Tel-Hai College Privacy Policy

Last modified date: April  25th, 2021

Introduction

We, at Tel-Hai College, care about your personal data and privacy interests. 

"Personal Data" means any information that refers, is related to, or is associated with an identified or identifiable individual or as otherwise may be defined by applicable law.

That is why we take the issue of information security seriously. In this Privacy policy we wish to explain you how we collect your personal data, what is its purposes and what are your rights.

Data security and privacy are an ongoing responsibility, and so we will from time to time update this Privacy Policy as we undertake new personal data practices or adopt new privacy policies.

Data Protection Officer

Tel-Hai College has appointed an internal Data Protection Officer for you to contact if you have any questions or concerns about the College’s personal data policies or practices. The College’s data protection officer’s name and contact information are as follows:

Mrs. Natalie Edelman Porat, Adv.

e-mail address: [email protected]

Phone number: +972-4-8181954

How we collect and use (process) your personal information

Most of the personal information we process is provided to us directly by you for one of the following reasons:

• You are interested in an advanced curriculum we offer;

• You have made an information request to us;

• You are representing your organisation;

• You are subscribed to our e-newsletter;

• You have made a complaint or enquiry to us;

We also may receive personal information indirectly, in the following scenarios:

• From other Israeli or EU academic institution via an exchange student and/or exchange lecturer program (e.g Erasmus Program);
• We have contacted an organisation about a complaint you have made, and it gives us your personal information in its response;
• Your personal information is contained in reports of breaches of data protection law (‘breach reports’) given to us by organisations;
• A complainant refers to you in their complaint correspondence;
• Whistle-blowers include information about you in their reporting to us;
• From other public authorities, regulators or law enforcement bodies;
• An employee of ours gives your contact details as an emergency contact or a referee.
• In an event requiring informing the student's emergency contact.

Why do we collect and use (process) your personal information?

• Providing our services;
• Audience measurement;
• To protect vital interests;
• Providing security;
• Reporting and management information – support business reporting;
• Discretionary service interactions - students are identified in order for them to receive communications relating to how they use and operate the data controllers’ services;
• Compliance with requests for disclosures to law enforcement, courts and regulatory bodies, including EU, Israeli and foreign;
• Marketing;
• Preventing fraud;
• Personalized service and communications;

• Periodic reporting to government bodies in Israel and in the EU, such as: reports to the Israeli Bureau of Statistics (details of incoming students), Erasmus;

• Back-office operations.

Categories of personal data collecting:

Prospective students

To use our services, you will be required to register and provide us with the following mandatory personal data: full name, nationality, higher education, year of birth, country of residence, email address, gender, phone number. as you progress with the registration procedure, you will be asked to us send a copy of your passport. you may also fill in other preselected optional questions about the program that you are interested with.

How we Use this Data:

We use this Personal Data to (1) provide you with the services and to respond to your inquiries and requests and to contact and communicate with you; and (2) to prevent fraud, improve the services, protect the security of and address any problems with the website and/or our services.

Prospective Exchange students and Prospective Exchange professors

For our exchange programs you will be required to provide us with the following personal data: cv including your full name, higher education record, occupational experience, credential, etc., your passport number, a copy of your passport, contact details. you may also be required for other self-reported additional details such as: gender, allergies, food preferences (Kosher/ Vegan etc.).

How we Use this Data:

We use this Personal Data to (1) provide you with the services and to respond to your inquiries and requests and to contact and communicate with you; and (2) to prevent fraud, improve the services, protect the security of and address any problems with the website and/or our services; (3) to protect your health and other vital interests.

Active Students

For providing our students with our services including but not limited to a curricula schedule, certificates, supply of living conditions, security, etc., you will be required to provide us with the following personal data: full name, title (mr. / mrs. / dr etc), affiliation to an academic institution, affiliation to a field, passport id number, grades,  email, phone number, local israeli cellular phone number, dormitory and catering details- gender, allergies, food preferences (kosher/ vegan etc.). we may also collect other self-reported comments and requests.

How we Use this Data: We use this Personal Data to (1) provide you with the services and to respond to your inquiries and requests and to contact and communicate with you; and (2) to prevent fraud, improve the services, protect the security of and address any problems with the website and/or our services; (3) to protect your health and other vital interests.

Alumni students

We keep personal information about our graduates and former students to provide them with services and information if required. we store and collect the following data: contact details including full name, title (mr. / mrs. / dr etc), affiliation to an academic institution, affiliation to a field, passport id number, grades, email, phone number. we may also store self-reported alumni students’ previous requests and comments.

