CHEA Privacy Policy

Effective Date / Date of Last Revision: June 3, 2024

The Council for Higher Education Accreditation (CHEA) is committed to being responsible custodians of the information you provide us and the information we collect in the course of operating our business.

This Privacy Policy describes how CHEA may collect, use, and share information, particularly in association with the operation of our website (www.chea.org), any mobile app we may offer, and HTML-formatted emails that link to this Privacy Policy (collectively, “Digital Services”). CHEA is a data controller in those jurisdictions that distinguish between controllers and processors

This Privacy Policy describes:

1.  WHO WE ARE
2.  HOW TO CONTACT US
3.  PROTECTING YOUR PRIVACY GENERALLY
4.  TYPES OF PERSONAL DATA WE COLLECT
5.  HOW WE USE YOUR PERSONAL DATA
6.  HOW WE SHARE YOUR PERSONAL DATA
7.  CHILDREN’S PRIVACY
8.  LINKS TO THIRD PARTY WEBSITES
9.  DATA RETENTION
10. ACCESSIBILITY
11.  DO NOT TRACK SIGNALS
12. YOUR STATE PRIVACY RIGHTS
13. CHANGES TO THIS PRIVACY POLICY
14. NOTICE TO RESIDENTS OF THE EUROPEAN ECONOMIC AREA.                                                                                                                                                                       

1. WHO WE ARE. The Council for Higher Education Accreditation (“CHEA,” “we,” “our,” or “us”) is a non-profit higher education organization that advocates for higher education accreditation and quality assurances, scrutinizes accrediting organizations, recognizes U.S. accrediting organization, provides information on accreditation and quality assurances, and serves as an authority on accreditation and quality assurance (“Services”).  CHEA operates a publicly accessible website at https://chea.org (the “Site”).  

Some of the data we collect is considered “personal information” or “personal data” under applicable law (collectively referred to in this Privacy Policy as “Personal Data”).  Generally, Personal Data is information that can be reasonably connected to an identified or identifiable individual.  It does not include deidentified or anonymized data.  

The purpose of this Privacy Policy is to disclose to you how we collect, use and share Personal Data and how we attempt to safeguard the Personal Data we collect and process.  We may update this Privacy Policy from time to time.  When we do, we will post an amended version of the Privacy Policy on our Site.  Please review this Privacy Policy periodically.

2. HOW TO CONTACT US. 
If you have any questions regarding data protection or your rights, please contact us:  

CHEA One Dupont Circle NW,
Suite 510 Washington, DC 20036
(202) 955-6126
[email protected]  

3. PROTECTING YOUR PRIVACY GENERALLY.  We have implemented industry standard technical and organizational security measures designed to protect the security of the Personal Data we process. However, despite our safeguards and efforts to secure Personal Data, no electronic transmission over the Internet or information storage technology can be guaranteed to be 100% secure, so we cannot promise or guarantee that hackers, cybercriminals, or other unauthorized third parties will not be able to defeat our security and improperly collect, access, steal, or modify the Personal Dara we process and store. Although we will do our best to protect your Personal Data, transmission of Personal Data to and from our Site and/or through our Services is at your own risk. You should only access the Site within a secure environment.  

4. TYPES OF PERSONAL DATA WE COLLECT.   

a. Information You Provide To Us.  Depending on how you interact with us and our Site, we may collect the following categories of Personal Data that you provide it to us:  

If you join CHEA as a member, we collect contact information and identifiers such as your name, title, telephone number, email address, institution name, accreditor, information on how you heard about us and any other information you choose to provide to us;  

  • When using the Site generally, we collect information about how you navigate our Site and any other information you choose to provide to us;  
  • When you contact us, we collect your contact information, as well as any other information you choose to provide to us;  
  • When you subscribe to our newsletter, we collect your name, email address, company name, job title, prefix and information on which email lists you would like to join;  
  • When you apply for a position with us, we collect your contact information and information regarding your education history and job history, as well as any other information you provide to us.

b. Information We Collect Via Tracking Technology. As explained in our Cookie Policy, we may use tracking technologies/cookies to collect information as you use the Site.   

c. Google Analytics.  We use Google Analytics, a web analytics service provided by Google, Inc. Google Analytics uses cookies or other tracking technologies to help us analyze how users interact with the Site, compile reports on their activity, and provide other services related to their activity and usage. The technologies used by Google may collect information such as your IP address, time of visit, whether you are a returning visitor, and any referring website. The information generated by Google Analytics will be transmitted to and stored by Google and will be subject to Google’s privacy policies. To learn more about Google’s partner services and to learn how to opt out of tracking of analytics by Google, click here.

