The Forum on Education Abroad (“The Forum”) collects a variety of data about institutions and individuals in service to our mission to develop and disseminate comprehensive standards of good practice, resources, and training, to advocate for education abroad and its value, and to engage the field in critical dialogue. We respect the privacy of all our constituents, and thus carefully consider what information we collect and implement technology and procedures with the goal of protecting collected data from unauthorized or improper use. If you have any questions about this policy, please contact us at firstname.lastname@example.org.
This policy covers the following:
- What information does The Forum collect?
- How does The Forum use and share your information?
- How is information collected by The Forum stored and secured?
- How can you access and control your personal information?
- How long is information stored?
- Other important information
Conferences and Events
When proposing content for presentation at a Forum conference or event, individuals disclose limited personal information (name, contact information, brief biographies) along with their proposal through our online form on our website. Data submitted here is stored on our server. Access is limited to Forum staff only via password authentication.
From individuals registering to attend Forum conferences or events, we collect additional information through our conference registration form, provided by RegOnline. Access to this data is limited to necessary Forum staff only and is accessed via password authentication on the third party website.
Workshops, Training, and the Professional Certification Program Participants
For individuals participating in workshops and training or pursuing the Professional Certification Program, we collect information through online application and registration forms on our website. Data submitted here is stored on our server. Access is limited to Forum staff only via password authentication.
Assignments for the Professional Certification Program are submitted via our third party course management system, Moodle, and can be accessed by necessary Forum staff via password authentication.
Individuals volunteering to participate in a Forum committee or working group or serve as a Forum volunteer in some other capacity (e.g., peer reviewers, Council members, Forum Trained Facilitators, Certification Assessors, sharing best practices, etc.) are asked to submit a form via our website. In addition to contact information, other information may be solicited depending on the nature of the volunteer service. This may include professional qualifications or references. Data submitted here is stored on our server. Access is limited to Forum staff only via password authentication.
Certain types of service to The Forum may require travel, including international travel. Individuals undertaking Forum-sponsored travel may be asked to provide additional personal information for the purposes of booking arrangements and securing travel insurance on their behalf. This information is transmitted by Forum staff to the appropriate third-party affiliate only when necessary.
Grants and Awards Applicants
Individuals applying for travel grants or submitting entries for awards may be asked for additional personal information for the completion of the online form on our website. Data submitted here is stored on our server. Access is limited to Forum staff only via password authentication.
When nominating a third party for an award, please obtain consent from that individual prior to submission and refrain from sharing information of a sensitive nature.
Surveys & Evaluations
We administer a variety of surveys and program evaluations that collect a wide range of data from member institutions/organizations and from individual education abroad professionals. Whenever possible, we avoid collecting personally identifiable information. Still, some surveys require or request personally identifiable information to inform the research efforts. Each Forum survey includes a statement indicating how data will be processed and shared.
The Critical Incident Database (CID)
Submissions of incidents to the CID are collected via the online submission form housed on our website. Information collected includes location and time of incident, nature of incident, number of program individuals affected by the incident, and name of the individual submitting the incident report. The CID does not request personally identifiable information about individuals involved in the incident, but it is possible for field reporters to inadvertently include such information in their incident report notes. All information collected is stored on our server and is only available to Forum staff and to individuals identified as verified users. Field reporters can only see the incident reports they submit. The individual user identified as the CID authority can view all reports submitted by staff at their (and only their) institution or organization.
We ask that field reporters and CID authorities refrain from including personally identifiable information in their report notes.
Member Institutions and Their Representatives
Upon applying for membership or requesting access to our online member benefits, we collect basic data such as name, email, professional title, institutional affiliation, and office phone and mailing address information from staff employed by member institutions and organizations. We collect self-reported institution-level data about institutions and organizations applying to be members at the time of application and regularly thereafter. Data submitted here is stored on our server. Access is limited to Forum staff only via password authentication.
Quality Improvement Program (QUIP)
For member institutions in the QUIP process, we collect institutional information through online application forms on our website. Data submitted here is stored on our server. Access is limited to Forum staff only via password authentication.
