Privacy Notice Summary | UC Davis Health

Privacy Notice Summary

Please note that this summary of the University of California Davis’ Privacy Notice does not constitute the full University of California Davis Website Privacy Notice. For a full description of how we collect, use, and otherwise process your personal information, we encourage you to consult our Privacy Notice.

This Privacy Notice Summary provides a high-level overview of how the University of California Davis (“UC Davis,” “we,” “us” or “our”) collects, uses, and discloses your personal information when you visit our website https://health.ucdavis.edu/, https://www.ucdavis.edu/ (or other websites we own and operate that link to this Privacy Notice), and otherwise access our services (collectively, the “Services”).

This Privacy Notice Summary does not apply to the collection, use, and disclosure of your protected health information. Please see our HIPAA Notice of Privacy Practices (https://health.ucdavis.edu/compliance/privacy/hipaa/) for more information about how UC Davis Health collects, uses, and discloses your protected health information under the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”).

Collection and Use of Personal Information

We may collect the following categories of personal information from you when you access or use our Services: (i) information collected directly from you (for example, your contact information or payment information); (ii) information we automatically collect using online tracking technologies (for example, log and analytics data); and (iii) information we collect from third parties (for example, from other locations, units, or departments that are part of the University of California). We may use such personal information to, among other things, deliver the Services you have requested; manage our operations; communicate with you; request that you complete surveys about our organization and Services; or market products and services that we think you may be interested in.

Disclosure of Personal Information

We may disclose or otherwise share your personal information with third parties, such as with other locations, units, or departments within the University of California; marketing providers; online advertising partners; and customer service providers (among other third parties). We may also disclose your personal information with third parties at your direction or with your consent. We will not distribute or share “electronically collected personal information” (as defined in subdivision (d) of California Government Code Section 11015.5) about users to any third party without the permission of the user, except in narrow circumstances set forth in our detailed Privacy Notice. We will not sell any electronically collected personal information to any third party.

Control Over Your Information

You can choose to stop receiving promotional email communications from us by clicking on the “unsubscribe” link provided in such communications. If you have any questions about reviewing, modifying, deleting, or would like to have your personal information discarded without reuse or distribution, you may contact us directly at the contact information below. We may not be able to modify or delete your information in all circumstances.

Privacy Disclosures for The European Economic Area (“EEA”), United Kingdom (“UK”), And Switzerland

If you are located in the EEA, UK, or Switzerland, or otherwise engage in or access our EEA, UK or Switzerland Services from those regions, please see the Privacy Disclosures for the European Economic Area, United Kingdom, and Switzerland for additional privacy disclosures, including the legal bases on which we rely to process your personal information; how we use cookies when you access our Sites from the EEA, UK, or Switzerland; and how to exercise your rights in respect of your personal information (including the rights of access, portability, rectification, erasure, restriction, and right to withdraw consent). The Regents of the University of California is the controller of the personal information we hold about you in connection with your use of the Services.

Contact Us

If you have any questions about our processing of your personal information after consulting the UC Davis Website Privacy Notice, please contact us via one of the following methods:

For UC Davis Campus:
Email: privacy@ucdavis.edu

For UC Davis Health:
Mail: UC Davis Health
Compliance and Privacy Services
2315 Stockton Blvd.
Sherman Way Bldg., Suite 3100
Sacramento, CA 95817

Email: hs-privacyprogram@ucdavis.edu

UC Davis Privacy Notice

Last Updated: Aug. 30, 2023

This Privacy Notice explains how the University of California Davis (“UC Davis”, “we”, “us” or “our”) collects, uses, discloses, and otherwise processes personal information (as defined below) in connection with our website https://health.ucdavis.edu/, https://www.ucdavis.edu/, and other websites we own and operate that link to this Privacy Notice (the “Sites”), and the related content, platform, services, products, and other functionality offered on or through our services (collectively, the “Services”). It does not address our privacy practices relating to UC Davis employees, students, affiliates, and other personnel, except where these individuals are interacting with the UC Davis Sites in their capacity as a member of the public.

UC Davis is the controller of the personal information we hold about you in connection with your use of the Services. This means that we determine and are responsible for how your personal information is used.

This Privacy Notice does not apply to the collection, use, and disclosure of your protected health information. Please see our HIPAA Notice of Privacy Practices (PDF) (https://health.ucdavis.edu/compliance/privacy/hipaa/) for more information about how UC Davis Health collects, uses, and discloses your protected health information under the Health Insurance Portability and Accountability Act of 1996 (HIPAA).

