TEGE EXEMPT ORGANIZATIONS COUNCIL PRIVACY POLICY

Last updated: February 14, 2022

The TEGE Exempt Organizations Council (the “Council”) operates https://eocouncil.org (the “Site”). The Council’s programs use the Council’s Website to provide products and services to Council members and the public. This privacy policy outlines the Council’s privacy practices with respect to information collected online via the Site. This is designed to assist you in understanding how the Council collects, uses and safeguards the personal information you provide to the Council via the Site and to assist you in making informed decisions when using the Site.

The Council uses your personal information only for products and services that it provides; improving the user experience; and improving the Site. By using the Site, you agree to the collection and use of information in accordance with this privacy policy. Your information is not available to third-party sources for marketing purposes, and the Council does not sell or otherwise provide your contact information in bulk for purposes of third- party marketing. If you do not agree to this privacy policy, do not access or use the Site.

For purposes of the General Data Protection Regulation 2018, the data controller is the Council.

What Information Does the Council Collect? You may provide the Council with two types of information: (1) personal information you knowingly choose to disclose to us through information submitted on the Site and (2) Site-use information collected as you browse and use the Site.

Personal Information Submitted by You. While using the Site, the Council may ask you to provide us with certain personally identifiable information that can be used to identify or contact you (collectively “Personal Data”). Personal Data may include, but is not limited to your name, email address, phone number, and address information. When you request forms or information or otherwise complete online forms or submit information online, the Council may collect any information you provide in such documentation or communication. Occasionally, the Council may also use the information the Council collects to notify you about important changes to the Site, new services and special offers the Council thinks you will find valuable.

The Council programs may request information related to registration for a program or event. The Council uses third-party software, Affinipay, as the payment gateway for member registration or events. Wild Apricot provides the front end to that payment gateway, and everything is encrypted. The Council does not store payment information in its system. The Council may also request your professional and education information as part of the criteria for admission into Council programs. The Council limits all information requested to the minimum required to provide its services. Access to the information that you provide is limited to the Council staff, certain members of the Council.

Log Data. Like many site operators, the Council collects information that your browser sends whenever you visit the Site ("Log Data"). This Log Data may include information such as your computer's Internet Protocol ("IP") address, browser type, browser version, the pages of the Site that you visit, the time and date of your visit, the time spent on those pages and other statistics. If you access the Site via a mobile device, the Council may also identify the type of device used, its operating system, and other configuration data. The Council does not store fine location data for browser-based or device-based interactions, but the Council may track the city or state that you are communicating from. The Council uses this information internal to the Council and the Council Chapters only, and only for purposes of measuring the success of the Council’s engagement efforts.

In addition, the Council may use third party services such as Google Analytics that collect, monitor and analyze this information for purposes of improving the Council’s webpages, customer experience, or products and services available to you.

Information that you post on the Site. The Site provides the ability to post articles, blog entries, comments and documents. These entries may be pubic, or they may be restricted to a certain group of other registered users on the sites. The Council may remove or retain the information that you post on the Site, and the Council may retain them for a reasonable period for historical or archive purposes. Information that is posted on the Site is not integrated to or sent to other third-party sites. Information that is posted on the Site is generally available to either publicly available pages, or to member-restricted pages, depending on the Site. You should assume that any information that you post on the Site is accessible and available to other people. This may be other members, or it may be publicly available.

Communications. The Council may use your Personal Data to contact you with newsletters, marketing or promotional materials and other information that the Council thinks you will find valuable.

Third Party Software. The Council utilizes third party software to provide its services. The Council uses Wild Apricot, Affinipay, DC Bar, Greater Washing Society of CPAs, and Zoom as primary service providers. The Council also uses various other commercially available tools to communicate with you and track the performance of the Council services such as Zoom, MailChimp, Google Analytics, Google Tag Manager, SurveyMonkey, Qualtrics Google Drive, Google Documents, Google Sheets, and Google Forms. Wild Apricot’s primary function is to provide association management software, allowing organizations to manage membership and events. Wild Apricot is also used to create and manage chapter and national websites. Affinipay is the payment gateway. The privacy policies for these services are provided here as a reference:

• D.C. Bar Terms and Conditions: https://www.dcbar.org/terms-conditions
• D.C. Bar Privacy Policy: https://www.dcbar.org/privacy-policy
• Affinipay privacy policy: https://affinipay.com/terms/privacy/
• Zoom privacy policy: https://zoom.us/privacy/
• Wild Apricot privacy policy: https://www.wildapricot.com/privacypolicy

Cookies. Cookies are files with small amount of data, which may include an anonymous unique identifier. Cookies are sent to your browser from a web site and stored on your computer's hard drive.

