Terms

WELCOME

June 11,2018: Northeastern University (“University”, “Northeastern”, “we”, “us” or “our”) is a U.S.-based institution of higher learning offering undergraduate, graduate and continuing education programs, curriculum content and services, in a traditional campus setting and through our central websites (each a “Site”) Northeastern.edu, neu.edu, the my Northeastern portal, and our mobile applications (“Apps”) (collectively, the “Services”).

SCOPE

Personal Data. This Privacy Statement describes the type of personal data that we collect, how we use and share that data, and your choices concerning our data practices. Personal data (“Personal Data”) means any information about you from which you can be identified.

By providing us with your Personal Data or using our Services, you agree to the data protection practices described in this Privacy Statement. If you do not agree to this Privacy Policy, please do not access or use the Services.

For more information about this Privacy Statement, and your rights under applicable law, please contact us at privacy@northeastern.edu.

Specific Departments, Units or Functions. Other University departments’ websites and services may have additional privacy and data practices. The privacy and data practices of those sites and services may be further governed by supplemental privacy notices, and you should read any supplemental privacy notices available on the websites and services of the specific department, unit or function you interact with for more information on their practices.

University based or Sponsored Research. Likewise, additional and/or different practices may apply to data collected from participants in university-based or sponsored research studies or surveys that may be governed by a protocol approved by the Institutional Review Board. When you participate in such research studies, you will be provided with an informed consent form which may describe the additional and/or different data practices and policies that will apply to the study and which may supersede the practices set out in this Privacy Statement.

WHAT INFORMATION DO WE COLLECT?

Personal Data

We collect Personal Data that you voluntarily give us when you visit the Site, use the Apps or the Services to inquire about admission to the University, enroll in one of our programs, inquire about or obtain financial aid, apply or are hired to work at the University or participate in our alumni activities including fundraising. This data includes:

We also collect information you choose to provide to us when you complete any “free text” boxes in our forms (for example, support requests or blogs or forums).

Additional Information

We may collect other information to assist us in maintaining or managing our systems, diagnosing problems, assisting you with a help request, or informing investigations.

Testing Companies

Our admissions departments, including for our lifelong learning network, purchases Personal Data from testing companies for use in identifying individuals who may be interested in applying for admission to the University or enrolling in a University course or program.

Automatically Collected Data

When you use the Services the following information is created and automatically logged in our systems:

Social Network or Third Party Plug-ins or Widgets

Our Services may include social network or third party plug-ins or widgets that may provide information to their social networks or third-parties about your interactions with our web pages, even if you do not click on or otherwise interact with the plug-in or widget. The information is transmitted from your browser and may include an identifier assigned by the social network or third party, information about your browser type, operating system, device type, IP address, and the URL of the web page where widget appears. Please read the privacy policies of these sites before you visit them or use their tools to learn what information they collect, use, and share. We are not responsible for the privacy policies or data practices of social network or third party sites or their party plug-ins or widgets.

HOW WE USE YOUR INFORMATION

We use your Personal Data for the purposes described below:

We use your information described above to fulfill contractual and legal obligations to applicants, students and employees; perform tasks we carry out in the public interest to promote access to higher education, and inform prospective students, parents and the public of the educational opportunities at Northeastern.

We consider the processing of your Personal Data for these purposes to be either (i) necessary for the performance of our contractual obligations with you (e.g. to manage your student experience and welfare while you are enrolled at or employed by Northeastern), or (ii) necessary for compliance with a legal obligation (e.g. equal opportunity and nondiscrimination monitoring), or (iii) necessary for the performance of tasks we carry out in the public interest (e.g. teaching and research), or (iv) necessary for the pursuit of the legitimate interests of the University or a third party (e.g. to enable your access to external services).

If we require your consent for any specific use of your Personal Data (such as for marketing activities, where required by the law), we will collect it at the appropriate time and you can withdraw this at any time. In the limited circumstances where we might use Personal Data to carry out wholly automated decision-making that affects you, we will inform you of the automated processing at the point where any such data is collected.

HOW WE SHARE AND DISCLOSE

Except as otherwise described in this Privacy Statement, we do not sell, rent, or share your Personal Data with third parties.

Sharing and Disclosure Outside Northeastern

We may share your Personal Data in the following circumstances:

Sharing and Disclosure Within Northeastern

Your Personal Data may be shared with other departments and business units at the University for the purposes described in this Privacy Statement, notably for delivery, personalization, and improvement of services at Northeastern and other departments and business units. This may be necessary to satisfy local, state and federal laws and regulations or in furtherance of our and our departments’ and units’ legitimate interests in providing and improving educational services, further the advancement of knowledge through research and academic pursuits and providing employment opportunities in connection with operating a large University.

