By Jueseppi B.
- Information we receive (when you provide it, visit WhiteHouse.gov, use the WhiteHouse.gov mobile app, receive email updates, or interact with official White House presences on third-party sites)
- How this information is used
- Sharing of this information
- Data retention
- Third-party tools and sites
- Children and privacy
If you have questions about this policy or suggestions for its improvement, please let us know at WhiteHouse.gov/Privacy/Feedback.
Information Received and Retained by White House Online Platforms
Information You Give Us
You do not have to provide the White House with any personal information or create a user account to access information on WhiteHouse.gov. However, for some services, we may need some personal information from you such as your name, address, telephone number, and email address. For example:
- The “Contact the White House” form asks for basic contact information so we can respond to your request;
- When we ask users to share their story or how a policy decision will impact them, we generally ask for their name, zip code, and email address;
- Creating a user account for our online petitions platform “We the People” requires a valid email address and a first and last name; and
- We may ask for personal information from people applying to, registering for, or participating in a White House event or competition.
When you visit WhiteHouse.gov, the following basic information is automatically received and stored by the web servers hosting WhiteHouse.gov:
- The date, time, and duration of the visit;
- The originating Internet Protocol (IP) address;
- The internet domain name;
- Information about your computer or mobile set-up (e.g., type and version of web browser, operating system, screen resolution, and connection speed);
- The pages on WhiteHouse.gov that you visit;
- The internet address, or URL, of the website that connected you to our site, if you accessed WhiteHouse.gov via a link on another page (i.e., “referral traffic”); and
- The amount of data transmitted from WhiteHouse.gov to your computer.
Using the WhiteHouse.gov Mobile Application
When you use the WhiteHouse.gov Mobile Application (“App”), the App pulls content from the White House website, generating the same basic information as when you visit WhiteHouse.gov (see Visits to WhiteHouse.gov). The WhiteHouse.gov Mobile App does not collect geolocation information or use location services.
You may sign up to receive “push notification” messages via a third party provider (currently Urban Airship). To make sure messages reach the correct devices, our third party provider relies on a device token unique to your mobile device. While we may be able to access a list of the tokens, the App and tokens do not reveal your identity, unique device ID, or contact information to us. If, at any time, you wish to stop receiving push notifications, simply adjust your phone settings or remove the App.
The White House receives aggregate data about the use of our App, such as the number of people who have opened the App from a third party provider (currently Google Analytics). We also receive aggregate data from the platforms that distribute our App (currently the iTunes Store and Google Play Store), such as the number of people who download the App and mobile set-up information (e.g., device model, App version, country, language, and mobile carrier). Please consult the privacy policies of these third parties for further information.
In order to manage White House email subscription lists, we retain the names and email address of our email subscribers, as well as other information they may have shared with us (e.g., addresses and phone numbers), logs of emails we send, and automatically generated email data used to improve our email communications. This automatically generated email data (generated through simple tools such as “pixel tags” and link redirects) includes:
- The recipient’s email client;
- Whether the email was opened;
- If a link in the message was clicked;
- Whether an email was delivered;
- If the email was forwarded; and
- If the email was printed.
If, at any time, you wish to stop receiving our messages, simply click on the “Unsubscribe” link at the bottom of each email message.
The White House maintains official pages or accounts on third-party websites in order to better engage with the American public (a current list is here). Your activity on those sites is governed by the third-party website’s security and privacy policies. Users of third-party sites often share information with the general public, user community, and/or the third-party operating the site. Consequently, you should review the privacy policies of third-party sites before using them and ensure that you understand how your information may be shared and used. You should also adjust privacy settings on your account on any third-party site to match your preferences.
For the sole purpose of complying with the Presidential Records Act, the White House archives some information that users submit or publish when engaging with the White House through official White House pages or accounts on third-party websites (e.g., by sending a message, posting a comment, “following,” “friending,” or taking similar actions). This information may contain personal information, such as an individual’s username and other public account information, when such information is available based on the user’s privacy settings and the terms of the site. For example:
- On Twitter, the White House automatically archives “tweets” from official White House accounts, “direct messages” sent to or from official White House accounts, and “mentions” (tweets from other users to official White House accounts; these tweets contain an @ and the username of an official White House account (e.g., @WhiteHouse). The White House also automatically archives any status that official accounts have “favorited.”
- On Facebook, the White House automatically archives all content created by official White House pages, content that tags an official White House page, and any content posted on official White House pages (for example, the number of likes to the page and comments posted).
- On Google+, the White House automatically archives all content posted by official White House accounts, as well as the number of likes/comments/shares on each of those posts (including the comments themselves). The White House also automatically archives the total number of Google+ users that have added our page to a “Circle,” and the list of users that White House accounts have added to “Circles.”
For aggregate statistical analysis and to improve the quality of our services, we may integrate web measurement tools with our social media pages. These tools enable basic analysis of social media traffic (such as the number of people visiting a certain page) and do not collect personally identifiable information.
How Information is Used
Information You Give Us
If you choose to provide us with information, we may use that information to contact you, respond to your message or petition, or provide you the information or services you requested. In order to serve you better, we may analyze multiple sources of data you have provided (for example, to look up whether you previously contacted the White House about the same topic so that we do not send you a duplicative response). We may also use messages or comments collected through WhiteHouse.gov or official social media pages for our own purposes, such as to inform policy decisions or in public advocacy. We may use data you provide and automatically generated data for statistical analysis to assess, for example, what information is of interest to users, technical design specifications, and system performance. This allows us to make general improvements to our site as well as to offer tailored content to email subscribers (e.g., a follow-up message to subscribers interested in a specific topic based on information they have provided or automatically generated data).