Global Applicability and Region-Specific Disclosures

This Privacy Notice is designed to apply to our Site visitors and users of our Services. We may choose or be required by law to provide additional disclosures relating to the processing of personal information in certain countries, regions or states. Please refer below for disclosures that may be applicable to you:

European Economic Area, United Kingdom, or Switzerland: If you are located in the European Economic Area (“EEA”), United Kingdom, or Switzerland or otherwise engage with UC Davis’ European operations, please see the Privacy Disclosures for the European Economic Area, United Kingdom, and Switzerland for additional specific privacy disclosures, including what constitutes your personal information, the lawful bases we rely on to process your personal information, how we use cookies when you access our Sites from the EEA, UK, or Switzerland and your rights in respect of your personal information.

When we collect personal information that is part of a student or an applicant’s educational record (“Student Data”), we collect, use, store, and otherwise process such information in accordance with the Family Educational Rights and Privacy Act (FERPA). To the extent that our processing practices in connection with Student Data differ from this Privacy Notice, the practices described in this Privacy Notice will not apply.

I. WHAT IS PERSONAL INFORMATION?

When we use the term “personal information” in this Privacy Notice, we mean any data or information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular natural person or any other data or information that constitutes “personal data”, “personal information,” or “personally identifiable information.” As noted above, it does not include protected health information under HIPAA.

II. OUR COLLECTION AND USE OF INFORMATION

We collect personal information in a variety of ways. For example, you may provide us your personal information when you contact us or send us messages, conduct a search on our Sites, subscribe to our mailing lists, newsletters or other forms of marketing communications, submit a job application, participate in a survey, make a purchase at our gift shop, or use some other feature of our Service.

We may link or combine your activities and information collected from you on our websites and mobile apps with information we receive from third parties, as well as information we collect automatically through tracking technologies (defined below). This allows us to provide you with a personalized experience regardless of how you interact with us.

Personal Information Directly Collected from You

We may collect the following categories of personal information submitted to us by individuals through the Services:

  • Contact Information, including first and last name, email address, your country or region and communication preferences. We use this information to fulfill your request, to communicate with you directly, and to send you marketing communications in accordance with your preferences.
  • Payment Information. If, for example, you make a purchase at one of our gift shops or register for one of our Events or Conferences, we may collect payment information to complete your transaction. Please note that we use third party payment processors to process credit card payments made to us. As such, we do not retain any personally identifiable financial information in connection with credit card payments, such as credit card numbers. Rather, all such information is provided directly by you to our third-party processor. The payment processor’s use of your personal information is governed by their privacy notice.
  • Inquiry and Communications Information, including information provided in custom messages sent through the forms, in chat messages, to one of our email addresses, or via phone. We use this information to investigate and respond to your inquiries, and to communicate with you, to enhance the Services we offer to our users and to manage and grow our organization.
  • Newsletter and Marketing Emails, including email address and applicable interests and communication preferences. We use this information to manage our communications with you and send publications highlighting the latest findings in medicine, research and wellness to support healthy active living. If you wish to stop receiving email messages from us, simply click the “unsubscribe” link provided at the bottom of the email communication. Note that you cannot unsubscribe from certain services-related email communications (e.g., account verification, technical or legal notices).
  • Survey Information, including information provided when you provide information included in any questions submitted through surveys or content of any testimonials. We use this information to administer and facilitate the Services, to respond to your submission, to communicate with you, to conduct market research, inform our marketing and advertising activities and improve and grow our business.
  • Events and Conferences Registration Information, including account login information and event registration information.
  • Feedback Information. We may collect feedback you provide relating to our Services. We use this information to communicate with you, to conduct market research, inform our marketing and advertising activities and improve and grow our business.
  • Employment, Volunteer, Internship, or Fellowship Application Information, including your contact and demographic information, educational and work history, employment interests, information obtained during interviews and any other information you choose to provide, if you apply for employment, volunteer, internship, or fellowships.
  • Academic Research and Education: Data may be provided for research, educational, and publication purposes 1) in accordance with Institutional Review Board (“IRB”) and privacy office requirements, if in identifiable form, or 2) in aggregated format such that no identifying information from you will be contained in the release.

Information Automatically Collected

As is true of many digital properties, we and our third-party partners may automatically collect certain information from or in connection with your device when visiting or interacting with our Services, such as the list below and in the sub-sections here:

  • Log Data, including internet protocol (IP) address, operating system, device type and version, browser type and version, browser id, the URL entered and the referring page/campaign, date/time of visit, other user agent string data, the time spent on our Services, and any errors that may occur during the visit to our Services). Log data may overlap with the other categories of data below.
  • Analytics data, Including the electronic path you take to our services, through our services and when exiting our services, UTM source, as well as your usage and activity on our services, such as the time zone, activity information (first and last active date and time), usage history (flows created, campaigns scheduled, emails opened, total log-ins) as well as the pages, links, objects, services you view, click or otherwise interact with.
  • Location data, such as general location information we derive from your IP address.

