International Student Exchange Programs (“ISEP”) wants you to benefit from the information and services available on our website – www.isepstudyabroad.org (the “Site”) – secure in the knowledge that we have implemented fair and transparent information policies and practices designed to protect your privacy.
This Privacy Notice describes our policies and practices regarding our collection and use of personal data about users of the Site and sets forth your privacy rights.
WHO WE ARE
ISEP is headquartered in Arlington, Virginia, in the United States. Our full contact information is provided at the end of this Privacy Notice.
ISEP has appointed an internal data protection officer for you to contact if you have any questions or concerns about ISEP’s personal data policies or practices. The data protection officer can be contacted at privacy[AT]isep.org. Under applicable law, ISEP is considered the “data controller” of the personal data we collect pursuant to this Privacy Notice.
WHY WE COLLECT PERSONAL DATA AND HOW WE USE YOUR INFORMATION
Any information collected on this site is used only to facilitate a more personal experience for the user. We do not sell any information about our users to outside organizations, and we only share information as described in this Privacy Notice. You can use our website without divulging any personally identifiable information, including your email address.
Our site only collects identifiable information about individuals when such individuals specifically provide such information on a voluntary basis in the following cases:
- Creating an account
- Signing up for updates
- Completing a contact form
- Completing our online application
Any data we collect is used for the following purposes:
- Providing you with information or services you request, including newsletters and notifications;
- Providing you with information and suggesting programs or services that match your interests and other criteria you have identified, or that we otherwise believe may be of interest to you;
- Streamlining the application process by pre-filling information you have already provided;
- Improving our programs, services, and operations;
- Performing statistical, demographic, and marketing analyses of users of the Site and their behavioral patterns;
- Securing the Site;
- Complying with any procedures, laws, law enforcement orders, and regulations which apply to us where it is necessary for our legitimate interests or the legitimate interests of others; and
- Establishing, exercising, or defend our legal rights where it is necessary for our legitimate interests or the legitimate interests of others.
HOW WE COLLECT YOUR INFORMATION
The information we collect about our Site users comes to us in several different ways. While parts of the Site do not require you to provide information that can directly identify you by name (such as if you choose to browse the website without logging in), the specific types of information we collect will depend upon the features you use, how you use them, and the information you choose to provide.
Information you provide to us: When you submit a contact form, create an account or complete our student application, you may choose to disclose information about you, including:
- Your Name
- Physical Address
- Email Address
- Phone Number
- Date of Birth and Gender
- Passport Information
- Citizenship information
- Demographic Information
- Medical Information
- Academic Information and credentials
- Social media account profiles
- Information regarding your interests and interests relating to our programming
- Financial information for payment of services
Certain pieces of this information may be required to create an account and/or submit an application.
We collect limited financial information, such as a credit card number or bank account information for ACH transfer, as required. User financial information will be transmitted as necessary and required to banks and credit card or other financial transaction processer for the processing of such payments to our accounts. Financial information will be maintained by us and the banks, credit card, or other financial transaction processer as necessary and required for the processing of transactions and for auditing, legal, or other similar business purposes. Such financial information will not be transmitted to unrelated third parties and will be encrypted as applicable.
Information that is automatically collected: The information we collect automatically includes:
- The Internet domain from which you access our website
- Your Internet Protocol (IP) address
- The type of browser used to access our site;
- The operating system used to access our site;
- The date and time you access our site;
- Time on a page;
- The Universal Resource Locators (URLs), or addresses, of the pages you visit;
- Your username, if it was used to log in to the website;
- If you visited this website from another website, the URL of the forwarding site.
- Whether certain specific actions were taken, i.e. downloading a form.
We may aggregate and/or anonymize any information collected through the Site so that such information can no longer be linked to you or your device. We may use such information for any purpose.
Third Party Tracking Tools; Google Analytics
The Tracking Tools we use include services we obtain from third parties. The information generated by these analytics services will be transmitted to and stored by the third parties and will be subject to their privacy policies. We do not control these third parties’ tracking technologies, how they may be used, or the information they may collect, and we are not responsible for these third parties’ privacy policies.
One of the third-party Tracking Tools we use is Google Analytics. The information generated by Google Analytics will be transmitted to and stored by Google and will be subject to Google’s privacy policies. Learn more about Google’s partner services and how to opt out of tracking of analytics by Google.
WHEN AND HOW WE SHARE PERSONAL DATA WITH OTHERS
Except as described in this Privacy Notice, ISEP will not share your personal data with third parties, rent or sell its mailing list, or share your personal data with third parties for their direct marketing purposes.
Service Providers: We have service providers that perform functions on our behalf, including hosting, content management, customer relationship management, social media integration, marketing, analytics, insurance, billing, online fundraising tools and customer service. These entities may have access to personal data if necessary or useful to performance of their functions. If obtaining such access, these third parties will be subject to confidentiality and security obligations with respect to such data.
Partners: ISEP may share information about you with our partner organizations in order to provide you with information, programs, and services that you have requested or that we believe may be of interest to you. For example, we may share information in the course of evaluating your application or facilitating your placement in a program and to maintain your health and safety during a program.
