Privacy Policy | API Study Abroad

Connect with Us


Interview with Joan Solaún.

API Institutional Relations team member, Emily Nagle had the opportunity to interview API’s Director of Caribbean and Latin American Programming, Joan Solaún. Joan was recently honored with the NAFSA International Education Award for Distinguished Contributions to the Field in honor of Marita Houlihan.  “Given Joan Solaún’s warm, vibrant character, it is no surprise that her passion for [...]

The post Interview with Joan Solaún. appeared first on The API Abroad Blog.

PRIVACY POLICY

Last Updated: May/09/2018

Your privacy is important to Academic Programs International (“API”, “we”, “us” ). Academic Programs International LLC, “we”, “us” or “our” ) as data controller. This privacy policy (“Policy”) applies to the API websites located at apiabroad.com, apiabroad.global and apistudyabroad.com (the “Sites”) and the API mobile application (the “App”) and tells you how personal information is collected, used, disclosed, and protected by API. The Site, and all products and services provided by API are collectively referred to as the “Services”. By using the Services you consent that we may process the data that we collect from you in accordance with this Privacy Policy. If you obtain your use of the Services in connection with the services offered by a third party, the individual terms of that third party’s contract with API may further restrict our collection or use of your personal information more than what is described in this Policy

The API data protection officer is Fernando Dávila at privacy@apiabroad.com

This Privacy Policy applies to Personal Data that you provide to us or which is derived from such Personal Data as further outlined below. For additional information about cookies and other web tracking technologies that we are using please see also our Cookie Policy below.

PERSONAL INFORMATION WE COLLECT

We collect information from you in various ways when you use our Services. We may also supplement this information with information from other companies. We collect two general types of information, namely personal information and aggregate data. As used in this Policy, the term “personal information” means information that specifically identifies an individual (such as a name and email address), and demographic and other information when directly linked to information that can identify an individual.

Our definition of personal information does not include “aggregate data”. Aggregate data is information we collect about a group or category of services or users from which individual user identities have been removed. In other words, no personal information is included in aggregate data. Aggregate data helps us understand trends in our users’ needs so that we can better consider new features or otherwise tailor our Services.

The following are the specific types of information we collect from you:

Information You Give Us or That You Authorize Others to Give to Us

We collect information you give us on our Site and when you register for and use our Services and information that you authorize others to give to us. Examples include the following:

Registration and Profile Information 

When you register to use our Services or update your profile, we may collect various kinds of information about you including, your name and email address; transcripts and other education records; and other profile information you provide or that you have others provide to us; demographic information; and information you upload such as photos, files, and documents.

Contact Information

We collect the email addresses you provide for contacts you enter or upload into your private contacts page. When you choose to collaborate or share information with others, we also collect email addresses you provide to email invitations to those individuals on your behalf.

Payment Information

Our payment processing vendor collects any credit card information you submit; and, we and our payment processor collect billing information you submit.

Submissions and API Service 

From time to time we may use surveys, contests or sweepstakes requesting personal or demographic information and customer feedback.

Automatically Collected Information 

We automatically receive certain types of information when you interact with our Services. For example, it is standard for your web browser to automatically send information to every website you visit, including ours. That information includes your computer’s IP address, access times, your browser type and language, and referring website addresses. We may also collect information about the type of operating system you use, your account activity, and files and pages accessed or used by you.

Cookies and Web Beacons  

We may also use certain kinds of technology such as cookies and web beacons to collect information. Among other things, the use of cookies and web beacons enables us to improve our Site and emails by seeing which areas and features are most popular, to count the number of computers accessing our website, to personalize and improve your experience, to record your preferences, and to allow you to visit our Site without re-entering your member ID and/or password. A cookie is a small amount of data which is sent to your browser from a web site’s computers and stored on your computer’s hard drive. Most browsers automatically accept cookies as the default setting. You can modify your browser setting to reject our cookies or to prompt you before accepting a cookie by editing your browser options. However, if a browser is set not to accept cookies or if a user rejects a cookie, some portions of the website and services may not function properly. For example, you may not be able to sign in and access certain web page features or services. A web beacon is an electronic image, also called a “gif,” that may be used on our web pages to deliver cookies, count visits and compile statistics on usage and campaign effectiveness or in our emails to tell if an email has been opened and acted upon.