We and our third-party providers may use (i) cookies or small data files that are stored on an individual’s computer and (ii) other, related technologies, such as web beacons, pixels, embedded scripts, location-identifying technologies, and logging technologies (collectively, “cookies”) to automatically collect this personal information. We may also use this information to distinguish you from other users of our Services. This helps us monitor and analyze how you use and interact with our Services. It also helps us and our partners to determine products and services that may be of interest to you.

For more information about these practices and your choices regarding cookies, please see the Cookie Notice.

Personal Information Collected from Third Parties

We also obtain personal information from third parties, which we often combine with personal information we collect either automatically or directly from an individual.

We may receive the same categories of personal information as described above from the following third parties:

  • Within the University of California: We may receive personal information from other locations, units, or departments that are part of the University of California.
  • Social Media: When an individual interacts with our Services through various social media networks, such as when someone “Likes” us on Facebook or follows us, comments, or shares our content on Facebook, Twitter, or other social networks, we may receive some information about individuals that they permit the social network to share with third parties. The data we receive is dependent upon an individual’s privacy settings with the social network and may include certain profile information. We may use this information to operate, maintain, and provide to you the features and functionality of the Service, as well as to communicate directly with you, such as to send you email messages about products and services that may be of interest to you.
  • Service Providers: Our service providers that perform services solely on our behalf, such as survey and marketing providers and payment processors, collect personal information and often share some or all of this information with us. The information may include contact information, demographic information, transaction information, and information about your communications and related activities. We may use this information to administer and facilitate our Services and our marketing activities.
  • Community Partners: We may receive your personal information, such as name and email address, from our community partners through which we may offer events, programs, or services that contribute to improving the lives and livelihoods of our communities.
  • Other Sources: We may also collect Personal Information about individuals that we do not otherwise have from, for example, publicly available sources, third-party data providers, or through transactions such as mergers and acquisitions. We may use this information to operate, maintain, and provide to you the features and functionality of the Service, as well as to communicate directly with you, such as to send you email messages about products and services that may be of interest to you.

Through the provision of our Services, we may also process anonymous or otherwise deidentified information that cannot reasonably be used to infer information about, or otherwise be linked to, a particular consumer or household. UC Davis commits to maintain and use the information in deidentified form and will not attempt to reidentify the information, except in instances where necessary for determining whether the deidentification process used by UC Davis satisfies the requirements under applicable law.

Additional Uses of Personal Information

We may use personal information we collect to:

  • Fulfill or meet the reason the information was provided, such as to fulfill our contractual obligations, to deliver the Services you have requested and to process transactions;
  • Manage our organization and its day-to-day operations;
  • Register you for and provide you access to events and conferences;
  • Communicate with individuals, including via email, social media and/or telephone calls;
  • Request individuals to complete surveys about our organization, organizations we partner with, and Services;
  • For marketing and advertising purposes, including to market to you or offer you through email or direct mail, information and updates on products or services we think that you may be interested in (where applicable, we may send you marketing messages if you have given us your consent to do so); to conduct market research, inform our marketing and advertising activities, and improve our Services;
  • Administer, facilitate, improve and personalize our Services, including by recognizing an individual and remembering their information when they return to our Services;
  • Identify and analyze how individuals use our Services, and to improve and customize our Services to address the needs and interests of our user base and other individuals we interact with;
  • Test, enhance, update and monitor the Services, or diagnose or fix technology problems;
  • Distinguish you from other users of our services, which helps us monitor and analyze how you use and interact with our Services. It also helps us and our partners to determine products and services that may be of interest to you;
  • Help maintain the safety, security and integrity of our property and Services, technology assets and business;
  • To enforce our agreements, to resolve disputes, to carry out our obligations and enforce our rights, and to protect our business interests and the interests and rights of third parties; and
  • To fulfill any other purpose for which you provide personal information and or any other lawful purpose, or other purpose that you consent to.

Where you choose to contact us, we may need additional information to fulfill the request or respond to inquiries. We may provide you with additional privacy-related information where the scope of the inquiry/request and/or personal information we require fall outside the scope of this Privacy Notice. In that case, the additional privacy notice will govern how we may process the information provided at that time.

