PRIVACY POLICY

 
Last Updated: December 2021

Delta Zeta respects your privacy and is committed to protecting it through compliance with this privacy policy (“Privacy Policy”). This Privacy Policy describes the types of information Delta Zeta may collect from you or that you may provide to us when you access one of our websites (www.deltazeta.org, lamp.deltazeta.org, museum.deltazeta.org, learning.deltazeta.org, trulyconnected.deltazeta.org, dzdesigns.myshopify.com, or dzdezigns.deltazeta.org(collectively, “Sites”)); sign up to volunteer for us; make donations to us; visit our museum; shop at our online store; submit written or video testimonials to us; apply for or recommend someone for membership; register for a conference or other event; apply for any of the scholarships, training programs, or volunteer positions we offer; or otherwise participate in or partake of our events, activities, offerings, or services (collectively, our “Services”) and our practices for collecting, using, maintaining, protecting and disclosing that information. This Privacy Policy does not apply to our members only website, dz.deltazeta.org, or mobile application once you log in as a member of Delta Zeta, nor to any collection and use of your information by third parties.

We reserve the right to change this Privacy Policy at any time. We will alert you that changes have been made by indicating the “last updated” date of the current version of the Privacy Policy at the top of the Privacy Policy. We encourage you to review this Privacy Policy from time to time to make sure that you understand how any Personal Data we collect will be used.

By using the Sites or Services, you consent to and agree that we may collect, process, use, retain, disclose, and transfer your Personal Data as described in this Privacy Policy. This Privacy Policy supplements and is incorporated into our Terms of Use, which may be accessed here. By accessing, downloading, registering with, purchasing from, or otherwise using our Services, you agree to this Policy and our Terms of Use, including any updates thereto.

This Privacy Policy will cover:

  • What is Personal Data
  • Personal Data we collect or process, including from our Sites and Services;
  • How we use Personal Data;
  • Legal grounds for processing your Personal Data;
  • With whom we share Personal Data;
  • Information about international transfers;
  • Your European privacy rights and choices;
  • California disclosures;
  • Nevada Disclosures;
  • Retention Periods and protection of your Personal Data;
  • Links to other websites;
  • Children’s privacy;
  • Automatic Decision-Making
  • Privacy Policy updates; and
  • How you can contact us.

 

What is Personal Data

As used herein, the term “Personal Data” means any information relating to an identified or identifiable natural person including information that specifically identifies an individual (such as a name, address, telephone number, mobile number, e-mail address, or credit card number) and information about that individual or his or her activities that is directly linked to the individual. Personal Data does not include aggregate data, which is data we collect about the use of the Sites or Services or about a group or category of services or users, from which an individual’s identity cannot be discerned and all other Personal Data has been removed. This Privacy Policy in no way restricts or limits our use of aggregate data.

 

Personal Data We Collect or Process

Our Sites and Services collect Personal Data that you provide to us voluntarily. Delta Zeta collects the information that you provide to us when you sign up to receive newsletters, make a foundation donation, reserve a tour of the museum, complete a scholarship or training application, or complete a new member, new member recommendation, or volunteer application. We use this information only to respond to your comments or questions or to fulfill your request. Providing this information is completely voluntary.

Our Sites and Services may also capture Personal Data about you automatically by utilizing background local storage and session storage technologies (“Cookies”) in order to improve the user experience. Cookies are small files or other prices of data which are downloaded or stored on your computer or other device that can be tied to information about your use of our Sites and Services (including certain third party services and features offered as part of our Services). Examples of information of this type are your IP address, the browser you are using, the operating system you are using and the pages on the Sites that you visit. Session cookies are deleted when you close your browser session. We may also collect Personal Data from publicly available sources. We do not link information obtained from Cookies to other Personal Data.  More information on how to modify your browser settings or how to block, manage or filter cookies can be found in your browser’s help file or through such websites as www.allaboutcookies.org. You may change your browser setting to decline the use of Cookies (though this may adversely affect your operation or use of the Sites or Services). This Privacy Policy does not cover the use of Cookies by third parties over which we have no control.

Do Not Track: Depending on the browser you are using, you may be able to choose to block third party cookies or browse in a private browsing mode. Our Sites and Services are accessible even when private browsing is turned on. The Personal Data we collect is governed by this Privacy Policy.

Analytics: We use Google Analytics to help us understand how our customers use the Sites and Services. You can read more about how Google uses your Personally Identifiable Information here: https://policies.google.com/privacy?hl=en.You can also opt-out of Google Analytics here: https://tools.google.com/dlpage/gaoptout.

