Skip to main content

Internet Privacy Statement

NSU Internet Privacy Statement

The Internet Privacy Statement discloses what information the University collects, how it is collected, why it is collected, how it is used (including, without limitation, management, exportation, and deletion of the information), and what Norfolk State University (NSU) will and will not do with the information collected.

Privacy Protection is a shared responsibility and a continuous process that reinforces expectations of behavior, actions, and activities critical to data privacy. Raising privacy protection awareness and informing all individuals who use Norfolk State University Technological Resources, as such term is defined in Administrative Policy 32-01, of their obligations will strengthen the understanding of privacy threats and risks. Norfolk State University values its privacy obligations and is committed to minimizing privacy concerns; therefore, the University’s resources are for official use only. Uses other than those authorized by Administrative Policy 32-01 are prohibited.

See Acceptable Use of Technological Resources Policy – [ https://www.nsu.edu/policy/admin-32-01 ]

Health Information Privacy
For health information privacy and security rights, please visit the HHS.gov website to review HIPPA Privacy and Security Rules. [ https://www.hhs.gov/hipaa]

Information We Collect

Norfolk State University data collection ranges from, but is not limited to, non-personal anonymous information gathered from available data streams, such as demographic information, visits and movement through the website as well as personally identifiable information (PII), which is provided by the user through online forms, surveys or sign-ups.  As used in this Privacy Statement, “personally identifiable information” (PII) includes any information which can be used to trace or distinguish an individual’s identity (such as their name, social security number, or biometric records, etc.), whether alone or when combined with other personal or identifying information linked to that individual.  In addition, information is also gathered through automated complex collection, which may include cookies, third party tracking technologies, browser information, Internet Protocol (IP) addresses, operating systems, and server logs. By way of illustration and not limitation, this may occur when accessing the University’s websites, web-based applications, customer relationship management (CRM) software, text or phone messaging platforms, or social media sites; during the creation of online accounts, enrollment to receive newsletters or email distribution lists, or participation in a promotion; or upon a request for information from NSU.

The University collects information to better understand community members’ and affiliates’ needs and provide the services that have been requested, and to fulfill a legitimate interest in improving NSU products and services according to behavior and personal preferences.

The information collected by cookies or other methods will not be stored for longer than necessary. (HTTP cookies--also called web cookies, Internet cookies, browser cookies, or simply cookies--are small blocks of data created by a web server while a user is browsing a website and placed on the user's computer or other device by the user’s web browser. Users may control the cookie settings of their web browser.) The length of time such information is stored will be determined based on the following criteria: 

  • Records Management retention requirements according to the Library of Virginia.
    [ https://www.lva.virginia.gov/
  • Length of time reasonable to demonstrate NSU has fulfilled its duties and obligations.
  • Periods during which a legal claim is pending if the information may be evidence relevant to the claim.
  • Retention schedules prescribed by any law or regulation, professional bodies, or associations.
  • The existence and establishment of consent of the subject of the information.


The information NSU collects, and how that information is used, depends on how you use the University’s variety of services.  You have the option to permit the use of your information, thus consenting to data collection. The University reserves the right to amend this Internet Privacy Statement at any time. To access the latest changes and stay up to date, it is advised that users frequently consult the Acceptable Use of Technological Resources Policy referenced at the beginning of this Internet Privacy Statement.  You have the option to discontinue, unsubscribe, or opt-out of certain services or communications for which data is collected or used.  If you elect not to disclose information, NSU reserves the right not to provide any product or service.

Data Sharing

Norfolk State University does not, nor will it, sell, rent, or lease any of its information on you. The University may use contact information to communicate with you. The University reserves the right to contact you if needed for non-marketing purposes (such as alerts, security breaches, account issues, and changes in products and services). The University will not use or disclose information except under the following circumstances:

  • To enhance or promote provided University services or products either internally or in coordination with vendors.
  • When aggregated with other information in a way that identity of each individual subject cannot be reasonably determined.
  • As required by law, such as in response to a subpoena, or search warrant.
  • To auditors who have agreed to keep information confidential.
  • To enforce Terms of Service.
  • To maintain, safeguard, and preserve all rights, resources, and intellectual property of NSU.
  • In other ways that involve consent of the subject of the information.

Third-Party Websites

Norfolk State University uses various third-party social media platforms including, but not limited to, Facebook, Instagram, Twitter, LinkedIn, YouTube, TikTok, Curator.io, and other interactive media. These services are governed by privacy policies of the providers and are not within the control of Norfolk State University. This Internet Privacy Statement does not govern the collection and use of information by organizations that Norfolk State University does not control, nor by individuals not employed or managed by NSU. It is the responsibility of the individual to review each organization’s privacy policy and/or statement before providing information.

GDPR and the European Union (EU)

Norfolk State University’s operations are located primarily in the United States (US). If you are in the European Union (EU) and provide information to NSU, the information will be transferred out of the European Union and sent to the United States. (The adequacy decision on EU-US Privacy became operational on August 1, 2016. This framework protects the fundamental rights of anyone in the EU whose personal data is transferred to the US for commercial purposes. It allows the free transfer of data to companies that are certified in the US under the Privacy Shield). By providing personal information to NSU, you are consenting to its storage and use described in this Internet Privacy Statement.

Under the regulations of the General Data Protection Regulation (GDPR) of the EU, anyone located in an EU country has certain rights as a Data Subject. Included in these protection rights are:

  • The right to be informed – NSU must inform you of how it intends to use personal data. This is accomplished through this Internet Privacy Statement.
  • The right of access – You have the right to request access to the data NSU possesses about you and NSU must respond to those requests within one month.
  • The right to rectification – If you believe some of the data NSU is keeping is incorrect, you have the right to have it corrected.
  • The right to erasure – You can request that the information NSU retains be deleted; the University must comply unless it has a compelling reason not to, in which case you will be informed.
  • The right to restrict processing – You can change your communication preferences or opt-out of certain communications.
  • The right of data portability – You can obtain and use your data for your own purposes without explanation.
  • The right to object – You can file a formal objection with the University regarding use of your information about third parties, or processing where legal basis is the legitimate interest.  

Data Security

Norfolk State University takes precautions to protect your information. When sensitive information is collected, the information is protected online and offline. Norfolk State University will aim to encrypt and transmit it in a secure or anonymous manner [e.g., verify Secure Socket Layer (SSL) by looking for a lock icon in the address bar or looking for “https” at the beginning of the address bar of a webpage]. Protocols are in place in the unlikely event that the NSU suffers a data breach. The University will contact anyone whose private data was or may have been accessed during a data breach of which the University has actual knowledge.

To prevent any loss, misuse, unauthorized access, disclosure, or modification of sensitive information under NSU control, employees will be granted access only to that information which they need to know to perform a specific job duty. In addition, computers and servers in which NSU stores sensitive information are kept in secure environments.

Point of Contact

For requests, questions, or concerns regarding the Internet Privacy Statement, please contact the following email address, telephone number, or mailing address.

Email:  webmaster@nsu.edu  Telephone Number: (757) 823-8162
           

Mailing Address:
Norfolk State University
NSU Webmaster
700 Park Avenue
Harrison B. Wilson Hall, Suite 340
Norfolk, Virginia 23504, USA

Effective Date:  September 27, 2021
Last Updated: September 28, 2021
Last Reviewed: January 09, 2023