top of page

Website Privacy Policy
Moab Mosquito Abatement District (MMAD) moabmad.org

Website Privacy Policy 
Version [1.2], Effective October 7, 2025
Last Revised: December 9, 2025
 
1. Purpose & Scope
The Moab Mosquito Abatement District (“we,” “us,” or “MMAD”) is committed to protecting the privacy and security of personal data collected via our website and other means in accordance with Utah law, including Utah Code § 63A-19-402. This policy describes how we collect, use, share, protect, and retain personal data, as well as the rights you have with respect to your personal data.
This policy applies to personal data collected or processed by MMAD in connection with its website (e.g. www.moabmad org), as well as forms, applications, surveys, or other interactions by which we collect personal data (unless a separate privacy notice applies). This policy does not apply to student data subject to FERPA or other special rules (if applicable), or to data collected by third-party sites not operated by MMAD.
 
 
2. Definitions
For purposes of this policy:

  • Personal data (or “personal information”) means information that is linked or reasonably linkable to an identified or identifiable individual.

  • Processing means any operation performed on personal data, including collection, recording, storage, retrieval, use, disclosure, alteration, erasure, or destruction.

  • Record series has the same meaning as under Utah law (i.e. a group of records under a common retention/disposition schedule).

  • Contractor means a person or entity entering into a contract with MMAD and processing personal data on MMAD’s behalf.

 
 
3. Information We Collect & How
 
3.1 Automatic / Technical Information
When you visit our website, we may automatically collect certain technical information, such as:

  • Your IP address

  • Browser type and version

  • Operating system

  • Date and time of access

  • Pages visited / path through the site

We use this information for site analytics, operational diagnostics, and improving the user experience. We do not attempt to link this information to personal identity unless explicitly stated.
 
3.2 Voluntary / Submitted Information
We may request or collect personal data when you interact with us, such as:

  • Contact forms (name, email address, phone number)

  • Service requests, complaints, or inquiries

  • Volunteer, employment, or contractor forms

  • Survey responses

  • Any other information you choose to provide

When we request or collect personal data directly from you, we will provide you with a personal data request notice (see Section 4) as required by Utah Code § 63A-19-402.
We will limit our collection to the minimum amount of personal data reasonably necessary to achieve the specified purpose. (See Utah Code § 63A-19-401(2)(c)).
 
 
4. Personal Data Request Notice & Use of Data
In compliance with Utah Code § 63A-19-402:

  • At the point where personal data is requested or collected, we will provide you (or your legal guardian) with a personal data request notice.

  • That notice will include:

    1. The reasons we are requesting the personal data (i.e. the purpose(s))

    2. The intended uses of the personal data

    3. The consequences (if any) for refusing to provide the personal data

    4. The classes of persons or entities that will share this data with us, or to whom we will disclose it (regularly or under contract)

    5. The record series in which the personal data will be included (if applicable)

  • We may provide that notice by posting it prominently where data is collected, including it on the form or document itself, or linking via QR code or electronic link. Utah Code § 63A-19-402(3) and (4).

  • Upon your request, we will provide the same notice for data you have previously furnished. Utah Code § 63A-19-402(5).

  • We will use personal data only for the purposes stated in the notice, unless otherwise required or permitted by law. Utah Code § 63A-19-402(6).

 

5. How We Use and Share Personal Data
We may use and share personal data as follows:

  • To respond to your inquiries or requests

  • To administer services, permits, inspections, or compliance processes

  • To manage internal business processes, recordkeeping, or audits

  • To comply with applicable laws, regulations, or court orders

  • To contract with third parties (contractors) to perform services on our behalf; when doing so, we will require them to safeguard personal data and only use it for MMAD’s purposes

  • Aggregated or de-identified data, for statistical or planning purposes

We will not sell personal data. Utah Code § 63A-19-402(3)(b).
We will not use undisclosed or covert surveillance of individuals unless permitted by law. Utah Code § 63A-19-402(3)(a).
 

6. Data Security & Integrity
We will maintain reasonable administrative, technical, and physical safeguards to protect personal data against unauthorized access, disclosure, alteration, or destruction.
Contractors and third parties with whom we share data will be contractually bound to meet equivalent security standards (as required by Utah Code § 63A-19-401(4)).
 

7. Data Retention & Disposal
We will retain personal data only as long as necessary to fulfill the purposes set out in the personal data request notice, or as required by law or our record retention schedules under GRAMA or other applicable law.
When data is no longer needed, we will securely dispose of or de-identify it.
8. Access, Correction, and Deletion
Where not prohibited by law, you (or your legal guardian) may:

  • Request disclosure of the personal data we hold about you

  • Receive the personal data request notice (if not already provided)

  • Request correction of inaccurate personal data

  • Request deletion of personal data, subject to legal or operational constraints

We will respond to your request within a reasonable time.
 

9. Data Breach Notification
In the event of a data breach (unauthorized access, disclosure, or loss) involving personal data, we will notify affected individuals or their legal guardians as required under Utah Code § 63A-19-406 (or applicable breach-notification rules).
 

10. Contractors & External Parties
When we engage contractors or third parties to process personal data on our behalf:

  • We will require contractual assurances that they comply with applicable privacy requirements

  • They may only access or use the data for purposes consistent with our instructions

  • They will maintain security safeguards consistent with this policy

 

11. Employee & Contractor Training
We will ensure that employees with access to personal data complete periodic data privacy training (in compliance with Utah Code § 63A-19-401(2)(j) & associated rules).
 

12. Cookies, Tracking & External Links
Our site may use cookies, web beacons, or similar technologies to collect usage data (e.g. page visits, time on site). These are generally not linked to personally identifying information unless you submit data.
We may link to external websites operated by third parties; we are not responsible for their privacy practices.
 

13. Changes to This Privacy Policy
We may update this privacy policy from time to time. We will post the revised version here, with an updated effective date. Personal data collected while a given version is in effect will be handled in accordance with that version.
 

14. Contact Us / Privacy Officer
If you have questions, concerns, or requests about your personal data or this privacy policy, please contact:
 

Moab Mosquito Abatement District
PO Box 142
Moab UT 84532
Email: info@moabmad.org
 
Phone: 435-259-9526
You may also contact the Utah Office of Data Privacy or the Utah Data Privacy Ombudsperson for assistance or guidance.

bottom of page