Use of the College Name, Seal, and Logos Policy
May 6, 2019
AVP for Marketing and Communication
All members of the Canisius College community responsible for maintaining a college website.
Note: The Institutional Review Board (IRB) is responsible for reviewing sites conducting web-based research. The IRB develops its own guidelines for the use of websites in research and applies those guidelines to research projects requiring IRB review.
Member of the College Community—includes any person who is a student, faculty member, staff member, organization, club, group, team, alumni, volunteer, trustee, or any other person employed by the college. This definition also includes all college departments, offices and programs.
College Website—any website operated on (a) the college network, (b) by a college department, organization or program, or (c) using college resources, whether or not it is accessed through a www.canisius.edu address.
Thank you for visiting our site. This statement discloses the privacy practices for the Canisius College website and any related offline print and electronic publications. By using our site or one of our offline print or electronic publications, you agree to the collection, use and disclosure of your personal data as described in this statement. If you do not agree to the terms of this statement, then please do not use the site or such publications. BY USING THIS SITE, YOU AGREE TO OUR COLLECTION, USE AND MAINTENANCE OF YOUR DATA OR PERSONAL DATA IN THE UNITED STATES. If you are visiting the site from a location outside of the United States, your connection will be through and to servers located in the United States. All personal data you provide will be processed and securely maintained in our web servers and internal systems located within the United States.
Definitions and interpretation
Data or Personal Data
collectively all information that you submit to Canisius College via the Website that directly, indirectly, or in connection with other information — including a personal identification number — allows for the identification or identifiability of a natural person. This definition incorporates, where applicable, the definitions provided in the Data Protection Act 1998;
The natural person to whom the Personal Data refers;
a small text file placed on your computer by this Website when you visit certain parts of the Website and/or when you use certain features of the Website. Details of the cookies used by this Website are set out in the clause below (Cookies);
UK and EU Cookie Law
the Privacy and Electronic Communications (EC Directive) Regulations 2003 as amended by the Privacy and Electronic Communications (EC Directive) (Amendment) Regulations 2011;
User or you
any third party that accesses the website (i.e., www.canisius.edu) who, unless otherwise specified, coincides with the Data Subject and is not either (i) employed by Canisius College and acting in the course of their employment or (ii) engaged as a consultant or otherwise providing services to Canisius College and accessing the Website in connection with the provision of such services;
Information collected automatically through www.canisius.edu (or third-party services employed in www.canisius.edu), which can include: the IP addresses or domain names of the computers utilized by the Users who use ucumberlands.edu, the URI addresses (Uniform Resource Identifier), the time of the request, the method utilized to submit the request to the server, the size of the file received in response, the numerical code indicating the status of the server's answer (successful outcome, error, etc.), the country of origin, the features of the browser and the operating system utilized by the User, the various time details per visit (e.g., the time spent on each page within the Application) and the details about the path followed within the application with special reference to the sequence of pages visited, and other parameters about the device operating system and/or the User's IT environment.
the website that you are currently using, canisius.edu, and any sub-domains of this site unless expressly excluded by their own terms and conditions.
Data Processor (or Data Supervisor)
Data Controller (or Owner)
The natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of Personal Data, including the security measures concerning the operation and use of www.canisius.edu.
The service provided by www.canisius.edu as described in the relative terms (if available) and on this site/application.
European Union (OR EU)
Unless otherwise specified, all references made within this document to the European Union include all current member states to the European Union and the European Economic Area.
Small piece of data stored in the User's device.
Collection of Data
Among the types of Personal Data that ucumberlands.edu collects, by itself or through third parties, there are: cookies, usage data, first name, last name, gender, date of birth, phone number, company name, profession, address, fax number, country, state, province, email address, ZIP/Postal code, city, field of activity and user ID. Complete details on each type of personal data collected are provided below, in other dedicated sections of this policy, or by specific explanation texts displayed prior to the data collection. Personal data may be freely provided by the user, or, in case of usage data, collected automatically when using www.canisius.edu.
Unless specified otherwise, all data requested by www.canisius.edu is mandatory and failure to provide this data may make it impossible for www.canisius.edu to provide its services. In cases where www.canisius.edu specifically states that some data is not mandatory, users are free not to communicate this data without consequences to the availability or the functioning of the service. Users who are uncertain about which personal data is mandatory are welcome to contact the college or applicable owner.
Credit & Debit Card Data
We do not store credit card details nor do we share customer details with any 3rd parties;
Specific Examples of Data Collected:
Our online and offline registration forms require users to give us contact information including name, e-mail address and postal address. We may also collect your telephone number, and other data. We use this contact information to send you information about the specific solutions or services that match your interests.
We may also collect contact and other data from you if you: (1) participate in one of our contests or sweepstakes or apply for an offering from us; (2) order from us; (3) take part in one of our surveys; (4) contact us; or (5) otherwise voluntarily submit information to us, including in our online communities. You always have the ability to opt out of receiving future mailings and special offers; see the “Opt Out” section below.
