U.S. Department of Health and Human Services

NIDDK Privacy Statement

Protecting your privacy is very important to us. We do not collect any personally identifiable information (PII) about you during your visit to the NIDDK website unless you choose to provide it to us. We do, however, collect some data about your visit to our website to help us better understand how the public uses the site and how to make it more helpful. We collect information from visitors who read, browse, and/or download information from our website. NIDDK never collects information for commercial marketing or any purpose unrelated to the NIDDK mission and goals.

When visitors send email messages containing personal information to the general NIDDK.NIH.gov email box, NIDDK staff responds to the letters and files them. Only designated staff members requiring access to the emails to respond may view or answer them.

Types of Information Collected

When you browse through any Website, certain information about your visit can be collected. We automatically collect and temporarily store the following information about your visit:

Domain from which you access the Internet
IP address (an IP address is a number that is automatically assigned to a computer when surfing the Web)
Operating system and information about the browser used when visiting the site

  • Date and time of your visit
  • Pages you visited
  • Address of the website that connected you to an NIH Website (such as google.com or bing.com)

We use this information to measure the number of visitors to our website and its various sections and to help make our site more useful to visitors.

How NIDDK Collects Information

NIDDK websites use a variety of different web measurement software tools and specific information regarding information collection can be found on their respective websites.

NIDDK.NIH.gov uses Webtrends and Google Analytics measurement software to collect the information in the bulleted list in the Types of Information Collected section above. Webtrends and Google Analytics collect information automatically and continuously. No personally identifiable information is collected. The NIDDK staff conducts analyses and reports on the aggregated data from Webtrends and Google Analytics. The reports are only available to NIDDK.NIH.gov managers, members of the NIDDK.NIH.gov Communications and Web Teams, and other designated staff who require this information to perform their duties.

NIDDK also uses online surveys to collect opinions and feedback from a random sample of visitors. NIDDK.NIH.gov uses the ForeSee Results’ American Customer Satisfaction Index (ACSI) online survey to obtain feedback and data on visitors’ satisfaction with the NIDDK.NIH.gov website and other sites managed by NIDDK. This survey does not collect personally identifiable information. Although the survey invitation pops up for a random sample of visitors, it is optional. If you decline the survey, you will still have access to the identical information and resources at the NIH.gov site as those who do take the survey. The survey reports are available only to NIDDK.NIH.gov managers, members of the NIDDK.NIH.gov Communications and Web Teams, and other designated staff who require this information to perform their duties.

NIDDK retains the data from Webtrends and ACSI survey results as long as needed to support the mission of the NIDDK.NIH.gov website.

How NIDDK Uses Cookies

The Office of Management and Budget Memo M-10-22, Guidance for Online Use of Web Measurement and Customization Technologies allows Federal agencies to use session and persistent cookies.

When you visit any website, its server may generate a piece of text known as a "cookie" to place on your computer. The cookie allows the server to "remember" specific information about your visit while you are connected.

The cookie makes it easier for you to use the dynamic features of web pages. Cookies from NIDDK web pages only collect information about your browser’s visit to the site; they do not collect personal information about you.

There are two types of cookies, single session (temporary) and multi-session (persistent). Session cookies last only as long as your web browser is open. Once you close your browser, the cookie disappears. Persistent cookies are stored on your computer for longer periods.

Session Cookies: We use session cookies for technical purposes such as to enable better navigation through our site. These cookies let our server know that you are continuing a visit to our site. The OMB Memo 10-22 Guidance defines our use of session cookies as “Usage Tier 1—Single Session.” The policy says, “This tier encompasses any use of single session web measurement and customization technologies.”

Persistent Cookies: We use persistent cookies to enable website analytics programs to differentiate between new and returning NIH.gov visitors. Persistent cookies remain on your computer between visits to NIH.gov until they expire. We also use persistent cookies to block repeated invitations to take the ACSI survey. The persistent cookies that block repeated survey invitations expire in 90 days. The OMB Memo 10-22 Guidance defines our use of persistent cookies as “Usage Tier 2 – Multi-session without Personally Identifiable Information (PII).” The policy says, “This tier encompasses any use of multi-session Web measurement and customization technologies when no PII is collected.”

How to Opt Out or Disable Cookies

If you do not wish to have session or persistent cookies placed on your computer, you can disable them using your Web browser. If you opt out of cookies, you will still have access to all information and resources at NIH.gov. Instructions for disabling or opting out of cookies in the most popular browsers are located at http://www.usa.gov/optout_instructions.shtml. Please note that by following the instructions to opt-out of cookies, you will disable cookies from all sources, not just those from NIDDK.NIH.gov.

How Personal Information Is Protected

You do not have to give us personal information to visit the NIDDK websites. However, if you choose to receive alerts or e-newsletters, we collect your email address to complete the subscription process.

If you choose to provide us with personally identifiable information, that is, information that is personal in nature and which may be used to identify you, through an e-mail message, request for information, paper or electronic form, questionnaire, customer satisfaction survey, epidemiology research study, etc., we will maintain the information you provide only as long as needed to respond to your question or to fulfill the stated purpose of the communication. If we store your personal information in a record system designed to retrieve information about you by personal identifier (name, personal email address, home mailing address, personal or mobile phone number, etc.), so that we may contact you, we will safeguard the information you provide to us in accordance with the Privacy Act of 1974, as amended (5 U.S.C. Section 552a).