UC Davis’s information management practices conform to the requirements of the Information Practices Act of 1977 (Civil Code Section 1798, et seq.), the Public Records Act (California Government Code section 7920.000 et seq.), California Government Code Section 11015.5, the Family Educational Rights and Privacy Act (FERPA) (20 U.S.C. § 1232g; 34 CFR Part 99), and other applicable laws pertaining to information privacy

Any information acquired by UC Davis through the Sites is subject to the limitations set forth in the Information Practices Act. UC Davis will not distribute or share electronically collected personal information (as defined in subdivision (d) of California Government Code Section 11015.5) about users to any third party without the permission of the user, except in narrow circumstances set forth in this Notice. UC Davis will not sell any electronically collected personal information to any third party. Such electronically collected personal information is exempt from requests made pursuant to the California Public Records Act (commencing with section 7920.000) of Division 10 of Title 1).

III. Our Disclosure of Information

We may also share, transmit, disclose, grant access to, make available, and provide personal information with and to third parties, as follows:

  • Within the University of California: We may share personal information with other locations, units or departments hospitals or primary care networks that are part of the University of California.
  • Marketing Providers: We coordinate and share personal information with our marketing providers in order to communicate with individuals about the Services we make available.
  • Customer Service and Communication Providers: We share personal information with third parties who assist us in providing our customer services and facilitating our communications with individuals that submit inquiries.
  • Other Service Providers: In addition to the third parties identified above, we engage other third-party service providers that perform business or operational services for us or on our behalf, such as website hosting, infrastructure provisioning, IT services, analytics services, employment application-related services, payment processing services, and administrative services.
  • Survey Providers: We share personal information with third parties who assist us in delivering our surveys and processing the responses.
  • Online Advertising Partners: We may also share personal information with advertising networks or permit these partners to collect information from you directly on our websites to facilitate online advertising, such as search engines and social network advertising providers to serve targeted ads to you or to groups of other users who share similar traits, such as likely commercial interests and demographics, on third-party platforms. For more information, including how to opt out of interest-based advertising, please see the Cookie Notice.
  • Academic Research and Education: Data may be provided for research, educational, and publication purposes 1) in accordance with IRB and privacy office requirements, if in identifiable form, or 2) in aggregated format such that no identifying information from you will be contained in the release.
  • Business Transaction or Reorganization: We may take part in or be involved with a corporate business transaction, such as a merger, acquisition, joint venture, or financing or sale of assets. We may disclose personal information to a third party during negotiation of, in connection with or as an asset in such a corporate business transaction. Personal information may also be disclosed in the event of insolvency, bankruptcy, or receivership.
  • Legal Obligations and Rights: We may disclose personal information to third parties, such as legal advisors and law enforcement:
    • in connection with the establishment, exercise, or defense of legal claims;
    • to comply with laws or to respond to lawful requests and legal process;
    • to protect our rights and property and the rights and property of others, including to enforce our agreements and policies;
    • to detect, suppress, or prevent fraud;
    • to protect the health and safety of us and others; or
    • as otherwise required by applicable law.
  • With Your Consent: We may disclose personal information about an individual to certain other third parties or publicly with their consent or direction. For example, with an individual’s consent or direction we may post their testimonial on our Sites or service-related publications

UC Davis will not distribute or share “electronically collected personal information” (as defined in subdivision (d) of California Government Code Section 11015.5) about users to any third party without the permission of the user, except in narrow circumstances as set forth in this Privacy Notice, such as instances when authorized under law (including but not limited to the Information Practices Act), or to assist another state agency or public law enforcement organization in any case where the security of a network operated by a state agency has been, or is suspected of having been, breached. UC Davis will not sell any electronically collected personal information to any third party. Such electronically collected personal information is exempt from requests made pursuant to the California Public Records Act (commencing with section 7920.000 of Division 10 of Title 1).

IV. Your RIGHTS AND CHOICES Over Your Information

You may control your information in the following ways:

  • You may choose not to visit or use our Sites or use our Services.
  • You may choose to set your web browser to refuse cookies, or to alert you when cookies are being sent.
  • You can stop receiving promotional email communications from us by clicking on the “unsubscribe” link provided in such communications. You may not opt-out of service-related communications (e.g., account verification, transactional communications, changes/updates to features of the Services, technical and security notices).
  • Depending on your jurisdiction or state of residence, you may also have a right to:
    • Access the personal information we process about you (if any), as well as information relating to the recipients with whom we share your personal information, the purposes of processing, the duration for which the personal information will be stored, and the source of personal information that has not been provided by you;
    • Rectify or correct inaccurate or incomplete information concerning you, taking into account the purposes of the processing, and the right to have incomplete data completed;
    • Have your personal information deleted in certain circumstances. We may not be able to modify or delete your information in all circumstances (for example, we may be obligated to retain your personal information as required by law, regulation, or policy);
    • Restrict the processing of your personal information in certain circumstances;
    • Withdraw your consent to the processing of your personal information collected through our Services, should we ask for your consent for the processing of your information. The withdrawal does not affect the lawfulness of processing based on your consent before its withdrawal; and
    • Know whether your or your personal information is being used for automated decision-making, including profiling.

