- This site is administered by the U.S. General Services Administration, and was created and is maintained by ChallengePost.
- Some of this information, like your username and a profile image (if you choose to add one), is displayed publicly on the site. We also may display your full name, but only if you give us permission.
- Your e-mail address, on the other hand, is never made public without your consent, and is never otherwise made available to the government except in certain rare circumstances (e.g., law enforcement purposes).
- Challenge.gov has a system that lets us send you messages without ever seeing your e-mail address. We won't ever spam you, but we probably will have to e-mail you if you win a challenge.
- Your information, along with the rest of this site, is stored safely on cloud hosting services provided by Amazon.
- The submissions you submit in response to a challenge are public, and it's your job to make sure you don't submit anything you don't want made public. You should also be aware that each individual challenge has different rules about intellectual property.
- This site uses persistent cookies. This is a pretty standard practice, and it makes your user experience a lot better while still keeping you private and anonymous. But if you're not comfortable with that, it's easy to turn persistent cookies off; the site will still work fine without them.
- If we ever need to change this policy in ways that might affect you, we'll provide 30 days' notice before we do.
- The law says that anyone age 13 or under should not be using this site. If you're 13 or younger, please go ask your parents to help you take a look at this site.
- You can participate in Challenge.gov in multiple ways. You may use this site to participate or, if you prefer, you can e-mail us with your ideas and comments at firstname.lastname@example.org. If you’re a government employee and would like to post a challenge on challenge.gov but are having problems with the site, you can e-mail email@example.com.
Who runs this site?
In addition, federal Departments and Agencies are responsible for administering their individual challenge and organization pages; their use of this platform indicates their agreement to comply with this policy.
Information Collected Upon Registration
When you create a Challenge.gov account, you provide some personal information to ChallengePost, such as a first and last name, e-mail address, and optionally, an image to be associated with your profile. We also ask you to provide a "location," which isn't verified and can be anything you want—“Indianola, IA”, “50125”, "Minnesota", “USA”, "The Earth", "My Room", etc. In fact, other than your e-mail address, none of this information is verified, and you are free to represent yourself on the site in whatever manner you would like, although the use of obscene material may get your account removed.
What is Publicly Viewable?
Although users' information is stored securely, some of it is displayed on Challenge.gov so you can find and interact with others who are using the site. This includes your first name, the first initial of your last name, your location as you have provided it, and an optional profile image. For example, members of the public who browse this site may see your user profile displayed in the following way:
In the future, you may be provided with additional profile fields to be filled out; these are provided only as a convenience to you and you can opt out of displaying them publicly. Each individual challenge may have needs for additional information (such as “school” if a challenge is only open to students), so please read the rules of individual challenges you want to enter.
Where Is My Information Stored? Is It Safe?
The information you enter upon registration is stored in an electronic database maintained by ChallengePost. This information is not made accessible to the U.S. government, and we will never share it unless:
- You explicitly ask or permit us to; or
- It is required for law enforcement purposes or under federal statute.
Challenge.gov is hosted in the Amazon Elastic Compute Cloud, or EC2, which is a technical name for a bunch of web servers that provide high flexibility at pretty low cost. As far as we know, we're only the second .gov site to be hosted in a commercial cloud. (Recovery.gov was first—those trailblazers!) GSA has examined Amazon's web security measures (including something called a SAS 70 Type II Audit), as well as those employed by ChallengePost, and found them all to be sufficient for protecting the security and stability of a site like this.
While we do our best on our end to protect your information, you can also protect against unauthorized access to your password and to your computer by signing off once you have finished using a shared computer.
Will I Get A Bunch of Spam?
No. You'll only get e-mails through Challenge.gov when:
- ChallengePost sends out an occasional newsletter (this will be easy to unsubscribe from if you don't want it)
- Challenge.gov needs to tell you about an important change to the platform (this will be pretty rare)
- There's a new update about a challenge that you've signed up to follow (this will be up to the individual agency running the challenge)
- You win a challenge (this will be awesome!)
All of these e-mails will be sent through an automated, anonymized system that never reveals your actual e-mail address to any human being. This ensures that you can get and send notes securely without revealing your private information. If you decide at any time that you no longer wish to receive blast e-mail communications from Challenge.gov, follow the unsubscribe instructions provided in any of the communications. (We'll still probably have to e-mail you personally if you win a challenge.)
Read the full Privacy Impact Assessment performed by GSA as part of creating the Challenge.gov platform.
