Website Privacy Policy | University of Arkansas
Source: https://www.uark.edu/privacy-policy/index.php
Archived: 2026-04-23 17:15
Website Privacy Policy | University of Arkansas
Website Privacy Policy
Overview
This policy defines the official websites of the University of Arkansas, addresses
collection and use of information in connection with such websites, and describes
under what circumstances the university may disclose such information, consistent
with Ark. Code § 25-1-114.
The university adheres to all applicable federal and state laws, as well as general
university policies that are applicable to the use of computing resources. These include,
but are not limited to, the laws and policies contained in Appendix A.
Official University Websites
Except as noted, the information in this privacy policy applies to all official University
of Arkansas websites, which are defined as those administered through the university
content management system, such as university colleges and schools, main departments,
divisions, or other units typically reporting to or deemed official by the chancellor,
provost, vice chancellors, deans, directors and/or department heads/chairs. These
sites comply with the university template, graphics and Web standards as managed by
the Office of University Relations. Certain official websites may have their own or
supplementary privacy policies appropriate to their function or as required by law
Other Websites
Within the university domain (uark.edu) are various websites that are not maintained
by the university. These unofficial sites include, but are not limited to, RSO sites,
personal websites of faculty, staff or students, and other campus entities. This privacy
policy only applies to official university websites.
Access Information Collected
The university, while reserving its right to monitor communications via university
websites for legal, policy or business reasons, including security and functionality,
will not monitor the content of communications as a matter of normal business practice.
However, the fact that communication occurred (such as when a user visits a university
website or utilizes university websites to search for information or submit a form),
may be routinely logged as a normal business practice.
Common information logged includes, but is not limited to, the following:
the IP address of the user’s computer
the date and time a user’s computer accessed our site
the IP address and URL of a referring website
the page the user requested from the university’s site
the information that a user’s Web browser software sends, which typically identifies
the browser software and may also indicate the operating system and type of CPU used
in the user’s computer
in the case of email, the sender and recipient's email addresses
Google Analytics
Some university websites use Google Analytics, a Web analytics service provided by
Google, Inc., to collect information such as URLs, Internet domain and host names,
browser software, date and time site visited, etc.
Voluntary Information
Services are provided through university websites via forms (e.g., admissions, financial
aid requests, job applications), surveys, etc., whereby individuals are required to
enter personal information in order to process the request, such as name, physical
and email addresses, phone numbers, and financial data. If information requested is
not entered, the services and/or requests cannot be accomplished online.
How Personal Data Is Used
As a general rule, the university does not track individual visitor profiles. This
data is used to analyze aggregate traffic/access information for resource management,
site planning, advertising and marketing.
When personally identifiable information is entered through university websites, typically
the information requested and collected is only used to provide the information or
services sought by the requester, just as a person might provide such information
when visiting a university office in person or submitting the information via paper,
for example, an application for admission.
However, the university may also use any information gathered through university websites
or exchange such information with other entities in order to carry out normal university
business operations, including marketing and subcontractor services. Legal requirements
concerning use and disclosure of sensitive information will be applied to information
maintained with these resources to the same extent that the requirements are applied
to other records kept or maintained by the university. The university does not sell
information collected through university websites to other entities.
Cookies
Websites can use cookies to provide the user with tailored information from a website.
A cookie is an element of data that a website can send to a browser, which may then
store it on the user’s system. Some applications may require the user to accept cookies
in order for the application to work properly. Two types of cookies exist, session
cookies and persistent cookies. Session cookies contain data through which the Web
application the visitor is using can maintain the continuity and state of a session.
Session cookies expire upon user logout, closing of the browser or timed-out sessions.
Persistent cookies contain information that may be useful across multiple sessions,
such as identifying the user or other persistent attributes, and are typically not
deleted. Data from cookies may also be used to identify user trends and patterns,
provide services and record session information. Web browsers can be configured to
refuse cookies, accept cookies, disable cookies and remove cookies as needed or desired.
E-Commerce
The university has several sites that enable encrypted, online payments. The confidential
information entered for these payment transactions is only to be used for purposes
defined within/for the transaction. Some transactions are isolated from campus systems
and managed by a third party.
