The University of Arkansas and the Arkansas Economic Development Commission are committed to safeguarding the privacy of all personal data provided by students, employees, alumni, and other constituents, as well as contractors (collectively “data subjects”).
Effective May 25, 2018, the European Union (“EU”) General Data Protection Regulation (“GDPR”) places additional obligations on organizations that control or process personally identifiable information about persons in Europe. The GDPR is designed to protect the privacy of data concerning a natural person that is collected or processed in or transferred out of the EU, and to regulate the data privacy practices of entities that offer goods or services in the EU. In its capacity as a data controller, the University collects, uses, and discloses data subjects’ information according to the following policy.
The GDPR applies to entities both inside and outside the EU. In addition, the regulations apply to data about anyone present in the EU, regardless of whether they are a citizen or permanent resident of an EU country; for example, GDPR includes U.S. persons when their personal data is collected, stored and used in the EU or transferred from the EU.
The GDPR defines “personal data” as follows:
“…any information relating to an identified or identifiable natural person (“data subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier (including information that is manually or automatically read, such as an IP address) or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.”
For more information on how the Arkansas Economic Development Commission uses, manages, and protects personal data, please visit: