Effective date: March 4, 2020
IMLA is committed to protecting the privacy and security of your personal information. The information you share with IMLA allows us to provide you with the best experience with our products and services. This document explains IMLA’s privacy practices and policies. Please read this privacy policy.
This policy may change from time to time. The latest effective date will be noted at the top of this privacy policy. When we post changes to the privacy policy we will revise the effective date at the top of this privacy policy.
For material changes in how we process your personal data, a banner will appear when you visit our website notifying the visitor of changes to our privacy policy and directing them to review that policy. We encourage you to periodically visit this privacy policy.
What Information Does IMLA Collect?
IMLA collects some personal information including: your name, home or work address, telephone number, email address, pictures, and billing information (e.g. credit card or debit card, billing address, etc.).
This information is collected via our membership forms, registration forms for webinars, IMLA live events, and purchase of IMLA products and services, and on forms for access to our listservs and working groups.
How Does IMLA Use Collected Information?
IMLA uses the information it collects to process product and service orders, and to deliver the products and services requested. Financial information collected by IMLA is used solely for the purpose of billing for access to our products, services, webinars, and live events.
IMLA does not sell, rent, or lease its member or customer information or lists to third parties.
We sometimes hire other companies to provide limited services on our behalf, such as handling the processing and delivering of electronic mailings, processing transactions, and product delivery. IMLA also contracts with third parties for our distance learning programs and live events. We only provide these companies with the personal information necessary to deliver services.
For a list of companies we contract with please contact us at info@imla.org.
Personal information collected on this site may be stored and processed in the United States or any other country in which IMLA or the companies it contracts with maintain facilities. By using this site, you consent to any such transfer of information outside of your country. IMLA abides by the Privacy Shield framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of data form the European Union.
Security of Your Personal Information
IMLA is committed to protecting your personal information. We use a variety of security technologies and internal procedures to keep your personal information safe from unauthorized access, use, or disclosure.
Control of Your Personal Information
IMLA offers members and customers choices for the collection, use, and sharing of personal information. Please contact us at info@imla.org for more information.
Cookie Policy and Other Websites
Cookies are small packets of data that is cached or stored on your computer based on your internet activity. IMLA, like many websites, uses cookies to monitor visitor activity in the aggregate to improve our website and webservices. The information we gather may include but is not limited to your IP address, operating system, browser type, user language, the presence or absence of “flash” plug-ins, screen resolution, and connection type. You can disable cookies through your web browser. Consult your browser’s help page for information on how to do this. Keep in mind that you may not be able to take advantage of our website’s features if you disable cookies.
Note that IMLA’s website may contain links to external sites that are owned and operated by third parties. Additionally, IMLA uses third party services as discussed in the preceding sections of this privacy policy. The privacy and information practices of those websites and third parties are not covered by this policy. We are not responsible for the privacy policies of third parties or external sites whose links we provide. If you are concerned about data privacy regarding the third parties IMLA uses or external sites that are linked on our website, we strongly suggest you review that third party’s privacy policies.
Disclaimers
IMLA reserves the right to modify this privacy policy at any time. We will notify you of any changes to our privacy policy on the website and highlight the changes in an appropriate notice. Such modifications will become effective immediately after posted.
If you have any questions or concerns regarding this privacy policy, please email us at info@imla.org
California Specific Rights
A California resident who has provided personal information to a business with whom he/she has established a business relationship for personal, family, or household purposes (“California customer”) is entitled to request information about whether the business has disclosed personal information to any third parties for the third parties’ direct marketing purposes. In general, if the business has made such a disclosure of personal information, upon receipt of a request by a California customer, the business is required to provide a list of all third parties to whom personal information was disclosed in the preceding calendar year, as well as a list of the categories of personal information that were disclosed.
However, under the law, a business is not required to provide the above-described lists if the business adopts and discloses to the public (in its privacy policy) a policy of not disclosing customer’s personal information to third parties for their direct marketing purposes unless the customer first affirmatively agrees to the disclosure, as long as the business maintains and discloses this policy. Rather, the business may comply with the law by notifying the customer of his or her right to prevent disclosure of personal information and providing a cost free means to exercise that right.