You may exercise your rights and submit any questions or concerns using the procedure under “Contacting Us.”

V. CHILDREN’S PERSONAL INFORMATION

Our Sites are not directed to, and we do not intend to, or knowingly, collect or solicit personal information from children under the age of 13. If an individual is under the age of 13, they should not use our Sites or otherwise provide us with any personal information either directly or by other means. Note that as part of some of our programs or services (i.e., campus summer programs), we may collect the personal information from or about children under 13 with parental or legal guardian consent. If a child under the age of 13 has provided personal information to us without parent or guardian consent, we encourage the child’s parent or guardian to contact us to request that we remove the personal information from our systems. In all instances, if we learn that any personal information we collect has been provided by a child under the age of 13, we will promptly delete that personal information.

VI. LINKS TO THIRD-PARTY WEBSITES OR SERVICES

Our Services may include links to third-party websites, plug-ins and applications. Except where we post, link to or expressly adopt or refer to this Privacy Notice, this Privacy Notice does not apply to, and we are not responsible for, any personal information practices of third-party websites and online services or the practices of other third parties. To learn about the personal information practices of third parties, please visit their respective privacy notices.

VII. UPDATES TO THIS PRIVACY NOTICE

We may update this Privacy Notice from time to time. When we make changes to this Privacy Notice, we will change the date at the beginning of this Privacy Notice. If we make material changes to this Privacy Notice, we will notify individuals by email to their registered email address, by prominent posting on our Services, or through other appropriate communication channels. All changes shall be effective from the date of publication unless otherwise provided.

VIII. CONTACT US

If you have any questions or requests in connection with this Privacy Notice or other privacy-related matters, please contact us by using one of the following methods:

For UC Davis Campus, please contact:
UC Davis Campus Privacy Officer
Privacy@ucdavis.edu

For UC Davis Health, please contact:
UC Davis Health Chief Privacy Officer
hs-privacyprogram@ucdavis.edu

Last Modified: Aug. 30, 2023

Unless otherwise expressly stated, terms in this notice have the same meaning as defined in the Privacy Notice.

1. SCOPE OF NOTICE

This Cookie Notice supplements the information contained in the Privacy Notice and explains how we and our third-party partners and service providers use cookies and related technologies in the course of managing and providing our online services and our electronic communication to you. It explains what these technologies are and why we use them, as well as your rights to control our use of them. As noted in our Privacy Notice, this Cookie Notice does not apply to protected health information under HIPAA at UC Davis Health.

In some cases, we may use cookies and related technologies described in this Cookie Notice to collect personal information, or to collect information that becomes personal information if we combine it with other information. For more details about how we process your personal information, please review the Privacy Notice.

2. WHAT ARE COOKIES AND RELATED TECHNOLOGIES

As is common practice among websites, our Services use cookies, which are tiny files downloaded to your device that allow us and our third-party partners to collect certain information about your interactions with our email communications, websites and other online services, and that improve your experience. We and our third-party partners and providers may also use other, related technologies to collect this information, such as web beacons, pixels, embedded scripts, location-identifying technologies, and logging technologies (collectively, “cookies”).

We use the following types of cookies:

  • (a) Strictly necessary cookies. These cookies enable core functionality such as security, network management and accessibility. You may disable these by changing your browser settings, but this may affect how the Services function. The legal basis for our use of strictly necessary cookies is our legitimate interests, namely being able to provide and maintain our Services.
  • (b) Functional cookies. These enable a website to remember information that changes the way the website behaves or looks, like your preferred language or the region that you are in. The legal basis for our use of functionality cookies is our legitimate interests, namely being able to provide and maintain our Services.
  • (c) Analytical/performance cookies. These cookies allow us to recognize and count the number of visitors to our Services, and to see how visitors move around our Services when they are using them. This helps us to improve the way our Services work, for example, by ensuring that users are finding what they are looking for easily.
  • (d) Targeting Cookies: These cookies record your visit to our Services, the pages you have visited and the links you have followed. They are used to track visitors across our Services.

3. WHAT WE COLLECT WHEN USING COOKIES

We and our third-party partners and providers may use cookies to automatically collect certain types of usage information when you visit or interact with our email communications and Services. For example, we may collect log data about your device and its software, such as your IP address, operating system, browser type, date/time of your visit, and other similar information. Our emails may also contain tracking pixels that identify if and when you have opened an email that we have sent you, how many times you have read it and whether you have clicked on any links in that email. We may also collect analytics data or use third-party analytics tools to help us measure usage and activity trends for our online services and better understand the individuals using our services. We also may collect location data, including general geographic location based on IP address.

