ACGA Website Member Information Privacy Policy

 

Overview

As electronic media and particularly websites become more complex, and as hacking and malicious website attacks become more sophisticated, new regulations have been put in place to give you more control over data which you do not want others to see.  First, it is important to realize that not all your data should be shared and can be harmful if you share it with the public:  social security numbers, live credit card numbers — these can easily be abused.  Sometimes lesser information, such as phone numbers or email addresses can be misused, but you may wish them known for business purposes.  The best approach is simply not to insert any information that you do not want potentially public into a website.  But if you do and want it removed, we have procedures to allow you do to so.  Second, some data is automatically collected:  this data is not generally intrusive (such as the IP address from which you are posting to the website), but you should be aware that such data is collected and sometimes stored automatically.  This Policy is meant to make you aware of data which may be on this website, and empower you with options to remove or cloak data you do not want potentially public.

Who we are

Our website address is: https://acga.net.

What personal data we collect and why we collect it

Comments

When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.  Since there are many automated, robotic spam activities constantly roaming the Web, the website has software meant to catch non-human patterns and prevent them from posting.  This process requires examination of electronic data, but does not inspect information such as physical address, phone contact, or email.

An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.  The Gravatar service will automatically link with an “avatar” for you if you have posted one with Gravatar.  If you have not, the hash will detect you are not a Gravatar user and take no action.

Postings

If you add personal information to a comment or to a Member Forum posting, that information is available to ACGA leadership, other members, and possibly the public.  Comments and Forum postings are not normally deleted.  So if you wish a comment or posting to be deleted, please send an email request to privacy@acga.net or contact ACGA’s president or vice president.

Member Forum postings are also reproduced automatically via the “Daily Digest” emails.  This means that other members will get an email summary of your posting which could contain personal information, if you put any such information in the posting.  So please assume that any information you put into the Membership Forum, or comments to a Forum post, may be distributed via email to others.  Never post extremely sensitive information, such as social security numbers or credit card numbers, on any posting or comment.  Should that happen, contact privacy@acga.net or ACGA’s president or vice president to have the information removed from the Forum, but anything already sent out by the Daily Digest or posting announcements will not be retrievable!

Purchase Records

Purchases, including membership renewals, have transactional information stored with that purchase record.  At your request, the record can be deleted; however, this may interfere with future refund requests or the ability to renew your membership normally in the future.  Should you require the purchase record be deleted, email privacy@acga.net or contact ACGA’s president or vice president.

Membership Profile

You may add data to your Membership Profile, which asks specific questions about your address and phone number (including studio address and phone), work images, biographical information, and ACGA preferences.  If you wish to have an active Profile removed so it is no longer public information, send a request to privacy@acga.net or contact ACGA’s president or vice president to request removal.  You can also edit your Profile and delete most fields yourself, or put in generic information (i.e. “No Street” for the street address).  Escalation of requests or concerns would go to the ACGA President as listed on the Board of Directors page).

Media

If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.

Contact forms

Any contact form request made via the website generates an email request to a Board member or the webmaster.  A newsletter signup is automatically stored on the website database.  Removal and purge of your record is available upon request at privacy@acga.net or contact ACGA’s president or vice president.

Cookies

If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.

If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.

If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.

Embedded content from other websites

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracing your interaction with the embedded content if you have an account and are logged in to that website.

Analytics

Generic website performance data is collected for data analytics, such as your IP address, but this information is not personalized.  If you have any concern about data being automatically collected, email privacy@acga.net or contact ACGA’s president or vice president.

Who we share your data with

If you fill out Membership Profile information, anyone can view that information — this is helpful to promote your business and your work to the public.  User login information is stored in the WordPress database.  You may request that data be removed, but this will also delete your access to the ACGA website.

How long we retain your data

If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.

For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.

What rights you have over your data

If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.

Where we send your data

Visitor comments may be checked through an automated spam detection service.

Your contact information

Your contact information consists of your email address, phone number, physical mailing location, and any other references that you leave in your login profile, Membership Profile, posting comments, Membership Forum postings, and purchase transaction records.  Specifics are listed above.  Any requests for data removal from any website record should go to privacy@acga.net or contact ACGA’s president or vice president..  Any issues with removal of such information will be sent via return email or contact back to you.  Before deletion of data, we may ask you to go through a verification process to insure that you are the owner of the data and that your request is valid.

 

Additional information

How we protect your data

Non-public data (data which is only viewable by ACGA members or by ACGA administration) is protected by login requirements.  Valid members and administrators are required to prove their validity by signing in first.  Unauthorized access is possible should someone “hack” into a member or administrator account:  while this is rare, please do not post personal information unnecessarily anywhere in the website.  If you believe that you have added personal data which you now wish deleted, email privacy@acga.net or contact ACGA’s president or vice president.

Some data is intentionally public access, such as your Membership Profile.  This information is under your direct control:  once you log in, you can access your Profile directly and edit the contents.  Some information in the Profile has a box you can check or uncheck to control whether that piece of information will be shown to other viewers, or not shown (in which case only Administrators can see the data).  As always, if you need data removed and cannot do so yourself, email privacy@acga.net or contact ACGA’s president or vice president.

What data breach procedures we have in place

ACGA’s website is hosted with GoDaddy.  GoDaddy has automated processes which monitor and alert the webmaster of some fraudulent activities.  Member accounts are username and password protected.  Automatic site backups are taken and stored on a rolling 7 day basis, and sometimes on “snapshot” backups which last longer, so data removed from the website may remain on the GoDaddy account longer that it does on the website.  If you believe you have extremely sensitive data on the website and are concerned that it mush be removed even from site backups, please note that in your request for data removal and verify that your concern has been acknowledged.  Administrators and the webmaster may have access to data (via direct GoDaddy access) after it has been removed from the website:  this is unavoidable but can be taken offline if vital to do so.

What third parties we receive data from

Google Analytics receive generic data.  We do not take and reproduce postings or personal data you have posted elsewhere, unless that data is public knowledge (such as a public business listing or from your own website or advertisements).  Note under the heading “Postings” above that the Membership Forum and comments are susceptible to reproduction through automated emails which, once sent, cannot be retrieved — so take special care to avoid adding sensitive information, or any information that you do not wish public, to any Post or Comment via the website.

What automated decision making and/or profiling we do with user data

Google Analytics uses generic data to make decisions about what portions of the website are garnering more attention.  This data is normally not particularly sensitive.  Please do not access the website if you believe that such data could be compromising to you.  Website administrators can review any data you post on the website, but the intent is to better serve ACGA membership and the effectiveness of the ACGA website.

Industry regulatory disclosure requirements

ACGA is an association of artists and does not itself engage in industry.  Sales of member work is voluntary and does not involve ACGA in the manufacture of artwork sold.  There should be no applicable industry regulatory disclosure requirement involved with ACGA, but if you are aware of any, please alert the president or vice president of the details.

Final Comments

ACGA intends to serve its members.  Information collected is intended to assist your business and improve your membership experience.  It is never our intend to commercialize your data or use your data for its own gain without your permission.  If you believe that has happened or wish to take steps to prevent specific data from going beyond the bounds that you set, please email privacy@acga.net or contact a Board of Directors member and we will take all feasible steps to shut that down.  Please allow reasonable response time (a few days), and then escalate if you do not receive a response.  The full Board of Directors listing is available under the “About Us” Main Menu drop-down option.