Public Access |
AIReS web sites available to the general public must contain a Privacy Statement. AIReS web site privacy statements is listed below:: |
Web site Privacy Statement on the Use of Information Gathered from the General Public
The following statement applies only to members of the general public and is intended to address concerns about the types of information gathered from the public, if any, and how that information is used.
I. Cookies
A “cookie” is a small file containing information that is placed on a user’s computer by a web server. Typically, these files are used to enhance the user’s experience of the site, to help users move between pages in a database, or to customize information for a user.
Any information that AIReS webservers may store in cookies is used for internal purposes only. Cookie data is not used in any way that would disclose personally identifiable information to outside parties unless AIReS is legally required to do so in connection with law enforcement investigations or other legal proceedings.
II. Logs and Network Monitoring
AIReS maintains log files of all access to its site and also monitors network traffic for the purposes of site management. This information is used to help diagnose problems with the server and to carry out other administrative tasks. Log analysis tools are also used to create summary statistics to determine which information is of most interest to users, to identify system problem areas, or to help determine technical requirements.
Information such as the following is collected in these files:
1. Hostname: the hostname and/or IP address of the computer requesting access to the site
2. User-Agent: the type of browser, its version, and the operating system of the computer requesting access (e.g., Netscape 4 for Windows, IE 4 for Macintosh, etc.)
3. Referrer: the web page the user came from
4. System date: the date and time on the server at the time of access
5. Full request: the exact request the user made
6. Status: the status code the server returned, e.g., fulfilled request, file not found
7. Content length: the size, in bytes, of the file sent to the user
8. Method: the request method used by the browser (e.g., post, get)
9. Universal Resource Identifier (URI): the location of the particular resource requested. (More commonly known as a URL.)
10. Query string of the URI: anything after a question mark in a URI. For example, if a keyword search has been requested, the search word will appear in the query string.
Protocol: the technical protocol and version used, i.e., http 1.0, ftp, etc.
The above information is not used in any way that would reveal personally identifying information to outside parties unless AIReS is legally required to do so in connection with law enforcement investigations or other legal proceedings.
III. Email and Form Information
If a member of the general public sends AIReS an e-mail message or fills out a web-based form with a question or comment that contains personally identifying information, that information will only be used to respond to the request. Such information is not used in any way that would reveal personally identifying information to outside parties unless System Administration is legally required to do so in connection with law enforcement investigations or other legal proceedings.
IV. Links
This site may contain links to other sites. AIReS is not responsible for the privacy practices or the content of such websites.
V. Security
This site has security measures in place to protect from loss, misuse and alteration of the information.
Contacting AIReS
If there are any questions about this privacy statement, the practices of this site, or dealings with this website, contact webmaster@aires.com
Supporting Information |
This Security Policy is supported by the following Security Policy Standards |
Reference # |
Policy Standard detail |
2 |
Security awareness of personnel must be continually emphasized, reinforced, updated and validated. |
3 |
All personnel are responsible for managing their use of IR and are accountable for their actions relating to IR security. Personnel are also equally responsible for reporting any suspected or confirmed violations of this policy to the appropriate management. |
16 |
Custodian departments must provide adequate access controls in order to monitor systems to protect data and programs from misuse in accordance with the needs defined by owner departments. Access must be properly documented, authorized and controlled. |
References |
Copyright Act of 1976 |
