EU GDPR and Skidmore College Office of Advancement

The European Union General Data Protection Regulations (“EU GDPR”) is a regulation governing the use of personal data.  It imposes new obligations on entities that control or process personal data about people who are located in the European Union.  This regulation applies both inside the European Union (“EU”) and outside of the EU, and applies to data about anyone in the EU, regardless of whether they are a citizen or permanent resident of an EU country.

The regulation takes effect on May 25, 2018.

Residents of the European Union will need to provide consent for the collection and use of personal data. To provide consent to Skidmore College Office of Advancement for engagement, communication and fundraising purposes please complete this Consent Form.

What does my consent mean?

If you actively provide your consent to us for email, mobile phone or text we may contact you for engagement, communication or fundraising purposes.

If you have consented to continue to receive mail, we may send you direct mail (i.e. invitations, Scope magazine, etc.) unless you have told us that you would prefer not to receive such information.

What information is subject to the EU GDPR?

The EU GDPR applies to the control or processing of ‘personal data,’ which is defined as

Any information relating to an identified or identifiable natural person (the data subject); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, psychological, genetic, mental, economic, cultural or social identity of that natural person.

Examples of identifiers include but are not limited to: name, photo, email address, identification number such as Skidmore Connect ID, Skidmore User ID, physical address or other location data; IP address or other online identifier.

What information does Skidmore College collect and maintain concerning EU GDPR data?

We collect information in the following ways:

Information we get from alumni and student records, which may include personal information, like your name, degree details, email address, and telephone number. Your relationship with Skidmore is lifelong and we continue the relationship with alumni and parents of Skidmore as you are enrolled in our Alumni Community upon graduation or leaving. Our team aims to provide support as well as communicate important information and opportunities on a regular basis in order to keep you informed and engaged with what is happening at the College.

Information provide to us. For example, when you engage with our social media or message boards, make a gift, register for an event or otherwise update or provide us with personal information.

Information from third parties. We may also receive information about you from third parties. This can include information such as your name, postal address, email address, phone number, social handles, your geographic location (for mobile devices), credit/debit card details (when making gifts or registering for events). Wealth screening and research, including gathering information from publicly available resources to give an insight into your philanthropic interests and ability to support Skidmore College. We may segment the information we hold about you in our database based on a proprietary score. These scores are calculated using personal data, as well as how engaged with us you have previously been, and indicators of future engagement. Analysis of this helps us understand our Alumni, donors and potential donors to ensure we are efficient and that only relevant communications are sent to you.

What are the Skidmore College security standards and requirements for EU GDPR Data?

We ensure that there are appropriate technical controls in place to protect your personal details. For example our online forms are always encrypted and our network is protected and routinely monitored. We undertake regular reviews of who has access to information that we hold to ensure that your information is only accessible by relevant staff, volunteers and business partners.

Skidmore appoints an external party to undertake a screening of information, any such arrangements are subject to a formal agreement between the College and that firm has measures to protect the security of all data.

If I have questions about my personal data that is subject to the EU GDPR, who should I talk to?

Individuals with questions about their personal data collected and processed by Skidmore College Advancement Office should contact Monica M. Keith, Executive Director of Advancement Services at mkeith@skidmore.edu.