Privacy Policy

AMS PRIVACY POLICY

February 28, 2019

Who We Are

Association Management Solutions, LLC (“AMS”, “we”, “us”) provides professional management services to  business forums, special interest groups, standards bodies and technology associations. In this Privacy Policy we refer to these parties as our “clients”.  Because our clients are groups and associations, our clients have members who are individual data subjects. In this Privacy Policy we refer to these individuals as “members.”

The professional management services AMS provides to its clients include: planning client meetings and events throughout the world, managing these meetings and events, corporate record keeping and client website hosting. In this Privacy Policy we refer to these professional management services as the “AMS Services.”

AMS operates websites for its own business at www.AMSL.com and other websites owned or operated by us that do not post a different privacy policy (the “AMS Sites”).  AMS also provides website hosting services for some websites owned by AMS’s clients (the “Client Hosted Sites”).

This Privacy Policy applies to information relating to an identified or identifiable natural person (“Personal Data”)”) that we gather in the course of our business. We gather Personal Data from a variety of sources: from offline resources (such as forms our clients complete), email,   through AMS Sites and through Client Hosted Sites (collectively, “Sites”).

Your use of a the AMS Sites constitutes your consent to the terms of this Privacy Policy, except in circumstances where we request your explicit, opt-in consent.

What Information We Collect and How We Get It

Personal Data provided by Clients.

Our clients provide Personal Data to us. This Personal Data relates to the employees, contractors and members of the client.  In most cases client provides this information to AMS by importing data from its database to the AMS Sites using the ARO tool, which is a tool provided by AMS to clients as part of the AMS Services.  A client can use the ARO tool to  upload Personal Data about its members to the AMS Sites.  Occasionally the client will provide Personal Data to AMS by email or using a written form.  If the client operates a Client Hosted Website then the client also provides Personal Data to AMS when AMS manages the Client Hosted Website.

Personal Data you Provide.

The client’s employees, contractors and members provide Personal Data about themselves directly to us, without assistance from the associated client. Typically  the individual provides Personal Data about himself or herself to AMS using the AMS Sites, email or written registration forms.

Site Visitors.

If you visit a Site  we will log and collect this technical information about you: your IP addresses, browser type and page viewing history. We log and collect this Personal Data using cookies and other automated mechanisms. This information usually does not personally identify you, but it is possible that it could at some point be linked with other Personal Data about you.  Please see the section below entitled “Our Use of Cookies’ for more information.  We also collect information that you voluntarily input through our AMS Sites by completing an online form, sending us an email or otherwise contacting us through the AMS Sites.

Other Personal Data We Receive.

As you might expect, we collect or receive information through our AMS Site and also collect information offline. It’s important to us that we preserve the privacy of your personal information both online and off. For example, if you call us to request information about a client meeting then we may ask for your name, place of work and work title. There are other ways we could learn of personal information offline, but this Privacy Policy doesn’t try to predict all those methods. We just want you to know that we try to treat offline information collection, uses, and disclosures consistently with our online privacy practices.

Types of Personal Data.

We collect this Personal Data of a client’s employees and contractors:  first and last name, work e-mail address, and work mailing address.

We collect this Personal Data of a client’s members: first and last name, work e-mail address, work mailing address, work telephone number, organizational affiliation, and employment title. If the member wants to register to attend a client event then we also collect information about that meeting from the member, which may include credit card information if there is a fee to attend the meeting, any special dietary requirements for meals served at the meeting and special physical requirements for accommodations at the meeting. We use this information only to schedule member travel, meetings, meals and lodging while providing the AMS Services.

If a member is required to travel internationally to attend a client event then, depending on the residence of the member, the member may require a work travel visa. In this case the member will direct AMS to issue a “letter of invitation” to the member, inviting the member to attend the client event.  AMS will collect passport information or national identity card information from the member solely to issue the letter of invitation. The member provides the letter of invitation to the appropriate consulate to apply for a work travel visa.  AMS deletes the passport or national identity card information  from its records at the end of the client event.

