Data Privacy Policy

1.0 Purpose

This policy describes how  JB International (JBI) collects and uses your personal data during your use and licensing of the Trilby Suite software application.

2.0 Scope

The policy applies to all users of the Trilby Suite desktop and web applications including but not limited to international office staff, departmental hiring contacts, scholars, employees, their dependents, and 3rd party authorizers.

2.1 Definitions

‘JBI’ ,  refers to “JB International” who is the licensor,  provider and maintainer of the Trilby Suite software solution.

‘personal data’, refers to any recorded information that is about you and from which you can be identified. It does not include data where your identity has been removed (anonymous data).

‘technical data’, means any recorded information that is being generated automatically by your visit and actions in our software. This data is anonymous and is not linked with your personal data.

‘user data’, means any data submitted or entered by any users into the Trilby Suite software solution, including personal and technical data.

‘processing’ of your user data refers to anything that JBI does with that information, including collection, use, storage, disclosure, deletion or retention.

‘affiliated institution’, refers to the university, institution or organization with which you are affiliated who is using the Trilby Suite solution to collect and process your user data.

3.0 Policy

3.1 Who is Using Your Personal Data?

JBI does not use, collect, track, measure, or share any personal data about its users for its own purposes. JBI shall process all entered user data via the Trilby Suite software solution solely for the benefit of the affiliated institution.

3.2 How User Data is Used

Any data held in the Trilby Suite software solution is entered by users voluntarily for governmental reporting and case management purposes in adherence to federal and state immigration regulations. JBI shall not directly access user data except where required or authorized by law. 

3.3 Controlled User Data Access Measures

Access by JBI staff to user data within the Trilby Suite software solution is contractually restricted and prohibited, except where required or authorized by law, or where access is granted by the Affiliated Institution to conduct product support or other contract work as agreed upon.  Enforcement of this user data access policy includes reasonable technical measures put in place to severely limit or prevent access of user data by JBI staff. Where access is approved or required, access will be logged for auditing purposes.

3.4  Where and How is User Data Stored?

User data, and any backup copy of it, is stored at rest in a twice encrypted,  secure database that drives the Trilby Suite software solution. This database is housed in an environment maintained and operated by U.S. based employees within the Microsoft Azure US Government Cloud, where it is geographically locked to the continental United States of America.

JBI will use commercially reasonable security procedures that are designed to maintain an industry-standard level of security and prevent unauthorized access to, modification of, and/or disclosure of user data in the possession or control of JBI. While JBI uses commercially reasonable practices to ensure that user data is used and disclosed in accordance with applicable privacy practices and law, JBI cannot warrant or guarantee that user data will always remain secure due to transmission errors, unsecured third party networks, outside events, third party hacking or other causes.  JBI will comply with all privacy laws and make any legally required disclosures  regarding breaches of the security, confidentiality, or integrity of personal user data consistent with its ability to determine the scope of a breach and its obligations to law enforcement.

3.5 Does JBI Share Data with 3rd Parties?

JBI shall not share any user data except where authorized by the affiliated institution or required or authorized by law. 

3.6 User Data Retention

JBI will only retain user data for as long as necessary to process and meet the needs of the affiliated institution.

3.7 GDPR Compliance

The affiliated institution’s policies and practices around requests for data or requests to adjust data under the GDPR guidelines should be referred to since JBI does not directly handle nor process user data. JBI provides a place on the affiliated institution’s front facing Trilby Suite web app portal to link to their data privacy policies. For users that have not received any benefit from the US government, JBI provides a tool for data redaction that can be applied on a case-by-case basis at the determination of the affiliated institution office staff. 

The baseline from Trilby Suite will adhere to retention requirements from SEVP, USCIS, and DOL with additional capacity for an affiliated institution to extend those retention requirements to meet their own state and institution data retention policies no later than version 2.0. Please note that some non-identifiable data may be maintained after disposal to support ongoing analytics for the system and the international office. 

4.0 Enforcement

Any substantive changes to this policy must be also made to the public posting of this policy (https://trilbysuite.com/privacypolicy), and immediately communicated via email to the affiliated institutions in use of the Trilby Suite software solution.

Any employee found to have violated this policy may be subjected to disciplinary action in line with the HR policy.

5.0 Revision History

Revised On: 4/10/2024

Version: 1.1

Description: GDPR Language Inclusion

Approved By: Chief Operating Officer