University of Minnesota
myU OneStop


 

Mass Electronic Mail Privacy Statement

The University of Minnesota respects the privacy of recipients of mass electronic mail to the extent permitted by law. This privacy statement is intended to inform you of the ways in which the standard mass electronic mail system used by the University collects information, the uses to which that information will be put, and the ways in which the University will protect any information obtained.

Mass electronic mail sent by the University may collect three types of information: message logs, tracking logs, and information voluntarily provided by you.

Mailing logs

The mass electronic mail software employed by the University retains a history of the mailings sent to each electronic mail address. The history includes information such as the message content and the success or failure of the attempt to send the message. Mail server transactions and bounce messages (for example, an auto-reply message) are also recorded. Personally identifiable information from these activities may be used by the University and associated third parties performing University-related activities. Personally identifiable information is not released to other external parties without your consent unless required by law, including Minn. Stat. 13.15.

Tracking logs

Messages sent using the mass electronic mail software the University employs may be set up to track message opens and link clicks (“URL clickthroughs” or simply “clickthroughs”). The software employed embeds in the body of a message a transparent image that is referenced using a personally identifiable URL. Each time the URL is accessed, information is recorded, including a member identifier, the message the image appeared in, the date and time, and the Internet address (IP address) from which the access occurred.

The software employed may also be configured to rewrite links (URLs) in sent messages so that when a link in a mass electronic mail communication is clicked on (or otherwise followed) the user is first redirected, using a personally identifiable URL, to the mass electronic mail system. The software employed records information about the action, including a member identifier, the link followed, the message the link appeared in, the date and time, and the Internet address (IP address) from which the access occurred.

The software employed may also provide a copy (in the form of a Web page) of the message sent. The open and clickthrough tracking methods employed in electronic mail can be applied to any Web page generated by the software employed.

Personally identifiable information from these activities may be used by the University and associated third parties performing University-related activities. Personally identifiable information is not released to other external parties without your consent unless required by law, including Minn. Stat. 13.15.

Information voluntarily provided by you

In the course of reading or otherwise utilizing electronic mail communications sent using the software employed, you may choose to provide information to help the University serve your needs. For example, you may respond to an electronic communication and send the University electronic mail (using an e-mail client or a Web form) to request information, you may complete a survey, or you may sign up for a mailing list. Any personally identifiable information you send will be used only for the purpose(s) that you indicate in your request. Requests for information will be directed to the appropriate staff for response. The University will not sell, exchange, or otherwise distribute your personally identifiable information without your consent, except to the extent required by law. The University does not retain the information longer than necessary for normal operations.

Aggregate information

The University may use aggregate information that is not personally identifiable to analyze and report on our electronic communications, or for other purposes. This aggregate information may be derived from mailing logs, tracking logs, or voluntarily provided information. The University may use personally identifiable information from other sources to group your tracked or logged actions with those of other recipients with similar characteristics (e.g., age group). For example, a staff member in a specific department may be identified using a separate data source so that logs and tracked actions for the employee are associated with other staff members from the same department. Information that is not personally identifiable may be shared with others, most commonly other senders of mass e-mail within the University.

Personally identifiable information

Personally identifiable information collected may be used for normal operations at the University. Normal operations vary by unit and may, for example, include marketing. Personally identifiable information obtained using the methods listed above may be used by the University and associated third parties performing University-related activities. Personally identifiable information is not released to other external parties without your consent unless required by law, including Minn. Stat. 13.15. Personally identifiable information that is collected may also be associated and stored with personally identifiable information from other sources at the University, depending on the normal operations of the unit or units concerned.

External Web sites

Electronic mail sent by the University will often contain links to Web sites that may or may not be under the control of the University. For a University Web site, view the applicable privacy policy for that site. The University does not control external (non-University) sites and resources, does not endorse them, and is not responsible for their availability, content, or delivery of services. In particular, external sites are not bound by the University’s online privacy policy; they may have their own policies or none at all. Often you can tell you are leaving a University Web site by noting the URL of the destination site.

Minn. Stat. 13.15 provides that electronic access data may be disseminated (1) to the commissioner of the Department of Administration for the purpose of evaluating electronic government services, (2) to another government entity to prevent unlawful intrusions into government electronic systems, or (3) as otherwise provided by law.