Mercy University (“Mercy” or the “University”) respects your privacy and is committed to protecting it through our compliance with this Policy.
This Policy describes the types of information we may collect from you or that you may provide when you visit the website mercy.edu (our “Website”) and our practices for collecting, using, maintaining, protecting, and disclosing that information.
This Policy applies to information we collect:
- On this Website.
- In email, text, and other electronic messages between you and this Website.
- Through mobile and desktop applications you download from this Website, which provide dedicated non-browser-based interaction between you and this Website.
- When you interact with our advertising and applications on third-party websites and services, if those applications or advertising include links to this Policy.
It does not apply to information collected by:
- Mercy offline or through any other means, including on any other website operated by the University or any third party; or
- Any third party, including through any application or content (including advertising) that may link to or be accessible from the University’s Website.
Mercy students and employees should also refer to the Policy on Acceptable Use of Computer and Network Resources, which outlines Mercy’s internal policy for the use and protection of Mercy computer resources.
Mercy University is committed to respecting your privacy. As an unregistered user, you can visit most of mercy.edu without revealing any personal information. However, in order to personalize your view of our site and gain access to certain information systems, you must register and provide some personal information. We do not collect any personal information about you unless you provide that information voluntarily. Any personal information you choose to provide us will only be used by Mercy to conduct official Mercy business. Mercy does not sell, rent, loan, trade or lease personal information collected on this site.
For purposes of this policy, “personal information” means any information concerning a natural person which, because of name, number, symbol, mark or other identifier, can be used to identify that natural person.
Children Under the Age of 13
Mercy University is concerned about the privacy of young children. Our website is not intended for children under 13 years of age. No one under the age of 13 may provide any personal information on our website. We do not knowingly collect any personal information from children under 13 years. If you are under 13, do not use or provide any information on this Website or through any of its features, register on the Website, make any purchases through the Website, use any of the interactive or public comment features of this Website, or provide any information about yourself to us, including your name, address, telephone number, email address, or any screen name or username you may use. If we learn we have collected or received personal information from a child under 13 without verification of parental consent, we will delete that information. If you believe we might have any information from or about a child under 13, please contact us at firstname.lastname@example.org, or phone number 914-674-7526.
California residents under 16 years of age may have additional rights regarding the collection and sale of their personal information. Please see Your California Privacy Rights for more information.
Information we Collect About You and How we Collect It
Some of Mercy’s site(s) and service(s) collect personally identifiable information to further personalize your experience within a site. Some site(s) and service(s) require that you provide personally identifiable information in order to participate in the activities and offerings within.
Mercy University collects several types of information from and about users of our Website, including information:
- By which you may be personally identified, such as name, postal address, e-mail address, telephone number, social security number or other personal information; and/or
- About your internet connection, the equipment you use to access our Website, and usage details.
We collect this information:
- Directly from you when you provide it to us;
- Automatically as you navigate through the site. Information collected automatically may include usage details, IP addresses, and information collected through cookies and other tracking technologies.
For each visitor to our Web pages, our Web server automatically recognizes your domain, service provider, operating system, and internet browser. Our Web server additionally records usage of pages by our visitors. We use this information, in aggregate, for our research reports and performance surveys. We sometimes use this non-personally identifiable information that we collect to improve the design and content of our site and to enable us to personalize your Internet experience.
Information You Provide to Us
The information we collect on or through our Website may include:
- Information that you provide by filling in forms on our Website.
- Records and copies of your correspondence (including email addresses), if you contact us.
- Your responses to surveys that we might ask you to complete for research purposes.
- Your search queries on the Website.
You also may provide information to be published or displayed (hereinafter, "posted") on public areas of the Website, or transmitted to other users of the Website or third parties (collectively, "User Contributions"). Your User Contributions are posted on and transmitted to others at your own risk. Please be aware that no security measures are perfect or impenetrable. Additionally, we cannot control the actions of other users of the Website with whom you may choose to share your User Contributions. Therefore, we cannot and do not guarantee that your User Contributions will not be viewed by unauthorized persons.
Information We Collect Through Automatic Data Collection Technologies
As you navigate through and interact with our Website, we may use automatic data collection technologies to collect certain information about your equipment, browsing actions, and patterns, including:
- Details of your visits to our Website, including traffic data, location data, logs, and other communication data and the resources that you access and use on the Website.
- Information about your computer and internet connection, including your IP address, operating system, and browser type.
