Policies and Procedures

The following disclosures and statement are provided in compliance with Regulation E and 12 CFR § 205.7.

On this page:

Privacy Statement

Commitment to Individual Privacy

Wright State University is committed to protecting the privacy and accuracy of confidential information submitted by employees, students, and visitors to our Web site. We do not actively share personal information gathered. However, because Wright State University is a public institution, some information collected from the Wright State University Web site may be subject to the Ohio Public (Open) Records Act. Thus, in some cases we may be compelled by law to release information gathered from our Web servers. This may include server log information, e-mail messages sent to an individual identified on the Web site, and information collected from Web-based forms.

Ohio Public (Open) Records Act (O.R.C. 149.43)

It is the policy of Wright State University to strictly adhere to the state’s Public Records Act.  All records of Wright State University, regardless of the format or medium of the records, are public unless they are specifically exempt from disclosure under the Ohio Revised Code.  A copy of the policy is available at: https://policy.wright.edu/policy/12210-public-records-policy

Family Educational Rights and Privacy Act (20 U.S.C. §1232g)

Wright State University also complies with the Family Educational Rights and Privacy Act (FERPA), which generally prohibits the release of students' education records without consent.  FERPA only applies to currently enrolled students. For more information on FERPA please refer to the General Policies and Procedures of the Wright State University Student Handbook.  A copy of the policy is available at:  https://policy.wright.edu/policy/3010-student-privacy-and-release-educat...

Information Collection

It is Wright State University's policy to collect the least amount of personally identifiable information required to fulfill its required duties and responsibilities, to complete a particular transaction or as required by law. This policy applies to the collection of all personally identifiable information, regardless of the source or medium.

For site administration functions, information, other than personal information linked to a particular individual, is collected for analysis and statistical purposes of Web site navigation. This information is used to help diagnose problems, assess what information is of most interest, determine technical design specifications, identify system performance and/or problem areas, and other administration functions.

You may choose whether or not to provide personal information to Wright State University via the Internet. If you choose not to provide the personal information we request, you can still visit most of Wright State University's Web sites, but you may be unable to access certain options, offers, and services that involve our interaction with you.


Wherever your personal information may be held within Wright State University or on its behalf, we intend to take reasonable steps to protect the information that you share with us from unauthorized access or disclosure.

Browser Cookies

Some of our Web pages utilize "cookies." A "cookie" is a small text file that may be used, for example, to collect information about Web site activity. Some cookies may serve to recall personal information previously indicated by a Web user. Cookies created by Wright State University Web pages cannot be read by a third party. Most browsers allow you to control cookies, including whether or not to accept them and how to remove them. You may set most browsers to notify you if you receive a cookie, or you may choose to block cookies with your browser.

Tracking Technologies

Tracking technologies may record information such as Internet domain and host names; Internet protocol (IP) addresses; browser software and operating system types; clock stream patterns; and dates and times that our site is accessed. Our use of tracking technologies allows us to analyze trends and statistics to improve our Web site and your Web experience. Data used from tracking technologies is not linked to Web users' personal information.

Third Party Services

On Wright State University's behalf, third parties may provide certain services available on Wright State University Web sites. Wright State University may provide information, including personal information, collected on the Web to third-party service providers to help us deliver programs, products, information and services. Service providers are also an important means by which Wright State University maintains its Web site and mailing lists. We will take reasonable steps to ensure that these third-party service providers are obligated to protect personal information on our behalf.


The information provided in this privacy statement should NOT be construed as giving business, legal, or other advice, or as warranting the security of information provided through this Web site.  Wright State University reserves the right to modify this Privacy Statement at any point in the future.

12 CFR § 205.6: Liability of consumer for unauthorized transfers.

(a) Conditions for liability. A consumer may be held liable, within the limitations described in paragraph (b) of this section, for an unauthorized electronic fund transfer involving the consumer’s account only if the financial institution as provided the disclosures required by § 205.7(b)(1), (2), and (3). If the unauthorized transfer involved an access device, it must be an accepted access device and the financial institution must have provided a means to identify the consumer to whom it was issued.

 b) Limitations on amount of liability. A consumer’s liability for an unauthorized electronic fund transfer or a series of related unauthorized transfers shall be determined as follows:

  (1) Timely notice given. If the consumer notifies the financial institution within two business days after learning of the loss or theft of the access device, the consumer’s liability shall not exceed the lesser of $50 or the amount of unauthorized transfers that occur before notice to the financial institution.

  (2) Timely notice not given. If the consumer fails to notify the financial institution within two business days after learning of the loss or theft of the access device, the consumer’s liability shall not exceed the lesser of $500 or the sum of:

    (i) $50 or the amount of unauthorized transfers that occur within the two business days, whichever is less; and

    (ii) The amount of unauthorized transfers that occur after the close of two business days and before notice to the institution provided the institution establishes that these transfers would not have occurred had the consumer notified the institution within that two-day period.

(3) Periodic statement; timely notice not given. A consumer must report an unauthorized electronic fund transfer that appears on a periodic statement within 60 days of the financial institution’s transmittal of the statement to avoid liability for subsequent transfers. If the consumer fails to do so, the consumer’s liability shall not exceed the amount of the unauthorized transfers that occur after the close of the 60 days and before notice to the institution, and that the institution establishes would not have occurred had the consumer notified the institution within the 60-day period. When an access device is involved in the unauthorized transfer, the consumer may be liable for other amounts set forth in paragraphs (b)(1) or (b)(2) of this section, as applicable.

(4) Extension of time limits. If the consumer’s delay in notifying the financial institution was due to extenuating circumstances, the institution shall extend the times specified above to a reasonable period.

(5) Notice to financial institution. (i) Notice to a financial institution is given when a consumer takes steps reasonably necessary to provide the institution with the pertinent information, whether or not a particular employee or agent of the institution actually receives the information.

   (ii) The consumer may notify the institution in person, by telephone, or in writing.

   (iii) Written notice is considered given at the time the consumer mails the notice or delivers it for transmission to the institution by any other usual means. Notice may   be considered constructively given when the institution becomes aware of circumstances leading to the reasonable belief that an unauthorized transfer to or from the consumer’s account has been or may be made.

(6) Liability under state law or agreement. If state law or an agreement between the consumer and the financial institution imposes less liability than is provided by this section, the consumer’s liability shall not exceed the amount imposed under the state law or agreement.

[Reg. E, 61 FR 19669, May 2, 1996, as amended at 63 FR 52118, Sept. 29, 1998]