icon-carat-right menu search cmu-wordmark
Carnegie Mellon University

Privacy Notice

Privacy Notice

Last updated: September 19, 2025

Carnegie Mellon University – Software Engineering Institute (“SEI,” “we,” “us,” or “our”) is committed to privacy and data protection. This Privacy Notice applies to all personal information SEI collects from you, through websites under the SEI domain cmu.edu and any other SEI websites or online services (collectively the “Services”) that link to this Privacy Notice, as well as how we use and protect personal information about you. You may download a copy (.pdf) of this Privacy Notice.

This Privacy Notice does not apply to any third-party applications or software that integrate with the Services, or any other third-party products, services or businesses (collectively, “Third-party Services”). Third-party Services are governed by their own privacy policies. We recommend you review the relevant privacy notice governing any Third-party Services before using them.

SEI is the controller of the personal information collected by SEI through the Services. Any questions or concerns regarding SEI’s privacy and data protection practices can be directed to our Data Protection Officer at privacy@andrew.cmu.edu.

We collect information that identifies, describes, or is reasonably capable of being associated with you (“personal information”). The following discusses the categories of personal information we may collect and/or may have collected in the preceding 12 months, the sources we collect information from, and the business or commercial purposes use of personal information about you.

We may collect the following categories of personal information:

· Identifiers. Such as a real name, postal address, phone number, unique personal identifier, Internet Protocol address, email address, account name, unique identifier of device, or other similar identifiers.

· Your opinions or other information. For example, when you respond to surveys or studies for us, or when you review or provide information to the Services we offer.

· Protected Classification Characteristics. Such as age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status. Some of this information may be considered “sensitive personal information” or “special categories of personal information.”

· Financial information. Such as your payment card number, CVV, billing address, and related financial information. This may be considered sensitive personal information in some jurisdictions.

· Commercial information. Records of Services enrolled, purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.

· Geolocation Data. Such as physical location or movements, which could include collecting your IP address and inferring location such as city or postcode therefrom.

· Internet or other similar network activity. As described in more detail in the section titled “Cookies & Other Technologies,” if you use our website, we automatically collect information about your browsing and search history, interaction with the features of our website, and responses to advertisements.

· Professional or employment-related information. Such as current or past job history or performance evaluations.

· Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)). Such as education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records.

· Inferences drawn from other personal information. Such as profile reflecting a person’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.

· Sensitive personal information. Such as data revealing racial or ethnic origin, religious beliefs, mental or physical health conditions or diagnoses, sexual orientation, citizenship or immigration status, and genetic or biometric data used for uniquely identifying a person.

We may use these categories of personal information for the following purposes:

· To provide you with the Services that you have requested - We may process personal information in connection with any Services we provide and pursuant to our contract with you to provide such Services, to administer our relationship with you and to carry out our obligations arising from the relationship between you and us, internal accounting and administration purposes, to process payment for purchases or other Services, and to create and manage your account with us.

To provide you with Services we may collect: Identifiers; Your opinions or other information; Financial information; Commercial information; Geolocation Data; or Internet or other similar network activity.

· To evaluate you for admission to enroll as a student to SEI, for participation in a SEI program, to become a visitor to SEI - We will collect personal information about you when you apply for admission to SEI, to participate in a SEI program, or as a visitor. Such information will be used pursuant to our legitimate interest of evaluating individuals who apply to SEI.

To evaluate enrollees and visitors we may collect: Identifiers; Your opinions or other information; Protected Classification Characteristics; Financial information; Professional or employment-related information; Non-public education information; or Sensitive personal information.

· To perform surveys and studies - We may ask you to participate in a survey or study; and may request personal information from you. Participation is voluntary, and you have the choice of whether to disclose any requested information. You may be asked to sign a separate consent form in connection with many surveys and studies. The consent form will include additional disclosures regarding the personal information collected and processed in connection with the study or survey.

When conducting a survey or study we may collect: Identifiers; Your opinions or other information; Protected Classification Characteristics; Professional or employment-related information; Inferences drawn from other personal information; Geolocation Data; or Internet or other similar network activity; or Sensitive personal information

· Registering you for a course, conference, program or event - When you register for a course, conference, program, or event (each a “program”) at SEI, we will collect personal information to process the registration, provide you with updates, and facilitate the program. Many programs will request that you sign a separate consent form for participation. This consent form may include additional disclosures regarding any additional personal information collected and processed in connection with the program.