Children’s Online Activities
Some university websites may present university-sponsored information or activities
that are specifically designed for children. However, any such websites are intended
to be used only by adults to voluntarily share information online, so that a child
who is under the age of 13 can participate in these activities (e.g., camps and enrichment
programs) or so that the child can receive information from the university. When a
parent or legal guardian voluntarily signs up his or her child for one of these programs,
the parent may be asked to provide:
the child’s name
mailing address
phone number
date of birth
school and grade level
email address
parent or legal guardian’s name and email address
The university, through its websites, does not make participation conditional in any
university online activities on the disclosure of more information than is reasonably
necessary to participate. This information will not be disclosed to a third party
unless disclosure is integral to the site or service and will not be used for other
purposes. Parents or guardians have the right:
to review such personal information that has been recorded by a university website
about their child
to refuse to allow further collection of the information
to require the deletion of any information that has been recorded
Third Party Applications and Links
University of Arkansas websites contains links to third party applications and websites
that may or may not be hosted on university servers. The university cannot warrant
or be responsible for the privacy policies of such sites. Users are encouraged to
become familiar with the privacy policies of third party or off-campus sites.
Security
In addition to complying with all applicable laws and regulations, the university
strives to implement and maintain systems and policies to protect the confidentiality
and integrity of personal information provided by users. Despite these security measures,
the university does not represent or warrant that personal information will be protected
against loss, misuse or alteration by third parties.
Disclosure of Data Collected
The university is required to comply with the Arkansas Freedom of Information Act
(FOIA) (Ark. Code Ann. § 25-19-101 et seq.) and may be required to disclose records
maintained in the daily operations of the university unless such records are exempt
from disclosure under federal or state law. Therefore, some data collected through
university websites may be subject to disclosure upon receipt of a valid FOIA request.
Additionally, at times, the university may be legally required to disclose information
collected through university websites in response to a valid subpoena or court order
or to comply with a legally permitted inquiry by a governmental agency or regulatory
body.
Subject to governing law and other applicable university policies, the university
reserves the right to disclose information collected on its websites to governmental
authorities in connection with suspected unlawful activity or to aid an investigation
into suspected unlawful activity. In addition, the university reserves the right to
release information collected on university websites to appropriate governmental authorities
if university officials determine, in their sole judgment, that university policies
have been violated, or that release of information is necessary to protect the rights,
health, safety or property of persons or the university or to protect the integrity
of university computer networks. Further, the university reserves the right to disclose
information as university officials believe necessary to exercise the university’s
legal rights, to defend against actual or potential legal claims, or as otherwise
permitted or required by university policy, including but not limited to, the Code
of Computing Practices, as it may be amended or modified from time to time.
The European Union General Data Protection Regulation (GDPR) places additional obligations
on organizations that control or process personally identifiable information about
people in the European Union. Some UA activities may be covered by the GDPR, and the
University has updated its policies on how it collects, stores, and processes certain
types of data. Further details, as well as a description of protective measures undertaken
by the University, data retention, and breach notification are available in the
campus GDPR Policy
.
Questions
For more information regarding this policy, please contact the Office of University
Relations at 479-575-5555 or email
urelinfo@uark.edu
.
Updates
This policy is subject to periodic review and update by university officials.
February 5, 2015
Website Privacy Policy Appendix A
The university adheres to all applicable federal and state laws, as well as general
university policies that are applicable to the use of computing resources.
State and Federal Laws
Family Education Rights and Privacy Act (FERPA)
Electronic Communications Privacy Act of 1986
Gramm-Leach-Bliley Act
Health Insurance Portability and Accountability Act (HIPAA)
USA Patriot Act
Children’s Online Privacy Protection Rule
Arkansas Freedom of Information Act
18 U.S.C. § 1030
Ark. Code. § 5-41-101 et seq.
Ark. Code. § 13-2-701 et seq.
Ark. Code. § 25-1-114
University Policies
University of Arkansas Policies and Procedures
University of Arkansas Board of Trustee Policies
IT Services Computing Policies
Web Scraping Policy
You agree that any information collected through robots, crawlers or scrapers will
not be sold, transferred or redistributed for monetary gain, because this content
is protected by our copyright. In gathering data, you agree to use your legitimate
IP address. You also agree to not use these tools to attempt to uncover personal information
including applications, student financial information or any information protected
by law under FERPA or any information secured by a login. Finally, do not crawl or
scrape rotbots.txt files.
