Metropolitan State College of Denver is committed to ensuring the privacy and accuracy of all confidential information. The college does not actively share personal information gathered from Web servers. However, because Metro State is a public institution, some information collected from the Metro State Web site, including the summary server log information, e-mail sent to the Web site, and information collected from Web-based forms, may be subject to the Open Records policy. This means that while information is not actively shared, in some cases the college may be compelled by law to release information gathered from Web servers.

As part of the college commitment to maintaining the privacy of Web users, Metro State has developed this privacy statement. The statement has two purposes:

1.       To educate users about privacy issues

2.       To inform users about specific privacy policies and guidelines employed at Metropolitan State College of Denver

Metro State College complies with the Family Educational Rights and Privacy Act (FERPA), which prohibits the release of education records other than public directory information, without student permission. For additional details on FERPA, the document is available for review at www.ed.gov/offices/OII/fpco/ferpa/.

The Metro State Web consists of numerous Web servers. Some servers hosted by non-IT departments may have individual privacy statements.  However, such policies must be reviewed by the appropriate authorities and must be posted on their servers. Such policies must adhere to all federal and state regulations.

The Metro State Web site contains links to hundreds of external Web sites. The College is not responsible for the privacy practices or the content of external Web sites.

Information Collected
The college Web servers generate temporary logs that contain the following information:

·         Internet address of computer being used

·         Referring Web page

·         Web pages requested

·         Date and Time of visit

·         Browser used

·         NID (unique person identifier for SIS services only)

The log data is used by system administrators and web content managers to tune the web site for efficiency and is not ordinarily associated with specific individuals. See Responsible Use of Information Technology Resources Policy for further information (http://www.mscd.edu/~infotech/services/policies/)

Summary reports produced from the logs help web publishers determine what pages are most popular. For example, the aggregate reports can show each page accessed and how many times it was viewed. The reports can also show what times of the day and what days of the week are most popular and from where the web users are accessing the Internet.

Personal Information
The College does not collect personal information on individuals unless they voluntarily participate in an activity that asks for information. For instance, some Metro State Web sites may request personal information such as name, address, e-mail address, and telephone number to provide certain services.  Any personally identifiable information - sent to us will be used only for the purpose indicated and only the information necessary to complete the transaction will be collected.  Metro State will not sell, exchange or otherwise distribute personally identifiable information without consent, except to the extent required by law.  This extends to the collection of all personally identifiable information, regardless of the source or medium.

Cookies
Cookies are small pieces of data stored by the Web browser. Cookies are often used to remember information about preferences and pages users have visited. For example, when visiting some sites on the Web a  "Welcome Back" message may appear. The first time the site was visited, a cookie was likely set on the computer. When the user returns to the address, the cookie is read again. Users can refuse to accept cookies, can disable cookies, and remove cookies from the hard drive. Please see you're the appropriate Web browser provider's help documentation for instructions how to do this.

Various Metro State Web servers use cookies in different ways.  The College's portal system uses cookies so individuals will not have to repeatedly enter user names and passwords when going to different areas of the student information system. This login process uses Secure Sockets Layer (SSL) so the user name and password are encrypted between the Web browser and the college Web server.

Some Web servers within the college may also use cookies to retain user preference information. It is against college policy to share this information with external third parties.

Security and Accuracy of Confidential Information
The College does its best to ensure that the personal information retained about individuals is accurate. Every faculty member, staff member and student has the ability to check and update personal information such as his or her name, address, phone, etc. online at http://www.mscd.edu/banner.htm.

Although no computer system is 100% secure, Metro State has deployed extensive security measures to protect against the loss, misuse, or alteration of the information under college control.

E-commerce & Revenue Generation
Several sites within Metro State enable users to pay for products or services online with a credit card. Unless otherwise noted, these transactions are encrypted using SSL technology. It is college policy that confidential information entered in the transaction is used only for the purpose described in that transaction, unless an additional use is specifically stated on that site.

Sharing of Information
Metro State does, upon explicit request of users, share information with other parties and gather information from other private data providers. For example, the College receives test scores from testing agencies and will send transcripts to other schools. This is done only at the request of users (persons to whom the information applies).

Consistent with FERPA, the college does not release personal student information, other than public directory information, to other parties unless an explicit written authorization is submitted requesting the institution to do so.  Students who wish to have their information removed from the campus directory should visit the Registrar's Office in Central Classroom 105.

Open Records Requests
Except for educational records governed by FERPA, all information collected from the College Web site, including the summary server log information, e-mail sent to the Web site, and information collected from Web-based forms, may be made available to requesting parties if it is subject to the Colorado Open Records Act.

Comments and Feedback
Send comments to webmgr@mscd.edu.  When sending comments, include a current mailing address. Do not send attachments with the message. 

NOTE:  DUE TO OUR CONCERN ABOUT COMPUTER VIRUSES AND THE DAMAGE THEY CAUSE, E-MAIL MESSAGES CONTAINING ATTACHMENTS WILL BE DELETED WITHOUT OPENING.