ECWA Logo

Erie County Water Authority

Providing Water You Can Trust

Terms & Conditions

By submitting your information, you hereby agree to the following Terms and Conditions.

The ECWA Alert System is to allow you to be notified of alerts by either email, home phone, cell phone, or by text message. The Erie County Water Authority (the Authority) shall abide by its Communication Privacy Policy (below), and these terms and conditions, in the handling and management of this program. By supplying your information, you (the user) are providing your consent for the Authority to use this information to contact you, and to supply such information to any third parties that the Authority may use to facilitate contacting you, for non-commercial purposes, in case of a relevant water main break, or other such relevant emergency. This includes, but is not limited to using auto-dialers, or artificial/pre-recorded messages. Message frequency is based on frequency of relevant emergencies or water main breaks. Message and data rates may apply.

If you subscribed for Non-emergency public notices, the Authority shall abide by its Communication Privacy Policy (below), and these terms and conditions, in the handling and management of such notices. By supplying your information, you (the user) are providing your consent for the Authority to use this information to contact you, and to supply such information to any third parties that the Authority may use to facilitate contacting you, for non-commercial purposes, to provide such non-emergency public notices. This includes, but is not limited to, auto-dialers, or artificial/pre-recorded messages. The Authority will not text a user any non- emergency public notices.

The Authority is not responsible for incomplete, lost, late, or misdirected messages, including those filtered by third parties. Information provided by the ECWA Alert System is on an "as is" or "as available" basis.

To the fullest extent permitted by law, you expressly understand and agree that The Authority, its officers, agents, employees, partners, contractors, consultants, licensors, suppliers or their assignees and/or their successors in interest, shall not be liable to you for any damages, costs or expenses incurred by you or for any direct, indirect, punitive, incidental, special, consequential or exemplary damages, including, but not limited to, attorney’s fees, damages for loss of profits, goodwill, use, data or other intangible losses, even if the Authority has been advised of the possibility of such damages, resulting from the use or the delay or inability to use the ECWA Alert System, unauthorized access to or alteration of your transmissions or data, statements or conduct by anyone, including any third party, or any other matter relating to the ECWA Alert System.

If you need assistance please contact Customer Service at 716-849-8444. If you wish to opt out of any of the notification programs contact our customer service line at 716-849-8444, or text STOP to 1-844-716-3292 (ECWA).

ECWA Communication Privacy Policy

Approved August 25, 2016

The Authority recognizes that it is critical for individuals and businesses to be confident that their privacy is protected when they visit the Authority's website.

Consistent with the provisions of the Internet Security and Privacy Act, the Freedom of Information Law, and the Personal Privacy Protection Law, this policy describes the Authority's privacy practices regarding information collected from users of its website. This policy describes what information is collected and how that information is used.

Personal Information and Corporate Information

For purposes of this policy, "personal information" means any information concerning a natural person, as opposed to a corporate entity, which, because of name, number, symbol, mark, or other identifier, can be used to identify that natural person. The Authority shall only collect personal information about a user when the user provides that information voluntarily by sending an e-mail, or by initiating an online transaction, such as responding to a survey, registration, registration for alerts, or completing a payment/order form, or by hard copy, such as an application for service or letter.

For purposes of this policy, "corporate information" means any information concerning a business entity, as opposed to a natural person, which, because of name, number, symbol, mark, or other identifier (such as a TIN or EIN), can be used to identify that business entity. The Authority shall only collect corporate information about a user when the user provides that information voluntarily by sending an e-mail, or by initiating an online transaction, such as responding to a survey, registration, registration for alerts, or completing a payment/order form, or by hard copy, such as an application for service or letter.

