Smithsonian Institution's Privacy Statement

Overview

Thank you for visiting the Smithsonian Institution network of Websites and reviewing our Privacy Statement. The Smithsonian Institution does not collect personal information about visitors to our Websites unless you choose to provide that information to us. The Smithsonian will use that information to respond to your message and to help us get you the information you have requested.

This Privacy Statement applies to the online activities of the Smithsonian Institution and onsite interactive activities (collectively “Websites”), with the exception of the Institution’s revenue generating and philanthropic activities which are specifically addressed in the Smithsonian Privacy Statement for Philanthropic and Revenue Generating Activities.

Information Collected and Stored Automatically

The Smithsonian uses online analytics tools such as Google Analytics, WebTrends, etc., to collect and track information about your visit so that the Smithsonian can monitor usage and make improvements. These tools may store your IP address from which you access our Website. The Smithsonian also collects anonymous data elements in aggregate form, that cannot be tied to an individual:

  • The name of the domain from which you access the Internet (for example, gmail.com, if you are connecting from a Google Online account)
  • The type of device, browser, and operating system used to access our Website
  • The date and time you access our site
  • The length of your visit
  • Demographic data
  • The location from which you access our site (approximate country, state, city and postal code based on Google Analytics data)
  • The pages, files, documents, and links that you visit and engage with
  • The domain of the website which referred you to this website (the last website you visited before visiting this one)

Additionally, to better understand our visitors and supporters, we may ask that you share additional information about you or your experience (such as, your city or state, age); your participation would be voluntary and, unless specifically stated otherwise in the request, the information you provide will not be connected with your personally identifiable information. 

Social Media

When you access or interact with the Smithsonian through a social media service such as Facebook or Instagram, we may have visibility to your profile name and other information you have made public in connection with that particular social media service. The social media companies may collect and share anonymous aggregate metrics with us regarding use, such as the total number of clicks, shares, users’ demographics (e.g., age range, gender, location).  These social media companies are not operated by the Smithsonian; use of their services is governed by the privacy policies of the social media companies. 

If You Send Us Personal Information

The Smithsonian's Websites will only collect personal information which you knowingly and voluntarily provide by, for example, sending emails, completing membership forms, registering for classes, events, or other programs, responding to surveys or ordering merchandise. If you provide us with personal information, we will respond to your inquiry, request or order. We may also contact you to provide information about Smithsonian activities, programs, membership and development opportunities, products and special events that may interest you. Except as described below, we will not share your name or information outside the Smithsonian unless you affirmatively authorize us to do so by opting-in.

When we send you such information by email, you will always have an immediate opportunity to decline further communication. Please use the contact specified in the email so that we can remove you from the list that contains your name. If you are uncertain about whom to contact, consult our special Web page to help you determine where to send your inquiry at www.si.edu/contacts.

The Smithsonian uses outside vendors to provide certain services, such as companies that process credit card transactions for the Smithsonian. These third-party vendors will have access to the information needed to perform their functions, but may not use your information for any other purpose. The Smithsonian may occasionally share, exchange, or rent information which may include your name, address, email address, and demographic data with other charitable or cultural non-profit organizations.

There may be sites within the Smithsonian’s network of Websites where you can opt-in to receive information from non-Smithsonian entities. If you opt-in, you may receive correspondence from these organizations on programs, products or services that might interest you. If you decide to opt-out of receiving any further correspondence from a non-Smithsonian entity, please correspond directly with that business or organization to be removed from its mailing list.

Please note that the Smithsonian also may provide your information to: (1) a Federal, State, or local law enforcement agency if the Smithsonian becomes aware of a violation or potential violation of law or regulation; (2) a court or party in a court or Federal administrative proceeding if the Smithsonian is a party or in order to comply with a subpoena; (3) the Department of Justice or in certain legal proceedings when the Smithsonian, an employee of the Smithsonian, or the United States is a party to litigation or has an interest in the litigation and the use of such records is deemed relevant and necessary to the litigation; (4) Smithsonian officials, including the Inspector General, as needed to perform official duties; (5) a Committee of Congress in response to a formal request; (6) protect the security or integrity of the Smithsonian Websites and services; and (7) any other person or entity as required by law.

Opt-Out and User Control

Customers may opt out of regular mailings, emails, and rental/exchange of files through contacting customer service for the relevant service.  For each Smithsonian service, customer service contact options may include phone, web, and email. Check the Website of the relevant service for contact information. 

Customers can change their email communication preferences by using the unsubscribe link at the bottom of the email or contacting customer service for the relevant service.

You may also access, update, review, correct, suppress, or remove any of the personal information you have given to us by emailing [email protected].

Data Retention

We will retain your information for the period necessary to fulfill the purposes outlined in this Privacy Statement unless a longer retention period is required or allowed by law.