PURPOSE OF DATA USE: PERSONAL INFORMATION

In general, we use your personal information to provide the Services, process your requests or transactions, to provide you with information or services you request, to inform you about other information, events, promotions, products or services we think will be of interest to you, to facilitate your use of, and our administration and operation of, the Services and to otherwise serve you and our users. For example, we may use your personal information:

  • to provide information to educational institutions that you attend, or desire to attend;
  • to request feedback and to enable us to develop, customize and improve our Services;
  • to conduct marketing analysis, to send you surveys or newsletters, to contact you about services, products, activities, special events or offers from API or our service or marketing partners and for other marketing, informational, product development and promotional purposes;
  • to send you a welcoming email and to contact you about your use of the Services; to respond to your emails, submissions, comments, requests or complaints; to perform after-sales services; to anticipate and resolve problems with our service; to respond to customer support inquiries, for assistance with our product and service development; and to inform you of updates to products and services from API that better meet your needs;
  • to send emails to users you invite (and contacts you invite to become users) to collaborate and access your information;
  • to enable you to communicate, collaborate, and share files with users you designate;
    to contact you if you win a contest; and
  • for other purposes about which we notify you.

DURATION OF PROCESSING OF PERSONAL DATA

Notwithstanding those instances where your Personal Data is processed or used by API based on a statutory permission  or your consent, API will only store your Personal Data for as long as it is required to fulfil the purposes set out below, (until you object to API’s use of your Personal Data (if API uses your Personal Data based on legitimate interest), or  until you withdraw your consent (if API uses your Personal Data based on your consent). However, where API is required by mandatory law to retain your Personal Data longer or where your Personal Data is required for API to assert or defend against legal claims, API will retain your Personal Data until the end of the relevant retention period or the settlement of the claims in question.

DATA SUBJECT’S RIGHTS UNDER GDPR

You can request from API at any time information about which Personal Data API processes about you and the correction or deletion of such Personal Data.  Notwithstanding your request, API may retain your Personal Data if there is a statutory obligation or prevailing right of API to retain it. Kindly note that if you request the deletion of your Personal Data from API you will not be able to further use such API Services which require API’s use of your Personal Data.

If API uses your Personal Data based on your consent or to perform a contract with you, you may further request from API a copy of the Personal Data that you have provided to API  To make such a request, please contact the email address below and specify the information or processing activities to which your request relates, the requested format for your Personal Data (provided it is commonly used), and whether the Personal Data shall be provided to you or another recipient. API will carefully review your request and discuss with you how it can be best implemented.

Furthermore, you can request from API that API restricts your Personal Data from any further processing in any of the following events:

  • You state that the Personal Data API has about you is incorrect, however, only for as long as API requires to check the accuracy of the relevant Personal Data;
  • There is no legal basis for API’s processing of your Personal Data and you demand that API restricts your Personal Data from further processing;
  • API no longer requires your Personal Data but you claim that you require such data in order to claim or exercise legal rights or to defend against third-party claims, or;
  • In case you object to the processing of your Personal Data by API for as long as it is required to review as to whether API has a prevailing interest or legal obligation in processing your Personal Data. Please direct any such request to privacy@apiabroad.com.

RIGHT TO LODGE A COMPLAINT

If you take the view that API is not processing your Personal Data in accordance with the requirements set out herein or applicable EEA data protection laws, you can at any time lodge a GDPR complaint with the data protection authority of the EEA country where you live.

Contact details for the EU data protection authorities can be found at http://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.htm

API does not knowingly collect personally identifiable information from children under the age of thirteen (13) without verifiable parental consent. If it is determined that such information has been inadvertently collected on anyone under the age of thirteen (13), we shall immediately take the necessary steps to ensure that such information is deleted from our system’s database. Anyone under the age of thirteen (13) must seek and obtain parent or guardian permission to use this website.

UPDATING AND ACCESSING PERSONAL INFORMATION

If your personal information changes in any way, you must correct or update your information as soon as possible. You can make updates to your profile information by logging into your account on API at any time. You can also request changes or access to your information by emailing api@apiabroad.com

CHOICE/OPT-OUT

We may send you communications or data regarding our Services, including but not limited to

  • notices about your use of our Services, including any notices concerning violations of use;
  • updates, and;
  • promotional information and materials regarding our Services.

You may opt-out of receiving promotional emails from Us by following the opt-out instructions provided in those emails. You may also opt-out of receiving promotional emails and other promotional communications from us at any time by emailing api@apiabroad.com with your specific request. Opt-out requests will not apply to transactional service messages, such as security alerts and notices about your current account and Services.