In connection with programs, we may collect: Identifiers; Your opinions or other information; Protected Classification Characteristics; Financial information; Professional or employment-related information; Inferences drawn from other personal information; Geolocation Data; Internet or other similar network activity, or Sensitive personal information.

· To process your requests - We may collect the content of messages you send to us, such as feedback or questions you ask our technical support representatives, when necessary to provide you with the Services and fulfill our contract with you. We will collect and utilize any data files you send to us for troubleshooting and improving the Services.

To process your requests, we may collect: Identifiers; Your opinions or other information; Commercial information; Geolocation Data; or Internet or other similar network activity.

· To process your payments - If you make a payment to SEI, we will ask for financial information and other information requested for processing your payment and performing our contract with you. We use third-party payment processors to assist in securely processing your financial information. If you pay with a credit card, the financial information that you provide through the Services is encrypted and transmitted directly to the payment processor. We do not store your financial information and do not control and are not responsible for the payment processors or their collection or use of your information.

SEI’s payment processing vendors are required to process all credit card payments securely using measures that comply with the Payment Card Industry Data Security Standard (“PCI DSS”).

To process payments, we may collect and process: Identifiers; Financial information; or Commercial information.

· For analytics purposes - For example, we may analyze personal information about you including your location, and Services requested, age, time zone, IP address and URL visited, against our wider customer base for internal business purposes, such as generating statistics and developing marketing plans, based on our legitimate interest to improve our Services and the website. We may also aggregate and de-identify your information to create customer segments and share with our affiliates and partners.

To perform analytics, we may collect and process: Internet and network information.

· To provide you with marketing communications that you might be interested in - If you choose to receive marketing communications from us, we may use personal information about you to keep you up to date with our latest Services, surveys, announcements, upcoming events, sweepstakes, contests and other promotions via our newsletters, emails, or other communications. If you no longer wish to receive these marketing communications, details of how to opt out are described in the section below marked “How do I stop receiving marketing communications?” We send marketing communications based on your consent or our legitimate interest.

To provide marketing communications we may collect and process: Identifiers; or Commercial information.

· For non-marketing communications - We may use personal information about you to communicate with you about important information in relation to an account you have with us, the service you have requested or other non-marketing communications, for fulfillment of any contractual obligations we may have with you. This includes: (i) to process and respond to your questions and/or inquiries; (ii) emailing you to verify your identity when you sign-up; (iii) emailing you where you have requested a password and/or username reset; (iv) notifying you that a particular service has been suspended for maintenance or terminated; (v) letting you know that we have updated this Privacy Notice or other legal notices; or (vi) letting you know about any Services that you have requested or purchased. We will never contact you to ask for your password, please be careful if you receive any communications from people requesting this information.

To provide non-marketing communications we may collect and process: Identifiers; or Commercial information.

· For site optimization and management - For example we may use personal information about you provided to us to:

· administer the website;

· ensure the security of our networks and of your information;

· customize your future visits to the website based on your interests to ensure the most user-friendly online navigation experience;

· improve the website and our other digital offerings (including to fix operational problems such as pages crashing and software bugs); and

· provide services to our partners such as tools, analyses, data and insights to see how their website or mobile applications are used.

To support our legitimate interest in site optimization and management we may collect and process: Internet and network information.

· For service and business development purposes - For example, we will use information we collect from you based on our legitimate interest to improve our Services and develop new Services, features, and capabilities. Data is collected throughout your interactions with the Services that enable us to understand usage and tailor future capabilities.

To support product development, product improvement, and business development we may collect and process: Identifiers; Commercial information; or Internet and network information.

· For fraud prevention and detection purposes and to protect and defend the rights and property of SEI, our employees and business partners.

To support our legitimate interest in fraud prevention and detection we may collect and process: Identifiers; or Internet or other electronic network activity information.

· For employment application purposes - For example, if you contact us in relation to your employment prospects, we will use personal information about you, based on our legitimate interest, to consider you for current and future employment opportunities and to contact you with respect to employment opportunities at SEI that you have expressed an interest in.

To support our employment application process, we may collect and process: Identifiers; or Professional or employment-related information.

· To verify your identity - For example, we may collect your real name, alias, postal address, unique personal identifier, online identifier, email address, account name, or other similar identifiers to determine if you already have an account with us or comply with a request from you to exercise your rights, as required by law.