We may include or engage in the following as part of our Services:

  • Social Media Widgets. Our Services may include social media features, such as the Facebook “Like” button, Pinterest, Instagram, Twitter or other widgets. These social media companies may recognize you and collect information about your visit to our Services, and they may set a cookie or employ other tracking technologies. Your interactions with those features are governed by the privacy policies of those companies.
  • Social Media Platforms. We may display targeted advertising to you through social media platforms, such as Facebook, Twitter, Instagram, LinkedIn, and other social media forums. These companies have interest-based advertising programs that allow us to direct advertisements to users who have shown interest in our services while those users are on the social media platform, or to groups of other users who share similar traits, such as likely commercial interests and demographics. We may share a unique identifier, such as a user ID, with these platform providers or they may collect information from our website visitors through a first-party pixel, in order to direct targeted advertising to you or to a custom audience on the social media platform. These advertisements are governed by the privacy policies of those social media companies that provide them. If you do not want to receive targeted ads on your social networks, you may be able to adjust your advertising preferences through your settings on those networks.
  • Google Analytics, We use Google Analytics to recognize you and link the devices you use when you visit our Services on your browser or mobile device, log in to your account on our Services, or otherwise engage with us. We share a unique identifier, like a user ID, with Google to facilitate the service. Google Analytics allows us to better understand how our users interact with our Services and to tailor our advertisements and content to you. For information on how Google Analytics collects and processes data, as well as how you can control information sent to Google, review Google's website, “How Google uses data when you use our partners’ sites or apps” located at www.google.com/policies/privacy/partners/. You can learn about Google Analytics’ currently available opt-outs, including the Google Analytics Browser Ad-On here: https://tools.google.com/dlpage/gaoptout/.

    We may also utilize certain forms of display advertising and other advanced features through Google Analytics. These features enable us to use first-party cookies (such as the Google Analytics cookie) and third-party cookies (such as the DoubleClick advertising cookie) or other third-party cookies together to inform, optimize, and display ads based on your past visits to the Services. You may control your advertising preferences or opt-out of certain Google advertising products by visiting the Google Ads Preferences Manager, currently available at https://google.com/ads/preferences, or by visiting NAI’s online resources at http://www.networkadvertising.org/choices.

4. HOW WE USE INFORMATION COLLECTED VIA COOKIES

We use cookies for a variety of reasons outlined below:

  • If you create an account with us, we will use cookies for the management of the signup process and general administration. These cookies will usually be deleted when you log out; however, in some cases, they may remain in order to remember your site preferences when logged out.
  • The Services may offer payment capabilities and some cookies are essential to ensure that your order is remembered between pages so that we can process it properly.
  • When you submit data through a form, such as those found on the contact pages, cookies may be set to remember your user details for future correspondence.
  • In order to provide you with a great experience on the Services, we provide the functionality to set your preferences for how the Services run when you use it. In order to remember your preferences, we need to set cookies so that this information can be called whenever you interact with a website page.
  • We use cookies to provide and monitor the effectiveness of our Services, monitor online usage and activities of our Services, and facilitate the purposes identified in the How We Use Your Personal Information section of our Privacy Notice.
  • We may also use the information we collect through cookies to understand your browsing activities, including across unaffiliated third-party sites, so that we can deliver information about products and services that may be of interest to you.
  • Tracking technology used in emails helps us measure the effectiveness of our marketing email campaigns, make the emails we send to you more relevant to your interests and help us understand if you have opened and how you interacted with our email.

Please note that we link some of the information we collect through cookies with the other personal information that we collect about you and for the purposes described in our Privacy Notice.

Note UC Davis will not distribute or share “electronically collected personal information” (as defined in subdivision (d) of California Government Code Section 11015.5) about users to any third party without the permission of the user, except in narrow circumstances as set forth in our Privacy Notice. UC Davis will not sell any electronically collected personal information to any third party.

5. YOUR CHOICES ABOUT COOKIES

If you are located in the European Economic Area, United Kingdom, or Switzerland, other than strictly necessary cookies, which are required for the operation of our Service, we will only place cookies on your device if you give us your consent to do so. We will ask you to tell us which cookies you agree to receive when you first access our Service.

Most browsers will allow you to change the setting of cookies by adjusting the settings on your browser to: (i) notify you when you receive a cookie, which lets you choose whether or not to accept it; (ii) disable existing cookies; or (iii) set your browser to automatically reject cookies. Be aware that disabling cookies may negatively affect the functionality of this and many other websites that you visit. Disabling cookies will usually result in also disabling certain functionalities and features of the Services.

