Skip Navigation
Virginia Tech

computing.vt.edu

Home | Services A–Z | Help & Tutorials
You Are Here: Home > Internet & Web > Web Publishing > Wembaster's Toolkit > Privacy Statement Generator

Privacy Statement Generator

This tool was created in response to Virginia Tech Policy 2030: Policy on Privacy Statements on Virginia Tech Web Sites.

For guidelines as to whether or not your site needs a Privacy Statement, please read When Does My Page Need a Privacy Statement?

This tool is designed to assist you in creating a comprehensive privacy statement for your site. Due to the "cookie cutter" nature of this tool, some aspects of your site might not be adequately covered. Therefore, you are encouraged to take the generated policy and add any additional information needed.

1. Site Information
Please provide some basic information about this web site. Please complete all requested information.
 
Name:
  Ex. Frog Analysis Web Site
URL:
  Ex. http://www.frog.vt.edu/
2. Contact Information
this site and this privacy statement should provide contact information for users with questions regarding this privacy policy and this site in general.
 
Webmaster's E-mail:
Webmaster's Name: (optional)
3. Does this site log its usage?
Most web servers will record information about visitors to a web site. This information is useful in determining browsing trends, planning for future site maintenance, and maintaining the integrity of computing resources.
 
No. I have disabled all logging on the web server.
Yes. I log the following information:
 
IP Address - The internet address of the machine that requested information.
Browser - The web browser and platform used to request information.
Referrer - The web site that linked to this site.
4. Does this site collect any personal information?
Personal information is regarded as any information that can be associated with an individual. This includes, but is not limited to: PID, name, student ID, address, e-mail, phone number, and zip code.
 
No. This site does not collect any personal information.
Yes. This site collects specific pieces of personal information. The details of the information stored are explained below.
 
a. Description of personal information collected:
 
  Ex. This site collects your name along with your individual frog preferences.
b. Description of use of personal information:
 
  Ex. This information is used to show pictures of your favorite frogs on the www.frog.vt.edu homepage.
c. Do you share any of this personal information with anyone else?
 
No. We do not share any personal information.
Yes. We share personal information. The details of the shared information are explained below:
 
  Ex. We sell you name and address to other frog awareness sites for paltry sums of cash.
d. Do users have the option of opting out of sharing personal information?
 
Not applicable. We do not share any personal information.
No. We do not have a mechanism in place to allow people to opt out.
Yes. Users can opt not to have their information shared. The details of the process are explained below:
 
  Ex. To opt out of sharing your personal information, you could contact Miss Piggy at 231-1212 and request not to share your information.
e. Is there a mechanism that allows users to update/review their personal information on your site?
 
No. We do not have a mechanism in place to allow people to review their collected information.
Yes. Users can update/review their personal information. The details of the process are explained below:
 
  Ex. Visit http://www.frogs.vt.edu/personaledit/ and log in to update your personal information.
5. Does this site link to any other sites hosted by Virginia Tech?
"Sites hosted by Virginia Tech" includes all sites with a vt.edu at the end of its hostname and sites maintained by official Virginia Tech agencies and affiliates. Virginia Tech has several policies and procedures in place to ensure the privacy and security of computing resources. Also, all Virginia Tech web sites are required to have their own privacy statement that details their specific privacy practices.
 
No. This site does not link to any other Virginia Tech web sites.
Yes. This site links to other Virginia Tech web sites.
6. Does this site link to any sites outside of Virginia Tech?
External sites are not maintained or governed by Virginia Tech's policies and procedures. Virginia Tech is not necessarily aware of these sites specific privacy practices.
 
No. This site does not link to any external web sites.
Yes. This site links to external web sites.
 
a. What sites do you link to? (Optional)
 
  Ex. www.yahoo.com, www.froglife.com, my.frogs.com
7. Does this site use cookies?
Cookies are one of the most well-known, and feared, privacy issues on the web. It is extremely important that you fully document how this site uses cookies to enhance the user's experience. It is also important to know whether or not cookies are stored on the user's machine after they close their browser.
 
No. This site does not use cookies for any purpose.
Yes, only for Session Management. See the "Session Management" section for more information.
Yes, for uses other than Session Management. The details of the information stored are explained below.
 
a. Description of how this site uses cookies:
 
  Ex. This site uses cookies to store information for the 'Amphibian Quicklinks' in the upper-right corner of the homepage.
b. Description/Listing of sites that can access cookies from this site:
 
  Ex. Only www.frogs.vt.edu has access to the cookies from this site.
c. Are the cookies saved after the user's browser has closed?
 
No. The cookies are deleted when the browser is closed
Yes. The cookies are saved until:
    Ex. one year from day of visit -or- 12/03/2004
8. Does this site use a form of session management?
If this web site tracks users through their visit to this site, then you are employing some form of session management. It is important to identify exactly how you are monitoring this users so you can make them aware of what data is being sent to you or stored on their machine.
 
No. This site does not use session management.
Yes. This site uses session management. The details of the session management mechanism are explained below.
 
a. Description of session management mechanism:
 
  Ex. This site uses hidden form elements on each page to maintain a continuous user session.
b. Description of information used for session management:
 
  Ex. The hidden form elements contain a unique ID that identifies your browser session. This ID is in no way associated with your machine or you individually.
c. Is the session management information saved after the user's browser has closed?
 
No. The information is not saved.
Yes, on our site. The information is saved on our server and is treated as personal information.
Yes, on the user's machine. The information is saved until:
    Ex. one year from day of visit -or- 12/03/2004
9. Mandatory security paragraph.
The following paragraph will be included in your privacy statement regardless of the options you choose. Please ensure that you comply with this paragraph.
 

This site has security measures in place to protect the loss, misuse, and alteration of the information under our control. Log file access is restricted to system administrators while stored on the server. Log files are rotated regularly and archived in a secure location. User and password information, if requested, is encrypted before it is transmitted across the network.

Users should also consult Virginia Tech's policy on Acceptable Use.

Virginia Tech complies with all statutory and legal requirements with respect to access to information.

10. Is username and password information (if collected) encrypted before transmitting over the network??
If your site requires the use of a Virginia Tech PID and password, this information should be encrypted before transmitting.
 
Not applicable. This site does not collect username and password information.
No. This site does not encrypt this information.
Yes. This site encrypts all username and password information.
11. Additional considerations.
Policy 2030 contains sections 2.2.5, "Children's Online Privacy Protection Act information (COPPA)", and 2.2.6, "Research on Human Subjects". Be sure you read and understand these sections and make any necessary additions to your generated statement if either of these sections apply to your site.

Once you have completed the above questions, click the "Generate Privacy Statement" button to generate your statement.

If you have any questions or comments about this tool or the policies surrounding it, please contact the Webmaster.

 

0  

 

Last updated on February 28, 2006
Request Help | Site Feedback | Disclaimer | Privacy Statement

computing.vt.edu is a service of Information Systems and Computing and the Vice President for Information Technology.
© 2002 Virginia Polytechnic Institute and State University.