IASSIST (International Association for Social Science Information Service and Technology) is an international organization of data professionals working in data services around the world.
To be able to manage your membership and to allow you to use our online services, we need to collect some personal data about you. We respect your privacy and are committed to protecting your data and maintaining the security of your personal information.
The purpose of this policy is to describe the data we collect from or about you on our public or membership website and how we process it.
Who is the data controller and who can I contact?
IASSIST is the data controller for the user data it collects and is responsible for appropriate processing of your personal data. We are happy to answer any questions about personal data processing you may have.
For any requests for information on personal data processing please contact our Executive Committee or Membership Committee Chair. The following ways to contact them are available:
- Membership Committee Chair: iassist.membership ( at ) gmail.com
- Executive Committee: exec ( at ) lists.iassistdata.org
- OR use the form on https://iassistdata.org/contact
The current officials are mentioned on this page: https://iassistdata.org/about/officials/
What data do we collect about you?
IASSIST may collect the following personal identification information:
- full name
- email address
- phone number
- country of residence
- organization
- occupational title
- social media information
- address and other contact information
How do we collect your data?
You (“data subject”) directly provide IASSIST with most of the information we collect. We collect data and process data when you:
- become a member by filling in the online Membership Registration form or joining via annual conference registration form
- voluntarily fill in additional details on our membership website or contact the association by email or contact forms
- fill in the Fellows Application form
- fill in the Event Sponsorship form
- become IASSIST elected or appointed official
- join and post on our discussion lists
- use or view our websites via your browser’s cookies
- allow your name or other personal details to appear in the conference attendee list or a virtual platform
- submit an article to the IASSIST Quarterly
How do we use the data we collect about you?
IASSIST uses the data only in ways that are compatible with the purpose for which it was intended to be used. IASSIST collects your data for the following purposes:
- process and manage your membership
- contact you on issues regarding your membership or our membership services
- allow you to stand for or vote in IASSIST elections
- allow you to join and post on our discussion lists
- allow you to post on the iBlog
For privacy legislation, such as the GDPR: The legal basis for processing personal data is that it is necessary for the performance of a contract (“membership”).
Marketing
IASSIST does not send you marketing emails nor share your data for marketing purposes. Our members may share on the discussion lists information on events that they believe to be relevant to IASSIST members. Marketing is not allowed on discussion lists either. You can always opt out and unsubscribe from the list.
How do we share data we collect?
We don’t share your data with vendors or any third parties not directly governed by IASSIST to run a service for IASSIST. We do not allow any commercial use of your data. We may share data with an outside party as required for regulatory, legal, or compliance reasons.
The following companies get your personal information for the purposes defined below:
- SimplyVoting for running biennial elections (name, email)
- Electric Embers to maintain listservs and organizational email addresses (name, email)
- Open Journal Systems when you publish a paper in the IASSIST Quarterly (name, email)
- In addition, we use a variety of cloud services such as Google Drive and Zoom to transact association business. Interacting with such services may result in personal data collected by them.
In addition, members in good standing have access to information that individuals choose to make public through the membership database. Members can change what information is available to others at any time. Members with access to personal information are expected to abide by the intent of this policy. Information made available through the membership directory or other organizational activities is not to be redistributed without permission or used for commercial purposes.
How do we store and process your data?
IASSIST will keep your membership data for as long as your membership is active, or as needed to provide you services, including reactivation. Information on lapsed memberships will be kept for 5 years. Once this time period has expired, we will delete your data by removing it from the active database. Your membership data will be archived for research and statistical purposes but not used for any marketing or emailing. If you have a concern about the accuracy of data, you may correct, amend, update, or partly delete it by signing into the membership site.
