Official University web sites and those sites that collect online information from visitors or track user actions (except research sites subject to IRB review) must select an information collection policy and display or link to a corresponding online privacy policy statement. Sites may use the standard or customized versions within this policy, or may create one of their own.
The standard version in Appendix A is for sites that collect only routine statistics, collect data explicitly with user consent for specific purposes only, and (optionally) use cookies for login identification and to carry session information. See the formalized Privacy Statement. Normally, the words Privacy Statement should be included on the bottom of the web page and linked to the formalized Privacy Statement found at www.privacy.umn.edu.
- Several customized online privacy statements may be developed within the University over the next six months. Groups representing areas such as human resources, health sciences, and students may create them to fit their specific situations.
- If you are creating your own privacy policy, the policy must address at least the following five issues: (1) Notification -- what information is being collected and how is it being used (e.g., will it be saved, will it be shared with others?), (2) Choice -- in what ways can the user opt out of information collection, (3) Security of Information -- what steps are being taken to protect the information from improper disclosure?, (4) Access to Stored Information -- how can the visitor check the collected information, correct it, or request that it be purged? (5) Contact Information -- provide an e-mail address and/or phone number for visitors with questions about information collection and security. The language in Appendix B may help you in forming your privacy statement.
If you are collecting private information from the web site see the Special Situations section of this policy for legal requirements.
Help 
Procedure Feedback 
Print Procedure