ACCESS

EU and Swiss individuals have the right to access their Personal Information. Except as otherwise set forth below, upon written request (at the address provided below under the section of this Policy entitled “CONTACT US”), API shall allow such individuals to amend, correct or delete any of their Personal Information possessed by API that is inaccurate or that is being processed in violation of this Policy. The individual will need to provide sufficient identifying information. In some circumstances, we may charge a reasonable fee, where warranted, for access to such Personal Information.

DATA INTEGRITY & LIMITATIONS ON DATA USE

API shall only process and use Personal Information in a way that is compatible with and relevant for the purpose for which it was provided to API. To the extent necessary for those purposes, API shall take reasonable steps to ensure that Personal Information in our possession is accurate, complete, current and reliable for its intended use.

CHOICE

In accordance with this Policy Principles, and except in connection with transfers to third parties performing tasks directly on our behalf and pursuant to our instructions, where we receive Personal Information directly from an EU or Swiss individual to which such Personal Information pertains, we will offer the individual the opportunity to choose (opt-out) whether his/her Personal Information is (1) disclosed to a third party; or (2) used for a purpose other than the purpose for which he/she provided consent. Anyone wishing to opt out can do so by contacting API at the address provided below under the section of this Policy entitled “CONTACT INFORMATION”

Where we receive Personal Information pertaining to EU and Swiss individuals directly from our clients (and not the individual to whom the Personal Information relates), we will cooperate with our clients’ reasonable requests to:

  • Assist them in informing the impacted individuals about (a) the possibility that we may disclose such individuals’ information to third parties and (b) the individual’s ability to opt out of such disclosures (except for disclosures to third parties performing tasks directly on our behalf and pursuant to our instructions); and
  • Reasonably ensure that we process the information for purposes compatible with those for which it was originally collected or subsequently authorized by the impacted individuals. Our clients will then inform us if any such individuals have opted out of such disclosures.

SHARING OF PERSONAL INFORMATION

API reserves the right to share aggregated information about our customers, sales, and traffic to our partners and advertisers. We may disclose personal information to a third party:

  • To provide information to educational institutions that you attend, or desire to attend;
  • To provide the Services to you, including by providing personal information to any third parties (such as cloud services providers and universities) who we may partner with to provide the Services;
  • To comply with laws or respond to lawful requests and legal process;
  • To protect API, agents, customers, and others including to enforce our agreements, policies, and terms of use;
  • In the good faith belief that disclosure is needed to respond to an emergency, or protect the personal safety of any person;
  • In connection with an acquisition, merger, or sale of all or a substantial portion of our business, with or to another company. In such an event, you will receive notice if your data is transferred and becomes subject to a substantially different privacy policy;

This Policy in no way restricts or limits our collection and use of aggregate data, and we may share aggregate data about you and our users with third parties for various purposes in perpetuity, including to help us better understand our customer needs and improve our Services, to provide new Services and for advertising and marketing purposes.

In certain situations, we may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

NETWORK AND INFORMATION SECURITY

We take reasonable steps to protect the information we collect from you to prevent loss, misuse and unauthorized access, disclosure, alteration, and destruction.

The servers on which information is stored are kept in a controlled environment with limited access. While we take reasonable efforts to guard personal information we knowingly collect directly from you, no security system is impenetrable. In addition, we cannot guarantee that any -collected personal information you choose to include in documents you store on our systems are maintained at adequate levels of protection to meet specific needs or obligations you may have relating to that information.

We work with a third party data center, Amazon Web Services, WPengine, IOZOOM, Google Cloud, and Software as a Service providers to host our Websites, services, and software in secure production environments that use firewalls and other technology to reasonably prevent access from outside intruders. API also uses Secure Socket Layer (SSL) for authentication and private communications in an effort to build users’ trust and confidence in the internet and website use by providing simple and secure access and communication of credit card and personal information. Our credit card processing vendor uses security measures to protect your information, both during the transaction and after it’s complete. API Is certified compliant with all Payment Card Industry (PCI) DSS 3.2 standards.

COOKIE POLICY

Academic Programs International. (“API”, “we” or “us) may automatically receive and record information on our server logs from your browser when you use the API Website and Services. We may use a variety of methods, including clear GIFs (also known as “web beacons”) and “cookies”, to collect this information.

