The California Public Utilities Commission (CPUC) Deaf and Disabled Telecommunications Program (DDTP) is committed to promoting and protecting the privacy rights of individuals, as enumerated in Article 1 of the state constitution, the Information Practices Act of 1977, and other state and federal laws.
It is the policy of the DDTP to limit the collection and safeguard the privacy of personal information collected or maintained by the DDTP. The DDTP’s information management practices conform to the requirements of the Information Practices Act (Civ. Code § 1798 et seq.), the Public Records Act (Govt. Code § 6250 et seq.), Government Code sections 11015.5 and 11019.9, and other applicable laws pertaining to information privacy.
The DDTP adheres to the following principles for the collection and management of personal information:
- The DDTP collects personal information on individuals only as allowed by law. The DDTP limits its collection of personal information to what is relevant and necessary to accomplish the purposes of the DDTP, as defined by Public Utilities Code section 2881. For example, DDTP may need to know an individual’s home address, e-mail address, or telephone number, in order to answer the individual’s questions, determine applicant eligibility, or provide requested assistance. Personal information is broadly defined as any information that identifies or describes an individual, including a person’s name, Social Security number, physical description, home address, home telephone number, education, financial matters, and medical or employment history.
- The DDTP does not collect e-mail addresses or personal account information from people who simply browse DDTP websites. The DDTP collects personal information through DDTP websites only if an individual provides the information to the DDTP voluntarily through such means as e-mail, registration forms, or surveys.
The DDTP may collect anonymous user information regarding the domain name or Internet Protocol (IP) address related to the devices used to access DDTP websites, the type of browser and operating system used, the date and time the website is visited, web pages displayed, and any documents that are downloaded. The DDTP may use session cookies, simple text files stored temporarily on a visitor’s computer by a web browser, to enable easy movement through the site. The information collected in this manner is not subject to requests made pursuant to the Public Records Act, and site visitors may request to have their information discarded without reuse or distribution by contacting DDTP Consumer Affairs (See contact information in Section 8, below).
- The DDTP endeavors in each instance to tell people who provide personal information to the DDTP the purpose for which the information is collected. The DDTP strives to notify people of the general uses of the personal information it collects at the time it is submitted. With each request for personal information, the DDTP provides information on the authority under which the request is made, the principal purposes of the information, and the possible disclosures the DDTP is obligated to make to other government agencies and the public.
- The DDTP provides individuals who submit personal information the option to review that information at any time. The DDTP allows individuals who provide personal information to review the information and contest its accuracy or completeness. To access your personal information, please contact DDTP Consumer Affairs (See contact information in Section 8, below).
- The DDTP uses personal information only in ways consistent with the specified purpose for collection, unless otherwise required or allowed by law or regulation. The Public Records Act generally grants the public a right to access appropriate records and information possessed by the state. However, there are important exceptions, including the need to maintain the privacy of individuals. In the event of a conflict between this policy and the Public Records Act, the Information Practices Act or other law governing the disclosure of records, the applicable law will control.
- The DDTP uses information security safeguards. The DDTP takes reasonable precautions to protect personal user information against loss, unauthorized access, and illegal use or disclosure. The DDTP uses Transport Layer Security and/or Secure Socket Layer (TLS/SSL) encryption to protect the security of personal information during transmission through DDTP websites. The DDTP stores personal information in secure locations. The DDTP staff and contractors are trained on procedures for the management of personal information, including limitations on the release of information, and have signed statements of confidentiality. Access to personal information is limited to those staff members whose work requires access. Confidential information is maintained and destroyed according to the DDTP’s records retention schedule. The DDTP conducts periodic reviews to ensure that proper information management policies and procedures are understood and followed.
- For additional information about the California Consumer Privacy Act (CCPA) that took effect on January 1, 2020, visit the CCPA website at: California Consumer Privacy Act (CCPA) Fact Sheet.
- The California Office of the Attorney General (OAG) provides consumers with additional privacy resources. For additional information about your privacy rights and protections in California, please visit the OAG’s Privacy Enforcement and Protection website at http://oag.ca.gov/privacy.