PRIVACY NOTICE as of May 2018
In light of the new EU General Data Protection Regulation 2016/679 (GDPR), which will take effect on May 25, 2018, the American College of Bankruptcy and its Foundation (“ACB”) has devised this policy communication to explain how we collect and use the data we obtain about you and incidental matters.
ACB is the data controller of your data, which means that we are legally responsible for how your data is collected and used. Your privacy will be respected by us and we will protect all of your personal data that we process. All such personal data will be processed in accordance with applicable data protection laws.
ACB values individual privacy and we want to give our website visitors the opportunity to know what information we collect about them and how they can limit the use of personally identifiable information beyond the purposes for which they first provided it.
At all times, however, ACB reserves the right to disclose information where required by law or to comply with valid legal process (such as a search warrant, subpoena or court order), to protect ACB’s rights or property, including without limitation in the event of a transfer of control of ACB or substantially all of its assets, or during emergencies when safety is at risk.
The Types of Data We Collect
We collect certain personal data about you. This “personal data” is data that can be used to identify you or that we can otherwise link to you (“Data”).
We collect Data that you voluntarily provide to us, for example when you communicate with us via email or other channels, when you sign up for membership, or ask us to send you newsletters, alerts, or other materials; and when you sign up for an event. The Data we collect includes your name, postal address, e-mail address, job title and business affiliations, professional experience, birthdate (for statistical purposes only) and, in some cases, your private phone number, postal address and e-mail address.
In some cases, your personal data has been supplemented by information retrieved from other sources, including searches via publicly available search engines, sector-specific newsletters, social media or an employer’s website, for the purpose of confirming your current professional position.
How We Use the Data We Collect and Store
We use the personal data we collect for communication and information purposes, including:
To send you newsletters.
To send you invitations to events, including but not limited to conferences, seminars and social events.
To maintain and update our list of contacts and membership.
ACB collects information from its members (including names, addresses, business phone numbers, business fax numbers, and email addresses) for inclusion in a membership directory. Access to directory information is available on ACB’s website; this includes your data as listed under the ACB Leadership and Member Information pages. Members can opt-out of being listed in the online directory by contacting ACB at email@example.com.
ACB also collects information from attendees of its conferences (including names, addresses, business phone numbers, business fax numbers, and email addresses). It provides names and mailing addresses to conference attendees; in addition, attendee names are also publicly available on our website.
We do not sell, hire out or distribute in a downloadable format your Data to any third party.
We may share information in limited circumstances to ACB leadership, committee chairs, members, and other conference attendees strictly for the above-listed ACB purposes.
Our Basis for Using Your Personal Data
When processing Data for the purposes explained in this policy, the legal basis we rely on is the pursuit of our Association’s legitimate interests in maintaining business relationships and communicating with you as an existing contact about our operations and our events (for example, because we have worked together, or you have taken part in one or more of our events). We consider that those legitimate interests are in keeping with the law and respect the legal rights and freedoms of our business contacts.
Nevertheless, if you decide not to receive our emails for the purposes explained, you may unsubscribe by simply clicking on the unsubscribe link. If you choose to unsubscribe, we will cease to send you such communications and invitations as mentioned above. The Data will be processed only for the purpose of our business relationship.
Similarly, you will have the opportunity to exercise your right of unsubscribing at any time in the future when you receive future communications from us.
How We May Share the Data We Collect: International Transfers
Only the people who need to process the Data for the purposes mentioned above have access to your Data.
We may need to share your personal data with our committees/members abroad, e.g. so that certain communications and invitations from these offices can also be sent to you. We may also need to allow our suppliers and sub-suppliers access to your personal data when they perform services on our behalf, mainly to maintain and support our IT systems.
Any transfer of data outside the EU/EEA is made in line with the applicable data protection laws. Our international transfers of Data (including transfers to our international offices outside the EU/EEA) are based on the EU Commission’s standard contractual clauses.
How Long We Will Keep Your Data
Your Data will be retained for the specified purposes mentioned above only for so long as you are a business contact of ours. As mentioned, every time that we email you, you will have the opportunity to unsubscribe if you no longer wish to receive communications and invitations from us, clicking on unsubscribe link on the bottom of each email.
Your Choices and Rights
We welcome your enquiries and comments. You have the right to know what Data we process about you and you may request a copy. You are also entitled to have incorrect Data about you corrected and you may in some cases ask us to delete your Data altogether.
You can also object to certain Data about you being processed and request that processing of your Data be limited. Please note that one consequence of the limitation or deletion of your Data may mean we will be unable to provide the communications and invitations described above. In specific cases, you also have the right to receive your Data in a machine-readable format and have the Data transferred to another party responsible for data processing.
Security Measures to Keep Your Data Safe
We use appropriate administrative, technical, organizational, and physical security measures to protect our users' and visitors' information and data against accidental or unlawful destruction, loss, and alteration, and against unauthorized disclosure and access. We use standard industry practices to protect visitor and user information, including firewalls, SSL encryption, and limiting storage of financial information.
Unfortunately, no data transmission or storage can be guaranteed to be 100% secure. While we strive to protect your personal information, we cannot guarantee security of the information you transmit to us or host with us using our Services.
Data Integrity and Security
Cookies & Computer-Related Information
As is true of most websites, some information is gathered automatically and stored in log files. This information includes Internet Protocol (IP) addresses, hardware or software information including browser type and language, Internet Service Provider (ISP), referring and exiting pages, operating system and date/time stamp.
We also use your IP address, cookies, tags, click-throughs and other technologies (e.g. pixel tags, web beacons, clear gifs, etc.) to track user behavior on our Sites and to make usability improvements. Cookies are also used to maintain user session identity, and, in some non-member areas, to store your username and password locally for ease of access.
A unique number called an IP address identifies every computer on the Internet. Each time you connect to the Internet your machine is assigned an IP address. An IP address is a number that identifies each sender or receiver of information that is sent in packets across the Internet. We may use your IP address to help diagnose problems with our server and administer our web site.
“Tags” refer to scripts that are used to track a visitor’s activity on our Sites by web analytics software. A visitor’s activity is anonymous if he/she is not logged in. If she/he has logged in using their username and password, additional information is passed through these tags. Tags are used for, but not limited to, determining effectiveness of the Sites design, information architecture, and consumption of information and services provided via the Sites.
In some of our email messages distributed by ACB, specific information on recipient response in collected through “click-through URLs”. Click-through URLS are linked to content locations on the ACB website to collect specific information regarding what the user does with that email purposes of analyzing areas of interest, improving our products and enhancing the usefulness of our Sites for ACB members and other visitors. Other information collected through this tracking feature includes: email address of the user, date and time of the user’s click, a message number, user ID and a destination page. We use this data to determine interest in specific topics and measure the effectiveness of our communications. This information is not sold or distributed outside of the ACB in any other manner. If you prefer not to be tracked in this way, you should not click text or graphic links in the email messages.
ACB’s website is intended for adults. ACB does not knowingly collect personal information from children under the age of 13. If ACB obtains knowledge that it has personally identifiable information about a child under 13 in retrievable form in its files, ACB will delete that information from our existing files.