Privacy Policy

OUR COMMITMENT TO PRIVACY

The MindTrails team and The University of Virginia are strongly committed to maintaining the privacy and security of confidential personal information and other highly sensitive data that it collects. Our privacy and public records obligations are governed by applicable Virginia statutes, including, but not limited to, the Virginia Privacy Protection Act of 1976, the Virginia Freedom of Information Act and by any applicable U.S. federal laws.

This study site has implemented stringent protections to safeguard participants’ confidentiality. All communication between project servers and participants’ computers is routed through Secure Sockets Layer (SSL) encryption technology, the gold standard for protecting data transfer from unauthorized access. This is the same secure hypertext transfer protocol (HTTPS), that banks and other commercial websites use to transfer credit card information in an encrypted format.

Participants’ email addresses will not be shared with third parties.

Any information participants provide on the site will be stored on a secured database. Information collected will be associated with a unique ID and not with the participant’s email address. When data are used for analysis, no personally identifying information will be associated with the data.


NOTICE ABOUT THE INFORMATION WE COLLECT

This notice applies to all information collected by the MindTrails website. The following information explains the Internet privacy policy and practices that MindTrails has adopted, and complies with the broader Privacy Policy for the University of Virginia. This notice should not be construed as a contractual promise, and we reserve the right to amend it at any time without notice.

When you access our web pages, the client information and the essential and nonessential technical information listed below is automatically collected — we refer to those categories collectively as "access information.” No other information is collected through our official website except “optional information” sent to us by email or online forms.


NOTICE ABOUT EMAIL COMMUNICATION

Please be aware that email communication can be intercepted in transmission or misdirected. Please do not communicate any sensitive information to MindTrails coaches by email or texting. Coaches do not have access to personal health information. If you are NOT the intended recipient of a sensitive message, please notify the sender immediately with a copy to here and destroy the message.


AUTOMATICALLY COLLECTED ACCESS INFORMATION

  • Client information: the Internet domain and Internet address of the computer you are using.
  • Essential technical information: identification of the page or service you are requesting, type of browser and operating system you are using and the date and time of access.
  • Nonessential technical information: the Internet address of the website from which you linked directly to our website and the "cookie information" described below.
  • Form data: when you complete online forms, all the data you choose to fill in or confirm.

Some of the information we collect is highly sensitive in nature. We comply the University of Virginia’s guidelines for the management of this information. You can read more about our policies here.


THE WAY WE USE INFORMATION

Client information is used to route the requested Web page to your computer for viewing. In theory, the requested Web page and the routing information could be discerned by other entities nvolved in transmitting the requested page to you. We do not control the privacy practices of those entities. Essential and nonessential technical information helps us respond to your request in an appropriate format (or in a personalized manner) and helps us plan website improvements.

We may use non-identifying and aggregate information to better design our website. For example, we may report that X number of individuals visited a certain area on our website or that Y number of men and Z number of women filled out our registration form, but we would not disclose anything that could be used to identify those individuals.

We will keep client information from our systems indefinitely after the webpage is transmitted, but we do not try to obtain any information to link it to the individuals who browse our website. However, on rare occasions when a "hacker" attempts to breach computer security, logs of access information are retained to permit a security investigation and in such cases may be forwarded together with any other relevant information in our possession to law enforcement agencies.

Under the Virginia Freedom of Information Act, any records in our possession at the time of a Freedom of Information Request might be subject to being inspected by or disclosed to members of the public for any purpose they may desire. As indicated above, client information may be retained after transmission of the requested webpage and might be available for inspection.

Finally, we never use or share the personally identifiable information provided to us online in ways unrelated to the ones described above without clear notice and the opportunity to opt-out or otherwise prohibit such uses.


USE OF COOKIES

MindTrails uses "cookies". We use a cookie to identify users as they make progress through a study. For this kind of cookie, the information stored in that cookie might include the following (formatted for legibility):

Name: JSessionID
UVA_cookie Session: 973016679.175537
Timestamp: 973021258
Portal: 0
Expires: Tue, 01-May-2001 19:40:58 GMT
Domain: mindtrails.virginia.edu
Path: /


DATA SHARING

Google Analytics

MindTrails uses Google Analytics, a web analytics service by Google that tracks and reports website traffic. MindTrails uses this service to track device usage, navigation patterns, and referrals. While MindTrails can connect this data to other information you provide, we will not share any of your personal information with Google. The information that Google collects is anonymous in nature, and will not be personally identifiable. By participating in any MindTrails study, you consent to this information being collected by Google Analytics.


National Institute of Mental Health Data Archive

Data from this study may be submitted to the National Institute of Mental Health Data Archive (NDA). The NDA is a data repository run by the National Institute of Mental Health (NIMH) that allows esearchers studying mental health and substance use to collect and share deidentified information with each other. A data repository is a large database where information from many studies is stored and managed. Deidentified information means that all personal information about research participants such as name, address, and phone number is removed and replaced with a code number. With an easier way to share, researchers hope to learn new and important things about mental illnesses more quickly than before.

During and after the study, the researchers will send deidentified information about your health and behavior and in some cases, your genetic information, to NDA. Other researchers nationwide can then file an application with NIMH to obtain access to your deidentified study data for research purposes. Experts at NIMH who know how to protect health and science information will look at every request carefully to minimize risks to your privacy.

You may not benefit directly from allowing your information to be shared with NDA. The information provided to NDA may help researchers find better treatments. NIMH will also report to Congress and on its web site about the different studies that researchers are conducting using NDA data. However, you will not be contacted directly about the data you contributed to NDA.

You may decide now or later that you do not want to share your information using NDA. If so, contact the MindTrails team here and we will tell NDA, which can stop sharing the research information. Please note that NDA cannot take back information that was shared before you changed your mind. If you would like more information about NDA, this is available at: http://data-archive.nimh.nih.gov.


OUR COMMITMENT TO DATA SECURITY

To prevent unauthorized access, maintain data accuracy and ensure the correct use of information, we have put in place appropriate physical, electronic and managerial procedures to safeguard and secure the information we collect online, consistent with the policies of the University and with the laws and regulations of the Commonwealth of Virginia.