· Information that we collect automatically. When you engage with SEI, we may use Cookies and similar tracking technology to collect the following information about you automatically (for further information please see the section titled “Cookies & Other Technologies” for more information):

· Internet or other electronic network activity information. Such as browsing history, search history, information on your interaction with a website, application, or advertisement.

· For example, when you visit the website, engage with SEI content or with us digitally, we may collect certain information from your computer, tablet or mobile phone (“Device”) such as your IP address, Device type (i.e. make and model), unique device identification numbers, browser-type and time zone settings

· We may also collect information about how your Device has interacted with us including: the pages accessed and links clicked; how you navigate to and from the website (such as how you scroll over the site, which parts you click and how long you spend on each page); your preferences, the Services that you have viewed or searched for; and crashes, download errors and response times.

· Geolocation Data. Such as physical location or movements. We collect your IP address and infer location such as city or postcode therefrom.

· For example, when you visit the website, engage with SEI content or with us digitally, we may collect your broad geographic location (e.g. country or city-level location) from your Device.

· Inferences drawn from other personal information. Such as a profile reflecting a person’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.

· For example, when you visit the website, we may use the personal information indicated above to provide you with tailored advertising, content and Services that we think you may like. This is described in further detail in the section below marked “How does SEI use personal information?”.

· Information that we obtain from third-party sources. From time to time, we may receive personal information about you from third-party sources, but only where we have contracts in place requiring the third-party to receive your consent or otherwise reasonably believe the third-party is legally permitted or required to disclose personal information about you to us. The types of personal information we collect from third parties may include:

· Social Media Partners. For example, if you use functionality such as “like” or “share” buttons, that social media site may pass information to us, including: the user ID for that third-party site, the name, email address and location associated with the user ID and any other information permitted under the privacy policy for that website.

· Technology partners and market research organizations. For example, where permitted by applicable data protection law and if applicable where you have specifically consented, our preferred technology partners may share information with us, including your browser patterns, geo-location and Device identifiers.

Research partners or data providers. For example, where permitted by applicable data protection law and if applicable where you have specifically consented, we may receive personal information from our research sponsors, research collaborators and/or other data providers, such as Identifiers, Your opinions or other information, Protected Classification Characteristics, Professional or employment-related information, Inferences drawn from other personal information, Geolocation Data, or Internet or other similar network activity.

Use of Artificial Intelligence

We may use artificial intelligence to process personal information for any purpose set forth in this Privacy Notice. We may rely on third-party processors, servers, deployers, and developers in connection with our use of artificial intelligence. Unless set forth in Section 4 – Does SEI Share Personal Information with Anyone? or otherwise disclosed, we do not share personal information we collect with third parties.

Change of purpose

We will only use personal information about you for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If you wish to get an explanation as to how the processing for the new purpose is compatible with the original purpose, please contact us.

If we need to use personal information about you for an unrelated purpose, we will notify you and we will explain the business purpose which allows us to do so.

Please note that we may process personal information about you without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.

We are required to satisfy one or more of the reasons set out by applicable data privacy law before we can collect and use personal information about you.

Generally, our business purpose for collecting and using the personal information described above will depend on the personal information concerned and the specific context in which we collect it. However, we will normally rely on the following reasons to collect and use personal information about you:

· Performance of a contract

Using your information may be necessary for us to perform our obligations under a contract with you or with a view to entering into such a contract. For example, where you have: (i) purchased or enroll in our Services, we will need to use your information to provide those Services; or (ii) approached us in relation to employment opportunities, the collection and use of personal information about you is necessary to enable us to offer you the job role, process your acceptance of the offer, on-board you as an employee and fulfil our obligations as an employer.

· Compliance with our legal obligations

The collection and use of personal information about you may be necessary to enable us to meet our legal obligations. For example, to verify your identity and undertake necessary due diligence checks.

· Pursuing our legitimate interests

Where such processing is not overridden by your interests or fundamental rights, we are permitted to use personal information about you where it is necessary to pursue our legitimate interests, for example to operate the website and our other digital offerings, to improve our Services, content and our other digital offerings or to undertake marketing. We may have other legitimate interests and if appropriate we will make this clear to you at the relevant time.

· Consent

In some limited circumstances, we may rely on your consent to collect and use personal information about you. For example, we may rely on consent: (i) where you have approached us in relation to employment or study opportunities and have provided us with sensitive personal information, such as information in relation to your racial and ethnic origin, sexual orientation, religion, physical and mental health, disabilities or trade union membership; or (ii) in relation to the sending of e-marketing or communications.

