Privacy Policy

Policy Statement

Mercy University (“Mercy” or the “University”) respects your privacy and is committed to protecting it through our compliance with this Policy. 

This Policy describes the types of information we may collect from you or that you may provide when you visit the website mercy.edu (our “Website”) and our practices for collecting, using, maintaining, protecting, and disclosing that information. 

This Policy applies to information we collect: 

  • On this Website. 
  • In email, text, and other electronic messages between you and this Website. 
  • Through mobile and desktop applications you download from this Website, which provide dedicated non-browser-based interaction between you and this Website. 
  • When you interact with our advertising and applications on third-party websites and services, if those applications or advertising include links to this Policy. 

It does not apply to information collected by: 

  • Mercy offline or through any other means, including on any other website operated by the University or any third party; or 
  • Any third party, including through any application or content (including advertising) that may link to or be accessible from the University’s Website. 

Please read this Policy carefully to understand our policies and practices regarding your information and how we will treat it. If you do not agree with our policies and practices, your choice is not to use our Website. By accessing or using this Website, you agree to this Privacy Policy. This Policy may change from time to time (see Changes to Our Privacy Policy). Your continued use of this Website after we make changes is deemed to be acceptance of those changes, so please check the Policy periodically for updates. 

Mercy students and employees should also refer to the Policy on Acceptable Use of Computer and Network Resources, which outlines Mercy’s internal policy for the use and protection of Mercy computer resources. 

Mercy University is committed to respecting your privacy. As an unregistered user, you can visit most of mercy.edu without revealing any personal information. However, in order to personalize your view of our site and gain access to certain information systems, you must register and provide some personal information. We do not collect any personal information about you unless you provide that information voluntarily. Any personal information you choose to provide us will only be used by Mercy to conduct official Mercy business. Mercy does not sell, rent, loan, trade or lease personal information collected on this site. 

For purposes of this policy, “personal information” means any information concerning a natural person which, because of name, number, symbol, mark or other identifier, can be used to identify that natural person. 

Children Under the Age of 13

Mercy University is concerned about the privacy of young children. Our website is not intended for children under 13 years of age. No one under the age of 13 may provide any personal information on our website. We do not knowingly collect any personal information from children under 13 years. If you are under 13, do not use or provide any information on this Website or through any of its features, register on the Website, make any purchases through the Website, use any of the interactive or public comment features of this Website, or provide any information about yourself to us, including your name, address, telephone number, email address, or any screen name or username you may use. If we learn we have collected or received personal information from a child under 13 without verification of parental consent, we will delete that information. If you believe we might have any information from or about a child under 13, please contact us at helpdesk@mercy.edu, or phone number 914-674-7526. 

California residents under 16 years of age may have additional rights regarding the collection and sale of their personal information. Please see Your California Privacy Rights for more information. 

Information we Collect About You and How we Collect It

Some of Mercy’s site(s) and service(s) collect personally identifiable information to further personalize your experience within a site. Some site(s) and service(s) require that you provide personally identifiable information in order to participate in the activities and offerings within. 

Mercy University collects several types of information from and about users of our Website, including information: 

  • By which you may be personally identified, such as name, postal address, e-mail address, telephone number, social security number or other personal information; and/or 
  • About your internet connection, the equipment you use to access our Website, and usage details. 

We collect this information: 

  • Directly from you when you provide it to us; 
  • Automatically as you navigate through the site. Information collected automatically may include usage details, IP addresses, and information collected through cookies and other tracking technologies. 

For each visitor to our Web pages, our Web server automatically recognizes your domain, service provider, operating system, and internet browser. Our Web server additionally records usage of pages by our visitors. We use this information, in aggregate, for our research reports and performance surveys. We sometimes use this non-personally identifiable information that we collect to improve the design and content of our site and to enable us to personalize your Internet experience. 

Information You Provide to Us 

The information we collect on or through our Website may include: 

  • Information that you provide by filling in forms on our Website. 
  • Records and copies of your correspondence (including email addresses), if you contact us. 
  • Your responses to surveys that we might ask you to complete for research purposes. 
  • Your search queries on the Website. 

