Identity of the Data Controller
Conexxus is the data controller – the entity that collects and processes personal data, or arranges for such actions taken on its behalf by its agents. Conexxus is responsible for deciding the purposes for which personal information is used and processed, and the means by which such processing is done. Thus, it is the responsibility of Conexxus to inform you in advance of the processing of your personal information. You may contact Conexxus with any questions or concerns by emailing [email protected] or via postal mail at:
1600 Duke St., Suite 700
Attn: Data Protection Officer
Alexandria, VA 22314 USA
Collection of Information
In general, Conexxus only collects personal information from you when you voluntarily provide it to us by: (1) requesting an account for member-only access to the Web Site; (2) using the Web Site, or the NACS website where NACS is acting as an agent of Conexxus to register for an event or to pay for membership dues, etc.; (3) participating in Conexxus standards work, including meetings (e.g., through a Committee, Subcommittee, or Working Group); (4) uploading material to a Conexxus Committee, Subcommittee, or Working Group area; (5) making inquiries about membership, Conexxus events and/or Conexxus standards; and (6) contacting Conexxus (including the webmaster, customer service representatives, or other employees) by email. In connection with these activities, Conexxus may collect personal information from you, including, but not limited to, your name, physical address, e-mail address, username, password, a picture of you, certain preference information (such as favorite URLs), whether or not you are a Conexxus member, telephone number, fax number, company name, title. In the case of purchases, your credit card number, credit card expiration date, and/or verification code will be obtained by the Conexxus third-party payment processor, although no sensitive payment information is received or stored by Conexxus. Conexxus does not provide services or target the use of the Web Site to minors under the age of 18, who would have no legal rights to enter into any contract for services (see Children for more information).
Non-Personal Information and Cookies
If you provide information to Conexxus solely as the representative of your organization (e.g., for membership purposes), such information is usually not considered to be personal since it is being provided on behalf of an entity that has a business relationship with Conexxus. In those circumstances, Conexxus considers such information, sanitized of any personal information about the business contact, to be outside the scope of this Policy.
As part of the standard operation of its Web Site, Conexxus may collect certain non-personal information from you including, but not limited to, your browser type (e.g., Chrome or Internet Explorer), operating system (e.g., Windows or Macintosh), Internet service provider, IP address, and the domain name from which you accessed the Web Site (e.g., yahoo.com). Such information is used only to enhance your online experience or to enhance the operation of the Web Site.
You are always free to decline cookies, but by doing so you may not be able to use certain features on the Web Site and your use of the Web Site may be hindered. The "help" segment of the toolbar on most browsers explains how to configure a browser to not accept new cookies, how to have the browser inform a user when they receive a new cookie, and how to erase cookies from their hard drives.
Your rights in relation to your personal information are to: (1) be informed about its use; (2) have access to your information; (3) correct your personal information; (4) have your personal information deleted; and (5) restrict how we use your personal information. You also have the right to have your personal information ported to others; however, because use of your personal information by Conexxus is limited to purposes related to you as an individual related to goods and services provided by Conexxus (e.g., for conferences and other events, as speakers at Conexxus events, and/or as an event sponsor) and marketing activities related to Conexxus events, it is not technically feasible for Conexxus to honor such a request because we are not able to exchange that information with other entities with which we have no direct interface or any reason to exchange data. You are also entitled to know if Conexxus is using any automated decision-making (including profiling); Conexxus does not use any such automated technologies in the processing of your personal information. This Policy serves as a notice to you about your rights, as well providing required fundamental information about how Conexxus collects and uses your personal information.
Use of Information
Conexxus uses your personal information for any of the following purposes: (1) to facilitate your use of the Web Site and better understand your online needs; (2) to process your downloading of standards and related documents, registration for events, and membership; (3) to respond to your inquiries or requests for information about Conexxus standards, events, and membership; (4) to send you notices regarding meetings, meeting minutes, or other materials that have been uploaded to subscribed groups, (5) to send you general information about Conexxus and its events; (6) to contact visitors to the Web Site when necessary; (7) to help address problems with the Web Site; (8) to administer the Web Site; (9) to conduct internal reviews of the Web Site (e.g., to determine the number of visitors to specific pages within the site); (10) to help us better understand visitors' use of the Web Site; and (11) to protect the security and integrity of the Web Site. In some instances, business contact information is shared with organizations that sponsor or exhibit at a Conexxus event; no personal information is sold or shared outside of business contact information.
Non-personal information will be used for these purposes as well to monitor the Web Site and provide an enhanced online experience for visitors.