5. HOW WE USE YOUR PERSONAL DATA.  We collect, process and use Personal Data to allow you to provide our Site and Services to you. For example, we use the Personal Data we collect to:

  • Communicate with you;
  • Provide you with information about our Services;
  • Provide our Services; Provide our newsletter;
  • Process your account registration (where applicable);
  • Provide you with support;
  • Personalize your experience on our Site;
  • Maintain and improve our offerings and services;
  • Measure the performance of our Site;
  • Protect the security and integrity of the Site;
  • Investigate, prevent or take action regarding illegal activities, suspected fraud or violations of our terms of use;
  • Efficiently maintain our business;
  • Comply with applicable law; and
  • Defend our legal rights and the rights of others.

6. HOW WE SHARE YOUR PERSONAL DATA.  We may provide access to your Personal Data to others in the following limited ways:  

a.  With service providers.  We may share Personal Data with service providers who:

  • perform data services on our behalf, such as hosting and managed services;
  • engineer, develop, maintain and update the Site;
  • prepare, deploy and analyze advertising content on our behalf;
  • provide other services on our behalf, such as accounting services, call center services, client relationship management services and other various business services;
  • process payment information on our behalf; and
  • accept online job applications and inquiries.

b. To Meet Our Legal Requirements or Exercise Our Rights.  We may share Personal Data with third parties in the following instances:

  • When we are required to do so by law.
  • In connection with any legal proceedings or prospective legal proceedings.
  • To establish, exercise, or defend our legal rights, including providing information to others for the purposes of fraud prevention.
  • When we reasonably believe it is appropriate to apply to a court or other competent authority for disclosure of that Personal Data where, in our reasonable opinion, such court or authority would be reasonably likely to order disclosure of that Personal data.   
  • We may share information with other persons or entities as part of our own business transactions.

c. At Your Request.  We will share your Personal Data when you request or otherwise consent to the disclosures. 

7. CHILDREN’S PRIVACY.  We do not intentionally collect any Personal Data from individuals under the age of sixteen (16) years of age.  We do not sell Personal Data of any individuals, including individuals under the age of sixteen (16) years.   

8. LINKS TO THIRD-PARTY WEBSITES.  Our Site may contain links to other websites and companies that may be of interest to you and/or are providing services on our behalf.  If you click on any of those links, you will leave our Site.  We are not responsible for third-party websites.  Therefore, please consult the terms of service and privacy policies of those sites when you visit them.  

9. DATA RETENTION.  We will store your Personal Data for as long as: (a) you are a member of CHEA; (b) you maintain an account with us; (c) you continue using our Site; (d) your Personal Data is stored in our back up servers and/or services; (e) in accordance with our retention policies and schedules; and/or (f) as long as we are legally required to retain the Personal Data.  

10. ACCESSIBILITY.  We value all of our users, and it is our goal to provide an excellent experience for all our users, including our users with disabilities.  You understand and accept, however, that some of the features of the Site may not be fully accessible because they are provided by third-parties or have errors. If you wish to access this Privacy Policy in an alternate format or. If you would like to report an issue you are experiencing on any of our Site, please email us at [email protected].  You expressly agree to attempt to resolve any and all issues with accessibility (ADA or otherwise) directly with us and in good faith prior to instituting any legal action against us and will provide us with 30 days to correct any errors or other accessibility issues.  

11. DO NOT TRACK SIGNALS.  Some internet browsers incorporate a “Do Not Track” feature that signals to websites you visit that you do not want to have your online activity tracked. Given that there is not a uniform way that browsers communicate the “Do Not Track” signal, the Site does not currently interpret, respond to or alter its practices when it receives “Do Not Track” signals.  

