that we will make of that information.
International transfer of personal information
Personal information provided to us by users outside of the United States may be transferred to other countries such as the United States, where data protection laws may differ from those of your home country. By providing us with your information, you acknowledge that your personal information may be transferred to the United States and processed on servers within the United States. However, all reasonable steps will be taken to protect your privacy in accordance with applicable data protection laws.
User Content
Any personal information or content you voluntarily disclose for posting to social media sites we control (for instance, any content you post) (“User Content”) becomes available to the public via the social media site. User Content includes, but is not limited to, comments, photos, videos, etc. If you remove User Content, copies may remain viewable in cached and archived pages or if other users have copied or stored your User Content. We reserve the right to monitor the User Content you post and to remove any User Content for any reason or no reason including, without limitation, if in our sole opinion, such material violates, or may violate, any applicable law, or to protect or defend our rights or those of any third party. We also reserve the right to remove User Content upon the request of any third party.
Cookie Policy
Cookies Information: When you visit the Sites, we may send one or more cookies – a small text file containing a string of alphanumeric characters – to your computer that uniquely identifies your browser and lets us help you navigation through the Sites. A cookie does not collect personal information about you. We only use session cookies. A session cookie is temporary and disappears after you close your browser. We do not use persistent cookies. (A persistent cookie remains on your hard drive after you close your browser.) You can reset your web browser to refuse all cookies or to indicate when a cookie is being sent. However, some features of the Sites or services may not function properly if the ability to accept cookies is disabled.
Log File Information
Log file information is automatically reported by your browser each time you access a web page. When you register with or view our Sites, our servers automatically record certain information that your web browser sends whenever you visit any website. These server logs may include information such as your web request, Internet Protocol addresses or other device identifiers, browser information, Internet Service Provider, operating system, location, date/time stamp, clickstream data, referring/exit pages and URLs, domain names, landing pages, pages viewed, and other such information.
California Do Not Track Disclosures
California Business & Professions Code Section 22575(b) (as amended effective January 1, 2014) provides that California residents are entitled to know how a website operator responds to “Do Not Track” (DNT) browser settings. DNT is a feature offered by some browsers which, when enabled, sends a signal to websites to request that your browsing is not tracked, such as by third party ad networks, social networks and analytic companies. We do not engage in the collection of personally identifiable information about users’ online activities over time and across third party websites when an individual uses our Sites and therefore do not respond to DNT signals.
How we share your information
We share your information internally (among eCHECKUP TO GO staff) to facilitate and manage the purposes listed above. We may also share your personal information with a third party (e.g., a subscribing institution) as requested by you if permitted by this policy and applicable laws and regulations. The eCHECKUP TO GO Programs may also share your personal data with government and law enforcement agencies or regulators (1) to comply with a legal process, subpoena, order or other legal or regulatory requirement applicable to us; (2) to enforce our terms of use or other policies; or (3) to pursue available legal remedies or defend against legal claims.
We will not distribute or share any electronically collected personal information (as defined in subdivision (d) of California Government Code section 11015.5) about users to any third party without prior written permission from the user except in narrow circumstances involving possible violations of Section 502 of the Penal Code or as authorized under law (including but not limited to the Information Practices Act), or to assist another state agency or public law enforcement organization in any case where the security of a network operated by a state agency has been, or is suspected of having been, breached.
We fully cooperate with law enforcement agencies in identifying those who use our Sites or services for illegal activities. We may report to law enforcement agencies any activities that we in good faith believe to be unlawful. Release of your personal information for security purposes, as described in this Notice to any person or entity, including, without limitation, in connection with any government investigation or litigation, shall be based on a determination made solely by us, as permitted by law or, for those not in the EEA, exercising our discretion for which you expressly grant permission to us in accordance with this Notice.
How we protect your information
We take reasonable physical, managerial, and technical safeguards to preserve the integrity and security of your personal information against loss, unauthorized access, and illegal use or disclosure. Such personal information is stored by the eCHECKUP TO GO Programs in secure locations and eCHECKUP TO GO Programs staff is trained on procedures for the management of personal information, including limitations on the release of information. Access to personal information is limited to those members of the eCHECKUP TO GO Programs’ staff whose work requires such access. The eCHECKUP TO GO Programs conducts periodic reviews to ensure that proper information management policies and procedures are understood and followed.
The security of your personal information is important to us, but please remember that no method of transmission over the Internet or method of electronic storage is 100% secure. While we strive to use commercially reasonable means to protect your personal information, we cannot ensure or warrant the absolute security of any information you transmit to the Sites, and you do so at your own risk. Once we receive your transmission of information, we make commercially reasonable efforts to ensure the security of our systems. However, please note that this is not a guarantee that such information may not be accessed, disclosed, altered, or destroyed by breach of any of our physical, technical, or managerial safeguards. While we strive to protect your personal information and privacy, we cannot guarantee the security of any information you disclose online.
