Updated 10/28/2024
The University of Phoenix, Inc. (“University,” “us,” or “we”) recognizes the importance of privacy. In this Privacy Policy (the “Privacy Policy”), we disclose our practices with respect to the Personal Information that we collect about individuals, as well as the choices and rights individuals have with respect to their Personal Information that we have collected. “Personal Information” or “Personal Data” is information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household.
Certain states provide for different privacy rights and disclosures. These rights and disclosures are set forth in specific State-Related Addenda to this Privacy Policy.
This Privacy Policy applies to Personal Information we collect from users of our Sites, Apps, Wi-Fi hotspots, and other online services, as well the Personal Information we collect about individuals, including current and prospective students, alumni, learners, visitors to our campuses, and others with whom we interact (e.g., Business-to-Business Representatives, as defined below), whether online, via phone, or offline in the course of providing our courses, programs, and services (collectively, our “Services”).
If you are an employee, contractor, or job applicant, then this Privacy Policy only applies to you when you are using our Services outside of those roles. If you are acting within your capacity as a current or former employee, contractor, or job applicant, then our collection and use of Personal Information is governed by our respective Employee Privacy, Contractor Privacy, or Applicant Privacy notices. If you are a former California employee, please contact us at office.complianceuopx@hkange.net for a copy of our Employee Privacy notice.
Certain Services may be subject to additional privacy policies or privacy disclosures relating to the Services provided on the Site(s), including our Biometric Data policy (collectively, “Additional Policies”). In the event of a conflict between any Additional Policies and this Privacy Policy, the Additional Policies will take precedence.
Student Educational Records. If you become a student, your educational information that is part of your educational record with us is subject to the U.S. Federal Family Educational Rights and Privacy Act (“FERPA”), state laws, and the University’s policies (collectively, “Student Educational Records Requirements”). In the event of any conflict between Student Educational Records Requirements and this Privacy Policy, the Student Educational Records Requirements will take precedence. Students have the right to limit access to their Student Educational Records and to request a copy of such records, as set forth in the University’s FERPA policy. You may also contact us via one of the below methods:
Mail
University of Phoenix
Attn: Registrar’s Office
4035 S. Riverpoint Parkway
Phoenix, AZ 85040
Phone
Admissions and Records Service Center: 800-866-3919.
As used in this Privacy Policy, the following terms have the following meanings:
“Anonymized” means information that has been de-identified so that it no longer reasonably identifies, relates to, describes, and is no longer reasonably capable of being associated with, or linked, directly or indirectly, to an individual. Anonymized information is no longer Personal Information.
“Apps” means software which may be utilized on our Sites and downloaded to or accessed through our Services.
“Business-to-Business Representatives” means agents or representatives of other companies or associations who may be contacted as part of or in relation to our Services.
“Education Partners“ means other companies or institutions who may participate in various University initiatives (e.g., companies making University courses, programs, or other product/service offerings available to their customers, employees, potential employers, institutions conducting academic research or providing academic reporting, etc.).
“Service Providers” means entities that the University contracts with to provide services on our behalf.
“Site” means any website owned or operated by the University, which links to or displays this Privacy Policy.
“Social Network” or “Social Networking” means various Internet communication technologies provided on the Services as well as on third-party social networking websites such as LinkedIn, Facebook, Twitter, etc., that facilitate conversation and interaction between people online and includes, but is not limited to, blogs, discussion forums, wikis, chat sessions, news groups, etc.
“Social Network Content” (or “SNC”) means user-generated content you consent to share via a Social Network and includes, but is not limited to, Personal Information, digital sounds, and pictures that you upload to a Social Network. It also includes your Personal Information that may be displayed on other users’ Social Network pages.
We collect information about you directly from you, from third parties, and automatically through your use of our Services or interactions with us. We may combine the information we collect from these various sources.
Directly Collected Information. We collect Personal Information that you provide to us voluntarily (online or offline), including when you: respond to an advertisement; participate in a survey or a drawing; request information; apply for admission to the University; go to receive a photo ID for one of the University campuses; register for classes; apply for financial aid; order educational or other products and Services; set up a Social Network or other Site profile; use our Services or one of our Apps (e.g., for career resources, learning assessments, or other interactive tools); use the chat, SMS, or email functionality on our Site to contact us; or otherwise interact with us online or offline. The exact nature of the Personal Information may vary depending on the type of response or service requested, but could include name, contact details, date of birth, education history, financial information, employment status, photos, interests, demographic information, and other information.