If NIDDK operates a record system designed to retrieve information about you in order to accomplish its mission, a Privacy Act Notification Statement should be prominently and conspicuously displayed on the public-facing website or form which asks you to provide personally identifiable information. The notice must address the following 5 criteria:

  1. NIDDK legal authorization to collect information about you
  2. Purpose of the information collection
  3. Routine uses for disclosure of information outside of NIDDK
  4. Whether the request made of you is voluntary or mandatory under law
  5. Effects of non-disclosure if you choose to not provide the requested information
For further information about the NIDDK privacy policy, please contact the NIDDK Privacy Act Liaison.

Third-Party Web Sites and Applications including Social Media Sites

AddThis: NIDDK.NIH.gov uses the AddThis service to allow visitors to bookmark and share the News in Health Web site content on a variety of social media sites. Visitors who use the AddThis service to share content do not need to register or provide any personal information. The AddThis service providers collect non-personal data, including the aggregate and summary statistics on browsers and usage patterns. AddThis also uses non-personal data to manage the service efficiently and diagnose server problems. Although AddThis offers some analytics and usage data to NIH, these reports do not include any personally identifiable information. The reports are password protected and only available to NIH.gov managers, members of the NIH.gov Communications and Web Teams, and other designated staff requiring this information to perform their duties. The AddThis Privacy policy is available at: http://www.addthis.com/privacy.

Facebook: NIDDK uses Facebook to share information about NIDDK and NIDDK program activities via short messages known as “wall posts.” NIDDK.gov has three Facebook pages—National Institute of Diabetes and Digestive and Kidney Diseases (NIDDK) , Make the Kidney Connection (NKDEP) , and National Diabetes Education Program (NDEP) . Many other NIH Institutes and Centers (I/Cs) sponsor their own Facebook pages. The privacy policies for the other I/Cs Facebook pages are located on the individual I/C’s website.

On each of the NIDDK.NIH.gov Facebook pages, NIDDK.NIH.gov staff posts news and other items of interest to citizens. If you have a Facebook account or “Like” NIDDK Facebook pages, you can post comments or click on the “Like” option for individual entries. If you comment or click on the “Like” button, personally identifying information will be visible to NIDDK staff and other Facebook site visitors. The amount of visible personal information will depend on your own Facebook privacy settings. You can completely avoid displaying any personally identifiable information by not creating an account, not posting comments and not clicking on the “Like” options in Facebook. NIDDK staff does not collect, use or disclose any information about visitors who comment or “Like” the NIDDK Facebook sites. Facebook collects and reports on non-personally identifiable information about activities on Facebook pages. This information is password protected and only available to NIDDK.NIH.gov managers, members of the NIDDK.NIH.gov Communications and Web Teams, and other designated staff who require this information to perform their duties. The Facebook privacy policy is available at: http://www.facebook.com/policy.php

Go.USA.Gov and Bit.ly: NIDDK uses go.usa.gov and bit.ly to shorten long URLs for use in email messages, Twitter feeds, and on Facebook pages. Go.USA.Gov and Bit.ly collect and provide data on how often email recipients and Facebook and Twitter-users click on the shortened URLs distributed by NIDDK.NIH.gov staff. Go.USA.Gov and Bit.ly analytics show how many people clicked on the URLs posted by NIDDK compared to the total number of clicks on the shortened URLs. Go.USA.Gov and Bit.ly analytics do not provide any personally identifiable information about the visitors who opened the shortened links. The Go.USA.Gov Privacy Statement is available at https://go.usa.gov/privacy_statement. The Bit.ly Privacy policy is available at: http://bit.ly/pages/privacy

GovDelivery Subscription Management: NIDDK uses GovDelivery to send e-newsletters, alerts and other messages to visitors who subscribe to them. To subscribe to an NIH product, you must provide an email address and indicate your subscription preferences, including the items you want to receive. The email subscriber lists are password protected by GovDelivery. Only the NIDDK managers who send newsletters, alerts or memos via GovDelivery and staff members who monitor the results of email initiatives have access to the subscriber lists. GovDelivery never allows access to the subscriber lists to anyone outside of NIDDK or for any purpose. GovDelivery collects and provides non-identifying information about the number of messages sent, clicks and open rates. This information is password protected and only available to NIDDK.NIH.gov managers, members of the NIDDK.NIH.gov Communications and Web Teams, and other designated staff who require this information to perform their duties. The GovDelivery privacy policy is available at: http://www.govdelivery.com/legal-privacy

