General Statement of Information Privacy
Kamehameha Schools and its subsidiaries (collectively “KS”) provide education and related services. In the normal course of these activities, KS collects, maintains and discloses information associated with individuals, some of which may be confidential while some may be non-confidential. This General Statement of Information Privacy (this “Statement”) addresses a number of KS information handling practices that apply to individually identifiable confidential information and outlines other practices that apply to individual information that is not necessarily confidential. These practices include both traditional paper based information handling activities as well as information collected by KS through websites owned, controlled, or operated by KS under a number of domains including ksbe.edu, pauahi.org and ksalumni.org. These sites are collectively known as the “KS Web.” Some individually identifiable confidential information handling practices may be subject to additional information privacy provisions as identified in later segments of this statement. Information that is collected by KS in connection with its commercial transactions with individuals and legal entities may be subject to other contractual terms, agreements or regulations.
Purpose and Format
This Statement has been organized into the following sections that: (1) identify four general guidance rules for collecting and sharing individual information; (2) provide explanations of specific supplements to the four general guidance rules that provide extended privacy provisions for certain types of information handling; and (3) describe the typical practices employed by KS to address the four general guidance rules and their supplements. The content areas for this Statement are as follows:
General Rules Regarding the Collection and Sharing of Individually Identifiable Information
- Conformance with Legal and Professional Standards Regarding Confidential Information
- Collection and Sharing of Individual Information that is Not Deemed Confidential
- Contact “Opt-In” and “Opt-Out”
- Third-Party Websites
Specific Privacy Supplements to the General Rules
- Student Records including Financial Information Collected for Financial Assistance Programs
- Collection and Use of Family Genealogy Data for Ancestry Verification
- Financial Information Provided for a Land Transaction Agreement and/or Potential Mortgage
- Credit Card Sales Over the KS Web or Other Direct Sales Programs
Typical Practices Observed by KS in Meeting the General Rules and Specific Privacy Supplements
- Interactions with Individuals under Thirteen Years of Age
- Social Security Numbers and Other Government Issued Personal Identification Numbers
- Information Security and Destruction of Confidential Information
- Medical Information
- Credit Bureau Information
- Other Information Obtained from Third-Parties
- Web Server Login Information that KS may Gather
- Cookies and Login Security
General Rules Regarding the Collection and Sharing of Individually Identifiable Information
The following are four general rules observed by KS regarding the collection, maintenance and sharing of individual information collected by KS through the KS Web and other means. In this Statement, all of the individually identifiable information that is “confidential” is collectively called, “Confidential Information”.
1. Conformance with Legal and Professional Standards Regarding Confidential Information
KS is committed to providing appropriate privacy and security of Confidential Information provided to KS in the conduct of its activities. KS obtains, uses, stores, shares and disposes of confidential information consistent with applicable federal and state laws.
In order to provide effective educational and other related services, KS collects, maintains and shares Confidential Information internally with its divisions and departments, and externally with its subsidiaries and third-parties. Examples of Confidential Information KS obtains about individuals includes:
- Application Information: Confidential Information KS receives voluntarily from students and their parents, such as: application information that may include family financial information used to determine eligibility for financial aid.
- KS Web Information: Confidential Information KS collects or issues via the KS Web such as passwords.
- Credit Reports: Confidential Information KS receives in reports from consumer reporting agencies KS uses for qualifying individuals for credit, employment and other permitted purposes.
- Third-Party Educational Information: Confidential Information KS obtains from third-parties regarding KS students and parents such as Confidential Information from the State Department of Education.
- Internal KS Educational Records: Confidential Information KS collects or generates internally regarding certain aspects of student academic performance and disciplinary actions.
Subject to an individual’s right to opt‑out of the sharing of credit report information, KS may share all of the above information with its subsidiaries when KS determines that the sharing of the Confidential Information is necessary and appropriate. However, it is KS’s usual practice not to share Confidential Information that it collects with third-parties, except as permitted by law or as disclosed in this Statement. When circumstances arise for the need to share Confidential Information, KS may share the Confidential Information described above, except for consumer credit reports, with third-parties as follows:
- As authorized by law;
- As permitted under this General Statement or other formally adopted KS privacy statements,
- As required in connection with educational and financial aid programs administered by third-parties and their agents such as FACTS and the Departments of Education, in order to assist those third-parties in the delivery of their programs.