Information Collected Automatically When a User Visits the Website

When visiting its website the Authority currently automatically collects and stores the following information about a user's visit:
(i) The Internet Protocol Address and domain name used, but does not automatically collect the e-mail address. The Internet Protocol Address is a numerical identifier assigned either to a user's Internet service provider or directly to a user's computer;
(ii) The type of browser and version used;
(iii) The date and time a user visited the site;
(iv) The web pages or services a user accessed at the site;
(v) Session ID;
(vi) If a user downloaded a form, the form that was downloaded. None of the foregoing information collected in this paragraph is deemed to constitute personal or corporate information.

The information that is collected automatically under this paragraph is used to improve the website's content, troubleshoot issues users may have with the website, and to help the Authority understand how users are interacting with the website. This information is collected for statistical analysis, to determine what information is of most and least interest to the website's users, and to improve the utility of the material available on the website. The information is not collected for commercial marketing purposes and the Authority is not authorized to sell or otherwise disclose the information collected from the website for commercial marketing purposes.

Cookies

Cookies are simple text files stored on a user's web browser to provide a means of distinguishing among users of the website. The Authority uses cookies to enhance or customize a user's visit to the website. These cookies do not contain personal information and do not compromise a user's privacy or security. The Authority may use the cookie feature to store a randomly generated identifying tag on the device a user uses to access the website. Cookies can be erased during operation of a user's browser or when a user's browser is closed at the user's discretion.

Refusing or deleting these cookies can limit a user's ability to take advantage of some features of the website.

Information Collected When a user E-mails the Website or Initiates an Online Transaction

During a user's visit to the website they may send an e-mail to the Authority. The user's e-mail address and the contents of the user's message will be collected. The information collected is not limited to text characters and may include audio, video, and graphic information formats included in the message. The user's e-mail address and the information included in the user's message will be used to respond to the user, to address issues the user identifies, to improve the website, or to forward the user's message for appropriate action. A user's e-mail address shall not be collected for commercial purposes and the Authority is not authorized to sell or otherwise disclose a user's e-mail address for commercial purposes.

During a user's visit to the website they may initiate a transaction such as a survey, registration, registration for alerts, or order/payment form. The information, including personal information or corporate information, volunteered by the user in initiating the transaction is used by the Authority to operate Authority programs, which include the provision of goods, services, and information such as alerts. The information collected by the Authority may be disclosed by the Authority for those purposes that may be reasonably ascertained from the nature and terms of the transaction in connection with which the information was submitted. If the user has provided their information prior to the effective date of this policy, such as an email address, the Authority shall consider this volunteered information, and such information can be used to operate Authority programs, which include the provision of goods, services, and information such as alerts. If a user provided their cell phone number prior to the effective date of this policy, it shall only be used for those purposes that the user authorized.

During a user's visit to the website they may provide their cell phone number to receive SMS messages, text messages, or telephone calls from the Authority. This information, volunteered by the user in initialing the transaction will only be used to operate Authority programs, which include the provision of goods, services, and information such as alerts. By providing their cell phone number, the user provides their express written consent to the Authority use of their cell phone number for those purposes that may be reasonably ascertained from the nature and terms of the transaction in connection with which the information was submitted.

The Authority shall not knowingly collect personal information or corporate information from children or create profiles of children through the website. It is the Authority's policy that the collection of personal information or corporate information submitted in an e-mail or through an online transaction will be treated as though it was submitted by an adult, and may, unless exempted from access by federal or State law, be subject to public access.

Information and Choice

The Authority shall not collect any personal or corporate information about a user during a user's visit to its website unless the user provides that information voluntarily by sending an e-mail or initiating an online transaction such as a survey, registration, registration for alerts, or order/payment form. A user may choose not to send the Authority an e-mail, respond to a survey, register for alerts, or complete an order/payment form. A user's choice not to participate in these activities may limit a user's ability to receive specific services or products through the Authority's website, including alerts and notifications. It shall not prevent a user from requesting services or products from the Authority by other means and will not normally have an impact on a user's ability to take advantage of other features of the website, including browsing or downloading most publicly available information.

