As a general rule, the Agency does not collect PII about you when you visit our website, unless you choose to provide such information to us. Submitting PII through our website is voluntary. By doing so, you are giving the Agency your permission to use the information for the stated purpose. However, not providing certain information may result in the Agency’s inability to provide you with the service you desire.
If you choose to provide us with PII on the Agency website, through such methods as completing a web form or sending us an email, we will use that information to help us provide you the information or service you have requested or to respond to your message. The information we may receive from you varies based on what you do when visiting our site.
Generally, the information requested by the Agency will be used to respond to your inquiry or to provide you with the service you request. When this information is requested, the reasons for collecting it, a description of the Agency’s intended use of the information, how to grant consent to use mandatorily provided information, and how to grant consent for other than statutorily mandated uses will be fully described in a separate customized “Privacy Notice.” This customized Privacy Notice will either appear on the web page collecting the information or be accessible through a hyperlink (link) prominently displayed immediately above or below the information request.
Many of our programs and website allow you to send us an email. We will use the information you provide to respond to your inquiry. We will only send you general information via email. You should be reminded that email may not necessarily be secure against interception. Therefore, we suggest that you do not send sensitive personal data (such as your Social Security number) to us via email. If your intended email communication is very sensitive you should instead contact us on the telephone number provided.
Categories of information the Agency collects on its websites are further described below.
Automatically Collected Information
We collect and temporarily store certain information about your visit for use in site management and security purposes only. We collect and analyze this information because it helps us to better design our website to suit your needs. We may also automatically collect information about the web content you view in the event of a known security or virus threat. This information includes:
1. The Internet domain from which you access our website (for example, “xcompany.com” if you use a private Internet access account, or “yourschool.edu” if you connect from an educational domain);
2. The Internet Protocol (IP) address (a unique number for each computer connected to the Internet) from which you access our website;
3. The type of browser (e.g., Firefox, Internet Explorer, Chrome) used to access our site;
4. The operating system (e.g., Windows, Mac OS, Unix) used to access our site;
5. The date and time you access our site;
6. The Universal Resource Locators (URLs), or addresses, of the pages you visit;
7. Your username, if it was used to log in to the website; and
8. If you visited this website from another website, the URL of the forwarding site.
We may share the above information with our employees or representatives with a “need-to-know” in the performance of their official duties or other named representatives as needed to quickly process your request or transaction. This information is only used to help us make our site more useful for you. Raw data logs are retained temporarily as required for security and site management purposes only.
Third-Party Websites and Applications
The Agency uses social media websites and other kinds of third-party websites. Social media websites are used to publicize Agency events. The Agency also uses web measurement and customization technologies to measure the number of visitors to our websites and their various sections and to help make our websites more useful to visitors. In such cases, the third-party application may request an email address, username, password, and geographic location (e.g., State, region, or ZIP code) for follow up purposes. Eprine does not use third-party websites to solicit and collect PII from individuals. Any PII passively collected (i.e., not solicited) by the third-party website will not be transmitted or stored by the Agency; no PII will be disclosed, sold or transferred to any other entity outside the Agency, unless required for law enforcement purposes or by statute.
Information Collected for Tracking and Customization (Cookies)
A cookie is a small file that a website transfers to your computer to allow it to remember specific information about your session while you are connected. Your computer will only share the information in the cookie with the website that provided it, and no other website can request it. There are two types of cookies:
- Session: Session cookies last only as long as your web browser is open. Once you close your browser, the cookie is deleted. Websites may use session cookies for technical purposes such as to enable better navigation through the site, or to allow you to customize your preferences for interacting with the site.
If you do not wish to have session cookies stored on your machine, you can turn off cookies in your browser. You will still have access to all information and resources at the Agency websites. However, turning off cookies may affect the functioning of some Agency pages. Be aware that disabling cookies in your browser will affect cookie usage at all other websites you visit as well.
The Agency takes the security of all PII very seriously. We take precautions to maintain the security, confidentiality, and integrity of the information we collect at this site. Such measures include access controls designed to limit access to the information to the extent necessary to accomplish our mission. We also employ various security technologies to protect the information stored on our systems. We routinely test our security measures to ensure that they remain operational and effective.
We take the following steps to secure the information we collect:
- Employ internal access controls to ensure that only personnel who have access to your information are those with a need to do so to perform their official duties.
- Train appropriate personnel on our privacy and security policies and compliance requirements.
- Secure the areas where we retain paper copies of the information we collect online.
- Perform regular backups of the information we collect online to ensure against loss.
- Use technical controls to secure the information we collect online including, but not limited to:
- Secure Socket Layer (SSL)
- Password protections
- Periodically test our security procedures to ensure personnel and technical compliance.
- Employ external access safeguards to identify and prevent unauthorized access by outsiders that attempt to “hack” into, or cause harm to, the information contained in our systems.
We hold our contractors and other third-party providers to the same high standards that we use to ensure the security, confidentiality, and integrity of personal information they may have access to in the course of their work completed on behalf of the Agency.
Visiting Other Websites
Our website contains links to private organizations and some commercial entities. These websites are not within our control and may not follow the same privacy, security, or accessibility polices. Once you link to another site, you are subject to the policies of that site. All governmental websites, however, are subject to the same Federal policy, security, and accessibility mandates.
Attn: Compliance & Privacy Office
1650 Eastern Parkway
Brooklyn, NY 11207
Updated December 1, 2018