· If we rely on consent, this will be made clear to you at the time we request your information. You can withdraw your consent at any point by using the mechanism provided at the time, or by contacting us using the contact details provided in the section of this Privacy Notice titled “How do I contact SEI?”

You may not always be required to provide the personal information that we have requested. However, if you choose not to provide certain information, you may not be able to take advantage of some of our Services. Any information that is so required is clearly marked as mandatory. If you would prefer that we not collect certain personal information from you, please do not provide us with any such information, or opt out of providing this information where applicable.

If we collect and use personal information about you in reliance on our legitimate interests (or those of any third-party), these interests will normally be as set out in this Privacy Notice; however, if this changes we will make clear to you at the relevant time what those legitimate interests are.

If you have any questions or need further information concerning the business purpose on which we collect and use personal information about you, please contact us using the contact details provided in the section below marked “How do I contact SEI?”

It is the practice of SEI to protect the personal information. Access to personal information controlled or processed by SEI is restricted to only those employees or agents, contractors or subcontractors of SEI who have valid reasons to access this information to perform any service you have requested or authorized, or for any other purpose described in this Privacy Notice. The personal information you provide will not be sold or rented to third parties.

We may provide personal information about you to:

· outsourced service providers who perform functions on our behalf, located inside or outside of the jurisdiction in which you reside (in such case, we will use the appropriate legal framework to operate data transfers). For example, personal information about you may be stored on cloud hosting services such as Amazon Web Services.

· our authorized agents and representatives, located inside or outside of your country of residence (in such case, we will use appropriate legal framework to operate data transfers), who provide Services on our behalf, such as training service providers;

· anyone expressly authorized by you to receive personal information about you; or

· anyone to whom we are required by law to disclose personal information, upon valid and enforceable request thereof.

We will access, disclose and preserve personal information, when we have a good faith belief that doing so is necessary to:

· comply with applicable law or respond to valid legal processes, including from law enforcement or other government agencies, upon valid and enforceable request thereof; or

· operate and maintain the security of the Services, including to prevent or stop an attack on our computer systems or networks.

Please note that some of the Services may direct you to services of third parties whose privacy practices differ from SEI’s. If you provide personal information to any of those services, that data is governed by their privacy statements or policies. Carnegie Mellon University – Software Engineering Institute is not responsible for the privacy practices of these other websites. Please review the privacy policies for these websites to understand how they process your information.

How You May Share Personal information

Certain features of the Services may allow you to share information with others. Please do not share personal information about you or the personal information of others through the sharing features. You are the controller of personal information you share through the sharing features of the Services.

The privacy laws of some jurisdictions may provide their residents with additional rights regarding our use of personal information. The following Section applies to individuals who reside in specific jurisdictions that provide additional privacy rights.

5.1 Your Rights and Choices

Right to Access Specific Information and Data Portability Right. You may have the right to request that we disclose certain information to you about our collection and use of personal information. Once we receive and confirm your verifiable request, we may disclose to you any and/or all of the following when required under applicable privacy laws:

● The categories of personal information we collected about you.

● The categories of sources for the personal information we collected about you.

● Our business or commercial purpose for collecting such information.

● The categories of third parties with whom we share that personal information.

● The specific pieces of personal information we collected about you (also called a data portability request).

● If we disclosed personal information for a business purpose, the business purpose for which personal information was disclosed, and the personal information categories that each category of recipient obtained.

Right to Correct Information. You may have the right to request we update personal information about you that is incorrect in our systems.

Right to Delete. You may have the right to request that we delete any personal information about you that we collected from you and retained, subject to certain exceptions. Once we receive and confirm your verifiable request, we will delete (and direct our service providers to delete) the personal information from our records, unless an exception applies.

Right to Withdraw Consent. You may have the right to withdraw your consent at any point by using the mechanism provided at the time, or by contacting us using the contact details provided in the section of this Privacy Notice titled “How do I contact SEI?”

Right to Limit Sensitive Personal Information Use. You may have the right to limit the use of sensitive personal information regarding you.

Right to Object to Processing Personal Information. You may have the right to object to the processing of personal information for the purposes of profiling or our legitimate interest.

Non-Discrimination. We will not discriminate against you for exercising any of your rights.

