Kansas State University (K-State) is committed to personal privacy. The functions of the university may at times involve the collection and dissemination of scientific, technical, economic, scholarly, and in some cases, personal information. This privacy statement outlines what personal information K-State may collect about you and how the university may use it. The statement explains K-State's information collection and disclosure practices for the website www.k-state.edu and the network of websites making up the K-State online network (except for K-State websites that include their own privacy statements).
K-State is a public higher education institution governed by the Kansas Board of Regents (KBOR). K-State complies with applicable federal and Kansas state laws, as well as KBOR and K-State policies, for the collection, use, and disclosure of personal information.
The university may amend this privacy statement from time-to-time without notice; therefore, K-State asks that you review this statement periodically to ensure that you are aware of the most updated statement. When required by law, the university will notify you of any changes.
Website Information Collection and Use
What information do we collect, and how does the university use it?
Information you provide us. If you fill out an admissions or employment application, or complete an online form or purchase, then the university may collect personal information that you provide, including but not limited to your name, residential or mailing address, email address, phone number, Social Security Number, and/or credit or debit card information. By providing personal information, you acknowledge that, where permitted by applicable law, K-State may use this information for the express purposes for which the information was provided, which may include to:
- Respond to your requests for information
- Process applications for admission or employment
- Process information for administrative purposes
- Process orders for goods or services
- Notify you of products or services
- Improve online content and communications
- Improve university services
- Process information for purposes as may be detailed on university websites or mobile applications
Information Automatically Collected. When you visit K-State websites, the university automatically collects technical information from you using website tracking technology, such as Google Analytics. Information that K-State collects may include, without limitation:
- Web visit information, including pages visited on our websites; date and time of each visit; websites visited before or after visiting our sites; details of visits including terms used in search queries, and
- Log information, including domain name of internet service provider; internet protocol address; network traffic; attempts to access unauthorized sites.
We use "cookies" on this website to assist, manage and improve online content to deliver the best user experience, provide, customize, and personalize communications and market our activities to you, as well as to protect university networks from unauthorized or harmful activities, such as network system breaches or computer viruses. A cookie is a piece of data stored on a visitor's hard drive to help us improve your access to our websites and identify repeat visitors to our sites. For instance, when we use a cookie to identify you, you may not have to log in using a password more than once, thereby saving time while on our site. Cookies can also enable us to track and target the interests of our users to enhance the experience on our websites. Generally, information automatically collected from you is aggregated and not individually identifiable to site visitors; however, if there is a network security breach, log information is retained and reviewed to support an internal university, law enforcement or similar investigation.
Sharing Information with Third Parties
K-State coordinates with many vendors and contractors who assist the university with its day-to-day affairs. Personal information that you provide to K-State or which the university automatically collects is used or shared with these organizations for the express purposes for which the information was collected or as otherwise expressed in this privacy statement. University vendors and contractors are only permitted to use personal information for the express purposes permitted in their agreements with the university. Otherwise, personal information is not released to third parties except as permitted by applicable law or legal process, including in instances where the information needs to be disclosed to protect the safety and security of the university community or property.
Links to External Websites
This privacy statement applies solely to information collected on K-State's online network. If you click on a link that directs you to a website or resource outside of the K-State online network, you are subject to the privacy policies of that site. The university is not responsible for the privacy practices of non-university websites, including independent websites of faculty, staff, or students that are not supported by the university.
If you use or access K-State's online network outside of the United States, the university may transfer information from that jurisdiction to the United States, where data protection regulations may not offer the same level of protection as in other parts of the world, such as the European Union (EU). If you use or access K-State's online network in the EU, K-State will transfer data to the United States to execute contractual obligations, comply with applicable law, and protect the health and safety of the user or others.
Access, Control and Correction of Your Information
Depending upon your location/residency and relationship with the university, you may have the right:
- To request access to or transfer of your information;
- To ask about the methods in which your information is maintained and processed;
- To request information about the organizations with whom your information may be disclosed;
- To ask K-State to delete or restrict how the university uses your information, but this right is determined by applicable law and may impact your access to and participation in the university's activities and services;
- If you believe your information is incorrect or incomplete, you can request corrections or updates to any inaccuracies, and for those corrections to be made if it is deemed inaccurate by K-State;
- To object to the collection, processing, retention or use of your information; and
- To lodge a complaint with the appropriate authorities.
Your privacy is important to K-State, and we are committed to respecting it while at the same time adhering to any legal obligations we may have related to your information. You may exercise the rights described above by contacting K-State's online support at: https://support.ksu.edu. In order for your request to be considered, you must identify the law or regulation you believe justifies your request, and you must identify your affiliation with K-State (student, employee, applicant for employment, etc.). Please keep in mind that if you choose to request that K-State erase your personal information, the university may be unable to effectively offer you certain educational services, communicate with you or allow you to participate in certain university activities if your information is needed to provide those services or activities.
Please note that K-State may have legal or other obligations that require it to retain certain information for a specific period of time, which may prevent K-State from honoring your request to delete your personal information. In such cases, your records will be deleted when those records are eligible for destruction under the applicable legal regulatory scheme. For individuals requesting that their personal information be deleted under the EU General Data Protection Regulation (GDPR), K-State has a legitimate business interest in retaining records in accordance with applicable records retention laws, and records subject to such regulations will be deleted when the required retention period lapses.
K-State does not accept requests to access or delete personal data from third parties. All such requests must come from the individual whose data is involved.
Protection of Personal Information
K-State uses its best efforts to protect personal information that you provide to us or that it automatically collects. The university works diligently to safeguard your personal information to prevent unauthorized information access or disclosure, maintain information accuracy, and ensure appropriate use of collected information. To assist with these efforts, the university has created and implemented appropriate technical and administrative procedures to safeguard personal information consistent with applicable privacy and data security laws. Nevertheless, K-State cannot guarantee these safeguards will protect any personal information that you provide, and providing personal information to the university is at your own risk.
Retention of Records
Records created by and submitted to K-State are maintained and destroyed according to requirements of applicable law, KBOR and K-State policies. For more information regarding university record retention practices, please refer to K-State Policy and Procedure Manual Chapter 3090, Retention of Records.
Last Revised Date: August 10, 2022