Introduction
We are committed to protecting individual privacy and securing the personal information made available to us when you visit our website, SSA.gov. This Privacy Policy explains our online information practices. This policy does not apply to third-party websites that you are able to reach from our website, nor does it cover our information collection practices that are not online. For more information about our privacy practices, please visit our Privacy Program Webpage.
Our Use of Web Measurement, and Customization Technologies
We use web measurement and customization technologies to remember your online interactions with our website. Such technologies allow us to measure and analyze how our website is used and customize your user experience.
When we use such technologies (for example, “cookies”), a small text file may be downloaded to your computer so that our website can recognize when you use our website in the future.
We currently use the following technologies, as defined by the Office of Management and Budget (OMB) in memorandum 10-22 (OMB M-10-22), Guidance for Online Use of Web Measurement and Customization Technologies :
- Single session cookies. This technology "remembers" the online interactions within a single session or visit to a web site. Any identifier related to a particular person is used only within that session is deleted from the person's computer immediately after the session ends.
- Under the framework of OMB M-10-22, this qualifies as a Tier 1 use.
- Multi-session or persistent cookies. This technology is used to recognize when a person returns to a web site and remembers his or her online interactions and preferences across multiple sessions.
- Under the framework of OMB M-10-22, this qualifies as a Tier 2 use.
As appropriate, SSA will update this policy to explain our use of technologies beyond cookies.
How we use web measurement and customization technology
We can provide a better experience for you if we understand how you use the site. To this end, we use Tier 1 technology when you transact business online with us, such as applying for benefits or changing your address. We store this "single session cookie" on your computer only during your visit. The session cookie keeps you and us from losing information you have entered during a business transaction with us. Once you exit our application, your computer deletes the cookie from your computer. When you partially complete one of our on-line applications, we provide you with a secure means of returning to your application that does not use any web measurement technology.
We use Tier 2 technology in the following ways:
- To help us analyze site use by identifying you as a new or returning visitor; this does nothing other than distinguish whether you have been to our site before. Our web measurement applications compare the behavior of new and returning visitors in the aggregate to help us identify work flows and trends and also resolve common problems on our site. We do not use this technology to identify you or any other person.
- To improve our website and provide a better user experience for our customers. This technology tracks how visitors interact with SSA.gov, including where they came from, what they did on the site, and whether they completed any pre-determined tasks while on the site. The information collected is used to optimize our website; helping us determine top tasks, improve our user interface and diversify our content offerings to meet the needs of our customers.
- To obtain feedback and data on visitors' satisfaction with the SSA website. For example, SSA uses third party vendors to conduct surveys about customer satisfaction. Participation in such surveys are voluntary and do not require you to provide personally identifiable information about yourself or others.
- To make login to our Open Government page easier, prevent anonymous abuse of the service, and ensure fair voting.
How to opt-out by disabling cookies
If you do not want to accept cookies, you can change your browser settings to disable cookies. You can find step-by-step instructions for changing your settings at https://www.usa.gov/optout-instructions. If you opt-out, we will always make comparable information or services available to you. Please note that changing the settings in your browser to disable cookies will affect your interactions with any other web sites that use cookies.
Whether we enable the technology by default or not and why
In order to optimize your experience and provide statistically accurate data about use of our web-site, the technologies we describe above are enabled by default. We will review any future additional use of these technologies and change this policy statement accordingly before implementing additional uses of the technologies.
Third-party vendors
We currently use the following third-party vendors in the measurement and customization process:
- IdeaScale, an innovations management platform that we use for our Open Government page
- Google Analytics, a service that provides statistics and basic analytical tools.
- WebSphere, a tool that tracks a user's session within an application.
- Tivoli, an application that keeps track of the authenticated user and maintains a user's session on the firewall.
In addition, some third party social media sites we use may utilize web measurement and customization technologies, however these technologies are not used on behalf of SSA, and are solely used for the third party's own purposes.
Information you give us
We may request personal information from you to administer our programs. All personal information you provide to us online is voluntary. However, we may need personal information from you (such as name, email address, Social Security number, or other unique identifier) to provide certain online services (such as creating a my Social Security user account). When we request personal information from you that we will maintain in our systems of records, we will describe our authority to the collect the information, the principal purpose(s) for which we will use the information, how we may use the information, and any effect of you not providing the information.
We will retain and dispose of any information we collect about you in accordance with Federal records laws and applicable Federal Records Schedules.
Sharing Your Information
We may share personal information we collect about you with our employees and contractors who have a need to know the information within their job duties. We may also disclose your information outside our agency as otherwise authorized by Federal law. For instance, in a government-wide effort to combat security and virus threats, we may share some information we collect through the above-mentioned technologies (such as your Internet Protocol address) for law enforcement purposes. More information about how we share information can be found in our Privacy Act Notices of Systems of Records.
Children’s Online Privacy Protection Act (COPPA)
We believe in the importance of protecting children's privacy online. We comply with the COPPA, which governs personal information collected from or about children under the age of 13. We do not intentionally collect information from children under the age of 13. Our "Kids' Place" page does not require children to provide any information that could personally identify them. If, however, a child chooses to provide personally identifying information to us, through an email or otherwise, we will only use it to respond to the inquiry.
Privacy and Security
We will comply with all applicable laws and policies relating to protecting the privacy and security of information we collect through our website and the above-referenced technologies. In doing so, we will take reasonable precautions to maintain the security, confidentiality, and integrity of the information we collect at this site. For example, we take the following steps to secure personal information we collect online.
- Employ internal access controls to ensure that the only people who see your information are those with a need to do so to perform their official duties.
- Train appropriate personnel on our privacy and security policies to know requirements for compliance.
- Secure the areas where we retain paper copies of the information we collect online.
- Ensure proper destruction of paper records.
- Perform regular backups of the information we collect online to ensure against loss.
- Use technical controls to secure the information we collect online including, but not limited to
- Secure Socket Layer (SSL)
- Encryption
- Firewalls
- Password Protections
- Periodically test our security procedures to ensure personnel and technical compliance.
- Employ external access safeguards to identify and prevent unauthorized attempts to access, or cause harm to, the information contained in our systems.
A listing of Privacy Impact Assessments for our electronic systems and collections are located at https://www.ssa.gov/privacy/pia.html.
We suggest that you do not send personal information to us via email, because it is not a secure method of communication. We will only send you general information via email. To the extent SSA contacts you via email, we will include limited or no personally identifiable information in our correspondence.
Visiting Other Websites
Our website contains links to international agencies, private organizations, and some commercial entities. These websites are not within our control and may not follow the same privacy, security, or accessibility polices. Once you link to another site, you are subject to the policies of that site.
Social Media Sites
We may create SSA accounts or webpages on third party social media sites to increase transparency, encourage public collaboration with SSA, and in general make our content available in other formats or forums. Please be aware that the privacy protections provided on third party social media sites may not be the same as the privacy protections described for SSA's website at www.SSA.gov, and third party social media sites may have separate privacy policies that apply to your use of those sites. In certain limited situations, we collect, maintain, or disseminate personally identifiable information made available to SSA by third party social media sites. These instances include to comply with records retention requirements, address threats to agency facilities or personnel, identify suspected Social Security fraud or other violations of law, address customer service complaints, and help us improve service delivery across our various programs. For service delivery purposes, information is maintained in aggregate or non-identifiable form, whenever possible. Please be aware that if you use a third party social media site to communicate with the agency, you may be providing nongovernmental third parties with access to your personal information.