Skip to main content

GDPR Privacy Notice

I. GDPR Privacy Notice

The European Union’s General Data Protection Regulation (“GDPR”) is a data privacy law that applies to personal information collected in or from the European Union and European Economic Area. The University of North Carolina at Charlotte (“UNC Charlotte”) is committed to safeguarding the privacy of personal information, including compliance with the GDPR where applicable.

This Privacy Notice outlines the collection, use, and disclosure of personal information provided to UNC Charlotte by individuals in or from the European Union and European Economic Area (hereinafter “Information Providers”), including but not limited to:

When information is submitted to UNC Charlotte or you use UNC Charlotte’s websites and other electronic data services, you consent to the collection, use, and disclosure of that information as described in this Privacy Notice.

II. Information and Sensitive Information

UNC Charlotte may use, collect and/or disclose “Information” and “Sensitive Information” for its legitimate business purposes.

As used herein, “Information” refers to all personal data, excluding Sensitive Information, concerning a natural person, created by or provided to UNC Charlotte by or about an Information Provider.

“Sensitive Information,” as used herein, is Information about an Information Provider’s race, gender, ethnic origin, religious affiliation, health data, and criminal convictions.

III. University Use of Information and Sensitive Information

IV. Third Party Use of Information and Sensitive Information

UNC Charlotte may disclose Information and Sensitive Information to third parties as follows:

V. Security

UNC Charlotte implements appropriate technical and organizational security measures to protect your Information and Sensitive Information when you transmit it to us and when we store it on our information technology systems.

VI. Cookies and Other Technology

A description of how the University uses cookies and certain other data from its websites and email is located in the Terms of Use for the UNC Charlotte website.

VII. Retention and Destruction of Your Information

Your Information and Sensitive Information will be retained by the University in accordance with applicable federal and state laws, and the applicable retention periods in the University of North Carolina System Records Retention and Disposition Schedule.

Your Information and Sensitive Information will be destroyed upon your request unless applicable law or policy requires permanent retention or destruction after the expiration of an applicable retention period. The manner of destruction shall be appropriate to preserve and ensure the confidentiality of your information given the level of sensitivity, value, and criticality to the University.

VIII. Your Rights

You have the right to request access to, a copy of, rectification, restriction in the use of, or erasure of your Information and Sensitive Information in accordance with all applicable laws including, for students, the Family Educational Rights and Privacy Act (FERPA). The disposition of your Information and Sensitive Information shall be subject to the retention periods of applicable federal and state law, University Policy 605.3, Retention, Disposition, and Security of University Records, and the University of North Carolina System Records Retention and Disposition Schedule. If you have provided consent to the use of your Information or Sensitive Information, you have the right to withdraw consent without affecting the University’s lawful use of the Information or Sensitive Information prior to receipt of your request.

Individuals may exercise these rights by contacting the Office of Ethics and Compliance.

In some cases, your Information and Sensitive Information created in the European Union may be transferred out of the European Union to the University. If you feel the University has not complied with applicable foreign laws regulating such information, you have the right to file a complaint with the appropriate supervisory authority in the European Union.

IX. Updates to this Privacy Notice

This GDPR Privacy Notice may be amended from time to time. Any such changes will be posted on this page. The effective date of this GDPR Privacy Notice is May 25, 2018.