XAVIER UNIVERSITY WEB PRIVACY POLICY

Xavier University (the “University”) considers the privacy of its web visitors a priority. To that end, the
University has adopted the following policy (the “Web Privacy Policy”) to articulate the terms and
conditions of the collection, use, and dissemination of any information the University may receive from
the users of Xavier.edu (the “Website”). Please note, however, that this policy has been developed with
the knowledge that web technologies continue to develop and evolve rapidly, and that such changes
may require us to alter the Web Privacy Policy. Any such alterations will not affect Xavier’s commitment
to the protection of privacy. Your use of the Website indicates your acceptance of this Web Privacy
Policy.

The University also complies with the Family Educational Rights and Privacy Act (FERPA), which prohibits
the release of education records without student permission, except in limited circumstances. For more
details on FERPA, currently enrolled students may consult the University Registrar.

INFORMATION GATHERING
Web Visit Logs
To make the Website more useful, the University automatically collects certain information when users
visit the Website, including but not limited to, IP addresses, date and time of visits, pages viewed and
click‐streams. No personally identifiable information will be collected or tracked without permission.
The data is used by the University to tune the web site for efficiency. This means that user sessions may
be tracked, but the users will remain anonymous.

USE OF COOKIES
The Website may use “cookies,” which are text files holding small amounts of data, to collect
information to anonymously track how visitors interact with the Website, including where they came
from or what they did on the Website. The University uses this analytical information to improve users’
experiences online. Our cookies do not contain any personally identifiable information.

Users do not need to have cookies turned on to use the Website. However, users do need cookies to
participate actively in message boards, forums, polling and surveys.

Search terms that users enter into the Xavier Search Engine may be tracked, but this tracking is not
associated with individual users.

INFORMATION VOLUNTARILY PROVIDED BY USERS
In the course of using the Website, users may choose to provide the University with information to help
the University serve them. For example, an individual may send an email (through a mailer or a web
form) to request information, sign up for a mailing list, or send their address in order that they be sent
an application or other material. Any personally identifiable information sent to the University will be
used only for the purpose indicated. Requests for information will be directed to the appropriate staff to
respond to the request, and may be recorded to help the University update the Website to better
respond to similar requests. Each web page requesting information discloses the purpose of that
information. If a user does not wish to have the information used in that manner, he/she is not required
to provide it. Users are encouraged to contact the University with questions or concerns about the use
of personally identifiable information.

The University will not sell, exchange or otherwise distribute personally identifiable information without
consent, except to the extent required by law. Xavier does not retain the information longer than
necessary for normal operations.

SECURITY
The University has put into place security measures on the Website to safeguard the integrity of its
communications and computing infrastructure, and protect against the loss, misuse and alteration of
the information under its control, including but not limited to authentication, monitoring, auditing, and
encryption. Once the University receives any transmission from a user, the University will make its best
effort to ensure its security on our systems. The University does so by using secure technology, privacy
protection controls, and restrictions on employee access. These security practices are consistent with
the policies of the University and state and federal laws. Due to the nature of electronic
communications, no data transmission over the internet can be guaranteed to be completely secure.
While the University remains committed to protecting the privacy of users, we cannot ensure or warrant
the security of any information transmitted to the University electronically, nor can the University
guarantee that information supplied by visitors to the site will not be intercepted while being
transmitted over the Internet.

SHARING OF INFORMATION
The University does not release confidential information gathered through the web. For example, the
University’s portal, MyXU, enables users to customize the content they see on their personal page. This
information is not shared with third parties.

The University’s public directory on the Website details workplace contact information about faculty
and staff only. Xavier student contact information is protected from access outside the Xavier domain. In
an attempt to respect student privacy, as well as to stop the spamming of Xavier students, the
University’s online directory of student information is only available to the Xavier community through
the MyXU portal.

PUBLIC FORUMS
Xavier makes some public chat rooms, forums, message boards, and news groups available to its users
on the Website. The University does not ordinarily log public chat sessions; however, any information
that is disclosed in these areas becomes public information and all users should therefore exercise
caution when deciding to disclose confidential information in such places.

Academic chat sessions and discussion forums, such as those in Blackboard or MyXU, may be logged;
however, these education records are protected from disclosure by FERPA.

In addition, at any time there may be online surveys being conducted on the Website. Persons
responsible for conducting online surveys that collect personally‐identifiable information should clearly
state at the survey site the extent to which any information provided will be shared or protected.
Aggregate data from surveys may be shared with third parties in ways that do not compromise privacy.

EXTERNAL LINKS
The Website contains links to other independently‐managed web sites within the Xavier network and to
some sites outside the Xavier.edu domain. When a user visits another site, the privacy policy of that site
governs its use. The University is not responsible for the privacy practices or the content of other
websites.

AD SERVERS
We do not partner with or have special relationships with any ad server companies. We never use or
install spyware on your computer, nor do we use spyware to retrieve information from your computer.

NOTIFICATION OF POLICY CHANGES
The University reserves the right to change the Web Privacy Policy at any time. Such changes will be
posted on the Website and will become effective upon Posting.

CONTACTING XAVIER
Please contact the Division of Information Resources’ Policy and Security Committee [at
irpsc@xavier.edu with any questions about the Web Privacy Policy.

AUTHORITATIVE SOURCE
The authoritative source for this policy, and responsibility for its implementation, rests with the Chief
Information Officer.

APPROVAL AND REVIEW HISTORY
Adopted by the Division of Information Resources’ Policy and Security Committee: 1‐7‐2009
Reviewed and approved by the Information Resources Leadership Team: 1‐20‐2009
Reviewed and approved by the CIO: 2‐13‐2009
Reviewed by the University Technology Committee: 2‐23‐2009
Reviewed by the Academic Technology Committee: 2‐27‐2009
Placed on the MyXU portal for review and comment by the Xavier community: March 2009
Reviewed and approved by attorneys¹: 6‐22‐2009
Reviewed and approved by the President’s Cabinet: 3‐2‐2010

REVIEW CYCLE
This policy will be periodically reviewed and updated as appropriate.

 

---

¹ Attorneys Jennifer Anstaett and John Li of Beckman‐Weil‐Shepardson, LLC reviewed and edited these policies
during the month of June 2009