COOKIES AND OTHER TRACKING TECHNOLOGIES

We and our partners use certain technologies to collect information about your use of our Services, in order to operate the Services, conduct analytics, improve your user experience and for advertising purposes.

Cookies

Our Site use ’cookies’ which are text files placed on your device when you visit a site which help us understand how you use our Site. Some cookies remain on your computer after you leave the Site (these are called ‘persistent’ cookies). Others are deleted automatically when you close your browser and others simply expire (these are called ‘session’ cookies). For more details on cookies please visit All About Cookies.

By choosing to use our the Site after having been notified of our use of cookies in the ways described in this Privacy Statement, and, in applicable jurisdictions, through notice and unambiguous acknowledgement of your consent, you agree to such use.

We use the following cookies:

Advertising – We sometimes use cookies from third parties that enable such parties to serve ads to you based on your visit to our Site These “interest-based” advertisements are also known as “online behavioral advertising.” Online behavioral advertising is advertising that is directed to you based, at least in part, on your Internet browsing behavior across websites and over time. Although we do not share Personal Data with the third parties that conduct interest-based advertising operations on our behalf, these third parties and their affiliates do collect certain information as a result of their javascript “tags” and other technologies such as web beacons or pixels being used on our Site. The information that they collect includes the names of web pages you view (URL’s), unique identifiers, your IP address, timestamp, and certain types of technical information.

Local shared objects (“Flash” cookies) are associated with non-browser software like Flash Player. Local shared objects can be used like cookies to distinguish your device from others, but will not be deleted or blocked using browser cookie controls. Please visit adobe.com to learn how to delete and block Flash cookies.

HTML5 local storage enables browsers to distinguish your device from others and remember data that may be important for the functioning of the website. Typically HTML5 local storage is only deleted if all Internet history, cache, and cookies are deleted. Please check your browser software for how to delete HTML5 local storage.

E-tags are used to prevent duplicative downloading of content to your browser, which can enhance browser performance. E-tags use unique identifiers for content that can also be used to distinguish your browser in certain instances from others. Typically e-tags are only deleted if all Internet history, cache, and cookies are deleted. You should check your browser software for how to delete e-tags in your particular case.

Our mobile applications may use the following technologies for features, services, advertising, or analytics:

Sharing Cookies and Technical Information with Third Parties

We have relationships with authorized third-party providers whose services are accessed through the myNortheastern portal or other University website. We may automatically send one or more of your cookies to the third-party site or service to enable you to access third-party services without re-entering your myNortheastern user ID and password, or other required information, each time.

Your Privacy And Choices

On most web browsers, you will find a “help” section on the toolbar. Please refer to this section for information on how to receive a notification when you are receiving a new cookie and how to turn cookies off. Please see the links below for guidance on how to modify your web browser’s settings on the most popular browsers:

If you reject, turn off or block cookies, some parts of our Site may not function correctly. Also, blocking cookies will not stop third-parties from collecting IP address, data stored in “Flash” cookies, and certain other types of technical information that may uniquely identify your browser.

You can make decisions about your privacy and the ads you receive. You can control whether companies serve you on-line behavioral advertising by visiting the Digital Advertising Alliance website and using its opt-out: http://www.aboutads.info/choices/. The DAA opt-out requires that cookies not be blocked in your browser. If you are located in the European Union, visit the European Interactive Digital Advertising Alliance’s Your Online Choices opt-out tool here.

As an alternative to the DAA opt–out, you can also elect to block browser cookies from first parties (such as those from our website) and browser cookies from third parties (such as advertisers) by using the cookie blocking options built into your browser software.

Digital Marketing and Ad Networks

Third Parties May Collect Personal Data from Other Sources. Some third parties involved in advertising operations may maintain their own proprietary consumer databases that allow them to personally identify or track website visitors. Other third parties have proprietary technologies to determine what additional devices you may use, on which it can display relevant advertisements.

SECURITY

We take reasonable administrative and technical steps to protect the Personal Data from loss, misuse and unauthorized access, disclosure, alteration, or destruction and, where feasible, systems that solicit or display personally-identifiable information are protected by authentication and authorization controls and Web-based experiences involving personal information are generally secured by SSL (Secure Sockets Layer protocol) with 128-bit encryption. However, no method of transmission over the internet is 100% secure. Therefore, while we strive to protect your data, we cannot guarantee its absolute security.