Depending on your device and operating system, you may not be able to delete or block all cookies. In addition, if you want to reject cookies across all your browsers and devices, you will need to do so on each browser on each device you actively use. These settings will typically be found in the "options" or "preferences" menu of your browser. In order to understand these settings, the following links may be helpful, otherwise you should use the "Help" option in your browser for more details.

You may also set your email options to prevent the automatic downloading of images that may contain technologies that would allow us to know whether you have accessed our email and performed certain functions with it.

If you would like to find out more about cookies and other similar technologies, please visit www.allaboutcookies.org. or the Network Advertising Initiative's online sources at www.networkadvertising.org.

Please note that deleting or blocking cookies may not be effective for all types of tracking technologies, such as Local Storage Objects (LSOs) like HTML5.

PRIVACY DISCLOSURES FOR THE EUROPEAN ECONOMIC AREA, UNITED KINGDOM, AND SWITZERLAND

Last Modified: Aug. 30, 2023

These Privacy Disclosures set out information about how we use your personal data if you are located in the European Economic Area (“EEA”), United Kingdom ("UK"), or Switzerland, or otherwise engage in or access our EEA, UK or Switzerland Services from those regions.. Please ensure that you have read and understood these Privacy Disclosures before you access or use the Service.

Personal Data: When we use the term “personal data” in these Privacy Disclosures, we mean information relating to an identified or identifiable natural person.

Controller: The Regents of the University of California, organized under the laws of United States of America, having its registered address at 1111 Franklin St. Oakland, California, 94607, is the “controller” responsible for the processing of personal data in connection with our Service. This means that we determine and are responsible for how your personal data is used.

Please contact UC Davis if you have any queries in relation to your rights, these Privacy Disclosures and our Privacy Notice, or general privacy matters. Please ensure you reference our entity name (UC Davis or UC Davis Health) in any correspondence you send our representative.
By email at privacy@ucdavis.edu.

1. LEGAL BASES FOR THE PROCESSING

We may use your personal data based on the following legal grounds according to the Regulation (EU) 2016/679 (the “EU GDPR”) or, where applicable, the “UK GDPR” as it forms part of the law of England and Wales, Scotland and Northern Ireland by virtue of section 3 of the UK European Union (Withdrawal) Act 2018 GDPR:

  • Perform our contractual services, including prior to entering into a contract with you. If you order services from us or if you contact us to request our services, we use your personal data to provide you with these services, including for account and contract management, to facilitate user benefits and services, including customer support, and evaluate your candidacy for employment and to facilitate the onboarding process.
  • Justified by our legitimate interests. The usage of your personal data may also be necessary for our own business interests. For example, we may use some of your personal data to send gifts to you; market our Services to individuals; administer, improve and personalize our services, including by recognizing an individual and remembering their information when they return to our services and analyzing our client-base; process payment for our services; conduct market research; opportunity tracking, conversion and lead generation; test, enhance, update and monitor the services, or diagnose or fix technology problems; help maintain the safety, security and integrity of our property and services, technology assets and business; enforce our agreements, resolve disputes, carry out our obligations and enforce our rights, and protect our business interests and the interests and rights of third parties; and prevent, investigate or provide notice of fraud or unlawful or criminal activity.
  • Consent. In some cases, we may ask you to grant us separate consent to use your personal data.
  • Compliance with legal obligations. We are obligated to retain certain personal data because of legal requirements, for example, tax or commercial laws, or we may be required by law enforcement to provide personal data on request.

The table at Annex 1 (PDF) and Annex 2 (PDF) set out further detail about the categories of personal data we collect about you, how we use that information when you use the Service, as well as the legal basis which we rely on to process the personal data and recipients of that personal data.

We may link or combine the personal data we collect about you and the information we collect automatically.

We may anonymise and aggregate any of the personal data we collect (so that it is no longer linked to you and does not identify you). We may use anonymised information for purposes that include testing our IT systems, research, data analysis, improving the Service. We may also share such anonymised and aggregated information with others.

We will also indicate to you, at the point that we collect personal data from you, if the provision of certain personal data is mandatory or optional. Some information, such as your name, address, payment transaction information, and information on your requested services, may be necessary for your use of certain features and functionalities of the Service. If you choose not to provide personal data marked as mandatory, we may not be able to provide those aspects of the Service to you, or to respond to your queries and other requests.

