This policy describes the information gathering and dissemination practices for the DRI web site at www.dri.eduand associated subdomains and pages.
DRI logs IP addresses (network addresses) to identify:
- frequency of pages or areas visited
- categories of site visitors by general domains (.edu, .com, etc.)
- browsers and operating systems used by site visitors
We do not correlate IP addresses to individuals. As such, visitor sessions will be tracked but visitors will remain anonymous, except as noted below.
Search terms entered into the various DRI search engines are recorded, but this data is not associated with IP addresses or individual users.
Several web-based forms within DRI’s web site request personal information (e.g., name, e-mail, standard mailing address). Such pages support specific DRI-sponsored activities, such as newsletter mailing lists and conference registrations, for which this information is necessary and justified.
Use of Information
The DRI Office of External Affairs and Communications uses the information described above to tailor content and navigational tools to visitors, ensure broad access to the site regardless of browser software, monitor site performance, and generate general statistical reports. Site usage by individual IP addresses is not disclosed unless specifically requested by law enforcement agencies investigating a specific abuse of DRI’s computer or network resources.
Personal information, where collected, is distributed only to the organizers of the function for which the web form is explicitly requesting information. Distribution is strictly controlled, and making this information available outside these groups is strictly prohibited. Contributors to DRI fund-raising activities may be listed by name only in future promotional or acknowledgment materials. DRI does not provide or sell any personal information to outside entities.
DRI’s web site and the local servers and network on which it depends have security measures in place to protect against the loss, misuse, and alteration of data collected.
DRI’s web pages contain links to other independently maintained web sites outside the www.dri.edu domain. DRI and its web team are not responsible for the privacy practices or the content of such web sites.
General Data Protection Regulation Compliance (GDPR)
GDPR is a regulation established by the European Union (EU) and applies to personal, identifiable information on EU citizens. There are three main requirements of the GDPR:
1. Data Protection Impact Assessments (DPIA’s): These are compliance frameworks similar to Health Insurance Portability and Accountability Act (HIPAA)
2. Role Definitions: GDRP asks that roles and responsibilities are clearly defined in an organization such as data controllers and data processors.
3. Breach notifications must occur within 72 hours: if a breach of information occurs and it involved personal, identifiable information on EU citizens, the breach must be reported within 72 hours to the Supervisory Authority (SA).
According to the regulation the SA has investigative, advisory and corrective powers.
The Desert Research Institute fully supports user privacy and the privacy of our community members from the EU and will make every attempt to comply with the requirements as they apply to the Institute.
By visiting this website, you are accepting the practices of this policy. If you have questions or concerns about this policy, the practices of this site, or your interactions with this site, please contact:
DRI Office of External Affairs and Communications
Attention: Justin Broglio, Communications Manager
Visitor address: 2215 Raggio Parkway, Reno, NV
Postal address: 2215 Raggio Parkway, Reno, NV
We try to respond to feedback within five business days.