MIT Open Learning is committed to supporting the privacy of members of the MIT Open Learning community of learners. This Privacy Statement explains how we handle and use the personal information we collect about you through your interaction with the Open Learning Site.
What personal information we collect
While specific information may vary for particular individuals, we may collect, use, store and transfer different kinds of personal information about you, which we have grouped together as follows:
Basic biographic/contact information – Name, email addresses, educational affiliation, country, home or business addresses, phone numbers, employer
Financial Information for philanthropic support – donation amount, credit card/paypal details collected and processed through Infinite Connection
How we collect personal information about you
We collect personal information about you when you chose to share it with us. We do not collect it from any other source.
How we use your personal information
We use your personal information for a number of legitimate purposes all in support of the Institute and its mission. Specifically, we use your personal information to:
Provide you with the Open Learning Newsletter if you choose to subscribe.
Request your philanthropic support of MIT Open Learning.
Enable MIT Open Learning to set-up and administer any form of SPOC (small private online course).
Enable MIT Open Learning to set-up and administer MITx residential course instances.
If you have concerns about any of these purposes, or how we communicate with you, please contact us at email@example.com. We will always respect a request by you to stop processing your personal information (subject to our legal obligations).
When we share your personal information
To perform the functions listed above, it may be necessary to share your personal information with other MIT offices, including for example, Resource Development.
How your information is stored and secured
MIT and its Data Processors, including Mailchimp and Quickbase, use a variety of privacy and security policies, processes, and procedures, including administrative, physical, and technical safeguards that reasonably and appropriately protect the confidentiality, integrity, and availability of the Personal Information that it receives, maintains, or transmits. Nonetheless, no method of transmission over the Internet or method of electronic storage is 100% secure, and therefore we do not guarantee its absolute security.
How long we keep your personal information
We consider our relationship with the MIT Open Learning Community to be lifelong. This means that we will maintain a record for you until such time as you tell us that you no longer wish us to keep in touch.
Rights for Individuals in the European Economic Area
You have the right in certain circumstances to (1) access your personal information; (2) to correct or erase information; (3) restrict processing; and (4) object to communications, direct marketing, or profiling. To the extent applicable, the EU’s General Data Protection Regulation provides further information about your rights. You also have the right to lodge complaints with your national or regional data protection authority.
If you are inclined to exercise these rights, we request an opportunity to discuss with you any concerns you may have. To protect the personal information we hold, we may also request further information to verify your identify when exercising these rights. Upon a request to erase information, we will maintain a core set of personal data to ensure we do not contact you inadvertently in the future, as well as any information necessary for MIT archival purposes. We may also need to retain some financial information for legal purposes, including US IRS compliance. In the event of an actual or threatened legal claim, we may retain your information for purposes of establishing, defending against or exercising our rights with respect to such claim.
By providing information directly to MIT, you consent to the transfer of your personal information outside of the European Economic Area to the United States. You understand that the current laws and regulations of the United States may not provide the same level of protection as the data and privacy laws and regulations of the EEA.
You are under no statutory or contractual obligation to provide any personal data to us.
We may change this Privacy Statement from time to time. If we make any significant changes in the way we treat your personal information we will make this clear on our MIT websites or by contacting you directly.
The controller for your personal information is MIT. If you are in the EU and wish to assert any of your applicable GDPR rights, please contact firstname.lastname@example.org.
This policy was last updated in November 2023.