POL 2.315 Digital Privacy
This policy establishes how Kirtland Community College (“the College”) collects, uses, stores, protects, and discloses personal information obtained through College-owned websites, applications, domains, and technology systems.
Scope
This policy applies to:
- All College-owned or College-operated websites, web pages, applications, online services, and technology products.
- All users of these systems, including students, employees, applicants, and visitors.
Division-, department-, or unit-specific privacy notices may supplement or supersede this policy where applicable.
Definitions
Personal Information:
Information that identifies or could identify an individual, directly or indirectly, including identifiers such as names, ID numbers, location data, online identifiers, or characteristics that are physical, physiological, genetic, mental, economic, cultural, or social.
Cookies:
Small text files stored in a user’s browser that support website functionality, analytics, and personalization.
Web Beacons / Pixel Tags:
Small programming components used to measure website engagement or advertising performance.
Policy Statements
Collection of Personal Information
The College collects personal information as needed to operate its services, improve user experience, and support academic and administrative functions.
Personal information may be collected through online forms, authentication processes, cookies, analytics tools, and other College technologies.
Use of Cookies
The College uses session and persistent cookies for:
- Authentication of logged-in users
- Analytics and website performance
- Personalization of user experience
Users may disable cookies in their browser settings; however, doing so may limit website functionality.
Use of Web Beacons and Embedded Scripts
The College uses beacons, pixel tags, and embedded scripts to:
- Analyze website usage
- Evaluate online advertising
- Improve website design
- Conduct market research
Users may disable JavaScript to block some of these functions, though functionality may be affected.
Online Advertising and Retargeting
The College may use third-party service providers to deliver advertising on non-College websites.
Third-party cookies and beacons may be used to:
- Track pages viewed
- Track links clicked
- Deliver targeted advertising to users of College websites
Users may enable Do Not Track settings in compatible browsers.
Collection and Use of IP Addresses
The College collects IP addresses to:
- Diagnose technical problems
- Monitor information security
- Administer websites
- Analyze trends and usage
- Deliver personalized content
Public Forums
Any information shared in public online forums hosted by the College (e.g., message boards, blogs, social media pages) may be visible to other users.
The College is not responsible for the voluntary disclosure of personal information in these spaces.
Student Text Messaging Communications
The College uses SMS text messaging as an official communication channel with prospective and current students. Text messaging may be used by authorized college officials to relay information about cancellations, closures, admissions, and academic requirements or deadlines, registration information, financial aid, and other matters that are time sensitive and necessary for student success and safety. To satisfy statutory requirements, there needs to be an evaluation of the type of message, emergency versus non-emergency, and limits placed on the departments that are eligible to send out text messages. The College will maintain multiple systems to communicate during emergencies and non-emergency situations. Members of the departments with access to send messages are responsible for ensuring compliance with the following:
Students may opt out of specific message categories by texting STOP to the corresponding number or by following the directions specific to the service.
Internal Use of Personal Information
Personal information is used only for College-approved academic, administrative, operational, or philanthropic purposes.
Information may be shared internally or with authorized vendors for legitimate College business.
Disclosure to Third Parties
Personal information will not be shared with external parties except under the following conditions:
a. Consent
Information may be shared when the user provides opt-in consent.
b. Service Providers
Authorized third parties performing College-related services must protect personal information in compliance with this policy.
c. Legal Requirements
Information may be disclosed to comply with applicable law, court orders, or subpoenas.
d. De-Identified or Aggregate Information
The College may use or share information that does not personally identify individuals without restriction.The College will not, however, sell personally identifiable information to unauthorized third parties, unless required by law.
User Control of Data Collection
Users may manage Google advertising preferences via Google Ads Settings.
Users may opt out of analytics tracking using:
- Adobe Analytics Opt-Out http://www.adobe.com/privacy/opt-out.html
- Google Analytics Opt-Out https://tools.google.com/dlpage/gaoptout
- Google Ads Settings http://www.google.com/settings/ads/anonymous)
Users may opt out of certain College email communications using instructions provided in those emails.
Information Security
The College implements administrative, technical, and physical safeguards appropriate for the data collected.
While reasonable measures are used, the College cannot guarantee absolute security of transmitted or stored data.
Data Retention and Destruction
Personal information is retained in accordance with the College’s Information Technology Policies and Record Retention Schedule.
Information will be securely destroyed:
- Upon verified user request, or
- After the applicable retention period expires
Destruction methods will ensure confidentiality proportional to data sensitivity.
Vaccination Information Collection
The College may collect medical-related information—including vaccination and testing data—for public health management.
Access is limited to authorized College personnel.
Information will be destroyed according to the College’s retention schedule.
Policy Review
This policy may be updated or amended at any time. Users are responsible for reviewing posted revisions.
Proposed May 21, 2026
Adopted June 18, 2026
