Swarthmore College is committed to respecting the privacy of your personal data and information. This Privacy Notice contains important information about your privacy at the College.
HOW WE COLLECT PERSONAL DATA
We collect several categories of personal data including data we collect directly from you, data collected automatically (potentially including location data), and data we obtain from third party sources. The ways in which we collect and use your data vary depending on the relationship between you and us and in the way we interact.
Personal Data We Collect Directly From You
We gather certain personal data you provide to us through your engagement with the College, such as through your communications with us or through our websites or mobile applications. Information you may provide to us includes:
- Contact and Identification Information: for example, your name, date of birth, home address, email address, phone number; identification numbers (social security and government issued identification numbers);
- Demographic Information: for example, gender, age, marital status, home ownership status, annual income, national origin and other information you may volunteer;
- Personal Information and Affiliations: for example, personal interests, charitable activities, other personal information you may choose to volunteer and other information we may learn about your background; your social networking applications, group memberships and Swarthmore-related correspondence;
- Education and Employment History: for example, prior and subsequent schools, student activities, awards, and honors, employer, title and work experience;
- Family Information: for example, family member names, ages, and occupations;
- Financial and Payment Information: for example, your contribution history, publicly available data on your wealth and assets (e.g., LinkedIn, Redfin, Trulia), your contributions to other organizations, when you register for an event, make a donation or request a service depending on your means of payment, your payment card number or your bank and bank account number, information related to other payments made to Swarthmore College;
- Your Image: for example, when a photograph or other image is used in online networking or announcements, or when you participate in Swarthmore events that are recorded by photography or video; and
- Contents of your communications with us
Personal Data We Automatically Collect About Your Use Of Our Website, Services, and Platforms
As is true of most digital platforms, we gather certain data automatically when you use one of our websites or mobile applications, such as your IP address, browser type, and device type. Other information we may collect automatically includes:
- Usage and Technical Information: Information collected automatically when you are interacting with websites or mobile applications, for example, IP address, browser type, internet service provider, pages visited (including referring/exit pages), operating system, date/time stamp and/or clickstream data. We may automatically collect these types of information through the use of cookies and similar technologies;
- Cookies and Similar Technologies: Cookies are small data files placed on your computer or mobile device that allow us to collect certain information whenever you visit or interact with our websites or online services. Some of these cookies are managed by us (first-party cookies), while others are managed by third parties that we do not control (third-party cookies). This information may also be collected through the use of other data collection technologies (such as pixels or tags) that embed graphic files in our websites and online services. These graphic files contain a unique identifier that enables us to recognize when someone has visited our website or online services, or in the case of web beacons, opened an email that we have sent them. These small data files or graphic files serve various functions:
- Strictly Necessary: Necessary to deliver our services;
- Performance and Functionality: Enhance the performance and functionality of our services but are non-essential to their use;
- Analytics and Customization: Allow us to understand the effectiveness of our services and outreach campaigns, as well as to customize our services based on this information; or
- Advertising: Make advertising messages more relevant to you and your interests.
If you choose to reject certain cookies and similar technologies, you may still use our websites and online services, although your access to some functionality and features may be restricted.
- Location Information: We may use your IP address to identify the general geographic location/area from which you are accessing our website. Our mobile applications may collect more precise location information about you to provide functions identified in the application, such as a map feature; and
- Mobile Device Sensor Information: Some of our mobile applications may use various sensors and components of your mobile device (for example, your camera or microphone) to collect information for the purposes of providing you with additional functions and features.
