Date Updated: 2/11/2019
NERCOMP is committed to informing its membership and the general public about services, and professional learning opportunities to advance higher education through information technology. We are committed to maintaining your trust by protecting your personal data and, to the extent possible, ensuring that your personal data is secure.
This Privacy Notice explains how we collect, use, share, and protect personal data. It also describes the choices available to you regarding the use of your personal data. Please read this Privacy Notice carefully to understand our policies. If you do not agree with the data practices described in this Privacy Notice, we advise you not to use our website or services. Note: NERCOMP’s website and services are not intended for use by or designed for children under 13, and we do not knowingly or intentionally collect information about children under 13.
We recognize that information privacy is an ongoing responsibility and therefore will update this Privacy Notice from time to time as we undertake new personal data practices or adopt new privacy policies. We reserve the right to amend the Privacy Notice at any time, for any reason, without notice to you, other than the posting of the amended Privacy Notice at this site. We may email periodic reminders of our notices and will email members and all active records in our database of material changes, but you should check our website frequently to see the current Privacy Notice that is in effect. To help us communicate with you, you are responsible for ensuring we have an up-to-date, active, and deliverable email address for you.
What is personal data?
NERCOMP acknowledges that there are many potential definitions of “personal data.” Our definition of personal data is any information about an identified or identifiable person, which can include direct identifiers, such as name, address, email address, as well as indirect identifiers such as location data or IP address. This list of data elements is not exhaustive, and we consider the definition of personal data in the broadest possible context.
NERCOMP collects and uses information that, alone or in combination with other information, could be used to identify you (“personal data”) in order to deliver our programs and services and inform you of various resources related to higher education IT, as described in “How We Collect and Use (Process) Data” below. This data is collected in various online forms and throughout our business relationship.
How We Collect and Use (Process) Data
We collect and use personal data to ensure we provide you with information about services, community collaboration, and professional learning opportunities that advance higher education through information technology. The information we hold enables us to engage in basic communication with you, helps us to enhance your experiences on our website, and allows us to improve our programs and services and the efficacy of our communications with you. NERCOMP and its service providers collect and use the following types of information.
Personal information you provide to us in your profile and other engagements
- When you become a member or engage with NERCOMP by creating a profile, we collect personal data about you, including (but not limited to) your name, title, employer’s name, work address, email address, phone number, and demographics such as professional interests. You may edit your profile at any time to change or remove personal data, or you may choose to delete your profile.
- We process your personal data for member and nonmember administration, to deliver member benefits to you, and to inform you of NERCOMP-related events, content, and other benefits or opportunities related to higher education IT. We may also use this information to help us understand our members’ needs and interests to better tailor our programs and services.
- We may use your information to personalize your experience through recommendations on our website or in email, apps, or other service platforms to provide you with more relevant information.
- We may use your information to reply to communications you send us.
- We may use your basic personal data from your profile to automatically fill out transactional forms with your personal data to save you time and effort.
- We use your information to communicate essential information about transactions, such as an electronic receipt for annual dues, events, or vendor applications. We may inform you about NERCOMP events, programs, and services of potential interest, unless you have opted out of such communications (see “Communication” below).
- We retain information about your transactional history and engagements, such as participation in events, webinars, volunteering, presenting at conferences, and publication downloads to understand program and service use.
- If your employer is a NERCOMP member organization, the primary representative for your organization may sign you up as a member representative by providing your name, title, and email address to receive information and access to NERCOMP benefits. You may opt out of these communications and benefits at any time by unsubscribing from email and/or contacting us to remove your profile.
- If you volunteer for a working group or committee, your name, title, and organization name may be placed on the committee’s web page and materials produced by the group. You may request to be excluded from these listings.
- If you voluntarily participate in a NERCOMP survey, interview, or focus group to research a matter related to higher education IT or to gauge your satisfaction with NERCOMP services, the information you provide is used in aggregate, unless otherwise noted, when producing research findings and reports, and to inform improvements to our programs and services.
Publications and resource use
- NERCOMP produces various publications, reports, and educational materials, which are linked on our website. Much of our content is open access, however, some material requires membership or a profile login for access. We use Google Analytics and login information to track how often people gain access to or read our content. This information is used in aggregate to help us understand what content is most useful for our members.
Online community participation
- NERCOMP offers Communities of Practice (COP’s) —member-led, online discussion communities formed around shared interests—for collaboration and networking purposes. These groups are open to the public; your name and email address are used for subscription purposes.
