ACM Privacy Policy (original) (raw)
The Association for Computing Machinery ("ACM", "we", "us" or "our") is committed to protecting the privacy of its members and other individuals with whom it interacts.
This Privacy Policy ("Policy") explains how we use and maintain the privacy of personal information we collect online in connection with the acm.org Website (the "Website"). For the purposes of any applicable data protection laws (including the EU General Data Protection Regulation), the data controller in relation to your personal information is the Association for Computing Machinery, 1601 Broadway, 10th Floor, New York, NY 10019-7434.
This Policy will apply to personal information ACM collects or otherwise receives about third parties ("you"), including ACM members ("Members"), when you or other visitors to our Website use our Website, otherwise engage with us or which we otherwise obtain about you from third parties. Personal information that is provided to us, or otherwise obtained by us, from which you can be identified ("Personal Information") will only be used in the manner set out in this Policy. By visiting and/or contacting us through the Website (or otherwise engaging with us), you need to be aware that we may collect, use, and transfer your Personal Information in the manner described in this Policy.
1. How We Collect and Use Your Personal Information
ACM only collects Personal Information that is relevant to its activities and seeks to ensure the Personal Information is accurate and up to date. Personal Information collected by ACM may include your name, address, email, telephone number, age range, gender, and certain special categories of personal data such as information about your race, ethnicity, and whether you have a disability.
We may use your Personal Information to:
- correspond and stay in touch with you (as described in more detail below),
- process your request to join ACM as a member and for the renewal and update (and general administration) of your membership,
- process orders and supply the products and/or services you have requested and provide information or support to you in respect of those products and/or services,
- process your application and registration for a conference, contest, or other activity,
- improve our Website and wider offerings (on a confidential basis) to measure and enhance our products and/or services,
- comply with our legal obligations, and
- evaluate the diversity, equity, and inclusion in all ACM activities as part of ACM's commitment to fostering a scientific community that supports and benefits from the talents of community members from a wide range of backgrounds.
We will only process your personal data where we have a legal basis for doing so. Our legal basis will be one of the following outlined below:
- to fulfill our contract with you,
- to pursue our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests,
- to comply with applicable law,
- to fulfil our legal obligations, and
- where we have your consent or, in respect of the processing of special category personal data, your explicit consent to use your Personal Information in a certain way – in each case, you will be made aware and will be provided with the opportunity to withdraw your consent to the processing, should you wish to do so.
We will only use your Personal Information for the purposes for which we collected or received it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose.
Member Databases
ACM maintains member databases that contain mailing, billing, and Member profile information (such as your name, address, and contact details), as well as a record of each Member's product and service purchases. ACM also maintains databases of Member and non-member purchases and of registrations for conferences and other ACM activities. The information in these databases is used by authorized ACM staff members to process orders; mail invoices, purchases, renewal notices, and announcements; respond to Member inquiries; and help us improve our offerings. Member records are maintained as long as an individual is an ACM member and for two years following a membership lapse. Purchases and credit card transactions are retained for as long as required to meet contractual, tax, or auditing needs.
All personally identifiable information contained in ACM membership, purchase, and registration databases is treated as confidential and will be used only for the purposes stated in this Policy, except where required by law.
Sanctions Database
ACM maintains a secure database that contains details of complaints filed with respect to suspected violation(s) of ACM policies. Any complaint received regarding suspected violations of these policies will be addressed in accordance with ACM's complaints procedures. Information about complaints and their resolution will remain in this database for two years following the expiration of the sanction. In the case of harassment complaints that could not be investigated due to reporting anonymity or requests to only be investigated if there were additional reports, the complaints will remain in the database for 10 years. Information about sanctions will be revealed only to authorized volunteers on a need-to-know basis.
ACM Emails
From time to time, ACM may send emails to Members or other visitors to the Website, such as:
- "Must Have" messages that help to service ACM Members including answers to Member questions, acknowledgments of the receipt of membership applications, renewal notices, and other orders,
- occasional "Member Update" announcements about ACM services that we believe to be of some importance to Members. These announcements are short, straightforward messages that contain pointers to online resources where members can explore the information more fully,
- email messages that are a part of a program for which a Member has registered (e.g., an ACM Digital Library early alert email system), and
- where we have the consent of Members or users, emails targeted at specific ACM groups and which are on distribution lists (e.g., Special Interest Group members, Chapter officers, etc.). Only ACM headquarters staff can create and support "acm.org" email distribution lists.
ACM does not sell, rent, or exchange email addresses of its Members or customers. If at any time you decide that you no longer wish to receive any of the emails described above, you may do so by using the "unsubscribe" instructions set out at the bottom of each email.
ACM Web Accounts
Some portions of the ACM Website, specifically the ACM Digital Library, require an ACM Web Account for both Members and visitors. To create an account, ACM Members and customers must provide their name, Member number (if applicable), and email address. They are assigned a "username" (which they may change) and asked to create a password and provide the day and month of their birth (for account verification purposes).
Non-members are asked for their name and email address when they create their account. ACM may send information about ACM products and services that we think may be of interest to non-member ACM Web account holders via email. If at any point you decide that you do not want to receive these emails, you may do so by using the "unsubscribe" instructions set out at the bottom of each email.
Postal Mail
ACM also sends information to its Members via post, using the address details provided by Members via the Website when they join. ACM provides two postal mailing list options to its Members, as follows:
- ACM Subscription & Renewal Notices: receive only products subscribed to plus renewal invoices.
- ACM Announcements: information about ACM's Member Value Plus Program (a program offering discounts on products and services other than ACM's.
