Birmingham, AL 35206, USA
(205) 202-8400

Application Privacy Policy

Priority Software® Application Privacy Policy

1. Introduction

This Application Privacy Policy (“Policy”) describes how Priority Software, Inc. (“we,” “us,” or “our”) collects, uses, shares, and safeguards personal information collected from users (“you” or “users”) of our software application (“Application”). Application is only inclusive of the following Priority Software applications and add-on modules:

  • Priority Software® API
  • Priority Software® BA
  • Priority Software® FBS and all add-on modules
  • Priority Software® GL

Please contact us for the Application Privacy Policy for any other Priority Software® applications which you have licensed.

By accessing or using our Application, you consent to the practices described in this Policy.

2. Information We Collect

2.1 Required Personal Information

We collect and store the following personal information:

  • Full name
  • Email address
  • Unique identifier (UID) provided by your institution
  • IP address

2.2 Optional Information

We may collect the following optional information if you choose to provide it:

  • Mobile phone number (for text notifications only if you opt-in)
  • Any information you voluntarily submit in comments, notes, or other free-text fields

2.3 Information We Do Not Collect and Limited Educational Data

We do not intentionally collect sensitive personal information such as:

  • Government identification numbers
  • Financial account information
  • Health information
  • Student grades or academic performance data
  • Other sensitive data

We may receive and store limited educational data such as:

  • Student classification (e.g., freshman, sophomore, post-graduate, etc.)
  • Course enrollment information when provided by your institution for educational uses of our Application

This limited educational data is used solely to provide appropriate access and functionality within our Application, to categorize users for reporting purposes, and to enable educational activities as directed by your institution.

2.4 Priority Software® Application Information

Our BA application collects and processes limited financial information related to university employees, including:

  • Salary information as it relates to funding sources and accounts
  • Allocation of funds across different funding sources
  • Financial forecasting data

This information is collected and processed solely for legitimate business purposes such as:

  • Managing account funding sources
  • Tracking financial distributions
  • Creating burn rate forecasts
  • Providing financial reporting to authorized university personnel

We do not collect or store bank account details, benefits information, or other sensitive financial data in this module.

Please be aware that if you include any sensitive information in optional free-text fields, it will be processed according to this Policy.

3. How We Use Your Information

We use the collected information for the following purposes:

  • To provide and maintain our Application services
  • To manage user accounts, permissions, and roles
  • To communicate with you regarding service usage, alerts, and critical information
  • To fulfill requested services and process transactions
  • To audit system usage and ensure security
  • To comply with legal obligations

4. Data Retention and Security

We retain your personal information for as long as necessary to fulfill the purposes outlined in this Policy, unless a longer retention period is required by law. We implement appropriate technical and organizational measures to protect your personal information.

5. Third-Party Sharing

We may share your personal information only under the following limited circumstances:

  • With your educational institution, solely to support authorized educational activities and ensure the proper functioning of the Application. The shared information is limited to what is already accessible to you within the Application, specifically:
    • Your full name
    • Email address
    • UID (unique identifier)
    • Student classification (e.g., freshman, post-graduate, etc.)
    • Optional mobile phone number (if provided)
    • Course enrollment data (only if your institution has supplied it)
  • With service providers who assist us in delivering and maintaining the Application (e.g., cloud infrastructure, analytics, support). These providers are contractually obligated to handle your information securely and only for the purposes we specify.
  • With government authorities or third parties when required to do so by law or regulation or to prevent fraud, abuse, or security threats.

We do not sell, rent, or provide your personal information to third parties for advertising or marketing purposes.

 

6. Cookies and Tracking

Our Application uses session cookies to maintain state information during your browsing session. These cookies are temporary and are deleted when you close your browser. We may also use cookies for authentication, security, and functionality purposes. We do not use third-party cross-site tracking cookies in our Application.

7. FERPA Compliance

7.1 Academic Position Information

Our Application might receive and store information about your academic position (such as Student, Teaching Assistant, Professor, Staff) which may be provided by your institution through their Single Sign On (SSO) authentication systems. This information:

  • Is used to assign appropriate permissions and roles within our system
  • May be included in reporting functionality
  • Is shared across facilities within the same area
  • Helps identify requestors within the system

7.2 Students with FERPA Blocks

If you are a student who has placed a FERPA block on your educational records:

  • Your institution may still provide us with your personal information when you use our Application
  • By using our Application, you consent to our collection and use of your information as described in this Policy
  • This consent applies only to our Application and does not affect your FERPA rights for other purposes
  • Without this consent, you may not be able to fully utilize our Application’s features

7.3 Course Enrollment Data

When universities use our Application for classroom activities:

  • Limited course enrollment information may be provided to our Application
  • This information is used solely to enable educational activities such as equipment scheduling or job submission
  • We do not collect grades, academic performance data, or student educational level information

