-
Notifications
You must be signed in to change notification settings - Fork 0
/
faq.html
208 lines (192 loc) · 10.7 KB
/
faq.html
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
{% extends 'base.html' %}
{% block head %}
{{ super() }}
{% endblock %}
{% block page_name %}faq{% endblock %}
{% block content %}
<div class="container py-4">
<h1 class="page-header" role="heading" aria-level="1">FAQs</h1>
<p>
Protecting your privacy is very important to us. Our Web site links to other National Institutes of Health
(NIH) sites,
federal agency sites, and private organizations. Once you leave the primary ISB-CGC site, you are subject to
the privacy
policy for the site(s) you are visiting. In addition to name and email address, we collect some data about
your visit to
our Web site to help us better understand how the public uses the site and how to make it more helpful. We
collect
information from visitors who read, browse, and/or download information from our Web site. We never collect
information
for commercial marketing or any purpose unrelated to the ISB-CGC mission and goals.
</p>
<h2 role="heading" aria-level="2">Types of Information Collected</h2>
<p>
When you browse through any Web site, certain information about your visit can be collected. We
automatically collect and
store the following type of information about your visit:
</p>
<ul>
<li>Domain from which you access the Internet</li>
<li>IP address (an IP address is a number that is automatically assigned to a computer when surfing the
Web)
</li>
<li>Operating system and information about the browser used when visiting the site</li>
<li>Date and time of your visit</li>
<li>Pages you visited</li>
<li>Address of the Web site that connected you to the ISB-CGC site (such as google.com or bing.com)</li>
<li>Email address associated to your Google Account</li>
<li>Name (as available in your Google Account profile)</li>
</ul>
<p>
We use this information to measure the number of visitors to our site and its various sections to help make
our
site more useful to visitors, and to provide security for controlled access data which can be accessed
through
our site.
</p>
<h2 role="heading" aria-level="2">How ISB-CGC Collects Information</h2>
<p>
ISB-CGC uses Google Analytics, Google Cloud Platform StackDriver Logging, and the ISB-CGC login process to
collect
the information in the bulleted list in the Types of Information Collected section above. Google Analytics
and
StackDriver gather information automatically and continuously. No Personally Identifiable Information (PII)
is
collected from these two systems. When you log in to our ISB-CGC site using your Google Account, and if you
choose to do so when you link your Google Account to an eRA Commons account, we collect your email address
and
name as stored in your Google Account profile. ISB-CGC staff conducts analyses and reports on the aggregated
data, and those reports are only available to the NCI and NIH.
</p>
<p>
ISB-CGC retains the data from Google Analytics, StackDriver, and the login process as long as needed to
support
the mission of the ISB-CGC website and the NCI.
</p>
<h2 role="heading" aria-level="2">How ISB-CGC Uses Cookies</h2>
<p>
The Office of Management and Budget Memo
<a href="https://www.whitehouse.gov/sites/whitehouse.gov/files/omb/memoranda/2010/m10-22.pdf" target="_blank"
rel="noreferrer" class="sr-set">
M-10-22, Guidance for Online Use of Web Measurement and Customization Technologies <span
class="sr-only"> opens a new tab</span></a> allows
Federal agencies to use session and persistent cookies.
</p>
<p>
When you visit any Web site, its server may generate a piece of text known as a "cookie" to place on your
computer. The cookie allows the server to "remember" specific information about your visit while you are
connected.
</p>
<p>
The cookie makes it easier for you to use the dynamic features of Web pages. Cookies from ISB-CGC pages only
collect information about your browser’s visit to the site; they do not collect personal information about
you.
</p>
<p>
There are two types of cookies, single session (temporary), and multi-session (persistent). Session cookies
last
only as long as your Web browser is open. Once you close your browser, the cookie disappears. Persistent
cookies
are stored on your computer for longer periods.
</p>
<h3 role="heading" aria-level="3">Session Cookies</h3>
<p>
ISB-CGC uses session cookies for technical purposes such as to enable better navigation through our site.
These
cookies let our server know that you are continuing a visit to our site. The OMB Memo 10-22 Guidance defines
our
use of session cookies as "Usage Tier 1 — Single Session.” The policy says, "This tier encompasses any use
of
single session web measurement and customization technologies."
