Privacy Policy
The Council of International Schools (CIS) collects a variety of data about institutions and individuals in line with our mission to shape the future of international education and we carefully consider what information is necessary to achieve this aim. We respect your privacy and have implemented technology and procedures with the objective of protecting your data from unauthorised access and improper use. If you have questions about this policy, email us at info@cois.org.
This policy covers the following topics:
- What information does CIS collect?
- How does CIS use and share your information?
- How does CIS store and secure your information?
- How can you access and control your information?
- How long does CIS keep your data?
- Other important information
What information does CIS collect?
We collect a variety of data on an institutional and individual level to provide you with services and information.
Accreditation Volunteer Evaluators
We collect information to review and assess your qualifications to participate in our accreditation process as an evaluator in a school. For instance, areas of expertise, previous accreditation experience, employment history, education history, professional development courses and criminal background checks.
School and University Contacts
We collect basic data such as name, email and institutional affiliation from staff employed by member schools and universities.
Students
We collect student data through event registration (e.g., university fairs and recruitment tours) and online forms to connect high school students with universities. For instance, graduation date and student interests such as degree programmes, majors and locations.
Surveys
We administer a variety of surveys that collect a wide range of data from school and university staff, students, parents, board members and alumni. Some surveys collect personally identifiable information while others only collect demographic data. Student surveys are administered with explicit permission from schools. Each CIS survey includes a statement indicating how data will be processed and shared.
Schools and Universities
We collect self-reported institution-level data from member schools and universities through the CIS Portals. For schools in the membership and accreditation process, we collect additional institutional information through a password protected CIS Reporting Tool.
Public Website (www.cois.org)
We use cookies to learn more about the way you interact with our content and to help us to improve your experience when visiting our website. Cookies remember the type of browser you use and which additional browser software you have installed. They also remember your preferences, such as language and region, which become your default settings when you revisit the website. Some of the cookies we use are session cookies which last only until you close your browser; others are persistent cookies which are stored on your computer.
We will not use cookies to collect personally identifiable information about you. However, you can choose to reject or block the cookies set by CIS or the websites of any of our third-party suppliers by changing your browser settings. Note that most browsers automatically accept cookies, so if you do not wish cookies to be used, you may need to actively delete or block the cookies.
Some of the functions within our website link to third-party suppliers, for example, when you visit a page with videos embedded from or links to YouTube. These videos or links (and any other content from third party suppliers) may contain third party cookies. You can consult the policies of these third-party websites for information regarding their use of cookies.
How does CIS use and share your information?
We will follow the terms of this privacy policy. Your personally identifiable information will not be disclosed without your permission unless we are legally entitled or required to do so, such as by a legal process or to prevent fraud or another crime or if we believe that such action is necessary to protect and/or defend our rights, property or personal safety and/or those of our users/members or other individuals. We do not sell information to third parties.
CIS Community Portals
To access the CIS portals, our technology platform uses your email to grant access. The data is stored in Salesforce and Microsoft platforms which are both hosted on servers in the EU. If your organisation uses Microsoft technology a trust relationship will be established with our systems. In this case your organisation's identity provider is consulted based on your email address to provide access. In all other situations your email address is used to send you a personally generated login code.
Student Recruitment
High school guidance counsellor and university admission officer contact information is shared through the CIS School and University Portals so counsellors and university admission officers can connect regarding student recruitment and university admission.
Students
We collect student data through event registration (e.g., university fairs and recruitment tours) and online forms to connect high school students with universities. If you have opted-in to the University Connection Registry, CIS member universities will have access to your personal data and may contact you regarding global study options.
Accreditation
Schools complete accreditation reports and provide evidence to demonstrate alignment with CIS accreditation standards. To evaluate schools and make accreditation decisions, we assess this information and share it with volunteer evaluators assigned to a school. The CIS membership directory specifies whether a school is accredited by CIS but does not provide any information related to an accreditation decision.
We use data submitted by accreditation evaluator applicants to determine their suitability to participate in our accreditation process as an evaluator in a school and to place approved evaluators on accreditation teams based on qualifications, expertise and geographic location.
Events
We may use an event app or share materials to promote networking at our events. If you are registered to attend an event, your name, email and school will be shared with other participants attending the event.
