Metropolitan Transportation Commission: 511 Privacy Policy

The effective date of this Privacy Policy is November 16, 2011
Last updated July 24, 2018

Overview

The Metropolitan Transportation Commission (MTC) is committed to ensuring 511 user privacy and security.  Specifically:  (1) MTC will not provide personally identifiable information (“PII”) from 511 users to any third party without express customer consent, except as described in the Privacy Policy; (2) PII from 511 users will never be provided to advertisers for their use; and (3) MTC will maintain a secure environment for customer PII.

This Privacy Policy is intended to provide an understanding of how MTC handles PII collected by the 511 Programs.  Among other things, this policy explains the types of information collected from 511 users; the third parties with whom MTC may share this information; and the process by which 511 users are notified about material changes to this Policy.

MTC contracts with various contractors to operate and maintain 511.  Collectively, these contractors are referred to in this 511 Privacy Policy as the “511 Contractors.”  MTC oversees the 511 Contractors.  511’s Terms of Use (https://511.org/about/termshttps://511.org/about/terms/spanish, and https://511.org/about/terms/chinese) notify users that by using the 511 system, the user is allowing MTC, the 511 Contractors and other third parties referenced herein, to process PII according to the provisions set forth in 511’s Terms of Use and this Privacy Policy.

Definitions

The following definitions apply:

Personally Identifiable Information (PII):  PII identifies or describes a person or can be directly linked to a specific individual. Examples of PII include but are not limited to, a person’s name, mailing address, business name, alternate contact information (if given), email address, fax number, telephone number, and Travel Pattern Data.

Travel Pattern Data:  Travel Pattern Data is information concerning a 511 user’s trip start and end points, travel day(s) and time(s) of day.

Aggregate Data or Aggregate Information:  Aggregate Data or Aggregate Information is statistical information that is derived from collective data that relates to a group or category of persons from which PII has been removed.  Aggregate Data reflects the characteristics of a large group of anonymous people. MTC may use Aggregate Data for such things as generating statistical reports for the purpose of managing the 511 Programs.  MTC may also provide Aggregate Data to third parties.

511 IVR: The 511 IVR (Interactive Voice Response) is an automated phone system that provides automated traveler information or direct transfers to 511 partner transit agency call centers.

511 Programs: Services available on the 511 website and 511 IVR, including but not limited to, the 511 Regional Traveler Information Service and the 511 Regional Carpool Program.

511 RideMatch Service (511 RMS): The 511 RMS, which is part of the 511 Carpool Program, uses an interactive system to help 511 users find carpools, vanpools or bicycle partners.  511 RMS also allows users to track trips using the 511 Trip Diary.

Registered Developer: A Registered Developer is a person or entity that has registered for access, via Application Programming Interface (API) Token, to APIs and other data resources available at https://511.org/open-data.

API Token: An API token is the form of authentication similar to a username/password that is granted through the 511 Developers webpage at https://511.org/open-data/token. An API token is appended to subsequent API requests, and is stored in a database and verified on each request.

Collection of Personally Identifiable Information

MTC collects PII for the 511 Programs, which may include a person’s name, business or workplace name, mailing address(es), email address(es), telephone number(s), fax number(s), password, user name, and Travel Pattern Data.  MTC obtains this PII from applications and other forms submitted by 511 users by telephone, mail, facsimile transmission or by electronic submission through 511.org.  If a 511 user utilizes the 511 Transit Tracker tool and requests that his or her personalized Uniform Resource Locator (URL) with transit stop information be emailed to him or her, MTC does not retain the user’s email address.

How MTC uses Personally Identifiable Information

MTC uses the PII provided by customers to process enrollments, respond to questions, send customer-requested data via e-mails, and otherwise communicate with 511 users.

For the 511 RMS, MTC provides database participants’ first and last names, email addresses, employer or school names, telephone numbers and the approximate geographic locations of trip start and end points to other members within the respective client database. This information is mailed via United States Postal Service on paper “matchlists,” emailed, or provided online (during a registered user’s account session) in response to a user’s web- or phone-based request. Trip start and end points are provided as either the nearest cross streets or as points on a map showing the general location. Specific home or work addresses are not provided. PII is used only to facilitate carpool, vanpool or Bike Buddy matches and to provide information about products, services and campaigns that encourage the use of alternatives to driving alone. Additionally, database participants may receive e-mails or phone calls from 511 program administrators requesting participants to review and update their PII, to assist the formation or maintenance of carpools, vanpools, or Bike Buddy matches, and/or for program evaluation.