- As clearly stated by KS program materials or other notifications, such as notices on the KS Web, that the Confidential Information will be shared and the user indicates the user’s consent by providing the Confidential Information; or
- When consent is otherwise given.
2. Collection and Sharing of Individual Information that is Not Deemed Confidential
In order to provide effective educational and other related services, various operations within KS involve the collection of web use information or other information that may be identifiable to individuals but is not formally private or confidential. Examples of individual information that is not necessarily confidential may include:
- Participation in KS Programs: Non-confidential information KS collects regarding individual constituent participation in educational activities or other programs offered by KS.
- Directory Information: Non-confidential information KS maintains such as KS generated IDs, name, address, telephone number, date of birth, participation in activities offered by KS, degrees and awards received, most recent and previous educational institutions attended.
- Parent to Parent Information: Non-confidential information KS may collect and make available from parent to parent in the form of student directories or the identity of parents who choose to cooperate together in education related activities such as booster clubs or mentoring services.
- KS Web Information: Non-confidential information such as the IP Address (computer identity) of those who access the KS Web or the sequencing of Web pages visited as used to improve KS services.
- Cookie Enabled Information: Non-confidential information that may be obtained via KS Web cookies (computer use files) which are transferred to a user’s hard drive to enable the KS Web to deliver personal services.
It is KS’s usual practice not to share individual information that it collects with those outside KS unless the sharing party is an aligned organization participating in the KS mission. However, when circumstances arise for the need to share information gathered from KS operations, KS may share individual non-confidential information:
- As permitted by law,
- As allowed under this General Statement or other formally adopted KS privacy statements,
- As authorized by an approved KS contract,
- As clearly stated by KS program materials or other notifications (e.g., a KS website) that such information will be shared and the user indicates consent by providing the information,
- When consent is otherwise given, or
- As authorized for good cause by KS management
3. Contact ‘Opt-In’ and ‘Opt-Out’
In its effort to best provide services, KS may seek to better identify the groups that it serves and to contact persons in those groups regarding its services. As such, KS uses the KS Web or other information collection procedures that allow individuals to authorize KS to contact those users about its services. These authorizations may at times also involve the use of ‘Opt-Out’ elections that users may select in order to indicate their desire not to be contacted. In some cases, where KS is proactively seeking to establish contact, KS may use default ‘Opt-In’ provisions that do not require individuals to make an active option selection to receive further contact.
4. Third-Party Websites
Specific Privacy Supplements to the General Rules
In addition to the general rules described above, KS has adopted more specific privacy provisions regarding the collection and sharing of Confidential Information associated with certain collection activities. Some of those special cases are noted below.
- Student Records including Financial Information Collected for Financial Assistance Programs: KS generally seeks to protect the individual privacy of educational records. KS reserves the right to release Confidential Information to its subsidiaries and qualified third-parties, such as school officials from other educational institutions that are involved or may be involved in the students’ education. Parents and students are allowed to:
Collection and Use of Family Genealogy Data for Ancestry Verification: The Ho’oulu Hawaiian Data Center (HHDC) at KS administers a Hawaiian Ancestry Registry (“HAR”) program in order to allow potential KS trust beneficiaries to document their Hawaiian ancestry for purposes of KS’ Admissions Policy which gives preference to applicants of Hawaiian ancestry. Information is collected primarily via a paper based HAR form and accompanied by certified public or government issued documents. Additional KS Web services for the collection and verification of such data are continually being considered and developed by KS. All genealogical information provided for the purposes of verifying one’s ancestry with HHDC is held strictly confidential and is not shared with third parties or non-HHDC-authorized personnel. The ancestry database is accessible only by personnel authorized by HHDC and is not accessible through the KS Web.
- inspect, review and obtain copies of their own education record,
- request that others review the student’s education record (except where Kamehameha is required or authorized to allow others to review the record without parent/student permission). Requests should be made in writing to the Principal or his/her designee.