We also may use these technologies to collect information about your online activities over time and across third-party websites or other online services (behavioral tracking). Our website offers the ability to opt out of behavioral tracking on this website and how we respond to web browser signals and other mechanisms that enable consumers to exercise choice about behavioral tracking.
The information we collect automatically does not include personal information, but we may maintain it or associate it with personal information we collect in other ways or receive from third parties. It helps us to improve our Website and to deliver a better and more personalized service, including by enabling us to:
- Estimate our audience size and usage patterns.
- Store information about your preferences, allowing us to customize our Website according to your individual interests.
- Speed up your searches.
- Recognize you when you return to our Website.
The technologies we use for this automatic data collection may include:
- Strictly Necessary Cookies. These cookies are necessary for the website to function and cannot be switched off in our systems. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in or filling in forms. You can set your browser to block or alert you about these cookies, but some parts of the site will not then work. These cookies do not store any personally identifiable information.
- Flash Cookies. Certain features of our Website may use local stored objects (or Flash cookies) to collect and store information about your preferences and navigation to, from, and on our Website. Flash cookies are not managed by the same browser settings as are used for browser cookies. For information about managing your privacy and security settings for Flash cookies, see Choices About How We Use and Disclose Your Information.
- Web Beacons. Pages of our the Website and our e-mails may contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags, and single-pixel gifs) that permit the Company, for example, to count users who have visited those pages or opened an email and for other related website statistics (for example, recording the popularity of certain website content and verifying system and server integrity).
We do not collect personal information automatically, but we may tie this information to personal information about you that we collect from other sources or you provide to us.
We do not control these third parties' tracking technologies or how they may be used. If you have any questions about an advertisement or other targeted content, you should contact the responsible provider directly.
How We Use Your Information
We may use the information you provide about yourself, including any personal information:
- To present our Website and its contents to you.
- To provide you with information, products, or services that you request from us.
- To fulfill any other purpose for which you provide it.
- To carry out our obligations and enforce our rights arising from any contracts entered into between you and us, including for billing and collection.
- To notify you about changes to our Website or any products or services we offer or provide though it. Most of our communications provide an “opt out” feature.
- In any other way we may describe when you provide the information.
- For any other purpose with your consent.
In addition, the Mercy University Web Site(s) and Service(s) may contain e-mail services, bulletin board services, chat areas, news groups, forums, communities, personal Web pages, calendars, photo displays and/or other message or communication facilities designed to enable you to communicate with others (collectively, "Communication Services"). The information we collect in connection with these Communication Services is used to provide an interactive experience. We use this information to facilitate participation in these Communication Services. Within many of these Communication Services, Mercy University provides you multiple privacy options that allow you to restrict the use and viewability of your information to others.
We may use the information we have collected from you to enable us to display advertisements to our advertisers' target audiences. Even though we do not disclose your personal information for these purposes without your consent, if you click on or otherwise interact with an advertisement, the advertiser may assume that you meet its target criteria.
Disclosure of Your Information
Mercy University We may disclose information about our users and information that does not identify any individual without restriction:
- To contractors, service providers, and other third parties we use to support our business and who are bound by contractual obligations to keep personal information confidential and use it only for the purposes for which we disclose it to them.
- To a buyer or other successor in the event of a merger or acquisition with another educational institution, in which personal information held by Mercy University about our Website users is among the assets transferred.
- To third parties to market their products or services to you if you have consented to/not opted out of these disclosures. We contractually require these third parties to keep personal information confidential and use it only for the purposes for which we disclose it to them. For more information, see Choices About How We Use and Disclose Your Information.
- For any other purpose disclosed by us when you provide the information.
- With your consent.
Mercy University may also disclose your personal information: :
- To comply with any court order, law, or legal process, including to respond to any government or regulatory request.
- To enforce or apply the terms of any of our user agreements. and
- To protect the rights, property, or safety of Mercy University, our users, or others.
Choices About How We Use and Disclose Your Information
We strive to provide you with choices regarding the personal information you provide to us. We have created mechanisms to provide you with the following control over your information:
- Disclosure of Your Information for Third-Party Advertising. If you do not want us to share your personal information with unaffiliated or non-agent third parties for promotional purposes, you can opt-out by sending us an email with your request to email@example.com.
- Promotional Offers from the Company. If you do not wish to have your email address/contact information used by the Company to promote our own or third parties' products or services, you can opt-out by sending us an email stating your request to firstname.lastname@example.org. If we have sent you a promotional email, you may send us a return email asking to be omitted from future email distributions.
