About DISA banner

SECURITY AND PRIVACY

Thank you for visiting DISA.mil and reviewing our security and privacy policy. The DISA.mil website is provided as a public service and does not collect private information about you, only statistical information that can be used to make the site more effective for all our visitors.

Security Notice about Information We Gather

For site management, information is collected for statistical purposes. This government computer system uses software programs to create summary statistics, which are used for such purposes as assessing what information is of most and least interest, determining technical design specifications, and identifying system performance or problem areas.

For security purposes, and to ensure this service remains available to all users, this government computer system employs software programs to monitor network traffic to identify unauthorized attempts to upload or change information or to otherwise cause damage, including attempts to deny service to authorized users.

Except for authorized law enforcement investigations, no other attempts are made to identify individual users or their usage habits.

Cookie Disclaimer

This website uses measurement and customization technology known as cookies. Cookies are used to remember a user's online interactions with a website or online application in order to conduct measurement and analysis of usage or to customize the user's experience.

There are two kinds of cookies used on this website. A single-session cookie (Tier 1) is a line of text that is stored temporarily on a user's computer and deleted as soon as the browser is closed. A persistent or multi-session cookie (Tier 2) is saved to a file on a user's hard drive and is called up the next time that user visits a website. Use of these cookies does not involve the collection of a visitor's personally identifiable information (PII).

DISA, as part of the Department of Defense, does not use the information associated with cookies to track individual user activity on the internet outside Defense Department websites, nor does it share the data obtained through such technologies, without the user's explicit consent, with other departments or agencies. The Department of Defense does not keep a database of information obtained from the use of cookies.

Cookies are enabled by default to optimize website functionality and customize user experience. Users can choose not to accept the use of these cookies by changing the settings on their local computer's web browser. The USA.gov website, http://www.usa.gov/optout_instructions.shtml, provides general instructions on how to opt out of cookies and other commonly used web measurement and customization technologies. Opting out of cookies still permits users to access comparable information and services; however, it may take longer to navigate or interact with the website if a user is required to fill out certain information repeatedly.

Sharing and Disclosure of Personal Information

Any voluntary information submitted, including personal information, may be shared within DISA, as well as with other federal or state agencies, or others, if necessary, to address matters raised in your submission, or should release of the information be otherwise required by law. Except for authorized law enforcement investigations, no other attempts are made to identify individual users or their usage habits. Raw data logs are used for no other purposes and are scheduled for regular destruction in accordance with National Archives and Records Administration guidelines. We do not collect, give, sell, or rent any personal information to third parties for commercial marketing.

Retention of Collected Information

Information collected by DISA is destroyed when it is superseded, obsolete, or no longer needed to conduct agency business.

Interaction with Children

We do not intentionally collect information from children younger than 13. If we choose, in the future, to collect personal information from children, we will comply with the Children’s Online Privacy Protection Act (COPPA).

Machine-Readable Privacy Policy Statement

The Privacy Provisions of the E-Government Act of 2002 require both a human-readable privacy policy and agency use of machine-readable technology that alerts users automatically about whether site privacy practices match the user's personal privacy preferences. Most website visitors do not see the text privacy policy until after they have visited one or more of the site’s pages.

The standard for machine-readable privacy policy is Platform for Privacy Preferences (P3P). P3P enables websites to translate their privacy practices into a standardized format (Extensible Markup Language, XML) that can be retrieved automatically and automatically interpreted by a user's browser or other user agent, such as a handheld device, media player, document reader, internet-capable cellular phone, etc.

P3P uses machine-readable descriptions to describe the website's practices concerning collection and use of user data. Browsers can use these machine-readable descriptions to take actions, such as blocking cookies.

P3P does not monitor the content of cookies (files stored by a web server on a user's computer), but does address the following:

  • Who is collecting data?
  • What data is collected?
  • For what purpose will data be used?
  • Is there an ability to opt-in or opt-out of some data uses?
  • Who are the data recipients (anyone beyond the data collector)?
  • To what information does the data collector provide access?
  • What is the data retention policy?
  • How will disputes about the policy be resolved?
  • Where is the human-readable privacy policy?

When browsers or other user agents encounter a cookie from a webpage that either does not have a machine-readable P3P policy, or that has a P3P policy that does not match the user’s privacy preferences, the user is alerted by an icon or audible alert. However, P3P does not set minimum standards for privacy and cannot monitor compliance with stated policy. It merely provides notification based on the contents of the machine-readable privacy statement.

Not all browsers support P3P equally and this support can change in time. Website visitors should always be aware of the capabilities of their particular browser and it is wise to review human-readable privacy policies.