Policy Advisory  Mass.gov Privacy Policy

Your privacy with respect to the use of Mass.gov results from a partnership between you, the user, and the Commonwealth. At Mass.gov, we work to protect your privacy in accordance with best industry practices and the EOTSS Enterprise Information Security Policies and Standards. However, because some of the information that we receive through Mass.gov is subject to the Massachusetts Public Records Law (M.G.L. c. 66), we cannot ensure absolute privacy. Information that you provide to us through Mass.gov may be made available to members of the public under that law. This policy informs you of the information that we collect from you at Mass.gov, what we do with it, to whom it may be disseminated, and how you can access it. Based on this information, you can make an informed decision about your use of Mass.gov. You can maximize the benefits of your privacy partnership with the Commonwealth by making informed decisions about whether to share personally identifiable information with us through Mass.gov.

As defined in the Enterprise Information Security Policies and Standards Glossary of Terms , we use the term “personally identifiable information” to mean any information that could reasonably be used to identify you, including your name, address, telephone number, email address, Social Security number, birth date, bank account information, credit card information, or any combination of information that could be used to identify you.

Mass.gov collects voluntary information from visitors through surveys, online forms, emails sent to Mass.gov, and any suggestions, requests, or feedback submitted on pages hosted by Mass.gov.

While Mass.gov is intended as a medium for disseminating information from state organizations, if you need to contact a state organization that is part of Mass.gov, you should use the contact information for that state organization posted on Mass.gov.

Some information is automatically collected when you visit Mass.gov.

www.mass.gov and search.mass.gov collect and store your Internet Protocol (“IP”) address, for a limited period of time (90 to 120 days) for administrative purposes, as well as information about the date and time of your visit and the content you viewed. Except as stated below, in the section titled “security,” we do  not attempt to match any personally identifiable information that you provide to www.mass.gov or search.mass.gov with your IP address. When you fill out information in a form on Mass.gov, we receive your IP address along with this submission; however, we do not use this form-related IP address information except as stated below, in the section titled “security.”

Software used to access websites (e.g., web browsers) include features that store information and return that information to web servers with subsequent website requests.  This includes session cookies, persistent cookies, browser storage, and other similar features.  Use of these features, e.g., as a means of distinguishing between different website visitors, is a standard practice among Internet websites.

Mass.gov uses cookies and other web browser features to learn more about how visitors to Mass.gov find and interact with the pages they visit.  We may use this information to improve our service offerings and better tailor individual user experience. These tools may also collect data such as browser information, operating system, and page views.  The primary difference between a session cookie and a persistent cookie is that session cookies are erased when the web browser is closed out, and a persistent cookie persists on the computer after the web browser is closed, typically for a set period of days or months.  Persistent cookies typically include a randomly assigned unique identifier for the computer and may include indicators of custom configurations and user preferences. 

You can configure your browser to restrict the use of these features.  For example, you may elect to disable Persistent Cookies. Please be advised that refusing or deleting cookies may limit your ability to take advantage of some features of this website.   Disabling cookies on one browser will not carry over to other web browsers or software applications.

Some online forms on Mass.gov may be implemented using third-party services. When you use such a service, your form submission is either sent directly to a Mass.gov email account (e.g., public records request forms) or is securely made to the service provider and stored there. Form submissions sent to the service provider are then transmitted to state government staff. State government staff may then delete form submissions from the service provider’s environment when there is no longer any administrative need to retain them there. Information submitted to the form service providers will be used only for internal purposes and will not be distributed or sold to other third parties unless required by law or pursuant to a valid government request.  For more information about service vendors and their privacy policies, please see the list of Third-Party Tools used to support mass.gov.

In addition, the information that you voluntarily submit will be disclosed only to Commonwealth employees or officials, or those under contract with the Commonwealth, with a “need to know” for purposes of fulfilling their job responsibilities. The information will be used for such purposes as: providing and improving service offerings, answering your questions, responding to any requests for assistance, generating summary statistics about usage, auditing applications and detecting fraud, aiding in the planning, design and development of Mass.gov, and fulfilling the Commonwealth's legal obligations.

We will collect and aggregate the information you provide through surveys and through Mass.gov’s collection of non-personally identifying analytics data to improve Mass.gov and make the site more responsive to customer needs. Where appropriate, we may provide the information you submitted voluntarily through a form or email to the person or company that is the subject of your inquiry, or to a government agency responsible for the matters referred to in your communication.

We do not sell any personally identifiable information collected through Mass.gov or submitted to the Commonwealth in conjunction with using functions on Mass.gov, and there is no direct or online public access to the information. However, once you voluntarily submit personally identifiable information to us related to your use of Mass.gov, its dissemination is governed by the Public Records Law, the Fair Information Practices Act (M.G.L. c. 66A), and other applicable laws and regulations. For this reason, part or all of the information you send us may be provided to a member of the public in response to a public records request. There are pieces of information, such as credit card numbers, tax identification number (“TIN”), username, or password that are not considered public for the purposes of a public records request. For more information on types of data exempted from disclosure under the Public Records Law, please refer to the Secretary of the Commonwealth’s A Guide to the Massachusetts Public Records Law.

The Public Records Law and the Fair Information Practices Act provide you with certain rights to get information about you that is in our records. To learn more about the circumstances under which you can get and correct this information, please click on the above links to these laws.

Because information sent to the Commonwealth may not be encrypted, you should not send messages containing information that you consider highly sensitive to Mass.gov. We use standard security measures to ensure that information provided by you, including your personally identifiable information, is not lost, misused, altered, or unintentionally destroyed. We also use software to monitor network traffic to identify unauthorized attempts to upload or change information, attempts to cause damage, or other malicious network activity. Except for authorized law enforcement investigations or where explicitly stated otherwise, we make no attempts to identify individual users or their usage habits.

Executive Order 504 issued in 2008, which enhanced the privacy protection given to any information about you as a named individual held by the Executive Department of state government. Executive Order 504 limits the collection and dissemination of personally identifiable information within the Executive Department and requires Executive Department agencies to greatly enhance the security and integrity of such data. This website complies with Executive Order 504, so all of the personally identifiable information that you submit to Mass.gov is given the privacy protections set forth in Executive Order 504.

We reserve the right to change the terms of this policy at any time. We encourage you to review this page periodically to stay informed of any updates. The date that this policy was last modified can be found at the bottom of this page. Any modifications are effective immediately.

The information contained in this privacy policy is not and should not be construed as providing any form of business, legal, or other advice, nor do we warrant as fail proof the security of information provided through this website. Users may wish to consult with their own counsel.