Protecting Your Privacy

Pomona College respects your privacy and is committed to protecting your personal information. Therefore, we treat your personal data confidentially and in accordance with data protection legislation and this Privacy Policy. During your visit to our the College’s main website (www.pomona.edu) or its other public, non-login websites, we may collect and store some technical information, such as the domain name of your Internet provider, which pages you visit, and the time and duration of your stay. This information is used solely to provide us with a better understanding of how our website is being used and to help us make it more useful to visitors like you. It is never used to identify you.

Personal Information

Your personal data will not be forwarded to third parties or used for advertising purposes without your consent, except as required by law or in those cases in which we have engaged an outside organization/service provider to provide services on behalf of the College. In the latter case, the outside organizations/service providers have been carefully selected and have been instructed that they are required to keep such information confidential and prohibited from using it for any other purpose and are regularly controlled.

The College takes every reasonable precaution to keep such information secure. We take extensive technical and operational safety precautions which are regularly reviewed and updated based on technological advancements to avoid loss or misuse of personal data stored by us. However, due to the structure of the Internet, it is possible that data protection regulations and safeguards are not observed by other individuals or institutions that do not fall within our area of responsibility. In particular, unencrypted personal data (for example in an email) can be read by third parties. It is therefore the respective user’s responsibility to protect provided personal data through encryption or other means against abuse.

Public, Non-Login Websites

Our public, non-login websites can usually be used without disclosure of personal data. Personal, identifying information about you is collected and stored only when you provide it voluntarily—for example, when you fill out and submit a web form or send us an email expressly containing such information. This information is used only to provide you with more targeted information about the College or its programs, and is deleted as soon as storing them is no longer necessary and limit processing in case retention obligations apply.

If you visit our website for mere information purposes and you do not register or transfer in any other manner information to us, we only collect the personal data that your browser transfers to our server. When your visit our website, we collect the following personal data that are technically necessary to make our website visible and accessible for you and in order to ensure stability and security of our website (see Article 6 para. 1 cl. 1 lit. f of the GDPR as legal basis):

  • IP-address
  • Date and time of your visit
  • Time difference to Greenwood Mean Time (GMT)
  • Access status/HTTP-status code
  • Amount of transferred data
  • Website from which the request originated
  • Browser type/browser version
  • Operating system and interface
  • Language.

Private, Login Websites

Our private, login websites can usually be used without disclosure of personal data. Personal, identifying information about you is collected and stored only when you provide it voluntarily—by logging onto one of the College’s private web pages, for example, when you interact with course pages. Generally speaking, this information is primarily used to provide you with access to non-public information about courses or activities at the College, and is deleted as soon as storing them is no longer necessary and limit processing in case retention obligations apply.

In addition to the personal data that your browser transfers to our server discussed in the section above, we also collect additional information depending on how you interact with a particular private website. For example, for course pages, this may include the name and academic submissions by a particular student, while for activity pages, this may include a student’s name or other voluntarily submitted information.

For students, staff, and faculty (as well as applicants to each category), the College will keep a record of the details you provided on your application form, any supporting documents requested and additional details provided by any referees and recorded following any interview process. The College will maintain various administrative and financial records about your student and/or employment status, and about your use of the academic and non-academic facilities and services that we offer. Where relevant, we may supplement these records with personal data from the public domain (e.g. your publications) or other sources. Access to your personal information is limited to staff who have a legitimate interest in it for the purpose of carrying out their contractual duties, and our use of your personal information will not be excessive.

The College may process some information about you, that you voluntarily provide, that is classified as ‘sensitive’ or ‘special category’ personal data, and which requires additional protections. This includes information concerning your ethnicity, sexual orientation, religious beliefs or health/disability that we use for planning and monitoring purposes, or in order to provide care, help or suitable accommodations. For certain courses of study/research projects, other sensitive information may be processed, such as information about past criminal convictions, working with children or vulnerable adults, and your fitness to practice in certain regulated professions. Access to, and the sharing of, your ‘sensitive’ personal data are controlled very carefully. You will normally be given further details about our use of any such data when we collect it from you.

In addition, the College will process your personal information for a range of contractual, statutory or public interest purposes, including the following:

  • To assess your suitability for a particular role or task;
  • To support you in implementing any health-related accommodations to allow you to carry out a particular role or task;
  • To fulfill and monitor our responsibilities under immigration, public safety, and other state and federal legislation;
  • To administer compensation, payroll, benefits and other standard employment functions.
  • To compile statistics and conduct surveys and research for internal and statutory reporting purposes;
  • To administer HR-related processes, including those relating to performance/absence management, disciplinary issues and complaints/grievances;
  • To communicate effectively with you by mail, email and phone, including the distribution of relevant notices;
  • To support your training, health, safety, welfare and religious requirements.
  • To enable us to contact others in the event of an emergency.

Cookies

To optimize your web experience, we may store small amounts of information on your computer through the use of cookies. Cookies do not harm your device and do not contain viruses. Cookies are used to make our website more user-friendly, effective, and safer. Cookies are small text files that are stored on your device and by your browser.

We can legally store cookies on your device, provided that this is absolutely necessary for the operation of this website. For all other types of cookies, we need your consent. Our websites use different types of cookies as described below:

  • Transient cookies are automatically deleted when you close your browser. This includes session cookies. The session cookies store a so-called session ID with which different requests of your browser can be categorized during the session. That means that your browser becomes recognizable when your return to our website. The session cookies are deleted when you log out and close your browser.
  • Persistent cookies are automatically deleted after a specific period that can vary from cookie to cookie. You can at all times delete these cookies in the setup of your browser.