Automatically Collected Information. The Services may have and use cookies, pixels, third-party tags, scripts, log files, and other means to automatically collect information about the use of our Services and services, including (but not limited to): device information such as your hardware model, operating system, IP address, and unique device identifiers; collection date; publisher name; connection speed; day of week and time of day; language settings; country, state, city (relating to IP address, if available); domain (e.g., .com, .net, .mil, .org, .edu, etc.); web pages viewed; and email clicks or other actions taken. See the “Cookies and Similar Technologies” section below for more information. This information that we collect automatically may be linked with Personal Information to accomplish the purposes described in this Privacy Policy. In addition, we may use CCTV and other security monitoring to secure our premises, which may lead to the collection of Personal Information about visitors to our campuses. Further, when you call us, or communicate with us through our Site by using our chat, SMS, or email functionality, we may record such calls and communications for quality and training purposes.
Information Collected from Other Sources. We may also obtain Personal Information from Education Partners, Service Providers, and publicly available sources, which may be combined with other Personal Information we have collected. For example, we may receive Personal Information about you from educational institutions which you have attended; financial institutions (e.g., related to student loans); government entities (e.g., related to education grants); employers (e.g., related to education or career initiatives); third-party platforms or accounts that you connect to or integrate with one or more of our Services; Service Providers that we work with to verify, update, or append data to the information that we have otherwise collected about you and to identify prospective students or other individuals who may be interested in our Services.
Categories of Personal Information Collected
While the Personal Information we collect varies (as explained above) depending upon the nature of the Services provided or used and our interactions with individuals, generally, we may collect the following categories of Personal Information:
We may use the Personal Information we collect for the following purposes:
Anonymized information. We may also de-identify information to create Anonymized data sets and reports in order to assess, improve, and develop our business, products, and Services; prepare benchmarking reports; and for other research and analytics purposes.
We may disclose the Personal Information we collect as follows:
We operate and may process information in multiple jurisdictions, both in and outside the United States, such that some Education Partners and Service Providers may be located or process information outside of the jurisdiction in which you reside. In such cases, your Personal Information may be collected, used, disclosed, stored, and processed in these other jurisdictions for the purposes described in this policy. The data protection and other laws of the United States and other countries might differ from your jurisdiction. In addition, your Personal Information may be subject to the laws of those other jurisdictions, including lawful requirements to disclose Personal Information to government authorities.
We use cookies, pixels, tags, local storage objects (also called Flash cookies), web beacons, and other technologies (which may be provided by third parties) on our Services to enable certain functionality on our Services; for security and fraud detection and prevention; to collect usage information about our Services and the emails that we send; and to personalize content and provide more relevant ads and information. We may combine the information we collect via these technologies with other information that we collect, including Personal Information.
Cookies. Cookies are alphanumeric identifiers that are transferred to your computer through your web browser for record-keeping purposes. Some cookies enable you to log in to our Services or save certain settings and preferences, while others allow us to identify usage and activities on our Services, personalize content on our Services, or deliver more relevant ads on third-party websites. Most web browsers automatically accept cookies, but if you prefer, you can edit your browser options to block them in the future. The Help tab on the toolbar of most browsers will tell you how to prevent your computer from accepting new cookies, how to have the browser notify you when you receive a new cookie, or how to disable cookies altogether. If you disable cookies, however, certain features may not be available or function properly. For more information or to update your preferences for certain third-party tags and cookies on our Sites, please see our Preference Center.
Pixel tags and embedded script (also called clear GIFs and web beacons). Pixel tags are tiny graphics with a unique identifier, similar in function to cookies. In contrast to cookies, which are stored on your computer’s hard drive, pixel tags are embedded invisibly on web pages. We may use these in connection with our Services to, among other things, identify the activities of users of our Services, improve ads, personalize and manage content, and gather usage information about our Services. We may also use these in HTML emails to help us analyze email response rates, identify when our emails are viewed, and determine whether our emails are forwarded. For more information or to update your preferences for certain third-party tags and cookies on our Sites, please see our Preference Center.
