Internet Privacy Policy for the University at Albany Libraries Web site

version 1.1

Inserted Layout Image
Image
Two people looking at computer

The University at Albany Libraries' Commitment to Privacy


At the the University at Albany Libraries, we are committed to protecting your privacy and making it easier and more efficient for individuals and businesses to interact with the University Libraries. We recognize that it is critical for individuals and businesses to be confident that their privacy is protected when they visit the University Libraries Web site. You can travel through most of this Web site without giving us any information about yourself. Sometimes we do need information to provide services that you request, and this commitment of privacy explains our online information practices.

This Web site does not collect any personal information about you unless you provide that information voluntarily by sending an e-mail or completing a request or other type of form.

This policy is consistent with the provisions of the Internet Security and Privacy Act, the Freedom of Information Law, and the Personal Privacy Protection Law.

Information Collected Automatically When You Visit This Web Site

When visiting this Web site, the University Libraries automatically collect and store the following information about your visit:

  • The Internet Protocol address of the computer that accessed our Web site
  • The type of browser, its version and the operating system on which that browser is running
  • The Web page from which the user accessed the current Web page
  • The date and time of the user's request
  • The pages that were visited and the amount of time spent at each page

None of the above-mentioned information is deemed to constitute personal information by the Internet Privacy and Security Act. The information that is collected automatically is used to improve this Web site's content and to help the University Libraries understand how users are interacting with its Web site. This information is collected for statistical analysis and to determine what information is of most and least interest to our users. The information is not collected for commercial marketing purposes and the University Libraries are not authorized to sell or otherwise disclose the information collected from this Web site for commercial marketing purposes.

Information Collected When You E-mail the Libraries or Complete a Transaction

During your visit to this Web site you may send an e-mail to the University Libraries. Your e-mail address and the contents of your message will be collected. The information collected is not limited to text characters and may include audio, video, and graphic information formats included in the message. Your e-mail address and the information included in your message will be used to respond to you, to address issues you identify, to improve this Web site, or to forward your message to another SUNY campus for appropriate action. Your e-mail address is not collected for commercial purposes and the University Libraries are not authorized to sell or otherwise disclose your e-mail address for commercial purposes.

During your visit to this Web site you may complete a transaction such as a registration or request form. The information collected by the University Libraries, including personal information volunteered by you in completing the transaction, is used by the University Libraries and may be disclosed by the University Libraries for those purposes that may be reasonably ascertained from the nature and terms of the transaction in which the information was submitted.

The University Libraries do not knowingly collect personal information from children under the age of 13 or create profiles of children under the age of 13. Users are cautioned, however, that the collection of personal information submitted in an e-mail will be treated as though it was submitted by an adult, and may, unless exempted from access by federal or State law, be subject to public access.

Disclosure of Information Collected Through This Web site

The collection of information through this Web site and the disclosure of that information are subject to the provisions of the Internet Security and Privacy Act. The University Libraries will only collect personal information through this Web site or disclose personal information collected through this Web site if the user has consented to the collection or disclosure of such personal information. The voluntary disclosure of personal information to the University Libraries by the user, constitutes consent to the collection and disclosure of the information by the University Libraries for the purposes for which the user disclosed the information to the University Libraries.

However, the University Libraries may collect or disclose personal information without consent if the collection or disclosure is: (1) necessary to perform the statutory duties of the University Libraries, or necessary for the University Libraries to operate a program authorized by law, or authorized by state or federal statute or regulation; (2) made pursuant to a court order or by law; (3) for the purpose of validating the identity of the user; or (4) of information to be used solely for statistical purposes that is in a form that cannot be used to identify any particular person.

Further, the disclosure of information, including personal information, collected through this Web site is subject to the provisions of the Freedom of Information Law and the Personal Privacy Protection Law.

The University Libraries may disclose personal information to federal or state law enforcement authorities to enforce its rights against unauthorized access or attempted unauthorized access to the University Libraries' information technology assets.

Retention of Information Collected Through This Web Site

In general, the Internet services logs of the University Libraries, comprising electronic files or automated logs created to monitor access and use of Agency services provided through this Web site, are retained for 60 business days and then destroyed. Occassionally, logs are retained longer for troubleshooting purposes. Information concerning these records retention and disposition schedules may be obtained through the Internet privacy policy contact listed in this policy.

