Effective Date: November 1, 2018
“Personal Data” is any information that enables us to identify you, directly or indirectly, by reference to an identifier such as your name, identification number, location data, online identifier or one or more factors specific to your physical, physiological, genetic, mental, economic, cultural or social identity.
WHO WE ARE
For the purposes of the General Data Protection Regulation 2016/679 (the “GDPR”), the Data Controller is the Society for Personality Assessment with a registered address at 6109H, Arlington Blvd., Falls Church, VA 22044
HOW TO CONTACT US
If you have any questions or concerns about this Notice, please contact us using the Contact Us section on our Site. Alternatively, you can contact us by phone at (703) 534-4772, by sending an email to email@example.com or by mail to 6109H Arlington Blvd., Falls Church, VA 22044.
Information We Collect, How We Use It and How You Can Update/Delete it.
You control your Personal Data that you share with us. You can correct, delete, or modify this data at any time. You can also delete your account. We also provide you with the ability to restrict or withdraw consent where applicable for the use of data you have provided to us. And we provide easy ways for you to contact us to do so.
If you are a registered user of our Services, you may log into your account to access or correct the Personal Data you provided to us and associated with your account. If you have granted us consent to access and use your Personal Data, you can withdraw that consent at any time. You can request that we stop using your Personal Data for certain or all purposes, or for a certain amount of time, or that we stop sharing your personal data with third parties.
You can also permanently delete your account by contacting us directly as set forth in the How to Contact Us section above. Keep in mind that third parties to whom we have transmitted your data with your consent may still retain copies of your Personal Data even after you have deleted the information from, or deleted, your account with us. If you would like a copy of the Personal Data we have collected about you, or if you need a list of entities to whom your Personal Data has been transmitted, please contact us directly at the contact information above.
Grounds for Use of Personal Data.
We rely on the following legal bases for processing and use of your Personal Data:
- Performance of a Contract: We may collect and use your Personal Data that is necessary for us to enter into a contract with you or to fulfill a contract that you may have entered with us, or to take steps requested by you prior to entering into a contract with Us, for example, when you decide to register with us to attend certain conferences and events.
- Legitimate Interests: We may use your Personal Data as necessary for our legitimate interests consistent with the products, services, and content on personality.org or any other websites owned or operated by SPA, on our social media pages, in email, text, and other electronic messages between you and the foregoing sites, and for our promotions.
- Consent: We also may collect and share your information with your consent. To withdraw your consent, you may contact us via our contact information, which is provided to you above.
HOW WE COLLECT PERSONAL DATA
Personal Data that you give us
We may collect and process the following Personal Data:
- Contact information, which you provide when corresponding with us by phone, e-mail or otherwise. This includes information you provide when you participate in discussion boards or other social media functions on our Site and when you report a problem with our Site. The information you give us may include your name, address, e-mail address, phone number, financial information and/or credit card information.
- Membership information, about your membership including your name, contact details such as address, phone number and email address (business or personal), age, job title, affiliation year of PhD and any other information related to your membership. Membership information may be provided by you during the registration process, or by your employer on your behalf.
- Dues payment information, including financial information such as credit/debit card and account numbers used to register or renew your membership, if you provide it directly to us and not to our third party processing company.
- Purchase information, relating to purchases made by members and non-members of event registration, journals or newsletter subscriptions either in-person or via our Site. Purchase information will include financial information (if you provide it directly to us and not to our third party processing company) as well as information concerning the content and time of the purchase.
- Disciplinary information, relating to ethics/disciplinary programs in which complaints against members are adjudicated, with the result being possible suspension/expulsion from membership. This may include extensive information about a member's business or professional activities, including employment information, and similar information relating to other individuals involved in the investigation, though would usually not include financial information.
Personal data we collect from you
With regard to each of your visits to the Site we will automatically collect the following information and associate it with your account:
- Technical information, including the Internet protocol (IP) address used to connect your computer or device to the Internet, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform;
- Information about your visit, including pages you viewed or searched for, page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), methods used to browse away from the page, and any phone number used to call our customer service number; and
- Location information
We collect information that is sent to us automatically by your web browser and we may use this information to generate aggregate statistics about visitors to our Site, including, without limitation:
- IP addresses
- Browser type and plug-in details
- Device type (e.g., desktop, laptop, tablet, phone, etc.)
- Operating system
- Local time zone
We may use non-Personal Data for various business purposes such as providing customer service, fraud prevention, market research, and improving our Site. Please check your web browser if you want to learn what information your browser sends or how to change your settings.
HOW WE USE YOUR PERSONAL DATA
We will only process your Personal Data, including sharing it with third parties, where (1) you have provided your consent which can be withdrawn at any time, (2) the processing is necessary for the performance of a contract to which you are a party, (3) we are required by law, (4) processing is required to protect your vital interests or those of another person, or (5) processing is necessary for the purposes of our legitimate commercial interests, except where such interests are overridden by your rights and interests.