 

How We Use Personal Data

We use the Personal Data we collect to respond to your inquiries, provide information you request, perform our contractual and ethical obligations, administer our Sites and Services, to fill volunteer or staff positions, to fulfill legal obligations we have to governmental authorities or other third parties and for other legitimate business purposes. Delta Zeta distributes newsletters and other publications to members and friends of the organization. If you wish to unsubscribe from communications, please contact us by email at DZS@deltazeta.org.

 

Legal Grounds for Processing Your Personal Data

We rely on the following legal grounds to process your personal information:

Consent. We may use your Personal Data as described in this Privacy Policy subject to your consent. To withdraw your consent, please contact us at DZS@deltazeta.org.

Performance of a contract. We may need to collect and use your personal information to enter into an engagement or agreement with you or to perform an engagement or agreement that you have with us.

Legitimate Interests. We may use your Personal Data for our legitimate interests to provide and improve our Sites and Services. We may use your Personal Data for our marketing purposes consistent with our legitimate interests and any choices that we offer or consents that may be required under applicable law.

 

With Whom We Share Personal Data

Delta Zeta is a private membership organization headquartered in the United States, and as such may need to share Personal Data with internal personnel located in different geographic locations in order to fulfill our contractual, legal and ethical obligations. We may also share your Personal Data with third parties (within or outside your country of residence) who perform services on our behalf, including without limitation our technology providers, administrative and support personnel and providers, professional advisors and translators.

We may disclose Personal Data (within or outside your country of residence) if we have a good faith belief that disclosure is necessary by law or the legal process, to protect and defend our or others’ interests or property, or to enforce agreements you enter into with us.

We may share your Personally Identifiable Information when required to do so by law, court order, or other legal process such as a subpoena. We generally do not disclose Personal Information unless we have a good faith belief that an information request by law enforcement or private litigants meets applicable legal standards. We may share your Personal Information when we believe it is necessary to comply with applicable laws, to protect our interests or property, to prevent fraud or other illegal activity perpetrated through the services or using our name, or to protect the safety of any person. This may include sharing Personally Identifiable Information with other companies, lawyers, agents, or government agencies. Nothing in this Privacy Policy is intended to limit any legal defenses or objections that you may have to a third party’s, including a government’s, request to disclose your information.

We may obtain your consent, including implicit and tacit consent, to share your Personal Data from time to time, including for other contemplated uses of your Personal Data not addressed in this Privacy Policy. Please read all online agreements carefully before accepting them.

 

Information about International Transfers

Delta Zeta is an Ohio incorporation. If you are accessing our Sites or Services from outside the United States, please be aware that your Personal Data will be transferred to, stored, and processed in the United States where our servers are located and our central database is operated. Additionally, our service providers and contractors collect may store and process Personal Data in servers within or outside of the United States and wherever they have facilities around the globe, and certain Personal Data may be accessible by persons or companies outside of the United States who provide services for us. The data protection and other laws of the United States and other countries might not be as comprehensive as those in your country. By visiting our Sites or using our services, you understand that your Personal Data will be transferred to our facilities and those third parties with whom we share it as described in this Privacy Policy.

 

Your European Privacy Rights and Choices

If you are a resident of the European Union or the United Kingdom (also referred to as a “Data Subject”), the General Data Protection Regulation (“GDPR”) provides you with additional rights regarding our use of your personal information. This section is provided pursuant to the GDPR. Each capitalized term used, but not defined, in this section shall have the meaning given to such term in the GDPR. This section describes how we collect, share, disclose, and process the Personal Data of residents of the European Union and United Kingdom. “Personal Data” under the GDPR means any information relating to an identified or identifiable natural person (referred to ‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

 

Rights of European Union and United Kingdom Residents

If you are located in the European Union or the United Kingdom, you have certain rights regarding the Personal Data that we maintain about you, which in certain circumstances you will be able to exercise. The rights are as follows:

  • You may request a copy of the Personal Data that we maintain about you.
  • If we maintain your Personal Data based on your consent or so that we can enter into or perform under a contract with you, you have the right to obtain your Personal Data from us that you consented to give us, that is necessary to enter into or perform the contract, or that is necessary to provide member benefits to you. We will give you your Personal Data in a structured, commonly used and machine-readable format.
  • If you believe your Personal Data is incorrect, you may request that we correct, amend or delete your Personal Data that is inaccurate or incomplete.
  • Deletion or Restriction of Processing. You may request that we erase or restrict the processing of your Personal Data.
  • Object to Processing. You may object to the processing of your Personal Data in certain circumstances when we process your Personal Data for the purposes of our legitimate interests.
  • Right to Complain. You have the right to file a complaint with a supervisory authority, in particular in the European member state of your habitual residence, place of work or place of the alleged infringement if you consider that the processing of your Personal Data infringes upon your rights.
  • Withdraw Consent. If we are processing your Personal Data based on your consent to do so, you may withdraw that consent at any time.

