LEGAL

Privacy Policy

Effective Date: September 1, 2024
Last Updated: June 19th, 2025

Role of Campusmind in Data Processing

Campusmind acts as a “data controller” for personal data collected through our websites and services. We may also function as a “data processor” when handling personal data on behalf of an institutional client. Where applicable, our Data Protection Officer (DPO) or designated privacy managers oversee compliance with data protection laws.

Information We Collect

We collect personal data through both direct and indirect interactions:

  1. Direct Data: Includes your name, email address, contact information, institution, job title, and other identifiers you voluntarily provide.
  2. Indirect Data: Includes IP addresses, browser types, geolocation, device identifiers, and data collected via cookies and web beacons.

We may collect data in your role as a student, educator, IT administrator, or general user. Sensitive personal data is not intentionally collected unless required by law.

Use of Personal Data

Campusmind processes personal data for the following lawful purposes:

  1. Consent: Where you have explicitly agreed to our use of your data.
  2. Contractual Necessity: To fulfill contractual obligations.
  3. Legal Compliance: To meet applicable legal or regulatory requirements.
  4. Legitimate Interests: Such as improving services, ensuring platform security, and engaging in lawful marketing activities.
  5. Specific uses may include:
    1. Managing accounts, subscriptions, or user profiles
    2. Responding to inquiries or requests
    3. Providing access to restricted features
    4. Hosting events and webinars
    5. Compiling usage statistics
    6. Sending marketing communications (where permitted)
    7. Personalizing user experiences and content
    8. Conducting research and product development
    9. Enforcing agreements and protecting our rights

Data Sharing and Disclosure

We do not sell or share your personal data with third parties or social media platforms for their independent use. Data may be shared with authorized service providers under strict confidentiality agreements and only for the purposes stated herein.

Third-Party Integrations (e.g., Box)

If you authorize Campusmind to access your Box account, we will only request the minimum necessary scopes (e.g., userinfo.email, root_readwrite) to enable integration.

  1. You retain ownership of all files stored in your Box account.
  2. You may revoke access at any time, though this may affect related features or functionality within Campusmind.
  3. Granting access does not transfer any intellectual property rights to Campusmind.

Data Security

We implement commercially reasonable technical and organizational measures to safeguard personal data against unauthorized access, disclosure, alteration, or destruction. If you have an account with us, it is your responsibility to keep your login credentials secure.

Your Rights

Depending on your jurisdiction (e.g., under CCPA, GDPR, or Canadian laws), you may have the following rights:

  1. Access your personal data
  2. Request corrections or deletions
  3. Restrict or object to data processing
  4. Request data portability
  5. Withdraw consent at any time

To exercise these rights, contact our DPO at: privacy@Campusmind .com.

Data Retention

We retain personal data only for as long as necessary to fulfill the purposes described in this Policy, comply with legal obligations, or meet contractual requirements. Marketing data is generally retained for no longer than two years.

Children’s Privacy

Campusmind is not intended for use by individuals under the age of 18. We do not knowingly collect data from minors. If such data is inadvertently collected, we will delete it upon discovery.

Updates to This Privacy Policy

This Privacy Policy may be revised periodically. Updates will be reflected by the “Last Updated” date. We recommend reviewing this Policy regularly to stay informed of any changes.

Jurisdiction and Governing Law

This Privacy Policy and any disputes related to it shall be governed by the laws of the State of Illinois, United States, without regard to conflict of law principles. All legal proceedings shall be brought exclusively in the state or federal courts located in Illinois.

Contact Information

If you have any questions about this Privacy Policy or our data practices, please contact:
Data Protection Officer
Email: NOC@royalcyber.com

Disclaimer

This Privacy Policy is intended for informational purposes only and does not constitute a binding contract unless expressly incorporated into a service agreement. While we strive to ensure compliance with all applicable laws, nothing herein shall be construed as guaranteeing compliance with the data protection laws of jurisdictions in which users reside unless mandated under applicable law.