Butler University Privacy Statement
1. Scope
The Butler University Board of Trustees, by and through its affiliates, associates, and all other teaching, research, and service facilities, wherever located, (“Butler University”, “Butler”, “we”, “us”, or “our”) is committed to respecting and protecting the privacy rights of all natural persons. This Privacy Statement applies to Butler University and describes Butler University’s privacy notices and policies.
The Butler Supplemental Privacy Notice (“Supplemental Notice”) supplements this Privacy Statement. The Supplemental Notice applies generally to the provision of personal information by individuals in the European Economic Area and the United Kingdom. The Supplemental Notice explains how Butler University meets its obligations under the European Union General Data Protection Regulation (“GDPR”) and the United Kingdom GDPR with respect to such information.
2. Privacy Notices and Policies
This Privacy Statement includes as an integral part the following privacy notices and policies identified or linked below.
A. Web Privacy Notice
Scope
This Web Privacy Notice applies to all websites and domains owned, controlled, operated, and/or maintained by Butler University and any other web properties or profiles owned, controlled, operated, or maintained by Butler University (“Web”).
Terms of Use
Access to the Web is provided subject to the Legal Notice and Terms of Use. Please read the Butler University Fair, Responsible, and Acceptable Computer Use Policy carefully as use of the Web constitutes acceptance of its terms.
Purpose
To inform data subjects about Butler’s commitment to data privacy and explain how Butler uses and protects personal information.
Processing and Sharing Personal Information
Personal information may be processed by Butler trustees and employees, including faculty, researchers, medical professionals, financial aid counselors, human resources
professionals, law enforcement officers, and others associated with Butler, as may be necessary to carry out the purposes and the activities of Butler.
University Related Organizations
Butler may share personal information with Butler related organizations, such as its foundation and alumni association.
Third parties
Butler may share personal information with third parties subject to appropriate safeguards. Examples include: educational platform providers and course partners to further the purposes for processing the information and the activities of Butler; U.S., state, local, and foreign government entities to fulfill regulatory obligations (e.g., visa processing) and to facilitate access to funding sources (e.g., financial aid); partner institutions to facilitate study abroad activities; service providers to facilitate the full range of Butler functions (e.g., cloud storage, software, chatbots); information requestors pursuant to freedom of information laws; and vendors to provide services related to an individual’s affiliation with Butler (e.g., print diplomas, arrange housing) and to improve Butler outreach efforts.
Please note that Butler may provide anonymized data developed from personal information to third parties, such as government entities and research collaborators, and that such anonymized data is outside the scope of this Web Privacy Notice.
Chatbots
Some Butler websites use chatbots to respond to questions from website visitors about Butler and its programs or to otherwise assist the website visitors. The chatbots may ask for the user’s email address and other personal information in order to answer chat questions, provide a chat transcript, and/or provide helpful information about Butler. Butler uses third parties to make the chatbots available and to process the personal information collected by the chatbots.
Public Forums
Many Butler webpages provide chat rooms, forums, message boards, and news groups for their users. Any information disclosed in these areas may become public information and users should therefore exercise caution when deciding to disclose personal information in such places. Chat sessions and discussion forums may be logged.
E-Commerce
Some Butler websites enable users to pay for products or services online with a credit card. These transactions use a centralized process and are commercially secure.
Rules for Individuals under 13 Years of Age
The federal Children’s Online Privacy Protection Act (“COPPA”) imposes legal and regulatory requirements on certain operators of commercial websites or online services directed to children under 13 years of age, and on certain operators of other commercial websites or online services that have actual knowledge they are collecting personal information online from a child under 13 years of age. The Federal Trade Commission enforces COPPA, which spells out what operators of commercial websites and online services subject to COPPA must do to protect the privacy and safety of children under the age of 13 online when COPPA applies.
Consistent with COPPA, Butler University is committed to protecting the privacy of children under the age of 13. If a user of the Web is under the age of 13, such user is not authorized to provide Butler with personally identifying information, and Butler will not use any such information in its database or other data collection activities once Butler becomes aware that the user is under the age of 13. Butler University appreciates user cooperation with this requirement.
Users under the age of 13 and their parents or guardians are cautioned that the collection of personal information volunteered online or by e-mail by children under the age of 13 a) will be treated the same as information given by an adult until Butler becomes aware that the user is under the age of 13, and b) such information may be subject to public access.
Server Log Information Butler Gathers
The Web servers generate logs that may contain information about computers or devices used to access the Web, or about general activity on the Web, such as the following:
Internet address of computer or device
Type of browser or other client application used
Operating system of computer or device
Webpages requested
Referring webpages
Time spent on the site
Many Web server administrators produce summary reports from these logs and share that information with the Web content managers. The Web content managers typically use this information in aggregate to understand what pages are popular, how users are navigating to and within their site, and when their sites are used most frequently.
B. Cookie Policy
Cookies are small text files a website saves on a website visitor’s computer or other device (e.g., mobile phone) when they visit the website. For a discussion on how Butler employs cookies and related technologies, consult Butler University Cookie Policy.