You can withdraw your consent to us sharing your Personal Information with our Member Value Plus Program partners in this way at any time. To do so, or to otherwise update your postal tolerance, you will need to contact ACM's Member Services Department by phone: +1-212-626-0500, 1-800-342-6626, fax: +1-212-944-1318, or email: [email protected]. You can also go to myacm.acm.org.
2. Technical Personal Information
Other than in the restricted-access portions of the Website that require an ACM Web Account, ACM does not log the identity of visitors. However, we may keep access logs, for example containing a visitor's IP address and search queries. We may analyze log files periodically to help maintain and improve our Website and enforce our online service policies. ACM only uses cookies as set out in our Cookie Noticeand does not use any user-specific targeting cookies. Raw log files are treated as confidential.
Information collected about ACM Web account usage (including logs of Web pages visited, searches performed, and Digital Library content downloaded) will be stored in an anonymized form and used to improve the ACM Digital Library and other ACM Web offerings.
3. Third Parties
From time to time, we may share Personal Information about ACM Members and customers with companies that are in the same corporate group as us, third parties where we have your explicit consent, or where it is necessary (i) for the performance or provision of the goods or services you have requested, (ii) to process your application and registration for a conference, contest or other activity (for example, for the capture and storage of conference registration information we use the services of CVENT – see privacy policy at https://www.cvent.com/en/cvent-global-privacy-policy), (iii) in response to valid legal process (for example, a search warrant, subpoena, or court order), or (iv) our legitimate business interests.
Third parties with whom your Personal Information may be shared include outside contractors, auditors, consultants, and others hired by ACM to assist in carrying out financial or operational activities. ACM informs these third parties about safeguarding personal information, requires them to use it only for an authorized purpose consistent with this Policy, and to return it to ACM or destroy it upon completion of the activity.
Conversely, ACM may receive Personal Information from these third parties that they collect from you in the course of any engagement you have with them. Where this is the case, once ACM is holding your Personal Information it will be treated in accordance with this Policy.
4. Global Transfer of Personal Information
ACM is located in the United States and, consequently, the Personal Information you provide to ACM will be transferred to and stored on servers in the United States of America. However, you should be aware that, regardless of where your Personal Information is stored, we take all appropriate steps to protect your Personal Information from unauthorized access and against unlawful processing, accidental loss, destruction, and damage. To the extent that your Personal Information is subject to UK and EEA data protection laws, if any of your Personal Information is transferred outside of the UK and/or EEA to an ACM entity based outside the UK and/or EEA or a third party operating on our behalf outside of the UK/EEA, we shall ensure that the transfer is conducted in accordance with our obligations under all applicable data protection laws. Where any transfer takes place under a written contract, you have the right to request a copy of the safeguards in that contract (subject to certain redactions and/or an undertaking from you to respect the confidentiality of that contract) and may do so by contacting us on the details set out in this Policy.
ACM is an international organization and in using and processing your Personal Information it may on occasion be transferred to, stored, and/or processed by our offices outside the United States. Any such transfer of your Personal Information from your country of residence will be in relation to our use and retention of your Personal Information as described in this Policy. By submitting your Personal Information, you are acknowledging this transfer, storage, and processing. As ACM recognizes the importance of data security, we require all our offices to handle your data in accordance with this Policy or equivalent data protection provisions, subject to their compliance with local law requirements.
5. Links
Our may, from time to time, contain links to and from the websites of third parties. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any Personal Information to these websites.
6. Security
The security of personal information is important to ACM. ACM maintains all personal data with technical, administrative, and physical safeguards to protect against loss, unauthorized access, destruction, misuse, modification, and improper disclosure. No computer system or information can ever be fully protected against every possible hazard. ACM provides reasonable and appropriate security controls to protect personal information against foreseeable hazards.
7. Changes to this Policy
Any changes we may make to this Policy in the future will be posted on our Website. It is your responsibility to ensure that you are aware of the latest version of this Policy and by continuing to use our Website or otherwise engage with us, you will be deemed to accept any revised terms.
8. Rights in relation to your Personal Information
To the extent that your data is subject to UK and/or EEA data protection laws, subject to certain exemptions, you have various rights in relation to the Personal Information that we hold about you, as follows:
- You have the right to request that we erase your Personal Information (or any part thereof), a request which we will comply with unless we have a lawful reason to retain the information.
- You have the right to ask us to restrict or stop processing your Personal Information (or any part thereof).
- You have the right, as may be relevant, to make a complaint to the Information Commissioner's Office (the supervisory body in the UK that is responsible for the enforcement of data protection laws), the details of which may be found here or to one of the competent European supervisory authorities, the details of which may be found here.
9. Updating your Personal Information
You can find out what Personal Information ACM holds about you by contacting us at [email protected]. In the event that any of the Personal Information we hold about you is incorrect, you can ask us to update it or remove it.
ACM Members may access the Personal Information contained in their membership records and correct and update their member profile and mailing information by logging into myACMand clicking on the "My Contact Information" link at left. For further assistance please contact ACM's Member Services Department by phone: +1-212-626-0500, 1-800-342-6626, fax: +1-212-944-1318, or email: [email protected].
10. Retention of Personal Information
We will only retain your Personal Information for as long as reasonably necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements and in any event, only for as long as applicable data protection laws allow.
To determine the appropriate retention period for Personal Information, we consider the amount, nature, and sensitivity of the Personal Information, the potential risk of harm from unauthorized use or disclosure of your Personal Information, the purposes for which we process your personal data, whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting or other requirements.
11. Contact Us
Questions, comments and requests regarding this Policy should be sent to [email protected].
For more information about ACM's management of personal data, contact us at [email protected].