Effective Date: 5-28-2018
Notice Version: 1.0
This document governs the privacy for the website www.InuitArtSociety.org
Our privacy notice tells you what personal data (PD) and non-personal data (NPD) we may collect from you, how we collect it, how we protect it, how we may share it, how you can access and change it, and how you can limit our sharing of it. Our privacy notice also explains certain legal rights that you have with respect to your personal data.
Data Controller Contact Information
Legal contact for the Inuit Art Society:
Luke E. Harriman
Much Shelist, P.C.
191 North Wacker Drive, Suite 1800
Chicago, IL 60606
Questions specifically regarding data collection, use, and removal can be directed to: info@InuitArtSociety.org
Topics covered in this privacy notice
Information We Collect
How Your Information Is Used
Managing your Personal Data
Do Not Track Settings
Links to Other Websites
Protecting Children’s Privacy
Our Security Policy
Transferring PD from the European Union
Changes to Our Privacy Notice
When using our website and submitting personal data to us, you may have certain rights under the General Data Protection Regulation (GDPR) and other laws. Depending on the legal basis for processing your personal data, you may have some or all of the following rights:
The right to be informed: You have the right to be informed about the personal data we collect from you, and how we process it.
The right of access: You have the right to get confirmation that your personal data is being processed and have the ability to access your personal data.
The right to rectification: You have the right to have your personal data corrected if it is inaccurate or incomplete.
The right to erasure (right to be forgotten): You have the right to request the removal or deletion of your personal data if there is no compelling reason for us to continue processing it.
The right to restrict processing: You have a right to ‘block’ or restrict the processing of your personal data. When your personal data is restricted, we are permitted to store your data, but not to process it further.
The right to data portability: You have the right to request and get your personal data that you provided to us and use it for your own purposes. We will provide your data to you within 30 days of your request. To request your personal data, please contact us using the information at the top of this privacy notice.
The right to object: You have the right to object to us processing your personal data for the following reasons:
- Processing was based on legitimate interests or the performance of a task in the public interest/exercise of official authority (including profiling);
- Direct marketing (including profiling); and
- Processing for purposes of scientific/historical research and statistics.
- Rights in relation to automated decision-making and profiling.
Automated individual decision-making and profiling: You will have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you.
Filing a complaint with authorities: You have the right to file a complaint with supervisory authorities if your information has not been processed in compliance with the General Data Protection Regulation. If the supervisory authorities fail to address your complaint properly, you may have the right to a judicial remedy.
For details about your rights under the law, visit https://goo.gl/F41vAV
‘Non-personal data’ (NPD) is information that is in no way personally identifiable.
‘Personal data’ (PD) means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person. PD is in many ways the same as Personally Identifiable Information (PII). However, PD is broader in scope and covers more data.
A “visitor” is someone who browses our website.
What is a cookie?
A cookie is a small piece of data or a text file that is downloaded to your computer or mobile device when you access certain websites. Cookies may contain text that can be read by the web server that delivered the cookie to you. The text contained in the cookie generally consists of a sequence of letters and numbers that uniquely identifies your computer or mobile device; it may contain other information as well.
Cookies can be “persistent” and remain for a period of time or “session” cookies that expire as soon as you leave the website.
- Session Cookies: These cookies allow websites to link the actions of a visitor during a browser session. They may be used for a variety of purposes, such as remembering what a visitor has put in their shopping cart as they browse a website. Session cookies also permit visitors to be recognized as they navigate a website so that any item or page changes they make are remembered from page to page. Session cookies expire after a browser session; thus, they are not stored long term.
- Persistent Cookies: These cookies are stored on a visitor’s device in between browser sessions, which allows the visitor’s preferences or actions across a site (or, in some cases, across different sites) to be remembered. Persistent cookies may be used for a variety of purposes, including remembering visitors’ choices and preferences when using a website or to target advertising to them.
You can learn more about cookies at AllAboutCookies: http://www.allaboutcookies.org/
Strictly necessary cookies
These cookies are necessary to authenticate visitors and prevent fraudulent use of the website. They are also required for proper functioning of the website, such as displaying content, logging in, validating your session, responding to your request for services, and other functions. We collect the IP address, country of origin, and browser user agent string from all visitors in order to secure the website and detect spam. This data is collected using tools within WordPress such as Wordfence, and Akismet Anti-Spam.
These cookies collect information about the use of the website, such as pages visited, traffic sources, visitors’ interests, content management, and other website measurements. We do not use performance cookie on our website.
These cookies can be used to deliver services, such as listening to audio or watching videos on the website.
Once you’ve accepted our cookies through the opt-in form, a cookie is used to save a record of your opt-in for one year.
These cookies can be used to improve a website’s performance and provide special features and content. They can be placed by third parties who provide services to us or by our company.
Information we collect and why we collect it
Generally, you control the amount and type of information that you provide to us when using our website.
Our legal basis for collecting and processing personal data
Our legal basis for collecting and processing your PD is based on and the necessity for the performance of a contract or to take steps to enter into a contract.
How we collect your personal data
We automatically receive information from your web browser or mobile device. This information includes the IP address of your computer/the proxy server you use to access the Internet and the country in which your address originates. It may also include your Internet service provider’s name, your web browser type, type of mobile device, and your computer operating system. We use this information to secure our website.
When entering and using our website
When you enter and use our website and agree to accept cookies, some of these cookies may contain your PD.
