Bank of America-eCornell Privacy Policy

Last Updated: August 7, 2018

Privacy Policy for students enrolling in Certificate Program offered by eCornell through the Bank of America Institute for Women’s Entrepreneurship at Cornell


The purpose of this Privacy Policy is to describe how eCornell collects, uses, and shares information about you through our U.S. sites, including, and (hereafter referred to as “our Sites”). Please read this notice carefully to understand what personal data we collect and what we do with that data. If you have questions regarding any aspect of our Privacy Policy, contact us at

Tower Innovative Learning Solutions, Inc. (d.b.a. eCornell) is a New York corporation with a principal place of business at 950 Danby Road, Ithaca, NY 14850. If you reside or are located in the European Union (“EU”) eCornell is the data controller of all Personally Identifiable Information (as defined below) collected by eCornell’s Sites.

Information Covered by this Privacy Policy

This Privacy Policy covers information we collect from you through our Sites. Some of our Sites’ functionality can be used without providing any personal information but for many features or services related to our programs, personal information is required. If you do not use these features or services on the Sites, we will collect only Non-Personal Information (information that cannot be used to identify you). Non-Personal Information includes information such as web pages you have viewed. To enroll in a course, certificate series, or webinar access through our Sites, you will need to provide Personally Identifiable Information (information that can be used to identify you). Personally Identifiable Information includes information such as your name and email address, and other things.

The Information eCornell and Cornell Collect

eCornell and Cornell collect two kinds of information from you on our Sites:

Non-Personal Information: Our Sites recognize and record certain non-personal information, including the name of the domain and host from which you access the Internet (for example, or; the Internet protocol (IP) address of the computer you are using; the browser software you use and the operating system; the date and time you access the Site; and the Internet address of the web site from which you linked directly to this site.

We also use cookies to identify repeat visitors, and ascertain the type of content and sites to which a user of our Sites link, and the length of time each user spends at an area of our Sites. Cookies are small files which are stored on a user’s computer. They are designed to hold a modest amount of data specific to a particular website, and can be accessed either by the web server or the client computer. Cornell’s and eCornell’s cookies are not used to retain Personally Identifiable Information.

Personally Identifiable Information:  If you register for an eCornell program, including the program offered by the Bank of America Institute for Women’s Entrepreneurship at Cornell, you will be required to provide enrollment information that we process for your student account. Cornell and/or eCornell may collect Personally Identifiable Information that you provide when you register for an account, update or change information for your account, purchase our programs, request additional information, send us email messages, and/or participate in our programs or other services on our Sites. We may use the Personally Identifiable Information to respond to your inquiry, provide you access to the program you’ve purchased, and/or send you updates about your program.

eCornell and/or Cornell may collect personally identifiable information from you when you:

Request Info:  When you request additional info from eCornell and/or Cornell, you will be required to provide us with Personally Identifiable Information such as your name and email address.

Purchase program access:  If you purchase access to or otherwise enroll in an eCornell program, you will be required to provide us with Personally Identifiable Information such as your name and email address.

Participate in programs:  When you participate in an online program, you may be asked to provide us with some information necessary to conduct such a course. This information may include, among other things, your name and email address, and basic information about your business.

If you participate in an online program, we may collect your student-generated content, such as assignments you submit to program instructors and comments you make in the program’s online forums. Cornell and eCornell may also collect course data, such as student responses to quizzes, exams, and surveys.

Communications with Cornell and eCornell:  We may receive Personally Identifiable Information when you send us an email message or otherwise contact us.

How eCornell and Cornell Use the Information We Collect

Your data is used to fulfill your registration and provide you the services you requested. The data may also be used to provide you personalized content, deliver features to enable you to interact with others, and communicate about, improve, or troubleshoot the products or services being provided. We may also use the data to evaluate and conduct research about the program and its students, but will only do so in ways that preserve the anonymity of individual students.

We use the data we collect from you to:

  • Fulfill your order
  • Send you an order confirmation
  • Send you requested program information
  • Enable you to participate in program discussions and assignments
  • Send product updates
  • Respond to customer service requests
  • Administer your account
  • Deliver certificates of completion
  • Evaluate the program and conduct aggregated research

As is true of most Web sites, we automatically gather information about your computer such as your IP address, browser type, referring/exit pages, and operating system.

We do not sell, trade, or rent your personal information to others. eCornell and Cornell may share certain of your registration information with one another, and may use it as a part of your enrollment in programs offered through eCornell. We may release account information when we believe, in good faith, that such release is reasonably necessary to (i) comply with law, (ii) enforce or apply the terms of any of our user agreements or (iii) protect the rights, property or safety of eCornell, Cornell, our users, or others. We may also release information to your employer, if your enrollment is through a corporate agreement and disclosure is needed to comply with the employer’s request for information, and to any third party administrator, if your enrollment is through this third party administrator and disclosure is needed to comply with the third party administrator’s request for information. Customer data is retained by eCornell and/or Cornell for as long as necessary to maintain business operations related to customer activities. In the event of bankruptcy or insolvency, all customer data would be destroyed. In the event of a merger, all customer data will be transferred to the new organization/entity.

