The U.S. Chemical Safety and Hazard Investigation Board (CSB) provides this website as a public service. It contains public information that may be distributed or copied unless otherwise specified.
You do not have to give us information that identifies you personally to visit our web site. The CSB does not collect any such information from visitors without their permission. This policy describes how the CSB handles (1) information you choose to give us that identifies you personally, (2) cookies, (3) information automatically collected by our web server that does not identify you personally, and (4) security measures.
Information You Choose to Give the CSB
Where the web site requests personal identifying information from visitors, providing such information is voluntary. By choosing to provide such information, you grant consent for the CSB to use that information for the purposes described in this policy. Information you provide to us when you subscribe to our automated email notification service is used only for the purpose of providing you with the requested information. Personal identifying information that you provide freely in other, unsolicited electronic correspondence will be used only for contacting you; it may be preserved as a record of the correspondence.
The CSB generally does not give, sell, or otherwise transfer any personal identifying information to parties outside of the agency. However, in limited circumstances -- such as requests from Congress or private individuals, or for the purposes of law enforcement investigations -- the CSB may be required or permitted by law to disclose your communications with the agency.
Cookies
A cookie is a small file placed on your computer by a web server that may include such information as a username and can sometimes be used to track Internet usage. The CSB web server does not transmit cookies or use any other means to track visitors' activity on the Internet. If you follow links to other sites, cookies may be transmitted by those sites; check the privacy policy of those sites to determine usage. For example, the CSB does not control the information or privacy policies of external news sites linked through our Incident News Reports page. If you visited our website prior to January 2006, you may have received two permanent cookies, entitled "cfid" and "cftoken." These cookies were inadvertently installed by the CSB's web authoring software. The CSB does not use these cookies to collect personal information or for any other purpose, and their use was discontinued as soon as they were discovered. If these cookies are present on your computer, you may delete them without affecting your ability to enjoy all the features of CSB.gov.
Information Collected Automatically
Every time you visit the CSB web site, our server automatically collects and saves in a log certain information about your visit. Our logs contain the following information for each request (a request is an action you take, such as opening a page, viewing a document, or watching a video): date and time, originating IP address, object requested, browser and operating system versions, and completion status of the request. As collected, this information does not identify you personally.
Server log files are reviewed regularly to determine the traffic on the CSB website, including the number of unique visitors, level of demand, pages most frequently accessed, and types of errors. Server logs may be preserved indefinitely and used to prevent security breaches and to ensure the integrity of the data on our servers. Except for authorized law enforcement investigations (e.g., in response to website security breaches), we do not take additional steps to identify specific individuals from server log information or share server log information with parties outside of the CSB.
Security Measures
Access to personally identifying information, such as email addresses, is restricted administratively to those CSB personnel directly involved in managing the website. The web server is in a physically secure location and is equipped with anti-hacking software. Remote access to the web server occurs only via secure, encrypted methods.