What is the GDPR?
The European Parliament adopted the GDPR in April 2016, replacing an outdated data protection directive from 1995. It carries provisions that require businesses to protect the personal data and privacy of EU citizens for transactions that occur within EU member states. The GDPR also regulates the exportation of personal data outside the EU (including the U.S.A.).
The GDPR requirements will force U.S. companies to change the way they process, store, and protect customers’ personal data. For example, companies will be allowed to store and process personal data only when the individual consents and for “no longer than is necessary for the purposes for which the personal data are processed.” Personal data must also be portable from one company to another, and companies must erase personal data upon request.
That last item is also known as the right to be forgotten. There are some exceptions. For example, GDPR does not supersede any legal requirement that an organization maintain certain data. This would include HIPAA health record requirements or FERPA.
Companies must be able to provide a “reasonable” level of data protection and privacy to EU citizens. In addition, companies must report data breaches to supervisory authorities and individuals affected by a breach within 72 hours of when the breach was detected. Another requirement, performing impact assessments, is intended to help mitigate the risk of breaches by identifying vulnerabilities and how to address them.
How We Comply
Luther Rice takes seriously data protection and your privacy. Therefore, Luther Rice maintains and operates according to its published Information Security Policies, Information Security Program, and Incident Response Plan. Included are the measures Luther Rice takes to identify and Data Protection Officer (CIO), data security risks, safeguards that are in place to adequately mitigate the risks, the periodic testing of the safeguards, and the procedure for reporting a data breach.
In compliance with GDPR, individuals have a “Right to be Forgotten” or “opt-out”. If for any reason an individual would like to request that his/her information be completely removed from the Luther Rice databases, individuals must contact contact@LutherRice.edu. Luther Rice will commit to the individual’s request as long as it does not supersede any legal requirements Luther Rice has to maintain data (example: FERPA or institutional academic record policies).
In addition, if an individual has any questions or concerns about the following items, the individual is encouraged to contact us at contact@LutherRice.edu :
- Data we’ve collected on the individual
- What third-parties access the data (if any)
- How long the data is stored
- How to “fix” any data that is collected
Luther Rice College & Seminary recognizes the importance of protecting the privacy of personal information about our students and others who visit our web site. Through our web site, we strive to provide valuable information to you about how we may serve you. Whether you are a valued existing student or someone considering application, we hope our site answers your question regarding your educational needs.
Our web site does not require you to disclose any personally identifying information unless you are attempting one of the following:
- Applying/Reactivate online to the school
- Requesting a Transcript, Status Sheet, Letter of Certification, Diploma Reorder, Degree Information, or making an Online Donation
- Paying for Tuition by Credit Card or making a payment towards your student account.
- Requesting information about the institution.
Luther Rice has taken extra steps to ensure that any credit card payment is secure and encrypted. This serves to provide you with the highest level of electronic security and confidence in your online transactions.
If you choose to contact us via email, please keep in mind that your email address, and any other information your e-mail header shows about you, such as your name or organization, will be revealed to us in the email.
We pledge that when you communicate with us via email or form submission, we will use your information only for the specific purpose of responding to your comments or question. Students should never send Personally Identifiable Information (PII) to Luther Rice via email. For that reason, we provide a Secure File Transfer feature within the MyCampus student portal, through which, attachments containing PII may be securely sent directly to our administrative offices.
Your personal information will never be sold, nor will it be shared with anyone outside of Luther Rice College & Seminary, unless we are compelled to do so by law. When you use our services, we have access to your personal information. Luther Rice does not disclose any nonpublic personal information about students or prospects to anyone, unless given specific permission by the student.
Luther Rice collects and maintains personal information from individuals who have agreed to provide it to the Institution. The personal information is securely maintained at Luther Rice in accordance with Institution's record retention policies and procedures. Approved personal information provided by an individual will only be used for regular business purposes of the Institution and periodic contact concerning upcoming events, recruitment, admission, registration, and other Luther Rice related items. Should an individual have any questions about record retention polices and procedures, use of personal information, like to "opt-out" of future communication, or pursue their "Right to be Forgotten" in accordance with the E.U. GDPR, the individual must contact Luther Rice at contact@LutherRice.edu.
To ensure you the customer that we are take seriously the security of our data, we carefully monitor our compliance with GLBA and GDPR. For more information concerning Luther Rice’s compliance, please contact us at contact@LutherRice.edu or the GDPR compliance page on our website.