If you use any of our tell-a-friend features, we ask for your friend’s name and e-mail address. We use this information only to send the communication you requested and to monitor the effectiveness of our tell-a-friend features. You are responsible for any third-party personal data obtained, published or shared through www.canisius.edu and confirm that you have the third party's consent to provide the data to the college.
All personal data is stored securely in accordance with the principles of the Data Protection Act 1998 and EU GDPR. For more details on security see the clause below (Security).
Methods of Processing Personal Data
The college takes appropriate security measures to prevent unauthorized access, disclosure, modification, or unauthorized destruction of your data.
Data processing is carried out using computers and/or information technology enabled tools, following college procedures and modes strictly related to the purposes indicated. In addition to the college, in some cases, your data may be accessible to certain types of persons in charge, involved with the operation of www.canisius.edu (administrators, admissions, system administration) or external parties (such as third-party technical service providers, mail carriers, hosting providers, information technology companies, communications agencies) appointed, if necessary, as data processors by the college. You may request an updated list of these parties from the college at any time.
Legal Basis of Processing Personal Data
The college may process your data if one of the following applies:
- You have given consent for one or more specific purposes. Note: Under some legislations the college may be allowed to process your data until you object to such processing (“opt-out”), without having to rely on consent or any other of the following legal bases. This, however, does not apply, whenever the processing of Personal Data is subject to European data protection law;
- Provision of your data is necessary for the performance of an agreement with you and/or for any pre-contractual obligations thereof;
- Processing is necessary for compliance with a legal obligation to which the college is subject;
- Processing is related to a task that is carried out in the public interest or in the exercise of official authority vested in the college;
- Processing is necessary for the purposes of the legitimate interests pursued by college or by a third party.
There will be some instances where the collection and processing of your personal data will be pursuant to other lawful bases. In any case, the college will help to clarify the specific legal basis that applies to the processing, and in particular whether the provision of your data is a statutory or contractual requirement, or a requirement necessary to enter into a contract.
We do not collect your personal data through our website and other platforms, unless it is voluntarily provided by you. In such instances, we will never sell or trade the personal data you provide to us, unless we have your consent in doing so, or if the data is needed for legal processes.
Note: As GDPR is a new law, the conditions identified above may be subject to change as more guidance is given or precedents are set.
Place of Processing
Your data is processed at the college's operating offices and in any other places where the parties involved in the processing are located.
Depending on your location, data transfers may involve transferring your data to a country other than your own.
You are also entitled to learn about the legal basis of data transfers to a country outside the European Union or to any international organization governed by public international law or set up by two or more countries, such as the UN, and about the security measures taken by the college to safeguard its data.
If any such transfer takes place, you may find out more by checking the relevant sections of this policy or inquire with the college using the information provided in the contact section.
The college keeps the personal data it collects in accordance with the retention periods of applicable federal law and the college’s Record Retention Schedule. Your data will be destroyed upon your request unless applicable law requires destruction after the expiration of an applicable retention period. The manner of destruction shall be appropriate to preserve and ensure the confidentiality of your data given the level of sensitivity, value and criticality to the college.
- All Cookies used by this Website are used in accordance with current US, UK, and EU Cookie Law.
- Before the Website places Cookies on your computer, you will be presented with a message bar requesting your consent to set those Cookies. By giving your consent to the placing of Cookies, you are enabling Canisius College to provide a better experience and service to you. You may, if you wish, deny consent to the placing of Cookies; however certain features of the Website may not function fully or as intended.
- This website may place the following Cookies:
- Strictly necessary cookies: These are cookies that are required for the operation of our website. They include, for example, cookies that enable you to log into secure areas of our website, use a shopping cart or make use of e-billing services.
- Disabling and Deleting Cookies
- You can choose to enable or disable Cookies in your internet browser. By default, most internet browsers accept Cookies, but this can be changed. For further details, please consult the help menu in your internet browser.
- You can choose to delete Cookies at any time; however, you may lose any information that enables you to access the Website more quickly and efficiently including, but not limited to, personalization settings.
- It is recommended that you ensure that your internet browser is up-to-date and that you consult the help and guidance provided by the developer of your internet browser if you are unsure about adjusting your privacy settings.
For purposes of the Data Protection Act 1998, Canisius College is the “data controller”. We will retain any data you submit for 12 months.
We may use the data we collect from and about you for any of the following purposes:
- To fulfill your requests for products and services;
- To provide you with targeted offers, site content and advertising on the site;
- To contact you with information and promotional materials and offers from the college, as well as from our affiliates, other related companies, educational institutions, marketing partners and other third parties, if you have agreed to receive such communications;
- To contact you when necessary;
- To review site and product usage and operations;
- To address problems with the site, our business or our products and services; and
- To protect the security or integrity of the site and our business.
You may find further detailed information about such purposes of processing and about the specific personal data used for each purpose in the respective sections of this policy.
We may disclose your personal data as follows:
- Consent: We may disclose your personal data if we have your consent to do so.