Our website contains links that enable visitors to communicate with us offline by email. When you contact us, we may collect some or all the following information: your email address, first name, last name, location, and any other information you willingly choose to provide to us. You should limit the information you provide to us to what is only necessary to answer your questions.
What happens if you don’t give us your personal data
If you do not provide us with enough PD, you may be unable to fully utilize the features on our website and we may be unable to provide the information you seek.
How your information is used
Communications and Emails
When you contact us via email, we will use the email address you provide. Once our communication with you is complete, your email address will be deleted.
We will not sell, rent, or trade your email address to any third party without your permission except in the sale or transfer of our business, or if our company files for bankruptcy.
Sharing information with service providers and other third parties
We do not sell or rent your PD to third parties for marketing purposes. We may provide your PD to third-party service providers we hire to provide website security, special features, and improved functionality.
Legally required releases of information
We may be legally required to disclose your PD if disclosure is (a) required by subpoena, law, or other legal process; (b) necessary to assist law enforcement officials or government enforcement agencies; (c) necessary to investigate violations of or otherwise enforce our Legal Terms; (d) necessary to protect us from legal action or claims from third parties, including you and/or other visitors; or (e) necessary to protect the legal rights, personal/real property, or personal safety of our company, visitors, employees, and affiliates.
Disclosures to successors
If our organization is sold or merges in whole or in part with another business that would become responsible for providing the website to you, we retain the right to transfer your PD to the new business. The new business would retain the right to use your PD according to the terms of this privacy notice as well as to any changes to this privacy notice as instituted by the new business.
We also retain the right to transfer your PD if our organization files for bankruptcy and some or all of our assets are sold to another individual or business.
Managing your personal data
If you have an account on this site you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
Retaining and destroying your personal data
We retain information that we collect from you (including your PD) only as long as we need it for website security or legal purposes. Your information may be retained in electronic form, paper form, or a combination of both. When your information is no longer needed, we will destroy, delete, or erase it.
Updating your personal data
You can update your PD by contacting us using the contact information at the top of this privacy notice. However, we may keep your PD as needed to enforce our agreements and to comply with any legal obligations.
Revoking your consent for using your personal data
You have the right to revoke your consent for us to use your PD at any time. Such an optout will not affect disclosures otherwise permitted by law including but not limited to: (i) disclosures to affiliates and business partners, (ii) disclosures to third-party service providers that provide certain services for our business, such as computer system and data management services, (iii) disclosures to third parties as necessary to fulfill your requests, (iv) disclosures to governmental agencies or law enforcement departments, or as otherwise required to be made under applicable law, (v) previously completed disclosures to third parties
If you want to revoke your consent for us to use your PD, send an email with your request to: info@InuitArtSociety.org
Do not track settings
Some web browsers have settings that enable you to request that our website not track your movement within our website. Our website does not obey such settings. You can turn off tracking features and other security settings in your browser by referring to your browser’s user manual.
Links to other websites
Our website may contain links to other websites. These websites are not under our control and are not subject to our privacy notice. These websites will likely have their own privacy notices. We have no responsibility for these websites and we provide links to these websites solely for your convenience. You acknowledge that your use of and access to these websites are solely at your risk. It is your responsibility to check the privacy notices of these websites to see how they treat your PD.
Protecting children’s privacy
Even though our website is not designed for use by anyone under the age of 16, we realize that a child under the age of 16 may attempt to access our website. We do not knowingly collect PD from children under the age of 16. If you are a parent or guardian and believe that your child is using our website, please contact us. Before we remove any information, we may ask for proof of identification to prevent malicious removal of account information. If we discover that a child is accessing our website, we will delete his/her information within a reasonable period of time.
You acknowledge that we do not verify the age of our users nor do we have any liability to do so.
We have built our website using industry-standard security measures and authentication tools to protect the security of your PD. We and the third parties who provide services for us, also maintain technical and physical safeguards to protect your PD. Unfortunately, we cannot guarantee against the loss or misuse of your PD or secure data transmission over the Internet because of its nature.
Transferring personal data from the European Union
PD that we collect from you may be stored, processed, and transferred between any of the countries in which we operate, specifically the United States. The European Union has not found the United States and some other countries to have an adequate level of protection of PD under Article 45 of the GDPR. Our company relies on derogations for specific situations as defined in Article 49 of the GDPR.
For European Union customers and visitors, with your consent, your PD may be transferred outside the European Union to the United States and or other countries. We will use your PD to provide the goods, services, and/or information you request from us to perform a contract with you or to satisfy a legitimate interest of our company in a manner that does not outweigh your freedoms and rights. Wherever we transfer, process or store your PD, we will take reasonable steps to protect it. We will use the information we collect from you in accordance with our privacy notice. By using our website, services, or products, you agree to the transfers of your PD described within this section.
Changes to our privacy notice
We reserve the right to change this privacy notice at any time.
If we decide to change this privacy notice, we will post those changes on our website so our visitors are always aware of what information we collect, use, and disclose. If at any time we decide to disclose or use your PD in a method different from that specified at the time it was collected, we will provide notice on the website. Otherwise we will use and disclose our visitors’ and customers’ PD in agreement with the privacy notice in effect when the information was collected. In all cases, your continued use of our website, services, and products after any change to this privacy notice will constitute your acceptance of such change.
Questions about our privacy notice
If you have any questions about our privacy notice, please contact us using the information at the top of this privacy notice.
All policies, terms, and disclaimers
Copyright © Orion Systems. This document or any portion of it may not be copied or duplicated without a license from http://www.DisclaimerTemplate.com