Cornerstone UniversityPrivacy Statement
University Web Content
If you are a European Union (EU) resident, please note that there are a number of provisions in this privacy statement that may uniquely apply to you. For more information, review EU’s General Data Protection Regulation (GDPR) to determine whether it applies to your personal information.
This privacy statement may change from time to time, so please check it often.
This privacy statement discloses Cornerstone’s privacy statement and the privacy practices for all of Cornerstone’s websites. This privacy statement applies solely to information collected by our university websites. It will notify you of the following:
- What personally identifiable information is collected from you through the websites, how it is used and with whom it may be shared.
- What choices are available to you regarding the use of your data.
- The data security procedures in place to protect the misuse of your information.
- How you can contact us to correct any inaccuracies regarding your information.
Information Our Websites Collect
We are the sole owners of the information collected on our sites. Only the staff of Cornerstone and trusted third-party partners have access to and collect information that you voluntarily give us via email, website forms or other means of direct contact with you. We will not sell or rent your information to anyone.
In general, you can visit this website without identifying who you are or revealing any information about yourself.
Information collected online can generally be categorized as “anonymous” or “personally identifiable.” Anonymous information is information that cannot be connected to the identity of a specific individual. Personally identifiable information and data is information that specifically identifies a particular user, such as name, address or phone number. An example of anonymous information is the fact that, while this website may record the number of visits to a particular page that occurs in a given period of time, it does not necessarily tell us the names or other identifying information of every visitor. Some users of this website will choose not to provide any personally identifiable information, therefore, those individuals are anonymous to us, and any data about their use of this website is anonymous information.
We will use your personally identifiable information to respond to you regarding the reason you contacted us. We will not share your personally identifiable information with any third party outside of Cornerstone, other than as necessary to fulfill your request or as otherwise described below. And, unless you ask us not to, we may contact you via email, SMS/text, Facebook messenger or phone in the future to tell you about university events, campus news, services, and/or changes to this privacy statement.
When you visit our website, we collect certain technical and routing information about your computer. For example, we log environmental variables such as browser type, operating system and CPU speed and the Internet Protocol (IP) address of your originating Internet Service Provider to try to bring you the best possible service. We also record search requests and results to try to ensure the accuracy and efficiency of our search engine. We use your IP address to track your use of the website, including pages visited and the time spent on each page. We collect this information and use it to measure the use of this website and to improve its content and performance. To the extent that we share this information with third parties, it is not traceable to any particular user and will not be used do contact you.
At times, we may share aggregated demographic information with our partners and our external vendors. This data is not linked to any personally identifiable information.
Personally Identifiable Information
Personally, identifiable information is information that you submit via a form on one of our websites (e.g., contact form, information request, email subscription, enrollment application, an event registration form or employment application). When registering online or completing an application for admission on one of Cornerstone’s websites, you may be asked for information such as your full name, email address, mailing address, phone number, Social Security number and/or employment history. We may use this information for the purposes of:
- Communication (e.g., newsletters).
- Customer service.
- Business activities (e.g., enrollment processes and decisions).
- Educational opportunities and services.
- Notification of new services.
- Transactions and/or donations.
For European Union residents, the following table provides information required by the GDPR relating to our use of your personally identifiable information.
|Personally identifiable Information||Legal Basis for Processing|
|Contact information, including name, address, email address and telephone number||Personally identifiable information is used for the legitimate purposes of evaluating candidates for admissions and employment, internal statistical and analytics purposes, marketing purposes and communicating with users. Personally identifiable information collected online may also be necessary for the performance of a contract to provide education services or to provide other services at your request.|
|Payment information, including credit card numbers, contact information and billing information||Personally identifiable information is used for the legitimate purpose of processing payments and donations initiated by you through our website. Personally identifiable information collected online may also be necessary to facilitate payments made pursuant by contract.|
|Technical information including your IP address, browser type, domain names, access times and referring website address||Personally identifiable information for the legitimate purpose of authenticating subscribers and customers, optimizing website performance, tailoring the website to each user, monitoring and resolving issues, marketing purposes, communicating with users and detecting and preventing fraud.|
We may share your personally identifiable information with third parties, including the following:
- Google (as described further below).