Our public, non-login websites does not require that you grant us the right to store cookies on your computer. If you choose not to, you can set your browser so that you are informed about the use of cookies and only allow them for specific cases, to exclude the acceptance of cookies for specific cases or in general, or the automatic deletion of cookies when you close the browser. Simply consult the documentation provided with your web browser to turn off the "accept cookies" feature. Deactivating cookies may limit the functionality of our websites, and may not allow you to login to websites requiring a login.

Pomona College utilizes some third-party systems for specialized websites or website functions (See “Third-Party Websites and Functions” below) and those systems may utilize their own cookies. Please consult the privacy policy pages linked below to learn more about those systems’ cookies.

For additional information about which cookies are used on our websites, please see our cookies listing.

 

Server log files

Our website providers collect and automatically store information in so-called server log files, which your browser automatically transmits to us. These logs are used to analyze usage of the websites. These logged entries include:

  • IP-address
  • Date and time of your visit
  • Time difference to Greenwood Mean Time (GMT)
  • Access status/HTTP-status code
  • Amount of transferred data
  • Website from which the request originated
  • Browser type/browser version
  • Operating system and interface
  • Language.

This data cannot be assigned to specific individuals. A combination of this data with other data sources are not carried out. We reserve the right to examine this data retrospectively if we have become aware of specific evidence of unlawful use.

Third-Party Websites and Functions

We utilize various third-party systems to collect standard internet log information for the legitimate interests of the College, including, but not limited to, expanded options, to help us analyze our various websites’ traffic, and to offer our users a more integrated experience. Below, we outline the most-used systems, each with a short description and a link to their privacy information:

  • AddThis – Some sites may utilize an AddThis share widget to allow you to post the current page onto a social media platform.
  • Acalog – This system is utilized for our online catalog and student handbook.
  • Box – Some sites may embed or link to documents stored in Box.
  • Campus Works – Students, faculty and staff may use Engage by Campus Works to manage various aspects of their Pomona College experience, such as participation in events and organizations.
  • CashNet – This online service enables students and their designated contacts to view student account billing statement and submit tuition payments on the web.
  • Facebook – Some sites may embed a data feed from a Facebook page, post, or group.
  • Fluid Review – Students may apply for grants.
  • Formstack – We utilize Formstack for allowing users to submit form information to the College. These may be forms on Formstack’s website, or forms embedded in our websites.
  • Google Analytics Some of our sites utilize Google Analytics to analyze our website traffic. We have expanded our websites’ Google Analytics code with “anonymizeIP.” This guarantees the masking of your IP address so that all data is collected anonymously. Only in exceptional cases will your full IP address be transferred to a Google server in the USA and truncated there.
  • Handshake – This career services platform is used by many members of the Pomona College community.
  • Instagram – Some sites may embed images from Instagram.
  • Kronos – This workforce management system is utilized for timekeeping/attendance tracking of college staff
  • Office365 – Pomona College constituencies may use these services for email, creating/viewing documents, etc.
  • Parchment – Students and alumni may request digital copies of transcripts.
  • Smartsheet – We utilize Smartsheet to display spreadsheet data on some sites.
  • Technosolutions – We utilize Technosolutions for Admissions processes, as well as analyzing website traffic relating to our admissions pages.
  • Terra Dotta – We utilize Terra Dotta for our Study Abroad program information and applications.
  • Twitter – Some sites may embed a data feed from a Twitter page or post.
  • Workday – Students, faculty and staff utilize Workday to perform various administrative functions.
  • YouTube – Some sites may utilize YouTube to embed videos.

General Data Protection Regulation (GDPR)

EU residents are entitled to be informed anytime about their personal data. Upon reasonable request, we are able to inform European Union (“EU”) residents upon request, what data we have stored about them. If it turns out that, despite our efforts to collect correct and current data, we have stored incorrect data in our system, we will make reasonable efforts to rectify this as soon as practicable. EU residents are entitled to make a request for their personal data at anytime, whether correcting, deleting or blocking of personal data. Upon receipt of their reasonable request, we will make efforts to immediately delete any of personal data associated with that EU resident that is stored by the College. However, please note that after deletion of an EU resident’s data, we may be only able to provide our services partially or even not at all.

In case an EU resident has consented to the collecting, processing and use of their personal data, the EU resident can revoke this consent anytime or amend their consent (Article 7 para. 3 GDPR). An EU resident can exercise this right by mail, email or fax by completing and submitting the subject access request form to the contact information below found in the Questions About Our Policies section. Though it is not mandatory for EU residents to use this form, the form is available to assist the College in providing a timely and accurate response to your request under article 15 of the GDPR. This does not trigger any costs.

Use of Links

At various points in our web, we provide links to other servers that may contain information of interest to our readers. We take no responsibility for and exercise no control over the views or accuracy of the information contained on these outside websites. Also, if you wish to make a text link from your website to any portion of ours, you may do so without asking permission.

Use of Text and Images

If you would like to publish information that you find on our website, or use our logo or images, please send your request to webmaster@pomona.edu.

Contact Information for our Data Protection Officer

The controller in the sense of Article 4 para. 7 of the GDPR is:

Pomona College
c/o Elisa Alban
333 N. College Way
Claremont, CA 91711

Phone: (909) 621-8147
Fax: (909) 621-8671
Email: dpo@pomona.edu

If you have any other questions about this privacy statement, the practices of this site, or your dealings with this website, please contact us at: webmaster@pomona.edu.