How we Use this Data: We use this personal data to (1) provide you with the services and to respond to your inquiries and requests and to contact and communicate with you; and (2) to prevent fraud, improve the services, protect the security of and address any problems with the website and/or our services; and (3) offer you similar services.

Payment information

Payment of tuition and other payment are required for providing you with tel-hai college's services. you will be required to provide us with the following personal data contact details: full name, requested payment method. some programs will require your transferring institution details for payment purposes. 

How we Use this Data: We use this Personal Data to (1) provide you with the services by using a third-party pci/dss-compliant payment processing service; (2) to prevent fraud.

Tel-Hai website and on-line services

We use cookies and similar technologies for several reasons, including to help personalize your experience and we also use a cookies tool on our website to gain consent for the optional cookies we use. Third parties through which we provide the services and/or our business partners may be placing and reading cookies on your browser or using web beacons to collect information in the course of advertising being served on different websites. when visiting this site, you shall be notified of the use of and placement of cookies and other similar technologies on your device as specified herein. 

What are Cookies? A cookie is a small piece of text that is sent to a user's browser or device. The browser provides this piece of text to the device of the originating user when this user returns.

A "session cookie" is temporary and will remain on your device until you leave the Site.

A "persistent" cookie may be used to help save your settings and customizations across visits. It will remain on your device until you delete it. 

First-party cookies are placed by us, while third-party cookies may be placed by a third party. We use both first- and third-party cookies.

We may use the terms "cookies" to refer to all technologies that we may use to store data in your browser or device or that collect information or help us identify you in the manner described above, such as web beacons or "pixel tags".

How We Use Cookies. We use cookies and similar technologies for a number of reasons, as specified below. The specific names and types of the cookies, web beacons, and other similar technologies we use may change from time to time. However, the cookies we use generally fall into one of the following categories:

Necessary Cookies. These cookies are necessary to allow the Site to work correctly. They enable you to access the Site, move around, and access different services, features, and tools. Examples include remembering previous actions (e.g. entered text) when navigating back to a page in the same session. These cookies cannot be disabled.

 

 

Cookies for better Functionality. These cookies remember your settings and preferences and the choices you make (such as language or regional preferences) to help us personalize your experience and offer you enhanced functionality and content.

 

 

Analytics and Performance Cookies. These cookies collect information regarding your activity on our site to help us learn more about which features are popular with our users and how our site and/or our on-line services can be improved. It can also help us understand how you use our site, for example whether you have viewed messages or specific pages and how long you spent on each page. This helps us improve the performance of our site and/or our on-line services.

 

 

Advertising Cookies. These cookies are placed in order to deliver content, including ads relevant and meaningful to you and your interests. They may also be used to deliver targeted advertising or to limit the number of times you see an advertisement. This can help us track how efficient advertising campaigns are, both for our own Services and for other websites. Such cookies may track your browsing habits and activity when visiting our Site and/or our on-line services and those of third parties.

 

 

How to adjust your preferences. Most Web browsers are initially configured to accept cookies, but you can change this setting so your browser either refuses all cookies or informs you when a cookie is being sent. In addition, you are free to delete any existing cookies at any time. Please note that some features of the Services may not function properly when cookies are disabled or removed. For example, if you delete cookies that store your account information or preferences, you will be required to input these each time you visit. Although we do our best to honour the privacy preferences of our users, we are unable to respond to Do Not Track signals set by your browser at this time.

 

Email Cookies. Additionally, cookies may be placed in messages we send to track your interaction with such emails.

 

Third-Party Applications and Services

All use of third-party applications or services is at your own risk and subject to such third party's terms and privacy policies. 

Security and performance

We have implemented and maintain appropriate technical and organization security measures, policies and procedures designed to reduce the risk of accidental destruction or loss, or the unauthorized disclosure or access to Personal Data appropriate to the nature of such data. The measures we take include:

Safeguards – The physical, electronic, and procedural safeguards we employ to protect your Personal Data include secure servers, firewalls, antivirus, and SSL encryption of data.

Access Control – We dedicate efforts for a proper management of system entries and limit access only to authorized personnel on a 'need to know' basis of least privilege rules, review permissions quarterly, and revoke access immediately after employee termination. 

Internal Policies – We maintain and regularly review and update our privacy related and information security policies. 

Personnel – We require new employees to sign non-disclosure agreements according to applicable law and industry customary practice. 

Database Backup – Our databases are backed up on a periodic basis for certain data and are verified regularly. Backups are encrypted and stored within the production environment to preserve their confidentiality and integrity, are tested regularly to ensure availability, and are accessible only by authorized personnel. 

