Information collected when browsing PDC:
When you browse through any Website, certain information about your visit can be collected. We automatically collect and temporarily store the following types of information about your visit:
We use this information to measure the number of visitors to our site and its various sections and to help make our site more useful to visitors. This information cannot be used to identify you as an individual.
Information collected when you contact PDC:
When you contact PDC through email at firstname.lastname@example.org, we collect the following types of information:
Information collected when requesting access to protected data:
When you try to access protected data from PDC, we collect the following types of information:
Information collected when submitting data to PDC:
When you want to submit data to PDC, we collect the following types of information to create a private workspace for you:
The PDC uses several tools to collect the information listed above in the section ‘Information Collected when Browsing the PDC’. No Personally Identifiable Information (PII) is collected. This data is used to monitor the health and growth of the system and comply with security and auditing best practices. The PDC Team conducts analyses and generates reports with this information, which are shared only with PDC Team Members, NIH Senior Staff, and members of the NIH Communications Team who require this information to perform their duties.
The PDC uses an email at email@example.com to collect the information in the bulleted list in the ‘Information Collected when you contact PDC’ section. The PDC uses the information to provide users with assistance and improve the PDC. These support facilities require the collection of PII so that PDC Team Members can correspond directly with users to provide assistance.
The PDC retains the data from web analytics reporting tools and support requests as long as needed to support the mission of the PDC.
You do not have to give us personal information to visit the PDC. However, if you choose to contact us for support, request protected data or submit data, we collect information described in the above sections to allow us to fulfill the purpose of your contact. If you choose to provide us with personally identifiable information, that is, information that is personal in nature and which may be used to identify you, through an e-mail message or electronic form, we will maintain the information you provide only as long as needed. If we store your personal information in a record system designed to retrieve information about you by personal identifier (name, personal email address, personal or mobile phone number, etc.), so that we may contact you, we will safeguard the information you provide to us in accordance with the Privacy Act of 1974, as amended (5 U.S.C. Section 552a). If the PDC operates a record system designed to retrieve information about you in order to accomplish its mission, a Privacy Act Notification Statement should be prominently and conspicuously displayed on the public-facing website or form which asks you to provide personally identifiable information. The notice must address the following five criteria:
The PDC uses web measurement and customization technologies to help our Web sites function better for visitors and to better understand how the public uses the online resources we provide. All uses of web-based technologies comply with existing policies with respect to privacy and data safeguarding standards. Information Technology (IT) systems owned and operated by the PDC are assessed using Privacy Impact Assessments (PIAs) posted for public view on the Department of Health and Human Services (DHHS) Web site at http://www.hhs.gov/pia/. NIH conducts and publishes a PIA for each use of a third-party website and application (TPWA) as they may have a different functionality or practice. TPWA PIAs are posted for public view on the DHHS Web site at http://www.hhs.gov/pia/#Third-Party.
The PDC will retain data collected using the following technologies long enough to achieve the specified objective for which they were collected. The data generated from these activities falls under the National Archives and Records Administration (NARA) General Records Schedule (GRS) 20-item IC 'Electronic Records, and will be handled per the requirements of that schedule.