Personal Data obtained by third-party systems and service providers
We may obtain certain personal data about you from third party systems and service providers. When you login to our service through a third-party system, you allow us to access and collect any personal data from your third-party system account permitted under the settings and privacy statement of that platform. These third-party systems collect personal data for the primary purposes of responding to your requests, providing you with relevant information, and conducting analytics. We use third-party systems and service providers, such as application facilitators (for example, the Common Application, the Coalition Application, Questbridge, College Board, and Front Rush), payment processors (for example, ACI Worldwide, CyberSource, and Vantiv), analytics providers (for example, Qualtrics), social networking applications (for example, Facebook, LinkedIn, Instagram, and Twitter), Smartphone mobile applications (for example, SwatSafe), the National Student Clearinghouse, and web-based video tools (for example, PlaySight) to perform services on our behalf. Some of these third-party systems and service providers have access to personal data about you that we may not otherwise have (for example, when you sign up directly with that provider) and may share some or all of this data with us. The types of information that may be obtained by third party sources include:
- Contact and Identification Information: for example, your name, date of birth, home address, email address, phone number; identification numbers (social security and government issued identification numbers);
- Demographic Information: for example, gender, age, marital status, home ownership status, annual income, national origin and other information you may volunteer;
- Personal Information and Affiliations: for example, personal interests, charitable activities, other personal information you may choose to volunteer and other information we may learn about your background; your social network, group memberships and Swarthmore-related correspondence;
- Education and Employment History: for example, prior and subsequent schools, student activities, awards, and honors, employer, title and work experience;
- Family Information: for example, family member names, ages, and occupations;
- Financial and Payment Information: for example, your contribution history, publicly available data on your wealth and assets, your contributions to other organizations, when you register for an event, make a donation or request a service depending on your means of payment, your payment card number or your bank and bank account number, information related to other payments made to Swarthmore College;
- Your Image: for example, when a photograph or other image is used in online networking or announcements, or when you participate in Swarthmore events that are recorded by photography or video; and
- Contents of your communications with us
HOW WE PROCESS AND USE DATA
We and our third-party vendors process your personal data collected on our websites and mobile applications:
- To facilitate our online interactions with you, for example, by responding to your requests;
- To operate, maintain and improve our websites and mobile applications, for example by conducting analytics to improve and manage our websites and mobile applications, analyze user trends, and create custom audience lists;
- To engage in other activities described under “Additional Uses of personal data” below.
Additional Uses of Personal Data
In addition to the uses described above, we may use your personal data for the following purposes. These additional uses may under certain circumstances be based on your consent, may be necessary to fulfill our contractual commitments to you, may be necessary for legal compliance, or are necessary to serve our legitimate interest in the following operations:
- Conducting our operations and administering our educational offerings;
- Administering course registration, degree progress audit, and fulfilling transcript requests duly authorized by the student.
- Administering fellowships, grants and other programs in support of individual study and research projects;
- Contacting you to respond to your requests or inquiries;
- Providing you with newsletters, articles, service alerts or announcements, event invitations, and other information that we believe may be of interest to you;
- Requesting gifts and donations;
- At your request, processing and fulfilling transactions for merchandise or other Swarthmore products;
- Alerting you about a safety or security announcement;
- Conducting research, surveys and similar inquiries to help us understand trends and needs of our applicants, students and others using our websites or other services;
- Meeting the requirements of our accreditors;
- Disclosing directory information as described at Family Educational Rights and Privacy Act - FERPA;
- Communicating, either directly or through third-parties, to promote activities and interest-based events in order to increase the likelihood that the content would be of interest to you;
- Preventing, investigating, taking action regarding or providing notice of fraud, unlawful or criminal activity, other misconduct, security or technical issues, or unauthorized access to or use of personal data, our website or data systems;
- Responding to subpoenas, court orders, or other legal processes; enforcing our agreements; protecting the health, safety, rights or property of you, us or others; and meeting legal obligations;
- Registration for insurance provided to you as a participant in off-campus study program(s);
- Providing application materials to partner institutions for your off-campus study;
- Completion of off-campus study approval forms for partner institutions.
OUR LEGAL BASIS FOR PROCESSING YOUR PERSONAL DATA
We process your personal data for the purposes described above on the basis that such processing is necessary for the performance of our contract with you, or for the performance of the pre-contractual relations we have with you; to serve our legitimate interests (for example, to deliver educational services, to serve our interests in marketing and student outreach, improving our websites and related services, and responding to your requests); or on the basis of your consent, where applicable.
