FIU Privacy Notice

I.  General Statement

This notice applies to FIU’s official university websites.

The Florida International University (“FIU”) strives to collect only the minimum amount of personal and confidential information necessary to support our students, faculty, staff, visitors, and collaborators, and will take reasonable administrative, technical, and physical measures to protect that information when it is in our possession. With new methods of sharing, processing, and storing all forms of data emerging at unprecedented rates, we put forth a consistent effort to limit the access of data to only those authorized individuals that need this access to carry out their respective job duties.

It is imperative that we all recognize that threats to the privacy and security of individuals’ personal data remain on the rise. FIU has and will continue reasonably and appropriately securing its systems and applications, maintaining policies to properly guide our staff, faculty, students, and others, and investigating all issues involving suspected and actual data-related issues.

II.   Use of Cookies and Similar Technologies

A cookie contains a small amount of visitor and website information stored on an individual’s computer. These files interact with the visitor and the website to provide a webpage tailored to the user through its awareness of information held within the file. Cookies also can carry all, or parts, of the information stored within the file to other websites that the individual may visit or to third parties.

For help and instructions on how to disable the use of cookies, which could negatively impact your web browsing experiences, please visit https://knowcookies.com/manage-cookies/.

At FIU, your personal information will be retained and/or disposed of in accordance with Florida law and FIU’s records management policies and practices.

The following describes the types of cookies FIU may use on our websites.

  • Required or Strictly Necessary Cookies are essential to enable you to navigate our websites, interact with the content, and use the Without these cookies, services you may ask for, such as registering for an account, cannot be provided.
  • Functionality Cookies allow our websites to remember choices you make and provide more personal For instance, a functional cookie can be used to remember the volume level you prefer to use when watching videos on our websites. The information these cookies collect may be anonymized and they cannot track your browsing activity on other websites.
  • Social Media Cookies may be set by third parties, such as YouTube and X, to collect information about your social media experience.
  • Analytics Cookies collect information about how visitors use our websites, for instance which pages visitors go to most often or how long they spend on a particular page. This information is used to improve our websites and to aid us in investigating problems raised by visitors. Analytics cookies do not collect information that identifies a visitor; they are utilized to assess patterns of usage, rather than the behavior of a single person.
  • Targeting/Advertising Cookies are employed by dedicated partners and platforms to advertise on our behalf. Affiliate tracking cookies simply allow us to see what external site/experiences connect you to We use these cookies to make advertising more engaging and relevant to you and to avoid showing ads you’ve already seen. These cookies anonymously collect information about your browsing habits to help us produce better content and more dynamic web interactions.

If you have questions about our use of cookies and similar technologies, please feel free to contact FIU’s Data Protection Officer (security@fiu.edu).

III.   Electronic Mail (E-Mail) Communications

Under Florida law, most emails sent to FIU are considered public record. If you do not want your email address released in response to a public records request, do not send email to FIU. Instead, contact the office you wish to reach by phone or in person as appropriate.

IV.   Student Rights to Privacy

The Family Educational Rights and Privacy Act (“FERPA”) (20 U.S.C. § 1232g; 34 CFR Part 99) is a United States federal law that protects the privacy of student education records. The law applies to all schools that receive funds under an applicable program of the United States Department of Education.

FERPA gives parents certain rights, e.g., right of inspection or correction of their children’s education records. These rights transfer to the student when he or she reaches the age of 18 or attends a school beyond the high school level. Students to whom the rights have transferred are “eligible students.”

Generally, FIU must have written permission from the parent or eligible student in order to release any information from a student’s education record. However, FERPA allows schools to disclose those records, without consent, to certain parties or under the specified conditions stated in 34 CFR § 99.31.

FIU may also disclose, without consent, information considered to be “directory” information.

If you are a student who would like to suppress the display of your directory information, you can find information about how on the website here:

 Learn more about FERPA protections at FIU.

V.  Health Insurance Portability and Accountability Act

The Florida International University (FIU) has designated itself as a hybrid “covered entity” under the Health Insurance Portability and Accountability Act of 1996 (HIPAA). This means that certain units within the university are required to comply with HIPAA regulations to protect the privacy and security of protected health information (PHI).

This Privacy Notice shares the university’s privacy and security practices, which meet HIPAA requirements. As part of our commitment, we:

  • Use reasonable and appropriate safeguards to keep your PHI private and confidential;
  • Notify you, in accordance with HIPAA guidelines, if we become aware of any unauthorized access to your PHI;
  • Inform you about how we use and disclose your PHI;
  • Provide you with timely and reasonable access to your PHI and accommodate any reasonable requests for amendments.

FIU may de-identify PHI in accordance with HIPAA standards, combine it with other de-identified patient data, and use the aggregated information for population-based research and analytics. In most cases, written authorization or consent is not required for purposes such as treatment, payment, health care operations, or determining benefits eligibility. When required, authorization for the use or disclosure of PHI is obtained in compliance with HIPAA standards. Once disclosed in accordance with HIPAA requirements, PHI may be re-disclosed and may no longer be protected under U.S. privacy laws.

 Learn more about your rights under HIPAA.

VI.   Children’s Online Privacy Protection

FIU does not knowingly collect personal information from children under the age of 13. If you are under the age of 13, you are not permitted to use this website. If you are a minor between the ages of 13 and 18, you may only use the site under the supervision of your parent, legal guardian, or another responsible adult. We impose these age restrictions to ensure compliance with the Children’s Online Privacy Protection Act (COPPA). For details see 15 U.S.C. §§ 6501–6506 (Pub.L. 105–277, 112 Stat. 2681-728, enacted October 21,

1998.)