Will You Ever Ask For Additional Information?
If you win a challenge that has a monetary or material prize associated with it, we may need to contact you to get additional information in order to give you your hard-earned reward. The details of how this is done will be posted for each individual challenge, but be careful about phishing attempts before giving your e-mail out.
Information Submitted as Part of a Challenge
Challenge.gov lets you propose submissions to the pressing challenges facing our nation and other contests related to government missions. If you submit your ideas/submissions to one of these challenges, it means that most of the information you provide is information that you are asking us to make public. Although all challenge submissions will be reviewed by agency moderators before being posted, it's your responsibility to ensure that nothing you submit includes proprietary information, information that's illegal to make public, or personal information about you such as your social security number. Submissions to challenges that you propose are viewable to anyone who visits Challenge.gov, and may also be made viewable on other sites via RSS or an API. So, please be careful.
To win a challenge, you have to submit your very best ideas. But it's also important to protect your intellectual property (IP). Each challenge sets its own rules about what happens to the IP behind winning submissions, so make sure you read it and get comfortable with it before entering a challenge.
Use of Persistent Cookies
Like many websites, Challenge.gov uses "persistent cookie" technology. A persistent cookie is a small text file that this website places on your computer so that it can remember you when you show up again later—kind of like cookie crumbs! (Hence the name.) We use persistent cookies in two ways, both of which enhance your experience on Challenge.gov while also protecting your privacy:
To remember you when you come back to the site, so you don't have to
type in your username and password upon each visit.
On this site's login form, you'll see a little checkbox marked "Remember Me." Checking that helps us remember your information so you do not have to sign in each time you visit Challenge.gov. ChallengePost keeps your information secure and anonymous by using a 32-byte long MD5 hash, which is geek-speak for "really complicated encryption algorithm." By using that, we are able to automatically log you in without ever collecting your name, e-mail address, or any other personal information. This cookie lasts for two weeks, but that countdown is restarted every time you visit the site after logging in with "Remember Me" checked. You do not have to check “Remember Me” when you log in. If you don’t the site will work the same, except that you will need to re-enter your login information each time you visit.
To get aggregate metrics on site usage to understand how people are
using the site and how we can make it better
ChallengePost uses web metrics services to track activity on Challenge.gov. Government agencies only ever receive traffic statistics anonymously and in the aggregate.
Most Internet browsers automatically accept persistent cookies. Although we think using persistent cookies creates a much better experience for you, this site will also work without them. If you don't want to accept cookies, you can edit your browser's options to stop accepting persistent cookies or to prompt you before accepting a cookie from the websites you visit; here's how to disable cookies.
Links to Other Sites
We care about the safety and privacy of children online. For that reason, we comply with the Children's Online Privacy Protection Act of 1998 (COPPA) and its accompanying Federal Trade Commission (FTC) regulation that protects the privacy of children using the Internet. Challenge.gov is not a site aimed at children under 13 years old, and the site does not accept registrations from, or knowingly collect information from, children under 13 years old. Visitors attempting to register for the site are initially asked whether they are under 13 years of age; when a visitor indicates that they are not, they are redirected to a page informing them that a parent or guardian should use the site on their behalf.
If we become aware that someone under 13 years of age has registered for this site, we will immediately delete that person’s account, and they will become ineligible to win any contests on Challenge.gov. If you suspect that your child under the age of 13 has created an account on the site, please let us know by e-mailing firstname.lastname@example.org and we will take immediate action to rectify the situation.
Although Challenge.gov does not accept registrations from users under the age of 13, kids can still enter and win contests by having their parents or guardians register for Challenge.gov on their behalf! In cases where a challenge is open to kids under 13, those representing children under 13 will have to submit a parental consent notice before their child’s submissions will be eligible to win the contest.
If you're using this site and you're younger than 13, go get your parents and ask them to look at this site with you. Trust us, they'll like spending some time with you.
Is This A Privacy Act System of Record?
No, but let's back up a second: A Privacy Act System of Record, or SOR (government has a lot of acronyms), is any group of records under the control of any agency from which information is retrieved by the name of the individual or by some identifying number, symbol, or other identifier assigned to the individual. This is all governed by the Privacy Act.
On Challenge.gov, the information you submit as part of registration is not available to the U.S. Government, and will never be shared except in cases where (a) you provide your express consent or (b) retrieval of the information is required for law enforcement purposes or by statute. Therefore, this is not a privacy act system of record.