Welcome to the Operational Services Division's (OSD) Web site. Your privacy is one of our top priorities as we are committed to maintaining the confidentiality, integrity and security of private information entrusted to us by visitors to our Web site. The following policy applies only to the use of OSD's Web site. Other Web sites operated by other state agencies have different privacy policies. We strongly suggest that you read the privacy policies for each Commonwealth Web site that you visit as well as the privacy policies which may be provided at any external site that you visit through a link appearing at this site.

A Privacy Partnership. Your privacy with respect to the use of this Web site results from a partnership between the Commonwealth and you, the user. At this Web site, we attempt to protect your privacy to the maximum extent possible. However, because some of the information that we receive through this Web site is subject to the Public Records Law, Massachusetts General Laws Chapter 66, Section 10, we cannot ensure absolute privacy. Information that you provide to us through this site may be made available to members of the public under that law. This policy informs you of the information that we collect from you at this site, what we do with it, to whom it may be disseminated, and how you can access it. Based on this information, you can make an informed choice about your use of this site. You can maximize the benefits of your privacy partnership with the Commonwealth by making informed choices about whether to share personally identifiable information with us through this site.

Personally Identifiable Information. We use the term "personally identifiable information" to mean any information that could reasonably be used to identify you, including your name, address, e-mail address, Social Security number, birth date, bank account information, credit card information, or any combination of information that could be used to identify you.

Information Voluntarily Provided by You. This site collects voluntary information through the e-mail messages you choose to send through this site. E-mail messages sent by you to this site will contain personally identifiable information such as your email address and any other information you choose to give us to help us answer your inquiry. In general : OSD also openly and intentionally collects voluntary information, which is input by users electronically on five of our Web sites. This information supports core business requirements relative to OSD's procurement oversight responsibilities, including: Commonwealth Procurement Access and Solicitation System (Comm-PASS) BuySmart public purchasing service and SmartBid vendor subscription service; Uniform Financial Statements and Independent Auditor's Report (UFR); registration requirements for the Statewide Training And Resources (STAR) Exposition, the Affirmative Market (AMP) Vendor Trainings, AMP Recognition Day, AMP Fiscal Year Kick-off and Environmentally Preferable Products (EPP) Vendor Fair web sites. In addition, we collect voluntary information, input by users who would like to receive up-to-date environmental purchasing information in your email by electronically subscribing to the EPP Buyer Update on the OSD Home Page.

1. Comm-PASS BuySmart and SmartBid services: On our Web-based Comm-PASS system, we collect (a) information including file uploads from public purchasers that join the BuySmart community to access Web-based tools which enable automated email notification, approval workflow, and record creation, posting and management, and (b) information including file uploads from bidders who choose to subscribe to SmartBid for access to Web-based tools which enable automated email notification for all posted procurement records, business directory listing, online bidders' forums, and online bid response.

2. Uniform Financial Statements and Independent Auditor's Report (UFR): On our UFR eFile Web site, we collect personally identifiable information relative to financial information from Human and Social Service providers under contract with the Commonwealth. This information is then immediately viewable on this site. When applicable, for Human Service Providers that are inputting information into the UFR's D1 schedule entitled Supplemental Program Outcome and Output Measures, we collect personally identifiable information regarding performance by contractors. This information is then viewable in OSD-generated reports.

3. Statewide Training and Resources (STAR): We collect information from vendors and attendees seeking to register for the STAR exposition. The click-through registration forms are open when the event is accepting registrations.

4. Affirmative Market Plan (AMP) : We collect information from attendees seeking to register for the AMP Vendor Training sessions (two per year), the AMP Recognition Day and the AMP Fiscal Year Kick-off meetings. The click-through registration forms open when the events are accepting registrations.

5. Environmentally Preferable Products (EPP) Vendor Fair: We collect information from vendors and attendees seeking to register for the EPP Vendor Fair. The click-through registration forms open when the events are accepting registrations.