5.2 How to Exercise these Rights

To submit a request to exercise these rights you may use one of these two methods:

· Email: privacy@andrew.cmu.edu

· Submit a Request

For all requests, please clearly state that the request is related to “Your Privacy Rights,” indicate which type of request you are making, and provide your name, street address, city, state, zip code and an e-mail address or phone number where we may contact you. We are not responsible for notices that are not labeled or sent properly or that do not include complete information.

To appeal a decision regarding an individual rights request, please submit your appeal using one of the two methods above. Your appeal should include an explanation of the reason you disagree with our decision. Within 60 days of receipt of an appeal, we will inform you in writing of any action taken or not taken in response to the appeal, including a written explanation of the reasons for the decisions.

You may only make such a request for access or data portability twice within a 12-month period. The verifiable request must provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative and describe your request with sufficient detail that allows us to properly understand, evaluate and respond to it.

We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you. Making a verifiable request does not require you to create an account with us. We will only use personal information provided in a verifiable request to verify the requestor’s identity or authority to make the request.

We endeavor to respond to a verified request within forty-five (45) days of its receipt. If we require more time (up to 90 days), we will inform you of the reason and extension period in writing. We will deliver our written response electronically. Any disclosures we provide will only cover the 12-month period preceding the receipt of the verifiable request. The response we provide will also explain the reasons we cannot comply with a request, if applicable. For data portability requests, we will select a format to provide the personal information that is readily usable and should allow you to transmit the information from one entity to another entity without hindrance.

We do not charge a fee to process or respond to your verifiable request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.

5.3 California Shine the Light Law

California Civil Code Section 1798.83 permits users who are California residents to obtain from us once a year, free of charge, a list of third parties to whom we have disclosed personal information (if any) for direct marketing purposes in the preceding calendar year. If you are a California resident and you wish to make such a request, please send an e-mail with “California Privacy Rights” in the subject line to privacy@andrew.cmu.edu or write us at: Carnegie Mellon University – Software Engineering Institute, Attention: Data Protection Officer, 5000 Forbes Avenue, Pittsburgh, PA 15213.

The website may contain links to or from third-party sites. Please be aware that we are not responsible for the privacy practices of such third parties. This Privacy Notice applies only to the personal information we collect as described above. We encourage you to read the privacy policies of third-party sites you access from links on the website or otherwise visit.

Our website may facilitate easy access to certain social networking sites and other websites or services with user-generated content features, such as Facebook, Instagram, YouTube, Pinterest, and X (formerly Twitter) (“Social Sites”). You understand that we do not control such services and are not liable for the manner in which they operate or for the content generated and shared by other users. Please review the Social Sites’ privacy policies if you would like more information about how they collect, use and share personal information about you, your privacy rights and how to change your privacy settings.

Our website may enable you to:

· Access Social Sites: This may include access to websites such as a Facebook, Instagram, YouTube, Pinterest, and X (formerly Twitter); or activation of third-party websites when you make a ‘comment’, ‘share’ or ‘like’ something on the Social Site using a third-party social network plug-in. In each instance, such third-party’s privacy policy will apply to your interaction with that website or service;

· Submit content to Social Sites: For reviews, discussion forums, message boards, photographs and other public features (“Public Forums”). We do not restrict the distribution of personal information that you voluntarily disclose in these Public Forums, so please be aware that any information you disclose there may be collected and used by us and others. For this reason, we encourage you to refrain from providing or sharing personal information about yourself in the Public Forums. We cannot prevent third parties from using such information in a way that may violate this Privacy Notice or applicable law;

· Sign-in to the Site using a Social Site: For example, for a harmonized user experience.

Signing-in using a Social Site or other third-party account may allow us to access information that you have given the Social Site permission to share. The sign-in feature may also transfer information to the Social Site or third-party, such as your username or social media handle, to authenticate you. The Social Site or third-party may also automatically collect information such as your IP address, information about your browser and device, and the web page address of the Site. The sign-in feature may also place and read Cookies from that third-party that may contain a unique identifier the Social Site or other third-party assigns to you. The functionality of and your use of the sign-in is governed by the privacy policy and terms of the Social Site.

We may use personal information about you to identify you on Social Sites and to show you ads that are more relevant for you.

Our use of personal information about you in relation to the Social Sites will be as set out in this Privacy Notice or as otherwise notified to you. Again, please note that third-party sites (including the Social Sites) may be under the control of a third-party, and we encourage you to familiarize yourself with the privacy policies and terms of use of each third-party site.

