kite+key, Rutgers Tech Store, (“kite+key”), respects your privacy and is committed to helping protect it. We use the information we collect responsibly, to make purchases at kiteandkey.rutgers.edu possible, and to improve your overall experience. We do not sell, trade, or rent your personal information to others. We may choose to do so in the future with trustworthy third parties but only with your permission.
1. Policy Statement
This policy outlines the standards for acceptable use of university computing and information technology resources, which include, but are not limited to, equipment, software, networks, data, and stationary and mobile communication devices whether owned, leased, or otherwise provided by Rutgers University.
2. Reason for Policy
Preserving access to information technology resources is a community effort that requires each member to act responsibly and guard against abuses. Therefore, both the community as a whole and each individual user have an obligation to abide by the standards established here for acceptable use.
3. Who Should Read This Policy
All who enter the kiteandkey.rutgers.edu website including but not limited to members of the Rutgers University community.
4. Related Documents
Identity Theft Compliance Policy, Section 50.3.9 Copyright Policy, Section 50.3.7 RU Secure Website: http://rusecure.rutgers.edu
Public Access for Government Records: http://records.rutgers.edu
Information Protection and Security, OIT, 732-445 8011
ACCEPTABLE USE POLICY FOR COMPUTING AND INFORMATION TECHNOLOGY
It is the policy of Rutgers University to maintain access for its community to local, national and international sources of information and to provide an atmosphere that encourages the free exchange of ideas and sharing of information. Nevertheless, Rutgers reserves the right to limit or restrict the use of its computing and information technology resources based on applicable law, institutional policies and priorities, and financial considerations. Access to the university’s information technology resources is a privilege that requires each member to act responsibly and guard against abuses. Therefore, both the community as a whole and each individual user have an obligation to abide by the following standards of acceptable use.
This policy outlines the standards for acceptable use of university computing and information technology resources, which include, but are not limited to, equipment, software, networks, data, and stationary and mobile communication devices owned, leased, or otherwise provided by Rutgers University.
This policy applies to all users of Rutgers computing and information technology resources. This includes but is not limited to, faculty, staff, students, guests, and external individuals or organizations.
B. User Responsibilities:
1. Each user may use only those computing and information technology resources for which he or she has authorization. Violations include but are not limited to:
- using resources without specific authorization
- using another individual’s electronic identity without appropriate authorization
- accessing files, data or processes without authorization
2. Computing and information technology resources must be used only for their intended purpose(s). Violations include but are not limited to:
- misusing software to hide personal identity, or to interfere with other systems or users
- misrepresenting a user’s identity in any electronic communication (e.g., forging an e-mail address)
- using electronic resources for deceiving, harassing or stalking other individuals
- sending threats, “hoax” messages, chain letters, or phishing
- intercepting, monitoring, or retrieving without authorization any network communication
- using university computing or network resources for advertising or other commercial purposes
- circumventing or attempting to circumvent security mechanisms
- using privileged access to university systems and resources for other than official duties directly related to job responsibilities
- making university systems and resources available to those not affiliated with the university
- using former system and access privileges after association with Rutgers has ended
3. The access to and integrity of computing and information technology resources must be protected. Violations include but are not limited to:
- creating or propagating computer viruses, worms, Trojan Horses, or any other malicious code
- preventing others from accessing an authorized service
- developing or using programs that may cause problems or disrupt services for other users
- degrading or attempting to degrade performance or deny service
- corrupting or misusing information
- altering or destroying information without authorization
4. Applicable laws and university policies must be followed including, but not limited to, respecting the copyrights and intellectual property rights of others. Violations include but are not limited to:
- making more copies of licensed software than the license allows
- downloading, using or distributing illegally obtained media (e.g., software, music, movies)
- operating or participating in pyramid schemes
- uploading, downloading, distributing or possessing child pornography
- accessing, storing or transmitting personal information (e.g., social security numbers, driver’s license numbers, credit card numbers) without a valid business or academic reason or transmitting such information without using appropriate security protocols (e.g., encryption).
5. Users must respect the privacy and personal rights of others. Violations include but are not limited to:
- Accessing, attempting to access, or copying someone else’s electronic mail, data, programs, or other files without authorization
- Divulging sensitive personal data to which users have access concerning faculty, staff, or students without a valid business or academic reason.
Although computing and information technology providers throughout the university are charged with preserving the integrity and security of resources, security sometimes can be breached through actions beyond their control. Users are therefore urged to take appropriate precautions such as safeguarding their account and password, taking full advantage of file security mechanisms, backing up critical data and promptly reporting any misuse or violations of this policy.
The university recognizes that all kite+key website users including but not limited to members of the university community have an expectation of privacy for information in which they have a substantial personal interest. However, this expectation is limited by the university’s needs to obey applicable laws, protect the integrity of its resources, and protect the rights of all users and the property and operations of the university. The university reserves the right to examine material stored on or transmitted through its information technology facilities if there is reason to believe that the standards for acceptable use in this policy are being violated, or if there is reason to believe that the law or university policy are being violated, or if required to carry on its necessary operations. Reasonable efforts will be made to notify the user of the need for access to information in which he or she has a substantial personal interest stored on or transmitted through the university’s computing and information technology resources unless prohibited by law, inconsistent with university policy, or inconsistent with the university carrying out its normal operations. For example, information stored on the university’s information technology system may be accessed by the university under certain circumstances, including but not limited to:
1. Access by technicians and administrators to electronic records in order to address emergency problems, routine system maintenance, or other uses related to the integrity, security and availability of the university’s information technology systems, including but not limited to:
- Emergency Problem Resolution – Technicians may access technical resources when they have a reasonable belief that a significant system or network degradation may occur.