This Cookie Policy aims to inform you about our use of such cookies and clear GIFs, but does not govern the use of the API Website nor the processing of Personal Information on the API Website. The Cookie Policy should therefore be read in conjunction with our Privacy Policy and the API Terms of Service. Any capitalized terms in this Cookie Policy are defined in the Privacy Policy or, in lack thereof, in the Terms of Service.

1. COOKIES AND OTHER AUTOMATED MEANS OF PASSIVE DATA COLLECTION
In this Cookie Policy, cookies and other automated means (e.g. web beacons) will be jointly referred to as ‘Cookies’ throughout this policy, except as set forth in this section.

This section provides more information about some of those technologies and how they work:

Cookies

A cookie is a string of information that a website stores on a visitor’s computer, and that the visitor’s browser provides to the website each time the visitor returns. Most major websites use cookies. Because the browser provides this cookie information to the website at each visit, cookies serve as a sort of label that allows a website to “recognize” a browser when it returns to the website.

Cookies store information about your activities on a website or other platform. For example, cookies can store your session information for easy sign-in to a website or other platform you have previously visited. They enable us to make your use of the API Website and Services more enjoyable and to improve the functionality of the Service.

Clear GIFs

Clear GIFs (also known as web beacons) are used in combination with cookies to help website operators understand how visitors interact with their websites. A clear GIF is typically a transparent graphic image (usually 1 pixel x 1 pixel) that is placed on a website. The use of a clear GIF allows the website to measure the actions of the visitor opening the page that contains the clear GIF. It makes it easier to follow and record the activities of a recognized browser, such as the path of pages visited at a website.

Clear GIFs, which can be embedded in web pages, videos, or emails, can allow a web server to read certain types of information from your browser, check whether you have viewed a particular web page or email message, and

determine, among other things, the time and date on which you viewed the Clear GIF, the IP address of your computer, and the URL of the web page from which the Clear GIF was viewed.

For more information about cookies and web beacons, please visit http://www.allaboutcookies.org/cookies/.

Other local storage

We, along with our partners and vendors, use other kinds of local storage, such as Local Shared Objects, also referred to as “Flash cookies”, and HTML5 Local Storage (including IE local storage), also referred to as “browser cookies”.

These technologies are similar to the cookies discussed above in that they are stored on your computer and can be used to store certain information about your activities and preferences. However, these objects are stored in different parts of your computer from ordinary browser cookies.

We use Local Shares Objects in connection with the Services, including, but not limited to, in our legacy Web Application product, Apache, and also in communicating between pages or frames loaded from our domain and pages or frames loaded from our Client’s domain in browsers that do not support HTML5 for cross domain communication (for example, IE).

We are using PHP and HTML5 Local Storage to improve the Service performance and End User experience by caching certain data objects locally so they don’t have to always be fetched from the server. We also store certain End User states required for delivering the Service, and use HTML5 Local Storage to store identifiers and access tokens in browsers that do not allow setting 3rd party cookies (for example, Safari).

2. WHAT INFORMATION DO WE PASSIVELY COLLECT?

The information that we may collect with these automated methods may include, for example, your IP address, cookie information, a unique device or user ID, browser type, system type, the content and pages that you access on the API Website or Services, the frequency and duration of your visits to the API Website or Services, and the “referring URL” (i.e., the page from which you navigated to the API Website). We may also use cookies on the API Website and Services to store session validators on your hard drive.

If we directly combine any information gathered through passive means with Personal Information, we treat the combined information as Personal Information under our Privacy Policy. Otherwise, we use information collected by passive means in aggregated forms.

3. HOW DO WE USE PASSIVELY COLLECTED DATA?
On the API Website

On the API Website, we may use passively-collected data to: (a) remember your information so that you will not have to re-enter it during your visit or the next time you visit the API Website; (b) monitor your participation in various sections of the API Website; (c) customize our service to you, including by providing you with recommendations; (c) monitor aggregate website usage metrics such as total number of visitors and pages viewed; and (d) administer, operate, and improve the API Website and our other services and systems, and to provide services and content that are tailored to you.

Through the API Services
Our Clients, in implementing API’s Services, utilize their own websites. When you use the Service, our servers passively collect data through the implementation of the API API including, but not limited to, your IP address, page views, browser type, interactions with API’s Services, the web page you are currently visiting and the web page you were visiting before you came to the Service, and social actions such as sharing and commenting. This information is used to facilitate delivery of the Service and, in some cases, for internal reports. Additionally, some of the information collected is used in the Client Reports. The Client Reports may contain both passively-collected information and End User Personal Information.

