Privacy Policy and Notice

 


Association of Professional Genealogists

Last updated: 1 June 2024
Effective date: 1 June 2024

Association of Professional Genealogists (collectively, APG, we, us, or our) respects your privacy, and in furtherance of our commitment to protecting your personal information, we have revised this Privacy Statement. The summary provided below in Section I is for your convenience. We encourage you to review this Privacy Statement in full to understand how your data is processed.

By using our Services, you agree to these terms outlining the collection, processing, and use of your Personal Information (hereafter Terms). Should you disagree with our practices as outlined in this Privacy Statement, please refrain from accessing or using our Services or any other aspect of our business. Please read these Terms carefully as they constitute the full and entire agreement with us.

I.         INTRODUCTION

A.      This privacy policy and notice (Privacy Policy) describes how APG collects, uses, and shares your personal information when you use the Website (https://apgen.org and our other domains) (collectively the Website) and use the membership and other services provided by APG, including services provided through the Website (collectively, the Service or Services).

B.      To provide the Services, we collect information that directly or indirectly identifies, describes, relates to, or is reasonably capable of being associated with or linked to you.

II.       INFORMATION WE COLLECT AND HOW WE COLLECT IT

We collect data from you, through our interactions with you and through our Services for a variety of purposes described below, including to operate effectively and provide you with a seamless and enjoyable experience across our Website. You provide some of this data directly, such as when you create a Membership account, register for an event that we host, or contact us for support.

We may receive some of it by collecting data about your interactions, use, and experience with our Services and through communications with us.

We rely on a variety of legal reasons and permissions (sometimes called Legal Bases) to process data, including with your consent, a balancing of legitimate interests, the necessity to enter into and perform contracts, and compliance with legal obligations, for a variety of purposes described below.


Depending on how you interact with us (such as making a purchase, creating a membership, or seeking information on our Website), we collect the following types of Personal Information listed below.


A.       Personal Information that you may share with us:

i.         Name and Contact Data – This may include your name, phone number, email, and physical address.

ii.        Purchase Information – This may include your billing and shipping addresses, a phone number to help with the shipping process, and your payment card information. For clarity, we do not retain any financial information on our Website.

iii.       Credentials – This includes any usernames, passwords, and similar security information used for authentication and account access.

iv.       User-Generated Content – This may include messages and their contents, images, documents, files, or other data or content that you may choose to voluntarily post, submit, publish, transmit, upload, receive, or display on or through our Website and Services in any type of interaction for any purpose.

v.        Communications With APG – This may include support request data, information about your system, information about your membership or purchases, or any error reporting or troubleshooting data associated with you or your Membership and purchases made with us or our Website or Services.

B.       Information collected when you use our website:

i.         Location: Information about your device’s location when you access the Website.

ii.        Usage Data and Analytics: Information about your use of the Website, such as the types of content that you view or engage with, the features you use, and the actions you take, as well as your search criteria and any data gathered from cookies.

iii.      Device Information: Includes the hardware and software used to access our Website and services, as well as browser information.

C.       Information collected from Third Parties:

We also obtain data from third parties. We protect data obtained from third parties according to the practices described in this Policy, plus any additional restrictions imposed by the source of the data.

We utilize this third party in order to provide you with the Services. While the exact third-party sources may vary over time, we employ them for similar reasons and cooperate with them to offer you the most optimized version of our Services. The types of third-party providers are listed below:

i.          Feedback services 

a.       Communications services

b.       Payment processing services such that we do not have to retain any of your credit card or financial records

c.       Video and content-sharing services

d.       Event and program management services

e.       Education and awards management services

f.        Registration and video communication services

ii.        Analytic Services

a.        To prevent your data from being used by Google Analytics, you can download the Google Analytics opt-out browser add-on for Google Analytics which can be found here https://tools.google.com/dlpage/gaoptout//

D.       Information provided through feedback, surveys, suggestions, etc., without the parts that identify you is considered non-confidential and non-proprietary. We may use and share such information on an anonymous and aggregated basis with third parties.


