Information Technology Policies

X-99.19(A)

UMB IT Guidelines on Collection of Personal Info

Responsible VP/AVP

Applies to Faculty, Staff, Students

Policy Statement

University of Maryland, Baltimore (UMB) web sites use the domain name “umaryland.edu” and are controlled, operated, and maintained by UM in connection with UMB operations. All use of UMB computing resources, regardless of URL or domain, are subject to the “UMB IT Acceptable Use Policy”.

Generally, UMB does not automatically collect the identity of an individual user or visitor to an official UMB web site. If you are asked to provide personal information on an official UM web site, you should have the following information:

The purpose for which the personal information is collected; Any specific consequences for refusing to provide the information; Your right to inspect, amend, or correct personal records, if any; Whether the personal information is generally available for public inspection; and Whether the personal information is made available or transferred to or shared with any entity.

Unless otherwise indicated, information collected by UMB may be shared among offices within UMB and the University System of Maryland, and with outside entities as necessary and appropriate for UM to engage in the conduct of legitimate UM operations, consistent with applicable laws. Personally identifiable information may also be subject to disclosure under the Maryland Public Information Act. Individuals may inspect and correct their personal information as provided by the Public Information Act or by other applicable law or policy. UMB protects student educational records as required by the Federal Family Educational Rights and Privacy Act.

Personal information posted on sharing sites such as message boards and chat rooms may be collected and used by others who are not required to comply with these guidelines.

UMB collects information that is available from server logs about user Internet connections and visits to UMB web sites. UMB may use this information to analyze trends, create summary statistics for the purpose of determining technical design specifications, and identify system performance or problem areas.

Examples of information collected by servers include Internet Protocol (IP) address - a number that is assigned to a computer when a user logs-on and that is automatically identified when a computer connects to a server. An IP address identifies the computer, not the computer user. UMB servers may log and track an IP address upon log-in and as the user moves from web page to web page within UMB web sites. UMB does not normally link IP addresses to personally identifiable information. However, the time a user logs-on, logs-off and how long a site is visited may be recorded and retained. UMB uses IP addresses to identify a user when necessary to enforce compliance with law or UMB policies, for purposes of system administration, and to ascertain demographics and visitor usability.

Some UMB web pages may utilize "cookies" to better serve users with more tailored information upon return to a web site. Cookies are identifiers that a web site can send to a user’s browsers to keep on-file in order to facilitate future visits to that site. A user may set browser options to prompt notice to the user when a web site tries to send a cookie so the user may accept or reject it. Note, when a user rejects cookies, parts of some UMB web pages may not function properly or may be considerably slower.

Data Security

UMB takes steps to protect personal information from unauthorized access and disclosure. UMB strives to implement security measures that protect the loss, misuse and alteration of the information under its control.

Not all transmissions to and from official UMB web sites are secure. For example, a web site may not encrypt or decrypt data sent to or from the web site. In addition, e-mails sent to a UM address may be subject to interception. If a communication includes personal information that you do not wish to provide electronically, you may contact UMB by regular mail or telephone.

Links to Other Sites

Some official UMB web sites link to web sites that are not part of the "umaryland.edu” domain and may be controlled and operated by third parties. UMB is not responsible for privacy practices or content of such web sites.

Changes to Privacy Statement

Advances in technology, legal developments, and new policies and practices may cause UMB to change or update this privacy statement from time to time. UMB reserves the right to make changes without notice. It is the responsibility of the user to check this page for changes.

Questions or Concerns

Specific questions about the collection of personal information on official UMB web sites should be addressed to the person identified on the particular web site.

Fill out my online form.

Thank You for Your Gift to UMB