Third Party Data Collection Policy

This policy governs each website, mobile site, application, and/or other service, regardless of how distributed, transmitted, published, or broadcast (each, a “Service”) provided by New York Institute of Technology, and/or affiliates (“we,” “us,” or “our”) that links to this policy, which is binding on all those who access, visit and/or use the Service, whether acting as an individual or on behalf of an entity, including without limitation advertisers, creative and media buying agencies, analytics companies, survey/research vendors, widget providers, and other service providers, and all persons, entities, or digital engines of any kind that harvest, crawl, index, scrape, spider, or mine digital content by an automated or manual process or otherwise (collectively, “you” or “your”). This policy shall apply equally to all of your vendors, service providers, subcontractors, partners, agents, representatives, and any other third parties acting on your behalf.

This policy governs all data collected or received from the Service, whether collected or received via an advertising unit, widget, pixel tag, cookie, clear gif, HTML, web beacon, script, or other data collection process, including without limitation “clickstream” or “traffic pattern” data, or data that otherwise relates to usage of the Service, user behavior, and/or analytics (collectively, “Data”).

Please read this policy carefully, together with our website Terms and Conditions and Privacy Statement. The placement of your advertising on the Service, or your collection of Data, access, visitation and/or use of the Service constitutes your agreement to this policy as well as our website Terms and Conditions and Privacy Statement.

This policy may be modified from time to time; the date of the most recent revisions will appear on this page so check back often. Continued access of the Service by you will constitute your acceptance of any changes or revisions to the policy.

You will not collect or use, or direct, authorize or assist other persons or entities to collect or use, any Data, nor will you access or place any code, or direct, authorize or assist other persons or entities to access or place any code, on the computer or device operated by a user of the Service, including without limitation via actions such as cookie synching, without our prior express written permission in each instance. As used throughout this policy, “Code” shall mean all pixel tags, cookies, clear gif, HTML, web beacon, scripts, and all other tracking technologies.

Without limiting the generality of the foregoing: (a) no Data may be collected, used or transferred for purposes of retargeting, behavioral remarketing, or targeting any advertisements, segment categorization or any form of syndication which is related to any Service, its content, or its users without our Webmaster’s prior express written permission in each instance; and (b) you may not place any code that collects Data or tracks user activity on any Service without our Webmaster’s prior express written permission in each instance.

All Data collected is and will continue to be anonymous or you will immediately anonymize such Data. You will not deliberately collect Data that is “personally identifiable” according to any applicable law, regulation, or agreement to which you are a party without our written consent, and to the extent such Data is accidentally collected, you will immediately discard such Data. Without limiting the generality of the foregoing, you do not and will not aggregate Data collected into databases or engage in any other process that would result in the collation or organization of the Data such that the Data in such combined form would provide sufficient detail to enable the identification of individual users even if such Data was originally collected anonymously.

All Data is and will continue to be our exclusive property. You may only use the Data in accordance with the project or scope of work set forth in the agreement between us and you, subject to applicable confidentiality provisions, and must be destroyed by you upon completion of the project.

Without limiting the generality of the foregoing, you will not use, resell or otherwise distribute Data: (a) to retarget users outside of our Service, in a manner that competes with our services or business (including, by way of example and not limitation, by claiming to provide Data that identifies our users or users that “look like,” or share characteristics of our users, without necessarily tagging them on the Service), or (b) as Data about, originating from or otherwise related to us, our customers, or the Service, and shall not label, denote or refer to in any manner the Data as having been derived from us or the Service, whether or not such Data contains any personally identifiable information.

Specific guidelines applicable to Code on the Service:

  • Code must be submitted to us for written approval prior to deployment and may not be implemented on the back end of the rich media tag;
  • all Code must contain a functioning expiration date, which occurs after the time of placement;
  • unless we approve a later expiration date in writing, all Code must expire no later than 24 months after the date on which the Code is stored; and
  • the supplier of the Code should, upon request, supply us with a link to the applicable Privacy Statement, which must contain clear instructions on the process to opt-out of the services controlled by that Code.

Specific guidelines applicable to pixel tags on the Service:

  • Pixel tags may not be used in non-standard IAB, OPA, added value, or remnant online advertising units;
  • pixel tags may not perceptibly increase the overall page latency during loading;
  • pixel tags must be able to support 4000 requests per second with 100 milliseconds or less Time to First Byte response;
  • pixel tags can only load after the native content itself loads using a “polite download” technique; and
  • pixel tags may only trigger a single DNS lookup.

You may not use Flash cookies, HTML5 storage, or any forms of locally stored objects on the computer or device operated by a user of the Service without our Webmaster’s prior written consent.

JavaScript file may not exceed 1K in size per page or URL.

Redirects are not permitted. Only direct requests can be made.

You will not block or otherwise limit delivery of content for any reason related to impression guarantees, verification or other targeting, without our express prior written permission in each instance.

We (and our representatives) shall have the right to inspect, review, and examine your policies, procedures, practices, records, and systems to verify compliance with this policy, provided that such inspection and review is conducted during reasonable business hours with no less than five (5) business days' prior notice.

You do and will employ up-to-date, industry recognized “best practices” with respect to technology and procedures to prevent and detect theft, piracy, leakage, unauthorized access, copying, duplication or distribution of all Data.

You will notify us of any breaches of security in connection with Data as soon as practicable, but no later than one (1) week of discovery of such incident.

Without limiting any of the foregoing, you hereby represent and warrant that you do and will comply with all applicable international and U.S. federal, state, and local laws, rules, regulations, legal orders or decrees and similar promulgations in connection with your collection, use, and distribution of Data, including without limitation COPPA, the EU ePrivacy Directive, GDPR and FTC guidelines, as well as laws or regulations limiting the types of Data that can be collected (e.g., health information, credit scores etc.).

You will provide a meaningful opportunity for users to opt-out from Data collection and targeting by you and your affiliates and customers.

You will comply with the Self-Regulatory Principles for Online Behavioral Advertising as promulgated by the Digital Advertising Alliance (“DAA”), which is explained in detail at, to the extent such principles, or part thereof, are applicable to your activities in connection with the Service.

You will not grant access to Data to any third party except a) on a need to know basis in order to provide specific services to you in fulfillment of your services to NYIT; b) after conducting a reasonable investigation of such third party; and c) upon entering a written agreement with such third party which contains obligations which are at least as restrictive as the foregoing.

Our failure to object to your action or inaction, or our prior express written permission, in any instance does not and may not be deemed to constitute our opinion that such action or action is in compliance with, or brings you into compliance with, this policy or any applicable law, rule, regulation, legal order, or decree, and does not in any circumstance relieve you of your obligations to comply in all respects with this policy.

This Policy was last updated on February 20, 2018.