E.        Cookies and Other Tracking Technologies

i.          Cookies are small pieces of information that are stored by your web browser software on your computer’s hard drive or temporarily in your computer’s memory, or on your mobile phone or other device when you visit a website. We or our third-party providers place and store Internet cookies on your hard drive or device. Cookies can save any of the types of information noted above. Cookies enable us to personalize your viewing experience. When you revisit the Website, we can recognize you by the cookie and customize your experience at Website accordingly. For example, we use cookies to recognize your access privileges to the Website, track Website usage and traffic patterns, identify you and keep track of your preferences, prevent fraudulent activity or improve Website security, assess the performance of the Website, add advertisements for goods or services of interest, and estimate the Website’s audience size.

ii.        Emails we send contain a bit of code known as a web beacon. This code allows us to understand the time and date when you have opened an email. If you wish to disable our web beacons, you should do so by turning images off in your email client (e.g., Outlook, Gmail). Please see your email client for more information.

iii.       Certain cookies are prescribed by the website and may not be removed where they will impact content delivery and security. If you reject certain cookies, you may not be able to use all of the Website features.

iv.       To learn how you can control information collected about you using cookies and other technologies see Choices About Your Information (Section VI).

III.     HOW WE USE INFORMATION

 

A.       We use your personal information to provide the Website and Services to you, to improve our Website and Services, and to protect our legal rights. We limit the collection of personal information to that which is relevant for these purposes and retain the information for only so long as is necessary. We will not store, access, transmit, retain or otherwise use personal information in any way that is incompatible with the purposes for which it has been collected or stored as described in this Privacy Policy without your consent.

We process your information for the following purposes as necessary to provide the Website and Services to you and perform any contract(s) with you:

i.         Facilitate your purchase: to facilitate your purchase of membership services or events.

ii.        Communicate with you: to communicate with you about the Website or Services (including the notifications that are part of our Services), to send you account updates or other communications regarding your account or to inform you of any changes to the Website or Services.

iii.      Provide Customer Support: to provide you support or other services you request. For example, we may need your information in order to provide technical support or answer questions about the Website or Services.

iv.      Post in Member Directory: to create and publicly post your information in the Member Directory unless you have chosen not to be listed in the Member Directory.

B.       We process your information for the following purposes as part of our legitimate interest in the improvement and marketing of the Services, and in administering the security of the Website and our Services. We apply appropriate safeguards to protect your information including as described in Security (Section V), in Choices about Your Information (Section VI), and in Rights of the Residents of the EEA and EU (Section VII):

i.          Communicate about new features: We send you notifications about new features or information available on our Services that we feel might be of interest to you. You can opt-out by choosing the option to Suppress Broadcast Emails in the Privacy section of your Profile.

ii.        Promotions and giveaways: We send you emails about special promotions or giveaways that we feel might be of interest to you. You can opt-out by emailing us at admin@apgen.org or clicking the Unsubscribe link in the email notifications you receive.

iii.       To maintain and improve the Website and Services: We analyze how our users interact with the Website and services in order to maintain and improve the Website and Services. We also use information that we collect to diagnose any problems with the Website and Services.

iv.       Benchmarking: We aggregate your information in order to gain insights into the Services.

IV.    HOW WE SHARE INFORMATION

We may share your information in a variety of different ways to provide our Services including sharing your information with our service providers, and among our members and chapters. We apply appropriate safeguards for this sharing of your information including as described below and in Security (Section V), in Choices about Your Information (Section VI), and in Rights of the Residents of the EEA and EU (Section VII):

A.       Among Members: When you have a membership with us we may share your information among our members and chapters including providing access to our Membership Directory, and sharing contact information with chapters to allow for the contacting of future members. To opt out of this service please select Do Not List Me in the Membership Directory in your Profile Privacy selection and contact the Executive Director at admin@apgen.org.

B.       Service Providers: We share information with service providers that help us perform Website functions and process your transactions.

C.       To Prevent Harm: We may share information if we believe it is necessary in order to detect, investigate, prevent, or take action against illegal activities, fraud, or situations involving potential threats to the rights, property, or personal safety of any person.

D.       To Protect Our Rights and As Required by Law: We will share information where we are legally required to do so, such as in response to court orders or legal process, to exercise our legal rights, to defend against legal claims or demands, or to comply with the requirements of any mandatory applicable law. We will also share information as necessary to enforce the terms of this Privacy Policy, the Membership Terms and Conditions, the Website Terms of Use, and any other terms that you have agreed to, including to protect the rights, property, or safety of APG, its users, or any other person, or the copyright-protected content of the Website and Services.

E.        With Your Consent: We will request your permission to use or share your personal information for a specific purpose that is not compatible with the purposes listed here. We will notify you and request consent before you provide the personal information or before the personal information you have already provided is shared for such purpose. With your consent, we may also share your quotes and reviews on our Services for promotional purposes. If we rely on your consent to use or share your information, your consent may be revoked at any time by contacting us at admin@apgen.org.

