The eCHECKUP TO GO Programs (the “Programs”) respect your privacy and are committed to protecting it to the extent possible, subject to applicable state and federal law, through our compliance with our privacy policies.
This Notice applies to the information that we collect when you visit the eCHECKUP TO GO main website (www.echeckuptogo.com) and other websites that comprise the Programs or on which we have linked or referred to this Notice (together, the “Sites”). This Notice describes how this information is collected, processed, maintained, protected, and disclosed. Unless otherwise indicated on a specific Site, the SDSU Research Foundation is the data controller for all information collected under this Notice.
Except as specifically described, our Sites are operated in accordance with the laws of the United States. Please read this Notice carefully to understand our policies and practices regarding your information and how we will treat it. This Notice reflects the Programs’ current practices and may change from time to time, so please check the Notice periodically for updates.
In this Notice, “personal information” means any information that identifies or describes an individual user of the Sites, including, but not limited to, the user’s name, email address, password, and information that reveals any network location or identity. If you are located in the European Economic Area (EEA), “personal information” includes all personal data as defined under EEA laws (including “sensitive personal information” which is provided enhanced protections under those laws).
We collect personal information about users only as allowed by law and limit the collection of personal information to what is relevant and necessary to accomplish the service requested by the user. We collect personal information that you send to the eCHECKUP TO GO Programs, or permit us to obtain from third parties, for purposes relevant to the services provided by eCHECKUP TO GO.
You may be required to provide personal information to access or use certain parts of our Sites, or features of our Sites or services. If you do not provide the requested personal information, you may not be able to access or use the features of our Sites or service where such information is requested.
Depending upon the nature of the application, the personal information that you may provide may include: contact information (name, mailing address, telephone number and/or email address, etc.); demographic information (age, student status, etc.); and profile information (username, password, relationship to the eCHECKUP TO GO Programs, etc.).
Emails and Social Media Sites: If you correspond with us by email, mail or via social media, we may retain the content of your communication or social media posting, the email or social media account address from which it is sent, and our response. We collect information automatically using technology when you visit our Sites or social media pages or when you open one of our emails as described in this Notice.
The specific personal information (and sensitive personal information) we collect, why we collect it, and our legal basis for processing it, is periodically reassessed.
It is the policy of the eCHECKUP TO GO Programs to limit the collection and safeguard the privacy of personal information we collect. Our information management practices conform to the requirements of the Information Practices Act of 1977 (Civil Code Section 1798, et seq.), the Public Records Act (California Government Code Section 6250, et seq.), California Government Code Section 11015.5, the Family Educational Rights and Privacy Act (FERPA) (20 U.S.C. § 1232g; 34 CFR Part 99), and other applicable laws pertaining to information privacy. In the event of a conflict between this Notice and the Public Records Act, the Information Practices Act, FERPA, or other law governing the disclosure of University records, the applicable law will control.
Any information acquired by the eCHECKUP TO GO Programs through the Sites is subject to the limitations set forth in the Information Practices Act. The Programs will not distribute or share electronically collected personal information (as defined in subdivision (d) of California Government Code Section 11015.5) about users to any third party without the permission of the user, except in narrow circumstances set forth in this Notice. The Programs will not sell any electronically collected personal information to any third party. Such electronically-collected personal information is exempt from requests made pursuant to the California Public Records Act (Chapter 3.5 (commencing with Section 6250) of Division 7 of Title 1).
We use information that we collect about you or that you provide to us, including any personal information:
We may also use your personal information for operational and other lawful purposes such as security, analytics, operations, fraud detection and prevention, reporting, making back-ups and legal compliance.
At the time we collect personal information, we strive to tell users about the purpose for which the information is collected as well as the general or specific uses that we will make of that information.
We will not distribute or share any electronically collected personal information (as defined in subdivision (d) of California Government Code section 11015.5) about users to any third party without prior written permission from the user except in narrow circumstances involving possible violations of Section 502 of the Penal Code or as authorized under law (including but not limited to the Information Practices Act), or to assist another state agency or public law enforcement organization in any case where the security of a network operated by a state agency has been, or is suspected of having been, breached.
We fully cooperate with law enforcement agencies in identifying those who use our Sites or services for illegal activities. We may report to law enforcement agencies any activities that we in good faith believe to be unlawful. Release of your personal information for security purposes, as described in this Notice to any person or entity, including, without limitation, in connection with any government investigation or litigation, shall be based on a determination made solely by us, as permitted by law or, for those not in the EEA, exercising our discretion for which you expressly grant permission to us in accordance with this Notice.
We take reasonable physical, managerial, and technical safeguards to preserve the integrity and security of your personal information against loss, unauthorized access, and illegal use or disclosure. Such personal information is stored by the eCHECKUP TO GO Programs in secure locations and eCHECKUP TO GO Programs staff is trained on procedures for the management of personal information, including limitations on the release of information. Access to personal information is limited to those members of the eCHECKUP TO GO Programs’ staff whose work requires such access. The eCHECKUP TO GO Programs conducts periodic reviews to ensure that proper information management policies and procedures are understood and followed.