Local Storage Objects (LSOs). LSOs are data files that are stored locally in your browser by the websites you visit. LSOs can be used in a similar manner as cookies for a variety of purposes, such as keeping track of information you provided and remembering your preferences. Our Services may include video and content that rely on Adobe Flash Player, which uses LSOs (also called Flash cookies). If you have Adobe Flash Player installed on your computer, it can be set to reject or delete LSOs. This option is in the System Preferences on Mac OS X, in the Flash Player Control Panel on Windows®, or with the Flash Player management tools available on the Adobe website. Other types of LSOs include HTML5 Local Storage and similar technologies.
Do-Not-Track Signals. Do-Not-Track (DNT) is a browser-based signal that, when set, signifies your desire not to be tracked online. Find out more about DNT signals. Our Services may not respond to all web browser based DNT signals. Some browsers and browser extensions support the Global Privacy Control (“GPC”) that can send a signal to the websites you visit indicating your choice to opt out from certain types of data processing, including data sales. We have implemented tools such that when we detect such a signal, we will make reasonable efforts to respect your choices indicated by the GPC setting. In addition, you may disable certain cookies and opt out of interest-based advertising as explained in the “Individual Rights and Choices” section below.
We may work with Service Providers (including, but not limited to, Adobe, Google, LinkedIn, and Facebook) to display advertising on our Sites or to manage our advertising on other websites. These third-party networks and platforms use cookies, pixel tags, and other technologies to collect information about your activities on our Services and other websites over time to provide you targeted advertising based upon your interests. Some ads are targeted to your interests and preferences, based on your browsing history and other information. Your browsing history may be followed in these cookies even if ads are not being displayed. We may also use device information, particularly in mobile advertising, to help deliver our advertising and measure ad campaign effectiveness. You may update your preferences for third-party tags and cookies on our Sites using our Preference Center.
In this section, we describe your rights and choices regarding our use and disclosure of your Personal Information.
Marketing Communications. You may opt out of receiving marketing communications from us. Additionally, you may unsubscribe from our marketing notifications from the footer of any marketing email we send or inform us of your decision to opt out while on a call with us. Opt-out requests will only remove you from our marketing list, not from the list of any other third parties.
If you do not wish to receive text messages, you may opt out by responding STOP to cancel future text messages. To get help, text HELP. You may also request additional assistance by contacting TextMsgSupport@hkange.net or by calling 866-766-0766.
Social Networking Content. You may change various user settings related to sharing your Personal Information contained in any user profile you set up as part of Social Network activities furnished by us, subject to contractual, academic, legal, or technical restrictions and reasonable notice. Note that your withdrawal from Social Network activities might prevent us from providing you with certain products or services.
We do not knowingly collect Personal Information from children under the age of 13. If we learn that we have collected or have received Personal Information from a child under 13 without appropriate parental consent, we will delete that information. If you believe we might have collected any information from a child under 13 without consent, please contact us via one of the methods in the “Contact Us” section below.
We have implemented security measures to protect against the loss, misuse, and alteration of the Personal Information under our control. However, no data transmission over the Internet can be guaranteed to be completely secure. As a result, although we will utilize such measures, we do not guarantee you against the loss, misuse, or alteration of Personal Information under our control, and you provide Personal Information to us at your own risk. You should always take care how you handle and disclose your Personal Information and should avoid sending Personal Information through insecure email, Social Networks, or other Internet channels.
We may monitor, record, and retain all incoming and outgoing communications for training of our representatives, for quality assurance purposes, as necessary for our records retention policy, and as required for legal purposes. This includes the monitoring and recording of communications and interactions between you and the chat functionality made available through our Sites. To the extent such communications are retained, they are retained in accordance with our records retention policy.
Some of our Services may contain links to websites or access to services provided by third parties who operate websites or provide services on their own behalf or on behalf of multiple entities. These third parties may collect your Personal Information and may apply their own policies on how your Personal Information is used. Please make sure to read the policies of any websites or services you visit on the Internet carefully. We are not responsible for the privacy practices or the content of any websites or services that are not operated by or exclusively for us, and the collection, use, and disclosure of Personal Information about you will be subject to the policies applicable on those websites.