- Emergency Circumstances: We may share your personal data when necessary to protect your interests and you are physically or legally incapable of providing consent.
- Employment Necessity: We may share your personal data when necessary for administering employment or social security benefits in accordance with applicable law, subject to the imposition of appropriate safeguards to prevent further unauthorized disclosure.
- Charitable Organizations: We may share your personal data with applicable college foundations and other not-for-profit organizations in connection with charitable giving subject to the imposition of appropriate safeguards to prevent further unauthorized disclosure.
- Public Information: We may share your personal data if you have manifestly made it public.
- Archiving: We may share your personal data for archiving purposes in the public interest, and for historical research, and statistical purposes.
- Performance of a Contract: We may share your personal data when necessary to administer a contract you have with the college.
- Legal Obligation: We may share your personal data when the disclosure is required or permitted by international, federal, and state laws and regulations.
- Service Providers: We use third parties who have entered into a contract with the college to support the administration of college operations and policies. In such cases, we share your personal data with such third parties subject to the imposition of appropriate safeguards to prevent further unauthorized disclosure.
- College Affiliated Programs: We may share your personal data with parties that are affiliated with the college for the purpose of contacting you about goods, services, charitable giving, or experiences that may be of interest to you.
- De-Identified and Aggregate Information: We may use and disclose your personal data in de-identified or aggregate form without limitation.
If your personal data is transferred to third party service providers, we will take steps to ensure that your personal data receives the same level of protection as if it remained within the EU, including by entering into data transfer agreements or by relying on certification schemes. You have a right to obtain details of the mechanism under which your personal data is transferred outside of the EU by contacting email@example.com. Moreover, we contractually require agents, service providers, and affiliates who may process your personal data to provide the same level of protections for personal data as required by the college.
Pursuant to the GDPR, you have the following rights:
- To be notified if we intend to transfer your personal data to another country or international organization and the identity of the recipients of your personal data;
- To be notified of the period your personal data will be stored;
- To access and require us to correct the personal data we hold about you if it is incorrect;
- To require us to erase your personal data subject to the retention periods of applicable federal law and the college’s Record Retention Schedule;
- To require us to restrict our data processing activities and, where our processing is based on your consent, you may withdraw that consent, without affecting the lawfulness of our processing based on consent before its withdrawal;
- To receive from us the personal data we hold about you which you have provided to us, in a reasonable format specified by you, including for the purpose of you transmitting that personal data to another data controller;
- To object, on grounds relating to your particular situation, to any of our particular processing activities where you feel this has a disproportionate impact on your rights;
- To be notified of the existence of any automated decision-making regarding the use of your personal data, including meaningful information about the logic involved and its significance and consequences of such processing;
- To be notified if the collected personal data will be further processed for a purpose other than that for which it was collected;
- To file a complaint with the appropriate supervisory authority in the European Union if you feel we have not complied with applicable foreign laws regulating information created in the European Union that is transferred out of the European Union to the college.
Please note that the above rights are not absolute, and we may be entitled to refuse requests where exceptions apply.
Users who have opted in through our online and offline registration forms can opt out of receiving future communications from us. Users may also request removal directly from our partners at any time in the future. We make every effort to honor their request; however, we expressly disclaim responsibility for the actions of partners or other third parties beyond our control. To remove information from our database, users can send us an e-mail (firstname.lastname@example.org) or contact us by mail at 2001 Main Street, Buffalo NY 14208-1517. You may also use the opt-out mechanism that is contained in each email.
You have the right to ask for a copy of any of your personal data held by Canisius College.
To access, correct or request that we make no further use of your personal data, please send us an e-mail email@example.com or contact us by mail at 2001 Main Street, Buffalo NY 14208-1517.
Controlling use of your Personal Data
Wherever you are required to submit personal data, you will be given options to restrict our use of that data. This may include the following:
- Use of personal data for direct marketing purposes; and
- Sharing personal data with third parties.
Functionality of the Website
- To use all features and functions available on the website, you may be required to submit certain Data.
Third party websites and services
Canisius College may, from time to time, employ the services of other parties for dealing with certain processes necessary for the operation of the Website. The providers of such services have access to certain personal data provided by Users of this Website.
Links to other websites
Changes of Business Ownership and Control
We may also disclose data to a prospective purchaser of our business or any part of it.
In the above instances, we will take steps with the aim of ensuring your privacy is protected.
Canisius College has taken certain physical, electronic, contractual and managerial steps to safeguard and secure your personal data. It is your responsibility to maintain the confidentiality of your site account information, including your password, and you are responsible for all use of the site accessed through it. You agree to notify us immediately of any unauthorized use of your account or any other actual or suspected breach of site security. You may report suspected violations to the Webmaster at the address listed below.
We do not direct the site to, nor do we knowingly collect any personal information from, children under thirteen.
- Unless otherwise agreed, no delay, act or omission by a party in exercising any right or remedy will be deemed a waiver of that, or any other, right or remedy.
Your Acceptance of These Terms
2001 Main Street, Buffalo NY 14208-1517
Phone: (716) 883-7000