Access to and Correction of personal information Collected Through This Web Site

Any user may submit a request to the University Libraries' privacy compliance officer to determine whether personal informationpertaining to that user has been collected through library.albany.edu. Any such request shall be made in writing and must be accompanied by reasonable proof of identity of the user. Reasonable proof of identity may include verification of a signature, inclusion of an identifier generally known only to the user, or similar appropriate identification. The address of the privacy compliance officer is:

Privacy Compliance Officer
State University of New York
State University Plaza
Albany, New York 12246

The privacy compliance officer shall, within five (5) business days of the receipt of a proper request, provide access to the personal information; deny access in writing, explaining the reasons therefore; or acknowledge the receipt of the request in writing, stating the approximate date when the request will be granted or denied, which date shall not be more than thirty (30) days from the date of the acknowledgment.

In the event that the University Libraries has collected personal information pertaining to a user through this Web site and that information is to be provided to the user pursuant to the user's request, the privacy compliance officer shall inform the user of his or her right to request that the personal information be amended or corrected under the procedures set forth in section 95 of the Public Officers Law.

Confidentiality and Integrity of personal information Collected Through This Web Site

The University Libraries are strongly committed to protecting personal information collected through this Web site against unauthorized access, use or disclosure. Consequently, the University Libraries limit employee access to personal informationcollected through this Web site to only those employees who need access to the information in the performance of their official duties. Employees who have access to this information follow appropriate procedures in connection with any disclosures of personal information.

In addition, the University Libraries have implemented procedures to safeguard the integrity of its information technology assets, including, but not limited to, authentication, authorization, monitoring, auditing, and encryption. These security procedures have been integrated into the design, implementation, and day-to-day operations of this Web site as part of our continuing commitment to the security of electronic content as well as the electronic transmission of information.

For Web site security purposes and to maintain the availability of this Web site for all users, the University Libraries employ software to monitor traffic to identify unauthorized attempts to upload or change information or otherwise damage this Web site.

Cookies

A cookie is a simple text file that is sent to a web browser from a website and is stored on the computer of a site visitor. Cookies provide a website the means of distinguishing among visitors. The use of cookies is a standard practice among Internet websites.

Cookies, when permitted by the web browsers of our site visitors, may be used on the University website to collect non-personal information as defined by the New York State Internet Security and Privacy Act such as:

  • date and time of visit
  • pages visited
  • referring web page, if present
  • type of browser used

 

Aggregate information collected will be utilized to determine the broad viewing interests of our audience. Site developers will then enhance and customize the site based on this data.

Session Cookies:

Session cookies are created automatically on the computer or other device used to access a website. They do not contain personal information. A session cookie is erased when the browser is closed.

Persistent Cookies:

A persistent cookie is a small text file stored on a site visitor’s hard drive for an extended period of time. For example, where the University allows you to complete a registration to personalize the website, a "persistent cookie" will be stored on your computer's hard drive. This persistent cookie will allow the website to recognize you when you visit again and tailor the information presented to you based on your needs and interests. Persistent cookies may also be used on pages that do not require user registration.

Refusing Cookies:

By default most web browsers are set to accept cookies, however they can be configured to refuse cookies. Browsers can also be used to delete existing cookies. Refusing or deleting cookies may limit your ability to take advantage of some features of the albany.edu website.

Disclaimer

The information provided in this privacy policy should not be construed as giving business, legal, or other advice, or warranting as fail proof, the security of information provided through this Web site.

Contact Information

For questions regarding this Internet privacy policy, please contact our privacy officer via e-mail at privacy@sysadm.suny.edu or by regular mail at:

Privacy Officer
State University of New York
State University Plaza
Albany, New York 12246

Definitions

The following definitions apply to, and appear in italics, in this policy:

personal information: For purposes of this policy, "personal information" means any information concerning a natural person which, because of name, number, symbol, mark, or other identifier, can be used to identify that natural person.

user: shall have the meaning set forth in subdivision 8 of section 202 of the State Technology Law.