It is the policy of the Board of Equalization (BOE) that information which can be identified with a particular person ("personally identifiable information") is only obtained through lawful means and that the collection, use, retention, disclosure, and destruction of such information is in compliance with state privacy laws.
Personally identifiable information is collected by the BOE for purposes of administering the tax programs set forth in the Revenue and Taxation Code. Personally identifiable information regarding BOE employees is also collected, for purposes of personnel administration. When the BOE collects personally identifiable information, it provides the notice required by Civil Code section 1798.17 of the Information Practices Act which includes the purposes for which the information will be used. Any personally identifiable information that is collected must be relevant to the purpose for which it is collected.
Any subsequent use of personally identifiable information shall be limited to the fulfillment of purposes consistent with those purposes previously identified. Personally identifiable information shall not be disclosed, made available, or otherwise used for purposes other than those specified, without the consent of the subject of the information, or as authorized by law. As disclosed in the notice provided by the BOE in compliance with Civil Code section 1798.17, information collected by the BOE may be exchanged with or provided to other entities as authorized by law.
Information security awareness training is provided to all BOE employees. BOE employees and contractors are also required annually to review the pamphlet Information Security Requirements for Employees with Access to Confidential Information and to sign a Confidentiality Statement (BOE-4). Access to personally identifiable information is restricted to persons who have an appropriate business need for the information. Information and physical security policies and procedures are in place at the BOE to protect personally identifiable information from theft, unauthorized access, use, modification or disclosure. Internal review of BOE policies and procedures is conducted to ensure that adequate safeguards for information security are in place.
Questions regarding this policy should be directed to the Board of Equalization Disclosure Officer at BOEPRARequests@boe.ca.gov.
In compliance with Government Code section 11015.5, the State Board of Equalization (BOE) is making this Privacy Notice concerning personal information electronically collected on the BOE web site available to the public. The only personal information that is collected on the BOE web site is the IP (Internet Protocol) address of those visiting the site. The IP address is the unique Internet Protocol address of the web site visitor. The IP address will sometimes be masked by a proxy or other such equipment that connects the user to the Internet through their Internet Service Provider. Registration of a visitor's IP address in the web log of the host server is standard among all web servers. The BOE may use the IP address to monitor the usage of its web site.
Additionally, when a visitor accesses the BOE web site, a session ID is stored in a cookie on the visitor's PC. A cookie is simply a packet of information that is stored on the user's computer. The session ID stored in the cookie upon visiting the BOE site is randomly generated and is not being used or redistributed by the BOE. The session ID does not contain any information about the visitor and is merely a default functionality of the software used to create the BOE web site. The cookie will remain stored on the visitor's hard drive until such time as the visitor manually removes the cookie.
The BOE does not distribute or sell electronically collected personal information nor does the BOE reuse the IP address information. The BOE does not electronically collect any other personal information on the BOE web site.
Any information acquired by BOE is subject to the limitations set forth in the Information Practices Act of 1977 (beginning with Section 1798 of the Civil Code). Electronically collected personal information is exempt from requests made pursuant to the California Public Records Act (beginning with Section 6250 of the Government Code).