Privacy Policy

KUGradLife Application

Effective Date: December 27, 2025

Version: 1.0

Service Provider: The Graduate School, Kasetsart University

Table of Contents

1. General Information

The KUGradLife application ("Application", "Service", "We") provides information and systems for students and graduates of Kasetsart University. We value the privacy and protection of personal data of our service users.

Service Provider

Institution: Kasetsart University
Department: The Graduate School
Address: P.O. Box 1104, Chatuchak, Bangkok 10903, Thailand
Phone: +662-942-8445-9
Email: fgra@ku.ac.th

2. Information We Collect

2.1 Information from KU All Login System

When you log in through KU All Login, we receive the following information:

  • Identity Information: Student/Personnel ID, First Name, Last Name
  • Academic Information: Faculty, Department, Academic Status
  • Contact Information: Email from KU system
  • Authentication Information: Login tokens

2.2 Information from GradLife API

The application displays information from GradLife API, which includes:

  • Student Information: Academic records, enrollment status, degree progress
  • Academic Performance: GPA, course completions, academic achievements
  • Educational History: Previous degrees, academic milestones
  • Student Services: Library usage, dormitory information, scholarship records
  • Contact Information: Information provided by students in the system
  • Statistical Data: Aggregated data about student demographics and academic trends

2.3 Application Usage Data

  • Access Logs: Login times, IP addresses
  • Usage Data: Pages visited, frequency of use
  • Device Information: Device type, browser, operating system

3. Purpose of Data Use

3.1 Core Services

  • Display student information and academic statistics
  • Provide search and reporting services for student data
  • Authenticate users through KU All system

3.2 Service Development and Improvement

  • Analyze usage patterns to improve the application
  • Fix technical issues and bugs
  • Develop new features based on user needs

3.3 Security Maintenance

  • Prevent unauthorized access
  • Monitor and prevent abnormal usage patterns

4. Data Sharing

4.1 No Data Sales

We do not sell, trade, or rent your personal information to third parties.

4.2 Necessary Sharing

Data may be shared in the following cases:

  • Internal University Departments: For academic and administrative purposes
  • Legal Requirements: When ordered by relevant government agencies
  • Technical Service Providers: Only as necessary for service provision under confidentiality agreements

5. Data Security

5.1 Security Measures

  • Data Encryption: Data is encrypted both in transit and at rest
  • Access Control: Authentication systems and access rights management
  • Data Backup: Backup systems and data recovery procedures
  • System Monitoring: Regular security audits and system updates

5.2 Data Storage

  • Data is stored on highly secure server systems
  • Regular data backups to prevent data loss

6. User Rights

As a data subject, you have the following rights:

  • Right to Access Data: Request to view personal data we maintain
  • Right to Correct Data: Request correction of inaccurate or outdated information
  • Right to Delete Data: Request deletion when data is no longer necessary
  • Right to Object: Object to data processing when you disagree
  • Right to Data Portability: Request data in a usable format

7. Cookie Usage

7.1 Types of Cookies

  • Essential Cookies: For basic application functionality
  • Authentication Cookies: Store login status
  • Analytics Cookies: To improve usage performance

7.2 Cookie Management

You can set your browser to reject cookies, but this may affect application functionality.

8. Data Retention

8.1 Retention Periods

  • Login Data: Retained during usage sessions
  • Student Data: Retained according to university regulations
  • Usage Logs: Retained for 1 year for security purposes

8.2 Data Deletion

Data will be securely deleted when no longer necessary.

9. External Service Integration

9.1 KU All Login System

The application uses KU All Login system for authentication. Please read the KU All Login privacy policy separately.

9.2 GradLife API

Displayed data comes from GradLife API, which follows the university's data protection policies.

10. Data Breach Notification

In case of a security data breach, we will:

  • Notify relevant authorities within 72 hours
  • Notify affected users
  • Take corrective action and prevent recurrence

11. Policy Changes

11.1 Change Notifications

We may update this policy periodically. Changes will take effect immediately upon announcement.

11.2 Notification Methods

Important changes will be communicated through:

  • In-app notifications
  • Email to users
  • Website announcements

12. Contact Information

For Questions About This Policy

Responsible Department: The Graduate School, Kasetsart University
Address: P.O. Box 1104, Chatuchak, Bangkok 10903, Thailand
Email: privacy@ku.ac.th
Phone: +662-942-8445-9

For Rights Requests

Email: dataprotection@ku.ac.th
Alternative Email: fgra@ku.ac.th
Phone: +662-942-8445-9
Online Form: Available through KU Portal

For Security Issues

Email: security@ku.ac.th
Graduate School Email: fgra@ku.ac.th
Emergency Phone: +662-942-8445-9

13. Applicable Laws

This policy complies with:

  • Personal Data Protection Act B.E. 2562 (2019)
  • Kasetsart University Regulations on Personal Data Protection
  • University Information Security Policies

15. Student-Specific Provisions

15.1 Educational Records

  • Academic transcripts and grades are handled with special care
  • Access to academic records is limited to authorized personnel only
  • Students can request copies of their academic records

15.2 Directory Information

  • Basic directory information may be shared within the university community
  • Students can opt-out of directory information sharing
  • Sensitive academic information requires explicit consent

15.3 Research and Analytics

  • Anonymized student data may be used for institutional research
  • Individual student identification is removed from research data
  • Participation in research analytics is voluntary

15.4 Data Subject Under 18

  • For students under 18, parental consent may be required
  • Parents can access their minor child's educational records
  • Special protection measures apply to minors' data

Note: This policy is written based on personal data protection principles and transparency in data use.

Last Updated: December 27, 2025