Legitimate Interests
We rely on several legitimate interests in using and sharing your personal data. These interests include:
- Providing, improving and customizing our educational offerings;
- Administration of our operations;
- Marketing and student outreach;
- Selecting a diverse and qualified student body;
- Recruiting diverse and qualified faculty and staff;
- Improving our websites, mobile applications, and related services;
- Supporting the health and wellbeing of our students
- Promoting the success of our current and former students;
- Furthering research and understanding in fields of academic study;
- Maintaining an ongoing relationship with alumni, donors and prospective donors, and helping to connect them with others;
- Requesting gifts or donations;
- Offering attendance to events and opportunities to volunteer;
- Conducting admissions research;
- Understanding how our online platforms are being used;
- Exploring ways to develop and grow our operations;
- Ensuring the safety and security of our community members, including students, faculty, staff, and others;
- Cybersecurity;
- Enhancing protection against fraud, spam, harassment, intellectual property infringement, crime and security risks; and
- Meeting our legal and contractual obligations and enforcing our legal rights.
Data Retention
We will retain your personal data for as long as we have a legitimate basis to do so (for example, throughout the duration of your studies and in many cases afterwards, as part of the alumni community; throughout the duration of our contract with you; or otherwise throughout the duration of our relationship with you). We will retain your personal data that enables us to:
- Maintain academic and other educational records (for students and alumni)
- Provide you with any continuing benefits, such as retirement plan or insurance benefits (for faculty and staff)
- Provide you with opportunities to engage with the College
- Maintain records of your engagement with the College and analyze levels of engagement
- Comply with the College's record management policy and record retention requirements under applicable law
- Defend or bring any existing or potential legal claims
- Maintain information of historical and archival significance
- Resolve or otherwise address any complaints or queries relating to our programs
We will delete your personal data when it is no longer required for these purposes. If there is any information that we are unable to delete entirely from our systems for technical reasons, we will put in place appropriate measures to prevent any further processing or use of the data.
Where we are processing personal data based on our legitimate interests, we generally will retain the data for a reasonable period of time based on the particular interest, taking into account the fundamental interests and the rights and freedoms of the data subjects.
Where we are processing personal data based on your consent, we generally will retain the information for the period of time necessary to carry out the processing activities to which you consented.
Where we are processing personal data based on contract, we generally will retain the information for the duration of the contract plus some additional limited period of time that is necessary to comply with College policy, the law or that represents the statute of limitations for legal claims that could arise from the contractual relationship.
HOW WE SHARE AND DISCLOSE PERSONAL DATA
Other Institutions
We may share your personal data with other institutions for the purposes of administering education programs and services to you, such as:
- Cross-registration for courses and events with other institutions of higher education;
- Course registration and administration;
- Course evaluations and assessments;
- Study at other institutions of higher education, including study abroad;
- Research arrangements with other colleges, universities or partners; and
- Events and activities of Swarthmore-affiliated clubs and special interest groups.
Third-Party Systems, Service Providers, and Mobile Apps
We share your personal data with third party systems and service providers, as previously described, to complete transactions or perform services that fulfill our legitimate interests or that respond to a request you have made.
Our services on your mobile device may gather and transfer your personal data, including location information, from and to other applications, functions and tools within your mobile device if you use our mobile applications (for example, SwatSafe or OneCard). These Third-Party Mobile App Providers may possess personal data which Swarthmore College does not control and to which the College may not have direct access.
Legal Compliance, Safety and Contractual Obligations
We disclose your personal data to legal or government regulatory authorities as required by applicable law or because you give us consent to do so for a specific purpose. We also disclose your personal data to third parties as required by applicable law in connection with claims, disputes or litigation, when otherwise required by applicable law, or if we determine its disclosure is necessary to protect the health, safety, rights or property of you, us or others, to enforce our legal rights, or to fulfill the contractual obligations of others.
VISITORS TO THE SWARTHMORE COLLEGE WEBSITE
The Swarthmore College website provides information about the College and its educational programs, community, events, history, policies, facilities, and academic and administrative departments. Visitors to Swarthmore's site will never be required to provide personal information. If you choose to provide personal information, the College will take every reasonable measure to ensure its privacy. This site has reasonable security measures in place to help protect against the loss, misuse, and alteration of the information under our control. However, no method of transmission over the Internet or method of electronic storage is completely secure.
The College's website contains links to independently run websites outside the "swarthmore.edu" domain. Swarthmore is not responsible for the privacy practices or the content of these sites, and the provision of these links does not imply that Swarthmore approves or endorses them.
Minors
Swarthmore sites are not directed to or intended for individuals under the age of thirteen (13), and we do not knowingly collect personal information from individuals under thirteen (13).
