Privacy and Security Policy

The Texas Department of Information Resources maintains this website as a public service. This policy describes DIR's privacy and security practices regarding information collected from visitors to the site, including what information is collected and how that information is used. The policy applies to all pages beginning with,,, and

Please note that all information collected or maintained by DIR is subject to the provisions of the Texas Public Information Act (TGC 552). The email addresses of most members of the public who communicate with state agencies through the Internet is confidential under Texas law. Exceptions to confidentiality may be reviewed at TGC 552.137.

An individual who submits information in electronic format through this website is entitled, on request, to receive and review the information DIR collects about the individual, and to have DIR correct the information.  Contact DIR with your request.

Use and Release of Information


DIR uses persistent, first-party cookies to track and report visitor information and collect information via web-based forms (see Server Logs/Log Analysis Tools and Web-Based Forms, below). DIR does not implement third-party cookies.

Server logs/log analysis tools

DIR uses persistent, first-party cookies, server logs, and log analysis tools to create summary statistics about website usage to improve site management. The statistics are used for purposes such as assessing what information is of most interest to users, determining technical design specifications, and identifying system performance or problem areas. DIR does not report or use this type of information in any manner that would reveal personally identifiable information, and does not release the information to any outside parties unless required to do so under applicable law.

The following information is collected for this analysis:

  • User/client hostname – hostname (or IP address, if DNS is disabled) of the user/client requesting access

  • HTTP header, “user-agent” – type of browser used, the browser version, and the operating system it is running on

  • HTTP header, “referrer” – page from which the user/client accessed the current page

  • System date – date and time of the user/client request

  • Full request – exact request the user/client made

  • Status – status code the server returned to the user/client

  • Content length – length, in bytes, of the document sent to the user/client

  • Method – Request method used

  • Uniform Resource Identifier (URI or URL) – location of a resource on the server

  • Query string of the URL – anything after the question mark in a URL

  • Protocol – transport protocol and version used

DIR monitors network traffic for site security purposes and to ensure that the site remains available to all users. Unauthorized attempts to upload information, change information on this site, or otherwise cause damage are strictly prohibited and may be punishable under Texas Penal Code Chapters 33 (Computer Crimes) or 33A (Telecommunications Crimes). Except as may be required for authorized law enforcement investigations, no attempts are made to identify individual users or their usage habits. DIR does not use raw data logs for any other purposes; however, it is possible that parts of raw data logs could be determined to be Open Records by the Office of the Attorney General. If such a determination were made subsequent to a Public Information Act request for the logs, DIR would be required to disclose parts of the logs deemed open by the Office of the Attorney General.

Web-based forms

The DIR website uses persistent, first-party cookies with web-based forms for such purposes as collecting survey results, providing online registration for DIR-sponsored events, collecting and reporting of continuing education activities by information resources managers, and recording computerized geographic data. Personally identifiable information collected from web-based forms is used only for the purpose specified (survey results, online registration, etc.). Each web-based form contains a link to Site Policies, including the Privacy and Security Policy. To the extent personally identifiable information is collected, DIR will adhere to all statutory requirements in protecting citizen data.


State agencies may not sell or release the email addresses of most members of the public that have been provided to communicate electronically with a government body without the affirmative consent of the affected member of the public. Exemptions to this confidentiality may be reviewed at TGC 552.137. Personally identifiable information contained in a question or comment sent to DIR in an email message or submitted in an online form is only used by DIR to respond to the request and to analyze trends. To the extent necessary and appropriate, DIR may redirect the message to another government agency or government employee who is in a better position to answer the question.

Questions about this page?

If you have questions or comments about DIR's Privacy and Security Policy, please contact DIR:

Site Policies

About File Formats

Some documents on this page are in the PDF format. Please download the Adobe Reader in order to view these documents.