- Targeted Advertising. If you do not want us to use information that we collect or that you provide to us to deliver advertisements according to our advertisers' target-audience preferences, you can opt-out.
We do not control third parties' collection or use of your information to serve interest-based advertising. However these third parties may provide you with ways to choose not to have your information collected or used in this way. You can opt out of receiving targeted ads from members of the Network Advertising Initiative ("NAI") on the NAI's website.
California residents may have additional personal information rights and choices. Please see Your California Privacy Rights for more information.
Nevada residents who wish to exercise their sale opt-out rights under Nevada Revised Statutes Chapter 603A may submit a request to this designated address: 1-877-MERCY-GO. However, please know we do not currently sell data triggering that statute's opt-out requirements.
Accessing and Correcting Your Information?
You may also send us an email at email@example.com to request access to, correct or delete any personal information that you have provided to us. We cannot delete your personal information except by also deleting your user account. We may not accommodate a request to change information if we believe the change would violate any law or legal requirement or cause the information to be incorrect.
California residents may have additional personal information rights and choices. Please see Your California Privacy Rights for more information.
Your California Privacy Rights
If you are a California resident, California law may provide you with additional rights regarding our use of your personal information. To learn more about your California privacy rights, visit here.
California's "Shine the Light" law (Civil Code Section § 1798.83) permits users of our App that are California residents to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes. To make such a request, please send an email to firstname.lastname@example.org or write us at: IT Department, 555 Broadway, Dobbs Ferry, NY 10522.
Your FERPA Rights
The Family Educational Rights and Privacy Act of 1974 (“FERPA” or the “Act”) affords eligible students certain rights with respect to their education records. An eligible student under FERPA is a student who is 18 years of age or older or who attends a postsecondary institution at any age. Persons who unsuccessfully applied for admission to the University or who are offered admission but never attended the University are not covered by the Act.
Eligible students are afforded the following rights:
- Inspection. The right to inspect and review the student’s education records within 45 days after the day the University receives a request for access.
- Amendment. The right to request the amendment of the student’s education records that the student believes is inaccurate, misleading, or otherwise in violation of the student’s privacy rights under FERPA.
- Appeal of University’s amendment decision.
- Consent for disclosure. The right to provide written consent before the University discloses personally identifiable information (PII), as defined below, from the student's education records, except to the extent that FERPA authorizes disclosure without consent as set forth in section III below.
- Complaint. The right to file a complaint with the U.S. Department of Education concerning alleged failures by the University to comply with the requirements of FERPA. The name and address of the office that administers FERPA is:
Family Policy Compliance Office
U.S. Department of Education
400 Maryland Avenue, SW
Washington, DC 20202
The University’s complete Policy on Access to Student Records Under the Family Educational Rights and Privacy Act (FERPA), can be found here.
Your Rights Under the NYS Stop Hacks and Improve Electronic Data Secuity Act (SHIELD)
The law requires that the University notify the affected consumers following discovery of the breach in the security of its computer data system affecting private information. The disclosure must be made in the most expedient time possible consistent with legitimate needs of law enforcement agencies. While the law requires notice to the Attorney General’s office, New York Department of State and the New York State Police of the timing, content and distribution of the notices and approximate number of affected persons, submission of a breach form through the NYAG data breach reporting portal is sufficient as its automatically sent to all three entities.
The University must also notify consumer reporting agencies if more than 5,000 New York residents are to be notified. The contact information for the three nationwide consumer reporting agencies is as follows:
EQUIFAX P.O. Box 105788 Atlanta, GA 30348 1-800-349-9960 www.equifax.com
EXPERIAN Consumer Fraud Assistance P.O. Box 9554 Allen, TX 75013 888-397-3742 www.experian.com
TRANSUNION P.O. Box 2000 Chester, PA 19016-2000 Phone: 800-909-8872 www.transunion.com
If you are a consumer affected by a breach, you may file a complaint through the Attorney General’s online complaint form. Do not submit a breach notification form.
Your General Data Protection Regulation (GDPR) Rights. Mercy University is the controller of your personal data. Under the General Data Protection Regulation (GDPR), consumers located in the European Economic Area (European Union, Norway, Liechtenstein, and Iceland), have the rights listed below:
- Right to Access Personal Information in a Portable Format. You can request to review the Personal Information that we retain about you and receive a copy of it in a commonly used electronic format.