- System-generated, Content-neutral Information – Technicians may access and use system-generated logs and other content-neutral data for the purposes of analyzing system and storage utilization, problem troubleshooting, and security administration.
- Incident Response – The incident response function within the university Information Protection and Security Office (IPS) is responsible for investigating reports of abuse or misuse of university information technology resources. Incident response staff may use system-generated, content-neutral information for the purposes of investigating technology misuse incidents.
- d. Network Communications – Security analysts of the university Information Protection and Security Office (IPS) may observe, capture, and analyze network communications. “Network communications” may contain content data and in some cases this content may be viewed to complete analysis.
- User Request – Technicians may access information technology resources in situations where a user has requested assistance diagnosing and/or solving a technical problem.
2. Information requested pursuant to New Jersey Open Public Records Act which requires disclosure of electronic communication and other data on the university system subject to the exemptions within that Act. Such access is approved through the Office of the University Custodian of Records and all reasonable efforts are made to notify the user in question prior to the release of such information.
3. Information required to comply with a valid subpoena, a court order or e-discovery. Such access is approved through the Office of General Counsel.
4. Audits and investigations undertaken by governmental entities or by university auditors including the Department of Internal Audit, or other university units authorized to carry out university policy.
5. The need of the university to carry on its normal operations (e.g., in the case of accessing the electronic records of a deceased, incapacitated or unavailable individual).
D. Technician and System Administrator Responsibilities:
Technician and System Administrators and providers of university computing and information technology resources on both the central and local (unit/departmental) level, have the additional responsibility of ensuring the integrity, security, and availability of the resources they are managing. Persons in these positions are granted significant trust to use their privileges appropriately for their intended purpose. Technicians and Systems Administrators will not override systems protections unless necessary, and will treat the contents of those systems as private information to the extent possible. Any private information viewed in the course of carrying out these duties must be treated in the utmost confidence.
1. Violators are subject to suspension or termination of system privileges and other penalties.
2. If a suspected violation involves a student, a judicial referral may be made to the Dean of Students Office of the school or college of the student’s enrollment. Incidents reported to the Dean will be handled through the University Code of Student Conduct.
3. If a suspected violation involves a staff or faculty member a referral may be made to the individual’s supervisor for possible disciplinary action.
5.1.1 COLLECTION OF YOUR INFORMATION
To process your purchases and to notify you of your order status, we need to know your name, email address, credit card number, expiration date, and security code. However, we do not store any of your credit card information. We make every effort to save you time and make your shopping experience more convenient by using your orders and your stated preferences to make recommendations about items that might be of interest to you. We are also constantly seeking to improve the layout and operation of kiteandkey.rutgers.edu based on the areas people visit, enjoy and use most. We may occasionally wish to notify you about important changes to kiteandkey.rutgers.edu, new services and special offers we think you might find valuable.
When you place orders, the information is sent via a secure connection that protects all the information you send to us so that it cannot be read as it travels over the Internet. Once your information arrives safely at kiteandkey.rutgers.edu, it is carefully stored and protected against unauthorized access.
kite+key not sell, trade, or rent your personal information to outside parties. If we were to decide to do so with reputable third parties in the future, we would ask you first for your permission to do so. Our only motivation for sharing information with reputable third parties would be to provide you with more and better services and opportunities. Kite+key ay provide combined, general statistics about our customers, sales, usage patterns and related information to reputable third parties, but these statistics will include no personal identifying information.
5.1.2 CHILDREN’S GUIDELINES
kite+key does not specifically target its online services to children under the age of 13. If you are under the age of 13, you may use our website only under the supervision of a parent or guardian. Please note that our site may contain links to content providers that collect information from children under the age of 13. We have no control over such content providers and are not responsible for the privacy practices or the content of other websites. Because the Internet offers open access to a wide range of information, it is important that parents supervise and prevent access to inappropriate content, email or chat sessions.
“Cookies” are small pieces of information that are stored by your browser on your computer. We added this optional feature to enable you to order more quickly. Cookies are not required in order for you to make purchases at kiteandkey.rutgers.edu, however they do enhance the user experience. In addition, most web browsers can automatically store cookies on your computer, but you can usually change your browser to prevent it. We guarantee that whatever you decide about cookies and/or the convenience features we offer, you will always be able to browse and order from kiteandkey.rutgers.edu quickly and easily.
Implied Acceptance of Terms through Use
Copyright and Trademark Notice
This website is owned and operated by kite+key. Unless otherwise specified, all materials appearing on this website, including the text, site design, logos, graphics, icons and images, as well as the selection, assembly and arrangement thereof, are the sole property of kite+key or used under license. The contents of this website are available to you only for personal use, and may not be reproduced, distributed, adapted or otherwise used without the written permission of kite+key and its licensors. Any unauthorized use of the materials appearing on this website may violate copyright, trademark, service mark or other applicable laws and could result in criminal or civil penalties.
By choosing to access this website from any location, inside or outside the United States, you accept full responsibility for compliance with all applicable laws. You agree that any legal action brought against kite+key shall be governed by the laws of the State of New Jersey without regard to conflict of law principles. You agree that the sole jurisdiction and venue for any litigation arising from your use of this website shall be an appropriate federal or state court located in New Jersey. You agree to use this website only for authorized and legal activities. kite+key reserves the right, at its sole discretion, to terminate your access to all or part of this website, with or without notice and for any reason whatsoever