Website Privacy Policy
Overview
This policy defines the official websites of the University of Arkansas, addresses
collection and use of information in connection with such websites, and describes
under what circumstances the university may disclose such information, consistent
with Ark. Code § 25-1-114.
The university adheres to all applicable federal and state laws, as well as general
university policies that are applicable to the use of computing resources. These include,
but are not limited to, the laws and policies contained in Appendix A.
Official University Websites
Except as noted, the information in this privacy policy applies to all official University
of Arkansas websites, which are defined as those administered through the university
content management system, such as university colleges and schools, main departments,
divisions, or other units typically reporting to or deemed official by the chancellor,
provost, vice chancellors, deans, directors and/or department heads/chairs. These
sites comply with the university template, graphics and Web standards as managed by
the Office of University Relations. Certain official websites may have their own or
supplementary privacy policies appropriate to their function or as required by law
Other Websites
Within the university domain (uark.edu) are various websites that are not maintained
by the university. These unofficial sites include, but are not limited to, RSO sites,
personal websites of faculty, staff or students, and other campus entities. This privacy
policy only applies to official university websites.
Access Information Collected
The university, while reserving its right to monitor communications via university
websites for legal, policy or business reasons, including security and functionality,
will not monitor the content of communications as a matter of normal business practice.
However, the fact that communication occurred (such as when a user visits a university
website or utilizes university websites to search for information or submit a form),
may be routinely logged as a normal business practice.
Common information logged includes, but is not limited to, the following:
the IP address of the user’s computer
the date and time a user’s computer accessed our site
the IP address and URL of a referring website
the page the user requested from the university’s site
the information that a user’s Web browser software sends, which typically identifies
the browser software and may also indicate the operating system and type of CPU used
in the user’s computer
in the case of email, the sender and recipient's email addresses
Google Analytics
Some university websites use Google Analytics, a Web analytics service provided by
Google, Inc., to collect information such as URLs, Internet domain and host names,
browser software, date and time site visited, etc.
Voluntary Information
Services are provided through university websites via forms (e.g., admissions, financial
aid requests, job applications), surveys, etc., whereby individuals are required to
enter personal information in order to process the request, such as name, physical
and email addresses, phone numbers, and financial data. If information requested is
not entered, the services and/or requests cannot be accomplished online.
How Personal Data Is Used
As a general rule, the university does not track individual visitor profiles. This
data is used to analyze aggregate traffic/access information for resource management,
site planning, advertising and marketing.
When personally identifiable information is entered through university websites, typically
the information requested and collected is only used to provide the information or
services sought by the requester, just as a person might provide such information
when visiting a university office in person or submitting the information via paper,
for example, an application for admission.
However, the university may also use any information gathered through university websites
or exchange such information with other entities in order to carry out normal university
business operations, including marketing and subcontractor services. Legal requirements
concerning use and disclosure of sensitive information will be applied to information
maintained with these resources to the same extent that the requirements are applied
to other records kept or maintained by the university. The university does not sell
information collected through university websites to other entities.
Cookies
Websites can use cookies to provide the user with tailored information from a website.
A cookie is an element of data that a website can send to a browser, which may then
store it on the user’s system. Some applications may require the user to accept cookies
in order for the application to work properly. Two types of cookies exist, session
cookies and persistent cookies. Session cookies contain data through which the Web
application the visitor is using can maintain the continuity and state of a session.
Session cookies expire upon user logout, closing of the browser or timed-out sessions.
Persistent cookies contain information that may be useful across multiple sessions,
such as identifying the user or other persistent attributes, and are typically not
deleted. Data from cookies may also be used to identify user trends and patterns,
provide services and record session information. Web browsers can be configured to
refuse cookies, accept cookies, disable cookies and remove cookies as needed or desired.
E-Commerce
The university has several sites that enable encrypted, online payments. The confidential
information entered for these payment transactions is only to be used for purposes
defined within/for the transaction. Some transactions are isolated from campus systems
and managed by a third party.
