Commitment To Individual Privacy
The University of Colorado supports the protection of individual privacy, and is committed to ensuring the confidentiality of personally identifiable information provided by its employees, students, and visitors. However, because the University of Colorado is a public institution, some personally identifiable information may be subject to disclosure pursuant to the Colorado Open Records Act (C.R.S. § 24-72-101 et seq.). In addition, the University may disclose information to third parties when such disclosure is required or permitted by law.
Colorado Open Records Act (C.R.S. § 24-72-201 et seq.)
The State of Colorado requires that all public records be open for public inspection by any person except as otherwise provided by law. “Public Records” are defined as all writings made or maintained by a state institution, such as the University of Colorado regardless of medium or format. Personal information provided to the University may be subject to public inspection and copying unless protected by state or federal law.
Family Education Rights and Privacy Act (20 U.S.C. § 1232g )
In general, the Family Education Rights and Privacy Act (“FERPA”) prohibits the release of students’ educational records. However, the University of Colorado may release student directory information or student educational records if allowed or required by FERPA. For more information about FERPA contact your campus registrar’s office.
It is the policy and practice of the University of Colorado to collect the least amount of personally identifiable information necessary to fulfill its required duties and responsibilities, complete a particular transaction, deliver services, or as required by law. This applies to the collection of all personally identifiable information regardless of source or medium.
Information provided should only be shared with members of the University community who have a need to know in order to provide services or conduct University business. The University of Colorado may share personally identifiable information
with other individuals or organizations that provide services to the University. The University requires these third parties to protect personally identifiable information it receives pursuant to this policy and applicable law. The University will take reasonable and appropriate measures to protect personally identifiable information from unauthorized access or disclosure.
Individuals may choose whether or not to provide information to the University of Colorado via the Internet. Most University websites may be accessed without providing personally identifiable information, however some options or special services may require the submission of personally identifiable information.
Information other than personally identifiable information may be collected from the Internet for analysis and statistical purposes. Such information may include user visit logs, network traffic logs, and small text files known as “cookies” used to assess website activity. Information collected from the Internet is used to diagnose problems, assess what information is of most interest, determine technical design specifications, and identify system performance and/or problem areas.
Comments and Feedback
Please send comments, questions, or concerns to the Office of Information Security (firstname.lastname@example.org). When sending comments, please include a current mailing address. Please do not send attachments with the message.