Privacy & Security Statement

How we collect, use & protect your information.

This Privacy & Security Statement is intended to help you understand what information we collect as you interact with our website, and how we collect, use, protect and share this information.

This statement describes the collection, use & protection of information by the website at the URL https://www.vims.edu/ (aka "this site").

Parties

This statement refers to the individual(s), office(s), department(s) and/or program(s) within the Virginia Institute of Marine Science (VIMS) and William & Mary responsible for the design, content, operation & maintenance of this site (aka "we"/"our"), as well as this site's visitors (aka "you"/"your").

University policies

This site is subject to policies & regulations of VIMS, William & Mary and the Commonwealth of Virginia, including:

How we collect data
In order to protect our network and to provide web services, we may collect data during your visit through several means:
  • local logs of all access attempts
  • 3rd-party analytics tools - including, but not limited to, Google Analytics
  • web forms which you may choose to complete and submit to us
Uses of data from logs and analytics

We analyze the data we collect through logs and 3rd-party analytics tools for these purposes:

  • to protect our site from malicious access
  • to improve our site by understanding (in aggregate) how visitors find us and use our site
  • to find usage trends and patterns over time
What are cookies?

Sites you visit may offer, and your browser may accept, a small file called a cookie, that:

  • generally contains minimal information
  • may simply hold a random-looking string of numbers & letters meaningful only to the site
How we use cookies

Our site may send one or more cookie(s) to your browser so that we may:

  • improve our web infrastructure (e.g., load-balancing)
  • support our 3rd-party analytics tools
  • deliver personalized services
  • provide persistent authentication (via login)
    • if you log in, your subsequent interactions may be tied to your account
Privileged information

We treat different types of information differently. Here are 3 levels of information privilege we recognize:

  • non-personal information
    • such as your IP address and other analytics data
  • specific personal information
    • such as your full name, home address and phone number
  • sensitive information
    • including credit card numbers and Social Security numbers
What privileged information do we collect?

In general, and in accordance with VIMS and William & Mary policies, including those previously mentioned:

  • we do not collect the most sensitive information
    • you will never be asked for your Social Security number on our site
    • we will link to other secure sites designed to handle credit card transactions if needed (e.g., Acceptiva for donations)
  • we may collect specific personal information
    • through web forms which you may choose to complete and submit to us
    • through authentication (via login)
  • we will collect non-personal information via logs and 3rd-party analytics tools, including:
    • when and from what IP address you access our site
    • the pages you visit
    • the page (or Google search) that led you to our site
    • the web browser you use to access our site
What sensitive information do we share?
  • we neither collect nor share the most sensitive information
    • you will never be asked for your credit card or Social Security number on our site
    • we will link to other secure sites designed to handle credit card transactions if needed (e.g., Acceptiva for donations)
  • we will not share with 3rd parties specific personal information (e.g., when you complete a web form), except:
    • as required by VIMS and W&M policy or legal obligation
    • as necessary to protect our interests
    • with service providers acting on our behalf with whom we have a confidentiality agreement
  • we will not share with 3rd parties non-personal information (e.g., logs & analytics), except:
    • as required by VIMS and W&M policy or legal obligation
    • as necessary to protect our interests
    • as part of our 3rd-party analytics tools
    • after aggregation and de-personalization
    • with service providers acting on our behalf with whom we have a confidentiality agreement
Security

Consistent with the policies & regulations of VIMS, William & Mary and the Commonwealth of Virginia, we work with W&M Information Technology (IT) to secure our site and the privileged information we collect by applying physical, electronic and managerial procedures that:

  • safeguard and secure servers from unauthorized access and use
  • maintain data accuracy
  • ensure the correct use of privileged information

Our 3rd-party analytics tools incorporate their own privacy & security safeguards.

Links to other web sites

We link to other web sites – both within VIMS and William & Mary as well as externally – which may have their own privacy & security policies.

Removal from email lists

VIMS and William & Mary host many email communication lists, but they are not managed as part of this site.

Many of those lists use the university's central listserv system maintained by W&M IT. Contact W&M IT for assistance with the lists they manage, as well as the point of contact for a W&M email account from which you are receiving undesired communication.

Please note – subscription to some official VIMS and William & Mary email lists are required as part of enrollment, employment or participation in our programs.

Data Safety
  • Data sharing:
    • 4 data types collected or shared
  • Security practices:
    • Data is encrypted in transit
    • Data can’t be deleted
Changes to our privacy & security policy statement

We reserve the right to update this privacy & security statement at any time.

Contact Us

Address your suggestions, comments or questions about this site to [[v|wmaster]].