Skip to main content

Online Privacy Policy

Privacy Statement

Thank you for visiting schoolspending.az.gov and reviewing our Privacy Policy statement. Schoolspending.az.gov provides a convenient view of public education financing by connecting to various data sets reported by schools throughout the State of Arizona. We are committed to handling your information responsibly. We do not collect personally identifiable information (name, address, e-mail address, social security number, or other personal unique identifiers) or business identifiable information on our websites unless we specifically advise you that we are doing so. This statement is included to inform you solely about the information that could be collected online as a result of visiting schoolspending.az.gov itself, and not as a result of following a link from schoolspending.az.gov to reach a State agency's website or other online website or service. All individual agency websites of the State of Arizona are required to contain a Privacy Policy Statement that describes what information is obtained online, how the agency uses that information, and what steps are being taken to ensure the security of customer data. Your rights to privacy are of utmost importance to the State of Arizona in building trust and confidence when conducting business through the Internet.

Privacy Rights

Privacy Policy Is Subject To Change

This policy may be updated or revised from time to time, so please check back with schoolspending.az.gov periodically in order to receive advance notice of any substantive changes.

Withdraw Consent

If we rely on your consent to process your personal information, you may withdraw that consent at any time. To request a consent withdrawal, modify your preferences, or contact us please send an email to schoolspending@azdoa.gov

Information Collected Automatically

Automatic Browser Information

We automatically collect some information when you visit our websites, navigate our web pages, or use our services and applications. This information does not reveal your identity but may include information about the device you use. We collect this information to maintain the security and operation of our services and applications and to create analytical data for reporting purposes. We may collect:

  • IP address and IP address location data (city, state, country, zip code, time zone)
  • browser (browser name, browser version, browser extensions, and compatibility information)
  • device characteristics (device name, phone model, etc.)
  • operating system properties (os name, screen size, screen orientation, display aspect ratio)
  • language preferences
  • referring URLs
  • other similar data

Information Provided By You

Personal Information You Disclose

We collect personal information that you provide when asking for information, participating in activities on our services or applications (e.g., posting a message), or otherwise contacting us. The personal information we collect depends on the context of your interaction with our services and applications, the features you use, and the choices you make. Personal information collected may include the following:

  • name (first name, maiden name, last name, and nickname)
  • address (current and former physical mailing address and personal and business email address)
  • phone number (work, home, and cell phone numbers)
  • application usage data
  • other similar data

How We Use Your Information

Public Record Treatment of Provided Information

The information you disclose to the agency (either through schoolspending.az.gov or directly) will generally become a matter of public record pursuant to A. R. S. §§ 39-121, et seq., which means that the agency may be required to divulge certain information in response to a public records request or in response to a warrant, subpoena, or other court order.

Legitimate Business Needs

We use the information collected on you for legitimate business interests, to enter into or perform a contract with you, to provide a service for you, and/or to meet our legal obligations. The business purposes for the processing of your personal information is listed below:

  • Requested Feedback: We may use your information to contact you when you request your feedback or we request feedback from you on our services and applications.
  • Enforce Security: We may use your information to ensure the security of our services and applications (e.g., fraud prevention and monitoring)
  • User-to-User Communications: We may your information in order to implement user-to-user communications through our applications.
  • Legal Response: We may be required to review and even share your data if we receive a subpoena or other legal request.
  • Account Maintenance/Support: We may use your information to respond to inquiries, solve potential issues, manage, and maintain your account.
  • Other Business Purposes: We may use your information for a variety of other business purposes such as data analysis, evaluation of our services and applications, marketing, identifying usage trends, or measuring marketing campaign effectiveness. When we use your data in this way, we store it and aggregate it in an anonymized form.

How We Share Your Information

Reasons for Sharing

We may process, share or transfer your personal information for the following reasons:

  • Consent: We may process or share your information if you have given us specific consent to use your personal information for a specific purpose.
  • Legitimate Interests: We may process your data when it is reasonably necessary to achieve our legitimate business interests (e.g., responding to an email inquiry).
  • Legal Obligations: We may disclose your information when we are legally required to do so to comply with applicable law, governmental requests, judicial proceedings, court orders, or a legal process (e.g., in response to a subpoena).
  • Vital Interests: We may disclose your information when we believe it is necessary to investigate, prevent, or take action regarding imminent or potential threats, violations of our policies, suspected fraud, safety threats, potentially illegal activities, or as evidence in litigation in which we are involved.

Types of Businesses with Whom We May Share

We may process, share, or transfer your personal information to the following parties:

  • Vendors, Consultants, and Other Third_Party Service Providers: These parties perform services for us or on our behalf and require access to execute tasks. Examples include payment processing, data analysis, email delivery, website hosting, customer service, and investigation. We may allow some of these parties to use tracking technology on the services and applications we provide to analyze and track data, and determine service effectiveness, content popularity, and online activity. These parties are restricted from using your personal data outside of contracted services. They will not share your information with any organization apart from us.

Specific Businesses with Whom We Share

We may share and disclose your information with the following categorized third parties:

  • Cloud Computing Services (e.g., Amazon Web Services)
  • Content Optimization (e.g., GitHub social plugins)
  • Data Backup and Security (e.g., Dropbox Backup)
  • Function and Infrastructure Optimization (e.g., GitHub Pages)
  • Web and Mobile Analytics (e.g., Google Analytics)
  • Website Hosting (e.g., WordPress.com)
  • Website Performance Monitoring (e.g., Datadog)

Information Retention and Protection

Data Retention

We only keep your personal information for as long as necessary for the purposes documented in this privacy policy or for longer if required or permitted by law. When we have no ongoing legitimate business need to process or store your personal information, we will delete or anonymize it. If this is not possible (e.g., stored in backup archives) we will securely store it and isolate it from any further processing until deletion occurs.

Users Outside of the United States

Our servers are located in the United States. If you are accessing our services or applications from outside the United States, your information may be transferred to, stored, and processed by us in our facilities and by those third parties with whom we share your personal information in other countries. If you are a resident of the European Economic Area, the countries in which your information is transferred, stored, and processed (e.g., the United States) may not have data protection or other laws as comprehensive as those in your country. We will take all necessary measures to protect your personal information in accordance with this privacy policy and applicable law.

Data Breach Process

We have implemented the following process with respect to a data breach:

  • Definition: A privacy breach is defined as the unauthorized access to, or the collection, use, disclosure, or disposal of personal information.
  • Investigation: In the event that we become aware of a security breach that resulted or may likely result in unauthorized access, use, or disclosure of personal information, we will promptly investigate the matter and notify the appropriate authorities not later than 72 hours after having become aware of the security breach, if the security breach is likely to result in a risk to the rights and freedoms of natural persons.
  • Notification: You will be notified about a data breach affecting your personal information within 30 days and in a format that meets laws and regulations using the contact information we have for you.