- obtain copies of Kamehameha’s policies and procedures concerning parent/student access to education records. Requests should be made at the appropriate campus or educational administrator site office.
Financial Information Provided for a Land Transaction Agreement and/or Potential Mortgage: KS does not disclose Confidential Information about its former lessees or borrowers to any affiliated or non-affiliated third-parties, except as permitted by law and in accordance with its Financial Privacy Notice.
In addition to these specific variations, other KS divisions and subsidiaries that maintain web pages or sites on the KS Web may have different Confidential Information gathering policies and procedures and may adopt appropriate privacy practices as their specific needs require. While an attempt has been made in this Statement to highlight notable variations, other variations may exist and may be disclosed in separate KS privacy statements and notices.
Some forms of Confidential Information may, at times, be received by KS but fall outside standard KS privacy protections if the Confidential Information is received by KS inadvertently or outside the regular KS Confidential Information collection processes. This may include Confidential Information that is provided to KS in the absence of a request by KS for the Confidential Information such as when the Confidential Information is included with typically non-confidential material. This form of inadvertent Confidential Information collection may occur in situations such as when an individual enrolls in a KS program and includes a Social Security Number on an application where no field exists to collect that information and where there was no intent on the part of KS to collect that information. In such cases, the application forms may not be handled with the presumption that confidential information exists on the forms
Typical Practices Observed by KS in Meeting the General Rules and Specific Privacy Supplements
Interactions with Individuals under Thirteen Years of Age
KS is committed to protecting the privacy and safety of our children. Accordingly, if a user of the KS Web is under the age of thirteen, such user is requested not to provide KS with personally identifying information including Confidential Information, and KS will not knowingly use any such information in its database or as part of other data collection activities. KS cautions users under the age of thirteen and their parents or guardians that the collection of individual Information voluntarily provided by such a user without the knowledge of KS via the KS Web or other electronic or paper methods will be treated by KS the same way as information given by an adult. In addition, such information may be subject to public access until KS becomes aware that the information provider is under the age of thirteen. These provisions do not apply to the regular school interactions or homework assignments of under thirteen KS learners participating in on-going KS educational activities.
Social Security Numbers and Other Government Issued Personal Identification Numbers
It is KS’s general practice to avoid the collection of Social Security Numbers (“SSNs”) and other government issued personal identification numbers unless those numbers are required for compliance with state and federal law and/or are needed for effective service delivery. For example, SSNs are required for various forms of financial aid assistance assessments as well as other assessments for credit. At present, no practical alternatives to SSN collection and use appear feasible for certain operations, but KS continues to look for methods to reduce SSN use. Persons interacting with KS should avoid providing SSNs and other government issued personal identifiers in general correspondence or email, but should instead provide such identification only via the specific forms for doing so in accordance with applications or KS Web forms specifically created by KS for collecting such information.
Information Security and Destruction of Confidential Information
The security of Confidential Information is a priority at KS. KS employs information security practices consistent with the standards and practices adopted by other educational institutions, and by businesses which provide similar services. KS protects Confidential Information by maintaining physical, electronic and procedural safeguards that comply with applicable state and federal laws. KS trains its employees in the proper handling of Confidential Information. When KS uses third-parties for services, KS requires these third-parties to protect the confidentiality of any Confidential Information they receive. KS also disposes of Confidential Information in accordance with applicable state and federal laws.
KS collects medical information regarding its students and may collect medical information at times for others such as KS employees. KS policies regarding the handling and safekeeping of medical information are intended to be consistent with legal requirements for K-12 academic environments and with respect to employees generally.
Credit Bureau Information
KS may from time to time attempt to verify information provided to KS regarding personal or family financial status. As such, KS may order consumer reports and other credit bureau reports, and may also provide credit information to credit bureaus such as information on late payments or a person’s failure to meet other payment obligations. KS may share those reports with its subsidiaries and affiliates. If you believe that information about you has been reported inaccurately by KS or that inaccurate information has been provided to KS by a credit bureau, please provide a full description of your concerns and appropriate contact information to the email address InformationPrivacy@ksbe.edu.
