Privacy & Security

​​​​​Learn more about our privacy and security policies and what they mean.

Your privacy and security are our highest priority.  Ensuring electronic access to state government information and services while maintaining privacy is a guiding principle of the state's Commonwealth Office of Technology, Office of Enterprise Technology.  The Com​monwealth of Kentucky collects only the personal information necessary to provide enhanced services to our citizens and customers.  Please note that all non-exempt information collected by services may be subject to public disclosure under KRS 61.870, the Kentucky Open Records Act [PDF]. 

However, public records containing information of a personal nature are protected from disclosure by the personal privacy exemption of state law.  Personal data in our possession is maintained and used in ways that respect individual privacy.  The Commonwealth educates our employees about the importance of protecting personal information and consumer privacy, and only authorized employees have access to personal information.

Depending on the situation, we may collect the following information about visitors to our Web site:

  • the domain name, but not the e-mail address
  • the e-mail addresses of those who communicate with us via e-mail
  • aggregate information about which pages consumers access or visit
  • information volunteered by the consumer, such as survey information

This information is used only to improve the scope and content of the state's services online.

Information Sharing will not release personal information to third parties except where it is already provided by law for purposes of notification. We will not provide, rent or sell personal information to third parties for marketing programs or any other purpose. State law restricts the use of personally identifiable information for commercial purposes. Depending on the specific nature of the service, information may be shared with other state agencies as stated in KRS 61.878 (5) [PDF]. This statute allows for the exchange of public records or sharing of information between public agencies when the exchange is serving a legitimate governmental need or is necessary for the performance of a legitimate government function.

Child Online Privacy Protection Act (COPPA)

Except as otherwise permitted by law, the Commonwealth does not knowingly collect and use or disclose the personally identifiable information of a child under the age of 13.

Children under the age of 13 are not eligible to use services that require the submission of personal information and should not submit any personal information to us. This includes submitting personal information to the website as part of a user profile or personalization profile. If you are a child under the age of 13, you can use these services only if used together with your parents or guardians. Seek guidance from your parents or guardians if you are under the age of 13.

If we decide to begin collecting personal information from children under the age of 13, we will notify parents that it is being requested, disclose the reasons for collecting it, and disclose our intended use of it. We will seek verifiable parental consent before collecting any personally identifiable information. If we do collect such information, parents may request information on the type of data being collected, view their child's information, and, if they choose, prohibit us from making further use of their child's information. We will not provide personal information about children to third parties.

Internet Cookies

Cookies are short and simple text files stored on your computer by Internet websites to help identify users and enhance customer service. sites may use cookies to customize and personalize your service transactions with state agencies. For example, our web shopping sites may use cookies to keep track of customers and the contents of their shopping carts. In the event, the Internet connection is broken or you wish to suspend shopping and resume at a later time, the cookie on your computer will maintain your computer's identity shopping cart information. Cookies do not compromise your privacy or security. Using web browser settings, you can refuse the cookies or delete the cookie file from your computer by using any of the widely available methods.

Security uses the Secure Sockets Layer (SSL) protocol to safeguard your sensitive personal information, including your credit card number, during online transactions. Using this widely accepted form of encryption, your transaction is secured from your personal computer to the computer processing your request.  The processing computers are located behind a secure firewall.  For added security, your credit card information is not stored on a state government database, and only authorized employees have access to your credit card number for card processing purposes.

If you have trouble purchasing securely at our website, then you may be behind a firewall or using a proxy server that doesn't allow for secure transactions.  If that is the case, then you may phone or fax your order.

SSL is highly regarded to be a very safe encryption method, but we fully understand if you are not comfortable entering your credit card information online.  In that case, please telephone the agency and speak directly to an agency representative.

Email Correspondence

If you send an E-mail message or complete an unsecured web form, which contains personal information, we collect and store the following information:

  • Any personally identifying information, which you choose to provide (for example your mailing address), in an email message or web form requesting information or if you send any information in a Live Support session, which contains personal information, we collect and store the following information: commenting on policies, issues, or events. Information collected in this manner is used solely for information and, in some cases, to respond to you.
  • If unsecured and/or unencrypted email is used, please do not put confidential and personal information such as social security number, date of birth, bank account and credit card information, mother's maiden name, or medical information in your e-mail communications to the Commonwealth. Your privacy cannot be protected or insured by the Commonwealth during email or unsecured web form transmission.

Electronic Payments

It is the intent of the Commonwealth of Kentucky not to use the ACH system for transactions in violation of U.S. Law, including the sanctions administered by the Office of Foreign Assets Control (OFAC). It is also the intent of the agency to be in compliance with the "International ACH Transaction (IAT) rules" that are part of the NACHA Operating Rules. Accordingly, all payments made through this website/online application are intended only for payments not associated with a foreign bank account, which would classify it as an "International ACH Transaction (IAT)" under the NACHA Operating Rules.

Since this website's payment application does not accommodate IAT transactions, payers that would be considered an IAT payer should use some other method of remitting funds to the Commonwealth. Alternative forms of payment would include a check or credit card.

Support Website and Live Chat

The Support service is the portal's live customer service application that allows visitors to interact with customer service representatives and chat in real-time.

Certain information is collected and maintained in regard to Support and Live Chat services. In addition to IP address, browser type, date and time of the visit, and the referring webpage, transcripts of the chats are saved for statistical, demographic, and/or customer service purposes. Some information is also collected through chat surveys on a volunteer basis.

When you open a Support Chat session, a cookie is placed on your system and the Support operators are notified that a visitor has entered the Support site. At this time, operators can see the following information about your session:

  • Browser type and version
  • Host address
  • Host IP number

The purpose of the cookie is to enable the Support system to associate each session with the previous session so that each operator can assist you without requiring that you repeat any information previously provided. You are not required to enable cookies to use Support. The cookie will not track any of your browsing activity beyond this page.

Transcripts of the Live Chat sessions contain the following information:

  • Session date
  • Session start and end time
  • Operator name
  • Visitor name as entered
  • Browser type and version
  • Host IP number
  • The text of the discussion
  • Exit interview responses
  • Topic
  • An email address if a transcript was requested

Legal Notice

Any trademarks that appear on this site are the property of their respective owners who may or may not be affiliated with, connected to, or sponsored by respects the rights of all copyright holders, and therefore, has adopted and implemented a policy that provides for the termination in appropriate circumstances of users and account holders who infringe the rights of copyright holders. If you believe that your work has been copied in a way that constitutes copyright infringement, please provide 's Copyright Agent with the following information required by the Online Copyright Infringement Liability Limitation Act of the Digital Millennium Copyright Act, 17 U.S.C. 512:

  1. A physical or electronic signature of a person authorized to act on behalf of the owner of an exclusive right that is allegedly infringed;
  2. Identification of the copyrighted work claimed to have been infringed, or, if multiple copyrighted works at a single online site are covered by a single notification, a representative list of such works at that site;
  3. Identification of the material that is claimed to be infringing or to be the subject of infringing activity and that is to be removed or access to which is to be disabled, and information reasonably sufficient to permit us to locate the material;
  4. Information reasonably sufficient to permit us to contact the complaining party;
  5. A statement that the complaining party has a good-faith belief that use of the material in the manner complained of is not authorized by the copyright owner, its agent, or the law; and
  6. A statement that the information in the notification is accurate, and under penalty of perjury, that the complaining party is authorized to act on behalf of the owner of an exclusive right that is allegedly infringed.

Notices of copyright infringement in connection with the Digital Millennium Copyright Act (1998) (“DMCA"), should now be directed in-house to:

The full Notices and Procedures language can be found in Terms​ of Use