Introduction

Thank you for visiting the North Eastern States Tax Officials Association ("NESTOA") Web site. This Web site is hosted by the New York State Department of Taxation and Finance (hereinafter, “DTF”). This Web site is designed to make it easier and more efficient to interact with NESTOA. We recognize that it is important for individuals and businesses to be confident that their privacy is protected when they visit NESTOA's Web site.

This policy describes privacy practices regarding information collected from users of this Web site. This policy describes what information is collected and how that information is used. Because this privacy policy only applies to this Web site, you should examine the privacy policy of any Web site, including other Web sites, that you access using this Web site.

For purposes of this policy, “personal information” means any information concerning a natural person which, because of name, number, symbol, mark, or other identifier, can be used to identify that natural person. We do not collect any personal information about you during your visit to this Web site unless you provide that information voluntarily by sending an e-mail or by conducting an online transaction. This includes, for example, filling out an online form.

Information Collected Automatically When You Visit this Web site

When visiting this Web site, we automatically collect and store the following information about your visit:

(i) The Internet Protocol address and domain name used, but not the e-mail address. The Internet Protocol address is a numerical identifier assigned either to your Internet service provider or directly to your computer;
(ii) The type of browser and operating system used;
(iii) The date and time you visited this site;
(iv) The Web pages or services you accessed at this site;
(v) Any form, publication or document which you download; and
(vi) Depending on how you access NESTOA’s site, we may also, on occasion, capture the Web site you visited prior to coming to NESTOA’s Web site.

None of the foregoing information is deemed to constitute personal information.

The information that is collected automatically is used to improve this Web site's content and to help NESTOA understand how users are interacting with the Web site. This information is collected for statistical analysis, to determine what information is of most and least interest to site users, and to improve the utility of the material available on the Web site. The information is not collected for commercial marketing purposes.

Cookies

The use of cookies is a standard practice among Internet Web sites. The NESTOA Web site uses cookies. Cookies are small files stored on your computer by your Web browser to provide a means of distinguishing among users of the Web site. The cookies that are utilized do not contain personal information and do not compromise your privacy or security.

The software and hardware you use to access the Web site allows you to refuse new cookies or delete existing cookies. Refusing or deleting cookies may limit your ability to take advantage of some features of this Web site.

Information Collected When You Send an E-mail or Conduct an Online Transaction through this Web site.

During your visit to this Web site you may send an e-mail to NESTOA. Your e-mail address and the contents of your message will be collected. Your e-mail address and the information included in your message will be used to respond to you, to address issues you identify, to improve this Web site, or to forward your message for appropriate action. Your e-mail address is not collected for commercial purposes.

During your visit to this Web site you may conduct an online transaction. This includes, for example, filling out an online form. The information, including personal information, volunteered by you in conducting the transaction is used by NESTOA to provide services and information. The information collected may, to the extent permitted by law, be disclosed by NESTOA for those purposes that may be reasonably ascertained from the nature and terms of the transaction in connection with which the information was submitted.

We do not knowingly collect personal information from children or create profiles of children through this Web site. Users are cautioned, however, that the collection of personal information submitted in an e-mail will be treated as though it was submitted by an adult, and may, unless exempted from access by federal or State law, be subject to public access. We strongly encourage parents and teachers to be involved in children’s Internet activities and to provide guidance whenever children are asked to provide personal information online.

Information and Choice

As noted above, we do not collect any personal information about you during your visit to this Web site unless you provide that information voluntarily by sending an e-mail or conducting an online transaction. This includes, for example, filling out an online form or utilizing any online services. You may choose not to send an e-mail, not to fill out an online form and/or not to utilize any online services. While your choice not to participate in these activities may limit your ability to receive specific services through this Web site, it will not prevent you from interacting with NESTOA by other means (e.g., by telephone or United States mail or similar delivery service) and will not normally have an impact on your ability to take advantage of other features of the Web site, including browsing or downloading publicly available information.

Disclosure of Information Collected Through this Web site

The collection of information through this Web site and the disclosure of that information are subject to the provisions of the New York State Internet Security and Privacy Act. We will only collect personal information through this Web site or disclose personal information collected through this Web site if the user has consented to the collection or disclosure of such personal information. The voluntary disclosure of personal information by the user, whether solicited or unsolicited, constitutes consent to the collection and disclosure of the information for the purposes for which the user disclosed the information, as was reasonably ascertainable from the nature and terms of the disclosure.

However, we may collect or disclose personal information without user consent if the collection or disclosure is: (1) made pursuant to a court order or by law; (2) for the purpose of validating the identity of the user; or (3) of information to be used solely for statistical purposes that is in a form that cannot be used to identify any particular person.

Further, the disclosure of information, including personal information, collected through this Web site is subject to the provisions of the New York State Freedom of Information and Personal Privacy Protection Laws.

We may disclose personal information to federal or state law enforcement authorities to enforce rights against unauthorized access or attempted unauthorized access to information technology assets.

Retention of Information Collected Through this Web site

The information collected through this Web site is retained in accordance with the records retention and disposition requirements of the New York State Arts & Cultural Affairs Law. Information on the requirements of the Arts & Cultural Affairs Law may be found at http://www.archives.nysed.gov/a/nysaservices/ns_mgr_laws.shtml. In general, the Internet services logs of DTF, comprising electronic files or automated logs created to monitor access and use of services provided through this Web site, are retained for at least three months. Information, including personal information, that you submit in an e-mail or when you conduct an online transaction is retained in accordance with the records retention and disposition schedule established for the records of the program unit to which the information is submitted.

Access to and Correction of Personal Information Collected Through this Web site

Any user may submit a request to DTF’s privacy compliance officer to determine whether personal information pertaining to that user has been collected through the NESTOA Web site. Any such request shall be made in writing to the address below and must be accompanied by reasonable proof of identity of the user. Reasonable proof of identity may include verification of a signature, inclusion of an identifier generally known only to the user, or similar appropriate identification. The address of the privacy compliance officer is:

Privacy Compliance Officer - Records Access Office
NYS Department of Taxation and Finance
Building 9, Room 200
W. A. Harriman State Office Campus
Albany, NY 12227

The privacy compliance officer shall, within five (5) business days after the day of the receipt of a proper request: (i) provide access to the personal information; (ii) deny access in writing, explaining the reasons therefore; or (iii) acknowledge the receipt of the request in writing, stating the approximate date when the request will be granted or denied, which date shall not be more than thirty (30) days from the date of the acknowledgment.

In the event that DTF has collected personal information pertaining to a user through the NESTOA Web site and that information is to be provided to the user pursuant to the user’s request, the privacy compliance officer shall inform the user of his or her right to request that the personal information be amended or corrected under the procedures set forth in section 95 of the New York State Public Officers Law.

Confidentiality and Integrity of Personal Information Collected Through this Web site

We are committed to protecting personal information collected through this Web site against unauthorized access, use or disclosure. Consequently, we limit access to personal information collected through this Web site to only those employees or subcontractors who need access to the information in the performance of their duties.

In addition, DTF has implemented procedures to safeguard the integrity of its information technology assets including, but not limited to, monitoring, auditing, and encryption. These security procedures have been integrated into the design, implementation, and day-to-day operations of this Web site as part of our continuing commitment to the security of electronic content as well as the electronic transmission of information.

For Web site security purposes and to maintain the availability of the Web site for all users, DTF employs software to monitor traffic to identify unauthorized attempts to upload or change information or otherwise damage this Web site.

Disclaimer

The information provided in this privacy policy should not be construed as providing business, legal, or other advice, or warranting as fail proof, the security of information provided via this Web site.