Personal Information We Collect
Website provides several opportunities for you, the user, to voluntarily provide us with your personal information in exchange for a free resource, to be added to or email or subscriber list, or to contact us. If you elect to “opt-in” and provide us with your personal information for any of these purposes, we will collect the information you provide, which may include your name, email address, phone number, and the text of any message you send us. We will also process personal information in the form of comments, images, or videos you make or share on our blogs, social media pages, or any other online forum currently available, or made available in the future. You understand that your decision to provide any information to us in this manner is voluntary, and constitutes your clear consent to allow us to collect, process, and retain it.
If you elect to fill out the “contact us” portion of our website, or provide us with any other communication data, including but not limited to that provided via email, social media messaging or posts, or text messages, we may collect information including your name, email address, phone number, the information you share with that social media platform, as well as the text of any message you send electronically. This data will be processed based on our legitimate interest in communicating with you, answer any questions or concerns you have. We may also retain your data to keep a record of the communication.
If you become a customer, we will collect additional information in order to carry out and complete the purchase and sale of the goods or services you have requested, including but not limited to your name, email address, billing address, credit card or payment information, and any other information necessary in order to complete the purchase of the product or service you elect to buy. We will collect and process this data in order to fulfill our contractual obligation to complete your order and will not retain the information any longer than necessary. We use third-party data processors to take and complete payment, and we will not retain nor have access to your payment information.
If you are on our email list due to your consent to be added, or our legitimate interest in engaging in direct marketing, we may also use your data to send you targeted social media advertisements or upload your information into our social media account to create look-a-like audiences. To ensure compliance with the CAN-SPAM Act, all emails from us will clearly state the sender of the email, as well as provide instructions on how to unsubscribe from our list or contact us with any questions or concerns.
We may also collect information through Automatic Data Collection Technology. We may use or send standard “cookies” to identify your browser from time to time. We do not include any personally identifiable information in cookies, and will not employ any other mechanisms (other than those discussed above) to capture data on our website. We may use both session cookies (which expire once you close your browser) and persistent cookies (which stay on your computer until you delete them). You can accept or decline cookies using your web browser settings. If you choose to disable cookies, some areas of the Website may not work properly or at all. Website does not respond to Do Not Track signals sent by your browser.
We may also collect data about how you use Website, your browsing actions or patterns, computer equipment, IP address, internet connection, and other similar choices you make, including via Google Analytics and Facebook Pixels, in order to obtain statistical data, improve our website and offerings, and ensure you receive information relevant to you. If we utilize this technology, we will use them in compliance with all policies of these third-party companies. We may receive personal data from third parties including Google, social media platforms, search engines, Paypal, and other third-party payment processing companies.
Lawful Grounds for Processing
In order to ensure compliance with the European Union’s General Data Protection Regulation (“GDPR”) we confirm we have lawful grounds for processing the information we collect from you. If you provide your personal information via our “contact us” page or send us any other form of electronic communication, we will process your data based upon our legitimate interest to respond to user or customer inquiries. If you elect to receive communication from us by “opting-in” and provide us with your name and email address in exchange for a free resource or training, or if you purchase from us, we will process your data for the purpose it was collected based on your affirmative consent to do so, and may periodically send you additional email marketing based upon our legitimate interest in marketing to those that have shown an interest in our products or services. We may also give you the option to be added to our email list, in order to receive our newsletter, information about our products and services, and other information we believe may be of interest to you based upon your decision to opt-in to one or more of our free resources and will obtain your consent to do so. You may withdraw consent at any time by contacting us and requesting your information be edited, updated, or deleted. We do not collect any sensitive data, nor any information regarding criminal offenses or convictions.
How and Why It’s Collected
We collect your personal information when you voluntarily, directly provide it to us to receive a free or paid resource, product, or service, or when you fill out a form or send an email to contact us, and we do so in order to provide you with the resource you have indicated you’d like to receive. We may also track your future interactions with our content, and use your personal information to keep you informed about the products and services you have elected to receive, as well as any linked or similar products or services we think you may be interested in. The information will be collected by us following your choice to manually enter it in, and click to be added to our list. No such information will be collected without your taking action to be added to our list, or in exchange for a free resource.
We may also receive data from third parties like Google Analytics, Facebook and other advertising platforms, providers of technical or payment services as needed, and other similar third parties. We do our best to only utilize third parties who have been deemed GDPR-compliant, and whom we have either completed a data processing agreement with or have reviewed and confirmed their policies regarding data processing to ensure compliance.
How We Use Your Information You Provide
You have the right to know and understand how your information is used. We will use the personally identifiable information you voluntarily give us in order to carry out the service or product you requested, including free resources, training, newsletters, periodic promotional emails, and to notify you about any changes to our policies or services. We may also use your personal information to form “look-a-like” audiences in our digital marketing campaigns, which includes uploading your information into our social media advertising campaign.