For Registered Developers utilizing the resources available at 511.org/developers, MTC uses PII to a) communicate with them about their API Tokens and to distribute news and updates on 511 APIs, b) determine their API usage, and c) restrict API usage based on predetermined usage quotas per user.

For callers into the 511 IVR, MTC uses telephone numbers to a) troubleshoot customer issues related to system functionality, b) detect and log survey participants, and c) determine the percentage of new system users.

PII is only utilized as described in this Privacy Policy.

Third Parties with Whom MTC May Share Personally Identifiable Information

MTC hires third party service providers (the 511 Contractors) for the purpose of operating the 511 Programs. 511 Contractors are provided only with the PII they need to deliver the service. MTC requires 511 Contractors to maintain the confidentiality of the information and to use it only as necessary to carry out their duties under the 511 Programs.

MTC also shares  PII collected through the 511 RMS with other government-funded agencies that promote carpooling, such as the Bay Area Air Quality Management District, 511 Contra Costa, Commute.org, the San Francisco Department of the Environment, Solano/Napa Commuter Information, the Transportation Agency of Monterey County, the Association of Monterey Bay Area Governments, the Council of San Benito County Governments, and the Santa Cruz County Regional Transportation Commission.

MTC may also share PII contained in the 511 RMS with select employers.  These select employers have been granted access to the 511 RMS because they wish to take a more active role in facilitating carpools and/or vanpools among their employees.  As such, employers with access to the 511 RMS database only have access to PII for their employees.

In addition, comments and inquiries, which usually contain some PII such as name, e-mail address, and/or telephone number, may be shared with third parties for review, comment and/or action in order to appropriately respond to the specific concern.  For example, comments and inquiries received by the 511 Regional Traveler Information Service that are related to services provided by other public agencies (e.g., transit agencies) are forwarded to those agencies for their response.  Likewise, a 511 Contractor may need to share the comment with a subcontractor, if necessary, to troubleshoot technical issues.

Besides these entities, PII will not be disclosed to any other third party without express customer consent, except as required to comply with laws or legal processes served on MTC.

Retention of Personally Identifiable Information

MTC, through the 511 Contractors, shall only store the PII of a 511 user that is necessary to provide the requested service. All 511 Carpool Program PII shall be discarded no more than four years and six months from the date a registered user removes him/herself from the RMS, or is automatically (based on inactivity) or manually (at the registered user’s request or other reason) removed from the system. All Registered Developers’ PII shall be discarded immediately from the date a Registered Developer removes him/herself from the system, or is otherwise removed from the system. PII incorporated in customer comments shall be deleted no more than four years and six months after the comment has been addressed. All telephone numbers of callers to the 511 IVR shall be deleted no later than the expiration of MTC’s contract with the 511 system integrator, which is estimated to be June 30, 2023.

The MY 511 program terminated in June 2016. All MY 511 PII has been deleted from the MY 511 database, with the exception of email addresses for those MY 511 customers who then had active accounts and who had opted into receiving news about 511 via email, to allow them to continue receiving such communications. These email addresses shall be deleted no later than December 1, 2020, or earlier, at the request of the customer. Customers may make such a request by emailing contact511@511.org.

Security of 511 Personally Identifiable Information

MTC is committed to the security of participants’ PII.  MTC, together with the 511 Contractors, stores the PII provided by 511 users on computer servers that are located in secure, controlled facilities.  Servers are designed with software, hardware and physical security measures in place to prevent unauthorized access.

Access to PII is controlled through the following administrative, technical, and physical security measures. By contract, third parties with whom MTC shares PII are also required to implement adequate security measures to maintain the confidentiality of such information.

Administrative:

  • Access to PII is limited only to certain employees for limited, approved purposes based on their specific work responsibilities.  Employees' use of 511 Carpool Program customer databases is limited via authentication and authorization mechanisms.
  • Privacy and security training is required for employees with access to PII, upon hire.  In addition, regular periodic refresher training is required for those employees.

Technical:

  • 511 network perimeters are protected with firewalls.
  • 511 systems are implemented to ensure PII is segregated from Aggregate Information.
  • PII is stored in limited-access databases that require proper authentication and authorization for access.
  • Electronic connections containing PII between the 511 RMS and/or Developers’ web applications and a user’s browser are fully encrypted using SSL (secure sockets layer) technology. User sign-up of 511 APIs is also encrypted.
  • Program administrators cannot access user passwords; user passwords are one-way encrypted.