We may update this Privacy Policy or revise it from time to time. Your continued provision of Personal Information or use of our Services following any changes to this Privacy Policy constitutes your acceptance of such changes. If we make a material change to this Privacy Policy, we will attempt to notify you in advance of such change via a notice on our Site and/or, when appropriate, via email to you.
Should you have any questions about our privacy practices, please contact us at Office.ComplianceUOPX@hkange.net or by mail:
University of Phoenix
Ethics, Compliance, and Data Privacy
4035 S. Riverpoint Parkway
Phoenix, AZ 85040
The California Consumer Privacy Act of 2018 as amended by the California Privacy Rights Act of 2020 (“CCPA”) requires us to make additional disclosures. If you are a California resident, please read this section for additional disclosures and information on rights you may have under California law. In the event of a conflict between this California Addendum and the remainder of this Privacy Policy, this section shall take precedence for California residents. Terms used in this section and not defined have the meaning given in the CCPA.
Categories of Personal Information Collected. In the prior 12 months, we may have collected the types of Personal Information described in the Categories of Personal Information Collected section above. The Personal Information in this section falls into the following categories of Personal Information:
Sources of Personal Information. We collect the above categories of Personal Information from those sources set forth in the Collection of Personal Information section above.
Purposes for Collecting Personal Information. We collect the above categories of Personal Information for the purposes set forth in the Use of Personal Information section above.
Disclosed for a Business Purpose. In general, we may disclose the following categories of Personal Information to our Education Partners and Service Providers to support our educational and career initiatives and other business purposes:
Categories of Third Parties to Whom Personal Information is Disclosed. In the last 12 months, the above categories of Personal Information may have been disclosed to the categories of third parties set forth in the Disclosure of Personal Information section above.
Sale or Sharing of Personal Information. While we do not disclose Personal Information to third parties in exchange for monetary compensation, we do disclose or make available Personal Information to Service Providers in order to receive certain services or benefits from them, such as when we allow third-party tags to collect information such as your browsing history when using our Services, in order to improve and measure our ad campaigns. California law may consider these activities to be the “sale” or “sharing” of Personal Information for cross-contextual behavioral advertising. The categories of Personal Information that we may “sell” or “share” as defined under California law include:
We do not have any actual knowledge that we have sold or shared Personal Information of any consumer under the age of 16.
Sensitive Personal Information. We do not use Sensitive Personal Information for any purpose other than that reasonably anticipated to accomplish the purpose for which it is collected.
Retention. For each category of Personal Information collected, we only retain such Personal Information for as long as necessary to fulfill the purposes outlined in this Privacy Policy and as otherwise needed to address tax, corporate, compliance, litigation, and other legal rights and obligations. For additional information on retention of biometric information, please refer to our Biometric Data policy.
Opt-Out Preferences. For information on whether and how we process opt-out signals, see the Do-Not-Track section above.
California law grants California consumers certain rights and imposes restrictions on businesses as set forth below. If you are a resident of California, you have the following rights:
Do Not Sell or Share. The right to opt out of the “sale” or “sharing” of your Personal Information (as those terms are defined in the CCPA).
Verifiable Requests to Delete, Requests to Know, and Requests for Correction. Subject to certain exceptions, California residents have the right to make the following requests at no charge:
Do Not Sell or Share My Personal Information Requests: To exercise your right to opt out of the sale or sharing of your Personal Information for cross-contextual behavioral advertising, you may submit your request.
Note: We will also treat Global Privacy Control browser signals as opt-out of sale/sharing requests in accordance with the do-not-track section above.
Submitting a Verifiable Request. You may you may submit your verifiable request. Alternatively, you may call 866-809-3444 (US Toll Free).
Who May Exercise Your Rights. You may make a request to exercise the above rights on behalf of yourself or on behalf of a minor if you are the parent or legal guardian of the minor. In addition, you may authorize an agent to exercise your rights on your behalf, if you provide the agent with written signed permission.
Verification of Your Request. Once we receive your request, we will contact you to confirm receipt of your request, unless your request is a “Do Not Sell or Share My Personal Information” request submitted through our automated processes. We will require sufficient information from you in order to verify your identity and the authenticity of your request. If you do not provide us with sufficient information, we may request additional information to verify your identity, the identity of the data subject of the request, and the authenticity of the request. Certain types of requests may require additional verification, as we are subject to higher standards of authentication for such requests. We will only use Personal Information we collect during the verification process for the purpose of verifying your identity.
