Metropolitan Transportation Commission
Last updated November 12, 2014
The following definitions apply:
Personally Identifiable Information (PII): PII identifies or describes a person or can be directly linked to a specific individual. Examples of PII include but are not limited to, a person’s name, mailing address, business name, alternate contact information (if given), email address, fax number, telephone number, and Travel Pattern Data.
Travel Pattern Data: Travel Pattern Data is information concerning a 511 user’s trip start and end points, travel day(s) and time(s) of day, as well as details of when MY 511 alerts are requested.
Aggregate Data or Aggregate Information: Aggregate Data or Aggregate Information is statistical information that is derived from collective data that relates to a group or category of persons from which PII has been removed. Aggregate Data reflects the characteristics of a large group of anonymous people. MTC may use Aggregate Data for such things as generating 511 Driving Times and statistical reports for the purpose of managing the 511 program. MTC may also provide Aggregate Data to third parties.
Collection of Personally Identifiable Information
MTC collects PII for the 511 and Regional Rideshare programs, which may include a person’s name, business or workplace name, mailing address(es), email address(es), telephone number(s), fax number(s), password, user name, and Travel Pattern Data. If a 511 user utilizes the 511 Transit Tracker tool and requests that his or her personalized Uniform Resource Locator (URL) with transit stop information be emailed to him or her, MTC, through a 511 Contractor, will retain the user’s email address and associated URL for a 12-month period for the purpose of resolving system errors that may occur.
How MTC uses Personally Identifiable Information
MTC uses the PII provided by customers to effectively and efficiently process enrollments, respond to questions, send customer-requested data via e-mails or text messages, and otherwise communicate with 511 users.
For the 511 RideMatch, SchoolPool and Bike Buddy services, MTC uses PII to provide database participants’ first and last names, email addresses, employer or school names, telephone numbers and the approximate geographic locations of trip start and end points to other members within the respective client database. This information is mailed via United States Postal Service on paper “matchlists,” emailed, or provided online (during a registered user’s account session) in response to a user’s web- or phone-based request. Trip start and end points are provided as either the nearest cross streets or as points on a map showing the general location. Specific home or work addresses are not provided. PII is used only to facilitate carpool, vanpool or BikeBuddy matches and to provide information about products, services and campaigns that encourage the use of alternatives to driving alone. Additionally, database participants may receive e-mails or phone calls from 511 program administrators requesting participants to review and update their PII and/or to assist the formation of carpools, vanpools, or bike buddies.
Regarding MY 511, MTC uses PII to provide traveler information as customized by the MY 511 registrant. This may include, if set up by the registrant, automatic emailing or texting of driving times and transit departures at times of day or traffic-severity levels determined by the participant. Periodically, MTC may send emails to all MY 511 registrants providing general system information. If registrants have signed up for 511 news, MTC will periodically send emails that could include such things as 511 marketing of new features and invitations to participate in 511 surveys and/or focus groups.
Third Parties with Whom MTC May Share Personally Identifiable Information
MTC hires third party service providers (the 511 Contractors) for the purpose of operating the 511 Program. 511 Contractors are provided only with the PII they need to deliver the service. MTC requires 511 Contractors to maintain the confidentiality of the information and to use it only as necessary to carry out their duties under the 511 Program.
MTC also shares Rideshare PII (PII related to the RideMatch, SchoolPool and Bike Buddy programs) with other government-funded rideshare agencies, such as the Bay Area Air Quality Management District, 511 Contra Costa, the Peninsula Traffic Congestion Relief Alliance, the San Francisco Department of the Environment, Solano/Napa Commuter Information, the Transportation Agency of Monterey County, the Association of Monterey Bay Area Governments, the Council of San Benito County Governments, and the Santa Cruz County Regional Transportation Commission for ridesharing purposes only.
MTC may also share Rideshare PII with select employers. These select employers have been granted access to the Rideshare Matching database because they wish to take a more active role in facilitating carpools and/or vanpools among their employees. As such, employers with access to the Rideshare Matching database only have access to PII for their employees.