RETENTION

We will keep your Personal Data pursuant to our retention schedules which authorize retention for as long as reasonably necessary for the purposes described in this Privacy Statement, while we have a legitimate business need to do so, or as required by law (e.g. for tax, legal, accounting or other purposes), whichever is the longer.

If you have elected to receive marketing communications from us, we retain information about your marketing preferences until you opt out of receiving these communications and in accordance with our policies.

To determine the appropriate retention period for your Personal Data, we will consider the amount, nature, and sensitivity of the Personal Data, the potential risk of harm from unauthorized use or disclosure of your Personal Data, the purposes for which we use your Personal Data and whether we can achieve those purposes through other means, and the applicable legal requirements. In some circumstances we may anonymize your Personal Data so that it can no longer be associated with you, in which case it is no longer Personal Data.

UPDATE YOUR INFORMATION

If you need to change or correct your Personal Data, or wish to have it deleted from our systems, you may contact us. We will address your request as required by applicable law.

EUROPEAN UNION (EU) INDIVIDUALS

Scope. This section applies to individuals in the EU (for these purposes, reference to the EU also includes the European Economic Area countries of Iceland, Liechtenstein and Norway). Please read below for important information on your rights with respect to the Personal Data we hold about you.

Data Controller. Northeastern University is the data controller for your Personal Data, and may be contacted at the Office of Information Security located at 216 Massachusetts Avenue, Suite 302, Boston, MA 02115 and also at GDPR@northeastern.edu.

Your Rights. Subject to EU law, you may have the following rights in relation to your Personal Data:

You may contact us to exercise your rights.

Legitimate Interest. “Legitimate interests” means our interests in conducting our business as an institution of higher education, and managing and delivering the best Services to you. This Privacy Policy describes when we process your Personal Data for our legitimate interests, what these interests are and your rights. We will not use your Personal Data for activities where the impact on you overrides our interests, unless we have your consent or those activities are otherwise required or permitted by law.

Changes. We will notify you of material changes to the data processing activities described in the Privacy Policy by posting a prominent notice on the Site or otherwise as required by law.

PUBLICLY POSTED INFORMATION

This Privacy Policy does not apply to any information you elect to post to any public areas of the Site. This includes, but is not limited to, comments to Northeastern University blogs or forums. Comments posted to public areas may be viewed, accessed and used by third parties subject to those third parties’ privacy practices and policies.

LINKS TO OTHER WEBSITES

The Website and Apps may contain links to other websites not operated or controlled by us (“Third Party Sites”), including social media websites and services. We are not responsible for the privacy policies or data practices of such sites. By providing these links we do not imply that we endorse or have reviewed these sites. Please read the privacy policies of these sites before you visit them to understand their privacy practices and policies.

DO NOT TRACK

Do-Not-Track is a public-private initiative that has developed a “flag” or signal that an Internet user may activate in the user’s browser software to notify websites that the user does not wish to be “tracked” by third-parties as defined by the initiative. The online community has not agreed on what actions, if any, should be taken by the websites that receive the “do not track” signal, and therefore Do-Not-Track is not yet standardized. Our website does not alter its behavior or change its services when it receives a “do-not-track” flag or signal from your browser.

FORWARDING EMAIL: STUDENTS’ PRIVATE EMAIL ADDRESS

If you forward email from your University-assigned email address to a private (non- Northeastern University) email address, we may send email to either or both addresses. We may also share your private email address with service providers inside and outside the University.

FACULTY AND STAFF UNIVERSITY-ASSIGNED EMAIL ADDRESSES

Faculty and staff University-assigned email addresses appear in the Northeastern email directory and are publically-available through the directory at northeastern.edu.

HOW TO REQUEST ACCESS TO OR DELETION OF INFORMATION AND FILES PERTAINING TO YOU

You have the right to request access to and removal of information and records pertaining to you stored in Northeastern University systems. You may exercise these rights by contacting the appropriate office. We require that such requests be made in writing and include the following information:

You may contact the Office of Information Security
Northeastern University
216 Massachusetts Avenue, Suite 302, Boston, MA 02115
privacy@northeastern.edu

Fax 617-373-6423

There are some instances where the University may deny a request to remove information. For example, the University may decline to remove the following types of information, including, but not limited to:

The University will generally respond to requests no later than sixty (60) days after receipt, unless a shorter time period is provided under applicable law. If a request is denied, we will send a written explanation explaining the reason for the denial and a notification of your right to file a written statement of disagreement. The University may also provide a right to have the denial reviewed. If the University is unable to act within sixty (60) days, or the time period under applicable law, we may extend that time by no more than an additional thirty (30) days. If we need to extend this time, we will notify you of the delay and the date by which we will complete action on your request.