Remember that even after you cancel your account, or if you ask us to delete your personal information, copies of some information from your account may remain viewable in some circumstances where, for example, you have shared information with social media or other services. Because of the nature of caching technology, your account may not be instantly inaccessible to others. We may also retain backup information related to your account on our servers for some time after cancellation or your request for deletion, for fraud detection or to comply with applicable law or our internal security or recordkeeping policies. It may not always be possible to completely remove or delete all of your information due to technical constraints or, contractual, financial or legal requirements.

Cookies, Web Beacons, and Pixels

Cookies

In addition to information collected automatically, we use cookies to support the internal functionality of the Websites. Cookies, which are small pieces of information sent to your browser by a website that you visit, are used to track usage patterns, traffic trends and customer behavior, as well as to record other information from the Website. When you register on the Websites, cookies also allow us to save information so that you will not have to re-enter it the next time you visit. Many content adjustments and customer service improvements are made based on the data derived from cookies. Some Smithsonian Websites use third-party vendors, such as Google Analytics, to place cookies and analyze the information collected by cookies in order to make the Smithsonian Websites more interesting and useful to you. No personally identifiable information is collected. Information that we collect from cookies will not be used to create profiles of individual users and only will be used in aggregate form. The data is retained for as long as necessary to support the mission of the Smithsonian Websites. You may set your browser to refuse cookies from any website that you visit. If you so choose, you may still gain access to most of the Smithsonian’s Websites, but you may not be able to conduct certain types of transactions (such as shopping) or take advantage of some of the interactive elements offered. You may opt-out of Google Analytics using the Google Analytics Opt-out Browser Add-on.

Additionally, some Smithsonian Websites may use the Demographics and Interest reporting feature for Google Analytics for Display Advertising. The data provided by this service (such as age, gender, and interests) is used to better understand visitors to these Websites and customize our Websites to our users’ interest. You may opt-out of Google Analytics for Display Advertising by visiting Ad Settings.

Web Beacons and Pixels

The Smithsonian also collects non-personally identifiable information through the use of tracking pixels that appear on our pages. A tracking pixel is a transparent graphic image (usually 1 pixel x 1 pixel) that is placed on a web page and, in combination with a cookie, allows us to collect information regarding the use of the web page that contains the tracking pixel.

We use tracking pixels to trigger ads on participating websites based on activity tracked from the browser on a device used to visit Smithsonian Websites. We also use them to tell when an advertisement we run on another website has been clicked on by Smithsonian Website visitors, and use that information to judge which advertisements are more appealing to users.

To opt out of these tracking pixels and services, please follow this link to opt out of the Google Analytics-based tools (https://tools.google.com/dlpage/gaoptout/), the Facebook Pixel (https://www.facebook.com/settings?tab=ads), and the Bing Pixel (https://choice.microsoft.com/en-US/opt-out).

Children and Privacy

The Smithsonian’s Websites are intended to be accessible and enjoyed by general audiences. We do not knowingly collect personal information from children under the age of 13, without first providing the parent or legal guardian with notice and obtaining prior verifiable consent. If a visitor known to be a child sends an email to the Smithsonian, we will only use it to respond to the writer and not to create profiles or otherwise retain the information.  Where a Smithsonian Website is specifically directed toward children under the age of 13, the terms of the Smithsonian’s Kids Online Privacy (“SKOP”) Statement will apply and the Website will include a link to the SKOP.  If a parent or guardian believes their child’s personally identifiable information was inadvertently collected, please contact [email protected].    

Security

The Smithsonian takes reasonable steps to design and manage our Websites’ technology to ensure that its information technology systems, applications, and information technology infrastructure are secure. When you use your credit card for any purchase or donation on a Smithsonian Website, that transaction is encrypted using “Transport Layer Security (TLS)” encryption to protect your credit card information when traveling over the Internet. Further, we require credit card processing be secured based on compliance with Payment Card Industry (PCI) standards.

Linking

Within the Smithsonian’s Websites are embedded applications, plug-ins, widgets, and other content links to non-Smithsonian websites. These sites operate independently of the Smithsonian and have their own privacy policies. The Smithsonian is not responsible for the privacy practices or the content of non-Smithsonian websites, and such link is not intended to be an endorsement of the non-Smithsonian website or its content. For your protection, you should review the privacy policy of the site you linked to from our website.

Contact Us

Questions and comments about this Privacy Statement may be directed to us via mail at Smithsonian Privacy Office, 1000 Jefferson Drive, SW, Washington, DC 20013 or email at [email protected]. The Smithsonian Institution is a large organization with many people sharing responsibility for the content of its Websites. Please help us respond to your comments and inquiries by sending them to the appropriate Smithsonian office. In order to help you contact the appropriate Smithsonian office, please consult our list of contacts at www.si.edu/contacts.     

Last revised: January 10, 2020