- CDC does not collect any personally identifiable information (PII) when you visit our Websites unless you choose to provide that information to us.
- Any PII that you choose to provide is fully protected.
- Non-PII information related to your visit to our websites may be automatically collected and temporarily stored.
Here is how we handle information about your visit to our website:
Information Collected and Stored Automatically
When you browse through any Website, certain information about your visit can be collected. If you do nothing during a visit to the CDC Website other than browse through the website, read pages or download information, certain data will be gathered and stored automatically about the visit. This information does not identify you personally. We automatically collect and temporarily store only the following information about your visit:
- the Internet domain (for example, "xcompany.com" if a private Internet access account is used, or "yourschool.edu" if connecting from a university's domain) and IP address (an IP address is a number that is automatically assigned to your computer when surfing the Web);
- Operating System and information about the Web browser (used when accessing the site;
- the visit date and time;
- the specific pages visited;
- if www.cdc.gov is designated as a home page; and
- the amount of data (measured in number of bytes) transmitted from CDC.gov to your computer.
We use this information in the aggregate to measure the number of visitors to our site and its various sections, to enhance site performance, and to improve the overall customer service experience for our visitors by making it more useful.
Back to Top
Web measurement and customization technologies
All uses of Web measurement and customization technologies will comply with existing policies with respect to privacy and data safeguarding standards. Information Systems owned and operated by CDC are assessed using Privacy Impact Assessments (PIAs) posted for public view on the Department of Health and Human Services (HHS) Website (http://www.hhs.gov/pia/). Groups of records that contain information about an individual and are designed to be retrieved by the name or other personal identifier linked to the individual are covered by the Privacy Act of 1974, as amended (5 U.S.C. Section 552a). For these records, CDC Systems of Record Notices are published in the Federal Register and posted on the CDC Web site at: http://www.cdc.gov/SORNnotice/.
CDC Websites use a variety of different Web measurement and customization technologies to collect and analyze the information with regard to users’ visits. Some pages on CDC.gov may include web content or functionality from third parties. For example, content or functionality from the following third parties may be present on some CDC.gov pages, including but not limited to:
Back to Top
The Office of Management and Budget (OMB) Memorandum M-10-22, Guidance for Online Use of Web Measurement and Customization Technologies (June 25, 2010), (available at http://www.whitehouse.gov/sites/default/files/omb/assets/memoranda_2010/m10-22.pdf) allows federal agencies to use session and persistent cookies. When you visit any Web site, a small text file called a "cookie" may be placed on your computer. The “cookie” allows the server to “remember” specific information about your visit while you are connected to that Website. The cookie makes it easier for you to use the dynamic features of Web pages. Cookies from CDC Web pages only collect information about your browser’s visit to our site; they do not collect personal information about you.
CDC uses two types of cookies on its Websites: single session (temporary) and multi-session (persistent):
- Session Cookies: We use session cookies for technical purposes to improve the user experience while visiting our Website. Session cookies are temporary text files that expire when you leave our Websites. Once you close your browser, the cookie is destroyed and automatically deleted from your computer. Under OMB M-10-22, our use of session cookies is defined as Usage Tier 1 single session. The policy states that this tier encompasses any use of single session Web measurement and customization technologies.
- Persistent cookies are stored on your computer for a longer period. These multi-session cookies are stored on your computer and expire 1 year after your last visit to a Website. After 1 year, they are automatically deleted from your computer; however, you may also choose to delete persistent cookies from your computer at any time. We use persistent cookies to collect non-PII data about users who frequently visit our Websites, and to test variations of our site design and content to optimize our Web pages. In the Office of Management and Budget (OMB) Memo 10-22 Guidance, our use of persistent cookies is defined as "Usage Tier 2 Multi-session without Personally Identifiable Information (PII)," which "encompasses any use of multi-session Web measurement and customization technologies when no PII is collected."
Back to Top
You Can Opt Out or Disable Cookies
If you do not wish to have session or persistent cookies placed on your computer at all, you can choose not to accept cookies from the CDC Website by changing your browser settings. By not accepting cookies you will still have access to all information, and resources on our Websites, identical to that received by individuals choosing to accept the cookies. Instructions to opt out or disable cookies using some of the most popular browsers are available at http://www.usa.gov/optout_instructions.shtml.
Back to Top
If You Send Us Personal Information
You do not have to give us personal information to visit the CDC Websites. If you choose to provide us with additional information about yourself, as in an e-mail message, questionnaire, form, online survey, or other tool, submitted through our website, we only use that information to respond to your message.
We will maintain any information you provide in accordance with applicable federal law. CDC will not disclose, give, sell, or transfer any personal information about visitors to our websites, unless required for law enforcement or by statute. Moreover, we do not create individual profiles with the information you provide or give it to any private organizations. CDC does not collect information for commercial marketing.
Remember, however, that e-mail is not necessarily secure against interception. Therefore, if your communication is sensitive or includes personal information, you may prefer to send it to CDC via postal mail instead.
If you choose to provide us with personally identifiable information (PII) - that is to say, information that is personal in nature and may be used to identify you - as in an e-mail message, questionnaire, form, online survey, or other tool, submitted through our website, we will maintain the information that you provide only as long as needed to respond to your question or to fulfill the stated purpose of the communication. If we store your personal information in a records system designed to retrieve contact information about individuals by personal identifier (e.g., name, personal e-mail address, home (mailing) address, personal or mobile phone number, etc.), we will safeguard your information in accordance with the Privacy Act of 1974, as amended (5 U.S.C. 552a).
If, in order to accomplish its mission, CDC operates a system of records from which it retrieves information that you submit, there will be a Privacy Act Notice prominently displayed on the public-facing website or form that requests your PII. If applicable, such Notice must state the following five criteria:
- The purpose for which CDC is collecting your information
- CDC’s legal authorization to collect your information
- The Routine Uses for which your information will be disclosed outside of CDC
- Whether providing your information is voluntary or legally mandatory
- The effects, if any, of nondisclosure of your information should you choose not to provide it.
Back to Top
Intrusion Detection and Security
This site is maintained by the U.S. Government and is protected by various provisions of Title 18 of the U.S. Code. Violations of Title 18 are subject to criminal prosecution in Federal court.
For site security purposes and to ensure that this service remains available to all users, CDC employs software programs to identify unauthorized attempts to upload or change information, or otherwise cause damage. Unauthorized attempts to upload or change information on this Website are strictly prohibited and may be punishable by law, including the Computer Fraud and Abuse Act of 1986 and the National Information Infrastructure Protection Act of 1996.
Back to Top
Third-Party Websites and Applications
In addition to CDC’s official website on www.cdc.gov, CDC uses social media and third-party (non-CDC) websites to share information and to engage the public. For example, there may be third-party applications and/or services linked to or embedded on www.cdc.gov to improve its functionality. Likewise, applications created by CDC may be embedded on third-party websites as a way to increase public awareness of CDC activities. Our integration of these products is intended to provide a seamless user experience and to enhance users’ ability to access information and communicate with CDC.
Your activity on these third-party sites is governed by the security and privacy policies of the third party sites. Consequently, you should review the privacy policies of third-party sites before using them and ensure that you understand how your information may be used. You should also adjust privacy settings on your account on any third-party site to match your preferences.
Some third-party websites and applications may make personally identifiable information (PII) available to the public and/or CDC based on your user controlled settings or the privacy policies of the third-party. CDC will not collect, maintain, use, or share any PII that becomes available through CDC’s use of third-party websites or applications.
Back to Top