Outside Vendors Requesting to use Data on Behalf of the University

POLICY: 6.5
Effective Date: 07/31/2014
Last Updated: 09/05/2014
Policy Owner: Derek Clark

The University of Georgia or the UGA Foundation may, from time to time, contract with third parties to communicate with alumni, solicit potential donors, or screen data on behalf of the University or one of its units. The University of Georgia Foundation protects alumni information and limits use of this data.  Employees may not disseminate information from the database to outside entities without the express written consent of the Division of Development and Alumni Relations.  For a Non-University Entity to receive data they must:

 

  1. Complete a formal contract which stipulates how they will use the information, when they will use it, if they are registered to solicit in each state, and when they will destroy the information.  Third party vendors must register with the University of Georgia Foundation in all states in which they wish to solicit and that require State Solicitation Registration.  (See State Solicitation Registration section below).
  2. Sign a Non-Disclosure Agreement which in which the vendor assumes all liability (Personal and Company documents separate) and absolves the University of Georgia and the University of Georgia Foundation of any and all liability.
  3. Must adhere to all UGA and Foundation rules in regard to using the information.
  4. Files must be sent through the secure SendFiles program (http://wiki.eits.uga.edu/help/index.php/SendFiles) to ensure adequate encryption.
  5. The contracting vendor and employees will remain responsible for enforcing the rules of the contract.  (Example: If the UGA Alumni Association contracts with an outside vendor then they (the Alumni Association) will run the updated query when needed and provide the information.  The Alumni Association will also ensure the vendor is adhering to the terms of the agreement in use and destruction of information).