All personal contact information sent through our website is secure and only accessible by authorized BFA personnel. You may contact us for a full disclosure and/or requests to delete all personal data in accordance with the EU General Data Protection Regulations.
Data Protection Officer
What types of personal information do we store?
The main BFA website (bfacademy.de or bfacademycom.wpengine.com), hereafter referred to as “BFA”, collects basic contact information for users in our system including name, title, telephone number, e-mail address, school contact, interests related to our services, event registrations, student application information, fee request information and staff inquires through CATS (catsone.com). We also collect basic information about the hardware used to access our websites and store it as a cookie including the IP address, screen dimensions and operating system of the terminal used.
Where is personal information stored?
BFA uses several online platforms, each for a specific purpose.
- Our main website at bfacademy.de (or bfacademycom.wpengine.com). Data is stored in a secure database. This is the primary location for all user information.
Why is this personal information collected?
BFA collects data for any or all of the following reasons:
- To communicate effectively with our constituency about our services, events and opportunities.
- To personalize your user experience and to allow us to deliver the type of content and product offerings in which you are most interested.
- To continue to grow a community of people with invested interest in the work of Christian schools here in Europe and around the world and to encourage fellowship, partnerships, personal commitment and prayer for this work.
- To quickly process data and event or student registrations with saved information.
How long will personal data be on file with BFA?
We collect information in our online databases from current students, alumni, and those who initiate contact with us and are interested in our services. For this reason, we only delete data records at the personal request of an individual or when we determine that the individual is no longer interested in our services. Personal data associated with browsing our website collected through cookies is deleted on a rolling 12-month cycle.
How can I get a full report of the data BFA has about me?
A report can be requested but currently this may take up to 30 days to process because of limited resources. Please see the list at the top of this document for an idea of what data we may have on file.
How can I edit my personal data or delete all my personal data on file with BFA?
An option to edit your personal data from the related system. Deleting all your personal data is possible with a request through our Contact Form
How does BFA protect user information?
Our website is scanned on a regular basis for security holes and known vulnerabilities in order to make your visit to our site as safe as possible.
Your personal information is contained behind secured networks and is only accessible by a limited number of persons who have special access rights to such systems, and are required to keep the information confidential. In addition, all sensitive information you supply is encrypted via Secure Socket Layer (SSL) technology. All financial transactions made outside of our website are processed through a gateway provider (e.g. wise.com
) and are not stored or processed on our servers.
Does BFA use ‘cookies’?
You can choose to have your computer warn you each time a cookie is being sent, or you can choose to turn off all cookies. You do this through your browser (like Chrome – we know you’re not using Internet Explorer…right?) settings. Each browser is a little different, so look at your browser’s Help menu to learn the correct way to modify your cookies. If you disable cookies: Disabling cookies will turn off some of the features that make your site experience more efficient and some of our services may not function properly.
Third Party Disclosure
We do not sell, trade, or otherwise transfer to outside parties your personally identifiable information unless we provide you with advance notice. This does not include website hosting partners and other parties who assist us in operating our website, conducting our business, or servicing you, so long as those parties agree to keep this information confidential. We may also release your information when we believe release is appropriate to comply with the law, enforce our site policies, or protect ours or others’ rights, property, or safety.
Third party links
Occasionally, at our discretion, we may link to third party products or services on our website. These third party sites have separate and independent privacy policies. We therefore have no responsibility or liability for the content and activities of these linked sites. Nonetheless, we seek to protect the integrity of our site and welcome any feedback about these sites.
COPPA (Children Online Privacy Protection Act)
When it comes to the collection of personal information from children under 13, the Children’s Online Privacy Protection Act (COPPA) puts parents in control. The Federal Trade Commission, the United States’ consumer protection agency, enforces the COPPA Rule, which spells out what operators of websites and online services must do to protect children’s privacy and safety online. We do not market to children under 13.
Fair Information Practices
Should a data breach occur, we will notify the users via email within 2 business days.
We also agree to the individual redress principle, which requires that individuals have a right to pursue legally enforceable rights against data collectors and processors who fail to adhere to the law. This principle requires not only that individuals have enforceable rights against data users, but also that individuals have recourse to courts or a government agency to investigate and/or prosecute non-compliance by data processors.
CAN SPAM Act
The CAN-SPAM Act is a law that sets the rules for commercial email, establishes requirements for commercial messages, gives recipients the right to have emails stopped from being sent to them, and spells out tough penalties for violations.
To be in accordance with CANSPAM we agree to the following:
- NOT use false, or misleading subjects or email addresses
- Identify the message as an advertisement in some reasonable way
- Include the physical address of our business or site headquarters
- Monitor third party email marketing services for compliance, if one is used.
- Honor opt-out/unsubscribe requests quickly
- Allow users to unsubscribe by using the link at the bottom of emails or requesting this by email
If at any time you would like to unsubscribe from receiving future emails, you can email us at email@example.com
. Follow the instructions at the bottom of the email or simply send ‘remove’ in an email subject line and we will promptly remove you from ALL promotional correspondence.
The BFA campus is monitored with video surveillance to help protect the wellbeing of our students, staff, and guests. Visible signage is in place around campus. Data is deleted after a two-week storage period. Footage is not released to third parties, with the exception of criminal activity that may be recorded, which would in such cases be passed along to the appropriate authorities and held as long as they deem necessary.