Last Updated: May 25, 2018
2. What is Personal Data?
“Personal Data” is information that, either alone or in combination with other information, identifies you. When we combine other information (i.e., information that does not, on its own, identify you) with Personal Data about you, we treat the combined information as Personal Data.
3. How We Collect and Use Personal Data
A. Personal Data You Provide to Us
We collect Personal Data when you voluntarily provide it to us. For example, we may collect your name, address, email address, phone number, date of birth, gender, payment information, job title, dietary information, organizations you belong to, and communications you provide to us, when you complete your online profile, submit a membership application, make a purchase such as a book or conference registration, complete a survey, send an email to us through our “Contact Us” feature, make a donation, or provide information via paper forms or in-person interactions (e.g., making a purchase at an on-site conference).
We process your email and password to enable you to securely log into the Site, and we process information regarding your role with AFI to appropriately control access to certain content. We process this Personal Data only as necessary to provide you services on the Site under our and to further our legitimate interests in protecting the Site and content.
AFI uses the information provided through membership forms to process membership applications and related requests. For example, based on your organization’s agreement to become a member, AFI processes membership in other associations; information on your involvement in AFI such as offices held, committees served on, etc.; educational background; professional background; and personal and professional references. We process this information only as necessary to provide you with the benefits of membership. We also archive membership information for historical purposes.
We allow users to post or provide content via the Site, including questions, comments, blog posts, file uploads, document submission, and wiki contributions, (collectively, “User Postings”) and you may choose to contribute User Postings to our community and on the Site. Because your User Postings are associated with your profile, they may be identifiable to us and to other users. We are not responsible for any use of the Personal Data that you may include as part of your User Postings.
We allow users to create or join groups via the Site, which may be established as a private or closed group. You may choose to join a group by submitting a request, which may require you to provide Personal Data to establish your interest, educational background, professional background, or other credential-related information. Such requests, and any activity conducted by private or closed groups through the Site may be identifiable to us and to other members of the group. We are not responsible for any use of the Personal Data that you may provide to join, or contribute to, a group on our Site.
We also use the Personal Data we collect about you to carry out our obligations and enforce our rights arising from any contracts entered into between you and us, including for billing and collection.
B. Information We Automatically Collect through the Site
We collect the following types of information automatically when you use the Site:
- Log Information
When you use our Site, our servers automatically record information, including your Internet Protocol address (“IP Address”), browser type, referring URLs (e.g., the site you visited before coming to our Site), number of clicks, and how you interact with links on the Site, domain names associated with your internet service provider, pages viewed, and other such information (collectively, “Log File Information”). We may also collect similar information from emails sent to you which then help us track which emails are opened and which links are clicked by recipients. We use Log File Information collected from our implementation of the Site to further our legitimate interests in securing the Site by identifying potential threats and vulnerabilities, and in analyzing the effectiveness of our Site, and to improve the Site’s function and content.
- Cookies and Similar Technology
Most browsers provide you with the ability to block, delete, or disable cookies, and your mobile device may allow you to disable transmission of device identifiers. If you choose to reject cookies or block device identifiers, some features of the Site may not be available or some functionality may be limited or unavailable. Please review the help pages of your browser or mobile device for assistance with changing your settings.
AFI does not track Site users over time and across third party websites to provide targeted advertising. Accordingly, we do not currently respond or take any action with respect to web browser "do not track" signals or other mechanisms that provide consumers the ability to exercise choice regarding the collection of Personal Data about an individual consumer's online activities over time and across third-party web sites or online services.
C. Information We Receive From Third Parties
4. To Whom We Disclose Personal Data
- Promotion Partners. We may share Personal Data and other membership information (for example: name, title, employer, mailing address, email address, business phone number, membership status, event registration status) with Promotion Partners through our promotion program. You may review a complete list of our Promotion Partners here. Your information may be used by these other organizations for discounts, such as membership and event registrations. You are not required to purchase a membership or register for an event with these Promotion Partners to access or use our Site.
- AFI Committees, Councils, and Other Groups. By agreeing to participate on an AFI group, individuals consent for us to share their contact information with other members of the group. The members of the group agree to use such information only for limited AFI business, educational, or research purposes.
- Our Service Providers. We employ service providers to perform tasks on our behalf and to assist us in providing the Site. For example, we employ service providers who help with (i) sending emails and maintaining mailing lists such as Informz; (ii) maintaining and developing our Site such as Abila and Attendify; (iii) hosting membership data, including Netforum and Salesforce; (iv) event registration, including RegOnline, CVent, and GoToWebinar; and (v) payment processing.