12. YOUR STATE PRIVACY RIGHTS.  Depending on the state in which you reside and the current laws of that state, you may have certain privacy rights regarding your Personal Data, which may include:

  • The right to confirm whether or not we are processing your Personal Data and to access such Personal Data;
  • The right to obtain a copy of your Personal Data that we collected from and/or about you in a portable and, to the extent technically feasible, readily usable format that allows you to transmit the information to another controller without hindrance, where the processing is carried out by automated means;
  • The right to delete Personal Data that we collected from and/or about you, subject to certain exceptions;
  • The right to correct inaccurate Personal Data that we maintain about you, subject to certain exceptions;
  • The right, if applicable, to opt out of the processing of your Personal Data for purposes of (1) targeted advertising; (2) the “sale” of your Personal Data (as that term is defined by applicable law); and (3) profiling in furtherance of decisions that produce legal or similarly significant effects concerning you;
  • If we are required by applicable law to obtain your consent to process sensitive Personal Data, the right to withdraw your consent; and
  • The right not to receive discriminatory treatment by us for the exercise of your privacy rights.
  • Notice to California Residents – Shine the Light Law:  If you are a California resident, California Civil Code § 1798.83 permits you to request information regarding the disclosure of your personal information by us to third parties for the third parties’ direct marketing purposes (as those terms are defined in that statute).  We do not sell or disclose information to third parties for their direct marketing purposes.   

To exercise or inquire about your rights, please contact us directly at [email protected].  If legally required, we will comply with your request upon verification of your identity and, to the extent applicable, the identity of the individual on whose behalf you are making such request.  To do so, we will ask you to verify data points based on information we have in our records. If you are submitting a request on behalf of another individual, please use the same contact methods described above. If we refuse to take action regarding your request and your state permits appeals of our decision, you may appeal our decision by replying to the email you received from us in response to your request.

Please note, however, that as a non-profit organization that primarily works with other organizations (as opposed to individual consumers), most state consumer privacy laws do not apply to CHEA.

13. CHANGES TO THIS PRIVACY POLICY.  We reserve the right to change, modify or otherwise update this Privacy Policy at any time and in our discretion. When we make material changes to this Privacy Policy, we will provide notice of such changes by posting an updated version on the Site. Your continued use of the Site and/or Services following our notification of changes means that you accept and agree to the changes. 

14. NOTICE TO RESIDENTS OF THE EUROPEAN ECONOMIC AREA.  The General Data Protection Regulation (“GDPR”) applies to individuals located in the European Economic Area (“EEA”). The GDPR allows us to collect and use personal information from individuals within the EEA only for one or more of the following reasons:

  1. To fulfill a contract we have with you;
  2. When we have a legal duty;
  3. When it is in our legitimate interest; or
  4. When you provide consent.

We do not operate in the EEA or specifically direct our business to consumers in the EEA.  However, we recognize some of our website users, customers and prospective customers could be located within the EEA.  If you reside in the EEA, you have a number of rights under data protection laws in relation to the way we process your Personal Data, which are set forth below.  You may contact us directly to exercise any of these rights, and we will verify your request and, if appropriate, respond to any request received from you within one month from the date of the request. In exceptional circumstances we may need to extend this timescale, but we will always tell you in advance if we do, and our reasons why.

 

Right 1

A right to access personal data held by us about you, as well as information about how we are using your data.

Right 2

A right to require us to rectify any inaccurate personal data held by us about you.

Right 3

A right to require us to erase personal data held by us about you, and where the personal data has been made public, for other controllers processing the personal data to also erase links to, or copy or replication of, such personal data.  This right will only apply where (for example): we no longer need to use the personal data to achieve the purpose we collected it for; or where you withdraw your consent if we are using your personal data based on your consent; or where you object to the way we process your data (in line with Right 6 below).

Right 4

A right to restrict our processing of personal data held by us about you.  This right will only apply where (for example): you dispute the accuracy of the personal data held by us; or where you would have the right to require us to erase the personal data but would prefer that our processing is restricted instead; or where we no longer need to use the personal data to achieve the purpose we collected it for, but you require the data for the purposes of dealing with legal claims. 

Right 5

A right to receive personal data, which you have provided to us, in a structured, commonly used and machine-readable format.  You also have the right to require us to transfer this personal data to another organization, at your request.

Right 6

A right to object to our processing of personal data held by us about you (including for the purposes of sending marketing materials to you).

Right 7

A right to withdraw your consent, where we are relying on your consent to use your personal data (for example, you may opt out of marketing emails even if you previously consented to receiving marketing information about our services or products).

If you have any concerns regarding our processing of your personal data or are not satisfied with our handling of any request by you in relation to your rights, please get in touch with our team through the contact information provided in Section 2 of this Privacy Policy.  You may also reach out to your applicable Data Protection Authority (“DPA”) for more information.  There is a DPA located in each EU Member State.