V.      SECURITY

The security of your personal information is important to us. We maintain reasonable physical, technical, and administrative security measures to protect and limit access to your personal information. No method of transmission over the Internet or electronic storage technology, however, is 100% secure. Therefore, while we strive to use commercially acceptable means to protect your personal information, we cannot guarantee its absolute security. To help us in keeping your information safe, please do not reuse passwords, turn on multifactor authentication whenever possible, if offered, and report any spam or phishing messages to admin@apgen.org and your email service provider. Together we can keep information safe on the web.

VI.    CHOICES ABOUT YOUR INFORMATION

A.     You can also make choices about the collection and use of your data by APG. You can control your personal data that we have obtained, and exercise your data protection rights, by contacting APG or using various tools we provide. In some cases, your ability to access or control your personal data will be limited, as required or permitted by applicable law. How you can access or control your personal data will also depend on which Services you use or purchases you make. For example, you can:

i.         Control the use of your data for personalized advertising from APG by contacting us using our notices section at the bottom of this policy;

ii.        Choose whether you wish to receive promotional emails, SMS messages, telephone calls, and postal mail from APG;

iii.      Access and request copies of your data, or request deletion of your information either through your account page or by emailing us at admin@apgen.org.

B.       You can access and control your personal data that APG has obtained with tools we provide to you, as described above, or by contacting us. For instance:

i.        If we obtained your consent to use your personal data, you can withdraw that consent at any time.

ii.       You can request access to, erasure of, and updates to your personal data.

iii.      If you’d like to port your data elsewhere, you can utilize the tools available in your Membership account portal or contact us for assistance at admin@apgen.org or by using our contact information located at the bottom of this policy.

C.       You can also object to or restrict the use of your personal data by APG. For example, you can object at any time to our use of your personal data:

i.         For direct marketing purposes.

ii.        Where we are performing a task in the public interest or pursuing our legitimate interests or those of a third party.

D.       You may have these rights under applicable laws, including the EU General Data Protection Regulation (GDPR), but we offer them regardless of your location. In some cases, your ability to access or control your personal data will be limited, as required or permitted by applicable law.

i.         Your communications preferences. You can choose whether you wish to receive promotional communications from APG by email, SMS, physical mail, and telephone. If you receive promotional emails or SMS messages from us and would like to opt-out, you can do so by following the directions in that message. You can also make choices about the receipt of promotional email, telephone calls, and postal mail by contacting us using the information from our Contact Us section at the bottom of this Policy. These choices do not apply to mandatory service communications that are required when you make a purchase on our Website, as part of our educational programs and activities, or to surveys or other informational communications that have their own unsubscribe method.

ii.        Browser-based controls. When you use a browser, you can control your personal data using certain features. For example:

a.        Cookie controls. You can control the data stored by cookies and withdraw consent to cookies by using the browser-based cookie controls described in Section II, E, Cookies and Other Tracking Technology.

b.       Browser controls for Do Not Track. Some browsers have incorporated Do Not Track (DNT) features that can send a signal to the websites you visit indicating you do not wish to be tracked. Please note that our Services do not have the capability to respond to Do Not Track signals received from web browsers.

VII.    RIGHTS OF RESIDENTS OF THE EUROPEAN ECONOMIC AREA (EEA)   INCLUDING SWITZERLAND AND THE UNITED KINGDOM

If you use the Website or Services and reside in the EEA, you are entitled by law to correct, amend, or delete personal information about you that we hold. A list of these rights is below. Please note that these rights are not absolute and certain exemptions apply. To exercise these rights please contact us at admin@apgen.org and submit a data subject access request. For your protection, we may need to verify your identity before responding to your request, such as verifying that the email address from which you send the request matches your email address that we have on file.

A. The right to access: You have the right to ask us for copies of your personal information. This right has some exemptions, which means you may not always receive all the information we process. When making a request, please provide an accurate description of the data you want access to.

  1. The right to rectification: You have the right to ask us to rectify information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.
  2. The right to erasure: You have the right to ask us to erase your personal information in certain circumstances, including (i) when your personal information is no longer necessary for the purposes for which it was collected or processed or (ii) your information must be erased to comply with a legal obligation in EU Union or Member State law.
  3. The right to restrict processing: You have the right to ask us to restrict the processing of your information in certain circumstances, including:


  1. When the accuracy of the information is brought into question or
  2. When we no longer need the information for purposes of the processing but you require such information for the establishment, exercise, or defense of a legal claim. See Choices About Your Information (Section VI) for some ways you can restrict processing.