Other Information Obtained from Third-Parties
In addition to credit reports and medical information, KS may obtain Confidential Information from third-parties. KS maintains and shares Confidential Information received from third-parties in the same way it maintains and shares Confidential Information received directly from individuals.
Web Server Login Information that KS May Gather
KS websites may generate logs that may contain information about computers or devices used by users to access the KS Web or which contain information about general activity on the KS Web, such as the following:
- Internet address of computer or device
- Type of browser used
- The operating system of the computer or device
- Web pages requested
- Referring Web pages
- Time spent on the KS website
KS website administrators may produce summary reports from these logs and share that information with KS personnel and/or third-party vendors responsible for KS Web content management. KS Web content managers typically use this information, in aggregate, to understand what pages are popular, how users are navigating to and within sites, and when KS websites are used most frequently. KS generally avoids the inclusion in server logs of personally identifiable information that could identify particular users. The previously stated General Rules Regarding the Collecting and Sharing of Personally Identifiable Information and other segments of Specific Privacy Supplements to the General Rules provide further information on when individual information may be shared.
Cookies and Login Security
Cookies are small pieces of data stored by a web browser on a user’s computer. Cookies are often used to retain information about preferences and pages a user has visited. For example, when a user visits some sites on the Web, one might see a “Welcome Back” message. The first time one visits a KS website, a cookie may be stored on the user’s computer; and when the user returns, the cookie is read again. One can refuse to accept cookies, one can disable cookies, and one can remove cookies from one’s hard drive.
KS websites may use transactional cookies that facilitate the continuity of interactions during a particular visit. KS does not typically use permanent cookies and will not use other invasive tracking programs that monitor and track KS website viewing habits unless:
- the use of permanent cookies adds value to the user otherwise not available;
- there is a comprehensive online statement at the particular KS website where such permanent cookies or other invasive monitoring and tracking programs are utilized that discloses:
- all types of information collected at that site;
- KS’s use of that information; and
- how the collection and use of this information adds value to the user; and
- there is a link to this Statement from that particular KS website where such permanent cookies or other monitoring and tracking programs are utilized.
If an individual, including a KS Web user, has questions about this Statement or believes that the user’s Confidential Information has been used or released in violation with the terms of this Statement or without his or her consent when such consent is required pursuant to this Statement, then please send and email to:
In the email, the individual should include the individual’s name, and why the user thinks his or her Confidential Information has been used or released in connection and/or without his or her consent.
Statement of Terms and Conditions
Kamehameha Schools (KS) provides Internet-based websites to display, collect and maintain information related to its mission. This statement of Terms and Conditions for Use of Kamehameha websites applies to all information exchange involving all sites owned, controlled, operated or maintained by KS under a number of domains including ksbe.edu, pauahi.org and ksalumni.org. These sites are collectively known as the “KS Web” and the Terms and Conditions set out in this Statement applies to all domains within the KS Web.
Purpose and Format
As part of its commitment to maintain appropriate and reasonable Web based information services, KS has developed this Statement of Terms and Conditions to inform KS Web users of the expectations, levels of responsibility and the limitations involved in use of the KS Web. The content of this Statement is separated into the following topic areas:
- Legal Notices of Terms and Conditions Regarding Use of the KS Web
- Disclaimer of Liability
- Disclaimer of Warranties and Accuracy of Data
- Disclaimer of Endorsement
- Disclaimer for External Web Links
- Disclaimer of Duty to Continue Provision of Data
- Choice of Law
Legal Notices of Terms and Conditions Regarding Use of the KS Web
Access to the KS Web is provided subject to the following terms and conditions. Please read these terms carefully as use of the KS Web constitutes acceptance of all of the following terms and conditions:
Disclaimer of Liability
Neither KS, nor any of its units, programs, employees, agents or individual trustees, shall be held liable for any improper or incorrect use of the information described and/or contained in the KS Web and assumes no responsibility for anyone’s use of the information. In no event shall the KS Web, KS or its units, programs, employees, agents or individual trustees be liable for any direct, indirect, incidental, special, exemplary, or consequential damages (including, but not limited to, procurement or substitute goods or services; loss of use, data, or profits; or business interruption) however caused and on any theory of liability, whether in contract, strict liability, or tort (including negligence or otherwise) arising in any way out of the use of this system, even if advised of the possibility of such damage. This disclaimer of liability applies to any damages or injury, including but not limited to those caused by any failure of performance, error, omission, interruption, deletion, defect, delay in operation or transmission, computer virus, communication line failure, theft or destruction or unauthorized access to, alteration of, or use of record, whether for breach of contract, tortious behavior, negligence or under any other cause of action.
