Digital Millennium Copyright Act Compliance
As stated in the Harvard University Annual Copyright Disclosure, all Harvard users must respect the copyrights in works that are accessible through computers connected to the Harvard network. Under federal copyright law, no copyrighted work may be copied, published, disseminated, displayed, performed, or played without permission of the copyright holder except in accordance with fair use or licensed agreement. This includes music, movies, and other copyrighted material. Harvard may terminate the network access of users who are found to have repeatedly infringed the copyrights of others. Student policies are described here. Staff supervisors and members of the Faculty are welcome to contact the University’s Office of General Counsel.
We use your IP address to help diagnose problems with our server and to administer our Web site by identifying (1) which parts of our site are most heavily used, and (2) which portion of our audience comes from within the Harvard network. We do not link IP addresses to anything personally identifiable. This means that sessions will be tracked, but users will remain anonymous.
Use of information
The Harvard Law School staff uses the information gathered above to tailor site content to user needs, and to generate aggregate statistical reports. We cannot and do not disclose site usage by individual IP address.
Users Located in the European Economic Area
If you are located in the European Union, Iceland, Liechtenstein, or Norway (the “European Economic Area”), please see Additional EEA Privacy Disclosures for information about ways that certain Harvard University Schools, Centers, units and controlled entities, including this one, may collect, use, and share information about you.
If you have any questions about this privacy statement, the practices of this site, or your dealings with this site, you can contact firstname.lastname@example.org.
EU General Data Protection Regulation
The General Data Protection Regulation (GDPR) requires security measures for processing data relating to an identified or identifiable individual located in the European Union, Iceland, Liechtenstein or Norway (GDPR Processing). Harvard units or programs must comply with the GDPR when conducting GDPR Processing. The GDPR requires that security measures be appropriate in light of the potential risks to the affected individuals, taking into account the scope and purposes of such processing and the nature of the data. The GDPR identifies the following categories of data as meriting special protection: identifiable personal information revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, or containing genetic, biometric or health data or data concerning sex life or sexual orientation, and criminal convictions and offenses. Identifiable genetic, biometric and health data are Level 4 data, to be handled accordingly. The other types of GDPR sensitive data listed above should be treated as Level 3 data when subjected to GDPR Processing, except when the data has been made public or otherwise widely shared by the relevant individual. Any GDPR Processing of such sensitive data should comply with the GDPR’s Articles 9 and 10.
If you are in receipt of a request for information about Harvard’s approach to GDPR, including requests from data subjects, please direct them to the HUIT Helpdesk at EEAdatasubjectrequest@harvard.edu & EEAdisclosuresinquiry@harvard.edu.
If you would like more information about the GDPR, you can go to the Harvard University resource page: https://gdpr.fad.harvard.edu/ You can direct specific questions about the GDPR to Leah Keating at email@example.com. She will make sure you are connected to the right resources.