If an authorized agent contacts us to exercise the above rights, we will need to verify their identity as well as your identity. We will also require proof of your written authorization to the agent to act on your behalf, unless the agent holds a lawful Power of Attorney under applicable laws, in which case we will require evidence of such Power of Attorney.
We may deny your request as permitted or as required by law.
We may charge a fee to process or respond to your request if it is excessive, repetitive, or manifestly unfounded.
The Colorado Privacy Rights Act (“CPA”) requires that we make additional disclosures to consumer residents of Colorado. In the event of a conflict between this Colorado Addendum and the remainder of this Privacy Policy, this section shall take precedence for Colorado residents. Terms used in this section and not defined in this policy have the meaning given in the CPA.
The CPA grants Colorado consumers certain rights and imposes restrictions on businesses as set forth below. If you are a resident of Colorado, you have the following rights:
Submitting a Verifiable Request. You may submit your verifiable request. Alternatively, you may call 866-809-3444 (US Toll Free).
Appeal. If we reject or deny your request, you may appeal our decision within 30 days of receiving our denial by responding directly to the communication denying your request or by submitting your appeal to Office.ComplianceUOPX@hkange.net. If you have concerns about the result of the appeal, you may contact the Colorado Attorney General.
Discrimination and Incentives: The CPA prohibits discrimination against those who exercise their rights under the law; however, the law does allow for us to charge a reasonable amount if an individual is requesting any information for an additional time within a 12-month period.
The Texas Data Privacy and Security Act (“TDPSA”) requires that we make additional disclosures to consumer residents of Texas. In the event of a conflict between this Texas Addendum and the remainder of this Privacy Policy, this Texas Addendum shall take precedence for Texas residents. Terms used in this section and not defined in the policy have the meaning given in the TDPSA.
Individual Rights Under the TDPSA
The TDPSA grants Texas consumers certain rights and imposes restrictions on businesses as set forth below. If you are a resident of Texas, you have the following rights:
Profiling. We do not engage in profiling in furtherance of our decisions that produce legal or similarly significant effects, such as decisions that result in the provision of financial aid or other financial services, education enrollment or opportunity, or access to our Services.
Sensitive Data. Due to the nature of our Services, we may be required to collect, process, disclose, and maintain Sensitive Data, including racial or ethnic origin, mental or physical health conditions, or citizenship or citizenship status pursuant to, and in compliance with, our obligations under federal and state laws, rules, or regulations. If we process your Sensitive Data for any other reason, we will only do so with your consent. You may, for example, consent to provide us your precise geolocation through the use of our mobile app. You may withdraw your consent for disclosure at any time through the choices within the mobile app or through your mobile phone’s settings.
How to Exercise Your Texas Consumer Rights
Submitting a Verifiable Request. You may submit your verifiable request. Alternatively, you may call 866-809-3444 (US Toll Free).
Authentication of Your Request. Once we receive your request, we will contact you to confirm receipt of your request, unless your request is a “Do-Not-Sell” or “Opt-out” request submitted through our automated processes. We will require sufficient information from you in order to verify your identity and the authenticity of your request. If you do not provide us with sufficient information, we may request additional information to verify your identity, the identity of the data subject of the request, and the authenticity of the request. Certain types of requests may require additional verification, as we are subject to higher standards of authentication for such requests. We will only use Personal Data we collect during the verification process for the purpose of verifying your identity.
We may reject or deny your request as permitted or as required by law.
We will provide information in response to a consumer request free of charge up to twice annually. If a request is manifestly unfounded, excessive, or repetitive, we have the right to charge a reasonable fee to cover the administrative costs of complying with the request or we may decline to act on the request.
Appeal. If we reject or deny your request, you may appeal our decision within 30 days of receiving our denial by responding directly to the communication denying your request or by submitting your appeal to Office.ComplianceUOPX@hkange.net. If you have concerns about the result of the appeal, you may contact the Texas Attorney General.
Position yourself for success at an accredited university where you can work toward your future one course at a time. Fill out a request form and we will help you start on the right track.