- Right to Correct Your Personal Information. You can ask the University to make corrections to any information that we maintain about you when you believe it to be incorrect.
- Right to Restrict Our Processing Your Personal Information. You can request that we restrict the processing of your Personal Information, including sending you communications that may be considered direct-marketing materials.
- Right to Deletion of Your Personal Information. You can request that we delete your Personal Information upon request or have your PI automatically deleted when we are no longer required to maintain it.
- Right to Object to Automated Decision-Making and Profiling. You can request not to be subject to decisions that are based solely on the automated processing of your Personal Information.
- Right to Withdraw Consent. You may withdraw your consent to allow us to process your Personal Information.
- Right to Complain to a Supervisory Authority. If you feel that your rights have not been recognized by the Academy or are unsatisfied with our response, you have the right to complain to or seek advice from a supervisory authority. Click here for a list of Supervisory Authorities.
You may exercise your GDPR rights by submitting a verifiable consumer request by using emailing us at email@example.com, or calling us toll free at 1-877-MERCY-GO.
Your Rights Under the Lei Geral de Proteção de Dados No. 13.709/2018 or General Data Protection law (LGPD). Consumers located in Brazil have the rights listed below.
- Right to Revoke Consent. You may withdraw your consent for us to maintain and process your Personal Information at any time.
- Right of Access. You can request confirmation that we process your Personal Information and ask to review the Personal Information that we retain about you and receive a copy that data as well as additional information about the processing of that data.
- Right to Correction/Rectification. You can have inaccurate Personal Information corrected and have incomplete Personal Information made complete.
- Right to Deletion. You can have personal data deleted in certain circumstances.
- Right to Restriction of Processing. You can have the additional processing of Personal Information temporarily prohibited while the accuracy or processing of the Personal Information is contested.
- Right to Data Portability. You can receive your Personal Information for the purpose of providing it to another controller.
- Right to Object. You can object, at any time that the processing of your Personal Information is unnecessary or excessive.
- Right to Avoid Automated Individual Decision-Making. You can object to your Personal Information being subjected to a decision based solely on automated processing, including profiling, that has legal or similar affect.
You may exercise your LGPD rights by submitting a verifiable consumer request by emailing us at firstname.lastname@example.org, or calling us toll free at 1-877-MERCY-GO.
Your Rights Under the Personal Information Protection Law of the People’s Republic of China (PIPL)
Under the Personal Information Protection Law of the People’s Republic of China (PIPL), consumers located in China have the rights listed below.
- Know and decide on the processing of personal information. You have the right to know about and the right to make decisions relating to your personal information. You also have the right to limit or refuse the handling of your personal information by others, unless laws or administrative regulations stipulate otherwise.
- Access and copy personal information. You have the right to access and receive a copy of your personal information, except in circumstances provided in Article 18, Paragraph 1, or Article 35 of the PIPL.
- Correct and delete personal information. You have the right to have personal data corrected when found to be inaccurate and deleted in certain circumstances.
- Right to Data Portability. You have the right to receive your Personal Information for the purpose of providing it to another entities.
- Know about personal information handling. You have the right to an explanation of our personal information handling rules, emailing us at email@example.com, or calling us toll free at 1-877-MERCY-GO.
How We Protect Your Information
Mercy has put in place appropriate physical, electronic, and managerial procedures to safeguard and help prevent unauthorized access, maintain data security, and correctly use the information we collect online. We secure information transmission, storage, and retrieval.
On our secure server(s), we use industry-standard Secure Sockets Layer ("SSL") technology to guarantee the confidentiality of online transactions made on our site. SSL authentication and encryption of the information that you send to us over the Internet helps protect your online transaction information from third party interception.
We never display your sensitive information such as your full Social Security Number or credit card number once it has been entered. We will only reveal the last four digits of your credit card for verification purposes.
We urge you to protect your own privacy. We recommend that you do not share any account information or passwords used to access our site(s) or service(s). We would never request from your password from you.
Unfortunately, despite all of our efforts, there is always a risk that third parties may unlawfully intercept transmissions. This reality is true of all Internet use. As a result, we cannot ensure the security of any information you transmit, and you transmit all information at your own risk.
By using our Web site, you consent to the collection and use of your information by Mercy University.
- 1-877-MERCY-GO or 914-674-7526
To register a complaint or concern, please file a complaint online here.
By using our Web site, you consent to the collection and use of your information by Mercy University.