Skip to main contentSkip to main navigationSkip to footer content

UAFS Privacy Statement

 This policy defines the official websites of the University of Arkansas – Fort Smith, addresses collection and use of information in connection with such websites, and describes under what circumstances the university may disclose such information, consistent with Ark. Code § 25-1-114.

The university adheres to all applicable federal and state laws, as well as general university policies that are applicable to the use of computing resources.

 

Learn More

Except as noted, the information in this privacy policy applies to all official University of Arkansas – Fort Smith websites, which are defined as those administered through the university content management system, such as university colleges and schools, main departments, divisions, or other units typically reporting to or deemed official by the chancellor, provost, vice chancellors, deans, directors and/or department heads/chairs. These sites comply with the university template, graphics and Web standards as managed by Marketing & Communications. Certain official websites may have their own or supplementary privacy policies appropriate to their function or as required by law.

Within the university domain (xgcr.net) are various websites that are not maintained by the university. These unofficial sites include, but are not limited to, RSO sites, and other campus entities. This privacy policy only applies to official university websites. 

The university, while reserving its right to monitor communications via university websites for legal, policy or business reasons, including security and functionality, will not monitor the content of communications as a matter of normal business practice. However, the fact that communication occurred (such as when a user visits a university website or utilizes university websites to search for information or submit a form), may be routinely logged as a normal business practice. 
 
Common information logged includes, but is not limited to:
  • the IP address of the user’s computer
  • the date and time a user’s computer accessed our site
  • the IP address and URL of a referring website
  • the page the user requested from the university’s site
  • the information that a user’s Web browser software sends, which typically identifies the browser software and may also indicate the operating system and type of CPU used in the user’s computer
  • in the case of email, the sender and recipient’s email address

 Some university websites use Google Analytics, a Web analytics service provided by Google, Inc., to collect information such as URLs, Internet domain and host names, browser software, date and time site visited, etc.

As a general rule, the university does not track individual visitor profiles. This data is used to analyze aggregate traffic/access information for resource management, site planning, advertising and marketing. 
 
When personally identifiable information is entered through university websites, typically the information requested and collected is only used to provide the information or services sought by the requester, just as a person might provide such information when visiting a university office in person or submitting the information via paper, for example, an application for admission. 
 
However the university may also use any information gathered through university websites or exchange such information with other entities in order to carry out normal university business operations, including marketing and subcontractor services. Legal requirements concerning use and disclosure of sensitive information will be applied to information maintained with these resources to the same extent that the requirements are applied to other records kept or maintained by the university. The university does not sell information through university websites to other entities. 

 Services are provided through university websites via forms (e.g., admissions, financial aid requests, job applications), surveys, etc., where individuals are required to enter personal information in order to process the request, such as name, physical and email addresses, phone numbers, and financial data. If information requested is not entered, the services and/or requests cannot be accomplished online.

Websites can use cookies to provide the user with tailored information from a website. A cookie is an element of data that a website can send to a browser, which may then store it on the user’s system. Some applications may require the user to accept cookies in order for the application to work properly. Two types of cookies exist, session cookies and persistent cookies. Session cookies contain data through which the Web application the visitor is using can maintain the continuity and state of a session. Session cookies expire upon user logout, closing of the browser or timed-out sessions. Persistent cookies contain information that may be useful across multiple sessions, such as identifying the user or other persistent attributes, and are typically not deleted. Data from cookies may be used to identify user trends and patterns, provide services and record session information. Web browsers can be configured to refuse cookies, accept cookies, disable cookies and remove cookies as needed or desired.

The university has several sites that enable encrypted, online payments. The confidential information entered for these payment transactions is only to be used for purposes defined within/for the transaction. Some transactions are isolated from campus systems and managed by a third party.

Some university websites may present university-sponsored information or activities that are specifically designed for children. However, any such websites are intended to be used only by adults to voluntarily share information online, so that a child who is under the age of 13 can participate in these activities (e.g., camps and enrichment programs) or so that the child can receive information from the university.

 University of Arkansas – Fort Smith websites contain links to third party applications and websites that may or may not be hosted on university servers. The university cannot warrant or be responsible for the privacy policies of such sites. Users are encouraged to become familiar with the privacy policies of third party or off-campus sites.

In addition to complying with all applicable laws and regulations, the university strives to implement and maintain systems and policies to protect the confidentiality and integrity of personal information provided by users. Despite these security measures, the university does not represent or warrant that personal information will be protected against loss, misuse or alteration by third parties.

The university is required to comply with the Arkansas Freedom of Information Act (FOIA) (Ark. Code Ann. § 25-19-101 et seq.) and may be required to disclosure records maintained in the daily operations of the university unless such records are exempt from disclosure under federal or state law. Therefore, some data collected through university websites may be subject to disclosure upon receipt of a valid FOIA request. 
 
Additionally, at times, the university may be legally required to disclose information collected through university websites in response to a valid subpoena or court order or to comply with a legally permitted inquiry by a governmental agency.
 
Subject to governing law and other applicable university policies, the university reserves the right to disclose information collected on its websites to governmental authorities in connection with suspected unlawful activity or to aid an investigation into suspected unlawful activity. In addition, the university reserves the right to release information collected on university websites to appropriate governmental authorities if university officials determine, in their sole judgement, that university policies have been violated, or that release of information is necessary to protect the rights, health, safety or property of persons or the university to protect the integrity of university computer networks. Further, the university reserves the right to disclose information as university officials believe necessary to exercise the university’s legal rights, to defend against actual or potential legal claims, or as otherwise permitted or required by university policy. 
 
The European Union General Data Protection Regulation (GDPR) places additional obligations on organizations that control or process personally identifiable information about people in the European Union. Some UAFS activities may be covered by the GDPR, and the University has updated its policies on how it collects, stores, and processes certain types of data. Further details, as well as a description of protective measures undertaken by the University, data retention, and breach notification are available in the campus GDPR policy.