Information Automatically Collected and Stored by this Site. This Web site does not use permanent "cookies". However, the site uses temporary "session cookies" to allow visitors to interact with the Portal and to use online applications. "Session cookies" do not allow us to personally identify a visitor. These cookies are stored only in memory and are deleted when the user's browser is shut down.

This site does collect and store indefinitely your "Internet Protocol ("IP") address," (which does not identify you as an individual), as well as information about the date and time of your visit, whether a file you have requested exists, and how many "bytes" of information were transmitted to you over the Web from this site. We use your IP address to assess the frequency of visits to this site and the popularity of its various pages and functions. We will not attempt to match any personally identifiable information that you provide to us with your IP address, unless there are reasonable grounds to believe that doing so would provide information that is relevant and material to a criminal investigation.

Dissemination of Your Personally Identifiable Information. We do not sell any personally identifiable information collected through this Web site or submitted to the Commonwealth in conjunction with using the functions on the website, and there is no direct or online public access to this information. However, once you voluntarily submit personally identifiable information to us through an e-mail, eFiling and/or click-through form, its dissemination is governed by the Public Records Law, the Massachusetts General Laws Chapter 66A (Fair Information Practices Act), Executive Order 412, and other applicable laws and regulations. For this reason, part or all of the information you send us may be provided to a member of the public in response to a public records request.

In addition, the information that you voluntarily submit will be disclosed only to Commonwealth employees or officials with a "need to know" for purposes of fulfilling their job responsibilities. They will only use the information to answer your questions, respond to any requests for assistance, and fulfill the Commonwealth's legal obligations. Where appropriate, we may provide the information submitted by you to the person or company that is the subject of your inquiry, or to a government agency responsible for the matters referred to in your communication.

Your Access and Opportunity to Correct. The Public Records Law and the Fair Information Practices Act provide you certain rights to get information about you that is in our records. To learn more about the circumstances under which you can get and correct this information, please click on the above references to these laws.

Security. Because this site does not encrypt incoming e-mail, you should not send information that you consider highly sensitive through this Web site. We use standard security measures to ensure that information provided by you including your personally identifiable information is not lost, misused, altered, or unintentionally destroyed. We also use software programs to monitor network traffic to identify unauthorized attempts to upload or change information, or otherwise cause damage. Except for authorized law enforcement investigations, no attempts are made to identify individual users or their usage habits.

Special Protections Against Misuse Of Personally Identifiable Information Within Commonwealth Offices.
In 1999, Acting Governor Swift issued Executive Order 412, which enhanced the privacy protection given to any information about you as a named individual held by the Executive Department of state government. Executive Order 412 limits the collection and dissemination of personally identifiable information within the Executive Department. This site complies with Executive Order 412, so all of the personally identifiable information that you submit to this site is given the privacy protections set forth in Executive Order 412.

Policy changes. We will post changes to this policy at least 30 days before they take effect. Any information we collect under the current privacy policy will remain subject to the terms of this policy. After any changes take effect, all new information we collect, if any, will be subject to the new policy.

Contact Information. For questions about your privacy while using this Web site, please contact OSD at 617-720-3300.


Cookies are files that a Web site can place on your computer. A cookie file contains unique information that a Web site can use to track such things as your password, lists of Web pages you have visited, and the date when you last looked at a specific Web page, or to identify your session at a particular Web site. A file allows the Web site to recognize you as you click through pages on the site and when you later revisit the site. A Web site can use cookies to "remember" your preferences, and to record your browsing behavior on the Web. Although you can prevent Web sites from placing cookies on your computer by using your browser's preference menu, disabling cookies may affect your ability to view or interact with some Web sites.

An " Internet Protocol Address" or "IP Address" is a series of numbers that identifies each computer and machine connected to the Internet. An IP address enables a server on a computer network to send you the file that you have requested on the Internet. The IP address disclosed to us may identify the computer from which you are accessing the Internet, or a server owned by your Internet Service Provider. Because it is machine-specific, rather than person-specific, an IP address is not, in and of itself, personally identifiable information.

Last Updated on March 1, 2007