IASSIST stores membership data on its membership database which is run by Wild Apricot Inc, a site dedicated to manage membership data for small associations and nonprofits. Wild Apricot is a Canadian based service provider, headquartered in Toronto, Ontario. Its services are run on Amazon Web Services infrastructure and advertise the following security information:
- AWS is a secure, durable technology platform with industry-recognized certifications and audits: PCI DSS Level 1, ISO 27001, FISMA Moderate, FedRAMP, HIPAA, and SOC 1 (formerly referred to as SAS 70 and/or SSAE 16), SOC 2 and SOC 3 audit reports.
- The AWS infrastructure puts strong safeguards in place to help protect customer privacy. All data is stored in highly secure AWS data centers.
- AWS storage solutions deliver highly scalable, durable, and reliable cloud storage with robust data protection.
More details are available here: https://www.wildapricot.com/data-protection
Access to your complete data has been granted only to those IASSIST officials who need to manage it. All members can see your public details in the membership directory. Individuals who are not members have no access to the membership directory.
But regardless of where we store and process data, we protect our members’ information as is described in this privacy policy. We have reviewed our privacy practices and believe them to be in line with known existing data protection regulations, such as the European General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). Should this policy deviate from legal requirements covering any IASSIST members, we will update the policy within 30 days of being notified of the disparity.
Your access to membership services and your data may be password protected. Therefore, you share the responsibility of maintaining the security of your personal information.
What are your data protection rights?
IASSIST would like to make sure you are fully aware of all of your data protection rights, regardless of which data protection statute might apply to you. You are entitled to the following:
Right to know - You have the right to know about the personal information we collect about you and how it is used and shared.
Right to access – You have the right to request copies of your personal data.
Right to rectification – You have the right to request that IASSIST corrects any inaccurate information, or to complete any incomplete information about you.
Right to erasure – You have the right to request that IASSIST erases your personal data, under certain conditions. IASSIST has a right to archive your data for research and statistical purposes.
Right to restrict processing – You have the right to request that IASSIST restricts the processing of your personal data, under certain conditions.
Right to object to processing – You have the right to object to IASSIST’s processing of your personal data, under certain conditions.
Right to data portability – You have the right to request that IASSIST transfers the data that we have collected to another organization, or directly to you, under certain conditions.
Right to non-discrimination - You have the right to be treated as any other member, regardless of whether you exercise any of these rights.
During your active membership you can always access and edit your information, and change your preferences by logging in on our membership site (www.iassistdata.info).
If you would like to exercise any of these rights, please contact us at our email: iassist.membership ( at ) gmail.com or exec ( at ) lists.iassistdata.org
Response to data breaches or other threats
Data breaches should be reported to the IASSIST Executive Committee, exec ( at ) lists.iassistdata.org, as soon as possible. An official from the association will respond as soon as possible and within the time frame indicated by any applicable data protection statute.
Cookies
A cookie is a small text file stored on your computer when you visit our website. They are usually used for automatically logging information on visitor behavior. IASSIST never uses cookies in a way that would infringe on users’ privacy.
How do we use cookies?
We use cookies to improve the functionality and contents of our websites and make the membership services available to you. They are used for:
- keeping you signed in on iassistdata.info
- understanding how you use our public website at iassistdata.org
What types of cookies do we use?
Google Analytics cookies for website analytics (iassistdata.org) and cookies set by the Wild Apricot membership management software to keep you logged in (iassistdata.info) See our cookies info page for more information: https://iassistdata.org/about/cookies/
How to manage cookies
If you do not modify the provided cookie settings, you accept the use of cookies on IASSIST’s website. You should note that some cookies are often necessary to enable the use of services on the website.
Changes to our Privacy Policy
IASSIST regularly reviews its privacy policy. On this page you will find the latest version of the policy. We reserve the right to amend this Privacy Policy at any time. This policy was last updated on April 29, 2022.
How to contact the appropriate authority
Should you wish to report a complaint or if you feel that IASSIST has not addressed your concern in a satisfactory manner, you have the right to lodge a complaint with your local supervisory authority. All EU countries have a supervisory authority for GDPR-related inquiries. IASSIST will act within the bounds of the GDPR when responding to any complaints.