1. Who We Are
The Viola da Gamba Society of America (“VdGSA” or “we” or “us”) is a member-based nonprofit organization dedicated to activities and resources relating to the viola da gamba, other early stringed instruments, and music for these instruments. We have members (“you” or “your”) in the United States as well as in other countries.
3. The Information We Collect About You
The type of personal information that we collect about you depends on the service or product involved. We collect only the personal information that we need to further the legitimate interests of the VdGSA. This includes but is not limited to the following:
(i) For every service we provide for you, we have your name, postal address, email address, and telephone number;
(ii) For any interaction through our website, we have information about your computer, including your browser identification string, your internet protocol address, the pages you have visited, and the dates and times of these visits. These are anonymous unless you supply your name when using the website, e.g., to become a member, or to register for Conclave;
(iii) For payments you make through our website, we have only the information that the credit card processor sends to us, which currently includes your name, type of credit card, the last four digits of your credit card number, and the expiration date;
(iv) For credit card payments you make other than through our website using our credit card processor, we have your name, type of credit card, credit card number, and expiration date. We shred the paper receipt;
(v) For payments we make to you, such as grants, honoraria, or wages, we have your social security number;
(vi) For Conclave registration, we have your dietary preferences, housing preferences, performing preferences, instruments you will be bringing, travel plans, contact information, and emergency contact information;
(vii) For inclusion in the membership directory, attendee lists at Conclave, and workshops, we have your name, postal address, email address, and telephone number.
4. Privacy of Minors.
The Children’s Online Privacy Protection Act (COPPA) protects the personal information of children under the age of 13. We do not knowingly solicit personal information from children. We collect personal information about children only with the express consent of their parents or legal guardians. When doing so, we notify the parents or guardians about the information we are requesting and how we plan to use it and ask the parent or guardian to give or deny their consent. Such consent may be revoked at any time.
5. Use of Personal Information
The VdGSA may use your personal information that include but are not limited to the following purposes:
(i) To process membership renewals; update membership records; record donations; process event registrations; pay you; process surveys; provide products or services you request; mail newsletters; contact you; and improve our website and services;
(ii) To include in our membership directory and conference attendee lists, although you may limit what information is included in our membership directory and may opt out of being included in conference attendee lists;
(iii) To publish photographs on the website and in the newsletter. You may opt out of having your likeness used by the Society on its website or in social media;
(iv) To administer our website and to analyze user intent, using anonymous or aggregate records of access to our website;
(v) To comply with our legal obligations, policies, and procedures.
6. Disclosures of Your Personal Information
We will disclose your personal information to outside parties only as follows:
(i) If you pay us by credit card other than through our website, we give the details of your credit card to our credit card processing company through an encrypted link and then shred our paper receipt;
(ii) We give general aggregate numbers to staff, board members, catering services, or others who need to know this information for operation of our services;
(iii) We will use your email address to answer your emails;
(iv) We will provide your personal information to others upon your request;
(v) We will use personal information as necessary to establish or exercise our legal rights or defend against legal action;
(vi) We will provide personal information in response to a validly issued subpoena, court order, or other legal process;
(vii) We will not collect your personal information for uses that are in violation of the law or unrelated to the uses discussed in this policy.
7. Information Security
(i) We store your information on a secure server that only VdGSA and its authorized agents can access via an encrypted and secure channel. When your information is in transit to us via our website, it is encrypted to prevent unauthorized access by third parties;
(ii) We perform periodic backups of our information, and we retain the last 60 days of backups. The backups will be used only in the event of a catastrophic loss of our database;
(iii) When paying by credit card on our website, you must provide your name, credit card number, expiration date, and security code. Only the credit card processing company has access to this information, and we do not receive or see it. The processing company notifies us of the transaction. When paying with your credit card other than through our website, we will retain your credit card information only long enough to give to the processing company;
(iv) We do not accept payments through unsecured emails.
8. Information Retention
(i) Our computer retains certain personal information, including your emails, details of workshop registrations, your purchasing record, records of donations, payments, grant applications, and certain identifying information as required by tax laws and other governmental requirements;
(ii) Our system does not automatically delete your information;
(iii) You may request that we delete all information that we store, by emailing us through our website, vdgsa.org. Doing so may limit your participation in VdGSA activities, such as Conclave, and may have other consequences. Once deleted, the information cannot be restored. Any remaining traces of your identity will be made anonymous, to the best of our ability. Certain information required for tax and other legal purposes cannot be deleted.
10. Scope of policy
Although this policy applies to all the information obtained by us for the purpose of accessing or using content controlled and owned by the VdGSA, it does not apply to third-party sites.
11. The European General Data Protection Regulation
If you are a citizen of the European Union, our responsibilities regarding your data are laid out in the EU General Data Protection Regulation (GDPR). We believe we conform to this regulation. However, if you have a complaint, you have the right to object. Our goal is always to do the right thing, but if we can’t reach an agreement you have the right to have your personal data deleted from our systems. You also have the right to examine, at no charge, the data we store related to you. If you believe that we have not complied with our obligation under the GDPR, you have the right to make a complaint to an EU Data Protection Authority.
12. Copies and correction of personal data.
You may request a copy of all data we hold about you by emailing us. You are responsible for correcting the personal information in your member profile.
13. How you can contact us.
This policy can be downloaded here.