MISTI is committed to supporting the privacy of students. This Privacy Statement explains how we handle and use the personal information we collect about students.
What personal information we collect
While specific information may vary for particular individuals, we may collect, use, store and transfer different kinds of personal information about you, which we have grouped together as follows:
- Basic contact information – home and university address, academic department information/academic major, phone number, and email address
- Document information – passport biographic page, DS-2019, visa letter and copies of visa documents as applicable, academic transcript, and flight information
- Health insurance information – name of health insurance plan, health insurance number, and copy of health insurance card
- Demographic information – name, gender, birth date, photograph, citizenship, country of residence
- Emergency contact information – name, relationship, phone number, email address of student’s emergency contact
- Analytical information – aggregated information related to web visitor activity and email marketing actions
How we collect personal information about you
We collect this information directly from students as well as from home and host university offices as applicable.
How we use your personal information
We use your personal information for a number of legitimate purposes all in support of the Institute and its mission. Specifically, we use your personal information to:
- Work with relevant academic departments, labs, and offices at MIT to enable student participation in study abroad programs and exchanges.
- Handle and mail visa application documents to consulates and embassies on behalf of students as needed.
If you have concerns about any of these purposes, or how we communicate with you, please contact us at firstname.lastname@example.org. We will always respect a request by you to stop processing your personal information (subject to our legal obligations).
When we share your personal information
To perform the functions listed above, it may be necessary to share your personal information with
- Partner universities that host MIT students in study abroad programs or exchanges.
- Organizations/companies that provide housing or organize internships for MIT students studying abroad.
- Insurance companies that provide gap health insurance for students.
How your information is stored and secured
MIT uses risk-assessed administrative, technical and physical security measures to protect your personal information. Information is stored in our online database, Travel Registry database, HQ Go Abroad database, and files on staff computers and on the shared drive.
How long we keep your personal information
We will maintain a record for you until such time as you tell us that you no longer wish us to keep in touch.
Rights for Individuals in the European Economic Area
You have the right in certain circumstances to (1) access your personal information; (2) to correct or erase information; (3) restrict processing; and (4) object to communications, direct marketing, or profiling. To the extent applicable, the EU’s General Data Protection Regulation provides further information about your rights. You also have the right to lodge complaints with your national or regional data protection authority.
If you are inclined to exercise these rights, we request an opportunity to discuss with you any concerns you may have. To protect the personal information we hold, we may also request further information to verify your identity when exercising these rights. Upon a request to erase information, we will maintain a core set of personal data to ensure we do not contact you inadvertently in the future, as well as any information necessary for MIT archival purposes. We may also need to retain some financial information for legal purposes, including US IRS compliance. In the event of an actual or threatened legal claim, we may retain your information for purposes of establishing, defending against or exercising our rights with respect to such claim.
By providing information directly to MIT, you consent to the transfer of your personal information outside of the European Economic Area to the United States. You understand that the current laws and regulations of the United States may not provide the same level of protection as the data and privacy laws and regulations of the EEA.
You are under no statutory or contractual obligation to provide any personal data to us.
We may change this Privacy Statement from time to time. If we make any significant changes in the way we treat your personal information we will make this clear on our MIT websites or by contacting you directly.
The controller for your personal information is MIT. If you are in the EU and wish to assert any of your applicable GDPR rights, please contact email@example.com.
This policy was last updated in MAY 2018.