The following statements disclose the privacy practices of the US Airline Pilots Association’s public and private Internet Web sites.

Should the Association’s privacy policy change, any changes will be posted on this page. We ask that you read the following policy, and we encourage you to feel free to send us your questions or comments.

Where does the US Airline Pilots Association get information about pilot members?

• Pilot Information Database: Data about each member is based on company and pilot-provided information contained in the Association’s membership database. This data is entered into the system and updated by designated US Airline Pilots Association employees and by Committee members or their designees.
• Profiles Preferences Page: When members complete their Profiles pages on the US Airline Pilots Association Web site, they supply to the Association their e-mail address, their password, phone number, and mailing address data for the membership database.
• Usage information: Our site gathers statistical data about the number of visitors to the site and the number of visits to specific areas on the site, much in the same way that highway departments collect statistical data about vehicular traffic patterns.

How does the US Airline Pilots Association use this information?

• The US Airline Pilots Association site uses pilot information from its membership database to provide members with customized account information. Through choices indicated on their Profiles page, users may elect to receive e-mail notification when material has been posted to Web site areas to which they have access.US Airline Pilots Association uses the e-mail address information entered on the Preferences page to send e-mail messages to pilot members when they have elected to participate in this service. US Airline Pilots Association DOES NOT share this information with US Airways.
• In addition, the Association transmits on a periodic basis, to each pilot e-mail address it has on file, the "US Airline Pilots Association E-Update," a Communications Department publication containing information about the Association’s activities, accomplishments, and concerns, as well as industry developments and issues affecting members and the piloting profession. Recipients may decline to receive these e-mail messages at any time.
• Just as highway departments use statistical data to determine how often and to what degree roads must be maintained and improved, the Association uses "site traffic" data as a basis for deciding how site pages can be improved and be made as useful as possible to as many pilot members as possible.

How may members access, update, or correct their information?

• At any time, members may add or change any information contained on their Members Only Profiles page.
• In addition, members may contact the Information Systems Department to review, add, or change any personal information contained in the Association’s pilot database.

With whom does the US Airline Pilots Association share its membership information?

US Airline Pilots Association does not sell personal information about pilot members, nor does it release or disseminate personal information about pilot members to advertisers, third parties, or any other entities, unless required by a court. The US Airline Pilots Association may provide information to third parties contracted by the Association at the direction of the Board of Directors or the membership. The information provided will only be the minimum necessary for the requested service.

With whom does the US Airline Pilots Association share its members' credit card, donation and other personal information?

US Airline Pilots Association does not share credit card, donation, purchase or other personal information about pilot members with any third party.

What safeguards are in place to protect the loss, misuse, or alteration of pilot information?

All information containing personal data (log-in number and password, mailing preferences, etc.) provided to and from the US Airline Pilots Association is transmitted using SSL (Secure Socket Layer) encryption. SSL is a proven encryption standard that secures Internet transactions to and from Internet browsers.

What other information should members know about their privacy?

www.usairlinepilots.org contains links to other Web sites. Members should note that when they click on links to these sites, they are entering sites for which the US Airline Pilots Association has no responsibility for either content or the privacy of any data that may be intentionally or inadvertently transmitted to that site. The Association encourages members to read the privacy statements of all such sites as their policies may be materially different from the US Airline Pilots Association’s privacy statement. Members are solely responsible for maintaining the secrecy of their passwords as well as any account information. They are urged to be careful, responsible, and alert with this information, especially whenever they are logged on to an Internet site.

What are cookies, and how does the US Airline Pilots Association use them?

Cookies are small text files that are created on your computer and used by many sites to store information about you to customize your visit to those sites. The US Airline Pilots Association does not use cookies to store personal information about you. The US Airline Pilots Association creates a randomly generated session variable when you log in; your session variable is stored in a cookie. The session variable, which is provided via the cookie, becomes your ticket to the US Airline Pilots Association site. When you go from page to page within the site, this ticket is checked to see if you are authorized to access specific data. Much like a movie ticket, it does not include any personal information.

Do I need to accept cookies?

Yes. Your browser's settings must be set to "always accept cookies" or "prompt before accepting cookies" in order to enter the Members Only section.

How do cookies work?

Cookies are small data structures delivered by a Web site (US Airline Pilots Association) to a Web client (you). The Web site may deliver one or more cookies to the client. The client stores cookie data in one or more flat files on its local hard drive. In certain cases (determined by the data in the cookie itself), the client returns the cookie to the server that originally delivered it.

Can cookies read information from a user's hard drive?

No. Cookies can only store data that is provided by the server or generated by an explicit user action.

Can cookies be used to gather sensitive information, such as a user's e-mail address?

Cookies can be used to store any information that the user volunteers. They cannot be used to gather sensitive information. As stated above the US Airline Pilots Association does not store this personal information in a cookie.

