Help
Contact Us
Help
Contact Us

Loading ...

State of Michigan - MiLogin Privacy Policy

Date of Last Revision: May 29, 2025

  • The MiLogin Service ("our", "us", or "we") takes protecting your privacy seriously and wants to help you better understand how we collect, use, protect, and share your Personal Data. This Privacy Policy is designed to help you understand your privacy choices when you visit the MiLogin Service (https://milogintp.michigan.gov/) ("MiLogin") through any State website ("Websites"). This Privacy Policy applies to the MiLogin Service, but does not apply to the Websites or any third-party website, including through any third-party application or content (including advertising), that may link to or be accessible from or through the Websites.

    We encourage you to read this Privacy Policy carefully and take the time to get to know our privacy practices. By accessing MiLogin you are bound by all terms and conditions in this Privacy Policy. If you do not wish to be bound, you may not access MiLogin or the Websites accessible through it.

    MiLogin is not directed to children under the age of 13, is not intended to solicit information from children under the age of 13, and does not knowingly contact or collect information from children under the age of 13, unless otherwise stated in an agency-specific policy or permitted by law. Individuals under the age of 13 are not eligible to use services that require submission of Personal Information. This includes submitting Personal Information through MiLogin as part of a user profile or personalization profile. If you are an individual under the age of 13, you may use MiLogin only if used with your parent or legal guardian. Seek guidance from your parent or guardian if you are under the age of 13.

    1. Types of Information We Collect
    When visitors access MiLogin, we may collect the following types of information:

    1. "Account Information" means data you provide during the registration process to set up your account, such as name, email, phone number, username, and answers to security questions.
    2. "Browser Information" means data or information provided by a browser, including the IP address, the website visited, and network connection.
    3. "Device Information" means information about your device, such as device ID number, model, and manufacturer, version of your operating system and geographical region, collected from any devices when accessing MiLogin.
    4. "Personal Data" or "Personal Information" means information that (i) relates to an identified or identifiable natural person, or (ii) identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household including information identified in MCL 445.63(q).
    5. "Sensitive Information" means information such as Social Security number, Driver's license number, government-issued identification numbers, medical/health information, financial accounts numbers, e.g., bank account numbers, and credit or debit card numbers.
    6. "Usage Information" means information collected when you interact with MiLogin, including functionalities accessed, pages visited, and other interaction data.

    2. How Do We Collect Information and What Information Do We Collect?

    1. When you visit MiLogin, we may collect Browser Information, Account Information, Device Information, Personal Information, Sensitive Information, and Usage Information. We will not collect Personal Information or Sensitive Information about you when you visit MiLogin unless you voluntarily choose to provide that information by performing certain activities, which may include without limitation, entering information in an online form, sending an e-mail, registering for an account, or by performing an online service transaction.
    2. When you visit MiLogin, it may store or retrieve Browser Information on your browser, mostly in the form of Cookies. This information might be about you, your preferences or your device and is mostly used to make MiLogin work as you expect it to. The information does not usually directly identify you, but it can give you a more personalized web experience.
    3. When you visit MiLogin, we automatically collect Device Information about the device you are using to access MiLogin, including information about your web browser, IP address, time zone, and information collected through Cookies, web beacons and other tracking technologies that are installed on your device.
    4. Additionally, as you browse MiLogin, we collect Usage Information about the individual web pages that you view.
    5. We may collect Sensitive Information from you that you voluntarily provide to us in order to access certain functions of MiLogin.

    3. How Do We Use the Information We Collect?
    We use the information to:

    1. provide our services;
    2. confirm identities;
    3. to communicate with you, including required communications regarding updates to our services or policies;
    4. to identify and respond to threats to the network;
    5. to resolve incidents or problems reported by you related to the use of MiLogin;
    6. for reporting to Michigan and other state regulatory agencies;
    7. to comply with legal requirements; and
    8. in other cases where you have given express consent.

    4. Public Records and How Do We Share Your Information?
    We will share Personal Information submitted through online forms with other Michigan state agencies when necessary to process your online form. For example, if you have difficulty logging in while attempting to access a Michigan government service, we may forward your question to the appropriate state agency.

    Personal Information collected by MiLogin is limited to what is needed to complete your transaction.

    Under the Federal Driver's Privacy Protection Act, 18 U.S.C. 2751, et seq. and the Michigan Driver's Protection law, MCL 257.208c, Personal Information may be provided to third parties without additional prior notice or consent when permitted or required by law.