We collect Personal Data of visitors to the AMS Sites, as described below at the Section entitled “Our Use of Cookies.”

Sensitive Personal Data.

Under some data privacy regimes of some countries, Sensitive Personal Data is subject to heightened restrictions related to transmission and processing and may be collected by us only with the explicit opt-in consent of the data subject. For the purposes of this Privacy Policy “Sensitive Personal Data” means health data, credit card information and government identification photographs and numbers used for the purpose of uniquely identifying a person (such as the photograph and number on a passport). The decision to provide Sensitive Personal Data to AMS is made by the member. We always obtain the member’s explicit opt-in consent prior to collecting Sensitive Personal Data from the member.

How we Use Personal Data

AMS Services.

We use Sensitive Personal Data of a member only to facilitate the member’s attendance at a specific client event managed by us as part of the AMS Services.  More generally, we use the Personal Data we collect about each client’s employees, contractors and members to:

  • provide the AMS Services to that client only,
  • facilitate a member’s attendance at a client event managed by AMS as part of the AMS Services,
  • communicate with that client about the AMS Services,
  • respond to that client’s inquiries or actions, and
  • communicate with that client’s members about AMS Services at the direction of that client.

All information in AMS’s possession about a client and its employees, contractors and members that is Personal Data is segregated by client and utilized only to provide AMS Services to that client. If an individual happens to be a member of two of our clients, such individual’s information may appear in both clients’ records as held by AMS, but will not be linked together within AMS’s records.

Site Visitors.

We use Personal Data of visitors to AMS Sites  to respond to your inquiry, provide AMS Services to the client with which you are associated, and to enhance your online user experience such as efficient webpage navigation and loading.

When we provide website hosting services for a Client Hosted Site  the client is the controller and collector of Personal Data about the visitor to the Client Hosted Site. AMS processes this Personal Data only as instructed by the client. Please refer to the Privacy Policy for each Client Hosted Site for more information about how the client collects, uses and retains Personal Data on the Client Hosted Site. We do not independently review, monitor, “scrape”, “mine” or otherwise collect Personal Data from Client Hosted Sites, unless we are required to do so to comply with any law, regulation or government authority.

Our Use of Cookies

A cookie is a small amount of data, which often includes an anonymous unique identifier that is sent to your browser from a website’s computers and stored on your computer’s hard drive. Cookies can improve a Site user’s experience. AMS uses cookies on the AMS Sites.

We use cookies:

  • because they are strictly necessary to make the AMS Sites work properly,
  • to maintain a user’s logged-in status while a user interacts with the AMS Sites,
  • to help us better understand user behavior on the AMS Sites and
  • to track performance of the AMS Sites, to help us understand whether the AMS Sites are functioning properly.

AMS also uses cookies for email communications. We may use cookies to measure the effectiveness of our email communications and to tailor email content. For example, we may connect the data showing that you clicked a link in an email from AMS then completed an action on our AMS Sites such as registering to attend a client event. This links cookie data with an individual user, so we only do this for users who have consented and opted in to receiving emails from AMS.

AMS also uses cookies in the ARO tool accessed at www.AMSL.com, which is a tool provided to clients as part of the AMS Services.  A client can use the tool to  upload Personal Data about its members to the AMS Sites.  The ARO tool uses single session cookies.  If you delete the cookies in the AMS ARO tool, you will be logged out of ARO immediately.  If you block cookies in the ARO tool, you will not be able to log in to the ARO tool. We use this technology because it is strictly necessary to make the ARO tool work properly.

Many of the cookies used on the AMS Sites and through emails can be enabled or disabled by disabling the cookies through your browser. To disable cookies through your browser, follow the instructions usually located within the “Help,” “Tools” or “Edit” menus in your browser. Please note that disabling a cookie or category of cookies does not delete the cookie from your browser unless manually completed through your browser function.  For further information about cookies and how to manage them, please visit www.allaboutcookies.org.