Sharing of this Information
Information you choose to share with the White House (directly and via third party sites) may be treated as public information. We may, for example, publish compilations of messages or comments collected through WhiteHouse.gov or official social media pages and provide them to national leaders, members of the press, or other individuals outside of the Federal Government. And the We the People API allows public access to some We the People signature data. However, we exercise discretion to limit such disclosures to protect your privacy (for example, we generally do not publish last names of commenters).
Within the White House, we restrict access to personally identifiable information to employees, contractors, and vendors subject to non-disclosure requirements who require access to this information in order to perform their official duties and exercise controls to limit what data they can view based on the specific needs of their position.
In some cases, we may share information you have provided or automatically generated information with other government agencies in response to lawful law enforcement requests or to protect WhiteHouse.gov from security threats. Additionally, if you seek assistance on a matter within the jurisdiction of a federal agency, we may share your information with that agency for the limited purpose of addressing your request for assistance.
We do not use or share your information for commercial purposes and, except as described above, we do not exchange or otherwise disclose this information.
Under the Presidential Records Act (PRA), we are generally required to retain information until the end of the current Administration, at which time it will be transferred to the National Archives and Records Administration (NARA). NARA may eventually release this material to the public, but will withhold any information that would constitute a clearly unwarranted invasion of personal privacy if released. Access to this information may be requested under the Freedom of Information Act (FOIA) five years after the end of the current Administration.
NARA or the White House may choose to dispose of information lacking in historical value through procedures under the PRA. The White House currently disposes of certain information under those procedures:
- Server log entries are retained for one year (for example, server logs from June 2011 will be deleted in June 2012);
- Aggregate data on Mobile App use is retained until the end of the current Administration.
- Cookie data linked to individual users will be retained for 13 months;
- Other cookie data will be retained by the White House until the end of the current Administration; and
- Automatically generated email data will be retained by the White House until the end of the current Administration.
Third-Party Tools and Sites
Links to External Sites
WhiteHouse.gov and other White House platforms and pages may link to websites created and maintained by other public and/or private organizations and individuals. When you follow a link to an external site, you are leaving WhiteHouse.gov and are subject to the external site‘s privacy and security policies. We do not control or guarantee the accuracy, relevance, timeliness, or completeness of information contained on an external site. We also do not endorse the site’s sponsor, any views they express, or any products or services they offer.
White House Pages on Third-Party Websites
Your activity on those sites (a current list is here) is governed by the third-party website’s security and privacy policies. The White House has conducted and published a Privacy Impact Assessment of Third-Party Sites, which includes more information about these issues and can be accessed here.
White House Content Embedded in Third-Party Sites
In some instances, a third-party website may feature embedded White House content served by WhiteHouse.gov. For example, other websites might embed the WhiteHouse.gov’s “Taxpayer Receipt” calculator. The embedded WhiteHouse.gov content automatically generates White House server logs (see Visits to WhiteHouse.gov) and may set a White House cookie (see Cookies).
Children and Privacy on WhiteHouse.gov
We believe in the importance of protecting the privacy of children online. The Children’s Online Privacy Protection Act (COPPA) governs information gathered online from or about children under the age of 13. Verifiable consent from a child’s parent or guardian is required before collecting, using, or disclosing personal information from a child under age 13. Our site is not intended to solicit information of any kind from children under age 13. If you believe that we have received information from or about children under age 13, please contact us through thePrivacy Feedback form.
We take reasonable precautions to protect our site and information automatically collected by WhiteHouse.gov or voluntarily submitted to WhiteHouse.gov or an official White House page on a third-party site. For example, we restrict access to personally identifiable information to employees, contractors, and vendors subject to non-disclosure requirements who require access to this information in order to perform their official duties and exercise controls to limit what data they can view based on the specific needs of their position. Access to official White House accounts on third-party sites is limited to the individuals who administer those accounts, and all official White House accounts are clearly labeled.
We also utilize commonly used practices and technical controls to protect the information in our possession or control, along with WhiteHouse.gov itself. These practices and controls include, but are not limited to: encrypting the transfer of personal information over the internet via Secure Sockets Layer (SSL), using high-strength firewalls and intrusion detection systems (IDS) to safeguard personal information, and maintaining strict technical controls and procedures to ensure the integrity of all data on WhiteHouse.gov.
We periodically review our processes and systems to verify compliance with industry best practices and to ensure the highest level of security for our website.
We will revise or update this policy from time to time. If we make significant changes to how we handle personal information, we will post changes to the policy on our site and change the date at the bottom. We will provide additional notice in advance (e.g., a disclaimer on our website or an email to subscribers) if material changes are being made.
This new policy will go into effect on April 18, 2014.
Previous version(s) of this policy may be accessed on the archive page.
Domain name: For example, “xcompany.com” if you use a private Internet access account, or “yourschool.edu” if you are connecting from a university’s domain.
Cookies: A small piece of data sent from a website and stored in a user’s web browser while the user is browsing that website.
Device token: A unique string used to identify devices.
Email client: The email client is the program used to access and manage a user’s email (e.g., Gmail, Outlook, Yahoo!).