- Corporate Partners. We may share our membership lists with our corporate partners and their customers, and inform a corporate partner of the membership status of those customers. This enables our corporate partners to contact their customers who are also a member of the Site for certain business purposes, such as participation in focus groups. We may also contact you on behalf of a corporate partner without sharing your contact information with the corporate partner.
- Google Analytics. We use Google Analytics products (including Urchin), to help us analyze the traffic on our Site. For more information on Google Analytics’ processing of Personal Data, please see “How Google uses data when you use our partners' sites or apps.”
- Companies Involved in Merger and Acquisition Transactions. In some cases, AFI may choose to buy or sell assets. In these types of transactions, user data (including Personal Data) is typically one of the business assets transferred. Moreover, if AFI, or substantially all of its assets, were acquired, user data would be one of the assets that is reviewed and transferred or acquired by a third party.
- Law Enforcement, Government Agencies, and Courts. We may disclose Personal Data at the request of law enforcement or government agencies or in response to subpoenas, court orders, or other legal process to establish, protect, or exercise our legal or other rights or to defend against a legal claim or as otherwise required or allowed by law, or to protect the rights, property, or safety of a Customer or any other person. We may also disclose Personal Data to investigate or prevent a violation by you of any contractual or other relationship with us or your illegal or harmful activity.
5. International Transfers of Personal Data to U.S.
We, as the owner of the Site, are based in Phoenix, Arizona in the United States of America. We provide the Site for use only by persons located in the United States. We make no claims that the Site or any of its Content is accessible or appropriate outside of the United States. Access to the Site may not be legal by certain persons or in certain countries. If you access the Site from outside the United States and/or transmit any information or data from outside the United States into the United States, you do so on your own initiative and are solely responsible for compliance with all local laws.
By providing us with Personal Data, you acknowledge and agree that Personal Data may be transferred outside of the country from which you are accessing the Site, including transferred outside the European Economic Area (“EEA”), to the United States. Each of these countries has different privacy laws that afford varying levels of protection for Personal Data, and such laws may not be as comprehensive as those that exist in the EEA.
6. Your Rights
We provide you with access to—and the ability to edit or delete—certain categories of Personal Data through the “My Account” page. Please note, your information will be displayed in our Who’s Who online directory. If you wish to have your profile removed from the directory contact us at firstname.lastname@example.org.
You may choose not to have your contact information shared with certain third parties, such as state associations, affiliates, and our partnering nonprofit organizations. You also may choose not to have your mailing information shared with our strategic partners and other private sector companies. You may change your privacy and communication preferences by going to the “Communication Preferences” area of the Site. You can access this section by navigating to “My Account” and selecting the “Communication Preferences” link in the bottom banner of your profile window.
If you would like to access, amend, erase, export (i.e., data portability), or object to or restrict the processing of Personal Data, you may submit a request to email@example.com. We will promptly review all such requests in accordance with applicable laws.
Depending on where you live, you may have a right to lodge a complaint with a supervisory authority or other regulatory agency if you believe that we have violated any of the rights concerning Personal Data about you. We encourage you to first reach out to us at firstname.lastname@example.org so we have an opportunity to address your concerns directly before you do so.
California Civil Code Section 1798.83 (the “Code”) permits our users who are California residents to request and obtain from us information about the personally identifiable information, as defined in the Code, (if any) we disclosed to third parties for direct marketing purposes in the preceding calendar year. If you are a California resident and would like to make such a request, please submit your request in writing to:AFI Attn: Compliance Manager 411 N. Central Ave. Suite 400
Phoenix, AZ 85004
7. Personal Data from Children
We do not knowingly collect Personal Data from children under the age of 16. If we learn that we have collected Personal Data from children, and if we do not have a lawful basis to process such Personal Data under applicable law, we will promptly take steps to delete such Personal Data.
8. Retention of Personal Data
9. How We Protect the Confidentiality and Integrity of Personal Data About You
We have implemented security measures to protect Personal Data from loss, misuse, and alteration. Despite these efforts to store Personal Data in a secure operating environment that is not available to the public, we cannot guarantee the security of Personal Data during its transmission or its storage on our systems. Further, while we attempt to ensure the integrity and security of Personal Data, we cannot guarantee that our security measures will prevent third parties such as so-called hackers from illegally obtaining access to Personal Data. We do not represent or warrant that Personal Data about you will be protected against, loss, misuse, or alteration by third parties.
10. Links to Third Party Websites
Our Site may contain links to third party websites. Please be aware that we are not responsible for the privacy practices of third party websites you choose to visit. If you provide any information directly to parties other than us, different rules may apply to the use or disclosure of that information. We encourage you to investigate and ask questions before disclosing your Personal Information to third parties.
11. Contacting Us
Phoenix, AZ 85004