Disclosure of Information Collected Through This Website

The collection of information through the website and the disclosure of that information are subject to the provisions of the Internet Security and Privacy Act. The Authority shall only collect personal information or corporate information through the website or disclose personal information or corporate information collected through the website if a user has consented to the collection or disclosure of such personal information or corporate information. Participation in an online transaction resulting in the disclosure of personal information or corporate information to the Authority by a user, whether solicited or unsolicited, constitutes consent to the collection and disclosure of the information by the Authority for the purposes reasonably ascertainable from the nature and terms of the transaction. Any person who has access to this information shall keep said information confidential, and shall not disclose such information without the express written consent of the user.

However, the Authority may collect or disclose personal information or corporate information without user consent if the collection or disclosure is: (1) necessary to perform the statutory duties of the Authority, or necessary for the Authority to operate a program authorized by law, or authorized by state or federal statute or regulation; (2) made pursuant to a court order or by law; (3) for the purpose of validating the identity of a user; or (4) of information to be used solely for statistical purposes that is in a form that cannot be used to identify any particular person.

Further, the disclosure of information, including personal information or corporate information, collected through the website is subject to the provisions of the Freedom of Information Law and the Personal Privacy Protection Law.

The Authority may disclose personal information or corporate information to federal or state law enforcement authorities to enforce the Authority's rights against unauthorized access or attempted unauthorized access to the Authority's information technology assets or against other inappropriate use of the website.

Retention of Information Collected Through the Website

The information collected through the website, including emails, is to be retained by the Authority for as long such information is useful and a benefit to the Authority, and is then destroyed.

In general, the Internet service logs of the Authority, comprising electronic files or automated logs created to monitor access and use of the Authority's services provided through the website, are retained for as long as they are useful and a benefit to the Authority, and are then destroyed. Information, including personal information or corporate information, that a user submits in an e- mail or when a user initiates an online transaction such as a survey, registration, registration for alerts, or order/payment form is retained for as long as it is useful and a benefit to the Authority, and are then destroyed.

Access to and Correction of Personal Information or Corporate Information Collected Through the Website

Any user may submit a request to the Authority's Information Officer to determine whether personal information or corporate information pertaining to that user has been collected through the website. Any such request shall be made in writing to the Information Officer at and must be accompanied by reasonable proof of identity of the user. Reasonable proof of identity may include verification of a signature, inclusion of an identifier generally known only to the user, or similar appropriate identification.

The Information Officer shall, within five (5) business days of the date of the receipt of a proper request: (i) provide access to the personal information or corporate information; (ii) deny access in writing, explaining the reasons therefore; or (iii) acknowledge the receipt of the request in writing, stating the approximate date when the request will be granted or denied, which date shall not be more than twenty (20) business days from the date of the acknowledgment.

In the event that the Authority has collected personal information or corporate information pertaining to a user through its website and that information is to be provided to the user pursuant to the user's request, the Information Officer shall inform the user of his or her right to request that the personal information or corporate information be amended or corrected under the procedures set forth in section 95 of the Public Officers Law.

Confidentiality and Integrity of Personal Information or Corporate Information Collected Through the Website

The Authority shall limit employee access to personal information or corporate information collected through the website to only those employees who need access to the information in the performance of their official duties. Employees who have access to the information are required to follow appropriate procedures in connection with any disclosures of personal information or corporate information.

The Authority has implemented procedures to safeguard the integrity of its information technology assets, including, but not limited to restricted employee access, firewalls, password protection, monitoring of the system and website for unauthorized accesses, auditing of the system, and encryption of sensitive files that are sent or received. These security procedures have been integrated into the design, implementation, and day-to-day operations of the website for the continued security of electronic content as well as the electronic transmission of information.

Questions regarding this policy and inquiries regarding access to and correction of Personal Information or Corporate Information collected through the website can be sent to the following:

Secretary to the Authority/Information Officer Erie County Water Authority
295 Main Street, Room 350
Buffalo, New York, 14203

or to

privacy@ecwa.org