The PII you provide on the Foundation website will be used only for its intended purpose. We will protect your information consistent with the principles of the Privacy Act of 1974, the E-Government Act of 2002, and the Federal Records Act.
Personally Identifiable Information
As a general rule, the Foundation does not collect PII about you when you visit our website, unless you choose to provide such information to us. Submitting PII through our website is voluntary. By doing so, you are giving the Foundation your permission to use the information for the stated purpose. However, not providing certain information may result in the Foundation’s inability to provide you with the service you desire.
If you choose to provide us with PII on the Foundation’s website, through such methods as completing a web form or sending us an email, we will use that information to help us provide you the information or service you have requested or to respond to your message. The information we may receive from you varies based on what you do when visiting our site.
We will use the information you provide to respond to your inquiry. We will only send you general information via email. You should be reminded that email may not necessarily be secure against interception. Therefore, we suggest that you do not send sensitive personal data (such as your Social Security number) to us via email. If your intended email communication is very sensitive, or includes information such as your bank account, credit card, or Social Security number, you should instead send it by U.S. mail. Another alternative is submission of data via fax.
Electronic mail messages that meet the definition of records in the Federal Records Act (44 U.S.C. 3101 et seq.) are covered under the same disposition schedule as all other Federal records. This means that emails you send us will be preserved and maintained for varying periods of time if those emails meet the definition of Federal records. Electronic messages that are not records are deleted when no longer needed.
Categories of information the Foundation collects on its website are further described below.
Automatically Collected Information
We collect and temporarily store certain information about your visit for use in site management and security purposes only. We collect and analyze this information because it helps us to better design our website to suit your needs. We may also automatically collect information about the web content you view in the event of a known security or virus threat. This information includes:
- The Internet domain from which you access our website (for example, “xcompany.com” if you use a private Internet access account, or “yourschool.edu” if you connect from an educational domain);
- The Internet Protocol (IP) address (a unique number for each computer connected to the Internet) from which you access our website;
- The type of browser (e.g., Firefox, Internet Explorer, Chrome) used to access our site;
- The operating system (e.g., Windows, Mac OS, Unix) used to access our site;
- The date and time you access our site;
- The Universal Resource Locators (URLs), or addresses, of the pages you visit;
- Your username, if it was used to log in to the website; and
- If you visited this website from another website, the URL of the forwarding site.
We may share the above information with our employees or representatives with a “need-to-know” in the performance of their official duties, other Federal agencies, or other named representatives as needed to quickly process your request or transaction. This information is only used to help us make our site more useful for you. Raw data logs are retained temporarily as required for security and site management purposes only.
Third-Party Websites and Applications
The Foundation uses social media websites and other kinds of third-party websites. Social media websites are used to publicize Foundation events, and engage with members of the public. The Foundation also uses web measurement and customization technologies to measure the number of visitors to our website to help make our website more useful to visitors. In such cases, the third-party application may request an email address, username, password, and geographic location (e.g., State, region, or ZIP code) for account registration purposes. The Foundation does not use third-party websites to solicit and collect PII from individuals. Any PII passively collected (i.e., not solicited) by the third-party website will not be transmitted or stored by the Foundation; no PII will be disclosed, sold or transferred to any other entity outside the Foundation, unless required for law enforcement purposes or by statute or given permission.
Information Collected for Tracking and Customization (Cookies)
A cookie is a small file that a website transfers to your computer to allow it to remember specific information about your session while you are connected. Your computer will only share the information in the cookie with the website that provided it, and no other website can request it. There are two types of cookies:
- Session: Session cookies last only as long as your web browser is open. Once you close your browser, the cookie is deleted. Websites may use session cookies for technical purposes such as to enable better navigation through the site, or to allow you to customize your preferences for interacting with the site.
- Persistent: Persistent cookies are saved on a user’s hard drive in order to determine which users are new to the site or are returning, and for repeat visitors.
- If you do not wish to have session or persistent cookies stored on your machine, you can turn cookies off in your browser. You will still have access to all information and resources at the Foundation website. However, turning off cookies may affect the functioning of the Foundation website. Be aware that disabling cookies in your browser will affect cookie usage at all other websites you visit as well.
The Foundation takes the security of all PII very seriously. We take precautions to maintain the security, confidentiality, and integrity of the information we collect at this site. Such measures include access controls designed to limit access to the information to the extent necessary to accomplish our mission. We also employ various security technologies to protect the information stored on our systems. We routinely test our security measures to ensure that they remain operational and effective.
We take the following steps to secure the information we collect:
- Employ internal access controls to ensure that only personnel who have access to your information are those with a need to do so to perform their official duties.
- Train appropriate personnel on our privacy and security policies and compliance requirements.
- Secure the areas where we retain paper copies of the information we collect online.
- Perform regular backups of the information we collect online to ensure against loss.
- Use technical controls to secure the information we collect online including, but not limited to:
- Secure Socket Layer (SSL)
- Password protections
- Periodically test our security procedures to ensure personnel and technical compliance.
- Employ external access safeguards to identify and prevent unauthorized access by outsiders that attempt to “hack” into, or cause harm to, the information contained in our systems.
We hold our contractors and other third-party providers to the same high standards that we use to ensure the security, confidentiality, and integrity of personal information they may have access to in the course of their work completed on behalf of the Foundation.
Visiting Other Websites
Our website contains links to other agencies, private organizations, and some commercial entities. These websites are not within our control and may not follow the same privacy, security, or accessibility policies. Once you link to another site, you are subject to the policies of that site. All Federal websites, however, are subject to the same Federal policy, security, and accessibility mandates.