In addition, comments and inquiries, which usually contain some PII such as name and e-mail address, may be shared with third parties for review, comment and/or action in order to appropriately respond to the specific concern. For example, comments and inquiries received by 511 that are related to services provided by other public agencies (e.g., transit agencies) are forwarded to those agencies for their response. Likewise, a 511 Contractor may need to share the comment with a subcontractor, if necessary, to troubleshoot technical issues.
Besides these entities, PII will not be disclosed to any other third party without express customer consent, except as required to comply with laws or legal processes served on MTC.
Retention of Personally Identifiable Information
MTC, through the 511 Contractors, shall only store the PII of a 511 user that is necessary to provide the requested service. All Rideshare PII shall be discarded no more than seven years from the date a 511 registered user removes him/herself from the system, or is automatically (based on inactivity) or manually (at the registered user’s request or other reason) removed from the system. All MY 511 PII is deleted from 511 databases no more than seven years from a user’s removal of his/her account from MY 511 or upon Contractor’s removal of an account at the registered user’s request. PII incorporated in customer comments shall be deleted no more than seven years after the comment has been addressed. For the Transit Tracker tool, all email addresses and associated URLs that may be stored are automatically deleted 12 months from the date that the URL was emailed to the user.
Security of 511 Personally Identifiable Information
MTC is committed to the security of participants’ PII. MTC, together with the 511 Contractors, stores the PII provided by 511 users on computer servers that are located in secure, controlled facilities. Servers are designed with software, hardware and physical security measures in place to prevent unauthorized access.
Access to PII is controlled through the following administrative, technical, and physical security measures. By contract, third parties with whom MTC shares PII are also required to implement adequate security measures to maintain the confidentiality of such information.
- Access to PII is limited only to certain employees for limited, approved purposes based on their specific work responsibilities. Employees’ use of 511 Rideshare customer databases is limited via authentication and authorization mechanisms.
- Privacy and security training is required for employees with access to PII, upon hire. In addition, regular periodic refresher training is required for those employees.
- 511 network perimeters are protected with firewalls.
- 511 systems are implemented to ensure PII is segregated from Aggregate Information.
- PII is stored in limited-access databases that require proper authentication and authorization for access. MY 511 user passwords are encrypted.
- Electronic connections containing PII between both the MY 511 and the 511 RideMatching System web applications and a users’ browser are fully encrypted using SSL (secure sockets layer) technology. User sign-up of 511 Application Program Interfaces (“APIs”) is not encrypted.
- Program administrators can not access user passwords; user passwords are one-way encrypted.
- Physical access to MTC and 511 Contractors’ servers is restricted to authorized technical personnel.
- Data center access to approved technical personnel is restricted via photo / passcode authentication, and other security protocols.
In addition to MTC’s policies and procedures implementing PII security, the 511 user must also do such things as safeguard passwords, PINs, and other authentication information that may be used to access a 511 account. 511 users should not disclose authentication information to any third party and should notify MTC of any unauthorized use of their passwords. MTC cannot secure PII that is released by 511 users or PII that customers request MTC to release. In addition, there is a risk that unauthorized third parties may engage in illegal activity by such things as hacking into MTC’s security system or the 511 Contractors’ security systems or by intercepting transmissions of personal information over the Internet.
Please note that the 511 Contractors will never ask 511 users to provide or confirm any information in connection with 511 including PII, unless the customer is a subscriber to 511 services. If a 511 user ever has any doubt about the authenticity of an e-mail regarding 511, the user should either (1) open a new web browser, log into the 511 user’s account, and then perform the requested activity or (2) contact 511, by sending a message via the 511.org suggestion form (http://www.511.org/about-511-suggestions.asp) to verify the purpose and authenticity of the message.
Account access and controls
Creating an account with 511 is in the customer’s discretion. The required account information consists of PII such as name, business or workplace name, mailing address(es), email address, telephone number, user name, password, and trip start and end points. MTC may request other optional information, such as alternate contact information, but, in such instances, clearly indicates that such information is optional.
