The University is committed to making privacy a consideration in any University process or activity that involves personal information, and as much as possible, make appropriate access controls a default setting without requiring individuals to request limited privacy settings.

The University provides reasonable advance notice to individuals about how and for what legitimate institutional or education purpose personal information is collected, used, or disclosed. The University will collect, use, and disclose only the minimum amount of information necessary to accomplish the stated purpose.

When possible, control over personal information should remain with individuals to allow for choice regarding the disposition of their information. The University will provide individuals with the opportunity to correct inaccurate personal information.

The University is committed to respecting individual constitutional and civil rights and using personal information only as authorized by individuals from whom the information is collected, or as required or permitted by law. Use of individuals’ personal information by the University will be limited to education and mission-based institutional purposes.

The University is committed to protecting personal information by adopting privacy and information security controls and through employee training for how to responsibly collect, process, maintain, use, and disclose personal information.

All University employees are stewards of the personal information for which they have been entrusted and have access and are accountable for knowing and applying these Privacy Principles.

The University is committed to being future-thinking, present-minded, and past-respectful in its privacy practices by monitoring changes in data privacy laws, regulations, trends, and perspectives, and adjusting University practices accordingly.