The Forum and its staff and third party affiliates at times collect wire transfer or credit card information in order to process payments for events, training, products and services offered by the organization. Information collected through third parties is stored by that third party. Information collected by a Forum staff member is stored on our server. In all cases, this information is only available to necessary Forum staff for limited applications. It is accessible only via password authentication.
Copies of checks for payment received by The Forum are retained for a period of seven years in accordance with laws and regulations governing non-profit financial management and record-keeping. Paper records are shredded and destroyed when the retention period is complete.
To access The Forum’s members-only resources, our technology platform uses your email address and a personally generated password. We do not have access to your password.
We send regular communications to inform you of services available as part of your membership, and to conduct Forum business. You can opt in to communications using the subscription options on various registration and subscription forms. You can opt out of communications by clicking “Unsubscribe” at the end of any message.
Program Evaluation, Research & Development (including the CID)
The Forum uses information collected from evaluations, surveys, and research projects to prepare reports and disseminate the information to the field of education abroad, for marketing purposes, and for internal program evaluation and development purposes. Unless otherwise indicated via explicit consent at the time of submission, The Forum will never share personally identifiable data collected from program evaluations, surveys, or research projects. Demographics and statistics about member institutions/organizations and individuals are always reported in the aggregate. Comments and discursive feedback are fully anonymized unless the commenter gives their permission to be identified.
Conferences and Events
Session, Lunchtime Conversation, and Workshop selection for Forum events is completed via a blind peer review process. Volunteer selection committee members do not receive personally identifiable information, except when individuals submitting proposals include potentially identifiable information in the text of their proposal.
Presenter names, professional affiliations, and biographies are listed in the conference program, on our website, and occasionally featured in other promotional materials. Name, contact information, and professional affiliation collected from all event attendees at the time of registration are shared digitally with exhibitors and sponsors prior to each event and in print on-site at each event and used by The Forum to contact registrants with important information prior to the event. For the Annual Conference, Forum staff also upload this information to our conference app (run by EventMobi) in order to grant attendees access to the app and the content contained there. Attendees can download the app and edit the information contained there at any time.
Following any conference or event, contact information for all attendees is transferred to The Forum’s member database and used by The Forum to inform these individuals of future events and other opportunities.
Public Membership Listing
The names of all institutions/organizations who are Forum members in good standing are listed on our website, along with links to their websites as provided in the membership application.
Professional Certification and Competency Credentials
Submitted assignments are stripped of all identifying information before they are emailed to Certification Assessors for review. Progress towards completion and maintenance of Professional Certification is tracked in a physical file stored at The Forum’s office in Carlisle, Pennsylvania.
Upon completing Competency Credentials or Professional Certification in Education Abroad, individuals are featured on our website and social media and in our weekly e-newsletter. With permission, all individuals achieving these milestones are also listed by name and institutional affiliation on our website and appear in a variety of print materials as outlined by the Professional Development program materials.
Peer Reviewers and members of the Forum Review Panel are given access to institution/organizations’ Self-Studies and supporting documents via a file-sharing service (e.g., Dropbox) during the course of a QUIP review. These documents are shared under a confidentiality and non-disclosure agreement which requires them to maintain the confidentiality of the institution/organization and all individuals involved and to delete and destroy all data provided to them when their term of service to The Forum is complete.
Upon successful completion of the QUIP process, recognized institutions/organizations are featured on our website and social media and in our weekly e-newsletter. All institutions achieving QUIP recognition are also listed by name and logo on our website and appear in a variety of print materials as outlined by the QUIP program materials.
Publications, Resources & Volunteer Recognition
Individuals serving as volunteers, including members of the Board, Council, working groups, and committees, or otherwise contributing to the development of Forum resources or publications are recognized in print and on our website by name and institutional affiliation.
Grants and Awards Selection and Recognition
The nature of Forum grant and award nominations/submissions is such that anonymizing them for review is impossible. Forum affiliates serving on award selection committees are given the information provided by the applicant on the submission form under a confidentiality agreement which requires them not to disclose any of the information they receive to third parties and to delete all copies of all data associated with the project upon completion of their services.
Designated Institutional Representatives will be contacted by The Forum annually using the information provided to vote in the Forum Council elections and occasionally at other times to vote on certain Forum governance issues, e.g., changes to the by-laws or updates to the Standards of Good Practice for Education Abroad.