Like many sites, the Council uses "cookies" to collect information. You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of the Site.

Data Storage and Security. The security of your Personal Information is important to the Council, but remember that no method of transmission over the Internet, or method of electronic storage, is 100% secure. While the Council strives to use commercially acceptable means to protect your Personal Data, the Council cannot guarantee its absolute security. The Council uses physical, technical and administrative measures to safeguard the Personal Data that you provide. The Council will retain your Personal Data for as long as you are a member, and for a reasonable period of time after your membership is no longer in effect or for a reasonable time after you have visited the Site. If you are in the European Union, Switzerland, or other regions with laws governing data collection and use, you acknowledge that the Council may transfer, process and store your Personal Data in the United States and other countries, the privacy laws of which may be considered less strict than those of your region.

What About Other Web Sites Linked to the Site? The Council is not responsible for the practices employed by websites linked to or from its Site nor the information or content contained therein. Often links to other Web sites are provided solely as pointers to information on topics that may be useful to the users of the Site. Please remember that when you use a link to go from the Site to another Web site, this privacy policy is no longer in effect. Your browsing and interaction on any other Web site, including Web sites which have a link to the Site, is subject to that Web site's own rules and policies. Please read over those rules and policies before proceeding. If the Council becomes aware of a data breach that is likely to result in a risk for the rights and freedoms of individuals, the Council will notify you within 72 hours of first having become aware of the breach. Notwithstanding the foregoing, the Council provides the Site “as is” without any express or implied warranty of any kind, including warranties of merchantability, reliability, or fitness for a purpose.

Privacy of Minors. The Council does not knowingly collect information from anyone under the age of 18. To access or use the Site you must be 18 years of age or older and, if under 18, or the age of majority in your jurisdiction, your use of the Site must be under the supervision of a parent or guardian. If you become aware that a child has provided the Council with Personal Data without parental consent, please contact us at admin@eocouncil.org. If the Council becomes aware that a child under 18 has provided us with Personal Data without parental consent, the Council will remove such information and terminate the child’s account.

Your Rights. In accordance with applicable privacy law, you have the following rights in respect of your Personal Data that the Council holds:

Right of Access and Portability. The right to obtain access to your Personal Data along with certain information, and to receive that Personal Data in a commonly used format and to have it ported to another data controller.

Right to Rectification. The right to obtain rectification of your Personal Data without undue delay where that Personal Data is inaccurate or incomplete.

Right to Erasure. The right to obtain the erasure of your Personal Data without undue delay in certain circumstances, such as where the Personal Data is no longer necessary in relation to the purposes for which it was collected or processed.

Right to Restriction. The right to obtain the restriction of the processing undertaken by us on your Personal Data in certain circumstances, such as where the accuracy of the Personal Data is contested by you, for a period enabling us to verify the accuracy of that Personal Data.

Right to Object. The right to object, on grounds relating to your situation, to the processing of your Personal Data, and to object to processing of your Personal Data for direct marketing purposes, to the extent it is related to such direct marketing.

You have the right to request that the Council does not process your personally identifiable information for marketing purposes. You can exercise your right to prevent such processing by contacting us at admin@eocouncil.org. Please note that the Council may not include the opt-out information in e-mails that are transactional in nature and are not marketing communications.

You may exercise your rights email to review, change or correct information or email a request to review, change or correct information to: admin@eocouncil.org.

You can delete your account and all personally identifiable information associated with your account at any time by contacting us at admin@eocouncil.org.

You should receive an email confirming the deletion of your account and all personally identifiable information. Please contact us if you do not receive confirmation within 30 days of your request.

Changes in Privacy Policy. The Council will update its privacy practices periodically so you should check the Site periodically for changes. Your continued use of the Site after the Council posts any modifications to the privacy practices and policies used by the Council will constitute your acknowledgment of the modifications and your continued consent to abide by these practices and policies.

If the Council makes any material changes to its privacy policies, the Council will notify you either through the email address you have provided it, or by placing a prominent notice on the Site.

Contact Us. To report any known or suspected privacy or security breaches or if you have any questions about this or any other policies, please contact us at admin@eocouncil.org.