User generated content
Some of our services may enable users to submit their own content. Unless otherwise indicated, please remember that any personal data you submit or post as user-generated content could become public information. You should exercise caution when deciding to disclose your personal, financial or other information in such submissions or posts. We cannot prevent others from using that information in a manner that may violate this Privacy Notice, the law or your personal privacy and safety. We are not responsible for the results of such postings.
APPLICANTS FOR ADMISSION AND FINANCIAL AID
We collect and use various kinds of personal data about prospective students who apply for admission and about prospective and current students who apply for financial aid, including data you provide to us. The primary sources of personal data are your admissions application, and your financial information provided to us by the US Department of Education from your Free Application for Federal Student Aid (FAFSA) and by the College Board from your CSS profile. We may solicit additional data, for example, from interviewers as part of the admissions process, if applicable, or from other available sources when identifying potential candidates for admission in connection with recruiting activities. The personal data collected by us, or on our behalf, during the admissions process is collected for the primary purposes of considering your candidacy for admission to Swarthmore, evaluating your eligibility for financial aid, if applicable, and, if you are admitted and enroll, facilitating your education such as by sharing personal data with school officials, e.g., registrars, and others in order to enable your enrollment and participation at Swarthmore.
STUDENTS, INCLUDING OFF-CAMPUS STUDY
We collect and use various kinds of personal data when you attend Swarthmore College, and when you seek financial aid. The primary source of this data is your admissions application information, your course registrations, your off-campus study travel registry (if applicable), your disciplinary history, your health and supportive services utilization, your research and service activities, your athletics activities, your financial information provided to us by the US Department of Education from your FAFSA and by College Board from your CSS profile, and other information you provide during your enrollment at Swarthmore. Further personal data collection occurs at matriculation and throughout your relationship with Swarthmore, including:
- Off-Campus Study Information: languages spoken, passport information, insurance, travel history/itinerary, national origin, current nationality, authenticating information (e.g., user names, passwords, and security questions and answers), housing preference, emergency contacts and their contact details, communications you send us, information about your computer and other devices (e.g., IP address, MAC address, information about your browser and operating system), Records of emergency incidents, Academic performance, student conduct (including complaints brought by you, about you, or those to which you may be a witness), and attendance information from partner institutions, information about student misconduct, including information, such as reports, provided by partner institutions in relation to the prevention and identification of student misconduct and disciplinary actions and notifications derived therefrom, feedback and other information from partner institutions (including your teachers, school faculty, and others), homestay providers, organizations with which you have interned, and others
- Course Assessment Data: for example, assignment responses, test scores and course evaluations;
ADVANCEMENT, ALUMNI AND DONORS
We collect and use various kinds of personal data about alumni, donors, and prospective donors from a number of sources, including data you provide to us, for example, when you update your alumni or donor profile, connect with us on social media, complete a donation form or register to attend Swarthmore events. If you were a student or studied at Swarthmore College, some of your personal data is transferred from your student record into our alumni databases. We may also collect personal data from publicly available sources or third-party sources (for example, public property records) that support our operations. The personal data collected by us, or on our behalf, is collected for the primary purpose of providing you opportunities to engage with Swarthmore, alumni, donors, prospective donors and students through interactions, events and your gifts or donations. We may disclose your data to other Swarthmore affiliated entities and individuals, such as alumni clubs and special interest groups or volunteers when their work meets one of the purposes described above. We may also disclose your data to third parties in accord with the section entitled, Third-Party Systems, Service Providers, and Mobile Apps, above.
Advancement Communications from Swarthmore College
Swarthmore College and the Swarthmore College Alumni Association periodically send marketing communications to alumni, supporters, and other members of the Swarthmore College community, such as newsletters, event invitations, and fundraising information. If you would like to request that Swarthmore College or the Swarthmore College Alumni Association limit or stop these marketing communications with you, please contact us at privacy@swarthmore.edu. If you request to be removed from our mailing lists, we will retain your contact information to ensure that we do not continue to contact you for these purposes. If applicable, we will also continue to process your personal information for other purposes consistent with this Privacy Notice.
GENERAL DATA PROTECTION REGULATION (GDPR)
In addition to the privacy information described above, the College provides the following additional information about the College's privacy practices that pertain to personal data protected under the General Data Protection Regulation for the European Economic Area/European Free Trade Association.
