By accessing the FOIA Machine Site, you agree to accept its terms and conditions and are aware that our policies may evolve in the future.
What We Collect and How We Use the Information We Collect
As part of the services provided by FOIA Machine, we must collect some "Personally Identifiable Information," such as your first name, last name, and e-mail address. You may optionally supply other information that can be used to contact you or identify you as an individual, including your postal address and phone number (collectively, “Optional Personally Identifiable Information”). We use Personally Identifiable Information and Optional Personally Identifiable Information to communicate with you and to assist in processing and managing your requests. When you register on the Site, we also require you to set up an account and, at that time, FOIA Machine will collect your username, user ID number, and a hashed password.
Integral in managing and processing your public records requests, FOIA Machine additionally collects the following information: your account type, your Stripe ID associated with your credit card information, your user profile URL, the number of non-expiring and number of expiring requests you have, the date that subscriptions renew, what requests you follow, the kind of status your account has (e.g. “active,” “blocked,” “staff,” or “superuser”), your last login and the date you joined, the requests you have filed, and the agencies with which you have filed these requests.
Our payment processor, Stripe, collects and stores information necessary for making payments including your credit card information, your e-mail address, your Stripe ID, the date you registered, your FOIA Machine username, your subscription information, and logs of certain activities and interactions (e.g. when your account was created and every transaction you make with Stripe)
How We Store Information We Collect
Except for the information collected and stored by Stripe (as described above), all other information is stored by FOIA Machine inside the MuckRock Foundation’s Django app. This information may be further organized or broken down into the following headings and categories, such as: title, URL of request, status of request, jurisdiction, agency, date submitted, date response was received, date request is due, days until request is due, whether the request is currently embargoed, date the embargo extends until, price of the request if the government is charging, description of the request, whether the request is featured, whether special data should be displayed on the side of the request, the request’s government-provided tracking ID number, whether the user has viewed the request since the request was last updated, the number of page views the request has, what e-mail address the request was sent to and/or from, what other e-mail addresses were copied in the correspondence, tags used to organize the request, and FOIA Machine’s internal tracking ID. Metadata associated with every communication included as part of your request shall also be collected and stored. This may include the name of sender, name of receiver, data and time sent, whether it is to or from the user, whether the request uses HTML, the contents of the body of the message, whether that communication changed the status of the request, how may pages an attachment, a description of an attachment, and a copy of an attached file.
How we share information
Except as noted below, FOIA Machine does not share your Personally Identifiable Information with third parties unless you give us your permission or we need to share such information in order to provide the services you have requested. When we supply Personally Identifiable Information to these third parties, we require them to use it only for the function they are helping us with.
How Long Will We Store This Information
Due to the length of the typical public records process and the length of these documents' usefulness, we will store this information indefinitely. Should you no longer wish information from a request you filed through the site to be stored by FOIA Machine, you must send a request via e-mail to email@example.com. Deletion requests will be complied with within 10 days of their submission.
Security and Your Privacy Responsibilities
We keep the Personally Identifiable Information you provide on servers that are protected by technological means against intrusion and unauthorized access.
To help protect your privacy, be sure: not to share your user ID or password with anyone else; to log off the FOIA Machine Site when you are finished; and to take customary precautions to guard against “malware” (e.g. viruses, Trojan horses, bots, etc.), for example, by installing and updating suitable anti-virus software.
Publicly posted information
FOIA Machine does not control, and is not responsible for, the use of any information or content that you have exposed to the public through your use of the FOIA Machine Site.