Law Enforcement / Protection: ISEP reserves the right to share information about you where ISEP believes, in good faith ,that such disclosure is necessary to comply with a legal requirement, such as a subpoena or court order, or to protect the rights or property of ISEP, you, or third parties.
Consent: ISEP may share your information in any other manner to which you consent.
Business Change: If we become involved in a merger, acquisition, or other transaction involving the sale of some or all of our assets, in contemplation of such a transaction, or in the event of an insolvency or bankruptcy, the information, including personally identifiable information, collected from you through your use of the Sites may be included in the transferred assets. Should such an event occur, we will use reasonable measures to notify you, either through e-mail and/or a prominent notice on the Sites.
LEGAL BASES FOR USING YOUR INFORMATION
The laws in some jurisdictions require us to tell you about the legal ground we rely on to use or disclose your information. Where those laws apply, our legal grounds are as follows:
- To perform our obligations under a contract with you: For example, to comply with the terms of service of our Site, which you accept by browsing and using the Site, or when you register for an account;
- Consent: Where required by law and in some other cases, we collect and use your information on the basis of your implied or express consent.
- To further our or our partners’ legitimate interests: For example, to provide security for the Site, operate the Site, comply with legal requirements, and prevent fraud.
PROTECTION OF YOUR INFORMATION
ISEP undertakes efforts to guard your personal data against accidental loss and from unauthorized access, use, alteration, and disclosure. We update and test our security technology on an ongoing basis. We restrict access to your personal data to those employees who need to know that information to provide benefits or services to you. In addition, we train our employees about the importance of confidentiality and maintaining the privacy and security of your information. We commit to taking appropriate disciplinary measures to enforce our employees’ privacy responsibilities.
Unfortunately, the transmission of information via the internet is not completely secure. Although we take measures to protect your personal data, we cannot guarantee its security. Any transmission of personal information to or using our Site is at your own risk. We are not responsible for circumvention of any privacy settings or security measures contained on the Site. The safety and security of information also depends on you. If we have provided you with (or you have chosen) a username and password for access to certain parts of our Site, you are responsible for keeping such information confidential. Please do not share your username and password with anyone.
YOUR CHOICES ABOUT YOUR PERSONAL DATA
Our Site allows you to create a profile, including personal information. You may update or correct this information at any time to ensure its continued accuracy. You may also delete your profile by contacting us at info[AT]isep.org.
Additionally, ISEP provides you choices regarding the way we use the personal data you have provided us. For example, you may sign up to receive newsletters or email notification regarding particular products or services. You may opt out of receiving these optional communications at any time, by clicking the ‘Unsubscribe’ link in the footer of these emails. Please note, some emails like account password resets or legal notices will continue to be emailed regardless of unsubscribe settings. If you would like further information in relation to your legal rights under applicable law or would like to exercise any of them, please contact ISEP’s data protection officer at privacy[AT]isep.org any time. Your local laws (e.g., in the EU) may permit you to request that we:
- provide access to and/or a copy of certain information we hold about you;
- prevent the processing of your information for direct-marketing purposes (including any direct marketing processing based on profiling);
- update information which is out of date or incorrect;
- delete certain information which we are holding about you;
- restrict the way that we process and disclose certain of your information;
- transfer your information to a third party provider of services;
- revoke your consent for the processing of your information
We will consider all requests and provide our response within the time period stated by applicable law. Please note, however, that certain information may be exempt from such requests in some circumstances, which may include if we need to keep processing your information for our legitimate interests or to comply with a legal obligation. We may request you provide us with information necessary to confirm your identity before responding to your request.
If you wish to discuss any aspect of our processing of your personal data, please contact us at privacy[AT]isep.org.
DATA STORAGE AND RETENTION
Your personal data is stored by ISEP on its servers, and on the servers of the cloud-based database management services ISEP engages, located in the United States. The ISEP retains data for the appropriate amount of time to fulfill the purposes set forth in this Notice unless a longer retention period is required or permitted by applicable law. For more information on where and how long your personal data is stored, , please contact ISEP’s data protection officer at privacy[AT]isep.org.
Our Site is not intended for use by children under the age of 13 in the United States or under 16 in the European Union, and we do not knowingly collect personal information from children under the age of 13 in the United States or under 16 in the European Union.
This Privacy Notice applies only to information collected by this Site and not to other websites that you may link to from here. ISEP is not responsible for the privacy practices of other sites. Please be aware that when you leave this Site, you should read the privacy policies of other websites that ask you to provide personal data.
NOTIFICATION OF CHANGES
Any changes to this Privacy Notice will be posted on this Site. Any information that we collect from you will be used in accordance with the version of this Privacy Notice in effect at the time that the information was collected, unless we receive your consent to change our practices with respect to previously collected information.
For further information or comments on our Privacy Notice, please contact our data privacy officer at privacy[AT]isep.org, or contact ISEP at the following address:
International Student Exchange Programs (ISEP)
1655 N. Fort Myer Dr. Suite 400
Arlington, VA 22209
703-504-9960 ; info[AT]isep.org