Collection of Information
The User can generally visit the Trust’s website (the “Site”) without revealing any personal information. However, once he/she decides to apply for membership (the “Membership Service”), the Trust will begin to collect a variety of data from the User. To begin with, prospective members will be asked to complete one or more forms online to process their application and payment for the membership type they have chosen.
The Trust broadly categorises two types of data that are collected from Users, as follows:
This category consists of personal data that may be sensitive because they may be used to identify an individual User. They include information such as name, address, mobile phone number, email address, date of birth, and occupation. This information is required so that the Trust may reliably manage the membership organisation, including location data, communication with the User when needed, collection of membership dues and/or donations. It is also used to identify the User uniquely in order to establish that he is a legitimate subscriber to the Membership Service.
This category of data includes all non-personal data related to the User’s use of the Site. It includes general data, such as the total number of visitors to the Site, the number of visitors to each page of the Site, the number of External Website (defined below) pages visited by each user, etc.; as well as data on usage by registered members, such as number of blogs or vents or news items posted (if applicable), amount and frequency of donations, number of messages exchanged over the member’s site, etc.
If the User elects to pay membership fees or make donations by credit card, he should note that the credit card information provided is used for billing purposesonly. Furthermore, the Trust itself does not process credit card payments. Credit card payments are handled by an independent payment gateway hosted and managed by a bank or credit card processing company that will process the transaction.
Information extracted from the aggregated data will be maintained, used and disclosed in aggregate form only and will not contain personally identifiable information. The Trust may use such aggregate information to analyse trends, improve the Membership Serviceprovided to its subscribers, administer the Site and gather broad demographic information for aggregate use.
Use and Disclosure of Information
Use of Personal Data
The Trust may use Personal Data submitted to the Site in order to contact the User to deliver certain information requested by the User; to verify the User’s authority to enter the Site; and to improve the content and general administration of the Site or of any service offered by the Trust in future.
The data may be communicated to parties who may access it as a result of a legal or regulatory mandate, or in adhesion to national regulations, within the limits allowed by such regulations, or on the basis of provisions made by the judicial authority, within the limits allowed by such norms or provisions.
The Trust may also provide data to trusted partners who work on behalf of or with the Trust under confidentiality agreements, such as credit card processors, data management firms, call centre providers, or other service providers. These companies may use the User’s Personal Data to help the Trust operate the Membership Service. However, they do not have any independent right to share, divulge, trade or sell this information.
The Trust also has the right to use the Personal Data for the purpose of marketing the Site or other communications channels owned by the Trust; and for the development and release, in the future, of information services exclusively by the Trust.
Use of Usage Data
The Trust may analyse the Usage Data (anonymously) for statistical purposes.
The Trust is cautious and selective in its choice of affiliated and non-affiliated third-party companies that it does business with. When identifying ways to improve the Membership Service, the Trust may extend offers of enhanced services to the User from these companies, or share certain information about the User with affiliates and non-affiliated third parties so that such entities may make offers to the User directly.
The Trust will make every effort to engage in such marketing efforts according to a stringent selection process. The Trust will only approve advertisements and marketing offers that it believes would be highly beneficial to its Users. It will never trade or sell personal data. It will only provide carefully selected personal data from appropriate User segments to close collaborators, partners or associates of the Trust; or, in some instances, it will agree to relay itself the marketing messages from affiliated third parties to the Users such that no personal data need be transferred to any third party.
Security and Confidentiality
The Trust protects the User’s information over the Internet by using a secure web server, which allows the User’s web browser to interact with the Trust’s web server via an encrypted session. The Trust employs a Secure Sockets Layer (SSL) connection that provides an encrypted connection between the User’s computer and the Trust. The encrypted connection scrambles ordinary text or data into cyphertext to safeguard sensitive information during its journey across the Internet. The information is decrypted, or put back into a readable format, when it reaches its intended destination.
Depending on which browser the User uses, the User will know he is in a secured area when he sees “https” appearing in front of the URL (Uniform Resource Locator) in the address bar, and/or a locked padlock symbol appearing in the lower corner of the screen. When the User visits the Site, the User may move in and out of secured areas. Whenever the User is on a registration page, he will be in a secured area.
The Trust restricts access to personal information about the User to those employees who need to know that information to provide services to the User. Additionally, the Trust utilises systems access controls to protect the User’s information. The Trust has physical, electronic, and procedural safeguards that comply with regulations to protect personal information. The Trust continually monitors access to its systems to detect unauthorised attempts to gain access to information.
Accessing and Modifying Information
Links to Third-Party Sites