Personal Data that you give us
We may use Personal Data that you provide directly to us for the following purposes:
- to carry out our obligations arising from your membership, or any other contract entered into between you and us and to provide you with the information, products and membership services that you request from us;
- to organize events that you have purchased or registered for, and to provide you with information, and other materials, relating to the content of the event, the speakers, sponsors and other attendees;
- to provide our newsletter and other publications, provided you have given your consent;
- to respond to your questions and provide related membership services;
- to provide you with information about other events, products and services we offer that are similar to those that you have already purchased, provided you have not opted-out of receiving that information;
- to provide you, or permit selected third parties to provide you, with information about events, products or services we feel may interest you, provided you have given your consent;
- To fulfill the purpose for which you provide it;
- For any other purpose disclosed by us when you provide the information;
- to transfer your information as part of a merger or sale of the business;
- to notify you about changes to our membership service; and
- to ensure that content from our Site is presented most effectively for you and your computer.
Information we collect about you
We will also use Personal Data that we have collected about your use of our Site:
- to administer our Site and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;
- as part of our efforts to keep our Site safe and secure;
- to measure or understand the effectiveness of advertising we serve to you and others, and to deliver relevant advertising to you; and
- to make suggestions and recommendations to you and other users of our Site about goods or services that may interest you or them.
- to improve our Site to ensure that content is presented most effectively for you and your computer;
WHEN WE SHARE AND WHO CAN ACCESS YOUR PERSONAL DATA
We may share your Personal Data for the purposes described in this Notice with:
- a member of our group
- partners, suppliers and sub-contractors, for the performance of obligations arising from your membership, or any other contract we enter into with them or you or to provide you with the information, products and membership services that you request from us
- analytics and search engine providers that assist us in the improvement and optimization of our Site
- trusted third-party companies and individuals to help us provide, analyze, and improve the Site and our membership services (including but not limited to data storage, maintenance services, database management, web analytics and payment processing)
- in the event that we sell or buy any business or assets, in which case we will disclose your Personal Data to the prospective seller or buyer of such business or assets
- if SPA or substantially all of its assets are acquired by a third party, in which case Personal Data held by it about its customers will be one of the transferred assets.
We will only transfer your Personal Data to trusted third-parties who provide sufficient guarantees in respect of the technical and organizational security measures governing the processing to be carried out and who can demonstrate a commitment to compliance with those measures.
SELLING YOUR PERSONAL DATA
We will never sell your Personal Data to third parties without your opt-in consent.
Although we use security measures to help protect your Personal Data against loss, misuse or unauthorized disclosure, we cannot guarantee the security of information transmitted to us over the internet.
All information you provide to us is stored on secure servers.
Any payment transactions, such as your credit card details, are collected only to process a transaction and are stored in an encrypted format by our third party processing company. Please contact the third party processing company for information about your payment transactions and financial information.
TRANSFER OF PERSONAL DATA OUTSIDE OF THE EUROPEAN ECONOMIC AREA (“EEA”) AND INTERNATIONAL USERS
We are headquartered in the United States. Your Personal Data may be accessed by us or transferred to us in the United States or to our affiliates, partners, merchants, or service providers who are located worldwide. If you are visiting our Site from outside the United States, be aware that your information may be transferred to, stored, and processed in the United States where our servers are located, and our central database is operated. By using our Site and the Services, you consent to any transfer of this information.
HOW LONG WE STORE YOUR PERSONAL DATA
We will store your Personal Data, in a form which permits us to identify you, for no longer than is necessary for the purpose for which the Personal Data is processed. We may retain and use your Personal Data as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements and rights, or if it is not technically reasonably feasible to remove it. Consistent with these requirements, we will try to delete your Personal Data quickly upon request.
We will retain your information for as long as your account is active or as needed to provide you with our Site. If you wish to cancel your account or request that we no longer use your information to provide you service, contact us as set forth in the Contact Information section above. We will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements. We maintain one or more databases to store your Personal Data and may keep such information indefinitely.
WHERE WE STORE YOUR PERSONAL DATA
The Personal Data that you provide to us is generally stored on servers located in the United States. If you are located in another jurisdiction, you should be aware that once your Personal Data is submitted through our Site, it will be transferred to our servers in the United States and that the United States currently does not have uniform data protection laws in place
COOKIES ARE USED TO RECOGNIZE USERS WHEN THEY COME BACK TO OUR SITE, TO LEARN ABOUT WHICH PAGES ARE THE MOST VISITED AND TO ASSIST WITH A SINGLE SIGN-ON ACROSS SPA DIGITAL ASSETS.
Cookies are text files sent by Web servers to Web browsers and are stored on the user’s computer or mobile device. If the browser is loading a page and the server requests the Data stored in the cookie, the Data contained within the cookie is sent back to the server.