Physical:

  • Physical access to MTC and 511 Contractors’ servers is restricted to authorized technical personnel.
  • Data center access to approved technical personnel is restricted via photo / passcode authentication, and other security protocols.

In addition to MTC’s policies and procedures implementing PII security, the 511 user must also do such things as safeguard passwords, PINs, and other authentication information that may be used to access a 511 account. 511 users should not disclose authentication information to any third party and should notify MTC of any unauthorized use of their passwords. MTC cannot secure PII that is released by 511 users or PII that customers request MTC to release.  In addition, there is a risk that unauthorized third parties may engage in illegal activity by such things as hacking into MTC’s security system or the 511 Contractors’ security systems or by intercepting transmissions of personal information over the Internet.

Please note that the 511 Contractors will never ask 511 users to provide or confirm any information in connection with 511 including PII, unless the customer is a subscriber to 511 services.  If a 511 user ever has any doubt about the authenticity of an e-mail regarding 511, the user should either (1) open a new web browser, log into the 511 user’s account, and then perform the requested activity or (2) contact 511, by sending a message via the 511.org suggestion form (https://511.org/feedback) to verify the purpose and authenticity of the message.

Account access and controls

Creating an account with 511 is in the customer’s discretion.  The required account information consists of PII such as name, business or workplace name, mailing address(es), email address, telephone number, user name, password, and trip start and end points.  MTC may request other optional information, such as alternate contact information, but, in such instances, clearly indicates that such information is optional.

Customers can review and update personal account information at any time. PII can be reviewed and edited online as discussed below under “Updating Personally Identifiable Information.”  511 users can close their 511 RMS accounts or cancel their API Tokens at any time online.   For 511 RMS accounts, all account information will be deleted no later than four years and six months after the date a 511 registered user removes him/herself from the system, or is automatically (based on inactivity) or manually (at the registered user’s request or other reason) removed from the system.  In the case of API Tokens, all user information will be deleted upon cancellation.

Aggregate Data

MTC may also combine the PII provided by 511 users in a non-identifiable format with other information to create Aggregate Data that may be disclosed to third parties. Aggregate Data is used by MTC to improve the 511 program and for marketing 511. Aggregate Data does not contain any information that could be used to contact or identify individual 511 users or their accounts. For example, MTC may inform third parties regarding the number of 511 accounts within a particular zip code. MTC requires third parties with whom Aggregate Data is shared to agree that they will not attempt to make information personally identifiable, such as by combining it with other databases.

Usage Metrics

The 511.org website uses third-party traffic measurement services called Google Analytics to gather and compute website usage metrics. These third party tools collect customers’ Internet Protocol (IP) addresses and the pages the users are visiting. MTC and its contractors use website usage metrics for such things as analyzing results of the 511.org marketing campaigns and making recommendations for website improvements, and may include such information as Aggregate Data in operational reports and presentations. These third party tools may set a cookie that will enable it to function properly.

The 511 IVR uses a proprietary usage tracking system to gather and compute IVR usage metrics. These tools collect customers’ telephone numbers and requests. MTC and its contractors use this information for such things as analyzing results of the 511 marketing campaigns and making recommendations for IVR improvements, and may include such information as Aggregate Data in operational reports and presentations.

Cookies

The 511 website (https://511.org) stores “cookies” (small data elements) on users’ computers. The 511 website uses cookies to facilitate customer website use (e.g. remember login names and passwords until the session ends). The 511 website does not require users to enable cookies in order to use the 511 website.  Users may change their browser security settings to accept or reject cookies..

511 website users should review the privacy policies of websites they may visit or link to from 511.org to understand how these external sites utilize cookies and how the information is collected by these cookies.

MTC does not knowingly engage in business with any company or vendor that uses Spyware or Malware. MTC does not market detailed information collected from web sessions that can be directly tied to personal information. Further, MTC does not provide 511 users with downloadable software that collects or utilizes any PII.

511 Trip Planner Location Information

511.org was developed by a 511 Contractor. When a 511 user accesses 511.org, the user may enable his or her Global Positioning System location information (“location information”) to be used by the 511 Trip Planner, which will allow the user’s location to be utilized when he or she requests trip planning information. This feature can be disabled or enabled on the user’s mobile device or browser.  When the user accesses 511.org, the 511 Contractor collects the user’s device’s Internet Protocol (IP) address, the time and date of the request and, if the user has authorized the use of location information, the longitude and latitude at the time of the request is utilized to serve a specific trip plan.  This location information may also be stored in the browser cache for recent trips.  The browser cache may be cleared by the user at any time.