  1. The right to object to processing: We have the right to process your information if the process is in our legitimate interests as an organization, and for you as a member. You have the right to object to processing. See Choices About Your Information (Section VI) for some ways you can object to processing.
  2. The right to data portability: This only applies to information you have given us. You have the right to ask that we transfer the information you gave us from one organization to another or give it to you.
  3. The right to lodge a complaint with the supervisory authority. A list of Supervisory Authorities is available here: https://www.edpb.europa.eu/about-edpb/about-edpb/members_en.

VIII.        CROSS BORDER TRANSFERS OF INFORMATION

Personal data collected by APG may be stored and processed in your region, in the United States, and in any other country where APG or its affiliates, subsidiaries, or service providers operate facilities. Typically, the primary storage location is in the United States. The storage location(s) are chosen to operate efficiently, to improve performance, and to create redundancies to protect the data in the event of an outage or other problem. We take steps to process the data that we collect according to this Policy’s provisions and the requirements of applicable law.

We transfer personal data from the European Economic Area, the United Kingdom, and Switzerland to other countries, some of which have not yet been determined by the European Commission to have an adequate level of data protection. For example, their laws may not guarantee you the same rights, or there may not be a privacy supervisory authority there that is capable of addressing your complaints. When we engage in such transfers, we use a variety of legal mechanisms, including contracts such as the standard contractual clauses published by the European Commission, to help protect your rights and enable these protections to travel with your data. To learn more about the European Commission’s decisions on the adequacy of the protection of personal data in the countries where APG processes personal data, see the articles on the European Commission website.

IX.     STATE PRIVACY RULES

A.       There are a number of state laws that require specific disclosures or give users specific rights with regard to their data. Some of the current relevant U.S. laws are:

i.        California Consumer Privacy Act (CCPA);

ii.       Virginia Consumer Data Protection Act (VCDPA);

iii.      Colorado Privacy Act (CPA);

iv.      Connecticut Act Concerning Personal Data Privacy and Online Monitoring (CTDPA); and

v.       Utah Consumer Privacy Act (UCPA)

vi.      Washington My Health My Data Act (MHMD)

vii.     Nevada Senate Bill 370

viii.    Minnesota Consumer Data Privacy Act

B.       This Privacy Policy was designed to help you understand how APG handles your information:

i.        We explained the categories of information APG collects and the sources of that information in Section II.

ii.       We explained the purposes for which APG collects and uses information in Section III.

iii.      We explained that APG does not sell your personal information. APG also does not share your personal information as that term is defined in the California Consumer Privacy Act (CCPA).

iv.      We also explained how APG retains information in Section IV.

C.      U.S. state privacy laws also provide the right to request information about how APG collects, uses, and discloses your information. And they give you the right to access your information, sometimes in a portable format; correct your information; and to request that APG delete that information. Many of these laws also provide the right to opt out of certain forms of profiling and targeted advertising. They also provide the right to not be discriminated against for exercising these privacy rights. Additionally, the CCPA treats certain kinds of information, like health data, as sensitive; when users provide this information, APG only uses it for purposes permitted by the CCPA, like to provide services that are requested and expected by our users.

D.     The Washington My Health My Data Act and Nevada Senate Bill 370 provide specific rights in addition to those rights above, that apply to health information. When you provide this information, APG only processes it with your consent and allows you to withdraw your consent.

E.     We describe the choices you have to manage your privacy and data across APG’s Website and Services in your Member Profile. These tools allow you to access, review, update and delete your information, as well as export and download a copy of it.

F.     If you have questions or requests related to your rights under U.S. state privacy laws, you (or your authorized agent) can also contact APG using the Contact Us information located below. If you disagree with the decision on your request, you can ask APG to reconsider it by responding to our email.

X.              CHILDREN’S PRIVACY

The Website and Services are not intended for use by children. We do not knowingly collect personal information from children under the age of 16 years. If we become aware that a child under 16 has provided us with personal information, we take steps to delete such personal information without undue delay. If you have reason to believe that a California user under the age of 18 or a child from another state under 16 has provided personal data to us through our Website or Services you may request the removal of their content or information by emailing us at admin@apgen.org.

XI.            UPDATES TO THIS NOTICE

We may update or modify this Privacy Policy from time to time. We will post the changes to this page and will indicate the date they go into effect. We encourage you to review our Privacy Policy to stay informed. If we make changes that materially affect your privacy rights, we will notify you of the changes by posting a prominent notice on the Website or using other methods that we select, such as sending you an email.

CONTACT US

Any questions or concerns about the interpretation or operation of this Privacy Policy or about what may or may not be done with regard to your information should be directed to:

Association of Professional Genealogists
PO Box 2369
Poulsbo WA 98370
USA
admin@apgen.org