Privacy and Security Policy

The voluntary disclosure of sensitive information or confidential information to CPA, whether solicited or unsolicited, via physical or electronic means constitutes your consent to the collection and disclosure of the information by CPA for the purposes for which the information was disclosed to CPA, as was reasonably ascertainable from the nature and terms of the disclosure, including collection and disclosure for the purpose of validating your identity.

CPA's websites collect and store information each time you access them to enable us to measure the total number of visitors, and certain non-personal statistical information. This helps us make our websites more accessible and useful to visitors.

If you browse through our sites reading, printing, or downloading information, no sensitive information and no confidential information about you is collected.

The information we collect when you visit CPA's sites may include:

• The Internet Protocol (IP) address from which you are accessing the site(s)
• The name of the Internet Service Provider (ISP) or wireless carrier you are using to access the site(s) (e.g. Comcast, Spectrum, Verizon, or Sprint)
• The date and time you visited the site(s)
• The web pages or services you accessed at the site(s)
• The type, manufacturer, model, operating system, and Media Access Control (MAC) address of the device you are using to access the site(s)
• Internet browser type and version used to access the site(s)

CPA uses Google Analytics to measure traffic on our websites. Review the Google Analytics Terms of Use or learn more about how Google uses, collects, and processes analytics data. To prevent Google Analytics from recognizing return visits to our websites you may disable cookies in your Web browser.

Some CPA sites may also use JavaScript to collect site traffic and activity, as well as to measure the performance of our servers and network. These scripts do not collect sensitive information or confidential information about you.

To better serve you and protect access to your information, CPA sites may use multifactor authentication (MFA) to enhance the security of your account(s)/information accessed via our sites. By using our MFA service(s), you may be required to supply an email address or phone number in order for us to deliver security verification codes to you. We will not disclose this information to third parties (except permitted by law) without your express written consent.

When you use our sites and services CPA does not actively collect, maintain, or disseminate biometric or geolocation information obtained from global positioning system technology, individual contact tracing, or biometric identifier collection technology.

To better serve you, CPA sites may use cookies to enhance or customize your visit to the site(s). Cookies do not contain your sensitive information or confidential information.

We may also use third-party advertising companies to deliver advertisements on our behalf. These companies may use anonymous cookies or other technologies to track information regarding your browsing history on our site(s). Third-party advertising networks, such as Google AdWords and AdRoll, use this information to deliver ads to you on our behalf at other sites throughout the Internet, to track your response to advertisements, report on visitor interaction, and to measure the effectiveness of advertisements. We do not control these third parties' tracking technologies or how they may be used.

Facebook provides certain features and tools, such as pixels, SDKs, and APIs that can send your browsing data to Facebook, including pages you visit and actions you take on our site(s). This tool allows us to personalize our ads based on the content you viewed on our site. We may also use Facebook technology to deliver interest-based ads using lists of email addresses that we have collected on our site(s). We update these lists once a month so that we do not intentionally target our ads to users who have opted out of emails from CPA.

If you communicate with CPA by sending an email, your email address may be retained for further communication with you in connection with processing your request or as provided by law. Do not send any sensitive or confidential information in the body of, or as an attachment to, an electronic mail message unless the data is adequately encrypted. Data sent via email is not inherently secured or encrypted. Any information contained in an email message or attachment may be retained and stored by CPA pursuant to the applicable retention period or as provided by law and may be provided to other state agencies to better serve your needs.

In addition, CPA collects the email addresses of those individuals who voluntarily provide their email address on our site(s) and on other platforms, such as Facebook.

Further, email addresses and other volunteered information may be used to send news, notices, and other information to those who request it on a strictly opt-in basis. Email addresses may also be used to serve interest-based ads on other platforms, such as Facebook.

In the spirit of open, transparent government, CPA makes use of social media tools (e.g. Facebook, Twitter, YouTube, etc.) to keep the public informed of news, economic updates, and other announcements.

Any comments or posts made to a social media forum maintained by CPA may be subject to release to the public as required by the Texas Public Information Act (PIA).

Users of these social media services are bound by the terms of service and user agreements for the platform.

CPA gathers your information through lawful means. Any subsequent use of the information is limited to purposes consistent with the purpose(s) given at the time of collection.

Texas law provides that all information collected or maintained by CPA is subject to the Texas Public Information Act. CPA is required to disclose information requested by the public under the PIA unless the information is excepted from disclosure by the PIA or other applicable law or regulation.

You are responsible for protecting the confidentiality of any user ID, password, or PIN used to access CPA websites. If you give your user ID, password, or PIN to anyone else, they will be able to access your sensitive and confidential information.

CPA does not sell your information to any third party. CPA does not distribute to or share your information with any non-governmental third party without your consent or as authorized by law or regulation. Employees will only use sensitive and confidential information submitted by you on a need-to-know basis to provide information or services, or carry out the duties of our agency.

Further, we will not disclose information we collect from you to third parties without your permission except to the extent necessary including:

• To fulfill your requests for services.
• To protect ourselves from liability.
• To verify or update information provided.
• To comply with any law enforcement agency, self-regulatory organizations or a properly authorized civil, criminal, or regulatory investigation.
• To prevent, detect, mitigate, and investigate actual or potential fraud and unauthorized transactions or claims.
• To comply with subpoenas or summons or to comply with federal, state or local laws, rules and other legal requirements, or in connection with a merger, acquisition, or liquidation of a company.

It is possible to opt-out of data collection by common third parties by visiting:

• Network Advertisers Initiative Consumer Opt-Out
• Google Analytics opt-out plugin
• Facebook Privacy Settings and Tools

Information collected by or provided to CPA will be retained and maintained as required by law or regulation such as Texas Government Code Section 441.180 et seq. Different types of information are required to be kept for different periods of time.

CPA stores or uses sensitive and confidential information submitted by you only for the time necessary. Confidential information is destroyed via purging, magnetic degaussing/erasing, shredding, and/or other means of authorized confidential destruction when no longer required and to prevent unauthorized access or use of the data. Regularly scheduled archiving, purging, and proper disposal of records and information is a standard practice throughout CPA.

Read details on CPA's Records Retention Schedule as published on the Texas State Library and Archives Commission site (PDF).