If you purchase something from us, we will use your billing address and credit card information to complete your desired purchase or purchases only, and will not store or share any such information. By providing this information to us, you understand and agree that we may use and store such information to send emails, bill credit cards in exchange for programs or products purchased, or utilize comments for marketing purposes.
If you make a purchase from us, we may also use your personal information to send necessary updates to the products or services you have purchased or to keep you informed of any necessary information relating to our products or services.
Non-Personally Identifiable Information
Additional non-identifying information that is collected may be used to provide an overview of how people are accessing and using Website; it is not used for any additional purposes, and Website does not use any such data to make automated decisions. We may also record some or all information to help create a better user experience. We may use information such as your IP address to help diagnose technical problems with servers or our website and to determine which portions of our website receive the most traffic, to understand which content is the most useful to our visitors. Your IP address will not personally identify you and may be used in such limited purposes as outlined above, in order to improve user experience.
How Information Is Stored and Shared
You have the right to know what information is stored (and not stored) and how it is processed. Your information is stored through a data management system, and it is important to us to take appropriate measures to ensure your information is kept confidential. You understand that there are limited purposes where we will share your confidential information, including with those who are providing technical support for our website, or those who are members of our team, including legal and accounting. Any parties who will have access to your information will keep such information confidential and will never share it with any unrelated parties to the best of our abilities. information provided by you will never be shared, sold, or given to any other company or person without your consent, other than what is required to complete a purchase or request you have made unless required to do so by law or any governmental requirements. We require all such third parties to treat your personal information in accordance with the law and only allow them to process your personal data for specific, necessary purposes.
Please be aware we may disclose information provided if we are required to do so by law, or if there is an honest, good-faith belief that such disclosure is necessary to protect the rights of our website or of The Photographic Historical Society of New England that any portion of our policies are being violated, to prevent or mitigate a belief that a crime may be committed, or to protect that safety or rights of our other uses. We will always take all reasonable measures to protect and safeguard your information.
By collecting and using your personal data, we are acting as a data controller, meaning we determine what information is collected, how long it is stored, and what the Personal Information will be used for. We utilize a third-party company to act as a data processor, which stores information such as names and email addresses that make up our email list. To the best of our ability, we have researched and concluded that all third-party data processors we use have advised us they are compliant with the General Data Protection Regulations as well.
Information Protection & Security
We use commercially reasonable methods to safeguard your personal data, including that which you provide to use, and that which we collect automatically, by using reasonable online security measures, and sharing your data with reputable third-party vendors that are compliant with generally accepted security and safety measures. We utilize a Secure Sockets Layer (SSL) on our website in order to assist in the secure transfer of information; however, it can never be guaranteed. Should we become aware that a data breach has occurred, we will timely notify the necessary parties with as much information as we have available.
While our team does our best to protect the information we collect and prevent any misuse, unauthorized access, or disclosure, you understand that we cannot be responsible should an unauthorized third party obtain access to our information, without our consent. Should our website be tampered with, you understand that your personal information may be accessed by these unauthorized parties. You agree that we are not responsible for any such actions, and acknowledge you will hold us harmless should your information become intercepted in this way without our knowledge, permission, or consent, which includes a release of any and all claims related to the use of such information by such an unauthorized party.
We have determined it is not required to appoint a Data Protection Officer, as our core activities do not consist of processing operations that require regular and systematic monitoring of data subjects nor do we process sensitive categories of data on a large scale.
We will retain the minimum amount of Personal Information required of yours, including name, email address, and behavior tracking, as long as you elect to remain on our mailing list, and any additional Personal Information as long as it is needed in order to fulfill the purpose for which it was initially collected, such as completing a purchase. We will also retain and use collected information as necessary in order to comply with any legal obligations, resolve any disputes, or as otherwise reasonably determined. If at any point you elect to be removed from our database, your information will be deleted, and no longer retained.
Your Rights To Control Your Information
You have the right to update, edit, or delete your information from our database. You may “unsubscribe” from our list at any time, by clicking the “unsubscribe” button at the bottom of any email we send you from our list. Should you wish to request access to information that the website has about you, correct or edit any information, or unsubscribe from our email list, and/or remove or delete your information from our database, you also have the option to do so at any time, free of charge, by reaching out to us at:
The Photographic Historical Society of New England
47 Calvary St.
Waltham, MA 02453
Right of Access, Right to Rectification Right to Restriction of Processing, Right to Data Portability
You have the right to request information about how your data is being used, request a copy of the data we have, correct or edit data you initially provided us, restrict how we process your data in certain circumstances, receive your personal data in order to use it elsewhere. Please contact us at the above email address for more information.
Right to be Forgotten
You have the right to withdraw your consent to give us your personal information by clicking the “unsubscribe” link at the bottom of any email we send to you. Once unsubscribed, we will remove you from our list, and you should not receive any further emails from us, absent a technical glitch.
Third-Party Links – Not Included Under This Policy
If we learn we have collected or received personal information from a minor under 18, we will delete this information, and/or attempt to obtain parental consent. If you have any reason to believe we may have unknowingly collected data from a minor, please let us know by getting in touch via the contact form.