General Data Protection Regulation (GDPR)
11/23/2025 2025-11-23 12:55General Data Protection Regulation (GDPR)
Last Updated: November 17th, 2025
PORTMAN University (“we”, “us”, “our”) is committed to protecting the privacy and personal data of all students, prospective students, parents, partners, affiliates, employees, and visitors across all regions, including the European Union (EU), the United Kingdom (UK), the United States (US), Asia-Pacific countries, and the rest of the world.
This Global Data Protection & Privacy Policy outlines our data practices in accordance with:
- GDPR (EU & UK)
- CCPA/CPRA & related U.S. state privacy laws
- PDPA (Malaysia, Singapore, Thailand)
- Philippines Data Privacy Act (DPA)
- Indonesia Personal Data Protection Law (PDP)
- India Digital Personal Data Protection Act (DPDP Act)
- International academic, accreditation, and security standards
By accessing our platforms—including our website, LMS (TutorLMS/TutorLMS Pro), AI-powered grading system, ChatAgent, call bots, CRM systems, email platforms, and online services—you agree to this policy.
1. Data Controller
PORTMAN University
PORTMAN UNIVERSITY LLC
9260 S. PEORI,ACHICAGO, IL 60620
Email: [email protected]
We act as the Data Controller for all personal data processed.
2. Personal Data We Collect
Depending on your interaction with PORTMAN University, we may collect:
2.1 Identity & Contact Data
- Full name
- Email address
- Phone number
- Nationality & identification documents
- Mailing address
2.2 Academic Data
- Enrollment information
- Academic history & transcripts
- Assignments, submissions, exams
- AI-generated grading feedback
- Attendance & LMS activity logs
2.3 Financial & Billing Data
- Payment information (processed via secure third parties)
- Invoices, receipts, scholarship/aid data
2.4 Technical & System Data
- IP address
- Device type
- Browser information
- LMS login logs
- ChatAgent call/voice interactions
- Call bot call summaries
- Usage analytics
2.5 Marketing & Communication Data
- Form submissions
- Lead generation data
- Email engagement
- WhatsApp/chat interactions
Affiliate tracking or referral data
3. Legal Basis for Processing
We process data using lawful bases according to jurisdiction:
GDPR (EU/UK)
- Consent
- Contractual necessity
- Legal obligation
- Legitimate interest
US (CCPA/CPRA & Others)
- Notice & transparency
- Opt-out of data selling/sharing
- Consumer rights protections
Asia (PDPA, DPA, PDP Law, DPDP Act)
- Explicit consent
- Purpose limitation
- Data minimization
- Lawful retention & use
4. How We Use Your Data
We process personal data to:
- Manage university applications & enrollment
- Deliver academic programs and online learning
- Operate our Learning Management System (LMS)
- Provide AI-assisted grading, feedback, and academic recommendations
- Issue certificates, transcripts, and academic documents
- Provide student support, advising, and communication
- Improve our systems, services, and AI models
- Conduct marketing and outreach (with consent)
- Fulfill accreditation & regulatory requirements
All AI decisions are monitored by human academic staff.
5. Sharing of Data
We may share data with:
- LMS and academic technology providers
- AI grading and automation service providers
- Accreditation organizations (e.g., ASIC UK, ISO bodies, DEAC processes)
- CRM, marketing platforms, ChatAgent services
- Payment processors (e.g., Stripe, PayPal)
- Government or regulatory authorities as legally required
All third-party partners must meet global privacy standards.
6. International Data Transfers
Your information may be stored or processed outside your country.
We ensure adequate protection using:
- GDPR Standard Contractual Clauses (SCCs)
- Data processing agreements
- Encryption and secure transfer protocols
- Compliance with local PDPA/DPDP/PDP laws
7. Data Retention
We retain personal data according to these guidelines:
- Student records: 7–10 years
- Financial data: as required by tax & audit laws
- Chat logs & marketing leads: 12–24 months
- Academic submissions: institutional academic policy
Data no longer needed is securely deleted or anonymized.
8. Your Rights
GDPR (EU/UK) Rights
You may:
- Access your data
- Request corrections
- Request deletion
- Restrict processing
- Object to processing
- Request data portability
- Withdraw consent
US (CCPA/CPRA & Other States)
You may:
- Request to know categories of personal data collected
- Request deletion of personal data
- Request correction
- Opt out of selling/sharing of personal information
- Limit use of sensitive personal data
PORTMAN University does not sell personal data.
Asia (PDPA, DPA, PDP Law, DPDP Act)
You may:
- Request access & correction
- Withdraw consent
- Request data portability (where applicable)
- Request deletion
Lodge a complaint with your local authority
9. AI, Automation & Profiling
We use AI technologies for:
- Automated academic grading
- Learning analytics
- Identity verification
- ChatAgent interactions & call bot operations
- Process automation
Students may request human review of any automated decision at any time.
10. Data Security
We protect your data through:
- Encryption (SSL/TLS)
- Role-based access control
- Encrypted backups
- Secure cloud hosting
- 2FA authentication for staff
- Regular security audits
- Monitoring AI system logs & grading accuracy
11. Cookies & Tracking
We use cookies for:
- Essential site functionality
- Analytics
- Personalization
- Marketing (only with consent where required)
Users may manage cookies in their browser settings.
12. Contact: Data Protection Officer (DPO)
For data-related inquiries:
Data Protection Officer
PORTMAN University
Email: [email protected]
You may also file complaints with your local data protection authority.
13. Policy Updates
- Laws change
- New AI tools are deployed
- Accreditation standards evolve
- Internal procedures are improved
We will publish updated versions on our official website.
