This Privacy Notice is to help you understand the types of personal data [ASSOCIATION] may collect about you when you interact with us and the ways in which we use this information.
Who are we?
What types of lawful basis may we rely on to collect and use your personal data?
The laws on data protection set out different reasons for which an organization may collect and process your personal data. We rely on the following:
In specific situations, we can process your data with your consent. For example, if you select to receive marketing emails from us.
We have the right to process your personal data if it is necessary to fulfil a contract we have with you, such as your membership in our organization.
We may use your data to pursue our legitimate business interests, or the legitimate interests of a third party in a way which might reasonably be expected as part of running our business and is not overridden by your rights. For example, when you visit our website, we may collect information about your browser or operating system in order to improve our site to ensure that content is presented most effectively for you and your computer.
If there is legal obligation, we may need to collect and process your personal data. For example, we may be required to pass along the details of people involved in criminal activity affecting our organization.
What type of personal data do we collect and why do we collect it?
“Personal Data” is any information that enables you to be identified, directly or indirectly, by reference to an identifier such as your name, identification number, location data, online identifier or one or more factors specific to your physical, physiological, genetic, mental, economic, cultural or social identity. We only collect the following information:
Personal data you give us
We may collect and process the following personal data:
• Contact information
• Membership information • Dues payment information
• Purchase information
• Certification information
Personal data we collect from you
With regard to each of your visits to the [ASSOCIATION] website we will automatically collect the following information:
• Technical information
• Information about your visit
• Location information
Personal data we collect from others
If you send or receive emails through our list serve or email marketing service, we may collect the following information:
• Information about when you open an email or click a link
• Your IP address
• Browser or email client type
We collect information that is sent to us automatically by your web browser and we may use this information to generate aggregate statistics about visitors to our site, including, without limitation:
• IP addresses
• Browser type and plug-in details
• Device type (e.g., desktop, laptop, tablet, phone, etc.) • Operating system
• Local time zone
(Please check your web browser if you want to learn what information your browser sends or how to change your settings.)
How do we use your personal data?
We will only process your personal data, including sharing it with third parties, where (1) you have provided your consent which can be withdrawn at any time, (2) the processing is necessary for the performance of a contract to which you are a party, (3) we are required by law, (4) processing is required to protect your vital interests or those of another person, or (5) processing is necessary for the purposes of our legitimate commercial interests, except where such interests are overridden by your rights and interests.
We may use personal data for the following purposes:
Personal data you give to us
We will use this personal data:
• to carry out our obligations arising from your membership, or any other contract entered into between you and us and to provide you with the information, products and membership services that you request from us
• to organize events that you have purchased or registered for, and to provide you with information, and other materials, relating to the content of the event, the speakers, sponsors and other attendees
• to provide our newsletter and publication, provided you have given your consent
• to respond to your questions and provide related membership services
• to provide you with information about other events, products and services we offer that are similar to those that you have already purchased, provided you have not opted-out of receiving that information
• to provide you, or permit selected third parties to provide you, with information about events, products or services we feel may interest you, provided you have given your consent
• to transfer your information as part of a merger or sale of the business
• to notify you about changes to our membership service
• to ensure that content from our site is presented most effectively for you and your computer
Information we collect about you
We will use this personal data:
• to administer our site and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes
• to improve our site to ensure that content is presented most effectively for you and your computer
• as part of our efforts to keep our site safe and secure
• to measure or understand the effectiveness of advertising we serve to you and others, and to deliver relevant advertising to you
• to make suggestions and recommendations to you and other users of our site about goods or services that may interest you or them.
Personal data we receive from other sources
We will combine this information with information you give to us and information we collect about you. We will use this information and the combined personal data for the purposes set out above (depending on the types of information we receive).
You have choices when it comes to the technology you use and the data you share. When we ask you to provide personal data, you can decline. [ASSOCIATION] requires some personal data to provide you with various services. If you choose not to provide data necessary to provide you with a service or feature, we cannot provide that service or feature. Likewise, where we need to collect personal data by law or to enter into or carry out a contract with you, and you do not provide the data, we will not be able to enter into the contract; or if this relates to an existing service we are providing, we may have to suspend or cancel it. We will notify you if this is the case at the time. Where providing the data is optional, and you choose not to share personal data, features like personalization that use such data will not work for you.