In-person events and web conferences
- NERCOMP hosts many professional learning events throughout the year. These include in-person conferences like the NERCOMP Annual Conference, as well as live online trainings (collectively referred to as “events”). If you register for one of our events, a web profile is required (regardless of your membership status), and we will access this data to provide you with information and services associated with the event. In addition, during the registration process, we collect voluntarily shared personal data regarding accessibility and dietary requests.
- If you are a presenter at one of our events, we will collect information about you including your name, employer, and contact information. We may also collect information provided by event attendees who evaluated your presentation. In certain instances and with your approval, we will make and store a recording of your voice and likeness.
- If you organize a workshop and receive compensation greater than $600 in a calendar year, you will be asked to complete a W-9 for tax purposes.
- If you submit a proposal to present at a NERCOMP event, we will collect information about you and your co-presenters (if relevant) including name, employer, contact information, proposed abstract, and other information associated with your proposed session.
- If you evaluate proposals for a NERCOMP event, we will collect information about you including your name, employer, contact information, and your evaluations of the assigned proposals.
- If you are a participant at particular events of ours (e.g., webinar or preconference workshop) we may share basic registration information, including your name, title, and institution name, with the designated presenter(s) for the purpose of planning for the event and tailoring the presentation to the group.
- We keep a record of your participation in NERCOMP events as an attendee or presenter, which may be used to provide you with information about other relevant NERCOMP products and services, or to help us better understand your interests and tailor our offerings to meet your needs.
- As a participant, to facilitate networking with colleagues, we include your name, title, and organization in the event registration list, s. This list is only accessible by registered participants.
- Some of our events are sponsored. We may share your name and postal mail address with corporate participants at NERCOMP conferences you have registered to attend, unless you have opted out of corporate participant communications in the registration process.
Visiting the NERCOMP website and automatically collected data
- As is common practice on most websites, NERCOMP collects certain informationautomatically on our website and stores it in log files. As you interact on our website, we may collect information about your computer or device and visits to our website (“automatically collected data”) through cookies, Internet Protocol (IP) address tracking/URL tracking, and other tools (collectively referred to as “tracking technologies”). The types of automatically collected data on our website through the use of these and other tools include: the search terms you use, new or returning user information, browser information, computer or device type, operating system, internet service provider, website usage, referring/exit pages, platform type, date/time stamp, number of clicks, and ads viewed. We may use information about your IP address to help diagnose problems with our server, analyze trends, track visitor engagements, and gather information that assists us in identifying visitor preferences. We also may use your IP address to enhance our security and investigate an actual or potential security incident.
- Please note that the NERCOMP website offers some links to external sites, to which these privacy practices do not apply. We make no promises regarding the policies or business practices of these other websites.
Your correspondence with NERCOMP
- If you correspond with us by email, the postal service, or other form of communication, we may retain such correspondence and the information contained in it and use it to respond to your inquiry; to notify you of NERCOMP conferences, publications, or other services; or to keep a record of your complaint, accommodation request, and the like. As always, if you wish to have NERCOMP “erase” your personal data or otherwise refrain from communicating with you, please contact us at firstname.lastname@example.org.
Purposes for processing your data
- As explained above, NERCOMP processes your data to provide you with the programs or services you have requested or purchased from us, including membership services, events, publications and other content, and professional learning. Additionally, we use your information to refine our programs and services to better tailor them to your needs and to communicate with you about other services NERCOMP offers that may assist you in your career or otherwise help you do your job. We also strive to facilitate communication among colleagues in the higher education IT community. To these ends, we collect and maintain data about our members and constituents to enable us to communicate with them, share information relevant to them, and allow them to communicate with each other.
- NERCOMP reserves the right to use the personal data that it collects to identify the source of any inappropriate use of information resources managed by the association, including but not limited to, offensive or illegal postings to online discussion lists, collaboration sites, and other communication vehicles; denial-of-service actions; unauthorized use of online services and network infrastructure; misuse or unauthorized use of the NERCOMP name, logo, or other representations of the association; and to protect the personal safety and privacy of our employees and service providers, members, online users, and the public under the policies and practices described in this Privacy Notice.
Payment card information
- You may choose to purchase goods or services from NERCOMP using a payment card. Typically, payment card information is provided directly by users, via the NERCOMP website, into the PayPal payment processing service to which NERCOMP subscribes, and NERCOMP does not, itself, process or store the card information.
What happens if you don’t provide us your personal data
- You can enjoy many NERCOMP services without giving us your personal data. Some information on our website is open access and does not require a profile. Minimal data is required to participate in a Community of Practice. However, some personal data is necessary for NERCOMP to supply you with services you have purchased or requested and to authenticate membership access.