Financial Information and Refunds
When an individual or organization is due a refund in accordance with our Cancellation and Refund Policies, a Forum staff member will access stored financial data in order to process the refund payment. Records related to payments received may also be reviewed by our contracted external accountant(s) during our annual financial audit.
The Forum may share your information in any other manner to which you consent.
Legal Bases for Using Your Information
The laws in some jurisdictions, e.g., the European Union (EU), require us to tell you about the legal ground we rely on to use, process, or disclose your information. Where those laws apply, our legal grounds are as follows:
- To perform our obligations under a contract with you: For example, to comply with the terms of service of our website, which you accept by browsing and using the website, or when you register for Forum membership or a Forum-sponsored event;
- Consent: Where required by law and in some other cases, we collect and use your information on the basis of your implied or express consent.
- To further our or our partners’ legitimate interests: For example, to provide security for the website, operate the website, comply with legal requirements, and prevent fraud.
The Forum has implemented technology and policies with the goal of protecting your data from unauthorized access and improper use. Information collected directly by members of The Forum staff is kept on computers maintained by Dickinson College Technology Services and stored and secured according to Dickinson College’s security protocols under a contractual agreement between The Forum and Dickinson College.
Where data is made available to individual third parties, i.e., paid or volunteer contractors, for the purposes of completing work on behalf of The Forum, those individuals will be contracted under a Confidentiality Agreement and required to delete and destroy all data provided to them when their term of service to The Forum is complete.
The Forum on Education Abroad is a non-profit membership association based in the U.S. that engages in activities worldwide. In the course of normal business, Forum staff, affiliates, or contractors may access, store, or process personal data you submit to us in countries that do not afford a level of data protection equivalent to the EU. By submitting personal data to us you agree to the export of your data to such countries.
We are currently working on upgrades to our membership database that will make it possible for you to access, update, or delete your individual data through a password protected portal.
In the meantime, requests to change the data we retain on file should be directed to email@example.com.
The EU’s General Data Protection Regulation (GDPR) requires that we explicitly inform you of your rights regarding the data we collect and process from you.
You have the right to do the following:
- Withdraw your consent at any time. You have the right to withdraw consent where you have previously consented to the processing of your personal information.
- Object to processing of your data. You have the right to object to the processing of your information if the processing is carried out on a legal basis other than consent.
- Access your data. You have the right to learn if your information is being processed by us, obtain disclosure regarding certain aspects of the processing, and obtain a copy of the information we have retained.
- Verify and seek rectification. You have the right to verify the accuracy of your data and ask for it to be updated or corrected.
- Restrict the processing of your data. You have the right, under certain circumstances, to restrict the processing of your personal information. In this case, we will not process your data for any purpose other than storing it.
- Have your data deleted or otherwise removed. You have the right, under certain circumstances, to obtain the erasure of your data by The Forum.
- Receive your data and have it transferred to another controller. You have the right to receive your data in a structured, commonly used, and machine readable format and, if technically feasible, to have it transmitted to another controller without any hindrance.
- Lodge a complaint. You have the right to bring a claim before the competent data protection authority.
Any requests to exercise these rights can be directed to The Forum through the contact details provided at the end this document. These requests can be exercised free of charge and will be addressed by The Forum as early as possible and always within one month of receiving the request.
Retention periods vary depending on the nature of the data. The Forum’s policy is to keep data for as long as necessary to fulfill the originally intended purpose. Where practicable (e.g., survey responses) collected data is anonymized for long-term storage and the original identifying information is destroyed.
When The Forum or its representatives are on-site for a program visit, we respect and adhere to local policies including those related to data protection, including the distribution, use and storage of data, the rights of the individual, safeguarding and child protection, as well as statutory governmental policies and practices.
This policy is effective beginning September 5, 2018.
Anyone with questions regarding this policy can contact The Forum at firstname.lastname@example.org.
The Forum on Education Abroad
c/o Dickinson College
P.O. Box 1773
Carlisle, PA, USA 17013
Note: This policy replaces the Data Ownership and Management Policy implemented by The Forum on Education Abroad on October 27, 2015.