The privacy of our visitors at UPI Education is very important to us. We want you to understand the type of information we collect when you visit our site and how we use this information.
We reserve the right to update our privacy policy as part of our multi-jurisdiction compliance initiatives.
Last updated: 25 October 2021.
Who we are
Our company is UPI Education, Inc and we are a registered not-for-profit 501C3 organization. Our official website address is https://upieducation.org.
We also own and operate UPI Loan Fund, located at 1301 E Washington St Ste 104, Phoenix, AZ 85034-1162, and online at https://upiloanfund.us.
Hereinafter, the aforementioned website addresses and our online social media profiles are collectively referred to as “websites”.
What personal data we collect and why we collect it
Like almost all websites that you visit, our website collects anonymous data such as your IP address, Country, and Time of visit. This data is not used for tracking purposes and is stored on our private server as a log file.
If you complete our contact form or add a comment to a blog article, our website collects identifiable personal data like your name, email address, and technical information like site-specific cookie data.
The data our site collects about you helps us to respond to your inquiries, protect against and eliminate spam, and comply with our legal obligations in multiple jurisdictions.
By using our website, filling in our online forms, or leaving feedback or comments, you are actively providing your consent to the collection of your data for the aforementioned purposes.
Personal data is not just created by a user’s interactions with your site. Personal data is also generated from technical processes such as contact forms, comments, cookies, analytics, and third party embeds.
By default, our website does not collect any personal data about visitors, and only collects the data shown on the User Profile screen of registered users. However, some of the add-on components of our website may collect personal data.
Add-ons & Data Collection
The Forms we use on our websites store a record of all form submissions. Your data may be deleted by the site administrator. You may request a report of saved data related to your email address. Your data is stored only briefly for each submission. If you uploaded documents or other files, these may remain on our server until manually removed.
Some data may be shared with other services including list services such as our Newsletter add-on, MailChimp, or PayPal.
We collect certain pieces of information about you when you complete one of our testimonial forms. This may include your full name, e-mail address, photo, company name, and website. By completing a testimonial form, you are expressly agreeing to these terms, and giving consent for us to:
- Send a confirmation e-mail, to let you know your testimonial was received and approved;
- Send important account/ product/ service information;
- Set up and administer your account, provide technical/customer support, and verify your identity.
We use a security certificate service to provide additional protection to our websites. The SSL service does not process any personally identifiable information, and obligations arising under the European GDPR do not apply to these add-ons or usage on our websites.
Comments
When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.
An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.
Media
If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.
Cookies
If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.
Analytics
By default, our websites do not collect any analytics data. Our websites use Google Analytics to help us improve our services and cater to our target audiences. However, many web servers do collect some anonymous analytics data about usage and visitor numbers.
Who we share your data with
By default, we do not share your data with third parties. If you have a registered account on our websites, and you request a password reset, your IP address will be included in the reset email.
How long we retain your data
If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.
For users that register on our website (if any), we also store the personal information they provide in their user profiles. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.
What rights you have over your data
If you have an account on this site or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
Where we send your data
Visitor comments may be checked through an automated spam detection service.
Contact information
If you have any privacy-specific concerns, please contact techops@upiedu.org, and our Data Protection Officer will respond within a reasonable time.
How we protect your data
All available measures are taken to protect your data including the use of add-ons requiring the minimum data necessary to perform the relevant function. This could include technical measures such as encryption; security measures such as two-factor authentication; and measures such as staff training in data protection. We routinely conduct Privacy Impact and Compliance assessments to ensure we fulfil and maintain our legal obligations.
What data breach procedures we have in place
If a data breach occurs, you will be informed by our Data Protection Officer in accordance with the law of the jurisdiction where the breach occurred. We use firewalls and antivirus protection on all our websites which include internal reporting systems that alert us to unethical, hacking, and DDOS attempts.
What third parties we receive data from
Occasionally, we receive data about users from third parties, including Great Nonprofits and Guidestar. Any data received is temporarily stored on our server for the duration prescribed by the third party’s code. If you have concerns please raise them with the relevant service.