Privacy

Privacy Policy

The following will explain how we handle any information about individuals that we collect during your visit to our website. Please note, our website contains links to other federal agencies and private organizations. Once you navigate to another site, you are subject to the policies of the new site.

Information collected and stored automatically
When you visit our website to read pages or download information, we automatically collect and store the following information only:

• The name of the domain from which you entered our website (for example, "xcompany.com" if you use a private Internet access account or "your school.edu" if you connect from a university domain)
• IP Address (an IP address is a number that is automatically assigned to your computer whenever you are surfing the web)
• The type of browser and operating system used to access our site
• The date and time you access our site
• The pages you visit
• If you navigated to the BPA website from another website, the address of that website

We use this information to measure the number of visitors to the different sections of our site, and to help make our site more useful to visitors. We do not track or record information about individuals and their visits. This information is not shared with anyone beyond the support staff to this home page, except when required by Law Enforcement investigation. This information is not sold for commercial marketing purposes.

Information collected via e-mail

If you choose to provide us with personal information by sending an e-mail or filling out a web comment form, we may use that information to respond to your message or to help us obtain the information you have requested. In an effort to respond to your request, any information you submit may be viewed by people in other government agencies depending upon the nature of your request.
 
Information collected in signing up for a conference 
 
A few pages on the BPA Website may request credit card information from the user. In those instances, a secure Website will be used for the transmission of that information. The credit card information will be used to complete a monetary transaction involving fees to attend BPA-sponsored conferences or the cost of BPA goods or services. The information will only be used for that transaction and will not be disseminated to others.
 
Information collected for security purposes

For site security purposes and to ensure that this service remains available to all users, this government computer system employs industry-standard methods to monitor network traffic to identify unauthorized attempts to upload or change information, or otherwise cause damage

Information collected via other means
 
Specific proceedings where the public is invited to comment will contain a notice of what the agency intends to do with the data gathered.

Visiting official BPA Third-Party Websites and Applications

BPA currently maintains official BPA accounts on several third-party websites and applications. The third-party service provider’s terms of service and privacy policies govern your activity on the third-party website or application. BPA does not control what these third-parties service providers do with the information they collect. You may wish to review the third-party service provider’s terms of service and privacy policies before using it to understand how and when the third-party service provider collects, uses, and/or shares information you make available by using its service. You can find the privacy policies for third-party websites and applications commonly used by BPA below.

If you interact with official BPA accounts on third-party websites and applications, personally identifiable information may become available or accessible to the BPA. This can occur when you provide information, communicate, link, post, or associate information with official BPA accounts (e.g., through “liking,” “friend-ing,” responding to posts, or commenting on content provided by BPA). BPA does not control, moderate, or endorse the comments or opinions provided by users on official BPA accounts.

BPA may collect and maintain personally identifying information you make available on third-party websites and applications with official BPA accounts. Specifically, BPA, or a contractor operating on behalf of BPA, may automatically collect certain browser information, including the full internet address of the third-party service provider, if you travel directly to a BPA website from the third-party application or website. BPA may collect your name if you leave a comment. 

BPA will not otherwise collect and maintain personally identifying information you make available on third-party websites and applications with official BPA accounts. In all circumstances, BPA will only collect and maintain personally identifying information you make available on official BPA accounts consistent with the Privacy Act, the Federal Records Act, and other applicable Privacy policies. BPA will not share your PII except pursuant to appliable law, regulation, or government-wide policy. 

Third Party Privacy Policies

The privacy policies for third-party social media platforms, a specific type of third-party website, with official BPA accounts used to communicate with the public include:

• X (Twitter) Privacy Policy
• Facebook Privacy Policy
• YouTube Privacy Policy
• LinkedIn Privacy Policy
• Instagram Privacy Policy

Privacy Principles

• Transparency: BPA provides notice through Privacy Act statements, privacy notices and website notifications to individuals whose personally identifiable information (PII) is collected, used, maintained and disseminated by BPA.
• Purpose Specification: BPA collects PII only when it is needed to meet a specific business purpose.
• Data Minimization: BPA collects only PII that is directly relevant and necessary to accomplish the purpose for which it was collected.
• Access/Use Limitation: Only BPA employees who need PII to conduct their official duties are granted access to PII. The PII must be used only for the specific purpose for which it was collected.
• Accuracy: BPA has enacted appropriate safeguards to ensure the thoroughness, completeness and accuracy of PII collected and maintained by BPA. BPA also provides a mechanism for individuals to access and correct PII maintained by BPA.
• Security: BPA protects PII through appropriate security safeguards against risks such as loss, unauthorized access or use, destruction, modification and unintended or inappropriate disclosure.
• Accountability and Auditing: BPA is accountable for complying with these principles, for providing privacy education and training to all BPA federal and contract employees and for auditing actual use of PII to demonstrate compliance with applicable privacy protection requirements.

Functions of the Privacy Office 

• Develop and implement privacy policy compliant with controlling federal laws and regulations, DOE directives and BPA policies.
• Serve as BPA's focal point for privacy matters.
• Provide policy guidance and assistance to offices throughout BPA in the execution of their privacy responsibilities.
• Review all new and existing laws, regulations and policies that may affect our privacy obligations.
• Audit all collections of PII and assessing privacy risk.
• Collaborate with offices throughout BPA to conduct Initial Privacy Evaluations (IPE) and Privacy Impact Assessments (PIA).
• Centralize FOIA and Privacy Act operations to provide policy and programmatic oversight.
• Operate a Privacy Incident Response Program, in collaboration with BPA Cyber Security, to ensure that incidents involving PII are properly reported, investigated and mitigated.
• Ensure BPA complies with DOE's privacy reporting requirements.
• Provide training, education and outreach to build a culture of privacy across BPA and to advance transparency to our customers and the public.