General Data Protection Regulation Compliance

What is the GDPR?

The EU General Data Protection Regulation (GDPR) replaces the Data Protection Directive 95/46/EC and was designed to harmonize data privacy laws across Europe, to protect and empower all EU citizens’ data privacy and to reshape the way organizations across the region approach data privacy. The key articles of the GDPR, as well as information on its business impact, can be found at the EU General Data Protection Regulation website.

The information on this page provides information regarding the ways in which Mississippi State University has addressed the GDPR for its students, employees and alumni who might be protected by the regulation.

Should you need additional information, please contact GDPRhelp@msstate.edu.


GDPR Notice for University Employees

The European Union’s General Data Protection Regulation (“GDPR”) and other countries’ privacy laws provide certain rights for data subjects concerning the use of personal information. This page provides a summary concerning the use of personal information you provide to Mississippi State University (“University”) while you are in the European Union (“EU”) in connection with your employment by the University.

‘Personal information’ means any information which relates to or identifies you as an individual.
When you applied for employment by the University you were told how the University would use your personal information during the hiring process and for related purposes (GDPR Notice for Job Applicants). You were referred to this webpage for a more complete statement of the uses we would make of your personal information if you became an employee of the University. In addition to the information published here, when you use specific services and facilities offered by the University, you may be told about other uses of your personal information. For example, there are separate privacy notices for users of University websites.
The information published here applies to the use, sharing and disclosure of your personal information by the University. The University is based in the United States and any personal information we collect from you may be transferred out of the European Union and processed and maintained in the United States.

The University will keep a record of the information you provided on your employment application form, any supporting documents requested and additional information provided by any references or during any interview process. We will maintain various administrative and financial records about your employment at the University, and about your use of the academic and non-academic facilities and services that we offer. Where relevant, we may supplement these records with personal data from the public domain (e.g. your publications) or other sources (e.g., where relevant, other state and federal agencies).

Your personal information is created, stored and transmitted securely in a variety of paper and electronic formats, including some databases that are shared between the University’s President’s Office and the individual University campuses. Access to your personal information is limited to University staff who have a legitimate interest in it for the purpose of carrying out their employment duties.

In addition, the University may process some information about you that is classed as ‘sensitive’ or ‘special category’ personal data, and which may require additional protections. This includes information concerning your ethnicity, sexual orientation, union membership, religious beliefs or health/disability. This information may be collected for planning or reporting purposes, or in order to provide care, help or reasonable accommodations.

The University will process your personal information for a range of contractual, statutory or public interest purposes, including the following:

  • To assess your suitability for a particular employment position or role.
  • To administer payroll, benefits, retirement plans and other standard employment functions.
  • To administer HR-related processes, including those relating to performance/attendance management, disciplinary issues and complaints/grievances.
  • To conduct security, governance, audit and quality assurance functions.
  • To provide access to facilities (e.g. information technology, libraries), services (e.g. reasonable accommodations, EAP) and employee benefits to you, and where appropriate to monitor your use of those facilities and services in accordance with University policies (e.g. on the acceptable use of information technology).
  • To communicate effectively with you by mail, email and phone, including the distribution of relevant employee newsletters and notices.
  • To support your training, health, safety, welfare and religious requirements.
  • To compile statistics and conduct surveys and research for internal and statutory reporting purposes.
  • To fulfill and monitor our responsibilities under equal opportunity, immigration and public safety legislation.
  • To support you in implementing any health-related reasonable accommodations to allow you to carry out a particular role or task.
  • Where relevant, to monitor, evaluate and support your research activity and commercial ventures.
  • To enable us to contact you or others in the event of an emergency.

We consider the processing of your personal information for these purposes to be either necessary for the performance of our contractual obligations with you (e.g. to manage your employment contract), or necessary for compliance with a legal obligation (e.g. equal opportunity monitoring), or necessary for the performance of tasks we carry out in the public interest (e.g. non-statutory reporting or research). We require you to provide us with any information we reasonably ask for to enable us to administer your employment contract. If we require your consent for any specific use of your personal information, we will collect it at the appropriate time and you can withdraw this at any time. We will not use your personal information to carry out any wholly automated decision-making that affects you.