Do we share personal data?
We may share your personal data for the purposes described in this Privacy Notice with:
• members of our organization
• partners, suppliers and sub-contractors
• analytics and search engine providers that assist us in the improvement and optimization of our site
• trusted third-party companies and individuals
• in the event that we sell or buy any business or assets, in which case we will disclose your personal data to the prospective seller or buyer of such business or assets
We will only transfer your personal data to trusted third-parties who provide sufficient guarantees in respect of the technical and organizational security measures governing the processing to be carried out and who can demonstrate a commitment to compliance with those measures.
[WHEN AN ORGANIZATION MAY SELL ACCESS TO PERSONAL DATA] We will never sell your personal data to third parties with whom you do not have an existing relationship. We may sell access to your information (including personal data) to our strategic business partners with whom you have an existing relationship in order for our partners to better target their products and services to you. Our partners will not have direct access to your personal data but rather will have the ability to communicate with you through your participation with our site.
[WHEN AN ORGANIZATION WILL NEVER SELL ACCESS TO PERSONAL DATA] We will not sell your personal data to third parties for their use without your consent.
What are your rights regarding the processing of your personal data?
Correction and removal
If any of the information that we have about you is incorrect, or you wish to have information (including personal data) removed from our records, please contact us at [ADDRESS] or through our website.
Additionally, if you prefer not to receive marketing messages from us, please let us know by clicking on the unsubscribe link within any marketing message that you receive, or by sending a message to us through our website.
You have the right to ask us not to process your personal data for marketing purposes. We will usually inform you (before collecting your personal data) if we intend to use your personal data for such purposes or if we intend to disclose your information to any third party for such purposes. You can exercise your right to prevent such processing by checking certain boxes on
the forms we use to collect your personal data. You can also exercise the right by contacting us using the Contact Us section on our site.
Under European data protection law, in certain circumstances, you have the right to: • Request access to your personal data
• Request correction of your personal data
• Request erasure of your personal data
• Object to processing of your personal data
• Request restriction of processing your Personal Data Request • Transfer of your personal data
How do we handle children's privacy?
Our site is not directed to children under the age of 13, if you are not 13 years or older, do not use our site. We do not knowingly collect personal data from children under the age of 13. If we learn that personal data of persons less than 13 years-of-age has been collected through our site, we will take the appropriate steps to delete this information.
Our website and forum posts by members may contain links to other websites. However, once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide when visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question.
How do we handle any personal data in posts on our member forum?
Due to the real-time nature of the forum, it is impossible for [ASSOCIATION] staff to review messages or confirm the validity of information posted. If you provide personal information in a post, that personal information will be publicly posted (to members) and otherwise disclosed without limitation as to its use by us. You control your posts, and can edit and delete the posts you make in an open thread at any time. If the thread is locked, you will need to report your own post and ask admin to delete it for you.
How do we store and secure data?
The personal data that you provide to us is generally stored on servers located in the United States. If you are located in another jurisdiction, you should be aware that once your personal data is submitted through our site, it will be transferred to our servers in the United States and that the United States currently does not have uniform data protection laws in place.
All information you provide to us is stored on our secure servers. Any payment transactions will be encrypted using SSL technology.
How long do we store data?
We will store your personal data, in a form which permits us to identify you, for no longer than is necessary for the purpose for which the personal data was provided. We may retain and use
your personal data as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements and rights, or if it is not technically reasonably feasible to remove it. Consistent with these requirements, we will try to delete your personal data quickly upon request.
A web beacon is a small graphic image that is placed on a Web site or in an email, allowing the email sender or site owner to check that a visitor has accessed content. Common uses are tracking email engagement and page tagging for web analytics.
Our websites and communications may include web beacons, cookies, or similar technologies from third-party service providers.
Contacting the Regulator
If you believe that [ASSOCIATION] has not complied with its obligations under this Privacy Notice or European law, you have the right to make a complaint to an EU Data Protection Authority, such as the UK Information Commissioner’s Office. You can exercise any of these rights by contacting us using the Contact Us section on our site.
Updates to this Policy
Each time you use our site, the current version of the Privacy Notice will apply. Accordingly, whenever you use our site, you should check the date of this Privacy Notice (which appears at the top) and review any changes since the last version. This Privacy Notice is applicable to all site visitors, members, and all other users of our site.