Cookies contain data about the user’s activities on a website and can be used by Web servers to identify and track Users as they navigate different pages on that website and can identify Users returning to that website.
Cookies may be either "persistent" or "session" cookies. SPA uses persistent cookies to enable our website to recognize you when you visit or return to a SPA Website. Persistent cookies will remain stored on your computer until you delete them or until it expires automatically at its expiration date. Session cookies are temporary cookies that typically expire at the end of the web browsing session on a website. SPA uses session cookies to keep track of you while you navigate SPA Digital Assets. A session cookie expires at the end of the user session, i.e. when the Web browser is closed.
Cookies contain Data that we have previously stored from prior interactions with SPA Digital Assets and may allow us to link to other Data we have about you (My SPA, previous purchases, subscriptions).
SPA Digital Assets use Data we obtain from cookies for the following purposes:
- To recognize the user’s computer when the user visits the website.
- To track some user actions only during the current website session.
- To improve the SPA Digital Assets’ usability.
- To analyze the use of the SPA Digital Assets.*
- To assist SPA with administering the SPA Digital Assets.
- To share SPA Digital Assets User Data with our third-party vendors.
When Users visit SPA Digital Assets, third-party cookies (such as Google advertising cookies) may be sent to their computers by SPA’s advertisers or service providers. Third party advertisers may use data obtained from these cookies:
- To track Users browsing across multiple websites.
- To build profiles of Users’ Web surfing.
- To target advertisements that may be of particular interest to Users.
Managing Your Cookie Settings
Most browsers allow you to control cookies through their settings preferences. However, if you limit the ability of websites to set cookies, you may limit your overall user experience, since it will no longer be personalized to you. It may also stop you from saving customized settings like login information.
LINKS TO THIRD PARTY SITES AND SERVICES
Our Sites may contain links to third party websites, applications and services not operated by us. If you choose to leave this Site via links to third party websites, including those of advertisers, we are not responsible for the privacy policies of those sites or the cookies those sites use. In addition, because we have no control over such sites and resources, you acknowledge and agree that we are not responsible for content on or the availability of such external sites or resources, and do not endorse and are not responsible or liable for any content, advertising, products, or other materials on or available from such sites or resources. You should carefully review their privacy statements and other conditions of use.
Correction and removal
If any of the information that we have about you is incorrect, or you wish to have information (including Personal Data) removed from our records, you may do so by contacting us as set forth in the How to Contact Us section above.
Additionally, if you prefer not to receive marketing messages from us, please let us know by clicking on the unsubscribe link within any marketing message that you receive or by contacting us as set forth in the How to Contact Us section above.
You have the right to ask us not to process your Personal Data for marketing purposes. We will inform you (before collecting your Personal Data) if we intend to use your Personal Data for such purposes or if we intend to disclose your information to any third party for such purposes. You can exercise your right to prevent such processing by checking certain boxes on the forms we use to collect your Personal Data. You can also exercise the right by contacting as set forth in the How to Contact Us section above.
Under European data protection and other laws, in certain circumstances, you have the right to:
- Request access to your Personal Data. You may have the right to request access to any Personal Data we hold about you as well as related information, including the purposes for processing the Personal Data, the recipients or categories of recipients with whom the Personal Data has been shared, where possible, the period for which the Personal Data will be stored, the source of the Personal Data, and the existence of any automated decision making.
- Request correction of your Personal Data. You may have the right to obtain without undue delay the rectification of any inaccurate Personal Data we hold about you.
- Request erasure of your Personal Data. You may have the right to request that Personal Data held about you is deleted.
- Object to processing of your Personal Data. You may have the right to prevent or restrict processing of your Personal Data
- Request restriction of processing your Personal Data Request transfer of your Personal Data. You may have the right to request transfer of Personal Data directly to a third party where this is technically feasible.
- Withdraw your consent. In addition, where you believe that SPA has not complied with its obligations under this Notice or European or other applicable laws, you have the right to make a complaint to an EU Data Protection Authority, such as the UK Information Commissioner’s Office, or the applicable authority.
You can exercise any of these rights by contacting us as set forth in the How to Contact Us section above
Your California Privacy Rights
California Civil Code Section 1798.83, also known as the “Shine The Light” law, permits our users who are residents of the State of California in the United States to annually request and obtain, at no charge, information about the personal information (if any) We have disclosed to third parties for direct marketing purposes in the preceding calendar year. This information would include a list of the categories of personal information that was shared and the names and addresses of all third parties with which We shared information in the immediately preceding calendar year. If you are a California resident and would like to make such a request, please submit your request to the information provided in the How to Contact Us section above.
Children under the Age of 13
The Sites and Services are not intended for children under 18 years of age, and we do not knowingly collect personal information from children under 13. If we learn we have collected or received personal information from a child under 13 without verification of parental consent, we will delete that information. If you believe we might have any information from or about a child under 13, please contact us as set forth in the the How to Contact Us section above.