    As part of a public body, MiLogin is subject to the Michigan Freedom of Information Act (FOIA), MCL 15.231 et seq., and information such as a name or address may be disclosed in response to a FOIA request. For more information about this process, please refer to the Michigan Freedom of Information Handbook.

    Any information collected through MiLogin that indicates a threat of harm to people, property or systems or a violation of a law may be shared with law enforcement and used in connection with a criminal investigation, prosecution or other legal proceedings.

    We may share, transfer and/or disclose your Personal Information to or with service providers or third parties in order to provide the services requested, and under the following circumstances:

    1. To respond to your requests and answer questions or process your requests as efficiently as possible.
    2. We share certain Personal Information with our employees to provide you our services; third-party partner representatives who may follow-up with you on our behalf to see how we may be able to best provide our services; and other third-party business partners necessary to fulfill any of the services. These third-party service providers are contractually or otherwise legally prohibited from using your Personal Information for promotional purposes or from selling your Personal Information. These service providers may have access to information about you if it is needed to perform their functions for us, but they are not authorized by us to use or disclose such information except as necessary to perform services on our behalf or to comply with legal requirements, and they are required to maintain the information in confidence.
    3. We share certain information that is traditionally not considered Personal Information (such as Device Information, Browser Information, Usage Information, and analytics) for purposes of better understanding your usage of the services improving on that experience.
    4. We reserve the right to disclose information we collect as permitted or required by law or in response to valid legal process, such as a warrant, subpoena, or court order; for any reason if the information is believed to pose threat of harm to people property, systems or is believed to be a violation of law; and/or in the event it is necessary to prevent, investigate or take action regarding unlawful, illegal or suspicious activities that violate this Privacy Policy.
    5. To verify your ID and to allow you to sign on through MiLogin, we share your user name, ID, email and phone number with our security partner, Socure, for that limited use.
    6. To fulfill the duties charged to public agencies.
    7. We may share your Personal Information with third parties in order to investigate, prevent, or take action (in our sole discretion) regarding potentially illegal activities, suspected fraud, situations involving potential threats to any person, us, or MiLogin, or violations of our policies or the law.
    8. For any other reason with your written consent.


    We work with third-party service providers that may supply website and application development, hosting, maintenance, storage, virtual infrastructure, research, advertising, marketing, analysis, and other services for us, which may require them to access or use your Personal Information. However, in the event one of our third-party service providers needs to access your Personal Information to perform services on our behalf, they must also agree to comply with privacy requirements whether by contract, virtue of their own privacy policy, or both. We engage with third-party service providers / partners as follows:
    1. We use Socure to collect and process some of your Personal Information and Sensitive Information to provide identity verification services. You can read more about how Socure protects and shares your information here: https://www.socure.com/privacy.
    2. We use Google Analytics to collect and process some of your information. This information is aggregated and is used to improve MiLogin. For more information, please visit Google's website to learn how Google uses data when you use our Websites or applications. Click here to opt-out of Google Analytics. MiLogin also uses the following Google Analytics Advertising Features: Demographics and Interests. Google Analytics Cookies and Google advertising Cookies are used to improve MiLogin and to generate statistics. Click here to opt-out of Google Analytics Advertising Features.
    3. We use Experian to collect and process some of your Personal Information and Sensitive Information to provide identity verification services. You can read more about how Experian protects and shares your information here: https://www.experian.com/privacy.

    Third parties may collect additional information from you. Please refer to the respective third-party's privacy policy to better understand how they process any of the Personal Information they collect and the purposes for collection. While we are dedicated to securing MiLogin, you are responsible for securing and maintaining the privacy of your passwords and account information. We are not responsible for protecting Personal Data shared with a third-party based on a connection that you have authorized.

    We do not control third parties' collection or use of your information to serve interest-based advertising. However, these third parties may provide you with ways to choose not to have your information collected or used in this way. You can opt out of receiving targeted ads from members of the Network Advertising Initiative ("NAI") on the NAI's website.

    5. How Do We Store the Information We Collect? MiLogin may store and maintain collected information, which may include Browser Information, Device Information, Personal Information, Account Information, Sensitive Information, and Usage Information, for the period of time required by applicable state regulatory agencies or for the duration of your usage of our services.

