ResponsiBLUE Privacy Policy

Last update: August 24, 2021

Overview

The University of Michigan (U-M) privacy statement recognizes the value of privacy for the university community and its guests.

This privacy notice provides more specific information on how the ResponsiBLUE software application collects and processes your personal information.

Scope

The notice applies to our practices for gathering and disseminating information related to ResponsiBLUE (“we”, “us”, or “our”) and is meant to provide you an overview of our practices when collecting and processing personal information.

How We Collect Information

We collect personal information in the following ways:

  • Automatically by U-M, when you authenticate using your U-M credentials and when you use the ResponsiBLUE application.
  • Automatically by third parties, when we partner with third-party service providers, such as Google Analytics, to collect and store certain information about your interaction with the application.
  • From other U-M sources, when we use COVID-19 testing, quarantine/isolation, and self-reported vaccination information available in U-M systems to share with students, faculty, and staff.

What Type of Information We Collect

The ResponsiBLUE application collects or has access to the following information:

  • U-M uniqname
  • Date and time of self-screen completion
  • Responses to self-screen questions
  • Overall self-screen result (red or green indicator)
  • Page usage over time (in aggregate)
  • COVID-19 testing program data collected from Ann Arbor campus students:
    • Date of last COVID-19 test
    • Quarantine or Isolation status (yes or no)
    • Departure date for quarantine or isolation
    • Evaluation of compliance with COVID-19 testing program.
  • Self-reported COVID-19 vaccination or exemption data collected from U-M students, faculty, and staff:
    • Vaccination or exemption status
    • Dates of vaccination.

Identifiable information is retained for one year in compliance with Michigan Occupational Safety and Health Administration (MIOSHA); Emergency Rules; Coronavirus Disease 2019 (COVID-19); filed with the secretary of state on October 14, 2020.  After one year, the U-M uniqname is deleted in order to de-identify the information. De-identified information is retained indefinitely.

Data automatically collected by marketing service providers, such as Google Analytics, includes:

  • The internet domain from which a visitor accesses the web application 
  • The IP address assigned to the visitor’s device
  • The type of device and browser the visitor is using 
  • The date and time of the visit 
  • The address of the website from which the visitor has linked to responsiblue.umich.edu
  • Amount of time spent, interactions, and content viewed in the application.

How This Information Is Used

We may use identifiable information to:

  • Allow users to display results in the application for 18 hours after completing the daily self-screen. The result is reset every 18 hours and the user can take the daily self-screen again.
  • Ensure individuals accessing U-M premises have completed the daily self-screen.
  • Provide users with the ability to present their compliance evaluation result (red or green indicator) for access to campus buildings and/or services.
  • Produce compliance reporting for university administration and the state of Michigan.
  • Enable University officials or public health officials to make public health-informed decisions and plans at the University of Michigan, including but not limited to the purposes of waiving or reducing COVID-19 testing requirements, face covering requirements (in accordance with the U-M Face Covering Policy for COVID-19), quarantine requirements, or other public health protocols.
  • Monitor early indicators of potential outbreaks.

We use de-identified and/or aggregated information to:

  • Monitor trends in aggregate symptom reports over time, measure the overall burden of illness in our community, and provide an early indicator of potential outbreaks. The information helps target resources for testing, support, and mitigation.
  • Monitor application performance to inform improvements to the application, such as device and browser compatibility, application features, etc.

The use of this data is governed by university policy and the U-M Data Governance framework, among other methods. Data requests and use cases will only be considered if they are related to public health. Such requests will be directed for review and approval, guided by the U-M Institutional Data Resource Management Policy.

With Whom This Information Is Shared

We do not sell or rent your personal information. Individually identifiable information may be shared as required by law, as well as with university partners, external service providers, or government agencies to aid with COVID-19 response efforts.

Specifically, we use Google Analytics to monitor application usage and performance. Google Analytics cookies and tag manager count visits and traffic sources in order to measure and improve the performance, navigation, and content of the ResponsiBLUE application.

What Choices You Can Make About Your Information

If you wish to opt out of data collection, you must stop using the application, which may impact your ability to access U-M buildings, resources and services. If you wish to uninstall the application, use the standard uninstall processes of your mobile device, the mobile application marketplace, or network.

If you wish to block Google Analytics cookies, visit tools.google.com/dlpage/gaoptout (for desktop users). Alternatively, you can manage your browser settings to accept or refuse these cookies (for Google Chrome users).

How Information Is Secured

The University of Michigan recognizes the importance of maintaining the security of the information it collects and maintains, and we endeavor to protect information from unauthorized access and damage. The University of Michigan strives to ensure reasonable security measures are in place, including physical, administrative, and technical safeguards to protect your personal information.

Privacy Notice Changes

This privacy notice may be updated from time to time. We will post the date our notice was last updated at the top of this privacy notice.

Who to Contact With Questions or Concerns

If you have any concerns or questions about how your personal data is used, please contact the U-M Privacy Office at privacy@umich.edu or 500 S. State Street, Ann Arbor MI 48109.