AMS partners with Google and WordPress who set third party cookies for AMS Site visitors to provide their services, namely Site analysis to provide anonymized and aggregated information on AMS Site usage statistics and patterns. Google and WordPress privacy policies are linked here: Google Privacy Policy and WordPress Privacy Policy. Users may disable these cookies with the same method described above.  Please note that many browsers are set to accept cookies until you change your settings. If you remove or reject our cookies, it could affect how our AMS Sites work for you.

AMS does not use marketing cookies on the AMS Sites.

Third Party Websites’ Cookies

When using our AMS Sites, you may be directed to other websites for such activities as surveys, to make payment in currency other than U.S. dollars, or for job applications. These websites may use their own cookies. We do not have control over the placement of cookies by other websites you visit, even if you are directed to them from our website.

Children’s Information

AMS’s Services and the AMS Sites are a business-to-business operations and are not directed towards children under 16 years of age. If you learn that a child under 16 years old has provided us with Personal Data, please contact us at gdpr@amsl.com, and we will delete that information.

Sharing Information with Others

We do not sell, rent, trade, license, or otherwise disclose your personal information to third parties, except in the limited circumstances described in this Privacy Policy.

We utilize certain third-party consultants, vendors and subcontractors to help us provide our AMS Services and operate the Sites. We share Personal Data with these third parties so they can perform their specific functions for us. Examples include:  data storage facility providers, technical infrastructure providers, social media platforms,  security vendors, hotels, and payment processing companies.  We share Personal Data with social media platforms only to validate your login credentials at the AMS Sites.

We collect member credit card information through our AMS Sites to pay for client membership fees and event fees. The credit card information is encrypted, and transmitted for storage to a high security vault according to strict industry standards. No credit card information is retained in AMS’s own systems. Your credit card information is not exposed anywhere in our own systems. Please do not send your credit card information to our team directly, for example by emailing this information to an AMS representative. Please use our secure, online system to enter your credit card information.

All third parties that access Personal Data provided by us are contractually bound to protect the privacy and security of that Personal Data and to use that Personal Data only as necessary to provide our AMS Services and operate the Sites. Should we undergo a change to our corporate organization (for example, merger, acquisition, financing or other corporate event), we may provide your relevant information to the relevant entity and reserve the right to do so. In rare circumstances, we may need to disclose your information (a) in response to a subpoena or law-enforcement procedure or as we otherwise reasonably believe we are required to do so by law, regulation or governmental authority, (b) to preserve our rights or property, or (c) to protect the personal safety of someone in an emergency, and we reserve the right to do so.

Third-Party Collection of Personally Identifiable Information

AMS does not knowingly permit or facilitate any third-party to collect Personal Data about your online activities over time via the Sites, except to the limited extent described in this policy.

How We Protect Your Personal Data

We use reasonable physical, technical and administrative security protections consistent with industry practice to protect your Personal Data from loss, misuse, unauthorized access, disclosure, alteration or destruction. These measures include, for example, SSL, encryption, firewalls, and monitoring software for the AMS Site to allow for a reliable, private connection to the AMS Sites.

Offline, we restrict access to your personal information to only those AMS employees who need it to perform a specific job function. And we require all AMS employees with access to your personal information to follow specific practices concerning its proper handling. We also hold our vendors who need access to your personal information to strict confidentiality requirements. Third-party service providers assist us with the physical security of some of our computer hardware. When you visit the AMS Sites, you access servers that we backup constantly. Our servers are hosted at locations which are private and secure data center facilities, behind physical and virtual firewalls.

But please remember, while we use industry-standard precautions to safeguard your personal information, we can’t guarantee absolute security.  No measure of security is foolproof, so please keep this in mind when deciding the information you choose to provide to us or to your members through our AMS Services or the AMS Sites.