The security of your personal information is important to us, but please remember that no method of transmission over the Internet or method of electronic storage is 100% secure. While we strive to use commercially reasonable means to protect your personal information, we cannot ensure or warrant the absolute security of any information you transmit to the Sites, and you do so at your own risk. Once we receive your transmission of information, we make commercially reasonable efforts to ensure the security of our systems. However, please note that this is not a guarantee that such information may not be accessed, disclosed, altered, or destroyed by breach of any of our physical, technical, or managerial safeguards. While we strive to protect your personal information and privacy, we cannot guarantee the security of any information you disclose online.
In the event that personal information is compromised as a result of a breach of security, we will promptly investigate and notify those persons whose personal information has been compromised in accordance with the notification procedures set forth in the CSU Information Security Policy, or as otherwise required by applicable law.
We are not responsible for the practices employed by websites linked to or from our Sites nor the information or content contained in them, and we make no warranty, either express or implied, concerning the content of any such site, including the accuracy, completeness, reliability, or suitability of them for any particular purpose, nor do we warrant that any such site or content is free from any claims of copyright, trademark, or other infringement of the rights of third parties, or that any such site or content is devoid of viruses or other contamination. We may provide links to other websites to you solely as a convenience, and the inclusion of linked sites does not imply endorsement by the eCHECKUP TO GO Programs of any of the linked sites. Please remember that when you use a link to go from our Sites to another website, our Notice is no longer in effect. Your browsing and interaction on any other website, including those that have a link on our Sites, is subject to that website’s own rules and policies. Please read over those rules and policies before proceeding. We do not ensure the security of your personal information if you visit websites not belonging to the Programs, nor are we the data controller for any information collected on those sites. We reserve the right to terminate a link to a third-party site at any time.
We comply with all applicable regulations regarding data retention and deletion of personal data and retain personal information only for as long as necessary to fulfill the purpose for which it was collected (including for college operations), for strategic planning, and to comply with applicable laws and retention requirements. You can ask to review, update or make changes to the personal information we maintain about you, or exercise your option of having your personal information discarded without reuse or distribution, by sending a written request to the postal or email address set out below. We may take a reasonable period of time to respond. If you request the deactivation or change of information on our system, such information may be retained in our backup systems for a period of time subject to technology restrictions, or as a precaution against systems failures. Some information may be retained for longer periods as required by law, contract or auditing requirements or as otherwise described in this Notice.
You have the option to decline providing information about yourself online and may use other methods, such as U.S. mail, to respond to requests for information or to communicate with us. You may use the contact information listed below to ask about additional alternatives to providing or obtaining information through use of our Sites.
By providing us your email address, you consent to our use of your email address to send you Site and service-related notices, including any notices required by law, in lieu of communication by postal mail. We may also use your email address to send you other messages, including, but not limited to, newsletters, information on campus activities, programs and events, legal updates, changes to features of our Sites or services, or other account information. Where required by law, we will obtain your consent before sending you specific types of email or other communications.
You can choose not to receive such emails from us by “unsubscribing” using the instructions in any email you receive from us, or by sending a written request to the postal or email address set out below. It may take up to thirty (30) business days for us to process your request. This will not stop us from sending emails about your account or your transactions with us, or any other service-related email. Opting out does not affect our communications with you via telephone or mail nor does it affect our use of your non-personally identifiable information as described in this Notice.
If you are an individual located in the EEA only, you have certain rights with regard to your personal data collected while you are in the EEA. These rights may include right of access, right of correction, right to be forgotten, right to restrict processing of your identifiable personal information, right to notice related to changes/deletion/processing limits, right to data portability, right to objection, right not to be subject to decisions based solely on automated processing, and right to withdraw consent. Some of these rights are restricted by law to information that was collected on the basis of explicit consent, or are restricted by other conditions (such as necessity for contract or to comply with the law). You have the right to contact us in connection with the exercise of your rights under applicable EEA law, which you can do through the contact information below, or by sending an email to email@example.com. We will respond to your written request without unreasonable delay and in accordance with any deadlines imposed by law. Unless we notify you at the time of your request, we will not charge you any fee in connection with the exercise of your rights. If you are not satisfied with our response, you have the right to complain to or seek advice from a supervisory authority and/or bring a claim against us in any court of competent jurisdiction.
We reserve the right to modify this Notice at any time. It is our policy to provide notifications, whether such notifications are required by law or are for other operational purposes, to you via email notice, written or hard copy notice, or through conspicuous posting of such notice on our Sites page, as determined by the eCHECKUP TO GO Programs in its sole discretion. We reserve the right to determine the form and means of providing notifications to you, provided that you may opt out of certain means of notification as described in this Notice. You are responsible for ensuring we have an up-to-date active and deliverable email address for you, and for periodically visiting our Sites and this Notice to check for any changes.
For changes to our Privacy Notice, it is our policy to post any changes we make on this page. The date the Notice was last revised is identified at the top of the page. We will provide notice on the Sites, or at website address, prior to the effective date of any change. Your continued use of the Sites after any change in this Notice will constitute your acceptance of such change.
If you have any questions about this Notice or the practices of our Sites, you may contact us by writing firstname.lastname@example.org.
Last Updated: October 19, 2018
COPYRIGHT 2021 ECHECKUP TO GO