Customers can review and update personal account information at any time. PII can be reviewed and edited online as discussed below under “Updating Personally Identifiable Information.” 511 users can close their MY 511 or Ridematch account at any time on line. In such case, all MY 511 account information will be deleted no more than seven years after the customer closes his/her account. All Rideshare account information will be deleted no later than seven years after the date a 511 registered user removes him/herself from the system, or is automatically (based on inactivity) or manually (at the registered user’s request or other reason) removed from the system.
MTC may also combine the PII provided by 511 users in a non-identifiable format with other information to create Aggregate Data that may be disclosed to third parties. Aggregate Data is used by MTC to improve the 511 program and for marketing 511. Aggregate Data does not contain any information that could be used to contact or identify individual 511 users or their accounts. For example, MTC may inform third parties regarding the number of 511 accounts within a particular zip code. MTC requires third parties with whom Aggregate Data is shared to agree that they will not attempt to make information personally identifiable, such as by combining it with other databases.
511 website users should review the privacy policies of websites they may visit or link to from 511 .org to understand how these external sites utilize cookies and how the information is collected by these cookies.
MTC does not knowingly engage in business with any company or vendor that uses Spyware or Malware. MTC does not market detailed information collected from web sessions that can be directly tied to personal information. Further, MTC does not provide 511 users with downloadable software that collects or utilizes any PII.
511 Mobile Website
The 511 Real-Time Transit Departures Mobile Webpage, 511 Parking Mobile Webpage, and 511 Transit Trip Planner Mobile Webpage (“511 Mobile Webpages”), were developed by a 511 Contractor. When a 511 user accesses the 511 Mobile Webpages, the user may enable his or her Global Positioning System location information (“location information”) to be used by the 511 Mobile Webpages, which will allow the user’s location to be utilized when he or she requests real-time transit departure, parking, or transit trip information. This feature can be disabled or enabled on the user’s mobile device. When the user accesses the 511 Mobile Webpages, the 511 Contractor collects the user’s device’s Internet Protocol (IP) address, the time and date of the request and, if the user has enabled and utilizes location information, the longitude and latitude at the time of the request. This information is used to resolve system errors that may occur. The information is automatically deleted with respect to the 511 Transit Trip Planner Mobile Webpage upon the expiration of 60 days from the date of the request. For the 511 Real-Time Transit Departures and Parking Mobile Webpages, the information is automatically deleted upon the expiration of 12 months from the date of the request.
511 Transit App
The 511 website contains links to third-party websites operated by entities that are affiliated with 511. These web links may be referenced within content, or placed beside the names or logos of the other entities. MTC does not disclose PII to these third-party websites.
WARNING: Once you enter external websites (whether through a service or content link), MTC is not responsible for the privacy practices of those other websites. Please review all privacy policies of external websites you may link to through our website, before providing any information to such other websites.
Updating Personally Identifiable Information
PII can be reviewed and edited online. The 511 website uses functions that have the ability to collect and store self-reported data. These functions enable 511 users to revise, update or review previously submitted information by going back to the applicable function, logging-in and making the desired changes.
Complaints or problems regarding updating personal information should be submitted via the Comment Form. The 511 Contractors will either resolve the issue or forward the complaint to an appropriate MTC staff member for response or resolution. MTC strives to answer all queries within five business days, but it may not always be feasible to do so.
If an adequate resolution is not received, please contact MTC’s Privacy Officer at:
Metropolitan Transportation Commission
Attn: Privacy Officer
101 8th Street, Oakland, CA 94607
Or e-mail: firstname.lastname@example.org
Or call: 510-817-5700
Emails Sent to MTC
June 7, 2012 Revisions to address 511 Transit App
July 24, 2012 Revisions to address other Mobile Applications that use 511 services and to update name of 511 Contractor.
May 21, 2014 Revisions to delete Uses of FasTrak® Toll Tag Data as the 511 Driving Times service no longer uses toll tag data, to update name of 511 Contractor and to make other clarifying edits.
November 12, 2014 Revisions to address the 511 Transit Tracker tool and 511 Mobile Website and to make other general changes.