Privacy Notice

Privacy Notice
TCU Privacy of Information Policy
Main Content
Information stored on a computer system or sent electronically over a network is the
property of the individual who created it. Examination of that information without
authorization from the owner is a violation of the owner’s rights to control his or
her own property. Systems administrators, however, may gain access to user’s files
when it is necessary to maintain or prevent damage to systems or to ensure compliance
with other University rules.
Computer systems and networks provide mechanisms for the protection of private information
from examination. These mechanisms are necessarily imperfect and any attempt to circumvent
them in order to gain unauthorized access to private information (including both stored
computer files and messages transmitted over network) will be treated as a violation
of privacy and may subject a violator to disciplinary action.
In general, information that the owner would reasonably regard as private must be
treated as private by other users. Examples include the contents of electronic mail
boxes, the private file storage areas of individual users, and information stored
in other areas that are not public. That measures have not been taken to protect such
information does not make it permissible for others to inspect it.
On shared and networked computer systems certain information about users and their
activities is visible to others. Users are cautioned that certain accounting and directory
information (for example, user names and electronic mail addresses), certain records
of file names and executed commands, and information stored in public areas, are not
private. Nonetheless, such unsecured information about other users must not be manipulated
in ways that they might reasonably find intrusive; for example, eavesdropping by computer
and systematic monitoring of the behavior of others are likely to be considered invasions
of privacy that would be cause for disciplinary action.
Collection of Information by TCU
TCU does not systematically collect or record names, postal or e-mail addresses, phone
numbers, gender identity, or other personally identifying data (the “Personal Data”)
from visitors to the Site, unless such data is voluntarily submitted by visitors for
the purposes outlined below.
Data Retention
TCU will keep your data for as long as it is necessary to fulfill the purpose for
which it was collected. We may also retain your records to fulfill a legitimate interest
or if legally required to do so.
Information Security
No transmission of data over the internet can be guaranteed to be completely secure.
TCU provides access to information in order to further its mission while maintaining
the privacy and accuracy of that information. The
information security policy
outlines the rights and responsibilities of the individual as well as those of TCU
pertaining to information access, storage and delivery.
Log Files
The University's website does not automatically capture or store personal data from
visitors to the site, other than to log your IP address and session information. Session
information includes the time and duration of your visit to the site, the files requested,
and the browser used. This information will only be accessed by authorized persons
of the University or its agents. The information will be retained by the University
and will only be used for the purpose of (a) managing the TCU web network, (b) the
identification of broken links, and (c) for statistical and audit purposes.
Cookies and Aggregate Information
TCU uses "cookies" (i.e., a small text file that is sent to your browser from the
Site) to improve your return access and visits to the Site. TCU may use
to customize content, to analyze Site activity and user behavior, including, without
limitation, through Google Analytics Demographics and Interest Reporting, and for
advertising and promotional purposes (further discussed in "Interest-based Advertising"
below). TCU reserves the right to use cookies in the future in conjunction with new
or extended functionalities.
TCU may compile and provide aggregate statistics about Site visitors, customers, sales,
traffic patterns, and related information to third parties, but such information will
not specify Personal Data. TCU collects IP addresses as a component of such aggregate
information. Such information could, if necessary, be used to identify a user in order
to comply with safety or security issues.
You may set your browser to notify you when you receive a cookie (letting you choose
whether to accept it) or to disallow cookies altogether, without preventing your access
to the Site.
Google Analytics
Google Analytics is Google’s analytics tool that helps website and app owners to understand
how their visitors engage with their properties. It may use a set of cookies to collect
information and report website usage statistics without personally identifying individual
visitors to Google. The main cookie used by Google Analytics is the ‘__ga’ cookie.
TCU uses
Google Analytics
data to monitor web network performance and identify user experience issues with
page content and code quality.
Web Forms
You may occasionally be asked to provide personal information to gain access to specific
services.
Sensitive Personal Information (SPI) is defined as an individual’s name, address,
or telephone number combined with any of the following:
Social security number or taxpayer ID number
Credit or debit card number
Financial/salary data
Driver’s license number
Date of birth
Medical or health information protected under HIPAA
Biometric Markers (e.g. fingerprint, retina, voice, heartbeat, grip)
Student related data protected under FERPA
SPI will not be disclosed except as provided by University policy and procedure or
legal disclosure requirements. SPI will be protected and secured in accordance with
standards outlined in the
TCU SPI Policy
. Any exceptions will be explained at the point of collection.
