Effective Date: 1 January 2019
AMERICAN CITIZENS ABROAD, INC.
PRIVACY & COOKIES NOTICE
If you choose to join ACA, you will be asked for the basic information required to establish membership: name, country of residence, email address, and voting district (the last is optional). You will be given a default login and be asked to create a password. You can change your default login name to something else if you would like. You may also need to provide an address for billing purposes.
To register as a member of ACA, we will not ask you for any sensitive information (such as, social security number, driver’s license or passport number), and we do not otherwise maintain any information about you that you have not freely provided to us.
You may revise or update your information at any time by logging into your profile via the ACA website.
If you choose at any time to make a donation to ACA, you may be identified as a donor within our database, but your financial information will not be entered or retained in this database. Your financial information will be securely archived by a trusted third-party in compliance with applicable law and regulations.
ACA will not use any information provided to us here for any purpose other than in connection with your membership in ACA and the activities of ACA. ACA will not disclose your information to third parties for any other purpose unless we first obtain your consent, except as required by applicable law or regulation. ACA may use aggregate information about its members for statistical reports, but it will not be possible to personally identify you from such reports.
Any information that you provide to the ACA membership database will be collected and maintained on a database on a secure server. You should be aware, however, that applicable laws and regulations protecting personal information in the United States may not be the same as those that apply in other jurisdictions, including the European Economic Area.
1. LEGAL BASIS FOR COLLECTING YOUR PERSONAL INFORMATION
When we collect and process personal information from you, your consent and agreement to abide by our contractual terms establish the primary legal basis for doing so:
- Other legal basis for collecting and processing your personal information include:
- Compliance with legal obligations to which ACA is subject;
- Legitimate interests of ACA, provided that such legitimate interests do not interfere with other fundamental rights and freedoms you possess.
2. INFORMATION WE COLLECT AND RECEIVE
We collect personal information about you and the devices you use to access and interact with us and our Services. We collect the following:
(a) Membership Registration Information
When you register or sign up to use our Services, we collect information about you including your name, email address, and voting district (optional). As part of any required sign in to use our Services, we will verify the information that you use to login.
We do not control the information that is sent from your browser to third parties, including social media platforms, analytics companies and advertising networks that receive information in the normal course of your online activities.
(b) Financial Information
If you pay a membership fee to ACA, you will be maintained as a member in our database for communication purposes. If you make a donation to ACA you may be identified as a donor in our database. However, your financial information will not be maintained on this database. Your financial information will be securely archived by a trusted third-party in compliance with applicable laws and regulations. ACA has authorized these third-party payment service providers to process your financial information, and only authorized officers of ACA or individuals acting under their supervision will have the ability to access this information.
In other situations, and only based on direct communication with you and with your consent, we may collect payment information, such as, credit or debit card details (including expiration dates), your name and your address, in order to verify your financial contributions, process any refunds and payments, contact you to resolve any issues, and/or deliver Services to you. We may collect this information from you and/or third-party services that have been authorized to receive financial contributions for ACA.
(c) Technical and Device Information
We collect information from your web browsing activity about the way you use our Services. We may also collect information about you from the notifications or messages you post or send online, as well as what you search for, view or engage with. Information obtained from social features used in connection with our online Services, such as forums and chat functionality, may be stored, copied or used by ACA, the public, or third-party companies.
See also our Cookies Policy.
We will collect personal information from the messages sent directly to firstname.lastname@example.org or via our website contact form or comments/reviews you post on our social forums. When you contact us, for example with a question, problem or comment, we may transmit elements of your message to third parties, such as, relevant government offices in order to assist with our advocacy work. This feedback may be maintained in databases and other electronic storage.
We will collect personal information from testimonials you send to us through our website “Share and Issue” portal. Two levels of disclosure are available for submission of testimonials:
1 - I authorize ACA to use my personal statement as submitted herein WITHOUT attribution of my name or personal contact details.
2 - I authorize ACA to use my personal statement as submitted herein WITH attribution of my name and personal contact details.
Personal Statement used in testimonials may be shared with such news and governmental organizations as ACA may deem appropriate, within the limits of the aforementioned stated privacy levels.
Testimonials may be maintained in databases and other electronic storage.
(f) Third Party Information
We may share information obtained from your use of our Services with third parties to provide you with an optimal experience, to facilitate your use of the Services and to enable you to use our Services on various platforms.