 

Some of these rights can be exercised online via your account. For example, you can review and modify certain information relating to your use of our Services and view your purchase history. If you are unable to manage your request via your online account, then please contact us via the contact information at the end of this Privacy Policy.

 

Collection of Personal Data

We only collect Personal Data that is reasonably necessary for us to provide our Services. Subject to applicable exceptions, we will obtain your Consent before collecting, using and disclosing your Personal Data for the specified purposes. In addition to circumstances in which you Consent to the use of your Personal Data, the Personal Data we collect may be used or processed where we have a legitimate interest in or other legal basis for processing such data.

 

The categories of, Personal Data that we collect are listed above in the section entitled “Personal Data We Collect or Process.” The purposes for which we collect Personal Data are listed above in the section entitled “How We Use the Data” and “Legal Grounds for Processing Your Personal Data.” With whom and why we disclose your Personal Data is described above in the section entitled “With Whom We Share Personal Data” and in other sections of this Privacy Policy. If we use Personal Data in ways other than described in this Privacy Policy, we will provide you with specific notice at the time of collection.

 

If we need to process your Personal Data to fulfil or enter into a contract with you, failure to provide that Personal Data will mean that we cannot perform or enter into a contract with you. If we collect your Personal Data for one purpose and need to process it for second purpose, we will provide you with additional information regarding this secondary purpose to ensure fair and transparent processing before we engage in further processing.

 

California Disclosures

As a nonprofit organization, we are not subject to the requirements of the California Consumer Privacy Act of 2018 (“CCPA”). However, we strive to act consistently with the intent of the CCPA. Each capitalized term used, but not defined, in this section shall have the meaning given to such term in the CCPA. “Personal Information” includes Personal Data as defined in other sections of this Privacy Policy. If you are a resident of California, you may access the Personal Information we hold about you, ask that your Personal Information be corrected, updated, ported, or erased, and opt out of the further sale of your Personal Information (collectively, “Requests”). If you would like to make one of these Requests, follow the procedure described in the “Making Access, Data Portability, Correction, and Deletion Requests” section below. If you would like to designate an authorized agent to submit these Requests on your behalf, please contact us through the means indicated at the end of this Policy.

Access to Specific Information Requests: You may request that we disclose certain information to you about our collection and use of your Personal Information over the past 12 months. Once we receive and confirm your verifiable Consumer request, we will disclose to you:

  • The categories of Personal Information we collected about you;
  • The categories of sources for the Personal Information we collected about you;
  • Our business or commercial purpose for collecting, sharing, or selling that Personal Information;
  • The categories of third parties with whom we share that Personal Information;
  • The specific pieces of Personal Information we collected about you (also called a data portability request) and provide a copy to you in an electronic or paper format; and
  • The categories of Personal Information, if any, we disclosed for a business purpose to a third party.

Deletion Request: You may request that we delete any of your Personal Information that we collected from you and retained, subject to certain exceptions. Once we receive and confirm a verifiable Consumer request from you, we will delete (and direct our Contractors and Service Providers to delete) your Personal Information from our (and their) records, unless an exception applies (as described below).

As described in the CCPA we may delete your Personal Information by (a) permanently and completely erasing the Personal Information on our existing systems with the exception of archived or back-up systems; (b) de-identifying the Personal Information; or, (c) aggregating the Personal Information.

We may deny your deletion request for any reason including if retaining the information is necessary for us or one of our Contractors or Service Providers to:

  • Complete the transaction for which we collected the Personal Information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform our contract with you;
  • Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities;
  • Debug products to identify and repair errors that impair existing intended functionality;
  • Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law;
  • Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 et. seq.);
  • Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us;
  • Comply with a legal, regulatory or law enforcement obligation; or
  • Make other internal and lawful uses of that information that are compatible with the context in which you provided it.

