We are committed to protecting your privacy and making it easier and more efficient for individuals and businesses to interact with us. We recognize that it is critical for individuals and businesses to be confident that their privacy is protected when they visit our Web site. You can travel through most of our Web site without giving us any information about yourself. Sometimes we do need information to provide services that you request, and this commitment of privacy explains our online information practices.
We do not collect any personal information about you unless you provide that information voluntarily by sending e-mail or completing an online form. This policy is consistent with the provisions of the Internet Security and Privacy Act, the Freedom of Information Law, and the Personal Privacy Protection Law.
When visiting our Web site, we automatically collect and store the following information about your visit:
None of the above-mentioned information is deemed to constitute personal information by the Internet Privacy and Security Act . The information that is collected automatically is used to improve the content of our Web site and to help us understand how our users are interacting with our Web site. This information is collected for statistical analysis and to determine what information is of most and least interest to our users. The information is not collected for commercial marketing purposes and we are not authorized to sell or otherwise disclose the information collected from our Web site for commercial marketing purposes.
During your visit to our Web site, you may send e-mail to us. Your e-mail address and the contents of your message will be collected. The information collected is not limited to text characters and may include audio, video, and graphic information formats included in your message. Your e-mail address and the information included in your message will be used to respond to you, to address issues you identify, to improve this Web site, or to forward your inquiry to other campus individuals for appropriate action. Your e-mail address is not collected for commercial purposes and we are not authorized to sell or otherwise disclose your e-mail address for commercial purposes.
During your visit to our Web site, you may complete a transaction through an online form. The information collected by us, including personal information volunteered by you in completing the transaction, is used by us and may be disclosed by us for those purposes that may be reasonably ascertained from the nature and terms of the transaction in which the information was submitted.
We do not knowingly collect personal information from children under the age of 13 or create profiles of children under the age of 13. Users are cautioned, however, that the collection of personal information submitted by e-mail or online form will be treated as though it was submitted by an adult, and may, unless exempted from access by federal or State law, be subject to public access.
The collection of information through out Web site and the disclosure of that information are subject to the provisions of the Internet Security and Privacy Act. We will only collect personal information through our Web site or disclose personal information collected through our Web site if the user has consented to the collection or disclosure of such personal information. The voluntary disclosure of personal information to us by the user constitutes consent to the collection and disclosure of the information by us for the purposes for which the user disclosed the information to us.
However, we may collect or disclose personal information without consent if the collection or disclosure is: (1) necessary to perform our statutory duties, or necessary for us to operate a program authorized by law, or authorized by state or federal statute or regulation; (2) made pursuant to a court order or by law; (3) for the purpose of validating the identity of the user; or (4) of information to be used solely for statistical purposes that is in a form that cannot be used to identify any particular person.
Further, the disclosure of information, including personal information, collected through our Web site is subject to the provisions of the Freedom of Information Law and the Personal Privacy Protection Law. We may disclose personal information to federal or state law enforcement authorities to enforce our rights against unauthorized access or attempted unauthorized access to our information technology assets.
Any user may submit a request to our privacy compliance officer to determine whether personal information pertaining to that user has been collected through our Web site. Any such request shall be made in writing and must be accompanied by reasonable proof of identity of the user. Reasonable proof of identity may include verification of a signature, inclusion of an identifier generally known only to the user, or similar appropriate identification. The address of the privacy compliance officer can be found at the end of this policy.
The privacy compliance officer shall, within five (5) business days of the receipt of a proper request, provide access to the personal information; deny access in writing, explaining the reasons therefore; or acknowledge the receipt of the request in writing, stating the approximate date when the request will be granted or denied, which date shall not be more than thirty (30) days from the date of the acknowledgment.
In the event that we have collected personal information pertaining to a user through our Web site and that information is to be provided to the user pursuant to the user's request, the privacy compliance officer shall inform the user of his or her right to request that the personal information be amended or corrected under the procedures set forth in section 95 of the Public Officers Law.
We are strongly committed to protecting personal information collected through our Web site against unauthorized access, use or disclosure. Consequently, we limit employee access to personal information collected through our Web site to only those employees who need access to the information in the performance of their official duties. Employees who have access to this information follow appropriate procedures in connection with any disclosures of personal information.
In addition, we have implemented procedures to safeguard the integrity of our information technology assets, including, but not limited to, authentication, authorization, monitoring, auditing, and encryption. These security procedures have been integrated into the design, implementation, and day-to-day operations of our Web site as part of our continuing commitment to the security of electronic content as well as the electronic transmission of information.
For Web site security purposes and to maintain the availability of our Web site for all users, we employ software to monitor traffic to identify unauthorized attempts to upload or change information or otherwise damage our Web site.
The following definitions apply to terms used in this policy.
Terms such as "us," "we," and "our" refer to The College at Brockport, State University of New York.
"Our Web site" refers to all Web pages officially maintained by us within the brockport.edu domain for our marketing efforts or to conduct our day-to-day business with our students, alumni, faculty and staff. This term does not apply to personal or other unofficial pages unrelated to our marketing efforts or our day-to-day business.
The following terms appear in italics throughout this policy:
Personal information: For purposes of this policy, "personal information" means any information concerning a natural person which, because of name, number, symbol, mark, or other identifier, can be used to identify that natural person.
User: shall have the meaning set forth in subdivision 8 of section 202 of the State Technology Law.
|Privacy Compliance Officer
SUNY Brockport ITS
350 New Campus Dr.
Brockport, NY 14420
Policy effective June 16, 2002.
Amended June 10, 2009.