Slideshare: NIDDK uses SlideShare to post and embed presentation slides and accompanying audio to its websites. You do not need to register with SlideShare to view NIDDK presentations. When visitors view presentations, SlideShare may record non-personally identifiable information about its site usage, such as time spent on the site, pages visited, and data transfer details to improve its services. If you log on to the SlideShare site before viewing NIDDK presentations, SlideShare may associate information about your site use with your SlideShare account. If you log on to SlideShare and comment on an NIDDK presentation, any personal information you included when registering for your account will be visible to visitors who click on the comment. If you do not log in before watching NIDDK presentations posted on SlideShare, your site use will not be associated with your SlideShare account. The SlideShare privacy policy is available at: http://www.slideshare.net/privacy

Twitter: NIDDK uses Twitter to send short messages, up to 140 characters, which are also known as “Tweets” to share information about NIDDK with visitors and respond to comments and inquiries sent via Twitter to NIDDK. While visitors may read the NIDDK Twitter feeds without subscribing to them, visitors who want to subscribe to (or follow) NIDDK Twitter feeds must create a Twitter account at www.twitter.com. To create an account, you must provide some personal information, such as name, user name, password and email address. Visitors have the option to provide additional personal information including a short biography, location or a picture. Most information you provide for a Twitter account is available to the public, but you can modify how much of your information is visible by changing your privacy settings at the Twitter.com Web site. NIDDK staff members monitor the number of subscribers and respond to comments and queries via Twitter, but the staff never takes possession of the personal information belonging to Twitter followers. NIDDK does not collect, maintain, disclose or share any information about people who follow NIDDK on Twitter. The Twitter privacy policy is available at: http://twitter.com/privacy

Widgets: NIDDK.NIH.gov offers a variety of widgets that deliver small versions of selected NIDDK.NIH site content to other online locations outside of the site where the content originated. Widgets are portable pieces of code. Visitors can install the widgets on any PC or Mac web page without requiring additional coding or configuration. NIDDK.NIH.gov widgets deliver information and links to any site or application where the widgets are installed. NIDDK.NIH widgets do not collect any type of personally identifying information from visitors who install NIDDK.NIH.gov widgets. The WidgetBox.com privacy policy is available at: http://www.widgetbox.com/info/legal/privacy-policy Note: This is the privacy policy for the website www.widgetbox.com (widget program creator), not the widgets themselves.

YouTube: NIDDK.NIH.gov posts videos on YouTube to make them available to all NIDDK.NIH.gov visitors. You do not need to register with either YouTube or Google (YouTube owner) to watch NIDDK.NIH.gov videos. When visitors watch videos, YouTube may record non-personally identifiable information about its site usage, such as channels used, videos watched, and data transfer details to improve its services. If you log on to the YouTube site before watching NIDDK videos, YouTube may associate information about your site use with your YouTube account. If you log on to YouTube and comment on a NIDDK video, any personal information you included when registering for your account will be visible to visitors who click on the comment. If you do not log in before watching NIH videos posted on YouTube, your site use will not be associated with you or a YouTube account. The YouTube privacy policy is Google's privacy policy: http://www.google.com/intl/en/policies/privacy/

How Social Media Sites Are Managed

The NIDDK social media accounts—on websites such as Facebook, Linked-In, Twitter, and YouTube—are managed by the staff of the NIDDK Information Office, NIDDK Information Clearinghouses, and Education Programs, which are services of the NIDDK, NIH.

If you connect with the NIDDK on any social media site, you can expect some or all of the following:

  • information about new and updated resources from the NIDDK
  • invitations to provide feedback about specific issues
  • information about new research findings
  • information about other NIDDK activities, such as exhibits at conferences for health care professionals
  • information about other resources

Availability: We will update and monitor our social media accounts during office hours, 8:30 a.m. to 5:00 p.m., Monday through Friday, Eastern Standard Time (EST). Social media sites may occasionally be unavailable, and we accept no responsibility for lack of service due to third-party website downtime.

Posted Comments: We welcome feedback and ideas from all our fans; and, we endeavor to join the conversation whenever possible. However, we are not able to respond individually to all the comments we receive via social media.

By your commenting, we do not gather any information about you, other than information automatically collected and stored when you visit any of our websites and you choose to provide that information to us. The NIDDK will not share or sell any personal information obtained from users with any other organization or government agency except as required by law.

Posted comments will be retained to comply with records retention guidelines as set by Section 44 of the United States Code, chapters 31 and 35, Office of Management and Budget (OMB) Circular A-130 and NARA regulations in 36 CFR ch. XII, subchapter B. NIDDK staff reads all comments and ensures any emerging themes or helpful suggestions are passed to the relevant staff members or department.

The usual ways of contacting us for official correspondence are detailed in the Contact NIDDK section of the NIDDK website.

Online Ordering Privacy and Security


Ordering Online with us is safe and secure. The security of the information included in your order is very important to us. We use the 128-bit Secure Socket Layer (SSL) protocol to protect the security of your online order information. SSL technology encrypts your order information so it cannot be decoded by anyone other than NIDDK and contracted companies.

Once you enter the checkout page, your computer will begin communicating with our server in secure mode. You can tell that you are in secure mode by the following:

  • The “http” in the web address will be replaced by “https”. 
  • Only browsers that use the 128-bit SSL protocol are able to order through the NIDDK website. If your browser does not support SSL, you can get an upgrade at the Microsoft, Firefox, or Apple home page.

​​​​​​​​​​