Legitimate Interests for Collecting/Using Personal Information
The principal basis upon which we collect and use your information is when you give us your affirmative consent. However, when you become a member, register for a Conexxus event, or make a purchase from us, Conexxus has a legitimate basis beyond consent to collect your personal information in order to provide you with the goods or services that you expect us to deliver or to complete such a transaction, which depends upon us having and using your personal information. Once you have a formal relationship with us, Conexxus also has a legitimate interest in providing you with timely information about upcoming events and/or products in which you may have an interest; so, to better serve you, we will market or promote those events/products to you. Thus, depending on the precise situation, Conexxus may rely on these legitimate bases in collecting your personal information. In those instances, your acceptance of the terms and conditions represents both affirmative consent and/or acknowledgement of the Conexxus legitimate interest in collecting and using your personal information. In either case, you may withdraw consent or acknowledgement of legitimate interest by email to Conexxus at [email protected].
Disclosure of Personal Information
Conexxus may transfer or otherwise disclose information collected from you to the following entities for the following purposes: (1) to Conexxus employees, independent contractors, subsidiaries, affiliates, consultants, business associates, service providers, and suppliers, if such disclosure will enable that entity to perform a business, professional, or technical support function for Conexxus; (2) to employees, independent contractors, service providers, and suppliers of Conexxus to fulfill a standards, meeting registration, or membership request; and (3) to respond to a judicial subpoena and provide information to law enforcement agencies or in connection with an investigation on matters related to public safety, as permitted by law.
Sale of Personal Information
Conexxus will never sell your personal data to any third party that is unrelated to the organization (i.e., who is not a sponsor of an event).
Retention of Personal Information
Conexxus does not retain personal information longer than is necessary, taking into account any legal obligations we have (e.g., to maintain records for tax purposes), as well as any other legitimate basis we have for using your personal information (e.g. your consent, performance of services to you and/or your employer as a member of Conexxus, or our legitimate interests as an international trade association). If you are the representative of your organization for purposes of membership in Conexxus, this information is not considered personal. Personal information that we use for marketing purposes will be kept until you notify us that you no longer wish to receive this information.
While any information that you transfer to Conexxus is done at your own risk, we use a variety of security technologies and procedures consistent with current best practices to protect the Web Site and any databases maintained by us. These measures are intended to safeguard data—including your personal information—from unauthorized access, use or disclosure.
Wherever Conexxus collects personal information, it is encrypted and transmitted to us using the latest secure socket layer (SSL/TLS) encryption methods. You can verify this in different ways on different browsers: by looking for a closed lock icon, a green location bar, or verifying that "https" is used at the beginning of the address of the web page. Furthermore, Conexxus uses third-party tools to verify that it is conforming to the latest security methods, protocols, and best practices to maintain safe transmissions.
Conexxus does not direct the Web Site to, nor does it knowingly collect any personal information from, children under the age of 13 because Conexxus members are not children. Accordingly, the provisions of the Children’s Online Privacy Protection Act (COPPA) do not apply. If you have reason to believe that Conexxus has collected information about a child please contact us.
Third-Party Web Sites
California Privacy Rights
California’s “Shine the Light” law permits persons in California to request certain details about how certain types of their personal information are shared with third parties and, in some cases, affiliates, for those third parties’ and affiliates’ own direct marketing purposes. Under the law, a business should either provide California members certain information upon request or permit California customers to opt in to, or opt out of, this type of sharing. These requirements are quite similar to the CCPA requirements regarding how we use your personal information.
Conexxus may share personal information as defined by California’s “Shine the Light” law with third parties and/or affiliates for such third parties’ and affiliates’ own direct marketing purposes (see Sharing Personal Information). If you are a California resident and wish to obtain information about our compliance with this law, please email us here or send us a letter to Conexxus. Requests must include “California Privacy Rights Request” in the first line of the description and include your name, street address, city, state, and ZIP code. Please note that Conexxus is not required to respond to requests made by means other than through the provided email address or mail address.
Any California residents under the age of eighteen (18) who have registered to use the Conexxus Web Site and posted content or information on the Conexxus Web Site, can request that such information be removed from the website by sending an email to us here. Requests must state that the user personally posted such content or information and detail where the content or information is posted. We will make reasonable good faith efforts to remove the post from prospective public view.
In the event that Conexxus or any of its assets are acquired by a third party, personal information acquired through the Web site may be one of the assets transferred. However, Conexxus does not sell any personal information to any unrelated third parties.
Requests and Responses
Any request you have about what personal information Conexxus has about you, how it has been used, with whom it has been shared, or a request to delete such information, must be sent by email to Conexxus at [email protected]. Conexxus will acknowledge all requests and make a reasonable effort to verify the request. We will respond to you in writing within 45 days after receiving your request, unless additional time is required, in which case we will notify you about that extension.
If you would like to access or change any contact information you have provided to us, or if you are making any other request regarding your personal information, please contact us here.
Conexxus records meetings of working groups and/or committees for the purpose of generating meeting minutes. Each meeting recorded has a consent button so participants may choose to leave if they do not want to be recorded. Recordings are not made available to anyone outside of Conexxus staff or their representatives, unless a discrepancy in the minutes is noted and further review of a small portion of the recording is required.
1600 Duke St., Suite 700
Alexandria, VA 22314 USA
© 2020 CONEXXUS, INC. ALL RIGHTS RESERVED.