Facebook pixel European Union General Data Protection Regulation (GDPR) Privacy Policy

European Union General Data Protection Regulation (GDPR) Privacy Policy

Purpose and Applicability of this Policy

St. Louis Community College (the “College”) is committed to protecting the security and privacy of
personal and sensitive information collected from individuals in the European Union (EU). The General
Data Protection Regulation (EU 2016/679) (GDPR) is legislation of the EU that is intended to protect the
privacy of individuals in the EU by establishing how data controllers and data processors must address
the collection and processing of personal information about those individuals. This policy is applicable to
the processing of personal data received from individuals who are physically in the EU at the time data is
initially collected in connection with the offering of goods or services by the College. This policy is in
addition to and does not replace other College policies and procedures, such as policies regarding the
protection of student information, employee information, health record information or other data.

Personal Information

Personal data means any information relating to an identified or identifiable natural person (data
subject). An identifiable natural person is one who can be identified, directly or indirectly, in particular
by reference:

  • to an identifier such as a name, an identification number, location data, an online identifier or
  • to one or more factors specific to the physical, physiological, genetic, mental, economic,
    cultural, or social identity of that natural person (EU 2018/1725) (GDPR).

Types of Personal Information the College Processes

We process your personal information, including, but not limited to, contact information, demographic
information, educational history and records, entrance exams scores, medical information, behavior
information, financial information, military service and/or status, employment history, professional and
personal references, criminal background checks and other additional information necessary to process
your application, and general administrative requirements related to your relationship with the College.

Data Privacy Principles:

  • The College will only process your personal information for lawful purposes and only for the
    specific purpose identified.
  • We will not process additional personal information that is not needed.
  • We will ensure that all personal information we maintain is kept accurate.
  • We will not retain your personal information for longer than necessary.
  • We will always process your personal data securely.
  • We will not sell or trade your personal information to other colleges, universities, non-profit
    organizations, or businesses, unless we have your consent to share the information, and if
    ordered to do so by legal processes, subpoenas, or court orders.

Entities That Process Your Personal Information:

  • College staff, faculty, and Board of Trustees
  • Third Parties
  • College related organizations

The College may share your personal information with other individuals or entities as indicated in the St.
Louis Community College’s Privacy Policy.

Responsible Use of Information

The College protects personal information related to the data subject as specified in the Board Policy:
Responsible Use of Information and Technology.

Legal Basis for Processing Your Personal Information

The College will process your personal information only when necessary for one or more of the
following lawful purposes:

  • Contract – The College needs to process your personal information to provide your education
    services.
  • Legal Obligation – Personal information as necessary for compliance with a legal obligation.
  • Legitimate Interests – The College has determined that processing your personal information is
    necessary to perform the services or conduct the business for which the data is collected.
  • Vital Interests – We must process your personal information to protect an interest important to
    you or someone else.
  • Public Task or Public Interest – The College processes personal information related to providing
    educational services or process information related to race or ethnicity.
  • When you have given consent – If consent is the basis for processing data, you may withdraw
    consent at any time.

Purposes for Processing Your Personal Information

In addition to the above lawful purposes for processing your data, the College may process your data
without specific consent for the following uses:

  • The College requires the data to carry out specific obligations or rights of the College, or the
    data subject in relation to business transactions with the College, education services performed
    by the College, obligations related to employment or to process payments to comply with a
    contract.
  • For compliance with a legal obligation, we record and report donations.
  • You grant us permission to provide health services, to process payments or to process
    admissions and student education information.
  • The College has a legitimate interest when we evaluate your academic performance and
    determine financial aid eligibility.
  • We provide health care for various public health related reasons and to respond to and inform
    you of emergency situations.
  • The College reports information relating to public health and safety.

Data Protection Rights

You have certain rights regarding your personal information. Additional details can be found in the
Official Journal of the European Union, Chapter 3, Rights of the Data Subject

The Right to Access

You have the right to request copies of your personal information.

The Right to Correct

You have the right to request that the College correct any information you believe is inaccurate, and
complete information that you believe is incomplete.

The Right to Erasure (known as the “right to be forgotten”)

You have the right to request that we erase your personal information. However, information that is
necessary to be retained for legal compliance will be securely retained by the College.

The Right to Restrict Processing

You have the right to request that we restrict the processing of your personal information.

The Right to be Notified

You have the right to request that you are notified when your personal information is corrected, erased
or when we restrict the processing of your information.

The Right to Data Portability

You have the right to request we transfer your personal information that we collected to another
organization or directly to you.

The Right to Object

You have the right to object to our processing of your personal information. If you object to our
processing of personal information, it may impact the services or functions we can engage in with you.

Automated Individual Decision-Making System

You have the right not to be subject to automated decision-based processing, such as profiling.

File a Complaint

For information regarding filing a complaint with an appropriate European Union supervisory authority,
visit: https://ec.europa.eu/info/about-european-commission/contact/problems-and-complaints_en

Contact Information

For general information regarding data privacy concerns, contact:

Data Privacy Officer
St. Louis Community College
3221 McKelvey Road, Bridgeton, Missouri, 63044
privacy@stlcc.edu 
314-539-5113

Changes to This GDPR Privacy Policy

Any changes to this policy will be highlighted on the top of this page for one month before going into
effect. The highlights will remain on the top of the page for three months to keep you informed of the
changes.

 

 

Last Updated: June 9, 2021

Back to top