Effective May 17, 2007
1. What personally identifiable information EPI collects.
2. What personally identifiable information third parties collect through the website.
3. What organization collects the information.
4. How EPI uses the information.
5. With whom EPI may share user information.
6. What choices are available to users regarding collection, use, and distribution of the information.
7. What types of security procedures are in place to protect the loss, misuse, or alteration of information under EPI control.
8. How users can correct any inaccuracies in the information.
EPI is the sole owner of the information collected on www.epi.org and other EPI websites. EPI collects information from our users at several different points on our website.
We request information from the user on our order form. A user must provide contact information (such as name, email, and shipping address) and financial information (such as credit card number and expiration date). This information is used for billing purposes and to fill customer’s orders. If we have trouble processing an order, the information is used to contact the user.
Newsletter signup page
We request information from the user on our newsletter signup page. A user may provide their name, email, and/or mailing address to receive news and other information via email and/or postal mail. If a user wishes to subscribe to any of our electronic newsletters, we require only an email address.
A cookie is a piece of data stored on the user’s computer tied to information about the user. Usage of a cookie is in no way linked to any personally identifiable information while on our site.
Cookies are used by our shopping cart (on EPI’s online bookstore). If users reject the cookie, they may still use our site. The only drawback to this is that the user will not be able to complete a purchase using our online bookstore (we do, however, also accept orders by phone and mail).
To find more information about cookies, if you are using Microsoft Internet Explorer as your browser, visit the Microsoft Web site at http://www.microsoft.com/info/cookies.mspx; users of Mozilla browsers (including Firefox) should visit http://kb.mozillazine.org/Cookies.
Like most standard website servers, we use log files. This includes Internet Protocol (IP) addresses, browser type, Internet service provider (ISP), referring/exit pages, platform type, date/time stamp, and number of clicks. We use this information to analyze trends, administer the site, track user’s movement in the aggregate, and gather broad demographic information for aggregate use. IP addresses, etc. are not linked to personally identifiable information.
Communications from the site
If a user wishes to subscribe to any of our electronic newsletters, we require only an email address. Out of respect for our users’ privacy, we provide a way to opt-out of these communications. Please see the “Choice” and “Opt-out” sections below.
Though we make every effort to preserve user privacy, we may need to disclose personal information when required by law wherein we have a good-faith belief that such action is necessary to comply with a current judicial proceeding, a court order, or legal process served on our website.
These are the instances in which we will share users’ personal information:
We use an outside Internet service provider to host and maintain our Web servers and bulk email service, a shipping company to ship orders by mail, and a credit card processing company to bill users for goods and services. These companies do not retain, share, store, or use personally identifiable information for any secondary purposes.
Our users are given the opportunity to ‘opt-out’ of having their information used for purposes not directly related to our site at the point where we ask for information.
Users who no longer wish to receive our newsletters and/or promotional communications may opt-out of receiving these communications by visiting EPI’s unsubscribe page. Alternately, users may send an email to EPI’s Web Manager, identifying which communication(s) the user is subscribed to, and indicating the email address(es) to be removed from the email list(s). We also offer opt-out mechanisms at the bottom of each such message. Users may also unsubscribe from email lists by contacting EPI’s Web Manager by phone or postal mail using the contact information listed below.
While we require an email address when placing an order online, we do not use or retain that address for any purpose other than order processing.
“Email This Page” Feature
If a user elects to use our referral service for informing a friend about our site, we ask them for the recipient’s email address, as well as the sender’s name and email address. EPI will automatically send the friend a one-time email inviting them to visit the site. EPI does not retain this information; it is collected for the sole purpose of sending this one-time email.
This website takes every precaution to protect our users’ information. When users submit sensitive information via the website, their information is protected both online and off-line.
When our shopping cart (i.e., bookstore order form) asks users to enter sensitive information (such as credit card number and/or social security number), that information is encrypted and is protected with the best encryption software in the industry — SSL. While on a secure page, such as our Contribute page or Bookstore/shopping cart checkout page, the padlock icon on the bottom of Web browsers such as Mozilla and Microsoft Internet Explorer becomes locked, as opposed to unlocked, or open, when users are just “surfing.”
While we use SSL encryption to protect sensitive information online, we also do everything in our power to protect user-information off-line. All of our users’ information, not just the sensitive information mentioned above, is restricted in our offices. Only employees who need the information to perform a specific job (for example, our billing clerk or a customer service representative) are granted access to personally identifiable information. All employees are kept up-to-date on our security and privacy practices. Any time new policies are added, our employees are notified and/or reminded about the importance we place on privacy, and what they can do to ensure our users’ information is protected. Finally, the servers that store personally identifiable information are housed in a secure environment.
Correcting/Updating/Deleting/Deactivating Personal Information
If a user’s personally identifiable information changes (such as zip code, phone, email, or postal address), or if a user no longer desires our service, we provide a way to correct, update, or delete/deactivate users’ personally identifiable information. This can usually be done by emailing us at email@example.com, or by contacting us via telephone or postal mail using the contact information listed below.
Notification of Changes
If, however, we are going to use users’ personally identifiable information in a manner different from that stated at the time of collection, then we will notify users by posting a notice on our Web site for 30 days.
If users have questions or concerns regarding this document, they should contact the Economic Policy Institute’s Web Manager at firstname.lastname@example.org or (202) 775-8810. The Web Manager can also be reached at the following address:
Economic Policy Institute
1225 I St. NW, Suite 600
Washington, DC 20005