You also may provide information to be published or displayed (hereinafter, "posted") on public areas of the Website, or transmitted to other users of the Website or third parties (collectively, "User Contributions"). Your User Contributions are posted on and transmitted to others at your own risk. Please be aware that no security measures are perfect or impenetrable. Additionally, we cannot control the actions of other users of the Website with whom you may choose to share your User Contributions. Therefore, we cannot and do not guarantee that your User Contributions will not be viewed by unauthorized persons. 

Information We Collect Through Automatic Data Collection Technologies 

As you navigate through and interact with our Website, we may use automatic data collection technologies to collect certain information about your equipment, browsing actions, and patterns, including: 

  • Details of your visits to our Website, including traffic data, location data, logs, and other communication data and the resources that you access and use on the Website. 
  • Information about your computer and internet connection, including your IP address, operating system, and browser type. 

We also may use these technologies to collect information about your online activities over time and across third-party websites or other online services (behavioral tracking). Our website offers the ability to opt out of behavioral tracking on this website and how we respond to web browser signals and other mechanisms that enable consumers to exercise choice about behavioral tracking. 

The information we collect automatically does not include personal information, but we may maintain it or associate it with personal information we collect in other ways or receive from third parties. It helps us to improve our Website and to deliver a better and more personalized service, including by enabling us to: 

  • Estimate our audience size and usage patterns. 
  • Store information about your preferences, allowing us to customize our Website according to your individual interests. 
  • Speed up your searches. 
  • Recognize you when you return to our Website. 

The technologies we use for this automatic data collection may include: 

  • Cookies (or browser cookies). A cookie is a small file placed on the hard drive of your computer. You may refuse to accept browser cookies by activating the appropriate setting on your browser. However, if you select this setting you may be unable to access certain parts of our Website. Unless you have adjusted your browser setting so that it will refuse cookies, our system will issue cookies when you direct your browser to our Website. To enhance and personalize your experience, some of our web pages use “cookies.” Cookies are text files that your Web browser places on your computer’s hard drive to store your preferences. When using cookies, we do not store personally identifiable information within the cookie. 
  • Strictly Necessary Cookies. These cookies are necessary for the website to function and cannot be switched off in our systems. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in or filling in forms. You can set your browser to block or alert you about these cookies, but some parts of the site will not then work. These cookies do not store any personally identifiable information. 
  • Flash Cookies. Certain features of our Website may use local stored objects (or Flash cookies) to collect and store information about your preferences and navigation to, from, and on our Website. Flash cookies are not managed by the same browser settings as are used for browser cookies. For information about managing your privacy and security settings for Flash cookies, see Choices About How We Use and Disclose Your Information
  • Web Beacons. Pages of our the Website and our e-mails may contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags, and single-pixel gifs) that permit the Company, for example, to count users who have visited those pages or opened an email and for other related website statistics (for example, recording the popularity of certain website content and verifying system and server integrity). 

We do not collect personal information automatically, but we may tie this information to personal information about you that we collect from other sources or you provide to us. 

Third-Party Use of Cookies

Some content or applications, including advertisements, on the Website are served by third-parties, including advertisers, ad networks and servers, content providers, and application providers. These third parties may use cookies alone or in conjunction with web beacons or other tracking technologies to collect information about you when you use our website. The information they collect may be associated with your personal information or they may collect information, including personal information, about your online activities over time and across different websites and other online services. They may use this information to provide you with interest-based (behavioral) advertising or other targeted content. 

We do not control these third parties' tracking technologies or how they may be used. If you have any questions about an advertisement or other targeted content, you should contact the responsible provider directly. 

How We Use Your Information 

We may use the information you provide about yourself, including any personal information: 

  • To present our Website and its contents to you. 
  • To provide you with information, products, or services that you request from us. 
  • To fulfill any other purpose for which you provide it. 
  • To carry out our obligations and enforce our rights arising from any contracts entered into between you and us, including for billing and collection. 
  • To notify you about changes to our Website or any products or services we offer or provide though it. Most of our communications provide an “opt out” feature. 
  • In any other way we may describe when you provide the information. 
  • For any other purpose with your consent. 

In addition, the Mercy University Web Site(s) and Service(s) may contain e-mail services, bulletin board services, chat areas, news groups, forums, communities, personal Web pages, calendars, photo displays and/or other message or communication facilities designed to enable you to communicate with others (collectively, "Communication Services"). The information we collect in connection with these Communication Services is used to provide an interactive experience. We use this information to facilitate participation in these Communication Services. Within many of these Communication Services, Mercy University provides you multiple privacy options that allow you to restrict the use and viewability of your information to others. 