Interest-Based Advertising
TCU may provide certain third-party service providers, including Google Analytics
Remarketing, with the cookies it has obtained in order for such service provider to
inform, optimize and serve advertisements on other websites a user visits, based on
such user's prior visits to the Site. TCU directs these service providers to not use
the provided cookies for any purpose other than to provide the advertising services
explicitly requested by TCU.
You can opt out of certain service providers' use of cookies. For example, Google
permits you to
register your preferences
. Google Analytics also provides an
opt-out add-on
for your browser.
The Self-Regulatory Program for
Online Behavioral Advertising
and the
Digital Advertising Alliance
and the
Network Advertising Initiative
have websites that allow you to register your choice to opt-out of receiving interest-based
advertisements from certain companies that participate in such initiatives.
Personalized Content
TCU uses Matomo data tracking and analytics to deliver customized content to certain
website visitors. Matomo uses a combination of first-party cookies and other techniques
to "fingerprint" a website visitor. The default expiration for Matomo cookies is 13
months. Even if a user clears their cookies, Matomo can still tell who they are based
on this fingerprint.
TCU does not enable tracking on any external domains (sites outside of *.tcu.edu).
When visiting certain sections and content pages within the TCU web network, the TCU
personalization tool may collect the following information for website visitors:
User IP address (leading 2 octets)
Date and time of the page visit
Title of the page being viewed (Page Title)
URL of the page being viewed (Page URL)
URL of the page that was viewed prior to the current page (Referrer URL)
Screen resolution being used
Time in local user's time zone
Location of the user: country, region, and metro region
Main Language of the browser being used (Accept-Language header)
Browser plug-ins
User Agent of the browser being used (User-Agent header)
From the User-Agent, detect the browser, operating system, device used (desktop, tablet,
mobile, TV, cars, console, etc.), brand and model.
Some information is also stored in first-party cookies and collected by our personalization
feature:
Random unique visitor ID
Time of the first visit for this user
Time of the previous visit for this user
Number of visits for this user
Social Media Engagement
TCU partners with Evertrue, Inc. to monitor user engagement with select University
pages on Facebook. The data reported to TCU by Evertrue is provided by the Facebook
Graph. Details of the
data captured by Facebook
and made available to the Facebook Graph are governed by your Facebook privacy settings.
Short Message Service (SMS)
No mobile information will be shared with third parties or affiliates for marketing
or promotional purposes. Opt-in data and consent for text messaging campaigns will
not be shared with any third parties.
SMS Terms and Conditions
Message frequency may vary per user.
Message and data rates may apply.
Text HELP for assistance or STOP to unsubscribe.
Carriers are not liable for delayed or undelivered messages.
Donor/Constituent Privacy Notice
For full information pertaining to the alumni, donors and friends of the university,
please see our
University Advancement Donor / Constituent Privacy Notice
Notice for European Union (EU) Residents
If you are located within the European Economic Area (EEA), TCU acknowledges the rights
granted to you under the General Data Protection Regulation (GDPR). In certain cases,
you may also have the following rights with respect to your personal data collected
and used in EEA processing activities:
Right to be informed about the processing of your personal data
Right to obtain access to your personal information held by TCU
Right to ask for incorrect, inaccurate or incomplete personal data to be corrected
Right to erasure of your information when it is no longer necessary for TCU to retain
it
Right to restrict or object to processing of your personal information, including
sending communications that may be considered direct-marketing materials
Right to data portability
Right to object to automated decision-making and profiling where applicable
For additional information, please refer to the
European Economic Area Privacy Notice
Contact Information
For questions, comments or concerns about privacy or security of personal information,
you may contact our Information Security Officer, Mr. Aaron Munoz. He has also been
designated as the Data Protection Officer for inquiries related to the GDPR.
Aaron Munoz
Information Security Officer
TCU Box 298820
Sid W Richardson Bldg., Room 151K
a.v.munoz@tcu.edu
817-257-6851
Any questions concerning this policy should be directed to:
security@tcu.edu
Last Revised: 6/12/2025