In the event that personal information is compromised as a result of a breach of security, we will promptly investigate and notify those persons whose personal information has been compromised in accordance with the notification procedures set forth in the CSU Information Security Policy, or as otherwise required by applicable law.
Links to Other Websites
We are not responsible for the practices employed by websites linked to or from our Sites nor the information or content contained in them, and we make no warranty, either express or implied, concerning the content of any such site, including the accuracy, completeness, reliability, or suitability of them for any particular purpose, nor do we warrant that any such site or content is free from any claims of copyright, trademark, or other infringement of the rights of third parties, or that any such site or content is devoid of viruses or other contamination. We may provide links to other websites to you solely as a convenience, and the inclusion of linked sites does not imply endorsement by the eCHECKUP TO GO Programs of any of the linked sites. Please remember that when you use a link to go from our Sites to another website, our Notice is no longer in effect. Your browsing and interaction on any other website, including those that have a link on our Sites, is subject to that website’s own rules and policies. Please read over those rules and policies before proceeding. We do not ensure the security of your personal information if you visit websites not belonging to the Programs, nor are we the data controller for any information collected on those sites. We reserve the right to terminate a link to a third-party site at any time.
Access and choice
We comply with all applicable regulations regarding data retention and deletion of personal data and retain personal information only for as long as necessary to fulfill the purpose for which it was collected (including for college operations), for strategic planning, and to comply with applicable laws and retention requirements. You can ask to review, update or make changes to the personal information we maintain about you, or exercise your option of having your personal information discarded without reuse or distribution, by sending a written request to the postal or email address set out below. We may take a reasonable period of time to respond. If you request the deactivation or change of information on our system, such information may be retained in our backup systems for a period of time subject to technology restrictions, or as a precaution against systems failures. Some information may be retained for longer periods as required by law, contract or auditing requirements or as otherwise described in this Notice.
You have the option to decline providing information about yourself online and may use other methods, such as U.S. mail, to respond to requests for information or to communicate with us. You may use the contact information listed below to ask about additional alternatives to providing or obtaining information through use of our Sites.
By providing us your email address, you consent to our use of your email address to send you Site and service-related notices, including any notices required by law, in lieu of communication by postal mail. We may also use your email address to send you other messages, including, but not limited to, newsletters, information on campus activities, programs and events, legal updates, changes to features of our Sites or services, or other account information. Where required by law, we will obtain your consent before sending you specific types of email or other communications.
You can choose not to receive such emails from us by “unsubscribing” using the instructions in any email you receive from us, or by sending a written request to the postal or email address set out below. It may take up to thirty (30) business days for us to process your request. This will not stop us from sending emails about your account or your transactions with us, or any other service-related email. Opting out does not affect our communications with you via telephone or mail nor does it affect our use of your non-personally identifiable information as described in this Notice.
EEA Data Subject Rights
If you are an individual located in the EEA only, you have certain rights with regard to your personal data collected while you are in the EEA. These rights may include right of access, right of correction, right to be forgotten, right to restrict processing of your identifiable personal information, right to notice related to changes/deletion/processing limits, right to data portability, right to objection, right not to be subject to decisions based solely on automated processing, and right to withdraw consent. Some of these rights are restricted by law to information that was collected on the basis of explicit consent, or are restricted by other conditions (such as necessity for contract or to comply with the law). You have the right to contact us in connection with the exercise of your rights under applicable EEA law, which you can do through the contact information below, or by sending an email to echeckup@sdsu.edu. We will respond to your written request without unreasonable delay and in accordance with any deadlines imposed by law. Unless we notify you at the time of your request, we will not charge you any fee in connection with the exercise of your rights. If you are not satisfied with our response, you have the right to complain to or seek advice from a supervisory authority and/or bring a claim against us in any court of competent jurisdiction.
Changes to Our Privacy Notice
We reserve the right to modify this Notice at any time. It is our policy to provide notifications, whether such notifications are required by law or are for other operational purposes, to you via email notice, written or hard copy notice, or through conspicuous posting of such notice on our Sites page, as determined by the eCHECKUP TO GO Programs in its sole discretion. We reserve the right to determine the form and means of providing notifications to you, provided that you may opt out of certain means of notification as described in this Notice. You are responsible for ensuring we have an up-to-date active and deliverable email address for you, and for periodically visiting our Sites and this Notice to check for any changes.
For changes to our Privacy Notice, it is our policy to post any changes we make on this page. The date the Notice was last revised is identified at the top of the page. We will provide notice on the Sites, or at website address, prior to the effective date of any change. Your continued use of the Sites after any change in this Notice will constitute your acceptance of such change.
Contact Us
If you have any questions about this Notice or the practices of our Sites, you may contact us by writing echeckup@sdsu.edu.