We may use the information we have collected from you to enable us to display advertisements to our advertisers' target audiences. Even though we do not disclose your personal information for these purposes without your consent, if you click on or otherwise interact with an advertisement, the advertiser may assume that you meet its target criteria. 

Disclosure of Your Information

Mercy University We may disclose information about our users and information that does not identify any individual without restriction: 

  • To contractors, service providers, and other third parties we use to support our business and who are bound by contractual obligations to keep personal information confidential and use it only for the purposes for which we disclose it to them. 
  • To a buyer or other successor in the event of a merger or acquisition with another educational institution, in which personal information held by Mercy University about our Website users is among the assets transferred. 
  • To third parties to market their products or services to you if you have consented to/not opted out of these disclosures. We contractually require these third parties to keep personal information confidential and use it only for the purposes for which we disclose it to them. For more information, see Choices About How We Use and Disclose Your Information
  • For any other purpose disclosed by us when you provide the information. 
  • With your consent. 

Mercy University may also disclose your personal information: : 

  • To comply with any court order, law, or legal process, including to respond to any government or regulatory request. 
  • To enforce or apply the terms of any of our user agreements. and 
  • To protect the rights, property, or safety of Mercy University, our users, or others. 

Choices About How We Use and Disclose Your Information 

We strive to provide you with choices regarding the personal information you provide to us. We have created mechanisms to provide you with the following control over your information: 

  • Tracking Technologies and Advertising. You can set your browser to refuse all or some browser cookies, or to alert you when cookies are being sent. If you disable or refuse cookies, please note that some parts of this site may then be inaccessible or not function properly. 
  • Disclosure of Your Information for Third-Party Advertising. If you do not want us to share your personal information with unaffiliated or non-agent third parties for promotional purposes, you can opt-out by sending us an email with your request to helpdesk@mercy.edu. 
  • Promotional Offers from the Company. If you do not wish to have your email address/contact information used by the Company to promote our own or third parties' products or services, you can opt-out by sending us an email stating your request to helpdesk@mercy.edu. If we have sent you a promotional email, you may send us a return email asking to be omitted from future email distributions. 
  • Targeted Advertising. If you do not want us to use information that we collect or that you provide to us to deliver advertisements according to our advertisers' target-audience preferences, you can opt-out. 

We do not control third parties' collection or use of your information to serve interest-based advertising. However these third parties may provide you with ways to choose not to have your information collected or used in this way. You can opt out of receiving targeted ads from members of the Network Advertising Initiative ("NAI") on the NAI's website. 

California residents may have additional personal information rights and choices. Please see Your California Privacy Rights for more information. 

Nevada residents who wish to exercise their sale opt-out rights under Nevada Revised Statutes Chapter 603A may submit a request to this designated address: 1-877-MERCY-GO. However, please know we do not currently sell data triggering that statute's opt-out requirements. 

Accessing and Correcting Your Information? 

You may also send us an email at helpdesk@mercy.edu to request access to, correct or delete any personal information that you have provided to us. We cannot delete your personal information except by also deleting your user account. We may not accommodate a request to change information if we believe the change would violate any law or legal requirement or cause the information to be incorrect. 

If you delete your User Contributions from the Website, copies of your User Contributions may remain viewable in cached and archived pages, or might have been copied or stored by other Website users. Proper access and use of information provided on the Website, including User Contributions, is governed by our terms of use in this Privacy Policy. 

California residents may have additional personal information rights and choices. Please see Your California Privacy Rights for more information. 

Your California Privacy Rights 

If you are a California resident, California law may provide you with additional rights regarding our use of your personal information. To learn more about your California privacy rights, visit here

California's "Shine the Light" law (Civil Code Section § 1798.83) permits users of our App that are California residents to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes. To make such a request, please send an email to helpdesk@mercy.edu or write us at: IT Department, 555 Broadway, Dobbs Ferry, NY 10522. 

Your FERPA Rights 

The Family Educational Rights and Privacy Act of 1974 (“FERPA” or the “Act”) affords eligible students certain rights with respect to their education records. An eligible student under FERPA is a student who is 18 years of age or older or who attends a postsecondary institution at any age. Persons who unsuccessfully applied for admission to the University or who are offered admission but never attended the University are not covered by the Act. 