- Microsoft, Inc. Our website is secured and protected by our Microsoft Azure cloud hosting partner. Microsoft’s privacy statements can be found at: https://privacy.microsoft.com/en-us/privacystatement and at microsoft.com/en-us/trustcenter/privacy/privacy-overview.
Beyond the parameters of our partnership agreements with trusted third-party partners, your information will not be sold to third parties, exchanged, transferred, or given to any other company for any reason without your consent. If you have provided consent, the third parties with whom we have shared your personally identifiable information may use it for their own purposes.
We don’t disclose personally identifiable information except in confidence with third-party vendors, to satisfy legal obligations, for determinations of the potential for harm or in the instance that our organization merges with another company. If a change happens to the ownership of the university, then we may share your personally identifiable information with the new owners, and the new owners may use your personally identifiable information as set forth in this privacy statement.
We may be legally required to disclose or share your personally identifiable information without your consent in some circumstances, for example, to comply with a court order or law enforcement. We may also share your information when we believe in good faith that disclosure is necessary to protect our rights or property, protect your safety or the safety of others, investigate fraud or respond to a government agency, law enforcement, judicial or public authority, other legal request or to comply with the law.
We may also share your information with our lawyers, professional advisers, and third-party providers of services such as cloud storage, customer relationship management systems, and others who need your information to provide services to us (or on our behalf).
Non-Personally Identifiable or Aggregate Information
At times, we may share aggregated demographic information with organizations that do not have an established partnership with us. In these instances, the shared data is not linked to any personally identifiable information.
Use of Google Services
Because our websites are enabled with add-on Google services, Google will have access to information that is collected by our websites in conjunction with its services and may use such information to improve its services. University staff will use such information, to the extent available such as by way of Google Analytics, to better understand the use of the websites and topics of interest among site visitors and to enhance the personalized user experience of our sites.
You may set your browser to notify you when you receive a cookie or to prevent cookies from being sent; if you do so, this may limit the functionality we can provide you when you visit our website. To the extent that a cookie can uniquely identify a computer, mobile device, tablet or the person using that device, and you are a EU resident, this may be personally identifiable information covered by the GDPR, and this privacy statement shall apply to such personally identifiable information.
You may delete cookies that are already on your computer, and stop cookies from being accepted in the future, by referring to your manufacturer’s instructions by clicking “Help” in your browser menu. All browser settings are slightly different, so to manage cookies, you should refer to the relevant settings within your browser. If you would like to obtain more detailed information about types of cookies, how they are used, and how you can manage your cookie preferences, you may want to visit allaboutcookies.org.
The information you choose to disclose on public forums (e.g., Disqus commenting platform utilized for university blogs) will not be protected under the terms of this privacy statement. This information may be accessed, disclosed, collected, stored and used by third parties without your knowledge.
From time-to-time, our sites request information via surveys. Participation in these surveys is completely voluntary and you may choose whether or not to participate and therefore disclose information. Information requested may include information such as contact information (e.g., name, mailing address), demographic information (e.g., zip code, age level) and user information (e.g., IP address, device type, browser). Survey information will be used for purposes of monitoring or improving the use and satisfaction of Cornerstone’s websites.
We are committed to information security and take intentional steps to protect your information. When you submit sensitive information via Cornerstone’s websites (e.g., credit card data), your information is protected both online and offline. Whenever we collect sensitive information, that information is encrypted and transmitted to us in a secure way. You can verify this by looking for a lock icon in the address bar and looking for “https” at the beginning of the address of the web page. Your transaction history may be stored, but it is kept on secure servers and will not be given to third parties outside of the university’s approved banking relationships.