Where are cookies stored?

Cookie data is stored unencrypted on the user's hard drive (although during a user’s current session it is stored in memory). The file name is different for each platform. For example, on Windows machines, cookie data is stored in a file called COOKIE.TXT.

How long do cookies last?

A Web site may set an expiration date for a cookie it delivers. If no expiration date is specified, the cookie is deleted when the user quits the browser. When you exit the the US Airline Pilots Association Web site using the logoff button, the US Airline Pilots Association-created cookie expires immediately. If you exit the site without using the logoff button, the cookie expires 20 minutes after you first logged on to the site. Because the US Airline Pilots Association site contains personal information about you, it is recommended that you use the logoff button to exit the site if you are using a computer shared by multiple users.

Can malicious sites read cookie information used by another site?

Cookies are designed to be read only by the site that provides them, not by other sites.

Why are cookies useful?

Cookies allow Web sites to maintain information on a particular user across HTTP connections. The current HTTP protocol is stateless, meaning that the server does not store any information about a particular HTTP transaction; each connection is "fresh" and has no knowledge of any other HTTP transaction. "State" information is information about a communication between a user and a server, similar in many ways to frequent flyer profiles or option settings in desktop software. (For example, a preference for aisle or window seats is cookie-like information that a frequent flyer program might store about one of its customers.) In some cases it is useful to maintain state information about the user across HTTP transactions.

What kind of client-side information can Web servers store?

User information may be stored in the cookie or in a database on the Web site. This information may be provided by either the user or the Web site provider. Some scenarios include the following:

• Alice is shopping at a particular Web site that uses a shopping cart metaphor. She puts items into a shopping cart by clicking a link or an "Add to Shopping Cart" button. Cookies can be used to store or reference information on the contents of Alice's shopping cart so that she can conveniently purchase a cart full of items rather than one item at a time.
• Bob clicks around a Web site that allows users to view articles for a small charge. Cookies can be used to store or reference information about which articles he has viewed (that is, a list of URLs) so that he can pay for them all at once rather than each time he downloads an article.
• Carl fills out a Web form with his name, address, and other information. Cookies can be used to store or reference this information so that the next time Carl visits the site, the information is automatically uploaded and he doesn't have to provide it again. If the form contains sensitive information such as a credit card number or a mailing address, the cookies can be delivered over a Secure Sockets Layer, which encrypts the information as it travels between the client and server.
• Don logs in to a Web site that requires a user name and password. When Don's user name and password pair is successfully verified, the server passes down a cookie that functions as a "guest pass" allowing him access to certain areas of the Web site. After a set time period, perhaps half an hour or a day, the guest pass expires and Don must log in again.

Each of these examples illustrates one of two things: Either the server provides information (as in the last example) or the user provides information by taking some action, such as clicking a link or button or filling out a form.

What products support cookies?

Netscape Navigator has supported cookies since version 1.0. Microsoft Internet Explorer has supported cookies since version 2.0.

Does every browser implement cookies in the same way?

Not necessarily. Because the use of cookies is just becoming an official standard, there may be some subtle differences that do not affect how they work. Some browsers use a single file for all cookies; others use a folder with a separate file for each cookie.

To set your computer to allow you to control which cookies you accept: You may order your browser to accept all cookies or to alert you every time a cookie is offered. Doing this allows you to decide whether to accept a cookie or not.

• In Internet Explorer 4.0: Choose View | Internet Options | Advanced tab. Scroll down to the yellow exclamation icon under Security and choose one of the three options that regulates your use of cookies.
• In Internet Explorer 5.0: Go to Tools | Internet Options | Security | Custom Level. Select your cookies option.
• In Netscape Communicator/Navigator 4.0: From your task bar, select Edit | Preferences | Advanced. Set your options in the box labeled "Cookies."

Why did I get a "no cookie" error?

The "No cookie" error message means one of two things: The cookie was never received or accepted by your browser, or your browser failed to return the cookie with your request for a page. In order for this system to work, the server and browser need to work together. Unfortunately, different browsers handle cookies differently. Some browsers don’t handle them at all. And some browsers that should handle cookies don’t, or they don’t under certain circumstances. We know that certain browsers do not work: older versions of AOL (for Windows 3.1), for example, or CompuServe software releases prior to and including 3.02. The problems with CompuServe have been corrected with the issuance of CompuServe 3.04. If you receive the "No cookie" message, go back and try again. If that doesn’t work, here are a few suggestions:

• Use either Microsoft Internet Explorer version 3.0 or higher or Netscape 3.0 or higher.
• Make sure your cookies are not disabled.
• For help from the US Airline Pilots Association please be sure to note the version of the browser you are using, as well as the type of operating system you’re using (Windows NT, 95, or 3.1; MAC, etc.).