Privacy Statement

UNIVERSITY OF DELAWARE PRIVACY STATEMENT

The University of Delaware (“University,” “we,” “us,” or “our”) is committed to respecting and protecting the privacy rights of all natural persons. This Privacy Statement describes how we may collect, retain, process, share, and transfer your Personally Identifiable Information, as defined below, and as further specified in the University’s Personally Identifiable Information Privacy Policy. Please review this Privacy Statement carefully.   By submitting your Personally Identifiable Information to the University, you are consenting to our collection and use of your Personally Identifiable Information as described in this Privacy Statement.

Personally Identifiable Information Defined. Generally, “Personally Identifiable Information” is information that relates to an identifiable person and can be used, alone or in combination with other available information, to identify the person who is the subject of the information. In some cases, certain categories of your personal information may be subject to specific laws that define the applicable information more specifically. As a result, this Privacy Statement summarizes the University’s best practices for safeguarding information that could be used to identify you regardless of whether it may be subject to such laws.

Exceptions to Personally Identifiable Information. Not all information about you is Personally Identifiable Information. For example, when your Personally Identifiable Information has been de-identified or aggregated so that it can no longer identify you, the information is no longer Personally Identifiable Information and is not subject to this Privacy Statement.  In addition, some laws, including the Delaware Personal Data Privacy Act (“DPDPA”), exclude some personal information about you from their scope, such as information about you that is publicly available.  If you have any questions about whether your information qualifies as Personally Identifiable Information, please contact the University’s Chief Privacy Officer as specified below.

When this Privacy Statement Applies. This Privacy Statement applies to Personally Identifiable Information you submit to the University including through websites, applications, services, and domains owned, controlled, operated, and/or maintained by the University. Some individual University websites may also have additional privacy statements to address their unique data protection practices or laws that may apply to the use of specific categories of Personally Identifiable Information. You should read these additional privacy statements to stay informed about how individual University departments or their service providers use Personally Identifiable Information.

This Privacy Statement may also be supplemented by other international laws when the information relates to individuals located within those countries.  For example, the General Data Protection Regulation (“GDPR”) Privacy Notice and the Personal Information Protection Law (“PIPL”) Privacy Notice  apply to the provision of Personal Information, as defined therein, of individuals located in (i) the European Economic Area, and (ii) the People’s Republic of China, respectively.

When this Privacy Statement Does NOT Apply. Some University web pages may have links to external third-party websites that are not owned or controlled by the University.  The University is not responsible for the privacy practices or content of such websites, and Personally Identifiable Information you may submit to such websites is not subject to this Privacy Statement. You should read the third-party website privacy statement to understand how your Personally Identifiable Information will be collected, used, and shared. Finally, Personally Identifiable Information you submit to chat rooms, forums, message boards, and other public forums may become public information and is not subject to this Privacy Statement. You should exercise caution when deciding to disclose Personally Identifiable Information in such places.

Why the University Uses Personally Identifiable Information. The University uses Personally Identifiable Information to administer the University and its operations and to otherwise fulfill its mission. We may also use your Personally Identifiable Information to respond to your requests, provide promotional or educational materials that may be of interest to you, complete requested transactions such as the purchase of event tickets, conduct internal research and to otherwise meet our legal and reporting obligations.  The University requires Personally Identifiable Information only as necessary to achieve the legitimate purpose for which it is being acquired.

How the University Receives your Personally Identifiable Information. You provide the University with your Personally Identifiable Information when you visit University websites, apply for or attend University classes or programs, apply for or take online courses with the University, apply for financial aid or University housing, complete surveys or forms sponsored by the University, participate in University research studies, attend events sponsored by the University, apply to or work for the University, or otherwise interact with the University. The University, like most institutions and organizations, also collects visitors’ web-browsing patterns unless they take steps to browse them anonymously, or to opt out. Generic information is collected using “cookies,” which are text files placed on your computer to evaluate usage patterns so that we can improve both content and distribution. You may refuse to accept cookies by selecting the appropriate settings on your browser, but doing so may prevent you from using the full functionality of the University websites.

In some cases, the University may receive your Personally Identifiable Information from third parties. Examples include college entrance exam scores received from testing agencies; college applications received from organizations that provide university admissions applications; online course registration information received from third parties that administer online courses; financial aid information from governmental agencies or commercial financial institutions; and background information received from companies conducting export control screening or checks to support working with minors or employment with the University.

Rules for Individuals under 13 Years of Age. The University is committed to protecting the privacy of children under the age of 13 as required by the federal Children’s Online Privacy Protection Act (“COPPA”). Consistent with COPPA, if a user of the University websites is under the age of 13, such user is not authorized to provide the University with Personally Identifiable Information, and the University will not use any such information in its collection activities once the University becomes aware that the user is under the age of 13.  Users under the age of 13 and their parents or guardians are cautioned that the collection of Personally Identifiable Information volunteered online or by email by children under the age of 13 will be treated the same as information given by an adult until the University becomes aware that the user is under the age of 13, and such information may be subject to public access.

Who Processes or Receives Your Personally Identifiable Information. Your Personally Identifiable Information may be processed by University trustees and employees, including faculty, researchers, medical professionals, financial aid counselors, human resources professionals, law enforcement officers, and others, as may be necessary to carry out the purposes for processing the information and the activities of the University. The University may share your Personally Identifiable Information with University Related Organizations, such as the University of Delaware Alumni Association. “University Related Organizations” are entities established for the purpose of assisting the University in the accomplishment of its educational objectives. In some cases, the University may also share your Personally Identifiable Information with third parties to assist the University in achieving its educational objectives and to otherwise fulfill regulatory obligations.  We may also share your Personally Identifiable Information with third parties with your consent.

How Long the University Keeps Your Personally Identifiable Information. We follow applicable laws governing the retention of your Personally Identifiable Information. We retain your information for as long as needed to fulfill our business and archival purposes, and in some cases, the information may be retained indefinitely.  Factors that influence the length of time we retain your information include our legal obligations, our need for information to provide services to you, and our interest in preserving historical records of the University and our activities.

Your rights as a Data Subject. You may have the right to confirm whether the University processes your Personally Identifiable Information and to access, correct inaccuracies, or request that the University delete it. You also may request that the University exclude you from any targeted advertising.

How to Exercise Your Rights. You should submit requests to exercise your rights regarding your Personally Identifiable Information to the University of Delaware, Chief Privacy Officer:

Email: PrivacyOfficer@udel.edu

Telephone: 302-831-7263

Address:
Office of General Counsel
Attn: Chief Privacy Officer
112 Hullihen Hall
Newark, DE 19716

At that time, you will be asked to (i) identify yourself; and (ii) identify the specific information or data that you are concerned about; and (iii) state what right(s) you wish to exercise. To expedite processing your request, please identify the data collection location (e.g., the website where your Personally Identifiable Information was collected), if known. The University will respond to authenticated requests within 45 days unless a 45-day extension is reasonably necessary unless more specific privacy laws provide different timeframes. The University will notify you within the initial 45-day period if an extension is needed. If the University declines your request, it will explain the reason, and you may appeal the decision by submitting a request to the Chief Privacy Officer. The University will respond to your appeal within 60 days.

Updates to our privacy statement. This Privacy Statement may be changed from time to time, and updates will be posted to the University Web.  This version is current as of 01/01/2025.