91ÀÏ˾»ú Privacy Statement
This policy defines the official websites of the 91ÀÏ˾»ú – Fort Smith, addresses collection and use of information in connection with such websites, and describes under what circumstances the university may disclose such information, consistent with Ark. Code § 25-1-114.
The university adheres to all applicable federal and state laws, as well as general university policies that are applicable to the use of computing resources.
Learn More
Except as noted, the information in this privacy policy applies to all official University
of Arkansas – Fort Smith websites, which are defined as those administered through
the university content management system, such as university colleges and schools,
main departments, divisions, or other units typically reporting to or deemed official
by the chancellor, provost, vice chancellors, deans, directors and/or department heads/chairs.
These sites comply with the university template, graphics and Web standards as managed
by Marketing & Communications. Certain official websites may have their own or supplementary
privacy policies appropriate to their function or as required by law.
Within the university domain (uafs.edu) are various websites that are not maintained by the university. These unofficial sites include, but are not limited to, RSO sites, and other campus entities. This privacy policy only applies to official university websites.
The university, while reserving its right to monitor communications via university
websites for legal, policy or business reasons, including security and functionality,
will not monitor the content of communications as a matter of normal business practice.
However, the fact that communication occurred (such as when a user visits a university
website or utilizes university websites to search for information or submit a form),
may be routinely logged as a normal business practice.
Common information logged includes, but is not limited to:
- the IP address of the user’s computer
- the date and time a user’s computer accessed our site
- the IP address and URL of a referring website
- the page the user requested from the university’s site
- the information that a user’s Web browser software sends, which typically identifies the browser software and may also indicate the operating system and type of CPU used in the user’s computer
- in the case of email, the sender and recipient’s email address
Some university websites use Google Analytics, a Web analytics service provided by
Google, Inc., to collect information such as URLs, Internet domain and host names,
browser software, date and time site visited, etc.
As a general rule, the university does not track individual visitor profiles. This
data is used to analyze aggregate traffic/access information for resource management,
site planning, advertising and marketing.
When personally identifiable information is entered through university websites, typically
the information requested and collected is only used to provide the information or
services sought by the requester, just as a person might provide such information
when visiting a university office in person or submitting the information via paper,
for example, an application for admission.
However the university may also use any information gathered through university websites
or exchange such information with other entities in order to carry out normal university
business operations, including marketing and subcontractor services. Legal requirements
concerning use and disclosure of sensitive information will be applied to information
maintained with these resources to the same extent that the requirements are applied
to other records kept or maintained by the university. The university does not sell
information through university websites to other entities.
Services are provided through university websites via forms (e.g., admissions, financial
aid requests, job applications), surveys, etc., where individuals are required to
enter personal information in order to process the request, such as name, physical
and email addresses, phone numbers, and financial data. If information requested is
not entered, the services and/or requests cannot be accomplished online.
Websites can use cookies to provide the user with tailored information from a website.
A cookie is an element of data that a website can send to a browser, which may then
store it on the user’s system. Some applications may require the user to accept cookies
in order for the application to work properly. Two types of cookies exist, session
cookies and persistent cookies. Session cookies contain data through which the Web
application the visitor is using can maintain the continuity and state of a session.
Session cookies expire upon user logout, closing of the browser or timed-out sessions.
Persistent cookies contain information that may be useful across multiple sessions,
such as identifying the user or other persistent attributes, and are typically not
deleted. Data from cookies may be used to identify user trends and patterns, provide
services and record session information. Web browsers can be configured to refuse
cookies, accept cookies, disable cookies and remove cookies as needed or desired.
The university has several sites that enable encrypted, online payments. The confidential
information entered for these payment transactions is only to be used for purposes
defined within/for the transaction. Some transactions are isolated from campus systems
and managed by a third party.
Some university websites may present university-sponsored information or activities
that are specifically designed for children. However, any such websites are intended
to be used only by adults to voluntarily share information online, so that a child
who is under the age of 13 can participate in these activities (e.g., camps and enrichment
programs) or so that the child can receive information from the university.
91ÀÏ˾»ú – Fort Smith websites contain links to third party applications
and websites that may or may not be hosted on university servers. The university cannot
warrant or be responsible for the privacy policies of such sites. Users are encouraged
to become familiar with the privacy policies of third party or off-campus sites.
In addition to complying with all applicable laws and regulations, the university
strives to implement and maintain systems and policies to protect the confidentiality
and integrity of personal information provided by users. Despite these security measures,
the university does not represent or warrant that personal information will be protected
against loss, misuse or alteration by third parties.
The university is required to comply with the Arkansas Freedom of Information Act
(FOIA) (Ark. Code Ann. § 25-19-101 et seq.) and may be required to disclosure records
maintained in the daily operations of the university unless such records are exempt
from disclosure under federal or state law. Therefore, some data collected through
university websites may be subject to disclosure upon receipt of a valid FOIA request.
Additionally, at times, the university may be legally required to disclose information
collected through university websites in response to a valid subpoena or court order
or to comply with a legally permitted inquiry by a governmental agency.
Subject to governing law and other applicable university policies, the university
reserves the right to disclose information collected on its websites to governmental
authorities in connection with suspected unlawful activity or to aid an investigation
into suspected unlawful activity. In addition, the university reserves the right to
release information collected on university websites to appropriate governmental authorities
if university officials determine, in their sole judgement, that university policies
have been violated, or that release of information is necessary to protect the rights,
health, safety or property of persons or the university to protect the integrity of
university computer networks. Further, the university reserves the right to disclose
information as university officials believe necessary to exercise the university’s
legal rights, to defend against actual or potential legal claims, or as otherwise
permitted or required by university policy.
The European Union General Data Protection Regulation (GDPR) places additional obligations
on organizations that control or process personally identifiable information about
people in the European Union. Some 91ÀÏ˾»ú activities may be covered by the GDPR, and
the University has updated its policies on how it collects, stores, and processes
certain types of data. Further details, as well as a description of protective measures
undertaken by the University, data retention, and breach notification are available
in the campus GDPR policy.