Disclaimer of Warranties and Accuracy of Data
Although the data provided on the KS controlled portions of its Web have been produced and processed from sources believed to be reliable, no warranty, express or implied, is made regarding accuracy, adequacy, completeness, legality, reliability or usefulness of any information. This disclaimer applies to both isolated and aggregate uses of the information. KS provides this information on an “as is” basis. All warranties of any kind, express or implied, including but not limited to the implied warranties of merchantability, fitness for a particular purpose, freedom from contamination by computer viruses and non-infringement of proprietary rights are disclaimed. Changes may be periodically made to the information herein; these changes may or may not be incorporated in any new version of the publication. If a user has obtained information from any of the KS Web pages via a source other than the KS pages, be aware that electronic data can be altered subsequent to original distribution. Data can also quickly become out of date. It is recommended that careful attention be paid to the contents of any data associated with a file, and that the originator of the data or information be contacted with any questions regarding appropriate use. If a user finds any errors or omissions, please report them to:
Disclaimer of Endorsement
KS is a distributor of content sometimes supplied by third parties and users. Any opinions, advice, statements, services, offers, or other information or content expressed or made available by third parties, including information providers, users, or others, are those of the respective author(s) or distributor(s) and do not necessarily state or reflect those of KS and shall not be used for advertising or product endorsement purposes. Reference herein to any specific commercial products, process, or service by trade name, trademark, manufacturer, or otherwise, does not constitute or imply its endorsement, recommendation, or favoring by KS.
Disclaimer for External Web Links
Disclaimer of Duty to Continue Provision of Data
Due to the dynamic nature of the Internet, resources that are free and publicly available one day may require a fee or restricted access the next, and the location of items may change as menus, pages, and files are reorganized. The user expressly agrees that use of the KS Web is at the user’s sole risk. KS does not warrant that the service will be uninterrupted or error free. The documents and related graphics published on KS websites could contain technical inaccuracies or typographical errors. Changes are periodically added to the information herein. KS and/or its respective units and programs may make improvements and/or changes in the information and/or programs described herein at any time.
The technology management teams used by KS and its campuses have taken several steps to safeguard the integrity of its communications and computing infrastructure, including but not limited to authentication, monitoring, auditing, and encryption. Security measures have been integrated into the design, implementation and day-to-day practices of the entire KS Electronic Information System (EIS) operating environment as part of its continuing commitment to risk management. Such security measures are however typically subject to constant threats from nefarious web users and the measures taken by KS may be regarded as reasonable but not necessarily perfect regarding efforts to provide information security.
This statement should not be construed in any way as giving business, legal, or other advice, or warranting as fail proof or otherwise, the security of information provided via KS supported websites.
Choice of Law
Construction of the disclaimers above and resolution of disputes thereof are governed by the laws of the State of Hawaii. The laws of the State of Hawai‘i, USA, shall apply to all uses of this data and this system. By use of this system and any data contained therein, the user agrees that use shall conform to all applicable laws and regulations and user shall not violate the rights of any third parties.
If a user has questions about this Statement of Terms and Conditions, send e-mail to:
Copyrights and trademarks
KS Proprietary Information
All intellectual property contained on KS websites are the exclusive property of Kamehameha Schools or its content contributors. This content cannot be copied, reproduced, or used without written permission from Kamehameha Schools.
KS websites contain logos, trademarks, service marks and design elements that are proprietary to Kamehameha Schools. These trademarks are protected under applicable trademark laws and cannot be copied, reproduced or used without written permission from Kamehameha Schools. Reproduction, storage, or use of materials retrieved from KS Web sites are also subject to applicable copyright laws.