Please note that, as End Users utilizing API’s Service on a Client’s website, that Client may also passively collect data subject to that website’s particular Privacy Policy, including, without limitation, non-API action such as purchases and videos watched. You should read and be aware of the terms of service, privacy policy, and privacy practices of the website of any Client utilizing our Services.

4. WHAT COOKIES DO WE USE AND WHY?

We use the following types of cookies:

Strictly necessary cookies – These cookies are used for the sole purpose of either (i) carrying out a transmission of a communication over an electronic communications network, or (ii) to allow the provider of an information society service to provide such service as explicitly requested by you.

Performance cookies – These cookies collect information about how visitors use a website, for instance, which pages visitors go to most often, and if they get error messages from web pages. These cookies do not collect information that identifies a visitor. All information these cookies collect is aggregated and therefore anonymous. it is only used to improve how a website works.

Functionality cookies – These cookies allow the website to remember choices you make (such as your user name, language or region you are in) and provide enhanced, more personal features.

Social media cookies – These cookies are used based on social connect functionalities or when you make use of a social media add-on button (e.g. clicking on the ‘Like’ icon on a webpage).

Whether a cookie is considered as a ‘first’ or ‘third party’ cookie refers to the domain placing the cookie. First-party cookies are those cookies set by a website that is being visited by the user at the time (e.g. cookies placed by [www.apiabroad.com]). Third-party cookies are cookies that are set by a domain other than that of the website being visited by the user. If a user visits a website and another entity sets a cookie through that website this would be a third-party cookie.

Session cookies allow website operators to link your actions during a browser session – A browser session starts when you open the browser window and finishes when you close the browser window. Session cookies are created temporarily. Once you close the browser, all session cookies are deleted. Persistent cookies on the other hand are cookies which remain on your device for the period of time specified in the cookie. We use both session and persistent cookies.

You can find more information about the individual cookies we use, and the specific purposes for which we use them, in the attached table below.

5. HOW TO DISABLE OR REMOVE COOKIES

Cookies

You can configure your Internet browser, by changing its options, to stop accepting cookies completely or to prompt you before accepting a cookie from the website you visit. If you do not accept cookies, however, you may not be able to use all portions of the API Website or all functionality of the Services.

Other Local Storage

For information about disabling or deleting information contained in Local Shared Objects, please visit https://helpx.adobe.com/flash-player/kb/disable-local-shared-objects-flash.html.

For information about disabling or deleting information contained in HTML5 Local Storage, please refer to your browser’s user manual or please visit http://www.allaboutcookies.org/cookies/.

Please note that disabling these technologies may interfere with the performance and features of the Services.

6. CHANGES AND UPDATES TO THIS COOKIE POLICY

We may occasionally update this Cookie Policy. If we do, we will update the “effective date” at the top of the Cookie Policy. If we make an update to this Cookie Policy that is materially less restrictive in our use or disclosure of passively collected data prior to the update, we will provide you with prior notice of the pending update and seek your consent by posting notice on the API Website or by contacting you using the email address you provided.

We encourage you to periodically review this Cookie Policy to stay informed about our use of passively collected data. Your continued use of the API Website constitutes your agreement to this Cookie Policy and any updates.

7. CONTACTING US

If you have questions about this Cookie Policy, you may contact via the contact information at the bottom of this page.

8. COOKIE MAP INVENTORY 

Click here to view a cookie map inventory (Updated 5/23/2018)

CHANGES TO THIS POLICY

We may change this Policy from time to time. If we make any changes to this Policy, we will change the “last updated” date above. If there are material changes to this Policy and you have an active account with us, we will notify you more directly. We encourage you to check this Policy whenever you use any of Services to understand how your personal information is used.

CONTACT INFORMATION

If you have any questions, comments, or concerns about this privacy statement or the practices of the Websites, you can contact us:

Academic Programs International – API

301 Camp Craft, Ste 100

Austin, Texas, 78746

800.844.4124

api@apiabroad.com

EFFECTIVE DATE OF POLICY AND UPDATE THIS POLICY

This Policy is effective as of May 09, 2018. API reviews this Policy from time to time and may make changes this Policy in connection with such review. We will post any changes to this Policy on these web pages following such change. You should check this page regularly to ensure you are familiar with any changes. You agree that any posted changes to this Policy will be binding on you.