In addition, location information, IP address, and other information may be collected by the mobile device’s platform provider and/or the user’s data carrier. Before a 511 user accesses 511.org, he or she should review the terms of use and privacy policy of the user’s platform provider and data carrier to determine how they collect, use, and/or retain PII. MTC is not responsible for the terms of use or privacy policies of the platform providers or data carriers, or the use of PII, by such entities.

Third-Party Websites and Applications

511.org contains links to third-party websites and mobile applications (“Apps”) operated by entities that are affiliated with 511. These web links may be referenced within content, or placed beside the names or logos of the other entities.   In addition, other third party websites or Apps may exist that make use of 511 services or reference 511.org.  MTC does not disclose PII to these third-party websites or Apps.

WARNING: Once a 511 user enters external websites and/or downloads Apps (whether through a service or content link or directly through a third-party website) MTC is not responsible for the privacy practices of those  websites or Apps or the use of PII, including location information, by such websites or Apps.  Before a 511 user downloads or accesses such external websites or Apps or provides any information to them, he or she should review the terms of use and privacy policies of those third-party websitesor Apps to determine how they collect, use, and/or retain PII.

Updating Personally Identifiable Information

PII can be reviewed and edited online. 511.org uses functions that have the ability to collect and store self-reported data. These functions enable 511 users to revise, update or review previously submitted information by going back to the applicable function, logging-in and making the desired changes.

Complaints or problems regarding updating personal information should be submitted via the Feedback Form on 511.org.  The 511 Contractors will either resolve the issue or forward the complaint to an appropriate MTC staff member for response or resolution. MTC strives to answer all queries within five business days, but it may not always be feasible to do so.

If an adequate resolution is not received, please contact MTC's Privacy Officer at:

Metropolitan Transportation Commission
Attn: Privacy Officer
375 Beale Street, Suite 800
San Francisco, CA 94105
Or e-mail: privacyofficer@bayareametro.gov
Or call: 415-778-6700

Changes to this Privacy Policy

Material Changes – If MTC makes material changes to the 511 Privacy Policy, MTC will notify 511 customers by means of posting a conspicuous notice on 511.org that material changes have been made.

Immaterial Changes - MTC may also make non-substantive changes to the Privacy Policy, such as those that do not affect the permissible uses or disclosures of PII. In these instances, MTC may not post a special notice on 511.org.

If MTC decides to make any change to the 511 Privacy Policy, material or immaterial, MTC will post the revised policy on 511.org, along with the date of any amendment.

MTC reserves the right to modify this Privacy Policy at any time, so the policy needs to be reviewed frequently by 511 users.

When MTC revises the Privacy Policy, the "last updated" date at the top of the Privacy Policy will reflect the date of the last change. We encourage 511 users to review this Privacy Policy periodically to stay informed about how MTC protects the security of PII collected for the 511 Program. Continued use of the 511 Program constitutes the customer’s agreement to this Privacy Policy and any updates.

Emails Sent to MTC

This Privacy Policy does not apply to the content of e-mails transmitted directly to MTC.  Please do not send PII in an email directly to MTC, if you want to keep content or data private.

Contact information

MTC welcomes your comments on the 511 Privacy Policy.  For questions about this statement, please contact the MTC Privacy Officer at the address, email or phone number listed above.

History of Changes to Privacy Policy

November 2, 2007: Privacy Policy Established

November 16, 2011: Revisions to Privacy Policy

June 7, 2012: Revisions to address 511 Transit App

July 24, 2012: Revisions to address other Mobile Applications that use 511 services and to update name of 511 Contractor.

May 21, 2014: Revisions to delete Uses of FasTrak® Toll Tag Data as the 511 Driving Times service no longer uses toll tag data, to update name of 511 Contractor and to make other clarifying edits.

November 12, 2014: Revisions to address the 511 Transit Tracker tool and 511 Mobile Website and to make other general changes.

January 3, 2017: Revisions to address the termination of MY 511 and the 511 Transit App, to address Registered Developers, and to make other clarifying changes.

July 24, 2018: Revisions to address the 511 IVR and website user metrics and to make other clarifying edits.

^ Back to top