REDRESS

If you are not satisfied with the outcome of a privacy inquiry, you have the right to seek redress. To exercise this right, please contact the applicable department in writing:

Applicants for Undergraduate programs may contact the Office of Undergraduate Admissions:
Northeastern University
150 Richards Hall, 360 Huntington Avenue, Boston, MA 02115
admissions@northeastern.edu
Voice: 617-373-2200
Fax: 617-373-8780
TTY: TTY: 617-373-3100

Applicants for Graduate programs may contact the Office of Graduate Admissions for their specific College:
Bouvé College of Heath Sciences
Northeastern University
123 Behrakis Health Science Center, 360 Huntington Avenue, Boston, MA 02115
bouvegrad@northeastern.edu
Voice: 617.373.2708
Fax: 617.373.4701

College of Arts, Media & Design
Northeastern University
100 Meserve Hall, 360 Huntington Avenue, Boston, MA 02115
gradcamd@northeastern.edu
Voice: 617.373.2566
Fax: 617.373.5084

College of Computer and Information Science
Northeastern University
202 West Village H, 360 Huntington Avenue, Boston, MA 02115
ccis-gradschool@northeastern.edu
Voice: 617.373.2464
Fax: 617.373.5121

College of Engineering
Northeastern University
130 Snell Engineering Center, 360 Huntington Avenue, Boston, MA 02115
Voice: 617.373.2711
Fax: 617.373.2501

College of Science
Northeastern University
206 Mugar Hall, 360 Huntington Avenue, Boston, MA 02115
gradcos@northeastern.edu
Voice: 617.373.4275
Fax: 617.373.7166

College of Social Science & Humanities
Northeastern University
180 Renaissance Park, 360 Huntington Avenue, Boston, MA 02115
gradcssh@northeastern.edu
Voice: 617.373.5990
Fax: 617.373.7281

D’Amore McKim School of Business
Northeastern University
350 Dodge Hall, 360 Huntington Avenue, Boston, MA 02115
gradbusiness@northeastern.edu (Graduate Programs)
gspa@northeastern.edu (Accounting Programs)
gradcertificates@northeastern.edu (Certificate Programs)
Voice: 617.373.5992
Fax: 617.373.8564

School of Law:
Northeastern University,
400 Huntington Avenue, Boston, MA 02115
lawadmissions@northeastern.edu
Voice: 617.373.2395 (admissions)
Voice: 617.373.5149 (general)

College of Professional Studies:
Northeastern University
50 Nightingale Hall, 360 Huntington Avenue, Boston, MA 02115-9959
cpsadmissions@northeastern.edu
Voice: 877.668.7727

Students may contact the Office of the Registrar:
Northeastern University
271 Huntington, 360 Huntington Avenue, Boston, MA 02115
registrar@northeastern.edu
Voice: 617-373-2300
Fax 617-373-5351
TTY: 617-373-5360

Employees and applicants for employment may contact the Office of Human Resources Management:
Northeastern University
716 Columbus Place, 250 CP, 360 Huntington Avenue, Boston, MA 02115
hrminfo@northeastern.edu
Voice: 617-373-2230
Fax 617-373-5090
TTY: 617-373-5293

Alumni, donors, and friends of Advancement may contact the Office of Advancement:
Northeastern University
716 Columbus Place, 402 CP, 360 Huntington Avenue, Boston, MA 02115
adv_reg@northeastern.edu
Voice: 617-373-2520
Fax 617-373-5519

The following information is required:

The University will respond to requests for redress no later than sixty (60) days after receipt, unless a shorter time period is provided under applicable law. If a request is denied, we will send a written explanation explaining the reason for the denial, and a notification of your right to file a written statement of disagreement. The University may also provide a right to have the denial reviewed. If the University is unable to act within sixty (60) days, or the time period under applicable law, we may extend that time by no more than an additional thirty (30) days. If we need to extend this time, we will notify you of the delay and the date by which we will complete action on your request.

CHILDREN

Northeastern University does not knowingly solicit or collect Personal Data from users under the age of 13. If you believe we have inadvertently collected information about a child under 13 through this Site or the Services, please, please contact us at privacy@northeastern.edu and we will endeavor to delete the information.

CHANGES

The Privacy Statement is subject to change at any time, and the revision date will be noted here. We encourage users to regularly review the Privacy Statement for any changes. We will notify you if we make any material changes, pursuant to the applicable law. The most recent changes to the Privacy Statement occurred on June 11, 2018.