The University of AUTMS (“the University,” “we,” “us,” or “our”) is committed to safeguarding the privacy, confidentiality, and integrity of the personal information entrusted to us. This Policy describes how we collect, use, disclose, and protect personal information obtained through our official website (autms.com) and through our academic, research, employment, and administrative activities.

This document serves as a general framework and does not supersede obligations imposed by federal, state, or international laws such as the Family Educational Rights and Privacy Act (FERPA), the California Consumer Privacy Act (CCPA/CPRA), the General Data Protection Regulation (GDPR), or any other applicable data-protection requirements.

1. Scope

This Privacy Policy applies to all personal information processed by the University across all systems, programs, platforms, and operational activities. It covers information pertaining to:

Prospective, current, and former students
Faculty, staff, and employment applicants
Alumni, donors, and external stakeholders
Research participants and collaborators
Visitors to our website, facilities, and digital services

This Policy applies to all University-operated systems unless a more specific policy governs a particular program or activity (e.g., IRB protocols, health services).

2. Categories of Personal Information Collected

The University may collect, generate, or receive the following categories of information:

2.1 Identity & Contact Information

Name, mailing address, email address, telephone numbers
Date of birth, demographic information
Government-issued identifiers (e.g., Social Security Number, passport or ID number where legally required)

2.2 Academic & Enrollment Information

Admissions records, application materials, essays
Transcripts, educational history, standardized test results
Course schedules, grades, academic performance, disciplinary records
Advising notes, degree progress, and academic standing

2.3 Financial & Payment Information

Tuition and fee payment records
Financial aid documents, tax forms, scholarship and grant data
Donor records and contribution history

2.4 Employment-Related Information

Resumes/CVs, application forms, background-check information
Job history, salary and benefits data
Performance evaluations and professional development data

2.5 Technical & Digital Interaction Data

Collected through website use, University networks, and digital services:

IP address, device data, browser type, operating system
Log files, session data, geolocation approximations
Cookies, analytics data, and usage patterns

2.6 Sensitive & Protected Information

(Some categories are processed only when strictly necessary.)

Health data (e.g., medical services, accommodations)
Racial/ethnic background (for compliance and reporting)
Biometric identifiers (e.g., access control systems)
Information related to disability services, veteran status, or emergency contacts

2.7 Research Data

Collected in accordance with IRB-approved protocols and applicable ethical frameworks. This may include anonymized, identifiable, or sensitive information depending on the project.

3. Methods of Information Collection

The University collects information via:

3.1 Direct Interaction

Admissions and enrollment processes
Employment applications
Donor relations and alumni engagement
Student services, counseling, housing, and campus services
Communications via email, phone, or in person

3.2 Automated Collection

University websites, portals, and online platforms
Cookies, tracking pixels, analytics tools, and log files
Security systems (e.g., access logs, CCTV where permitted)

3.3 Third-Party or External Sources

Educational partners, prior institutions
Government agencies (e.g., financial aid verification)
Standardized testing agencies
Professional social networks, academic databases
Service providers acting on our behalf

4. Purposes of Use

The University processes personal information for legitimate academic, administrative, and operational reasons, including:

4.1 Academic Administration

Admissions decisions, course registration, academic advising
Maintenance of academic records and evaluation processes
Delivery of instruction, online learning, and student support services

4.2 Financial Processing

Tuition and fee billing
Financial aid administration and eligibility assessment
Donor acknowledgment and stewardship

4.3 Employment & Human Resources

Recruitment, onboarding, payroll, benefits administration
Professional evaluations and compliance reporting

4.4 Research & Institutional Analysis

Conducting academic and scientific research
Assessing program effectiveness and institutional planning

4.5 Safety, Security & Compliance

Campus safety operations, access control, and incident management
Legal or regulatory reporting (e.g., FERPA, Title IX, Clery Act)
Prevention and detection of fraud or misuse

4.6 Communications

Sending official notices, emergency alerts, and announcements
Marketing academic programs and institutional initiatives
Alumni outreach and engagement activities

5. Disclosure and Sharing of Information

Personal information may be shared under the following circumstances:

5.1 Internal University Use

Authorized faculty, administrators, and staff with a legitimate educational or operational need.

5.2 Service Providers and Contractors

Vendors performing services such as:

Cloud hosting and data storage
Payment processing
Email and communication systems
IT support and security services

All service providers are contractually required to protect personal information.

5.3 Legal & Regulatory Compliance

Disclosures may occur:

Pursuant to subpoenas, court orders, or law enforcement requests
To meet federal or state reporting obligations
To protect the rights, safety, or property of the University or others

5.4 Academic and Research Collaborators

Partner institutions, accreditation bodies, or co-research entities, subject to confidentiality agreements.

5.5 Alumni and Development Purposes

Contact information may be shared with alumni associations or development offices.

5.6 Emergency Circumstances

Where necessary to protect life, health, or safety.

6. Individual Rights

Depending on your relationship with the University and applicable law, you may have rights including:

Access to your personal information
Correction or rectification of inaccurate data
Restriction of certain processing activities
Objection to processing under specific circumstances
Deletion of personal information where legally permitted

FERPA Rights

Students have additional rights concerning their education records, including the right to inspect records, request corrections, and control certain disclosures.

Requests to exercise these rights should be submitted to the University’s Privacy Office.

7. Data Security and Retention

7.1 Security Measures

The University employs administrative, technical, and physical safeguards, including:

Access control and authentication systems
Encryption and secure transmission protocols
Security monitoring and incident-response procedures

Despite these efforts, no system is entirely secure, and the University cannot guarantee absolute protection.

7.2 Data Retention

Personal information is retained only as long as necessary for:

Academic and administrative purposes
Legal or regulatory requirements
Institutional recordkeeping policies

Certain records (e.g., academic transcripts) are maintained permanently.

8. Policy Updates

The University may revise this Privacy Policy periodically to reflect operational, legal, or technological changes. Updates will be posted with a new Effective Date. Continued use of University services constitutes acceptance of the updated Policy.

9. Contact Information

Privacy Office
University of AUTMS
Email: privacy@autms.com