2. HOW LONG WE STORE YOUR PERSONAL DATA

We generally store your personal data for the duration necessary for the data collection purposes identified by the specific UC application or program, unless we are required to do so to comply with applicable law or if we believe your personal data may be necessary to deal with a complaint or legal claim.

3. MARKETING AND ADVERTISING

We may contact you with information about our services, including sending you marketing messages and asking for your feedback on our services. For some marketing messages, we may use personal data we collect about you to help us determine the most relevant marketing information to share with you.

4. STORING AND TRANSFERRING YOUR PERSONAL INFORMATION

Security. We implement appropriate technical and organisational measures to protect your personal data against accidental or unlawful destruction, loss, change or damage. All personal data we collect will be stored by our cloud hosting provider on secure servers. We will never send you unsolicited emails or contact you by phone requesting credit or debit card information or national identification numbers.

International Transfers of your Personal Information. The personal data we collect may be transferred to and stored in countries outside of the jurisdiction you are in where we and our third-party service providers have operations. If you are located in the EEA, United Kingdom, or Switzerland your personal data may be processed outside of those regions, including in the United States.

In the event of such a transfer, we ensure that: (i) the personal data is transferred to countries recognised as offering an equivalent level of protection; or (ii) the transfer is made pursuant to appropriate safeguards that require the recipient to treat the personal data in a manner that is essentially equivalent to that guaranteed in the country you are in. If you are located in the EEA, United Kingdom or Switzerland, these safeguards include entering into agreements that incorporate the standard contractual clauses adopted by the European Commission and approved by the UK Information Commissioner.

5. PROFILING AND AUTOMATED DECISION-MAKING

We may analyse personal data we have collected about you to create a profile of your interests and preferences so that we can contact you with information that is relevant to you. We may make use of additional information about you when it is available from external sources to help us do this effectively. We may also use personal data about you to detect and reduce fraud and credit risk.

We may use your personal data for automated individual decision-making, in which case we will inform you of such processing activities and any potential impact of such processing activities.

6. YOUR RIGHTS IN RESPECT OF YOUR PERSONAL DATA

In accordance with applicable privacy law, you have the following rights in respect of your personal data that we hold:

  • (a) Right of access. You have the right to obtain:
    • (i) confirmation of whether, and where, we are processing your personal data;
    • (ii) information about the categories of personal data we are processing, the purposes for which we process your personal data and information as to how we determine applicable retention periods;
    • (iii) information about the categories of recipients with whom we may share your personal data; and
    • (iv) a copy of the personal data we hold about you.
  • (b) Right of portability. You have the right, in certain circumstances, to receive a copy of the personal data you have provided to us in a structured, commonly used, machine-readable format that supports re-use, or to request the transfer of your personal data to another person.
  • (c) Right to rectification. You have the right to obtain rectification of any inaccurate or incomplete personal data we hold about you without undue delay.
  • (d) Right to erasure. You have the right, in some circumstances, to require us to erase your personal data without undue delay if the continued processing of that personal data is not justified. We may not be able to delete your information in all circumstances. We may be obligated to retain your personal information as required by law, regulation, or policy;
  • (e) Right to restriction. You have the right, in some circumstances, to require us to limit the purposes for which we process your personal data if the continued processing of the personal data in this way is not justified, such as where the accuracy of the personal data is contested by you.
  • (f) Right to withdraw consent. There are certain circumstances where we require your consent to process your personal data. In these instances, and if you have provided consent, you have the right to withdraw your consent. If you withdraw your consent, this will not affect the lawfulness of our use of your personal data before your withdrawal.

You also have the right to object to any processing based on our legitimate interests where there are grounds relating to your particular situation. There may be compelling reasons for continuing to process your personal data, and we will assess and inform you if that is the case. You can object to marketing activities for any reason.

If you wish to exercise one of these rights, please email us at: Privacy@ucdavis.edu.

Due to the confidential nature of data processing we may ask you to confirm your identity when exercising the above rights.

You also have the right to lodge a complaint to your local data protection authority. If you are based in the European Union, information about how to contact your local data protection authority is available here. If you are based in the UK or Switzerland, your local data protection authorities are the UK Information Commissioner's Office (https://ico.org.uk/global/contact-us/) and the Swiss Federal Data Protection and Information Commissioner (https://www.edoeb.admin.ch/edoeb/en/home/deredoeb/kontakt.html).

7. COOKIES AND SIMILAR TECHNOLOGIES USED ON OUR SERVICES

For more information about how we use cookies and similar technologies and your choices regarding cookies, please see the Cookie Notice.


ANNEX 1 – PERSONAL INFORMATION YOU PROVIDE TO US (PDF)

ANNEX 2 – PERSONAL INFORMATION COLLECTED AUTOMATICALLY (PDF)