VII.   Use of Third Party Services

FIU does not sell your personal information, yet we may share that information with third party service providers for the purposes of communicating with you regarding our educational programs and services or to facilitate improvement of our services, our websites and our marketing efforts, or to help us provide services to the university community (e.g., software/information technology providers). With your consent, some university departments may contact you using text messaging (SMS).

Some pages within the FIU website may contain content that is provided by external third parties (graphics, logos, scripts, or similar). When you visit one of our pages that contains this third-party content, information such as IP address, date, browser, and device type, and requested page may be transmitted to that third party. Some pages may contain links to external third parties in order to provide services or products to you. FIU is not responsible for the privacy practices of these external third parties. While we request these third parties protect your information, we do not make any representations about their practices and policies. These third parties are not subject to this Privacy Notice, and they may change their practices over time.

VIII.    Individual Rights under the GDPR and Similar Laws

FIU is based in the State of Florida within the United States of America (U.S.), operates primarily in Florida, with its primary place of business in Florida. The administration of FIU is based in Miami-Dade County, Florida, and that is FIU’s home venue. Thus, FIU follows U.S. and Florida laws, as well as FIU regulations and policies.

However, there are occasions when a particular foreign law may apply to FIU, such as the General Data Protection Regulation (GDPR).

The GDPR applies to any natural person who is located within the European Economic Area (EEA) regardless of citizenship or permanent residency.

The GDPR applies to entities wholly located outside of the EEA if:

  • they process personal data of anyone located within the EEA, or
  • offer goods and services or monitor behavior in the EEA, or
  • transmit personal information to the EU established processor for any For example: cloud server, payroll processor, or vendor. GDPR applies to all different types of entities.

Although FIU may be subject to a foreign law (e.g., GDPR) under limited circumstances, if there is any conflict between such foreign law and any U.S. or Florida law, as a state entity of the State of Florida, FIU will resolve that conflict in favor of U.S. and Florida law.

FIU will only process personal data when permitted by applicable law, including the GDPR when it applies. FIU most commonly processes personal data under the following lawful bases:

  • Consent – You have given FIU clear and informed consent.
  • Contractual necessity – Processing is required to fulfill FIU’s obligations to you (e.g., employment, enrollment, or other contractual relationships).
  • Legal obligation – Processing is necessary for FIU to comply with federal, state, or local laws (e.g., crime prevention, financial regulations, reporting requirements).
  • Legitimate interests – Processing is necessary for FIU’s legitimate interests or those of a third party, provided your rights and freedoms do not override those interests.
  • Vital interests – Processing is necessary to protect your life or the life of another person.
  • Public interest / official authority – Processing is necessary for FIU to perform a task carried out in the public interest or in the exercise of official authority.

FIU may process special‑category personal data (e.g., racial or ethnic origin, political opinions, religious or philosophical beliefs, trade‑union membership, genetic data, biometric data, health information, or data concerning a person’s sex life or sexual orientation) only when a lawful basis exists and one of the following additional GDPR conditions applies:

  • Explicit consent
  • Employment or enrollment obligations
  • Vital interests
  • Not‑for‑profit activities
  • Publicly disclosed data
  • Legal claims
  • Substantial public interest
  • Healthcare purposes
  • Public‑health purposes
  • Archiving, scientific research, or statistical purposes.

FIU will use personal data only for the purposes for which it was collected unless FIU reasonably determines that it must be used for another purpose that is compatible with the original purpose. If FIU needs to use your personal data for an unrelated purpose, FIU will notify you and explain the legal basis for doing so.

FIU may process personal data without your knowledge or consent when permitted or required by law.

GDPR grants covered data subjects certain rights, including access, rectification, erasure, restriction of processing, objection, data portability, and the right to opt out of marketing communications. FIU will honor such rights to the extent required and to the extent they do not conflict with U.S. or Florida law. As a public entity of the State of Florida, FIU must comply with applicable U.S. and Florida legal requirements. If a GDPR right conflicts with FIU’s legal obligations under U.S. or Florida law, such as mandatory record retention, FIU will follow U.S. and Florida law.

Any individual who wishes to exercise any of the aforementioned rights may do so by contacting the FIU Data Protection Officer as mentioned below.

IX.   Personal Data Transfers To/From Countries Outside the USA

FIU is a metropolitan research university located in the U.S. In order to provide you with the services and otherwise fulfill our obligations to you, it is necessary for your personal data to be transferred to, and processed within, the U.S. Data protection laws differ around the world and the U.S. may not provide the same level of protection for personal data as your jurisdiction of residence.

X.   Digital Millennium Copyright Act (DMCA)

The agent designated by FIU to receive and act on copyright violations under the DMCA can be reached by sending an email to dmcaagent@FIU.edu.

 Learn more about the Digital Millennium Copyright Act.

XI.   FIU Mobile App Use of Location Services

The FIU Mobile app uses either the device’s geographical coordinates (latitude and longitude) or its proximity to a specific Bluetooth beacon to determine if a push notification should be sent to the device or user. In all cases, location information or Bluetooth beacon proximity is solely used to determine if a push notification should occur. That information is never used for any other purpose, nor is it retained beyond its use.

XII.    Questions / More Info

If you have questions or requests involving your data privacy or similar, please contact us via postal or email:

Data Protection Officer

Division of Information Technology 11200 SW 8 ST, Miami, FL 33199

P: (305) 348-3591

 Security@fiu.edu

XIII.    Updates to this Privacy Notice

Updates to this Privacy Notice occur periodically; this page was last updated January 15, 2026 (v1.0)