3. HOW WE USE THE INFORMATION WE COLLECT
We may use the information we collect from you in the following ways:
(a) Registration Information
(i) to create your membership account and so you can access our Members-Only Services;
(ii) to identify you when you sign-in;
(iii) to give you access to your user preferences;
(iv) to contact you for your views on our Services;
(v) to notify you of changes or updates to our Services.
Your registration information enables us to provide you with access to our Services under the agreements we have with you. It helps us to authenticate your access, to contact you for your views or to provide information important to our members, and to notify you of important changes or updates to our Services.
When we have your consent and in accordance with your stated communication preferences, we may also contact you for marketing purposes to let you know by post, email, telephone, mobile or in-app messaging about our other services or provide you with information important to our members, such as, events, news, fundraising solicitations, and overseas voting information and reminders.
If you no longer want us to use your data in this way, you can unsubscribe at any time, either by using the unsubscribe option in the communication you receive or by changing your communication settings. Please note that we will retain a record of the user information when you unsubscribe from our marketing information for the legitimate purpose of ensuring that we do not contact you further in this way, during the period of your objection.
(b) Financial Information
(i) to verify your membership payments and/or financial contribution to ACA and process payments if needed;
(ii) to reply to any queries and questions and to resolve problems;
(iii) to carry out analysis and research to develop our Services; and
(iv) to protect you, our other members and our Services by seeking to detect and prevent fraud or other acts in breach of our user agreements or policies relevant to the Services.
This information will enable us to verify your financial contributions with third-party services and to contact you in order to assist with resolving any problems with your contribution and to process any refund payments that you may be due.
We will also use and analyze information on transactions on your account for our legitimate interests by data matching or statistical analysis so that we can administer, support, improve, and develop our Services and to help us detect and prevent fraud, or other illegal activities, or acts prohibited by our terms of service or any policies applicable to such Services.
(c) Technical and Device Information
(i) to provide you with an optimal experience;
(ii) to understand how you interact with our Services;
(iii) to provide Services you request;
(iv) to measure and analyze the use and effectiveness of our Services;
(v) to understand which of your devices are using our Services;
(vi) to provide a safe and fair online environment in connection with our Services;
(vii) to operate and improve our Services; and
(ix) to fix errors.
We analyze information about how you engage with our Services to understand how our Services are used and to provide you with an optimal user experience. We use anonymous data in order to analyze and produce statistics relating to the habits, usage patterns and demographics of users as a group or as individuals. This allows us to deliver you personalized content, helps us understand the features of our Services that appeal to you and allows us to manage our communications strategy, among other things.
When you interact with or visit our websites, we may automatically collect information about you such as the type of internet browser or mobile device you use, any website from which you have come to the ACA website, and your IP address (the unique address which identifies your device on the Internet) and your operating system, which are automatically recognized by our web server.
We use internet log files to monitor traffic related to our Services, resolve technical problems and to detect and prevent fraud. We use these technologies to provide us with information, such as, when an email is opened, or to develop statistics on the effectiveness of communications with our members on or through our websites. In some cases, we use this information to send you communications based on your interests.
We also use technical and device information to operate and improve our Services, measure our effectiveness, set up and maintain accounts, identify and fix errors and to help keep online content fair and safe and to resolve related disputes.
(i) to reply to your questions or queries;
(ii) to share with relevant news organizations, government agencies and third-party vendors;
(iii) to reply to your questions or queries;
(iv) to use your feedback in our advocacy work;
(v) to resolve issues and concerns;
(vi) to record comments and information which you provide via our Websites or other forums we provide; and
(vii) to conduct analysis and research to improve and develop our Services.
We use your feedback to reply to your questions or queries, to provide customer support and resolve problems relating to any of our Services under the agreements that we have with you. We may also publish reviews that you submit to us for this purpose about the Services and may conduct analysis of feedback for the purpose of improving and developing our Services.
(i) to reply to your questions or queries;
(ii) to share with relevant news organizations, government agencies and third-party vendors in order to further our advocacy work; and
(iii) to conduct analysis and research to assist with our advocacy work.
(f) Third-party Information
(i) to facilitate sharing on social networks and
(ii) to enhance your experience when using our Services.