Your personal information is shared as necessary to maintain your employment and provide you certain benefits, or as required by law, with a range of external organizations, including the following:

  • Agencies of the State of Mississippi.
  • Agencies of the United States Government (e.g. Internal Revenue Service, Citizenship and Immigration Services).
  • Prospective and actual research funders or sponsors.
  • The external providers of any staff benefits or retirement plans.
  • If applicable, staff or faculty unions.
  • On occasion and where necessary, the police and other law enforcement agencies.
  • On occasion and where necessary, external auditors.
  • On occasion and where necessary, affiliated entities of the University (e.g. the Mississippi State University Foundation).
  • Companies or organizations providing specific services to, or on behalf of, the University.

We will provide references about you to external inquirers or organizations when you have requested or indicated that we should do so.

We will include your basic contact details in our internal University online directory, though you can control how much information is accessible within the University. Some information about University Officers and other staff (e.g. appointments or committee memberships) may be published online and in other University publications.

You have the right to access the personal information that is held about you by the University. You also have the right to ask us to correct any inaccurate personal information we hold about you, to delete personal information (subject to certain exceptions), or otherwise limit our processing, or to object to processing or to receive an electronic copy of the personal information you provided to us.

If you have any questions about how your personal information is used, or wish to exercise any of your rights, please contact GDPRhelp@msstate.edu.

We store your personal information as part of your employment record for the duration of your employment (and it may be used as part of our assessment of any future application you make for further employment at the University). After your employment ends, certain records pertaining to your employment are retained indefinitely so that the details of your employment can be confirmed and for statistical or historical research.
If you are not happy with the way your information is being handled, or with a response received from us, please review the European Commission’s redress options.
This webpage was last updated in September 2018. It is reviewed when necessary and at least annually. Any changes will be published here.

GDPR Notice for University Students

The European Union’s General Data Protection Regulation (“GDPR”) and other countries’ privacy laws provide certain rights for data subjects concerning the use of personal information. This page provides a summary concerning the use of personal information you provide to Mississippi State University while you are in the European Union (“EU”) in connection with your enrollment at the University.

Personal information’ means any information which relates to or identifies you as an individual.
When you applied to become a student at the University you were told how the University would use your personal information to process your application and for related purposes (GDPR Notice for Student Applicants). You were referred to this webpage for a fuller statement of the uses we would make of your personal information if you became a student of the University. In addition to the information published here, when you use specific services and facilities offered by the University, you may be told about other uses of your personal information. For example, there are separate privacy notices for users of University websites.
The information published here applies to the use, sharing and disclosure of your personal information by the University. The University is based in the United States and any personal information we collect from you may be transferred out of the European Union and processed and maintained in the United States.

The University will keep a record of the details you provided on your application form, any supporting documents requested as part of your admission and additional details provided by any references or during any interview process. We will also maintain records about your studies at the University, and about your use of the academic and non-academic facilities and services that we offer. This personal information will include data such as your name, home address, date of birth, courses studied, tuition and fee payments, and information about your examinations, assessments and grades.

Your personal information is created, stored and transmitted securely in a variety of paper and electronic formats, including some databases that are shared between the University’s President’s Office and the individual University campuses. Access to your personal information is limited to University staff who have a legitimate interest in it for the purpose of carrying out their employment duties.

In addition to this, the University may process some information about you that is deemed ‘sensitive’ or ‘special category’ personal data, and which requires additional protections. This includes information concerning your ethnicity, sexual orientation, union membership, religious beliefs or health/disability that we use for planning and monitoring purposes, or in order to provide care, help or reasonable accommodations. For certain courses of study, other sensitive information may be processed, such as information about past criminal convictions, working with children or vulnerable adults, and your fitness to practice in certain regulated professions.

The University will process your personal information for a range of contractual, statutory or public interest purposes, including the following:

  • To deliver and administer your education, record the details of your studies (including any placements with external organizations), and determine/confirm your academic achievements (e.g. grades, awards).
  • Where relevant (e.g. for graduate students), to monitor, evaluate and support your research activity.
  • To administer the financial aspects of your relationship with us and any outside funding sources (e.g. student lenders).
  • To provide access to facilities and services to you (e.g. IT, athletics, libraries, accommodations, career placement).
  • To enable your participation at events (e.g. campus functions, graduation).
  • To communicate effectively with you by mail, email and phone, including the distribution of relevant newsletters and notices.
  • To operate security, governance, disciplinary (including plagiarism and academic misconduct), complaint, audit and quality assurance processes and arrangements.
  • To support your training, medical, safety, welfare and religious requirements.
  • To compile statistics and conduct research for internal and statutory reporting purposes.
  • To fulfil and monitor our responsibilities under equal opportunity, immigration and public safety legislation.
  • To enable us to contact you or others in the event of an emergency.

