Access to privacy impact assessments
Information Automatically Collected and Stored
Security at IRS.gov
If you send us information online
Customer Satisfaction Surveys
Computer Matching Programs
System of Records Notices
Using Links to other sites
We will not collect personal information about you just because you visit this Internet site. Some applications on this website provide you with the opportunity to order forms, ask questions requiring a response, sign up for electronic newsletters, participate in focus groups and customer surveys, or learn the status of filed returns or anticipated payments. Using these services is voluntary and may require that you provide additional personal information to us. Providing the requested information implies your consent for us to use this data in order to respond to your specific request.
Other Information We May Collect
All personal information you provide to us is voluntary. We may collect personal information about you (such as name, email address, Social Security number or other unique identifier) only if you specifically and knowingly provide it to us. We will use your information to process requests for certain services or information. Providing your information is generally voluntary, but if it is not provided, we might not be able to process your transaction. When information is required, we will let you know before we collect it.
Why We Collect Personal Information
We collect PII and other information only as necessary to administer our programs. The information you provide will be used only for that purpose. We do not sell the information collected at this site or any other information we collect. You do not have to give us personal information to visit our website.
How We Use Your Personal Information
Throughout our website, we will let you know if the information we ask you to provide is voluntary or required. By providing your personal information, you give us consent to use the information only for the purpose for which it was collected. We describe those purposes when we collect information. We will ask for your consent before using the information you provide for any secondary purpose other than those required by federal law.
Your Privacy Rights
The Senior Agency Official for Privacy (SAOP), as mandated by OMB M-16-24, has overall responsibility and accountability for ensuring the agency’s implementation of information privacy protections, including the agency’s full compliance with federal laws, regulations, and policies relating to information privacy. The SAOP for the IRS is positioned at the Department of Treasury.
Privacy and Civil Liberty Impact Assessments (PCLIA)
A PCLIA is a decision-making tool used to identify and mitigate privacy risks at the beginning of and throughout the development life cycle of a program or system. PCLIAs help the public understand what PII the agency is collecting, why it is being collected, and how it will be used, shared, accessed, secured and stored. The PCLIA uses the Fair Information Practice Principles (FIPPs) to assess and mitigate any impact on an individual’s privacy. Generally, a PCLIA is required before a program or system containing PII becomes operational.
Generally, A PCLIA should accomplish these goals:
- Ensure conformance with applicable legal, regulatory, and policy requirements for privacy.
- Determine the risks and effects.
- Evaluate protections and alternative processes to mitigate potential privacy risks.
- Provide assurance to the public about the protection of privacy and constitutional rights.
Approved PCLIAs are published on the U.S. Department of the Treasury's Privacy Impact Assessment Webpage unless they are classified.
System of Records Notice (SORN)
A System of Records is a group of records under the control of any federal agency from which information is retrieved by a unique personal identifier assigned to an individual. A SORN is a formal notice to the public published in the Federal Register that identifies the purpose for which PII is collected, from whom and what type of PII is collected, how the PII is shared externally (routine uses), and how to access and correct any PII maintained by the department or agency.
A SORN is required when a government agency has a system of records as defined above. In some instances, the agency may have an existing SORN that covers a collection of systems or programs.
All SORNs are approved by the agency’s Chief Privacy Officer prior to publication and are sent to OMB and Congress for comment. After, they are published in the Federal Register for thirty days to give the public notice and time to comment. A program or system may not become operational until the SORN has been published for thirty days.
All IRS SORNs published in the Federal Register can be found on the U.S. Department of the Treasury System of Records Notices Webpage.
Computer Matching Agreements
A computer matching program is required by the Privacy Act for any computerized comparison of two or more automated systems of records, or a system of records with non-federal records, for the purpose of establishing or verifying eligibility or compliance as it relates to cash or in-kind assistance or payments under federal benefit programs.
Notices for approved computer matching programs are published in the Federal Register and can be found on the U.S. Department of the Treasury Computer Matching Programs Webpage.
A privacy complaint is a written allegation filed with the Service regarding a potential problem or violation of privacy protections in the administration of IRS programs and operations that may cause harm or violation of your personal or information privacy. This complaint or inquiry may concern:
- Issues regarding consent, collection, and appropriate notice;
- Issues regarding unauthorized disclosures
Director, Office of Privacy, Governmental Liaison and Disclosure
Internal Revenue Service
Room 7050 OS:P
1111 Constitution Ave. NW
Washington, DC 20224
BEFORE YOU WRITE, note that this office cannot assist you with any type of tax matter. We may only address questions about IRS privacy policies or complaints you may have regarding how IRS uses and collects personal information. Do not send in any sensitive information through this correspondence.
Please include as much information as possible to help with our research and response to your query, as appropriate and known. Include the date of the incident, the date of discovery, and what personal information was affected. IRS takes your privacy concerns very seriously, and will respond fully and timely. Please allow up to four weeks for a written response to your complaint or inquiry, so that we have time to research and resolve.
PLEASE NOTE: Do not respond to unsolicited e-mails that claim to come from the IRS, or any e-mail from an unknown party asking you to submit personal, tax, or financial data. The IRS does not use email to request this type of information. Forward suspicious emails to: email@example.com.