Privacy & Security

Information Privacy Statement

The University of Lynchburg (Lynchburg) provides online information and services to students, employees, and the public to supplement services provided on campus.

This privacy statement provides information required by Virginia and federal laws about privacy, confidentiality, and related policies for individuals who use our official websites and other electronic services.

Individual websites may provide additional privacy information. This statement applies to all information collected by or submitted to Lynchburg. It is not to be construed as a contractual promise. Additional Lynchburg policies that provide information about the use of computing and communications systems at Lynchburg can be found on the Office of Information Technology and Resources website.

Lynchburg websites may contain links to external websites. Lynchburg does not endorse or take responsibility for external websites’ privacy practices or policies.

Quick Links

Information Collected by the University of Lynchburg

Email and Form Information

Lynchburg only obtains personal information when it is voluntarily provided. If an individual sends an email, fills out a web-based form, or submits personal details through other online services, that information is used only to respond directly to the requester, unless otherwise explicitly stated.

Requests for information may be redirected to another university department for better assistance. Personal information will not be shared with outside parties unless legally required in connection with legal proceedings, law enforcement investigations, or state law.

System-Generated Information

Lynchburg may record technical and usage details each time a user accesses university websites or online services. Collected data may include:

  • Internet address of the accessing computer
  • Webpages requested
  • Network software access
  • Referring webpage
  • Browser type
  • Date, time, and duration of activity
  • Passwords and accounts accessed
  • Volume of data storage and transfers

This information is collected for system monitoring, troubleshooting, and statistical analysis to improve services, diagnose server issues, and ensure system integrity. It is not used to personally identify users except as required for security or legal compliance.

Monitoring and Security

If university policies are suspected to be violated—particularly in cases of unauthorized system access—the IT department may conduct detailed session logging. This may include:

  • Capturing and retaining keystroke logs
  • Reviewing user activity within university systems
  • Limited searching of user files on university-owned or networked computers

University-owned or controlled computers may be examined by authorized personnel to detect improper or illegal use, evaluate network security, or conduct administrative reviews. Any information stored on a university-owned computer is subject to university review at any time.

Cookies and Website Data

Some Lynchburg websites use cookies to store user preferences and session details. Cookies are small data files stored by a web browser to enhance website functionality.

  • Some online services may require cookies for access.
  • Any information stored in cookies is used exclusively for internal purposes and is not shared externally.

Alternatives to Online Transactions

Lynchburg offers students, employees, and the public alternative methods to access services if they prefer not to use online platforms. Anyone wishing to keep information private from the university’s digital systems may choose to conduct transactions:

  • In person at the relevant administrative office
  • By mail
  • By phone

Disclosure of Information

The University of Lynchburg does not sell or distribute confidential information collected online. The university’s policies protect the confidentiality of student educational records and employee personnel information, outlining:

  • What information may be publicly shared
  • What information is protected as confidential
  • The process for limiting access to personal data

Confidential information will not be disclosed without consent, except under:

  • Subpoena or court order
  • Legal investigations
  • Emergency situations requiring immediate action

Student Records and FERPA Compliance

Student records are protected under the Family Educational Rights and Privacy Act (FERPA), Virginia law, and university policy. FERPA gives students rights over their educational records and allows them to limit access to directory information.

The university follows all FERPA regulations to ensure the privacy and security of academic records.

Employee Records

Employee records are protected by university policy and Virginia law. Access to employee information is restricted, and only authorized personnel may review or manage sensitive employment data.

Public Records Law and Legal Compliance

Under Virginia law, Lynchburg may be required to provide certain university records to third parties. However:

  • Information protected by FERPA, other privacy laws, or university policies will not be disclosed.
  • The university follows strict legal guidelines to ensure the protection of sensitive data.

Third-Party Access and Contractors

At times, individuals or companies under contract with the university may access information only for service-related purposes. These entities are not permitted to use or share data beyond their assigned scope.

Secure Transactions and Online Payments

Lynchburg accepts online credit card payments for various services, including tuition and fees. Unless otherwise noted, all transactions are encrypted to protect payment details.

  • Payment information is not stored or reused beyond the original transaction.
  • Users should always log out after making online payments.

For more details on university privacy and security policies, visit the Privacy Statement page

Monitoring & Security

If university policies are suspected to be violated—particularly in cases of unauthorized system access—the IT department may conduct detailed session logging. This may include:

  • Capturing and retaining keystroke logs
  • Reviewing user activity within university systems
  • Limited searching of user files on university-owned or networked computers

University-owned or controlled computers may be examined by authorized personnel to detect improper or illegal use, evaluate network security, or conduct administrative reviews. Any information stored on a university-owned computer is subject to university review at any time.