</p>
<h3 role="heading" aria-level="3">Persistent Cookies</h3>
<p>
ISB-CGC uses persistent cookies to enable Google Analytics to differentiate between new and returning
ISB-CGC
visitors. Persistent cookies remain on your computer between visits to ISB-CGC until they expire. The OMB
Memo
10-22 Guidance defines our use of persistent cookies as "Usage Tier 2 — Multi-session without Personally
Identifiable Information (PII).” The policy says, "This tier encompasses any use of multi-session Web
measurement and customization technologies when no PII is collected."
</p>
<h2 role="heading" aria-level="2">How Personal Information Is Protected</h2>
<p>
If you choose to log in to our site with your Google Account, we will receive your email address and name as
listed in that account profile. We will maintain this information for security purposes only. We will
safeguard
the information you provide to us in accordance with the Privacy Act of 1974, as amended (5 U.S.C. Section
552a).
</p>
<p>
If ISB-CGC operates a record system designed to retrieve information about you in order to accomplish its
mission, a Privacy Act Notification Statement should be prominently and conspicuously displayed on the
public-facing website or form which asks you to provide personally identifiable information. The notice must
address the following five criteria:
</p>
<ul>
<li>ISB-CGC’s legal authorization to collect information about you</li>
<li>Purpose of the information collection</li>
<li>Routine uses for disclosure of information outside of ISB-CGC</li>
<li>Whether the request made of you is voluntary or mandatory under law</li>
<li>Effects of non-disclosure if you choose to not provide the requested information</li>
</ul>
<p>For further information about ISB-CGC privacy policy, please contact us at info@isb-cgc.org.</p>
<h2 role="heading" aria-level="2">Data Safeguarding and Privacy</h2>
<p>
ISB-CGC uses web measurement and customization technologies to help our Web sites function better for
visitors
and to better understand how the public uses the online resources we provide. All uses of web-based
technologies
comply with existing policies with respect to privacy and data safeguarding standards. Information
Technology
(IT) systems operated by ISB-CGC are assessed using Privacy Impact Assessments (PIAs) posted for public view
on
the <a href="http://www.hhs.gov/pia/" target="_blank" rel="noreferrer" class="sr-set">Department of Health and
Human Services (DHHS) Web
site <span
class="sr-only"> opens a new tab</span></a>
. ISB-CGC conducts and publishes a PIA for each use of a third-party website and
application
(TPWA) as they may have a different functionality or practice. TPWA PIAs are posted for public view on the
<a href="http://www.hhs.gov/pia/#Third-Party" target="_blank" rel="noreferrer" class="sr-set">DHHS Web site<span
class="sr-only"> opens a new tab</span></a>.
</p>
<p>
Groups of records that contain information about an individual and are designed to be retrieved by the
individual’s name or other personal identifier linked to the individual are covered by the Privacy Act of
1974,
as amended (5 U.S.C. Section 552a). For these records, NIH Systems of Record Notices are published in the
Federal Register and posted on the <a href="https://oma.od.nih.gov/DMS/Pages/Privacy-Program.aspx"
target="_blank" rel="noreferrer" class="sr-set">
NIH Senior Official for Privacy Website<span
class="sr-only"> opens a new tab</span></a>. When you visit the ISB-CGC site, please look
for
the Privacy Notice posted on the main pages. When web measurement and customization technologies are used,
the
Privacy Policy/Notice must provide:
</p>
<ul>
<li>Purpose of the web measurement and/or customization technology</li>
<li>Usage tier, session type, and technology used</li>
<li>Nature of the information collected</li>
<li>Purpose and use of the information</li>
<li>Whether and to whom the information will be disclosed</li>
<li>Privacy safeguards applied to the information</li>
<li>Data retention policy for the information</li>
<li>Whether the technology is enabled by default or not and why</li>
<li>Statement that opting-out still permits users to access comparable information or services</li>
<li>Identities of all third-party vendors involved in the measurement and customization process</li>
</ul>
<h2 role="heading" aria-level="2">Data Retention and Access Limits</h2>
<p>
ISB-CGC will retain data collected using the following technologies long enough to achieve the specified
objective for which they were collected. The data generated from these activities falls under the National
Archives and Records Administration (NARA) General Records Schedule (GRS) 20-item IC 'Electronic Records,'
and
will be handled per the <a href="http://www.archives.gov/records-mgmt/grs/grs20.html" target="_blank"
rel="noreferrer" class="sr-set">
requirements of that schedule<span
class="sr-only"> opens a new tab</span></a>.
</p>
</div>
{% endblock %}