Impact Image

Privacy Policy

Privacy Notice

We know that your privacy is very important to you. Lincoln Memorial University recognizes the concerns of individuals regarding privacy and online data collection. We strive to respect and protect the privacy expectations of our website visitors. Most websites collect some information regarding visitors. Types of information collected are wide‐ranging, and are collected both passively (by the web servers that host the websites) and actively (via user input through forms, surveys, etc.). Some of the information collected allows site owners to determine who a particular visitor is and to track their behavior within and across a website domain. However, most of the information collected cannot identify you as a particular individual and is only collected in aggregate. Websites within the Lincoln Memorial University website domain, likewise collect information regarding site visitors. This statement outlines the types of information (data) collected, our methods for collecting data, and the reasons we collect data.


    The following are examples of information that may be collected in aggregate to provide communications staff, site owners, content managers, designers, and IT specialists insight into visitor behavior for the purpose of improving university websites and access to university informaiton.

    • The Internet Protocol (IP) address of the computer and name of the Internet domain used to access the Internet;
    • IP addresses of websites linking directly to sites within the domain;
    • The date and time a site was accessed within the domain;
    • Pages visited ("requested") during this session;
    • Web browser and operating system used to access a site within the domain;
    • Device used to access a site within the domain;

    Lincoln Memorial University websites commonly use one of the following methods to collect this data:


    Cookies are files that many websites transfer to users' web browsers to enable the site to deliver personalized services or to provide persistent authentication. The information contained in a cookie typically includes information collected automatically by the web server and/or information provided voluntarily by the user. Our website uses persistent cookies in conjunction with a third party technology partner to analyze search engine usage and web traffic patterns. This information is used in the aggregate to monitor and enhance our web pages. It is not used to track the usage patterns of individual users. Users may set preferences regarding the storage of cookies within their individual web browsers, which can also be used to remove stored cookies.


    Many websites within the domain use Google Analytics to collect visitor data in aggregate. This data is also collected using cookies set by Google. See Google’s privacy and terms with regard to partner sites for more info: Lincoln Memorial University may also transmit non‐Personally identifiable information (NPII) collected by third‐party tracking services (cookies) to other third parties (e.g. Facebook) so that you may see messages from the university when you visit other websites outside of the domain. Users can opt‐out of the collection and use of information for ad targeting by blocking third party cookies and tracking mechanisms via browser or operating system settings, browser plugins, or using a service such as or


    All web servers collect very basic visitor informaiton to monitor site usage and performance.


    LMU is an institution of higher education involved in education, research, and public service. In order for LMU to educate its students both in class and on‐line, engage in research, and provide public service, it is essential, necessary, and LMU has lawful bases to collect, process, use, and maintain data of its students, employees, applicants, research subjects, and others involved in its educational, research, and public service programs. The lawful bases include, without limitation, admission, registration, delivery of classroom, on‐line, and study abroad education, grades, communications, employment, applied research, development, program analysis for improvements, and records retention.

    Examples of data that LMU may need to collect in connection with these lawful bases are: name, email address, IP address, physical address or other location identifier, photos, as well as some sensitive personal data obtained with prior consent.

    Most of LMU’s collection and processing of personal data will fall under the following categories:

    • Processing which is necessary for the purposes of the legitimate interests pursued by LMU or third parties in providing education, employment, research and development, and public service.
    • Processing which is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract.
    • Processing which is necessary for compliance with a legal obligation to which LMU is subject.  
    • Processing for which the data subject has given consent for LMU to use his or her personal data for one or more specific purposes.

    There will be some instances where the collection and processing of personal data will be pursuant to other lawful bases.


    The Lincoln Memorial University (“LMU”) may be a data “controller” or “processor” with regard to certain activities as defined under the European Union’s General Data Protection Regulation (“EU GDPR”). LMU is committed to protecting the rights of individuals in compliance with the GDPR.


    LMU Data Protection Officers:

    LMU Harrogate: Jason McConnell CIO

    LMU Harrogate: Debra Moyers CDO

    These Data Protection Officers can be contacted at


    LMU collects a variety of personal data to meet one of its lawful bases, as referenced above. Most often the data is used for academic admissions, enrollment, educational programs, job hiring, provision of medical services, participation in research, development, and public service. Data typically includes name, address, transcripts, work history, information for payroll, research subject information, medical and health information (for student health services, or travel), and donations. If you have specific questions regarding the collection and use of your personal data, please contact the Data Protection Officer for the applicable LMU campus or institute as identified herein. If a data subject refuses to provide personal data that is required by LMU in connection with one of LMU’s lawful bases to collect such personal data, such refusal may make it impossible for LMU to provide education, employment, research, or other requested services.


    LMU receives personal data from multiple sources. Most often, LMU gets this data directly from the data subject or under the direction of the data subject who has provided it to a third party (for example, application for admission to LMU through use of the Common App).


    If you are an individual data subject under the GDPR, you may obtain the following information and exercise the following rights:

    • the identity and the contact details of the controller and, where applicable, the controller’s representative;
    • the contact details of LMU’s Data Protection Officers;
    • an explanation of the purposes and legal bases/legitimate interests of the data collection/processing;
    • the identification of the recipients of the personal data;
    • notice if LMU intends to transfer personal data to another country or international organization;
    • notice of the time period that the personal data will be stored;
    • the right to access personal data, rectify incorrect personal data, erase personal data, restrict or object to processing, and the right to data portability;
    • the right to withdraw consent at any time, if processing is based on consent;
    • the right to lodge a complaint with a supervisory authority (established in the EU);
    • an explanation of why the personal data are required, and possible consequences of the failure to provide the data;
    • notice of the existence of automated decision‐making, including profiling; and
    • notice if the collected data are going to be further processed for a purpose other than that for which it was collected.

    Any data subject who wishes to exercise any of the above‐mentioned rights may do so by submitting such request to the Data Protection Officer for the applicable LMU campus or institute as identified herein.


    LMU is committed to ensuring the security of your information. We have put in place reasonable physical, technical, and administrative safeguards designed to prevent unauthorized access to or use of the information collected online. All personal data collected or processed by LMU under the scope of the GDPR will comply with the security controls and systems and process requirements and standards as set forth in LMU’s Information Technology Policies, which are available at


    LMU will not share your information with third parties except:

    • as necessary to meet one of LMU’s lawful purposes, including but not limited to:
    • its legitimate interest,
      • contract compliance,
      • pursuant to consent provided by you,
      • as required by law;
    • as necessary to protect LMU’s interests; or
    • with service providers acting on our behalf who have agreed to protect the confidentiality of the data.

    LMU keeps the data it collects for the time periods as required by law.