External Links

For your convenience eCornell courses may provide links to sites operated by providers other than eCornell (“Third Party Sites”). We do not disclose your Personally Identifiable Information to these Third Party Sites without obtaining your consent. We do not endorse and are not responsible for the privacy practices of these Third Party Sites. If you click on a link to one of these Third Party Sites, you should review the privacy policy posted on the other site to understand how that Third Party Site collects and uses your Personally Identifiable Information.

Correcting, Updating and Deleting Your Personal Information

You are responsible for ensuring the accuracy of the personal information you provide to eCornell and Cornell. To review and update your personal information to ensure it is accurate, log on to eCornell’s student portal: You may use the Sites to update incorrect information yourself or email to request updates to your personal information. If you reside in the EEA, you may request that we delete any Personally Identifiable Information which we are holding about you.

For EEA Residents

eCornell participates in and has certified its compliance with the EU-U.S. Privacy Shield Framework. eCornell is committed to subjecting all personal data received from the European Economic Area (EEA), in reliance on the Privacy Shield Framework, to the Framework’s applicable Principles. If there is any conflict between the terms in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield Framework, visit the U.S. Department of Commerce’s Privacy Shield List.

eCornell and/or Cornell may process personal data as either a Processor or as a Controller, as defined in the EU’s General Data Protection Regulation (GDPR), and each may transfer such data outside of the EEA. eCornell and Cornell adhere to the GDPR legal requirements, where applicable, for capturing consent of users for collection of data, securing covered data, and providing a right to be forgotten.

Our privacy policy, as provided above, describes the types of personal information that eCornell and/or Cornell collect, the types of third parties to which we disclose personal data, and the purposes for which we do so. eCornell/or Cornell collect contact and demographic information to respond to requests or to personalize and deliver the services. eCornell /or Cornell transfer this information to third parties acting as an agent on its behalf. eCornell is accountable for the processing of personal data it receives, under the Privacy Shield Framework, and subsequently transfers to a third party. eCornell complies with the Privacy Shield Principles for all onward transfers of personal data from the EEA, including the onward transfer liability provisions.

Residents within the EEA have the right to access certain of the personal information that eCornell /or Cornell maintain, and in some cases, may have the right to correct or amend information that is inaccurate or has been processed in violation of the GDPR and/or the Privacy Shield Principles, to the extent allowed by law. eCornell account holders may access and modify their personal information at any time through eCornell’s student portal: Residents within the EEA may request that we delete any Personally Identifiable Information which we hold about the user.

With respect to personal data received or transferred pursuant to the Privacy Shield Framework, eCornell is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. In certain situations, eCornell may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

Residents within the EEA with inquiries or complaints regarding this Privacy Policy should first contact eCornell at:

If you, as an EEA resident, have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third party dispute resolution provider (free of charge) at Under certain conditions, more fully described on the Privacy Shield website, you may be entitled to invoke binding arbitration when other dispute resolution procedures have been exhausted.

Marketing Communications

You may choose to stop receiving our newsletter or marketing emails by following the unsubscribe instructions included in these emails or you can unsubscribe here.

Third-party Vendors

Third-party vendors, including Google, show eCornell and/or Cornell ads on sites on the internet using cookies to serve ads based on a user’s prior visits to eCornell’s and/or Cornell’s website. We may use analytics data to also inform and optimize ad campaigns based on a user’s prior visits. You may opt out of Google’s use of cookies by visiting the Google advertising opt-out page. In addition, you may also opt out of a third party vendor’s use of cookies by visiting the Network Advertising Initiative opt out page as well as opt out of our use of Google Analytics by visiting the Google Analytics Opt-out page.  eCornell and/or Cornell may have reporting of their aggregate interactions with our ads across the Google Display Network or DoubleClick for Advertisers in conjunction with activity on our site.

Dispute Resolution

If you and eCornell and/or Cornell don’t resolve any dispute by informal negotiation, any other effort to resolve the dispute will be conducted exclusively by binding arbitration. You are giving up the right to litigate (or participate in as a party or class member) all disputes in court before a judge or jury. Instead, all disputes will be resolved before a neutral arbitrator, whose decision will be final except for a limited right of appeal under the Federal Arbitration Act. Any court with jurisdiction over the parties may enforce the arbitrator’s award.

As an exception to the preceding paragraph, disputes between the State of New York and eCornell and/or Cornell shall be governed by and construed in accordance with the substantive and procedural laws of the State of New York, without regard to the conflict of laws and provisions of New York or any other state or jurisdiction. New York shall have exclusive jurisdiction in the event of any litigation.

Feedback, Questions, or Complaints

If you have privacy-related feedback, questions, or complaints you may contact eCornell at

If you reside within the EEA, our Privacy Team can assist with all queries regarding our processing of personal data at

If you reside within the EEA, you may file a complaint to a supervisory body for data protection matters or seek a remedy through local courts if you believe that your rights have been breached.

Cornell and eCornell Privacy Matters

You may view the general Cornell Privacy Notice at:

You may view the general eCornell Privacy Policy at:

Changes to the Privacy Policy

eCornell or the Bank of America Institute for Women’s Entrepreneurship at Cornell may change this Privacy Policy from time to time. If we make any changes to this Privacy Policy, we will change the “Last Updated” date above and provide links to previous versions of the Privacy Policy so you can see what we’ve changed.