Swarthmore College is located in the United States. Information we collect from you will be processed by Swarthmore College in the United States. As described above within this Privacy Notice, Swarthmore College may also transfer your personal information to third parties, including our vendors, that may be located outside of the European Economic Area.
The data protection laws in the United States may not offer you the same protections as in the European Economic Area country in which you are located when your personal information is collected. In some circumstances, Swarthmore College may enter into standard contractual clauses governing the import or export of personal information, or rely on your consent. In all cases, Swarthmore College endeavors to apply suitable safeguards to protect the privacy and security of your personal information, particularly sensitive data, and to use it in a manner that is consistent with this Privacy Notice. For the purposes of this Privacy Notice, in accord with the GDPR the following definitions apply:
- “EEA” means European Economic Area and it consists of the following countries: Austria, Belgium, Bulgaria, Croatia, Republic of Cyprus, Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, Sweden and the UK. The countries of the EFTA include: Iceland, Liechtenstein and Norway.
- “GDPR” means the European Union’s General Data Protection Regulation;
- “EEA Personal Data” means information which is obtained from individuals located in the EEA the processing of which is subject to the GDPR, and is directly or indirectly identifiable to the individual, including, but not limited to, name, location data (e.g., street address, IP Address), any identification numbers, information relating to the physical, genetic, mental, economic, cultural, or social identity of the person.
- “Controller” means the natural or legal person, public authority, agency or other body which determines the purposes and means of the processing of personal data.
- “Processor” means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.
- “Data Subject” is an identifiable natural person who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
- “EEA Processing Activities” means the collection, use, processing, storage, sharing or disposing of Personal Data when those activities are within the scope of the GDPR.
- “Swarthmore College” (“we”, “us”, or “Swarthmore”) serves as a Controller of the collection, use, processing and sharing of personal data about individuals who are located in the EEA/EFTA and the processing of which is subject to the GDPR.
Your GDPR Rights
The GDPR provides you with several specific data protection rights with respect to your EEA Personal Data. If you are located in the EEA, you may have the following legal rights with respect to the personal information processed by or on behalf of Swarthmore College:
- Confirmation of your personal data that is processed about you by Swarthmore and to a copy of the information. This right is subject to limitations, including that providing a copy will not adversely affect the rights of others;
- To correct or update any of your personal data that is inaccurate;
- To restrict or limit the ways in which we use your personal data; this is not an absolute right and only applies in certain circumstances. Swarthmore would not be permitted to use the data without your consent, unless in connection with a legal claim, the protection of another person, or other exception.
- To object to the processing of your personal data in certain circumstances. This right is not absolute; and
- To request the deletion of your personal data. This only applies in certain circumstances and is not absolute; and
- To obtain a copy of your personal pata in an easily accessible format, that allows you to move, copy or transfer personal data. This right applies to some but, depending on your context, not all of your information.
To submit a request, please send an email message to privacy@swarthmore.edu. Because we want to avoid taking action regarding your personal data at the direction of someone other than you, we will ask you for information verifying your identity. If, however, you have a complaint or concern, you have the right (where applicable) to make a complaint to the appropriate data protection authority. Contact information for the EU data protection authorities can be found at: http://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm
Special Categories of EEA Personal Data
We may also process special categories of your EEA Personal Data. Our legal bases for processing this data stems from your consent, our legitimate interests, in the event of a court order or legal proceeding, in providing you with health care services, or for other legitimate reasons allowable by law or contract. The special categories of personal data include:
- Personal data revealing racial or ethnic origin
- Sex or sexual orientation
- Political opinions
- Religious or philosophical beliefs
- Health and medical information: for example, medical conditions that may require voluntary or emergency accommodations;
- Unlawful activity (i.e., criminal convictions)
CONTACT
We are committed to working with you to fairly address any concern about your privacy. If you have any questions, comments, requests or concerns about this Privacy Notice or other privacy-related matters, you may contact us at: privacy@swarthmore.edu.
UPDATES TO THE SWARTHMORE COLLEGE PRIVACY NOTICE
We may modify or update this Privacy Notice from time to time by posting a revised notice to this site. This Privacy Notice was last updated on May 28, 2020.