We do not share information with third parties for their direct marketing purposes if you opt-out of such disclosure. If you do ask us to share your information with a third party for its marketing purposes, we will only share information in connection with that specific promotion, as we do not share information with any third party on a continual basis. To prevent disclosure of your personal information for use in direct marketing by a third party, do not opt in to such use when you provide personally identifiable information on one of our sites. Please note that whenever you opt in to receive future communications from a third party, your information will be subject to the third party’s privacy policy. If you later decide that you do not want that third party to use your information, you will need to contact the third party directly, as we have no control over how third parties use information. You should always review the privacy policy of any party that collects your information to determine how that entity will handle your information.
California members may request further information about our compliance with this law by e-mailing info@imla.org. Please note that we are only required to respond to one request per customer each year, and we are not required to respond to requests made by means other than through this e-mail address.
GDPR Specific Rights
IMLA complies with the principles of the GDPR, which are:
- Lawfulness, fairness, and transparency
- Purpose limitation
- Data minimization
- Accuracy
- Storage limitation
- Integrity and confidentiality
- Accountability
Your privacy and security is of the utmost importance to us. We will always follow these principles and encourage you to reach out to us at info@imla.org if you have any questions.
You are entitled to the following:
- The right to be informed – this entitles you to be informed as to whether your personal data is being processed by IMLA.
- The right of access – this enables you to receive a copy of your data and to check that we are lawfully processing it.
- The right to rectification – this enables you to ask us to correct any incomplete or inaccurate information we hold about you.
- The right to erasure – this enables you to ask us to delete or remove your data where there is no good reason for us to continue to process it. You have the right to ask us to delete or remove your data where you have exercised your right to object to processing.
- The right to restrict processing – this enables you restrict our processing of your personal data.
Under the GDPR, you, the individual has various other rights in addition to the rights stated above. To exercise those rights please email us at info@imla.org.
If you want to exercise any of the rights described above or are dissatisfied with the way we have used your information, please contact us at info@imla.org. We will seek to deal with your request without undue delay, and in any event in accordance with requirements of the GDPR. Please note that we may keep a record of your communications to help us resolve any issues which you raise.
If you have any complaints about how we handle your personal data, please contact us so we may resolve the issue where possible. If you need to make a complaint please contact us at info@imla.org. You also have the right to lodge a complaint about any use of your information with your Data Protection Authority.
Data We Collect
Previous sections of this privacy policy detail the information IMLA collects and how that information is processed. If you have any questions please email us at info@imla.org
Legal Basis for Data Processing
IMLA certifies that it has the following legal basis to process your personal data:
- Consent – applies to billing and other financial information when you purchase an IMLA product or service such as event attendance, webinars, documents, etc.
- Contract – applies to your name and contact information as it relates to our hotel contracts for IMLA events (for this we also ask for consent), third-party contracts necessary to provide services to IMLA members such as webinars, products, and other events, and contracts with you to provide services such as access to our member benefits and services or products purchased
- Legitimate interests – all items that do not fit in the consent or contract categories are authorized because it is within our legitimate interests.
If you have provided consent, that consent may be withdrawn at any time. However, withdrawing your consent will not render unlawful any data processing that occurred prior to the withdrawal of consent. You can withdraw consent by contacting us at info@imla.org.
Please be aware that, in certain circumstances, where you do not provide personal information which is required by us, we will not be able to provide the products and services under our contract with you or may be able to comply with a legal obligation imposed on us. You will be made aware if this situation arises and what the consequences of not providing the personal information will be. For questions, email us at info@imla.org.
When the justification for processing your personal information is our legitimate interests, we will conduct a legitimate interest assessment to determine what specific interest IMLA has in processing your personal information.
Storage Limitations
IMLA certifies that it will not keep your personal information for longer than is necessary to fulfill the specific purposes outlined in this Privacy Policy, and to allow us to comply with our legal requirements. All personal information will be deleted once it is no longer required.
Sharing Personal Data with Third Parties
The types of third parties we may share elements of your personal data include:
- Payment processors engaged by us to securely store or handle payment information, such as credit or debit card details, billing information, and other financial information
- Providers of email management and distribution tools
- Providers of security and fraud prevention services
- Providers of our webinar, teleconference, and live events
- Development companies for our Conference and Mid-Year Seminar app
- Data management and storage services
Data Transfers to non-EU Countries
For data transfers to non-EU countries, IMLA abides by the EU – US Privacy Shield Framework.
Changes to this Policy
Review the introduction of our privacy policy.