(Part of Goddard College’s Information Security Policy. Write to it@goddard.edu for additional information.)
Privacy Policies are mechanisms used to establish the limits and expectations for the users of Goddard College Information Resources. Internal users should have no expectation of privacy with respect to Information Resources. External users should have the expectation of complete privacy, except in the case of suspected wrongdoing, with respect to Information Resources.
Purpose
The purpose of the Goddard College Information Services Privacy Policy is to clearly communicate the Goddard College Information Services Privacy expectations to Information Resources users.
Audience
The Goddard College Information Services Privacy Policy applies equally to all individuals who use any Goddard College Information Resource.
Ownership
Electronic files created, sent, received, or stored on computers owned, leased administered, or otherwise under the custody and control of Goddard College are the property of Goddard College.
Privacy Policy Detail
Electronic files created, sent, received, or stored on IR owned, leased, administered, or otherwise under the custody and control of Goddard College are not private and may be accessed by Goddard College IT employees at any time without knowledge of the IR user or owner.
To manage systems and enforce security, Goddard College may log, review, and otherwise utilize any information stored on or passing through its IR systems in accordance with the provisions and safeguards provided in Section 20, Security Monitoring Policy. For these same purposes, Goddard College may also capture User activity such as telephone numbers dialed and web sites visited.
A wide variety of third parties have entrusted their information to Goddard College for business purposes, and all workers at Goddard College must do their best to safeguard the privacy and security of this information. The most important of these third parties is the individual customer; customer account data is accordingly confidential and access will be strictly limited based on business need for access.
Use of non-Goddard email for the purpose of conducting Goddard College business is strongly discouraged. This includes the practice of email forwarding from a Goddard email account to a non-Goddard email account. In addition, each Goddard College Department shall establish a policy and procedure for receipt of requests via non-Goddard email. This Policy strongly encourages each Department to adopt a policy that communication from non-Goddard email accounts be extremely limited and that such communications will only be acted upon in the context of additional identity verification mechanisms specific by the Departmental policy.
Users must report any weaknesses in Goddard College computer security, any incidents of possible misuse or violation of this agreement to the proper authorities by contacting the appropriate management.
Users must not attempt to access any data or programs contained on Goddard College systems for which they do not have authorization or explicit consent.
Public Access Privacy Policy
Goddard College web sites available to the general public must contain a Privacy Statement. An example of a good public Privacy Statement follows:
Website Privacy Statement on the Use of Information Gathered from the General Public
The following statement applies only to members of the general public and is intended to address concerns about the types of information gathered from the public, if any, and how that information is used.
Cookies
A “cookie” is a small file containing information that is placed on a user’s computer by a web server. Typically, these files are used to enhance the user’s experience of the site, to help users move between pages in a database, or to customize information for a user.
Any information that Goddard College webservers may store in cookies is used for internal purposes only. Cookie data is not used in any way that would disclose personally identifiable information to outside parties unless Goddard College is legally required to do so in connection with law enforcement investigations or other legal proceedings.
Logs and Network Monitoring
Goddard College maintains log files of all access to its site and also monitors network traffic for the purposes of site management. This information is used to help diagnose problems with the server and to carry out other administrative tasks. Log analysis tools are also used to create summary statistics to determine which information is of most interest to users, to identify system problem areas, or to help determine technical requirements.
Information such as the following is collected in these files:
- Hostname: the hostname and/or IP address of the computer requesting access to the site
- User-Agent: the type of browser, its version, and the operating system of the computer requesting access (e.g., Netscape 4 for Windows, IE 4 for Macintosh, etc.)
- Referrer: the web page the user came from
- System date: the date and time on the server at the time of access
- Full request: the exact request the user made
- Status: the status code the server returned, e.g., fulfilled request, file not found
- Content length: the size, in bytes, of the file sent to the user
- Method: the request method used by the browser (e.g., post, get)
- Universal Resource Identifier (URI): the location of the particular resource requested. (More commonly known as a URL.)
- Query string of the URI: anything after a question mark in a URI. For example, if a keyword search has been requested, the search word will appear in the query string.
- Protocol: the technical protocol and version used, i.e., http 1.0, ftp, etc.
The above information is not used in any way that would reveal personally identifying information to outside parties unless Goddard College is legally required to do so in connection with law enforcement investigations or other legal proceedings.
Email and Form Information
If a member of the general public sends Goddard College an e-mail message or fills out a web-based form with a question or comment that contains personally identifying information, that information will only be used to respond to the request and analyze trends. The message may be redirected to another government agency or person who is better able to answer your question. Such information is not used in any way that would reveal personally identifying information to outside parties unless System Administration is legally required to do so in connection with law enforcement investigations or other legal proceedings.
Links
This site may contain links to other sites. Goddard College is not responsible for the privacy practices or the content of such websites.
Security
This site has security measures in place to protect from loss, misuse and alteration of the information.