However, no method of transmission over the Internet or method of electronic storage is 100% secure. Therefore, while we strive to use commercially acceptable means to protect your Personal Data, we cannot guarantee its absolute security.

As the security of information depends in part on the security of the computer you use to communicate with us and the security you use to protect user IDs and passwords, please take appropriate measures to protect this information. 

Purpose and lawful basis for processing

The purpose for implementing the above is to maintain and monitor the performance of our website and to constantly look to improve the site and the services it offers to our users. The lawful basis we rely on to process your personal data is:

• Your consent as written in Article 6(1)(a) of the GDPR, for example when we require your consent for the optional cookies we use. For processing special categories of your personal data, we may ask for your explicit consent as described in Article 9.2(a) of the GDPR; and/or, 
• Contractual purposes as described in Article 6.1(b) of the GDPR, for example when your registration application; and/or, 
• To protect your vital interests accordingly to Article 6(1)(d) of the GDPR and/or Article 9.2(c) of the GDPR which allows us to process personal data for your safety; and/or,
• For the necessity of legitimate interests accordingly to Article 6.1(f) of the GDPR. For example, to maintain the integrity of our IT systems and the continuity of our business.

What are your rights?

As we are processing your personal data for our legitimate interests as stated above, there are legitimate reasons why we can not fulfil your application, which depend on why we are processing it.

• Right of Access. You have a right to know what Personal Data we collect about you and, in some cases, to have such Personal Data communicated to you. Subject to applicable law, we may charge you with a fee. Please note that we may not be able to provide you with all the information you request, and, in such case, we will endeavour to explain to you why Some of your personal data can be viewed by you in your personal area on the college website.

• Right to Data Portability. If the processing is based on your consent or performance of a contract with you and processing is being carried out by automated means, you may be entitled to (request that we) provide you or another party with a copy of the Personal Data you provided to us in a structured, commonly used, and machine-readable format. 

• Right to Correct Personal Data. Subject to the limitations in applicable law, you may request that we update, complete, correct or delete inaccurate, incomplete, or outdated Personal Data. Some of your personal data can be updated by you in your personal area on the college website

• Deletion of Personal Data ("Right to Be Forgotten"). Subject to any other law and / or obligation, you have a right to request that we delete your Personal Data if either: (1) it is no longer needed for the purpose for which it was collected, (2) our processing was based on your consent and you have withdrawn your consent, (3) you have successfully exercised your Right to Object (see below), (4) processing was unlawful, or (4) we are required to erase it for compliance with a legal obligation. We cannot restore information once it has been deleted. Please note that to ensure that we do not collect any further Personal Data, you should also delete and clear our cookies from any device where you have used our website and/or other services. We may retain certain Personal Data (including following your request to delete) for audit and record-keeping purposes, or as otherwise permitted and/or required under applicable law. 

• Right to Restrict Processing. You can ask us to limit the processing of your Personal Data if either: (1) you have contested its accuracy and wish us to limit processing until this is verified; (2) the processing is unlawful, but you do not wish us to erase the Personal Data; (3) it is no longer needed for the purposes for which it was collected, but we still need it to establish, exercise, or defend of a legal claim; (4) you have exercised your Right to Object (below) and we are in the process of verifying our legitimate grounds for processing. We may continue to use your Personal Data after a restriction request under certain circumstances.

• Direct Marketing Opt-Out. You can change your mind at any time about your election to receive marketing communications from us and/or having your Personal Data processed for direct marketing purposes. If you do, please notify us by contacting us at [email protected] or by clicking the “unsubscribe” button in the message. We will process your request as soon as reasonably possible, however it may take a few days for us to update our records before any opt out is effective.

• Withdrawal of Consent. You may withdraw your consent in connection with any processing of your Personal Data based on a previously granted consent. This will not affect the lawfulness of any processing prior to such withdrawal. 

• Right to Lodge a Complaint with Your Local Supervisory Authority. You may have the right to submit a complaint to the relevant supervisory data protection authority if you have any concerns about how we are processing your Personal Data, though we ask that as a courtesy you please attempt to resolve any issues with us first.

• Right to Object. You can object to any processing of your Personal Data which has our legitimate interests as its legal basis, if you believe your fundamental rights and freedoms outweigh our legitimate interests. If you raise an objection, we have an opportunity to demonstrate that we have compelling legitimate interests which override your rights and freedoms.

When and how we share information with others

We will only disclose your personal data to third parties when:

• You have given your explicit consent accordingly with Article 6.1.1.a of the GDPR.
• It is legally permissible and required for the performance of a contract to which you are party accordingly with Article 6.1.1.b of the GDPR.
• Disclosure of personal data is necessary for compliance with a legal obligation accordingly with Article 6.1.1.c of the GDPR.
• Disclosure of personal data is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the Tel-Hai college accordingly with Article 6.1.1.e of the GDPR.
• We will notify you if your personal data are to be disclosed due to specific circumstances in an individual case.