C. FERPA Notice
Butler University complies with the Family Educational Rights and Privacy Act (“FERPA”), which generally prohibits the release of student education records without student permission. For more details on how Butler complies with FERPA, consult the following: Butler University FERPA Information
FERPA does permit the release of public or “directory information” about students, unless the student has requested that their directory information be suppressed. Information about suppressing the release of “directory information” can be obtained at: Butler University FERPA Information
D. HIPAA Notice
Butler University is committed to protecting the privacy and security of health information, as mandated by the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) and the Health Information Technology for Economic and Clinical Health Act of 2009 (“HITECH”). HIPAA and HITECH establish national standards for protecting the privacy and security of health information and define specific rights for individuals with respect to their health information.
E. International Privacy Notice
Butler University is committed to respecting and protecting the privacy rights of persons in the European Economic Area (“EEA”) and the United Kingdom (“UK”) pursuant to the European Union General Data Protection Regulation (“GDPR”). For more information about Butler’s commitment to the privacy of persons in the EEA and the UK, consult the following:
Butler University Supplemental Privacy Notice
G. Social Security Numbers Notice
Butler University is committed to having the proper procedures in place for collecting, maintaining and disseminating social security numbers of students, employees and individuals associated with Butler. Information about Butler’s commitment to the privacy of social security numbers can be found in the following policies:
Butler University Confidential Information Policy
Butler University Fair, Responsible, and Acceptable Computer Use Policy
H. Gramm Leach Bliley Act (GLBA) Notices
Butler University protects student financial aid information as required by the GLBA, which governs the use, sharing, and collection of financial information. For more information about how Butler University complies with the GLBA’s financial information security requirements, consult Butler University Fair, Responsible, and Acceptable Computer Use Policy.
I. Electronic Communications Privacy Act (ECPA) Notice
Butler University is committed to providing secure networks to protect wire, oral, and electronic communications while those communications are being made, are in transit, and when they are stored on computers as required by the ECPA.
J. Notice to Butler-Authorized Users of the Web
Butler is committed to protecting the privacy of personal information. Butler-authorized users, including students, employees, contractors, and other authorized individuals, using the Web and all personal information collected therefrom must do so in accordance with the applicable acceptable use policy:
Butler University Fair, Responsible, and Acceptable Computer Use Policy
Use by Butler-authorized users of the Web and all personal information collected therefrom is subject to all applicable state, federal, and foreign laws, as well as general Butler policies.
It is Butler’s usual practice not to share any personal information with those outside Butler. However, in limited circumstances consistent with Butler’s interests, Butler-authorized users may share personal information gathered from the Web provided doing so is not prohibited by applicable law or Butler policies and not inconsistent with notice given on a Butler website or in the Supplemental Privacy Notice, and at least one of the following:
Authorized by law;
Permitted under Butler policies;
Authorized by an approved Butler contract;
Clearly stated on a Butler website or in the Supplemental Privacy Notice that such information will be shared and the user indicates consent by providing the information;
Otherwise consented to;
Considered appropriate in support of Butler’s legitimate interests, such as sharing certain student and employee demographic information with Butler alumni association, Butler foundation, applicant students’ high schools and other educational institutions with questions about students who have been admitted or earned a degree from Butler; or
Considered appropriate to further the purposes for processing the personal information and the activities of Butler, to facilitate the full range of Butler functions, to provide services related to an individual’s affiliation with Butler, and to improve Butler outreach efforts;
Butler-authorized users responsible for conducting online surveys that collect personally identifiable information must clearly state on the survey site the extent to which any information provided will be shared. Subject to applicable law, aggregate and/or de-identified data from surveys may be shared with external third parties provided doing so does not compromise privacy.
It is Butler-authorized user’s responsibility to verify that applicable law does not restrict their:
Use of the Web and all personal information collected therefrom; and,
Sharing of the personal information collected therefrom, including the sharing of aggregate and/or de-identified data with external third parties.
K. Username and Password
Butler University may assign users a username and password to permit access to selected sites. The user is responsible for maintaining the confidentiality of the username and password. The user must immediately notify Butler University of any unauthorized use of the user’s username and password. Whenever user provides personal information via a web transaction, the user should sign out of the web site and close the user’s browser at the end of each session.
L. Alternative to Web Site Transactions
Butler websites provide access to information and services for constituents that may not have a formal relationship with Butler University as a student or employee. If the user is
neither a student nor employee and prefers not to provide any information online, Butler invites the user to cancel the transaction and contact the administrative unit responsible for the service to conduct the business in person, by mail or by telephone.
M. Consent
The user’s use of Butler University’s services and website indicates the user’s acceptance of the terms and conditions of use. In addition to the terms of this Privacy Statement, all pertinent, nonconflicting provisions of the Student Handbook, Employee Handbook, Faculty Handbook, Computer Use Policies, and the My.Butler Terms & Conditions apply to the user’s use of Butler’s websites. If the user does not agree to these terms, the user should discontinue the use of Butler University’s sites.
3. Questions
Any questions about this Privacy Statement can be emailed to security@butler.edu.
4. Updates to Privacy Statement
Butler may update this Privacy Statement from time to time. Any changes will become effective upon posting of the revised Privacy Statement.
Privacy Statement updated July 28, 2025.