See also our Cookies Policy
4. WHEN WE SHARE INFORMATION
We may share the information we collect about you (subject to the necessary security, contractual and transfer safeguards) in the following instances. In delivering Services to you, we may share your personal information with:
- Authorized officers or volunteers of ACA. ACA databases are maintained, and personal information is processed, by authorized officers and volunteers at various levels of the organization.
- Third parties in order to undertake various activities or services on our behalf in supporting the Services. This includes payment processing providers facilitating credit, debit and payment card transactions, website and application support and hosting providers for online services and providers for the delivery of promotional, digital advertising or other communications, such as MailChimp®.
- We may use the information that you provide if we are under a duty to disclose or share your information in order to comply with (and/or where we believe we are under a duty to comply with) any legal obligation; or to enforce the relevant terms of service or any other agreement; or to protect our rights or the rights of third parties. This includes exchanging information with other companies and organizations such as credit agencies, law enforcement or government bodies or the courts in connection with a criminal investigation, suspected illegal activity, fraud prevention and detection, or in legal proceedings.
We do not control information which is sent from your browser to third parties, including social media platforms, analytics companies and advertising networks that receive information in the normal course of your online activities.
Personal information may be transferred to other countries where ACA or its service providers maintain operations. These countries may not have equivalent data protection laws to the country from where you access the Services or, in the case of transfers subject to European law, may not be subject to an adequacy decision by the European Commission (EC). An adequacy decision is a decision taken by the EC establishing that a third country provides a comparable level of protection of personal data to that in the EU, through its domestic law or its international commitments.
Where ACA transfers personal information it will seek to take account of any applicable legal obligations relevant to personal information transfers. In the case of transfers of personal information out of the European Economic Area, it will, in the absence of an EC adequacy decision relevant to the destination country, seek to rely on appropriate safeguards such as a valid Privacy Shield certification (in the case of a data transfer to a Privacy Shield certified US recipient - https://www.privacyshield.gov/welcome) or enter into appropriate EC approved standard contractual clauses relevant to personal data transfers between data controllers or between a data controller and a data processor, (see http://ec.europa.eu/justice/data-protection/international-transfers/transfer/index_en.htm).
5. SECURITY AND DATA RETENTION
We place great importance on protecting your information from unauthorized access and against unlawful processing, accidental loss, destruction and damage.
Where you have chosen a password that allows you to access any of our Services, you are responsible for keeping this password confidential. We advise you not to share your password with anyone. We will not be liable for any unauthorized transactions entered into using your username, personal information and/or password.
Your personal information will be retained by us for the duration of your use or access to our Services and may be retained for a period after this time as necessary and relevant to our legitimate operations, our terms with you and in accordance with applicable laws and obligations or to identify, issue or resolve legal proceedings.
We may retain a record of your stated objection to the processing of your data, including in respect of an objection to receiving communications from ACA for the sole purpose of ensuring that we can continue to respect your wishes to not contact you further, during the term of your objection.
We will take appropriate steps to seek to destroy or permanently de-identify personal information at the point this information is no longer needed by us for our business or legal purposes.
6. YOUR CHOICES AND RIGHTS
You have options and choices over how we use your personal information. You may be required to register or sign in to use or access some of our Services and may need to provide personal information to create a user profile which is associated with your use of our Services. If you wish to amend the personal information that you use to access our Services, you can do so by logging into your account at www.americansabroad.org or contacting us at email@example.com.
If you sign up to receive communications from us, you will be asked to confirm your communication preferences and given the opportunity to unsubscribe at any time.
You can contact us directly with requests to correct, erase, restrict, object to, or remove your personal information. If you do not want us to process and/or access your personal information, you may be unable to use some of our Services.
We respect the rights you may have under applicable law to request access to your personal information and where applicable, to request to receive that information in a commonly used electronic format (or ask for this information to be provided in that format to a third-party where feasible). You may also have the right under applicable law to request the correction or erasure of your personal information, to seek to object to the further processing under certain circumstances of your information or to request that the processing of specific information about you is restricted while we verify or investigate your concerns about this information.
7. CHILDREN’S INFORMATION
In principle, members of ACA are over the age of 18, however any US citizen may join ACA. As ACA does not collect age information nor do we have a children’s membership, it is impossible for ACA to know if a member is over the age of 18. The aforementioned data collection and privacy rights will apply in all events.
