The university handles a large amount of personally identifiable information belonging to students, faculty, staff, contractors, and vendors.
Our systems also hold proprietary data and intellectual property that's been developed and gathered by faculty and student researchers.
Information We Collect
When someone accesses a Mason web site, some information is collected automatically:
- The Internet domain and Internet address of the computer (routing information).
- Identification of the requested page or service.
- Type of browser and operating system.
- Date and time of access.
- Internet address of any outside website from which the user linked directly to our website.
Routing information is used to send the requested web page to the user's computer via our Internet service provider or other entities involved in transmitting pages, which have their own privacy practices. Other technical information helps us respond to your request with the right format.
We also collect information that users choose to send, including:
- Name, email address, and the content of emails.
- Data submitted through online forms.
User IDs and passwords submitted through administrative systems are encrypted before transmission across the network and stored in a secure environment. Applications that process credit card payments encrypt card numbers and expiration dates using a secure server, which is not accessible from the Internet.
Although Mason might keep your information indefinitely, most transaction routing information is deleted from our web server within 60 days after the page is transmitted. We don't obtain any information to link it to the individuals who browse our web site. Information that we do retain includes:
- Routing information logs to aid law enforcement agencies if hackers attempt to breach security.
- Transaction routing information for statistical summaries to assess site content and server performance; data is shared with business partners.
Users are not required to provide any information to our website, but the site will not work without routing information and essential technical information. If a browser can't or won't provide nonessential technical information, some site features won't work. If certain optional information is not available, some features or services won't be, either.
Mason sites might place a “cookie” on your computer, unless your browser is set to reject cookies. Cookies enable our sites to recognize you when you return and lets us personalize the site with preferences or information you provided during prior sessions. Information placed on your computer could include:
- IP address.
- Browser type.
- Operating system.
- Date and time.
- Previous visits.
- Pages viewed.
- Preferences or customization (user name and password).
Rules and Requirements
Mason protects records in accordance with our obligations as defined by applicable Virginia statutes, including, but not limited to: the Virginia Privacy Protection Act of 1976; the Virginia Freedom of Information Act; and any applicable U.S. federal laws. In addition:
- Certain information is retained in accordance with records-retention schedules at the Library of Virginia.
- Under the Virginia Freedom of Information Act, any records in our possession at the time of a Freedom of Information Act Request might be subject to being inspected by or disclosed to members of the public. The Act exempts many forms of identifiable confidential/personal information, and we will remove exempt information prior to releasing the routing information.
- Mason bears no responsibility for presented material that is unrelated to the university’s mission.
Mason ITS is not responsible for, tasked with, or otherwise provisioned to act as a privacy office for the university.
Links to Outside Sites
Some university web pages might have links to sites outside the gmu.edu domain. Mason is not responsible for the privacy practices of any outside site. Users should read the individual policy statements of each web site when they leave a Mason server.