We share your information, including Personal Data, as follows:

• Joint- Controllers. We share information, including your Personal Data, with our joint controllers- Keytstone Academic Solutions, Co- Euro and/or Israeli academic institutions. Where this is necessary to provide you with our services, and for the purpose of management of our business.
• Service Providers, and Subcontractors. We also disclose information, including Personal Data we collect from and/or about you, to our trusted third-party service providers and subcontractors, who have agreed to confidentiality restrictions and who use such information solely on our behalf in order to: (1) help us provide you with the Site, and/or Services; (2) aid in their understanding of how users are using our Site, and/or Services; (3) for the purpose of direct marketing.

Such service providers and subcontractors provide us with IT and system administration services, data backup, security, and storage services, web hosting, data analysis, payment services, help us serve advertisements and provide other marketing or mailing services, and provide us with tax and accounting services.

• Law Enforcement Related Disclosure. We may share your Personal Data with third parties: (1) if we believe in good faith that disclosure is appropriate to protect our or a third party's rights, property or safety (including the enforcement of the Terms and this Privacy Notice); (2) when required by law, regulation subpoena, court order or other law enforcement related issues, agencies and/or authorities; or (3) as is necessary to comply with any legal and/or regulatory obligation.

International Transfer

We use subcontractors and service providers and have affiliates who are located in countries other than your own, such as Israel, and send them information we receive (including Personal Data). We conduct such international transfers for the purposes described above. We will ensure that these third parties will be subject to written agreements ensuring the same level of privacy and data protection as set forth in this Privacy Notice, including appropriate remedies in the event of the violation of your data protection rights in such third country. Whenever we transfer your Personal Data to third parties based outside of the EEA, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented: 

• We will only transfer your Personal Data to countries that have been deemed to provide an adequate level of protection for Personal Data by the European Commission. 

• Where we use certain service providers, we may use specific contracts approved by the European Commission which give Personal Data the same protection it has in the EEA.

• In the absence of an adequacy decision, we may transfer your personal data to a third country or an international organisation due to derogations for specific situations such as your explicit consent to the proposed transfer, after informing you of possible risks of such transfers due to the absence of an adequacy decision and appropriate safeguard.

• Please contact our DPO if you would like further information on the specific mechanism used by us when transferring your Personal Data out of the EEA, Switzerland and the UK. 

Data storage and retention

Subject to applicable law, we retain Personal Data as necessary for the purposes set forth above. We may delete information from our systems without notice to you once we deem it is no longer necessary for these purposes. Retention by any of our processors may vary in accordance with the processor's retention policy. In some circumstances, we may store your Personal Data for longer periods of time, for instance where we are required to do so in accordance with legal, regulatory, tax, audit, accounting requirements and so that we have an accurate record of your dealings with us in the event of any complaints or challenges, or if we reasonably believe there is a prospect of litigation relating to your Personal Data or dealings. To determine the appropriate retention period, we consider the amount, nature, and sensitivity of the Personal Data, the potential risk of harm from unauthorized use or disclosure of your Personal Data, the purposes for which we process your Personal Data, and whether those purposes can be achieved through other means, as well as applicable legal requirements. 

Please contact DPO our  if you would like details regarding the retention periods for different types of your Personal Data. 

We do not market our Services to children under the age of 16 or knowingly collect any information from users under the age of 16 without first obtaining consent from their parents or guardians. In order to ensure that parents or guardians have given consent where needed, we have instituted a parental gate. In the event that you become aware that an individual under the age of sixteen (16) has enrolled without parental permission, please advise us immediately. 

Change and updates to the Privacy Policy

We may update this Privacy Notice from time to time to keep it up to date with legal requirements and the way we operate our business, and we will place any updates on our Site. Please come back to this page every now and then to make sure you are familiar with the latest version. If we make material changes to this Privacy Notice, we will seek to inform you by notice on our Site or by email.

Questions, concerns, and / or complaints

With your consent, we may send you e-mail or other messages and/or a newsletter about us or our services. You may remove your Personal Data from our mailing list and stop receiving future communication from us by following the UNSUBSCRIBE link located at the bottom of each communication or by emailing us to our DPO. 

We reserve the right to send you service-related communications, including service announcements and administrative messages, without your consent and without offering you the opportunity to opt out of receiving them. Should you not wish to receive such communications, you may contact us as described.