    6. MiLogin. To access certain State of Michigan services or Websites, you may be required to register through MiLogin. Users accessing our services may log in using a username and password, or may choose to authenticate using passkeys—a secure, passwordless login method that utilizes cryptographic credentials tied to your biometric authentication. Passkey authentication is considered more secure than traditional passwords because: (1) it eliminates the need to remember or transmit a password; (2) it relies on device-bound private keys that cannot be shared or reused; and (3) it leverages biometric features to confirm your identity. Your biometric data used for authentication never leaves your device and is not shared with us or MiLogin. However, during authentication, your biometric data remains on your device and is never collected, accessed, or processed by MiLogin. We do not collect, sell, or share your biometric information. Authentication is confirmed by your device, which securely communicates success without revealing any biometric identifiers. The authentication process only confirms successful identity verification via a secure cryptographic challenge-response, without disclosing or transferring biometric information. As such, we encourage users to take advantage of passkey authentication for enhanced security; however, use of passkeys is optional, and you may continue to log in with your username and password if preferred. MiLogin allows you to connect to State of Michigan services through one single user ID, whether you want to renew your driver's license, file for unemployment, view your state tax return status, or apply for health benefits.

    1. Register for an Account. During the registration process, you will be asked to: (i) provide Contact Information; (ii) choose a username and password for your account; and (iii) create security questions to add more recovery options for your account. It is your responsibility to ensure that the information you provide is accurate, complete, and up to date.
    2. Password Security. You are responsible for maintaining the confidentiality of your account password and for all activities that occur under your account. To protect your account:
      1. Create a Strong Password: Use a unique and complex password that is not easily guessable.
      2. Do Not Share Your Password: Never share your password with anyone, including friends, family or third parties.
      3. In the event your password is compromised or you believe that it might be, immediately reset it.
      4. Notify Us Immediately: If you suspect that your password has been compromised, or if there has been any unauthorized access to your account, you must notify us immediately via the contact information provided below.
    3. Information Collection. When you use MiLogin, we may also collect Sensitive Information to verify your identity. The process includes verifying you through a government-issued photo ID, e.g., driver's license, and a photo taken via your device camera, i.e., a live photo. We process the images from your ID to check for forgeries. As for your live image, we perform facial matches against your ID image to confirm the person presenting the ID is the rightful owner. We collect Sensitive Information as described above, and retain your photographic image as the image is captured. Your identity is verified or not verified against your photograph and then your photograph is stored for the duration of the transaction, which will be no more than 3 years from your last interaction with Socure. We use Socure and Experian to provide identity verification services. You can read more about how Socure protects and shares your information here: https://www.socure.com/privacy and how Experian protects and shares your information here: https://www.experian.com/privacy.
    4. Withdraw Privacy Consent. You may withdraw any consent you previously provided to us, or object at any time on legitimate grounds, to the processing of your Personal Information, including Sensitive Information by contacting us as described below in Section 14, Contact Us. We will apply your preferences going forward. In some circumstances, withdrawing your consent will mean that you cannot take advantage of certain services and in some instances, we will be required to retain certain information in order to provide the services requested or as otherwise required by law.
    5. Deactivate Account/Forget Me. You can deactivate your account permanently. If you do, your Personal Information, including Sensitive Information, and government-issued identification numbers will be removed from MiLogin. You will no longer be able to login or access any services associated with the account.

    7. Rights of Users from the European Economic Area and the United Kingdom. For purposes of this section "personal information" refers to all information we collect about you as set forth above in Section 1. If you are a resident of the United Kingdom ("UK") or European Economic Area ("EEA"), you may have certain data protection rights. "GDPR" means the European Union General Data Protection Regulation (EU) 2016/679, and the United Kingdom Data Protection Act 2018. Information that you provide may be transferred or accessed by entities around the world as described in this Privacy Policy. If you are located in the EEA or UK, you freely consent to the transfer of personal information outside of the EEA and UK. Your consent to this Privacy Policy together with your submission of personal information constitute your agreement to these transfers. If you are accessing or using MiLogin from within the EEA or UK, you may have the following rights under the GDPR (as well as other rights). If you wish to exercise any of these rights, you may do so by contacting us as provided in this Privacy Policy.

    • Right of Access: You have the right to obtain confirmation from us as to whether or not we process personal information from you and you also have the right to at any time obtain access to your personal information stored by us.
    • Right to Correction of your Personal Information: If we process your personal information, we use reasonable measures to ensure that your personal information is accurate and up to date for the purposes for which your personal information was collected. If your personal information is inaccurate or incomplete, you have the right to require us to correct it.
    • Right to Deletion of your Personal Information or Right to Restriction of Processing: You may have the right to require us to delete your personal information or to restrict processing of your personal information.
    • Right to Withdraw your Consent: If you have given your consent to the processing of your personal information, you have the right to withdraw your consent at any time, without affecting the lawfulness of processing based on the consent before the withdrawal.
    • Right to Data Portability: You may have the right to receive the personal information concerning you and which you have provided to us, in a structured, commonly used and machine-readable format or to transmit this data to another controller.
    • Right to Object: You may have the right to object to the processing of your personal information as further specified in this Privacy Policy.
    • Right to Lodge a Complaint with Supervisory Authority: You have the right to lodge a complaint with a data protection supervisory authority located in the EEA or UK. Further information about how to contact your local data protection authority is available at the website of the European Commission.