We may contact you by the email, postal mail address, or phone number that you have on file with us for business purposes. We send transactional emails to individuals with whom we have a business relationship; these emails regard a service you purchased or requested, and you may not opt-out of these emails. We send marketing emails and, occasionally, postal mail, which contain promotional material about our programs, resources, and services, and you may opt out of these communications. These emails provide valuable information about events, resources on higher education IT, or new services that can help you. If there is a concern regarding your personal data, we will contact you when required to do so by law. To do this, we will use the email address on file for you. If for any reason you think there is a problem regarding communications to you, please let us know by contacting email@example.com.
We do not share your personal data with third parties outside NERCOMP-authorized subprocessors.
We share your personal data with third parties that provide certain services to us to assist us in meeting business operation needs. These parties are authorized to process your personal data, on our behalf and pursuant to our instructions, only as necessary to provide these services to us. We use third-party service providers, including:
- Email hosting services to send email
- Event registration and presenter proposal submission service providers
- Career center job board provider
- Providers of research and analytics services, including Google Analytics
- Email marketing service provider
- Billing and credit card merchant systems to process payments
- Providers of cloud computing infrastructure services
These providers are authorized by NERCOMP for our business operation needs; however, we make no promises regarding the policies or business practices of third parties and encourage you to familiarize yourself with their privacy policies before providing them with your personal data.
- We may disclose your personal data to our agents or subprocessors for the purposes identified above. In such cases, the agent or subprocessors will be obligated to use that personal data in accordance with the terms of this Privacy Notice.
- We will not sell, distribute, or lease your personal data to third parties.
- We may disclose your personal data without your permission to the extent that it is required to do so by United States, or national law, in connection with any legal proceedings or prospective legal proceedings, and in order to establish, exercise, or defend NERCOMP’s legal rights.
Institutionally Identifiable Data
NERCOMP and its service providers release institutionally identifiable information to third parties only when presented with valid subpoenas or other valid, legal requests and in compliance with other applicable laws. NERCOMP will not provide any institutionally identifiable information, other than information that is publicly available, without a legal obligation to do so.
Data Subject Rights: Your Choice
Access to Personal Data
Upon request, we will provide you with information about whether we hold any of your personal data. You have the right to access the personal data we have about you, and you may request that it be corrected, amended, not processed, or deleted by sending an email to firstname.lastname@example.org with the subject of “Access Request.” We require all our requests to be in writing. We will respond to your access request within a reasonable time, under 30 days. We may require additional information from you to allow us to confirm your identity or find your personal data.
If you believe that any personal data we are holding on you is incorrect, incomplete, or shouldn’t be processed, please contact us as soon as possible, at the contact information below, and we will promptly take the appropriate action.
Withdrawing Your Consent
You have the right to withdraw your consent for any marketing material. To do this, you may send an email to email@example.com, click on the unsubscribe link at the bottom of any of our emails, or change your preferences within your profile.
We will not use your personal data for decisions based solely on automated processing if the decision produces legal effects concerning you or significantly affects you, unless you gave your explicit consent for this processing.
We are committed to ensuring that your personal data is secure. In order to prevent unauthorized access or disclosure, we have put in place appropriate technical and organizational measures to safeguard and secure the personal data we process. No system is 100% secure, and therefore we can’t provide assurance with 100% certainty that your personal data will be secure. Be mindful that you are responsible for protecting your username and password and that it is not to be shared with others. If, despite all our efforts, a data breach does occur, we will do everything in our power to limit the damage. In case of a personal data breach, and in accordance with state and federal laws, we will inform you about remedial actions that we are undertaking and that you should take to prevent any further damage. We will always inform the relevant data owner/controller and supervisory authority or authorities without undue delay.
We will not store your personal data longer than necessary for the purpose for which we have processed your personal data. How long we retain your personal data depends on the type of data and the purpose for which we process it.
Changes to our Privacy Notice
It is our policy to post any changes we make to our Privacy Notice on this page. In some cases, we provide additional notice of changes. If we make material changes to how we treat your personal data, we will notify you by email to the email address specified in your account and/or through a notice on the website. The date the Privacy Notice was last revised is listed at the top of this page. The effective date of this statement is February 11, 2019. NERCOMP may change this Privacy Notice from time to time by updating this page.
Questions, Concerns, or Complaints
If you have a question about or complaint with how you believe we have handled a request under this Privacy Notice (including subject “Access Request”), please let us know, and we will work to fix it. You can email us at firstname.lastname@example.org or call 860-345-2081.
Further information If you have any questions about this privacy notice or questions or complaints about the processing of your personal data by NERCOMP, please contact us at:
P.O. Box 81
Haddam CT 06438