We consider the processing of your personal information for these purposes to be either necessary for the performance of our contractual obligations with you (e.g. to manage your student experience and welfare while studying at the University), or necessary for compliance with a legal obligation (e.g. equal opportunity monitoring), or necessary for the performance of tasks we carry out in the public interest (e.g. teaching and research), or necessary for the pursuit of the legitimate interests of the University or an external organization (e.g. to enable your access to external services). If we require your consent for any specific use of your personal information, we will collect it at the appropriate time and you can withdraw this at any time. We will not use your personal information to carry out any wholly automated decision-making that affects you.

As described above, your personal information is shared with relevant staff at the University as required. In addition, it is shared as necessary to maintain your enrollment and provide you certain services, or as required by law with a range of external organizations, including the following:

  • Agencies of the State of Mississippi.
  • Agencies of the United States Government (e.g. Citizenship and Immigration Services, U. S. Department of Education).
  • Your funders and/or lenders (e.g., as relevant, student loan companies, the funders of any scholarships, awards or prizes).
  • The providers of any external/collaborative learning and training placements or fieldwork opportunities.
  • External examiners and assessors.
  • Any relevant professional or statutory regulatory bodies.
  • Any relevant University student union(s) and student clubs and societies, in order to facilitate your membership of those bodies.
  • Local authorities.
  • On occasion and where necessary, the police and other law enforcement agencies.
  • On occasion and where necessary, external auditors.
  • On occasion and where necessary, affiliated entities of the University (e.g. the Mississippi State University Foundation).
  • Companies or organizations providing specific services to, or on behalf of, the University.

We will normally confirm details of your results and degrees awarded to external inquirers or organizations, and will provide references to third parties as you request. Your name and the type of degree awarded will be published in the relevant graduation program.

After you graduate a core record of your studies at the University is retained indefinitely so that the details of your academic achievements can be confirmed and for statistical or historical research. Your contact and core personal details are passed to the Development and Alumni Relations office while you are still a student so that you can be added to the alumni database.

You have the right to access the personal information that is held about you by the University. You also have the right to ask us to correct any inaccurate personal information we hold about you, to delete personal information (subject to certain exceptions), or otherwise limit our processing, or to object to processing or to receive an electronic copy of the personal information you provided to us.

If you have any questions about how your personal information is used, or wish to exercise any of your rights, please contact GDPRhelp@msstate.edu.

We store your personal information as part of your student record for the duration of your studies (and it may be used as part of our assessment of any future application you make for further studies at the University).
If you are not happy with the way your information is being handled, or with a response received from us, please review the European Commission’s redress options.
This webpage was last updated in September 2018. It is reviewed when necessary and at least annually. Any changes will be published here.

GDPR Notice for Job Applicants

The European Union’s General Data Protection Regulation (“GDPR”) and other countries’ privacy laws provide certain rights for data subjects concerning the use of personal information.

This page provides a summary concerning the use of personal information you provide to the Mississippi State University (“University”) while you are in the European Union (“EU”) in connection with your application for employment by the University.

‘Personal information’ means any information which relates to or identifies you as an individual.
The information provided here applies to the use, sharing and disclosure of your personal information by Mississippi State University.
The University will use information provided on your employment application together with any supporting documents requested and additional information that may be provided by your references or following an interview process. If you are required to undergo certain additional background checks or procedures as part of the job application and offer process (e.g. criminal convictions checks or visa application procedures), we will use this information as described herein.

The University will process the personal information provided on your employment application and the other information referred to above for the purposes of identifying you, processing your employment application, verifying the information provided and assessing your suitability for the role, deciding whether to offer you a job, and communicating that outcome (together with any feedback).

We may also use or disclose the information provided for the following legal or public interest purposes:

  • To prevent or detect fraud.
  • For equal opportunity monitoring.
  • To help us to make reasonable accommodations for any disability, as requested by you.
  • To provide certain disclosures required by applicable law.
  • For research and statistical purposes, but no information which could identify you will be published.

If you are a current employee, we may use the information you provide in any application you submit to update your existing employment records.

We consider the processing of your personal information for the above purposes to be either necessary for us to take steps in order to create a contractual relationship with you (e.g. to assess your application for employment with us), or necessary for compliance with a legal obligation (e.g. equal opportunity monitoring), or necessary for the performance of tasks we carry out in the public interest (e.g. reporting or research). We require you to provide us with the information we ask for during the employment application process in order to assess your application properly, except where providing the information is marked as optional. Employment decisions are not automated.