Making Access, Data Portability, Correction, and Deletion Requests: To make an access, data portability, or deletion request, please submit a verifiable Consumer Request by contacting us using the contact information at the end of this Policy. Only you, an authorized agent, or an entity registered with the California Secretary of State that you authorize to act on your behalf, may make a verifiable Consumer Request related to your Personal Information. You may only make a verifiable Consumer Request for access or data portability twice within a 12-month period. To be verifiable, the Consumer Request must:

  • Provide sufficient information that allows us to reasonably verify you are the person about whom we collected Personal Information or an authorized representative of that person and
  • Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.

We cannot respond to your Request or provide you with Personal Information if we cannot verify your identity or authority to make the request and confirm that the Personal Information relates to you. Making a verifiable Consumer Request does not require you to create an account with us. We will only use Personal Information provided in a verifiable Consumer Request to verify the requestor’s identity or authority to make the Request.

Upon receiving a Request from you, we will verify your identity based on the information we have on file for you. Upon verification of your identity, we will proceed to process your request (subject to the exceptions stated above).

We endeavor to confirm receipt of your request within ten (10) days of receiving it. We will respond to a verifiable Consumer Request within forty-five (45) days of its receipt. If we require more time (up to an additional forty-five (45) days), we will inform you of the reason and extension period in writing.

We will deliver our written response via email to the email address associated with you or, if we are unable to determine your email address, via mail, if you provided that information to us.

Any disclosures we provide will only cover the 12-month period preceding the verifiable Consumer Request receipt. If applicable our response to your Request will explain any reason we cannot comply with the Request. For data portability requests, we will select a format to provide your Personal Information that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance.

We do not charge a fee to process or respond to your verifiable Consumer Request unless it is excessive, repetitive, or manifestly unfounded. If we determine that your Request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your Request.

Non-Discrimination: We will not discriminate against you simply for making a Request pursuant to this section of the Policy.

 

Nevada Disclosures

If you are a Nevada resident who wishes to exercise your sale opt-out rights under Nevada Revised Statutes Chapter 603A, you may submit a request to the contact information listed at the end of this Privacy Policy.

 

Retention Periods and Protection of Your Personal Data

We retain the Personal Data we collect for so long as reasonably necessary to fulfill the purposes for which the data was collected, to perform our contractual, legal and ethical obligations, and for any applicable statute of limitations periods.

We take reasonable administrative, physical and technical precautions to protect your Personal Data and communications between us. This includes, when required or as we deem appropriate and feasible under the circumstances, written commitments from third parties that may have access to your Personal Data that they will protect the data with safeguards that are substantially equivalent to those used by Delta Zeta. No Internet or e-mail transmission is ever fully secure or error free, however. We therefore cannot guarantee absolute security of your data, and we are not responsible for processes and networks that we do not control and for unauthorized access to information by those who have gained access through illegal means.

 

Links to Other Websites

Occasionally Delta Zeta may include links to third party websites on our Sites. The inclusion of any link does not imply that we endorse the products and services offered at such linked site. The product sales, shopping cart, and affiliated features that allow you to make purchases from our Sites are hosted by Shopify. The Shopify privacy policy can be accessed at https://www.shopify.com/legal/privacy. Additionally, certain third parties may use automatic information collection technologies, including cross-site tracking technologies, to collect Personal Data about you or your device. These third parties may include, but are not limited to, your internet service provider, your web browser, your mobile service provider, your mobile device manufacturer, online advertisers, and data analytics companies. These third party websites have separate and independent privacy policies which we encourage you to review. We have no responsibility or liability for the content, activities, or privacy policies of these linked websites.

 

Children’s Privacy

Our Sites and Services are for adult audiences and do not offer services directed to children. Should an individual whom we know to be a child under age 18 send Personal Data to us, we will delete or destroy such information as soon as reasonably possible. If you believe a child has provided us with Personal Data, please contact us through the means indicated at the end of this Privacy Policy to request deletion.

 

Automatic Decision-Making

We do not profile or use automated decision making.

 

Privacy Policy Updates

We may update this Privacy Policy from time to time in our sole discretion to reflect changes in our information practices. If we modify or update this Privacy Policy, we will post changes and updates on the Sites. It is your responsibility to periodically check the Sites for updates so that you will always be aware of what information we collect, use and disclose. Your continued use of our Sites or Services after any changes to our Privacy Policy indicates your acceptance of the terms of the revised Privacy Policy. The date of the last update of the Privacy Policy is indicated at the top of this Privacy Policy.

 

How you can contact us

To make a request or to ask us a question about our data practices, please contact us via email at DZS@deltazeta.org.