If you have provided us with your contact information, we may, subject to any applicable Spam Act or similar regulation, contact you via e-mail, postal mail or telephone about SEI Services and events that may be of interest to you, including newsletters.

Marketing e-mail communications you receive from SEI will generally provide an unsubscribe link or instructions on how to opt-out of receiving future e-mail or to change your contact preferences. E-mail communications may also include a link to directly update and manage your marketing preferences. You can also request changes to your contact preferences by contacting SEI via email at it-help@cmu.edu or, to stop text messages by texting STOP in response to any text message.

Please remember that even if you opt out of receiving marketing emails, we may still send you important Services information related to your accounts and subscriptions.

SEI also collaborates with third parties such as cloud-hosting services and suppliers located around the world to serve the needs of our business, workforce, and users. To provide our Services, we may need to transfer and process personal information about you in the United States or in any other country where SEI, its affiliates or contractors maintain facilities (including to destinations outside the country in which you are located).

As a result, your information may be transferred to and/or processed in countries which may not guarantee the same level of protection for personal information as the country in which you reside. However, we have taken appropriate safeguards to ensure that personal information about you will remain protected in accordance with this Privacy Notice and the requirements of applicable law wherever the data is located. For more information on how SEI transfers personal information please visit our “Transfer of Personal information Between Countries” page.

Further information can be provided on request: please contact us using the details found in the section “How do I contact SEI?” We have also implemented similar appropriate safeguards with our third-party service providers and partners and further details can be provided upon request.

SEI is committed to protecting the security of personal information about you. Depending on the circumstances, we may hold your personal information in hard copy and/or electronic form. For each medium, we use technologies and procedures to protect personal information. We review our strategies and update as necessary to meet our business needs, changes in technology, and regulatory requirements.

These measures include, but are not limited to, technical and organizational security policies and procedures, security controls and employee training.

We may suspend your use of all or part of the Services without notice if we suspect or detect any breach of security, abuse, or illegal or questionable activity. If you believe that personal information you provided to us is no longer secure, for example, if your access credentials have been compromised, please notify us immediately using the contact information provided below.

If we become aware of a breach that affects the security of personal information about you, we will provide you with notice as required by applicable law.

Certain Services are intended to be used by individuals who are under the age of 13 years old (“Children” or “Child”). Services directed to Children require verifiable parental consent and acknowledgement of the SEI Children’s Online Privacy Protection Act (“COPPA”) Notice prior to a Child’s participation. Consistent with the requirements of the COPPA, if we learn that we received any information directly from a Child without his or her parent’s verified consent, we will use that information only to inform the Child (or his or her parent or legal guardian) that he or she cannot use the Services.

California Minors: If you are a California resident who is under age 18 and you are unable to remove publicly-available content that you have submitted to us, you may request removal by contacting us at: Privacy@andrew.cmu.edu When requesting removal, you must be specific about the information you want removed and provide us with specific information, such as the URL for each page where the information was entered, so that we can find it. We are not required to remove any content or information that: (1) federal or state law requires us or a third-party to maintain; (2) was not posted by you; (3) is anonymized so that you cannot be identified; (4) you don’t follow our instructions for removing or requesting removal; or (5) you received compensation or other consideration for providing the content or information. Removal of your content or information from the Services does not ensure complete or comprehensive removal of that content or information from our systems or the systems of our service providers. We are not required to delete the content or information posted by you; our obligations under California law are satisfied so long as we anonymize the content or information or render it invisible to other users and the public.

We may update this Privacy Notice based upon evolving Laws, regulations and industry standards, or as we may make changes to our business including the Services. We will post changes to our Privacy Notice on this page and encourage you to review our Privacy Notice when you use the Services to stay informed.

If we make changes that materially alter your privacy rights, SEI will provide additional notice, such as via email or through the Services. If you disagree with the changes to this Privacy Notice, you should discontinue your use of the Services. You may also request access and control of personal information about you as outlined in the Your Rights Regarding Personal information section of this Privacy Notice.

We understand that you may have questions or concerns about this Privacy Notice or our privacy practices or may wish to file a complaint. In such case, please contact us in one of the following ways:

Email: privacy@andrew.cmu.edu

Mail:

Carnegie Mellon University – Software Engineering Institute
Attention: Data Protection Officer
5000 Forbes Avenue
Pittsburgh, PA 15213