As well as circulating your employment application and related materials to the appropriate staff at the University, we may share your personal information for the above purposes as relevant and necessary with:

  • Any references provided by you.
  • Agencies of the United States Government (e.g. Citizenship and Immigration Services, U. S. Department of Education)
  • Companies or organizations providing specific services to, or on behalf of, the University.
If you are hired by the University, we will use your personal information for the purposes described at GDPR Notice for University Employees as amended from time to time.

You have the right to access the personal information that is held about you by the University. You also have the right to ask us to correct any inaccurate personal information we hold about you, to delete personal information (subject to certain exceptions), or otherwise limit our processing, or to object to processing or to receive an electronic copy of the personal information you provided to us.

If you have any questions about how your personal information is used, or wish to exercise any of your rights, please contact GDPRhelp@msstate.edu.

We store your personal information for as long as necessary to complete the employment application process. If you are hired by the University, your information will be kept as part of your personnel record for the duration of your employment (and it may be used as part of our assessment of any future application you make for further employment at the University). After your employment ends, certain records pertaining to your employment are retained indefinitely so that the details of your employment can be confirmed and for statistical or historical research.
If you are not happy with the way your information is being handled, or with a response received from us, please review the European Commission’s redress options.
This webpage was last updated in September 2018. It is reviewed when necessary and at least annually. Any changes will be published here.

GDPR Notice for Student Applicants

The European Union’s General Data Protection Regulation (“GDPR”) and other countries’ privacy laws provide certain rights for data subjects concerning the use of personal information.

This page provides a summary concerning the use of personal information you provide to Mississippi State University (“University”) while you are in the European Union (“EU”) in connection with your application for enrollment at the University.

‘Personal information’ means any information which relates to or identifies you as an individual.
The information provided here applies to the use, sharing and disclosure of your personal information by the University as part of the admissions process.
The University will use information provided on your admissions application together with any supporting documents requested and additional information that may be provided by your references or following an interview process.

The University will process the personal information provided on your application and the other information referred to above for the purposes of identifying you, processing your application, verifying the information provided, deciding whether to offer you admission to the program you have applied for, and communicating that outcome (together with any feedback).

We may also use or disclose the information provided for the following legal or public interest purposes:

  • To prevent or detect fraud.
  • For equal opportunity monitoring.
  • To help us to make reasonable accommodation for any disability, as requested by you.
  • To allow us to consider any future accommodation requirements.
  • To provide certain disclosures required by applicable law.
  • For research and statistical purposes, but no information which could identify you will be published.

We consider the processing of your personal information for the above purposes to be either necessary for us to take steps in order to create a contractual relationship with you (e.g. to assess your application to study with us), or necessary for compliance with a legal obligation (e.g. equal opportunity monitoring), or necessary for the performance of tasks we carry out in the public interest (e.g. admissions research). We require you to provide us with the information we ask for during the application process in order to assess your application properly, except where providing the information is marked as optional. University admissions decisions are not automated.

As well as circulating your application and related materials to the appropriate staff at the University, we may share your personal information for the above purposes as relevant and necessary with:

  • Where required, your current high school, college or university, or other educational organization.
  • Your examination boards or awarding bodies.
  • Agencies of the United States Government (e.g. Citizenship and Immigration Services, U. S. Department of Education)
  • Your funders and/or lenders (e.g., as relevant, student loan companies, the funders of any scholarships, awards or prizes).
  • Companies or organizations providing specific services to, or on behalf of, the University.
If you are accepted, we will use your personal information for the purposes described in the GDPR Notice for University Students.

You have the right to access the personal information that is held about you by the University. You also have the right to ask us to correct any inaccurate personal information we hold about you, to delete personal information (subject to certain exceptions), or otherwise limit our processing, or to object to processing or to receive an electronic copy of the personal information you provided to us.

If you have any questions about how your personal information is used, or wish to exercise any of your rights, please contact GDPRhelp@msstate.edu.

We store your personal information for as long as necessary to complete the application process. If you are admitted to the University, your information will be kept as part of your student record for the duration of your studies (and it may be used as part of our assessment of any future application you make for further studies at the University).
If you are not happy with the way your information is being handled, or with a response received from us, please review the European Commission’s redress options.
This webpage was last updated in September 2018. It is reviewed when necessary and at least annually. Any changes will be published here.