Internet Privacy

Maintaining the privacy of our users is vital.

Our systems also hold proprietary data and intellectual property that's been developed and gathered by faculty and student researchers.

Ƶ sites follow these policies and best practices, but they can't be construed as a contractual promise. Mason reserves the right to amend the university Internet Privacy Policy statement at any time without notice.

Internet Privacy

Mason respects the privacy of people who visit our website and choose to share personal information with the university. We take all reasonable steps to ensure that data stays confidential and secure.

Information We Collect

When someone accesses a Mason web site, some information is collected automatically:

  • The Internet domain and Internet address of the computer (routing information).
  • Identification of the requested page or service.
  • Type of browser and operating system.
  • Date and time of access.
  • Internet address of any outside website from which the user linked directly to our website.

Routing information is used to send the requested web page to the user's computer via our Internet service provider or other entities involved in transmitting pages, which have their own privacy practices. Other technical information helps us respond to your request with the right format.

We also collect information that users choose to send, including:

  • Name, email address, and the content of emails.
  • Data submitted through online forms.

User IDs and passwords submitted through administrative systems are encrypted before transmission across the network and stored in a secure environment. Applications that process credit card payments encrypt card numbers and expiration dates using a secure server, which is not accessible from the Internet. 

Although Mason might keep your information indefinitely, most transaction routing information is deleted from our web server within 60 days after the page is transmitted. We don't obtain any information to link it to the individuals who browse our web site. Information that we do retain includes:

  • Routing information logs to aid law enforcement agencies if hackers attempt to breach security.
  • Transaction routing information for statistical summaries to assess site content and server performance; data is shared with business partners.

Users are not required to provide any information to our website, but the site will not work without routing information and essential technical information. If a browser can't or won't provide nonessential technical information, some site features won't work. If certain optional information is not available, some features or services won't be, either.


Ƶ sites might place a “cookie” on your computer, unless your browser is set to reject cookies. Cookies enable our sites to recognize you when you return and lets us personalize the site with preferences or information you provided during prior sessions. Information placed on your computer could include:

  • IP address.
  • Browser type.
  • Operating system.
  • Date and time.
  • Previous visits.
  • Pages viewed.
  • Preferences or customization (user name and password).

Rules and Requirements

Mason protects records in accordance with our obligations as defined by applicable Virginia statutes, including, but not limited to: the ; the ; and any applicable U.S. federal laws. In addition:

  • Certain information is retained in accordance with records-retention schedules at the .
  • Under the Virginia Freedom of Information Act, any records in our possession at the time of  might be subject to being inspected by or disclosed to members of the public.
  • Mason bears no responsibility for presented material that is unrelated to the university’s mission.

Mason ITS is not responsible for, tasked with, or otherwise provisioned to act as a privacy office for the university.

Links to Outside Sites

Some university web pages might have links to sites outside the gmu.edu domain. Mason is not responsible for the privacy practices of any outside site. Users should read the individual policy statements of each web site when they leave a Ƶ server.