Eligible students are afforded the following rights: 

  1. Inspection. The right to inspect and review the student’s education records within 45 days after the day the University receives a request for access. 
  2. Amendment. The right to request the amendment of the student’s education records that the student believes is inaccurate, misleading, or otherwise in violation of the student’s privacy rights under FERPA. 
  3. Appeal of University’s amendment decision. 
  4. Consent for disclosure. The right to provide written consent before the University discloses personally identifiable information (PII), as defined below, from the student's education records, except to the extent that FERPA authorizes disclosure without consent as set forth in section III below. 
  5. Complaint. The right to file a complaint with the U.S. Department of Education concerning alleged failures by the University to comply with the requirements of FERPA. The name and address of the office that administers FERPA is: 
    Family Policy Compliance Office
    U.S. Department of Education
    400 Maryland Avenue, SW
    Washington, DC 20202 

The University’s complete Policy on Access to Student Records Under the Family Educational Rights and Privacy Act (FERPA), can be found here

Your Rights Under the NYS Stop Hacks and Improve Electronic Data Secuity Act (SHIELD) 

The law requires that the University notify the affected consumers following discovery of the breach in the security of its computer data system affecting private information. The disclosure must be made in the most expedient time possible consistent with legitimate needs of law enforcement agencies. While the law requires notice to the Attorney General’s office, New York Department of State and the New York State Police of the timing, content and distribution of the notices and approximate number of affected persons, submission of a breach form through the NYAG data breach reporting portal is sufficient as its automatically sent to all three entities. 

The University must also notify consumer reporting agencies if more than 5,000 New York residents are to be notified. The contact information for the three nationwide consumer reporting agencies is as follows: 

EQUIFAX P.O. Box 105788 Atlanta, GA 30348 1-800-349-9960 www.equifax.com 

EXPERIAN Consumer Fraud Assistance P.O. Box 9554 Allen, TX 75013 888-397-3742 www.experian.com 

TRANSUNION P.O. Box 2000 Chester, PA 19016-2000 Phone: 800-909-8872 www.transunion.com 

If you are a consumer affected by a breach, you may file a complaint through the Attorney General’s online complaint form. Do not submit a breach notification form. 

Your General Data Protection Regulation (GDPR) Rights. Mercy University is the controller of your personal data. Under the General Data Protection Regulation (GDPR), consumers located in the European Economic Area (European Union, Norway, Liechtenstein, and Iceland), have the rights listed below: 

  • Right to Access Personal Information in a Portable Format. You can request to review the Personal Information that we retain about you and receive a copy of it in a commonly used electronic format. 
  • Right to Correct Your Personal Information. You can ask the University to make corrections to any information that we maintain about you when you believe it to be incorrect. 
  • Right to Restrict Our Processing Your Personal Information. You can request that we restrict the processing of your Personal Information, including sending you communications that may be considered direct-marketing materials. 
  • Right to Deletion of Your Personal Information. You can request that we delete your Personal Information upon request or have your PI automatically deleted when we are no longer required to maintain it. 
  • Right to Object to Automated Decision-Making and Profiling. You can request not to be subject to decisions that are based solely on the automated processing of your Personal Information. 
  • Right to Withdraw Consent. You may withdraw your consent to allow us to process your Personal Information. 
  • Right to Complain to a Supervisory Authority. If you feel that your rights have not been recognized by the Academy or are unsatisfied with our response, you have the right to complain to or seek advice from a supervisory authority. Click here for a list of Supervisory Authorities

You may exercise your GDPR rights by submitting a verifiable consumer request by using emailing us at helpdesk@mercy.edu, or calling us toll free at 1-877-MERCY-GO. 

Your Rights Under the Lei Geral de Proteção de Dados No. 13.709/2018 or General Data Protection law (LGPD). Consumers located in Brazil have the rights listed below. 

