The following will explain how we handle any information about individuals that we collect during your visit to our website. Please note, our website contains links to other federal agencies and private organizations. Once you navigate to another site, you are subject to the policies of the new site.
Information collected and stored automatically
When you visit our website to read pages or download information, we automatically collect and store the following information only:
- The name of the domain from which you entered our website (for example, "xcompany.com" if you use a private Internet access account or "your school.edu" if you connect from a university domain)
- IP Address (an IP address is a number that is automatically assigned to your computer whenever you are surfing the web)
- The type of browser and operating system used to access our site
- The date and time you access our site
- The pages you visit
- If you navigated to the BPA website from another website, the address of that website
We use this information to measure the number of visitors to the different sections of our site, and to help make our site more useful to visitors. We do not track or record information about individuals and their visits. This information is not shared with anyone beyond the support staff to this home page, except when required by Law Enforcement investigation. This information is not sold for commercial marketing purposes.
Information collected via e-mail
If you choose to provide us with personal information by sending an e-mail or filling out a web comment form, we may use that information to respond to your message or to help us obtain the information you have requested. In an effort to respond to your request, any information you submit may be viewed by people in other government agencies depending upon the nature of your request.
Information collected in signing up for a conference
A few pages on the BPA Website may request credit card information from the user. In those instances, a secure Website will be used for the transmission of that information. The credit card information will be used to complete a monetary transaction involving fees to attend BPA-sponsored conferences or the cost of BPA goods or services. The information will only be used for that transaction and will not be disseminated to others.
Information collected for security purposes
For site security purposes and to ensure that this service remains available to all users, this government computer system employs industry-standard methods to monitor network traffic to identify unauthorized attempts to upload or change information, or otherwise cause damage
Information collected via other means
Specific proceedings where the public is invited to comment will contain a notice of what the agency intends to do with the data gathered.
- Transparency: BPA provides notice through Privacy Act statements, privacy notices and website notifications to individuals whose personally identifiable information (PII) is collected, used, maintained and disseminated by BPA.
- Purpose Specification: BPA collects PII only when it is needed to meet a specific business purpose.
- Data Minimization: BPA collects only PII that is directly relevant and necessary to accomplish the purpose for which it was collected.
- Access/Use Limitation: Only BPA employees who need PII to conduct their official duties are granted access to PII. The PII must be used only for the specific purpose for which it was collected.
- Accuracy: BPA has enacted appropriate safeguards to ensure the thoroughness, completeness and accuracy of PII collected and maintained by BPA. BPA also provides a mechanism for individuals to access and correct PII maintained by BPA.
- Security: BPA protects PII through appropriate security safeguards against risks such as loss, unauthorized access or use, destruction, modification and unintended or inappropriate disclosure.
- Accountability and Auditing: BPA is accountable for complying with these principles, for providing privacy education and training to all BPA federal and contract employees and for auditing actual use of PII to demonstrate compliance with applicable privacy protection requirements.
Functions of the Privacy Office
- Serve as BPA's focal point for privacy matters.
- Provide policy guidance and assistance to offices throughout BPA in the execution of their privacy responsibilities.
- Review all new and existing laws, regulations and policies that may affect our privacy obligations.
- Audit all collections of PII and assessing privacy risk.
- Collaborate with offices throughout BPA to conduct Initial Privacy Evaluations (IPE) and Privacy Impact Assessments (PIA).
- Centralize FOIA and Privacy Act operations to provide policy and programmatic oversight.
- Operate a Privacy Incident Response Program, in collaboration with BPA Cyber Security, to ensure that incidents involving PII are properly reported, investigated and mitigated.
- Ensure BPA complies with DOE's privacy reporting requirements.
- Provide training, education and outreach to build a culture of privacy across BPA and to advance transparency to our customers and the public.