Website Privacy Statement for Berkeley Security

(Effective 04/09/2016)
(Latest revision: June 2020)

The University of California, Berkeley is committed to protecting the privacy and accuracy of confidential information to the extent possible, subject to provisions of state and federal law. Other than as required by laws that guarantee public access to certain types of information, or in response to subpoenas or other legal instruments that authorize access, personally-identifiable information is not actively shared. In particular, we do not re-distribute or sell personal information collected on our web servers.

Information Collected

The Information Security Office web servers collect the following information: Internet Protocol (IP) address of computer being used; web pages requested; referring web page; browser used; date and time; and statistics identifying particular IP addresses from which our websites are accessed. ISO does not associate this data to individual user identities.

In addition to the IP address/browser information collected from anonymous visitors to the site, other information is collected and stored when users log in to view restricted content or submit forms. Specifically, the following information is collected from CalNet and mapped to a locally created account:

  • CalNet Display Name (usually first and last name as: First LAST)
  • CalNet UID
  • CalNet directory email address

The security website is not intended to handle confidential information. If you need to discuss a confidential matter, refer to the Staff List to contact any of our staff directly.

Use of Cookies for Analytics

Our website uses a third-party analytics provider (Google Analytics) to help us understand how visitors use our site. We use this information to improve our content and your experience visiting our site. Google Analytics relies on cookies to produce this information. Google Analytics does not receive personally identifiable information through these cookies and is prohibited from combining, matching or cross-referencing information from our site with any other information. We have also opted not to have Google Analytics storability to see your full IP address (a feature known as “IP masking”). Please review Google Analytics’ privacy policy for additional information. It is also possible to opt-out of Google Analytics for those who wish to do so.

Although our website has enabled settings to respect “Do-not-track” requests sent by users who wish to opt-out of Google Analytics tracking, our site also makes use of page caching to improve site performance. Therefore, unless you are logged in with your CalNet ID, you will get the generic (anonymous user) version of each page, which will include Google Analytics tracking code and JavaScript even if you send “Do-not-track” requests. However, Google also provides tools for those who wish to opt out of Google Analytics, which will function whether or not you are logged into the site.

Use of Collected Information

ISO will use personal information collected from this site for the purpose of communication back to individuals who contact us via the site and additionally:

ISO uses browser-IP-address information and anonymous-browser history to report information about site accesses and to determine the popularity and effectiveness of content campaigns and placement. This information is used to improve Web presentation and utilization. IP address information may also be used for troubleshooting purposes.

The CalNet user information collected by ISO is used to identify users accessing secure content, and to pre-fill forms with information about the user submitting the form.

Also see the ISO Routine Network Monitoring Policy

Distribution of Collected Information

We will not disclose, without your consent, personal information collected about you, except for certain explicit circumstances in which disclosure is required by law.

We will not distribute or sell personal information to third-party organizations.

Access to your own information: Questions regarding users’ rights to review, modify or delete their previously provided personal information should be directed to security@berkeley.edu. Any disputes will be resolved under existing records regulations applicable to UC Berkeley.

Additional Information

For more detailed information about requirements for the campus, online activities see the Campus Online Activities Policy section on Privacy and Confidentiality of Information.

Responsibility for External Sites

While using the ISO website, you may encounter hypertext links to the Web pages of other UC Berkeley websites or organizations not directly affiliated with UC Berkeley. All UC Berkeley websites, including the Information Security Office website, must comply with the Privacy Statement for UC Berkeley Websites, but may have refined the standard campus privacy statement to include additional or stronger privacy provisions. UC Berkeley does not control the content or information practices of external organizations.  We recommend you review the privacy statements of these organizations.