Version 3.2, September 2010
The State of Utah (State) is committed to protecting the privacy of those accessing its Web sites. The purpose of this policy is to inform those accessing State Web sites about the collection and use of the personally identifiable information of its users.
Definition of Personally Identifiable Information
For the purposes of this policy “personally identifiable information” means any information collected online that could serve to identify an individual, such as:
- First and last name
- Physical address
- Email address
- Telephone number
- Social Security number
- Credit card information
- Account Number
- Bank account information
- Any combination of personal information that could be used to determine identity
Collection of Information
The following information may be automatically collected and retained if you look or search through our web pages, or download information:
- The Internet domain and Internet Protocol (IP) address of the computer you are using to access our site;
- The type of browser and operating system used to visit our site;
- The date and time of when you access our site; and
- Which portions of the website you visit
The data collected serve as part of our statistical analysis about the use of our Web sites so we may better design online services and improve access to them. We do not attempt to gain personally identifiable information about individual users and associate it with IP addresses unless explicitly stated as part of a government agency service. The State does not use the information automatically collected to ascertain your personally identifiable information. The State of Utah may detect user IP addresses for providing location based user information and services. The State does not maintain or collect user IP addresses, or disclose such addresses to any third parties.
Except where specified, you do not have to provide personally identifiable information to visit or download information from State Web sites. Unless you choose to make your personally identifiable information available to us, the State does not collect such information from you. The State does not use or place spyware on your computer. Be aware that government agencies may request personally identifiable information from you in order to perform requested specialized services.
How Personally Identifiable Information Is Used by the Governmental Entity
Email or other information requests sent to a State Web site may be saved and used to respond to the request, forward the request to the appropriate agency, communicate updates to the State site that may be of interest to citizens, or provide the State web designer with valuable customer feedback to assist in improving the Web site.
Any personally identifiable information an individual provides to a State site will be used solely by the State of Utah, its entities, and third party agents with whom it has contracted to perform a state function on its behalf, unless the information is designated as public record by an individual State agency as authorized under the “Government Records Access and Management Act” (GRAMA), and the State agency’s Web site provides conspicuous notice that such information is subject to public access.
Collection and Use of Information – Children’s Personally Identifiable Information
Except as otherwise permitted by law, the State does not knowingly collect and use or disclose the personally identifiable information of a child under the age of 13.
Personally Identifiable Information Available or Collected from Governmental Web Sites
Information collected is subject to the access provisions of GRAMA and other applicable sections of the Utah Code, federal regulations, and federal law. Consequently, certain communications may be subject to public disclosure. However, in these instances you will be notified on either the Utah.Gov portal or on the agency Web site under the conditions described below in “State Agency Privacy Policies and How They Relate to This Policy.”
All records that are prepared, owned, received, or retained by a governmental entity that may be reproduced by certain means are considered public, unless they are private, controlled or protected as outlined in GRAMA, or are records to which access is restricted according to court rule, other State law, federal law, or federal regulation. Information that is generally considered public record under GRAMA – and not made confidential elsewhere in the Utah Code or by federal law – may be subject to electronic access through Utah.Gov Web sites.
Personally Identifiable Information is used by the governmental entities for the purpose of conducting official state business. A governmental entity may share Personally Identifiable Information with another governmental entity if it is designated as a record that is private, controlled, or protected as described in Section 63-2-206 unless such data sharing is expressly prohibited, authorized or required by federal law, state law, or federal regulation. In some instances a Governor’s directive or executive order may limit or prohibit data sharing even though Section 63-2-206 may permit such data sharing.
Data Security and Quality
The State of Utah is committed to data security and the data integrity of Personally Identifiable Information available from or collected by State government Web sites. The State has taken precautions to protect personally identifiable information from loss, misuse, or alteration. Any authorized third parties responsible for this information are committed to the same principles, and are required by contract to follow the same policies and guidelines as the State of Utah in protecting this information. Visitors should be aware, however, that even though protections are in place, the State cannot guarantee against the occurrence of hardware failure, unauthorized intrusion, or other technical problems.
Procedures for Access by the User To View Or Correct Personally Identifiable Information
Unless otherwise prohibited by State law, federal law, or federal regulation, an individual may access and correct Personally Identifiable Information whether or not the inaccuracy was created by accident, unauthorized access, or a change in circumstances. The State also reserves the right to use any legally appropriate measures to prevent, monitor, and investigate any attempt to deface, delete, or otherwise tamper with or abuse a State Web site, server, database, information system, or other State technology asset. For a description of the individual processes used by agencies to view or correct Personally Identifiable Information please use Utah.Gov’s Live Help section. See also Security Measures section.
State Agency Privacy Policies and How They Relate to This Policy
A full description of how agencies are to inform you if your personal information is treated any differently than as described in this policy is provided in R895-8 of the Utah Administrative Code, which governs the actions of state agencies.
Non-State Web Sites
Visitors may link to various Web sites from State Web pages. The State is not responsible for the privacy practices or content of external sites. Many of these sites, particularly those in the private sector, may not be subject to GRAMA, other sections of the Utah Code, or federal law. Those visiting external sites are advised to check the applicable privacy statement and be cautious about providing personally identifiable information without a clear understanding of how the information will be used.