Children’s Online Activities
Some university websites may present university-sponsored information or activities
that are specifically designed for children. However, any such websites are intended
to be used only by adults to voluntarily share information online, so that a child
who is under the age of 13 can participate in these activities (e.g., camps and enrichment
programs) or so that the child can receive information from the university. When a
parent or legal guardian voluntarily signs up his or her child for one of these programs,
the parent may be asked to provide:
the child’s name
mailing address
phone number
date of birth
school and grade level
email address
parent or legal guardian’s name and email address
The university, through its websites, does not make participation conditional in any
university online activities on the disclosure of more information than is reasonably
necessary to participate. This information will not be disclosed to a third party
unless disclosure is integral to the site or service and will not be used for other
purposes. Parents or guardians have the right:
to review such personal information that has been recorded by a university website
about their child
to refuse to allow further collection of the information
to require the deletion of any information that has been recorded
Third Party Applications and Links
University of Arkansas websites contains links to third party applications and websites
that may or may not be hosted on university servers. The university cannot warrant
or be responsible for the privacy policies of such sites. Users are encouraged to
become familiar with the privacy policies of third party or off-campus sites.
Security
In addition to complying with all applicable laws and regulations, the university
strives to implement and maintain systems and policies to protect the confidentiality
and integrity of personal information provided by users. Despite these security measures,
the university does not represent or warrant that personal information will be protected
against loss, misuse or alteration by third parties.
Disclosure of Data Collected
The university is required to comply with the Arkansas Freedom of Information Act
(FOIA) (Ark. Code Ann. § 25-19-101 et seq.) and may be required to disclose records
maintained in the daily operations of the university unless such records are exempt
from disclosure under federal or state law. Therefore, some data collected through
university websites may be subject to disclosure upon receipt of a valid FOIA request.
Additionally, at times, the university may be legally required to disclose information
collected through university websites in response to a valid subpoena or court order
or to comply with a legally permitted inquiry by a governmental agency or regulatory
body.
Subject to governing law and other applicable university policies, the university
reserves the right to disclose information collected on its websites to governmental
authorities in connection with suspected unlawful activity or to aid an investigation
into suspected unlawful activity. In addition, the university reserves the right to
release information collected on university websites to appropriate governmental authorities
if university officials determine, in their sole judgment, that university policies
have been violated, or that release of information is necessary to protect the rights,
health, safety or property of persons or the university or to protect the integrity
of university computer networks. Further, the university reserves the right to disclose
information as university officials believe necessary to exercise the university’s
legal rights, to defend against actual or potential legal claims, or as otherwise
permitted or required by university policy, including but not limited to, the Code
of Computing Practices, as it may be amended or modified from time to time.
The European Union General Data Protection Regulation (GDPR) places additional obligations
on organizations that control or process personally identifiable information about
people in the European Union. Some UA activities may be covered by the GDPR, and the
University has updated its policies on how it collects, stores, and processes certain
types of data. Further details, as well as a description of protective measures undertaken
by the University, data retention, and breach notification are available in the
campus GDPR Policy
.
Questions
For more information regarding this policy, please contact the Office of University
Relations at 479-575-5555 or email
urelinfo@uark.edu
.
Updates
This policy is subject to periodic review and update by university officials.
February 5, 2015
Website Privacy Policy Appendix A
The university adheres to all applicable federal and state laws, as well as general
university policies that are applicable to the use of computing resources.
State and Federal Laws
Family Education Rights and Privacy Act (FERPA)
Electronic Communications Privacy Act of 1986
Gramm-Leach-Bliley Act
Health Insurance Portability and Accountability Act (HIPAA)
USA Patriot Act
Children’s Online Privacy Protection Rule
Arkansas Freedom of Information Act
18 U.S.C. § 1030
Ark. Code. § 5-41-101 et seq.
Ark. Code. § 13-2-701 et seq.
Ark. Code. § 25-1-114
University Policies
University of Arkansas Policies and Procedures
University of Arkansas Board of Trustee Policies
IT Services Computing Policies
Web Scraping Policy
You agree that any information collected through robots, crawlers or scrapers will
not be sold, transferred or redistributed for monetary gain, because this content
is protected by our copyright. In gathering data, you agree to use your legitimate
IP address. You also agree to not use these tools to attempt to uncover personal information
including applications, student financial information or any information protected
by law under FERPA or any information secured by a login. Finally, do not crawl or
scrape rotbots.txt files.