Privacy Policy

Who we are

Our website address is https://www.ctbirding.org promoting services and activities of the Connecticut Ornithological Association (COA).

Comments

Currently, commenting is not offered on our website.

Media

If you upload images to the website, you may wish to avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.

Cookies

If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, we will set up several cookies to save your login information and screen display choices. Login cookies last two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.

Embedded content from other websites

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.

Who we share your data with

If you request a password reset, your IP address will be included in the reset email.

Gathering of Personally-Identifying Information

Certain visitors to COA’s website choose to interact with COA in ways that require COA to gather personally-identifying information. The amount and type of information that COA gathers depends on the nature of the interaction. For example, visitors who create a COA account provide their name, email address, street address, and phone number. Those who wish to become a COA member and receive publications and access to other materials also use our payment processor to purchase their membership. In each case, COA collects such information only insofar as is necessary or appropriate to fulfill the purpose of the visitor’s interaction with COA. COA does not disclose personally-identifying information other than as described below. And visitors can always refuse to supply personally-identifying information, with the caveat that it may prevent them from engaging in certain website-related activities or receive other COA services and benefits.

Aggregated Statistics

COA may collect statistics about the behavior of visitors to its websites. For instance, COA may monitor our website pages on the ctbirding.org site. However, COA does not disclose personally-identifying information other than as described below.

Protection of Certain Personally-Identifying Information

COA discloses potentially personally-identifying and personally-identifying information only to authorized COA administrative staff, contractors and affiliated organizations that (i) need to know that information to process it on COA’s behalf or to provide services available at COA’s websites, and (ii) that have agreed not to disclose it to others. COA will not rent or sell potentially personally-identifying and personally-identifying information to anyone. Other than for internal COA use, as described above, COA discloses potentially personally-identifying and personally-identifying information only in response to a subpoena, court order or other governmental request, or when COA believes in good faith that disclosure is reasonably necessary to protect the property or rights of COA, third parties or the public at large. If you are a registered user of the COA website and have supplied your email address, COA may periodically send you an email to tell you about new features, solicit your feedback, inform you of membership issues, or just keep you up to date with what’s going on with COA. We also use our various website blogs to communicate this type of information, so we expect to keep this type of email to a minimum. If you send us a request (for example via a support email or via one of our feedback mechanisms), we reserve the right to publish it in order to help us clarify or respond to your request or to help us support other users. COA takes all measures reasonably necessary to protect against the unauthorized access, use, alteration or destruction of potentially personally-identifying and personally-identifying information.

How long we retain your data

For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.

What rights you have over your data

If you have an account on this site, you can request to receive an exported file of the personal data we hold about you, including any data you have provided. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes. Data erasure and/or removal may result in a non-refundable loss of COA benefits and services.

MailPoet newsletter & emails

If you have subscribed to our newsletter or if you are a member of our website (you can log in) or if you have purchased on our website, there is a good chance you will receive emails from us.

We will only send you emails that you have signed up to receive, or which pertain to the services we provide to you.

To send you emails, we use the name and email address you provide us. Our site also logs the IP address you used when you signed up for the service to prevent system abuse.

This website can send emails through the MailPoet sending service. This service allows us to track opens and clicks on our emails. We use this information to improve the content of our newsletters and to measure our success in reaching our members.

No identifiable information is otherwise tracked outside this website except for the email address.

Plugin: WP Mail Logging

When you use this site several actions may trigger the dispatch of emails. They contain information about you associated with your email address. Which data are part of these emails depends on the action performed. These emails are stored and accessible only to the site management personnel as a log file.

Plugin: Really Simple SSL

Really Simple SSL and Really Simple SSL add-ons do not process any personally identifiable information, so the GDPR does not apply to these plugins or usage of these plugins on your website.

Plugin: Smush

Smush sends images to the WPMU DEV servers to optimize them for web use. This includes the transfer of EXIF data. The EXIF data will either be stripped or returned as it is. It is not stored on the WPMU DEV servers.

Smush uses the Stackpath Content Delivery Network (CDN). Stackpath may store web log information of site visitors, including IPs, UA, referrer, Location and ISP info of site visitors for 7 days. Files and images served by the CDN may be stored and served from countries other than yours.

Plugin: The Events Calendar

What personal data we collect and why we collect it

Event, Venue, and Organizer Information

If you create, submit, import, save, or publish Event, Venue, or Organizer information, such information is retained in the local database:

  1. Venue information: name, address, city, country, state, postal code, phone, website, geographical coordinates (latitude and longitude)
  2. Organizer information: name, phone, website, email
  3. Event information: website, cost, description, date, time, image

Importing Events, Venues, and Organizers:

  1. All data present within a CSV or ICS file and external URLs (for events, venues, organizers, and tickets)
  2. Import origin data (URL from where events are being imported—such as Eventbrite, MeetUp, other compatible URL sources, and more, which can include similar or same data as listed above)
  3. Eventbrite Ticket information: name, description, cost, type, quantity

Please note that to create new events through the Community Events submission form, a user must hold a website account on this domain. This information is retained in the local database. It is also possible to create events anonymously, if the site owner has this option enabled.

When purchasing Eventbrite Tickets, attendee, purchaser, and order information are stored and managed by Eventbrite.

API Keys

We make use of certain APIs, in order to provide specific features.

These APIs may include the following third party services: Google Maps (API key), Meetup (OAuth token), PayPal (email, Client ID, Client Secret), Eventbrite (API key, auth URL, Client Secret), and Zoom (email, Client ID, Client Secret).