ESA Privacy Statement
2. What Customer Information the Company collects from you;
3. How the Company collects that Customer Information;
4. For what purpose(s) the Company collects Customer Information (in other words, how the Company uses your Customer Information and what legal grounds it has for collecting and using your Customer Information);
5. How the Company stores and secures your Customer Information;
6. How long the Company will store your Customer Information;
7. Whether and with what categories of third parties the Company will share your Customer Information;
8. What rights you have to have your Customer Information changed, deleted, or moved, or to restrict how we may share your Customer Information; and
9. How you may file a complaint against us for violating the relevant data protection laws and regulations, or our own policy;
10. Our contact information; and
b. The foregoing notwithstanding, we do not direct our Website to children under 13 years of age. No one under age 13 may provide any information to or on the Website. We do not knowingly collect personal information from children under 13. If we learn we have collected or received personal information from a child under 13 without verification of parental consent, we will delete that information. If you believe we might have any information from or about a child under 13, please contact us at firstname.lastname@example.org.
2. WHAT INFORMATION DO WE COLLECT? The Customer Information we collect includes Personally Identifiable Information: This includes your first name and surname, gender, employer or affiliate organization, website, physical address, telephone, and certain financial (credit card) information. We may also collect information about presentations you give with our organization, including abstracts and topic classifications, as well as the content of the presentation itself.
3. HOW DO WE COLLECT CUSTOMER INFORMATION? We collect this information through web-based forms or email. We collect this information only with your consent, when you voluntarily provide the information to us in order to register for membership with the Economic Science Association, to subscribe to receive journals from us, to register for conferences, or to submit presentation abstracts or presentation materials.
4. HOW DO WE USE YOUR CUSTOMER INFORMATION, AND WHAT ARE OUR GROUNDS FOR PROCESSING YOUR CUSTOMER INFORMATION?
a. We use your Personally Identifiable Information to send either physical or electronic or both versions of the ESA’s journals. Our basis for processing information for this purpose is that when you subscribe to our journals or become a member of our organization, we have a contract with you to provide these.
b. We use your Personally Identifiable Information to send you newsletters or announcements about membership renewal or upcoming association events, when you consent to us using the information in this way, and subject to your rights set forth in Section 7.
c. We use your Personally Identifiable Information to verify your eligibility to register for conferences, to be sure you are a member in good standing. Our basis for processing your information for this purpose is that we have a legitimate interest in ensuring the integrity of our conferences for our members. Our processing of your information for this purpose is subject to your rights set forth in Section 7; however, if you ask us not to use your information for this purpose, or to erase your information, you will not be eligible to attend ESA conferences.
d. We use your Personally Identifiable Information for our own internal research purposes. Specifically, at least once a year we compile ESA member statistics including member growth, gender distribution, and geo location distribution. We will use your Personally Identifiable Information for this purpose in only an aggregated, non-identifiable manner.
e. We store your Customer Information to be able to communicate with you as set forth in subsections (a) and (b) above, and to keep complete records about our members and subscribers for our legitimate internal business purposes, subject to your rights set forth in Section 7.
f. We may process your Customer Information where necessary for the establishment, exercise or defense of legal claims, whether in court proceedings or in an administrative or out-of-court procedure. The legal basis for this processing is our legitimate interests, namely the protection and assertion of our legal rights, your legal rights and the legal rights of others.
g. We may process your Customer Information where necessary for the purposes of obtaining or maintaining insurance coverage, managing risks, or obtaining professional advice. The legal basis for this processing is our legitimate interests, namely the proper protection of our business against risks.
h. In addition to the specific purposes for which we may process your personal data set out in this Section 3, we may also process your Customer Information where such processing is necessary for compliance with a legal obligation to which we are subject, or in order to protect your vital interests or the vital interests of another natural person.
5. HOW DOES THE COMPANY STORE YOUR CUSTOMER INFORMATION AND KEEP IT SECURE?
All Personally Identifiable Information provided to us through our website is transmitted through a secured HTTPS channel. All Personally Identifiable Information is stored in a database in an instance hosted on AWS (Amazon Web Services) cloud. The instance is secured from the outside world through port 80 (HTTP), 443 (HTTPS), and 22 (IP-whitelisted SSH) and the database is further secured with data encryption and by username / password authentication.
6. HOW LONG DOES THE COMPANY RETAIN YOUR CUSTOMER INFORMATION?
a. We will retain your Customer Information for as long as you are a member or a subscriber of the Company.
b. Otherwise, we retain Customer Information in order to maintain order histories and membership records for our legitimate internal business purposes, and subject to your rights as set forth in Section 7.
7. TO WHAT CATEGORIES OF THIRD PARTIES DO WE SHARE YOUR CUSTOMER INFORMATION?
a. We do not sell, rent or lease Customer Information for marketing purposes.
c. We may share your information with third parties such as our attorneys or law enforcement agencies in order to defend against legal claims or comply with legal obligations, or in order to protect your vital interests or the interests of another person. If we are notified that we must share your Customer Information in such a circumstance, we will notify you first if possible and provide you with information, if available, as to how you may object to our sharing your Customer Information.
8. WHAT ARE YOUR RIGHTS WITH RESPECT TO YOUR CUSTOMER INFORMATION THAT WE POSSESS?
By contacting us at email@example.com,
a. Request a copy of the Customer Information we have about you, including the categories of third parties with whom we have shared your Confidential Information. The first copy of this information will be provided free of charge each year. Subsequent copies will be subject to a reasonable fee for delivery and for our time in preparing the copies;
b. Request that your Customer Information be corrected or completed, or marked as expired;
c. Request that we cease processing your Customer Information in certain ways (for example, sharing your Customer Information with our Service Vendors) if you request that we mark your Customer Information as expired.
d. Request that your Customer Information be transmitted to another data controller in a reasonably acceptable format. Your Customer Information will be transmitted under this request for a reasonable fee for delivery and for our time in preparing the Customer Information for delivery in the requested format; and/or
e. Request that your Customer Information be erased.
For any requests of the nature set out in subsections 8(a) through8(d), we will comply with your request without undue delay after verifying your identity, or inform you in writing as to why we can not comply with your request and what alternatives, if any, may be available to you.
For requests of the nature set out in subsection 8(e), we will comply with your request without undue delay unless your Customer Information is still necessary for the stated purpose for which it was collected, such as that we still have contractual obligations to you, or that we have a legitimate business purpose to retain certain information for the integrity of our databases or for historical data accuracy, unless we are required to erase your Customer Information for a legal or regulatory reason. If we are unable to erase your Customer Information, we will inform you in writing as to why we can not comply with your request and what alternatives, if any, may be available to you.
You may notify us at firstname.lastname@example.org
10. OUR CONTACT INFORMATION:
Prof. Theodore L Turocy
Vice President of Information, Economic Science Association
School of Economics
University of East Anglia
Norwich Research Park
Norwich NR4 7TJ United Kingdom
Last update: Dec 1, 2018