Public Membership Directory
Some institution-level data about your school or university is shared through the CIS public membership directory. The primary purpose of the membership directory is to help potential students and families identify CIS member schools and universities they may be interested in attending. Additionally, individuals seeking new employment opportunities may use this directory to learn more about your institution.
Communications
We send regular communications to inform you of services available as part of your membership, and to conduct CIS association business as noted in the membership agreement. You can manage your email preferences to opt in and out of specific communications according to your interests. This option can be found at the end of each communication under Manage your preferences.
Research and Development
Institution-level data about your school or university can be viewed and edited by anyone employed at your institution who has access to the CIS School or University Portals. The data you provide about your school or university is used to create data dashboards, which are available to member institutions through the CIS Portal. These dashboards can be used by leaders to identify trends and set benchmarks. Research and development staff also review accreditation reports and a variety of CIS surveys to identify trends.
How does CIS store and secure information?
We have implemented technology and policies with the objective of protecting your data from unauthorised access and improper use and will update these measures as new technology becomes available. We work with several data processors to deliver services to members. These processors include, but are not limited to, customer data management, event registration, online reporting and payment processors. For each data processor, we carefully review and monitor the vendor’s privacy policy and data security measures to ensure they uphold our high standards. These data processors will not use your personal information for any purpose other than what we have agreed with them.
Data we collect will (occasionally) be transferred to selected third parties, which may be located outside of the European Union as part of the services offered to you. For example, some of our servers and service providers are in a country outside of the EU.
CIS is a non-governmental membership association (NGO) that engages in activities worldwide. CIS staff, affiliates or contractors may access, store or process personal data you submit to us in countries that do not afford a level of data protection equivalent to the EU. By submitting personal data to us you irrevocably agree to the export of your data to such countries.
How can you access and control your information?
If you are employed by a CIS member school or university, we use our password protected community portals to provide access to your individual data. You can login to the CIS Portal to update your information.
School and University Contacts
You can access and edit most of your information through the CIS Portals by clicking on your name in the top-right corner and then “My Profile” and “My Settings”. If you are no longer representing your school or university and would like us to delete some or all the personal information we have about you, email info@cois.org.
Accreditation Volunteer Evaluators
You can access, review and update your personal information by logging on to the password-protected CIS Educator Portal and editing My Portfolio.
Accreditation
Basic information about a school’s accreditation cycle can be accessed through the CIS School Portal. Accreditation reports are available through the CIS Reporting Platform. User access to this platform is controlled by the school. If you are a Head of School and would like to request historical accreditation outcomes, email accreditation@cois.org.
Students
If you would like to opt-out of the University Connection Registry or modify information that you previously submitted, email highereducation@cois.org.
GDPR Rights
Information about the European General Data Protection Regulation (GDPR) can be found here. GDPR outlines six rights for individuals in relation to their data. If you would like to exercise one of these rights, the actions you can take are listed below.
We will respond to all requests within 30 days, however it may take longer to fulfill your request. If you are unsatisfied with how we handle your request you can contact your local data authority.
- Right to Access: You can access most of the data we have about you through the CIS Portals. If you would like a complete report on what personal information we have about you, email info@cois.org.
- Right to Rectification: We strive to keep records accurate. If you would like to modify an inaccurate record, in most cases you can edit the data yourself through the CIS Portals. In all other cases, contact us at info@cois.org.
- Right to Data Portability: If you would like a copy of your personal data to transfer to a new system, email info@cois.org.
- Right to Object: You can object to our processing your data in certain circumstances. Email info@cois.org with more information about your request and reason for objecting.
- Right to Restrict Use: You can request that we restrict the processing of your data in certain circumstances. Email info@cois.org with more information about your request and reason for objecting.
- Right to Erasure: You can request that we delete your data in some circumstances. Email info@cois.org with more information about your request.
How long does CIS keep data?
Retention periods vary depending on the category of data. Our policy is to keep data for as long as necessary to fulfill the originally intended purpose.
Other important information
School Visits
During a school visit, we respect and adhere to local school policies including those related to data protection, including the distribution, use and storage of data, the rights of the individual, safeguarding and child protection, as well as statutory governmental policies and practices.
Changes to Privacy Policy
From time to time we may make changes to this privacy policy. If we make any substantial changes to this privacy policy and the way in which we use your personal data, we will post the changes on this page and will do our best to notify you of any significant changes. Check our privacy policy on a regular basis.