(Latest revision: June 2020)
The University of California, Berkeley is committed to protecting the privacy and accuracy of confidential information to the extent possible, subject to provisions of state and federal law. Other than as required by laws that guarantee public access to certain types of information, or in response to subpoenas or other legal instruments that authorize access, personally-identifiable information is not actively shared. In particular, we do not re-distribute or sell personal information collected on our web servers.
The Information Security Office web servers collect the following information: Internet Protocol (IP) address of computer being used; web pages requested; referring web page; browser used; date and time; and statistics identifying particular IP addresses from which our websites are accessed. ISO does not associate this data to individual user identities.
In addition to the IP address/browser information collected from anonymous visitors to the site, other information is collected and stored when users log in to view restricted content or submit forms. Specifically, the following information is collected from CalNet and mapped to a locally created account:
- CalNet Display Name (usually first and last name as: First LAST)
- CalNet UID
- CalNet directory email address
The security website is not intended to handle confidential information. If you need to discuss a confidential matter, refer to the Staff List to contact any of our staff directly.
ISO will use personal information collected from this site for the purpose of communication back to individuals who contact us via the site and additionally:
ISO uses browser-IP-address information and anonymous-browser history to report information about site accesses and to determine the popularity and effectiveness of content campaigns and placement. This information is used to improve Web presentation and utilization. IP address information may also be used for troubleshooting purposes.
The CalNet user information collected by ISO is used to identify users accessing secure content, and to pre-fill forms with information about the user submitting the form.
Also see the ISO Routine Network Monitoring Policy
We will not disclose, without your consent, personal information collected about you, except for certain explicit circumstances in which disclosure is required by law.
We will not distribute or sell personal information to third-party organizations.
Access to your own information: Questions regarding users’ rights to review, modify or delete their previously provided personal information should be directed to firstname.lastname@example.org. Any disputes will be resolved under existing records regulations applicable to UC Berkeley.
While using the ISO website, you may encounter hypertext links to the Web pages of other UC Berkeley websites or organizations not directly affiliated with UC Berkeley. All UC Berkeley websites, including the Information Security Office website, must comply with the Privacy Statement for UC Berkeley Websites, but may have refined the standard campus privacy statement to include additional or stronger privacy provisions. UC Berkeley does not control the content or information practices of external organizations. We recommend you review the privacy statements of these organizations.