    To exercise any of these rights you may log into your MiLogin account and navigate to the account settings page, or contact us at (517) 241-6606, or via email at DTMB-CSO@michigan.gov with the subject line "Data Subject Request." Through the MiLogin account settings page you can manage your privacy preferences, including withdrawing consent or requesting a copy of your personal data via download or email. You will not have to pay a fee to access your personal information (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in such circumstances.

    8. Credit Card Information. MiLogin does not process credit card information.

    9. Cookies.

    1. Usage. MiLogin and its third-party service providers use Cookies, web beacons, and similar tracking technologies to recognize you when you visit MiLogin, remember your preferences, and give you a personalized experience. A "Cookie" is a small file that resides on your computer's hard drive that often contains an anonymous unique identifier that is accessible by the website that placed it there, but is not accessible by other sites. When you visit MiLogin, we, or an authorized third-party, may place a Cookie on your device that collects information, including Personal Data, about your online activities over time and across different sites. Cookies allow us to track use, infer browsing preferences, and improve and customize your browsing experience.
    2. Persistence. We use both session-based and persistent Cookies on MiLogin. Persistent Cookies remain on your computer when you have gone offline, while session Cookies are deleted as soon as you close your web browser. A website may set a Cookie if the browser's preferences allow it. A browser only permits a website to access the Cookies that it has set, not those set by other websites.
    3. Types.
      1. Essential. These Cookies are necessary for MiLogin to work as intended.
      2. Functional. These Cookies enable enhanced functionality. Without these Cookies, certain functions may become unavailable.
      3. Analytics. These Cookies provide statistical information on site usage. For example, these Cookies enable web analytics that allow us to improve MiLogin over time.
    4. Control. It is possible to disable Cookies through your device or browser settings, but doing so may affect your ability to use MiLogin. For instance, we may not be able to recognize your computer or mobile device and you may need to log in every time you visit MiLogin. The method for disabling Cookies may vary by device and browser, but can usually be found in preferences or security settings. Please use the following links for further instructions:
      1. Google Chrome
      2. Apple Safari
      3. Mozilla Firefox
      4. Microsoft Edge
    5. Other Resources. To find out more about Cookies, including how to see what Cookies have been set and how to manage and delete them, visit allaboutcookies.org, or aboutcookies.org.


    10. Do Not Track. Do Not Track is a privacy preference that visitors can set in their web browsers. When a visitor turns on the Do Not Track signal, the browser sends a message to websites requesting them not to track the visitor. At this time, we do not respond to web browser "do not track" settings or signals. We may deploy technologies on MiLogin to collect information about you and your browsing activity, even if you have turned on the Do Not Track signal.

    11. Protecting Your Personal Information. We implement security measures designed to maintain the security of your Personal Information. These security measures are implemented both during transmission of Personal Information and once received. The security of your Personal Information is important to us. However, no method of safeguarding information is completely secure. While we use measures designed to protect Personal Information, we cannot guarantee that our safeguards will be effective or sufficient. In addition, you should be aware that internet data transmission is not always secure, and we cannot warrant that information you transmit utilizing MiLogin is or will be secure.

    12. Transfer of Data. Your Personal Information may be transferred to--and maintained on--computers located outside of your state, province, country or other governmental jurisdiction where the data protection laws may differ from those in your jurisdiction. We will take steps reasonably designed to treat your Personal Information securely and in accordance with this Privacy Policy, as further described herein.

    13. Updates. We may update this Privacy Policy from time to time in response to changing legal, technical or business developments. When we update our Privacy Policy, we will take appropriate measures to inform you, consistent with the significance of the changes we make. We will obtain your consent to any material Privacy Policy changes if and where this is required by applicable data protection laws. You can see when this Privacy Policy was last updated by checking the "Date of Last Revision" date displayed at the top of this Privacy Policy. For users in the EEA, the UK, or Switzerland, any changes or modifications will be effective upon your express consent.

    14. Contact Us. For more information about our privacy practices, if you have questions, or if you would like to make a complaint, please contact us by telephone, e-mail or by mail using the details provided below:

    7150 HARRIS DRIVE
    DIMONDALE, MI 48821
    DTMB-CSO@MICHIGAN.GOV
    (517) 241-6606