7.4 Institutional Responsibility

Educational institutions are responsible for:

  • Informing students with FERPA blocks about data sharing with our Application
  • Obtaining appropriate consent before sharing student information
  • Ensuring compliance with FERPA regulations
  • Providing only necessary educational data required for our Application’s functionality

8. International Users and Compliance

8.1 California Residents (CCPA/CPRA)

If you are a California resident, you have specific rights regarding your personal information under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA), including:

  • The right to know what personal information we collect
  • The right to delete your personal information (with certain exceptions)
  • The right to opt-out of the sale of your personal information (though we do not sell your information)
  • The right to non-discrimination for exercising your rights

8.2 European Users (GDPR)

If you are in the European Economic Area (EEA), you have additional rights under the General Data Protection Regulation (GDPR), including:

  • The right to access your personal data
  • The right to rectification of inaccurate personal data
  • The right to erasure of your personal data
  • The right to restrict the processing of your personal data
  • The right to data portability
  • The right to object to the processing of your personal data
  • Rights regarding automated decision-making and profiling

Our legal basis for processing your personal data includes: consent, contractual necessity, and legitimate interests as described below:

Personal DataDescription / PurposeLegal Basis Under GDPR
UID (from institution SSO)Used to uniquely identify users and manage system accessContractual necessity– to deliver core functionality of the Application
First Name / Last NameUsed to personalize the user experience, identify accounts, and support communicationContractual necessity and Legitimate interest to operate the service and ensure appropriate identification
Email AddressUsed for login, notifications, service updates, and security alertsContractual necessity –required to fulfill service obligations
Mobile Phone Number (optional)Used only if the user opts in for text alertsConsent explicitly provided by the user
IP Address (Institutional IP or provided contact)Used for system security, access logging, and compliance auditingLegitimate interest securing systems, and compliance with institutional requirements
Student Classification (e.g., freshman, grad)Used to enable educational features and reporting by institutionLegitimate interest and Contractual necessity – based on institutional usage of the Application
Course Enrollment Info (limited)Used only if provided by the institution for class-related activitiesContractual necessity – to enable educational use as requested by the institution
Salary + Fringe Funding (BA Only)Used for financial management, burn rate forecasting, and allocation tracking across funding sourcesLegitimate interest and Contractual necessity – to deliver core functionality of the Application, and for financial planning and management purposes
Employee AffiliationUsed to assign appropriate access, permissions, and role-based features within the applicationLegitimate interest and Contractual necessity – supports role management and system integrity
Academic Title (e.g., Professor, TA)Used for permissions, visibility in reports, and identification in academic workflowsLegitimate interest – facilitates educational operations and appropriate feature access

8.3 Data Storage and Transfers

Our Application data is stored in AWS data centers located in Virginia and Oregon, United States. If you are outside the United States, your information may be transferred to, stored, and processed in a country with different data protection laws.

9. Communication Preferences

9.1 Email Communications

By using our Application, you consent to receive email communications relating to:

  • Account notifications
  • Service announcements
  • System alerts
  • Critical safety information

9.2 Text Message Communications

We will only send text messages to your mobile phone if:

  • You have provided your mobile phone number
  • You have explicitly opted-in to receive text messages
  • You understand that standard message and data rates may apply

You may opt-out of text messages at any time through your Application settings.

10. Your Choices and Rights

You may have the right to:

  • Access and update your personal information
  • Request pseudonymization of your personal information
  • Opt-out of certain communications
  • Withdraw consent (where processing is based on consent)

10.1 Data Deletion and Audit Trail Requirements

When you request deletion of your personal information, we will take appropriate steps to remove your identifiable information from our active systems while maintaining our audit trail  requirements:

  • For completed transactions, activities, or submissions in our system, we may pseudonymize your information (replacing identifiable details with non-identifiable placeholders) rather than completely deleting it
  • This approach maintains the integrity of our audit trail for security, legal, and operational purposes. We retain minimal pseudonymized data necessary for these legitimate purposes in accordance with exemptions provided under applicable privacy laws.

For legal and security reasons, we may need to retain certain information about your account and activities in our systems in pseudonymized form. This serves legitimate business and security interests related to maintaining system integrity, security, and audit trails as permitted under GDPR Article 17(3) and CCPA exemptions.

To exercise these rights, please contact us using the information provided below.

11. Changes to This Policy

We may update this Policy to reflect changes in our practices or for other operational, legal, or regulatory reasons. We will notify you of any material changes through the Application or via email.

12. Contact Us

If you have questions, concerns, or requests regarding this Policy or our privacy practices, please contact us at:

Priority Software Privacy Team

Copyright © 2024, Priority Software, Inc. "Priority Software" is a Registered Trademark of Priority Software, Inc.