National Law School Veterans Clinic Consortium
Data Controller – Data Controller means the natural or legal person who (either alone or jointly or in common with other persons) determines the purposes for which, and the manner in which any personal information id, or is to be, processed.
It is important that the information we hold about you is accurate and up to date. Please let us know if at any time your personal information changes or if you want to change your consent. You can do this by emailing us using the details set out below.
Data Processors (or Service Providers) – Data Processor (or Service Provider) means any natural or legal person who processes the data on behalf of the Data Controller.
Data Subject (or User) – Data Subject is any living individual who is using our Service and is the subject of Personal Data.
What personal information do we collect from the people that visit our blog, website or app?
When ordering or registering on our site you may be asked to enter your name, email address or other details to help you with your experience.
What sensitive data do we collect from the people that visit our blog, website or app?
Sensitive data refers to details about your religious beliefs or political opinions, your race or ethnicity, your sex life or sexual orientation, genetic or biometric data, information about your health, or information about any trade union memberships.
We do not collect any Sensitive Data about you.
What is our legal basis for processing personal data under general data protection regulation (GDPR)
We collect information from you when you subscribe to a newsletter, fill out a form or enter information on our site. In this case you have given us permission to do it.
We might also collect communication data that you send us through email, text, social media messaging, social media posting, or any other communications you send us. We process this data to communicate with you. We have lawful grounds for processing this information as it is within an allowable legitimate interest, which in this case applies to replying to communications sent to us, to keep records, and to establish, pursue or defend legal claims.
Customer data we collect can include data given as part of a purchase of products or services. This data might include your name, billing address, delivery address, email address, phone number, credit card details, and the details of your purchase. This information is allowable as our lawful ground for the fulfillment of a contract between us and you, and/or to take steps to enter into a contract which you have requested.
We might use analytics tracking systems to collect technical data that includes your IP address, details about your browser, length of time spent on our website, pages viewed, and the number of times you visited our website. We process this data to analyze your use of our website and online services, and to deliver relevant content to you. We have lawful grounds for processing this data as it applies to our legitimate interests, which in this case are to enable us to maintain the website in an efficient manner.
How do we use your information?
We may use the information we collect from you when you register, make a purchase, sign up for our newsletter, respond to a survey or marketing communication, surf the website, or to send periodic emails regarding your order or other products and services.
How do we protect your information under general data protection regulation (GDPR)
If you are a resident of the European Economic Area (EEA), you have certain data protection rights. It is our goal to take reasonable steps to allow you to correct, amend, delete, or limit the use of your Personal Data.
In addition, we use regular malware scanning to help keep the website safe from hackers who might try to obtain data.
For any credit card transactions, we use an external PCI compliant payment gateway. All transactions are processed through this gateway provider and are not stored or processed on our servers.
Your personal information is contained behind secured networks and is only accessible by a limited number of persons who have special access rights to such systems, and are required to keep the information confidential. In addition, all sensitive/credit information you supply is encrypted via Secure Socket Layer (SSL) technology.
To maintain the safety of your personal information, we implement a variety of security measures when a user places an order, enters, submits, or accesses their information.
How long to we keep your data?
Do we use ‘cookies’?
When you visit our website, we may send one or more cookies – a small text file containing a string of alphanumeric characters – to your computer that uniquely identifies your browser and lets our Company help you log in faster and enhance your navigation through the site. A cookie may also convey anonymous information about how you browse the website to us. A cookie does not collect personal information about you. A persistent cookie remains on your hard drive after you close your browser. Persistent cookies may be used by your browser on subsequent visits to the site. Persistent cookies can be removed by following your web browser’s directions. A session cookie is temporary and disappears after you close your browser.
You can have your computer warn you each time a cookie is being sent, or you can choose to turn off all cookies. You do this through your browser settings. Since each browser is a little different, look at your browser’s Help Menu to learn the correct way to modify your cookies. Some features of the website may not function properly if the ability to accept cookies is disabled.
Do we use third-party service providers?
We might share your personal data with companies who provide services to us. This includes web hosting companies and companies who process emails and marketing information for us. In these cases we work only with companies who have been certified to the EU-U.S. Privacy Shield Framework and Swiss-U.S. Privacy Shield Framework, so your personal data can be transferred outside of the EEA.
We might also share personal data with parties who assist us in operating our website or serving our users.
We only allow such third parties to process your personal data for specified purposes and in accordance with our instructions. In addition, all third parties who might process your data are required to respect the security of your personal data and to treat it in accordance with the law.
We may also release information when it’s release is appropriate to comply with the law, enforce our site policies, or protect ours or others’ rights, property or safety.
However, non-personally identifiable visitor information may be provided to other parties for marketing, advertising, or other uses.
Do we use third-party links?
What about Google?
Google’s advertising requirements can be reviewed through Google’s Advertising Principles. They are put in place to provide a positive experience for users.
We have not enabled Google AdSense on our site but we may do so in the future.
Are we in compliance with the California Online Privacy Protection Act?
According to CalOPPA, we agree to the following:
Users can visit our site anonymously.
You can change your personal information by emailing us.
Do we comply with COPPA (Children Online Privacy Protection Act)
When it comes to the collection of personal information from children under the age of 13 years old, the Children’s Online Privacy Protection Act (COPPA) puts parents in control. The Federal Trade Commission, United States’ consumer protection agency, enforces the COPPA Rule, which spells out what operators of websites and online services must do to protect children’s privacy and safety online.
We do not specifically market to children under the age of 13 years old.
What is our Fair Information Practice?
The Fair Information Practices Principles form the backbone of privacy law in the United States and the concepts they include have played a significant role in the development of data protection laws around the globe. To be in line with Fair Information Practices we will notify you via email within 72 hours, as feasible, should a data breach occur.
We also agree to the Individual Redress Principle which requires that individuals have the right to legally pursue enforceable rights against data collectors and processors who fail to adhere to the law. This principle requires not only that individuals have enforceable rights against data users, but also that individuals have recourse to courts or government agencies to investigate and/or prosecute non-compliance by data processors.
Do we comply with the CAN SPAM Act?
The CAN-SPAM Act is a law that sets the rules for commercial email, establishes specific requirements for commercial messages, gives recipients the right to have emails stopped from being sent to them, and spells out tough penalties for violations.
In compliance with this act, we collect your email address in order to:
Send information, respond to inquiries, and/or other requests or questions.
Process orders and to send information and updates pertaining to orders.
Send you additional information related to your product and/or service
Market to our mailing list or continue to send emails to our clients after the original transaction has occurred.
To be in accordance with CANSPAM, we agree to the following:
Avoid use of false or misleading subjects or email addresses.
Identify the message as an advertisement in some reasonable way.
Include the physical address of our business or site headquarters.
Monitor third-party email marketing services for compliance, if one is used.
Honor opt-out/unsubscribe requests quickly.
Allow users to unsubscribe by using the link at the bottom of each email.
Data protection laws give you the right to request erasure, to object to processing or to withdraw consent. If at any time you would like to unsubscribe from receiving future emails, you can follow the instructions at the bottom of each email and we will promptly remove you from all correspondence. There is no fee for us to do this for you.
National Law School Veterans Clinic Consortium
Country: United States
Last Edited on May 23, 2018