Quick Guide to Contents
Collection of Information
Information You Provide
Information Automatically Collected
Tracking Options and California Do Not Track Disclosures.
Information Collected from Other Sources
Our Combination of Your Information
Failure to Provide Personal Information
How We Use Your Information
Legal Basis for Collecting and Processing Personal Information
How We Disclose Your Information
- The 2U Family of Companies: Where you have expressed interest and given your consent, we share your information within the 2U family of companies to provide you with information about other educational programs.
- Service Providers: We share your information with third parties that provide business, professional, or technical support functions for us. In particular, we use third-party providers for website hosting, maintenance, marketing services, courier services, certification services, business operations, payment services, and identity verification services (“Service Providers”). These Service Providers are only given access to your information to the extent necessary to process your information and/or provide services to 2U, and they are prohibited from using or sharing your information for any other purposes. Where permitted by law, 2U discloses limited information about you to Service Providers to serve relevant advertising on third party platforms to you or to other audiences.
- Your Employer: We share your information with your employer, in the event that the employer is paying for your Program. Information disclosed in this case shall include Program performance information, unless otherwise expressly agreed in writing with 2U.
- Fraud; Security: We access and disclose your information to detect, prevent, or otherwise address fraud, security or other technical issues.
- Consent; Other: We share information with third parties when we have your consent, or otherwise as described to you at the point of collection.
- International Transfers: We transfer personal information from the European Economic Area (“EEA”) to other countries, including the United States and South Africa. Where information is transferred outside the EEA to a third party in a country that is not subject to an adequacy decision by the EU Commission, data is adequately protected by Standard Contractual Clauses, an appropriate Privacy Shield certification or a vendor’s Processor Binding Corporate Rules. A copy of the relevant mechanism can be provided for your review on request to firstname.lastname@example.org.