1. COOKIES AND SIMILAR TECHNOLOGIES WE USE
If you “opt in” to receive newsletters, updates or other information from us, our emails may use a “click-through URL” linked to content on our website. When you click one of these URLs, they pass through a separate web server before arriving at the destination page on our sites. We use this click-through data to help us understand how recipients respond to, or interact with, our emails.
2. THIRD-PARTY COOKIES AND SIMILAR TECHNOLOGIES
Third-party analytics services
Social media and video sites
If you choose to share our digital content with friends through social networks, such as Facebook and Twitter, or to watch a video posted to a third-party media site (such as YouTube), you may be sent cookies from these third-party websites. We do not control the setting of these cookies, so please check the third-party websites for more information about their cookies and how to manage them.
3. MANAGING COOKIES AND SIMILAR TECHNOLOGIES
You do not need to have cookies enabled to browse our website unless you want us to remember you and your preferences when you return. If you prefer not to allow cookies, most cookies can be managed or blocked through your browser. More information about managing cookies is available at a number of places on the Internet.
If you prefer not to be tracked in this way, please do not click text or graphic links in emails you receive from us.
Third-party analytics services
You can opt out of data collection or use by Google analytics at the following link:
Google Analytics: tools.google.com/dlpage/gaoptout (requires you to install a browser add-on)
There is no standard for how online service should respond to “Do Not Track” signals or other mechanisms that may allow you to opt out of the collection of information across networks of websites and online services. Therefore, we do not honor “Do Not Track” signals. As standards develop, we will revisit this issue and update this notice if our practices change. More information about Do Not Track is available at www.allaboutdnt.org.
SUPPLEMENTAL PRIVACY NOTICE FOR EVENTS AND EVENT PARTICIPANTS
This notice supplements our PRIVACY & COOKIES NOTICE and describes how we collect, use and share additional personal data when you participate in an ACA live, online or other event (whether as an attendee, guest or speaker), and how to access and control this additional data. Please contact us if you have any questions about this supplemental notice.
1. WHAT ADDITIONAL DATA WE COLLECT ABOUT EVENT PARTICIPANTS
When you register to participate in an ACA event, we may ask you to provide your name, email address, phone number, and emergency contact name and phone number. In addition, if you participate as a presenter, panelist or facilitator at the event, we may collect your photograph and presentation materials. We may also collect feedback and evaluations about you as a presenter, panelist or facilitator. We will indicate on the form which data is required. Please contact us if you have any questions about why certain data is required.
For some events, you may have the option to download a mobile app for participant communication and information sharing. When you download the app, the app store may require the device identifier associated with your device, but neither we nor our mobile app provider will collect any personal data through the mobile app.
Event photography and audio video recordings
We frequently take photos and record audio and/or video in public areas of our events. If so, we may make and store photographs containing your likeness and recordings of your voice and likeness. We may associate your image and the sound of your voice with your name if you are identified during the recording or identify yourself by name.
2. HOW WE USE THIS ADDITIONAL DATA
We may use this information to register you to attend the event (with your consent); send email to you to confirm your registration and provide you with updates regarding the event (with your consent); print your physical badge at the event; review and possibly share your photo, materials and other information you have authorized us to share with other event participants (with your consent and for our legitimate interests); send you reports, materials, and updates (with your consent); contact you about future events (with your consent); review and respond to feedback, comments, photos, videos, or other information you submit via registration forms or post-event surveys (for our legitimate interests); administer, safeguard and improve our event operations (for our legitimate interests).
Event Photography and Audio or Video Recordings
We may use, edit, copy, exhibit, publish, or distribute photos and audio or video recording for any purpose relating to the event itself or ACA events in general (for our legitimate interests).
3. WHEN WE SHARE THIS ADDITIONAL DATA
Event Service Providers and Partners
Unless otherwise stated on a registration site, we frequently use online registration and mobile apps in connection with our events. You may be asked to share your personal data with the third-party provider of online registration services and mobile apps or other service providers and event partners as needed to provide you with information and services associated with the event.
How You Can Access and Control This Additional Data
You may update your registration information anytime by going directly to your registration account. If you wish to access or correct other personal data, or object to our data processing, please contact us. Please note that neither changes to, or deletion of, such personal data will alter personal data already relied upon or no longer in our control.