  • Right to Notice. Mercy University provides this Privacy Policy, explaining how your Personal Information is processed and shared. 
  • Right to Revoke Consent. You may withdraw your consent for us to maintain and process your Personal Information at any time. 
  • Right of Access. You can request confirmation that we process your Personal Information and ask to review the Personal Information that we retain about you and receive a copy that data as well as additional information about the processing of that data. 
  • Right to Correction/Rectification. You can have inaccurate Personal Information corrected and have incomplete Personal Information made complete. 
  • Right to Deletion. You can have personal data deleted in certain circumstances. 
  • Right to Restriction of Processing. You can have the additional processing of Personal Information temporarily prohibited while the accuracy or processing of the Personal Information is contested. 
  • Right to Data Portability. You can receive your Personal Information for the purpose of providing it to another controller. 
  • Right to Object. You can object, at any time that the processing of your Personal Information is unnecessary or excessive. 
  • Right to Avoid Automated Individual Decision-Making. You can object to your Personal Information being subjected to a decision based solely on automated processing, including profiling, that has legal or similar affect. 

You may exercise your LGPD rights by submitting a verifiable consumer request by emailing us at helpdesk@mercy.edu, or calling us toll free at 1-877-MERCY-GO. 

Your Rights Under the Personal Information Protection Law of the People’s Republic of China (PIPL) 

Under the Personal Information Protection Law of the People’s Republic of China (PIPL), consumers located in China have the rights listed below. 

  • Know and decide on the processing of personal information. You have the right to know about and the right to make decisions relating to your personal information. You also have the right to limit or refuse the handling of your personal information by others, unless laws or administrative regulations stipulate otherwise. 
  • Access and copy personal information. You have the right to access and receive a copy of your personal information, except in circumstances provided in Article 18, Paragraph 1, or Article 35 of the PIPL. 
  • Correct and delete personal information. You have the right to have personal data corrected when found to be inaccurate and deleted in certain circumstances. 
  • Right to Data Portability. You have the right to receive your Personal Information for the purpose of providing it to another entities. 
  • Know about personal information handling. You have the right to an explanation of our personal information handling rules, emailing us at helpdesk@mercy.edu, or calling us toll free at 1-877-MERCY-GO. 

How We Protect Your Information 

Mercy has put in place appropriate physical, electronic, and managerial procedures to safeguard and help prevent unauthorized access, maintain data security, and correctly use the information we collect online. We secure information transmission, storage, and retrieval. 

On our secure server(s), we use industry-standard Secure Sockets Layer ("SSL") technology to guarantee the confidentiality of online transactions made on our site. SSL authentication and encryption of the information that you send to us over the Internet helps protect your online transaction information from third party interception. 

We never display your sensitive information such as your full Social Security Number or credit card number once it has been entered. We will only reveal the last four digits of your credit card for verification purposes. 

We urge you to protect your own privacy. We recommend that you do not share any account information or passwords used to access our site(s) or service(s). We would never request from your password from you. 

Although we take appropriate measures to safeguard against unauthorized disclosures of information, we cannot assure you that personally identifiable information that we collect will never be disclosed in a manner that is inconsistent with this privacy policy. 

Unfortunately, despite all of our efforts, there is always a risk that third parties may unlawfully intercept transmissions. This reality is true of all Internet use. As a result, we cannot ensure the security of any information you transmit, and you transmit all information at your own risk. 

Your Consent 

By using our Web site, you consent to the collection and use of your information by Mercy University. 

If we decide to change our privacy policy, we will post those changes on this page so that you are always aware of what information we collect, how we use it, and under what circumstances we disclose it. 

If you have any questions about this privacy policy, or the content or practices of our website, 

Changes to Our Privacy Policy 

It is our policy to post any changes we make to our privacy policy on this page. If we make material changes to how we treat our users' personal information, Mercy will update its webpage. The date the privacy policy was last revised is identified at the top of the page. You are responsible for ensuring we have an up-to-date active and deliverable email address for you, and for periodically visiting our Website and this privacy policy to check for any changes. 

Contact Information 

To ask questions or comment about this privacy policy and our privacy practices, or wish to submit a “Do Not Track,” request you can contact Mercy University Office of Information Technology at: 

To register a complaint or concern, please file a complaint online here

Your Consent


By using our Web site, you consent to the collection and use of your information by Mercy University.

 
If we decide to change our privacy policy, we will post those changes on this page so that you are always aware of what information we collect, how we use it, and under what circumstances we disclose it.


If you have any questions about this privacy policy, or the content or practices of our website, you can contact Mercy University Office of Information Technology, helpdesk@mercy.edu.