WyoLogin Privacy Policy
Table of Contents
- The WyoLogin Privacy Policy
The WyoLogin Privacy Policy
Introduction
The University of Wyoming ("UW") recognizes and respects the privacy interests of its community members. This document describes the WyoLogin privacy policy with regard to data that is shared with online applications when utilizing WyoLogin.
WyoLogin allows UW users to use their credentials to single-signon (SSO) to a variety of UW and cloud-hosted applications supporting academic, research, and administrative activities. Example applications include WyoCourses, Banner, Office 365, and WyoCloud.
This policy only covers data that is released during the authentication process. For many services data not listed in this policy is released outside of the authentication process to create an account or to provide data required for the service to function.
Privacy Statement
WyoLogin ensures that all cloud-based and most UW hosted applications do not have access to your password. WyoLogin will handle confirmation of a successful authentication on behalf of the application. This is important for ensuring the security of your credentials.
For all cloud-based applications, as well as most of the UW hosted applications, a set of attributes is released during the authentication process that is used to identify the user. These attributes will come from one of the three identity provider services – Active Directory Federation Services (ADFS), Central Authentication Service (CAS), or Shibboleth (Shib).
Permission to release information about you:
If upon review of this information you do not want to release the indicated attributes about you to an application, you may elect not use that application. Note that this does not imply that there are alternatives.
Re-use or distribution of information about you:
The attributes released to an application are deemed necessary to appropriately use that application and that is the only purpose for which the attributes are released. If you detect such misuse of your information, see below for how to contact us.
Sharing of Data with Applications
The attributes that are released to an application are kept to a minimum, meaning attributes that are not required by the application for proper functioning are not released.
The current list of attributes being released to applications is available here:
Why is Data Shared with Online Applications
Online applications often need to authenticate you to know who you are. Once a person is successfully authenticated the application requires a unique identifier in order to access any personal preferences or other information it needs to track in order to efficiently support you. The application may also need to know if you are student, faculty or staff, etc in order to know what information or functions to present. An application may also save your name if needed to identify you to others, say for an automated workflow.
How Data Is Protected
Employees of UW Information Technology (UWIT) are required to sign a confidentiality agreement. In addition, UWIT follows federal and state guidelines on protecting the privacy of its users. These guidelines include, but are not limited to, Family Education Rights and Privacy Act (FERPA); Gramm Leach Bliley Act of 1999 (GLB); and the Health Insurance Portability and Accountability Act of 1996 (HIPPA)
Notice for Updates and Changes to Policy
This policy will be updated on occasion and the most current version will always be posted here. We encourage you to review it regularly.
Who to Contact if You Have Questions
Questions can be directed to the UWIT helpdesk at userhelp@uwyo.edu or by calling 307-766-4357.