While we use encryption to protect sensitive information transmitted online, we also protect your information offline. Only employees who need the information to perform a specific job (e.g., billing, enrollment, registration) are granted access to personally identifiable information. The computers and servers in which we store personally identifiable information are kept in a secure environment. However, no method of transmission over the internet is 100% secure. We do not guarantee that unauthorized, inadvertent disclosure will never occur, or that information may not be accessed, disclosed, altered or destroyed by any breach of any of our industry-standard physical, technical or managerial safeguards.
Link to External Websites
Cornerstone’s websites contain links to other sites. Please be aware that we are not responsible for and do not endorse the content and/or privacy practices of external sites. We encourage you to be aware when you leave our sites and to review the privacy statements of any other sites that collect personally identifiable information.
Because our privacy statement does not extend to external websites that are linked on our websites, you visit these sites at your own risk, and we advise you to exercise caution with regard to the sites you choose to visit.
We are located in the United States, and the information we collect from you will be processed in the United States. If you are visiting our website from outside the United States, please be aware that you are sending information (including personally identifiable information) to the United States where our servers are located. The United States may not necessarily have data protection laws as comprehensive and protective as those in your country of residence, however, our collection, storage and use of your personally identifiable information will at all times continue to be governed by this privacy statement.
Your personally identifiable information is stored on servers that are operated and maintained by us and by third parties under contract with us. We retain this information in accordance with our Record Retention and Destruction Policy. For more information on where and how long personally identifiable information is stored, and for more information on EU residents’ rights of erasure and portability, please contact us using the contact details below.
Rights Under the GDPR
Under the GDPR, EU-based visitors and members have the right to request from us access to personally identifiable information we share about you, to amend (or rectify) the personally identifiable information, to restrict or suspend our processing of the personally identifiable information, to erase the personally identifiable information and to receive a copy of the personally identifiable information in a structured, commonly used and machine readable format (data portability). If you wish to invoke a right under the GDPR, you may contact us using the contact details below, and use the subject line “GDPR Query” in the subject line. Please include in your email a sufficiently detailed description of the GDPR right with which you seek assistance. We may need to contact you for further information, and we reserve the right to charge a fee for certain requests. We will notify you if you request has been granted or declined or if exemptions apply. You have the right to make privacy complaints directly to a supervisory authority in your country.
If you have provided consent for the processing of your personally identifiable information, you may have the right (under certain circumstances) to withdraw that consent at any time, which will not affect the lawfulness of the processing before your consent was withdrawn.
You have the right to request to see a copy of the personally identifiable information we hold about you and to request corrections or deletions of the information that is no longer required.
In some circumstances, you may have the right to object to the processing of your personally identifiable information, to request that it be erased where it is no longer required for the stated purposes or that inaccurate information about you is corrected.
Under California Civil Code Section 1798.83, if you are a California resident and your relationship with us is primarily for personal, family or household purposes, you may request certain data regarding our disclosure if any, of personally identifiable information to third parties for the third parties’ direct marketing purposes. To make such a request, please send an email to us using the contact details below with “Request for California Privacy Information” in the subject line. You may make such a request once per calendar year. If applicable, we will provide you, by email, a list of the categories of personally identifiable information disclosed to third parties for direct marketing purposes during the immediately preceding calendar year, along with the third parties’ names and addresses.
If you are a California resident under the age of 18, and a registered user of this website, California Business and Professions Code Section 22851 permits you to request and obtain removal of content or information you have publicly posted. To make such a request, please send an email with a detailed description of the specific content or information using the contact details below with “Request for Removal of California Privacy Information” in the subject line. Please be aware that such a request does not ensure complete or comprehensive removal of the content or information you have posted and that there may be circumstances in which the law does not require or allow removal even if requested.
Privacy Statement Changes
You may opt-out of any future communication from us at any time. You can also do the following at any time by contacting us via phone or via email:
- See what data we have about you if any.
- Change and/or correct any data we have about you.
- Express any concern(s) you have about our use of your data.