Data Retention

We reserve the right to retain Personal Data to the extent and for the period reasonably necessary for the legitimate business purpose of operating the AMS Sites, and providing the AMS Services for our clients, as required for record-keeping purposes, and as we reasonably believe we are required to do by law or regulation.   We retain Personal Data associated with a client only for as long as is required to provide the AMS Services to that client. AMS  retains Personal Data of visitors to AMS Sites as long as reasonably useful for AMS’s commercial purposes.

To request deletion of your Personal Data from our records email us at gdpr@amsl.com. You should not expect that all of your information will be completely removed from our databases in response to your request. Where we are required by law to retain Personal Data longer or where Personal Data is required for us to assert or defend against legal claims, we will retain the Personal Data until the end of the relevant retention period or until the claims in question have been resolved.

Do Not Track Signals

The Sites currently do not support the ability to respond to “Do Not Track” signals or other similar mechanisms that may be emitted from a user’s device.

Governing Law

We are located in California, U.S.A., and this Privacy Policy will be governed by California law without regard to any conflict of law principles. By using any of the Sites or our services, you submit to the jurisdiction of and within the State of California. You acknowledge, agree and consent that the use and transmission of your Personal Data as described above, along with any data or information you or our client with whom you are associated provides to us, may occur within and/or outside of the U.S.A., including in jurisdictions that may have less protective data protection laws than the region in which you are situated. Your Personal Data may be stored and processed manually and electronically through global systems and tools for the purposes described in this Privacy Policy.

Legal Basis for Processing Personal Data

AMS processes Personal Data only as necessary to: (a) perform the contracts it enters into with its clients and their members for the AMS Services and (b) operate the AMS Sites.

Transfer of Personal Data from the EEA or Switzerland to the U.S.A.

AMS’s own data centers are located in the United States only and by using the AMS Services, interacting with our Sites, or otherwise providing your personal data to us, your personal data will be transferred to and processed in the United States. AMS adheres to contractual terms with its clients requiring adequate protections for Personal Data transferred from the European Economic Area (“EEA”) or Switzerland to AMS systems in the United States.

In some cases, AMS may share your Personal Data with its subprocessors, to the extent permitted by applicable law. Each of these subprocessors are limited to accessing or using this Personal Data to provide our AMS Services only and must provide reasonable assurances that they will appropriately safeguard any customer data provided by AMS. Each of these subprocessors using Personal Data processes this data in the United States only.

How to Update, Correct and Manage your Personal Data

Should you wish to update, correct or otherwise manage any Personal Data you or the client organization with whom you are associated has provided to us, please notify us at gdpr@amsl.com. In accordance with our obligations under local data protection law, we will use all reasonable means to update or delete your personal data accordingly.

How to Contact Us, Make Requests and Withdraw Consent; EU Representative

If you have any questions or concerns about this Privacy Policy or your Personal Data , please contact us at: +1-510-492-4000 or gdpr@amsl.com.  If you have previously provided consent to process your Personal Data, you may withdraw consent in this manner.  If you are a client with access to AMS’ ARO tool, you may also access and change  Personal Data uploaded by you to the AMS Sites by using the ARO Tool or by contacting gdpr@amsl.com.

AMS retains an EU Data Protection Representative, whose contact information is:

Tim Bell
DPR
Managing Director
+44 (0) 790 4290 phone
timbell@dpr.eu.com
www.dpr.eu.com
29, Clifton House, Fitzwilliam Street Lower, Dublin, Ireland

Updates to this Privacy Policy

We will post any changes and updates to this Privacy Policy on this AMS Site so you can always be aware of what information we collect, use and disclose. We encourage you to review this Privacy Policy periodically so you’ll know if it has been changed or updated. Your continued use of any of the Sites or our services will constitute your acceptance of the revised Privacy Policy, unless we request your express opt-in consent for Personal Data processing.