Organizational Commitment to Privacy
Northeastern maintains a multi-disciplinary commitment to privacy, including roles responsible for all aspects of information protection that includes security and privacy. A security awareness program helps students, faculty and staff understand their roles and responsibilities in protecting information. Systems that solicit or display personally-identifiable information are protected by authentication and authorization controls.
Privacy of Web-Based Transactions
Northeastern’s web-based experiences involving personal, confidential, or sensitive information are secured by SSL (Secure Sockets Layer protocol) with 128-bit encryption.
Why We Collect Personal Information
We collect personal information in order to deliver services and information personalized to you, and your role or interests at Northeastern.
Personal Information We Collect
The NUID Number is used as the student identification number.
Collection and Use of the Social Security Number (SSN)
Other Information We Collect
Your web browser automatically sends us the type of computing device and operating system you are using. We may also collect and maintain the IP (internet protocol) address used by your computing device. In addition, we may collect the dates and times you access the myNEU portal and associated services, URLs requested, file names sent or received, search strings, and errors generated. We may also collect other information to assist us in maintaining or managing our systems, assisting you with a help request, or informing investigations. We may also share information with:
departments within the University, individuals and organizations involved in assisting the University in providing services, and in response to lawful orders issued by, local, state and/or Federal agencies. How Personal Information is Used Within Northeastern
The primary use of personal information is to enable delivery, personalization, and improvement of services related to individual roles and work at Northeastern. Personal information may be shared with other departments and business units at the University to the extent necessary to deliver and improve services offered.
How Personal Information is Used Outside Northeastern
To the extent necessary to deliver and improve services, we may share personal information with others outside the University such as third party providers, vendors, and others acting on behalf of the University. Northeastern does not sell personal information. The University complies with lawful orders for production of records pursuant to law enforcement investigations, and in supplying information as may be required by local, state and Federal agencies.
Third party links
Occasionally, at our discretion, we may include links on our website to third-party sites that have separate and independent privacy policies. We therefore have no responsibility or liability for the content and activities of these linked sites. Nonetheless, we seek to protect the integrity of our site and welcome any feedback about these sites.
If you send us email, we may share your email address and message content with others inside University, and with persons and organizations outside the University who may be called on to assist in processing your inquiry or serving your needs.
If you supply telephone numbers of any description, we may share these numbers with service providers inside and outside the University.
Access to Information and Files Pertaining to you
You have the right to request access to information and files pertaining to you. You may exercise these rights by contacting the office appropriate to your role at the University.
Requesting Access to Information and Files Pertaining to you
To request access to information and files pertaining to you, we invite you to contact the office appropriate to your role:
Procedure for Requesting Access to Information and Files Pertaining to you
To request access to information and files pertaining to you, a written request is required. In your request, we ask that you share with us the following information:
Your Right to Request Information Pertaining to you be Removed from NU Systems and Files
You have the right to request information pertaining to you be removed from NU systems and files. There are some instances however, where the University may deny a request to remove information. For example, the University may decline to remove the following types of information including, but not limited to:
information required to be maintained by the University as part of student or employment records, or pursuant to local, state or Federal law, statute or other regulation, or in performance of contractual obligations, and/or information compiled in reasonable anticipation of, or for use in a civil, criminal or administrative action or proceeding. Procedure for requesting removal of information pertaining to you To request removal of information pertaining to you, a written request is required. In your request, we ask that you share with us the following information:
If you are not satisfied with the outcome of a privacy inquiry, you have the right to seek redress. To exercise this right, please contact in writing, the Office of Information & Technology Security, Northeastern University, 177 Huntington Floor 22, , Boston, MA 02115. The following information is required:
your name and role (applicant, student, or employee), a description of the problem or concern, your contact information, including email and postal addresses, the names of person(s) you have contacted about the problem, and copies of responses received from them. The University will respond to requests no later than sixty (60) days after receipt. If a request is denied, we will send a written explanation explaining the reason for the denial, and a notification of your right to file a written statement of disagreement. The University may also provide a right to have the denial reviewed. If the University is unable to act within sixty (60) days, we may extend that time by no more than an additional thirty (30) days. If we need to extend this time, we will notify you of the delay and the date by which we will complete action on your request.
How to Contact the Organization
If the office responsible for your role is not able to answer your question, please email email@example.com . A member of the Information Security and Identity Services group will assist you.