Online Privacy and Security
Last Updated May 24, 2018
As a visitor, you may use this website without revealing any personal information. Only aggregate data (such as the number of users, hits per page, country of origin) is collected. This data is used to update and improve information provided on the website and does not include any personally identifying information. For areas of the website that do request personal information, following is a summary of how that information is used.
Credit card security
As a convenience to its members and other website visitors, RRCNA has arranged for credit card payment for memberships, donations, conferences, and product purchases. All transactions through the RRCNA website are secure. Credit card numbers and amounts are encrypted and sent to a credit card authorization center for service and approval. RRCNA staff and service representatives do not receive full credit card numbers and emails related to credit cards, and no credit card numbers are stored on our website. Despite the high level of security, some visitors may choose not to transmit credit card information electronically. This website includes order forms that can be downloaded and mailed. For products and publication orders, RRCNA maintains a toll-free number, 1-877-883-7323.
Information on these forms is designed to help us provide service to members such as member publications, notices of conferences, and information related to implementation of Reading Recovery.
Occasionally, RRCNA provides its membership mailing address list to carefully selected companies, for a fee. If members prefer not to receive mailings from publishers or vendors, they may designate their preference on all current membership forms. Members also may email the membership department or call 614-310-7322 to relay their preference to an RRCNA staff member. Email addresses and telephone numbers are never shared with third party vendors.
Product and publications order forms
Information submitted to the product and publications order department is used only to fill orders. This information is never released for third party use.
Conference registration forms
Conference registration forms allow the conference department to process registrations, payments, and session requests. Attendee names and postal addresses are sometimes made available to conference exhibitors.
RRCNA publishes an online password-protected membership directory in the Members Only section of the website. Only those with a member ID and password may use this section of the website. The purpose of the membership directory is to allow professional exchange of information among Reading Recovery personnel and RRCNA members. RRCNA does not distribute the membership directory to any third parties either in electronic or printed form.
Processing of your personal data
In the context of this policy, we act as a data controller for the personal data that we process and may rely on one or more of the following legal grounds:
- your consent;
- the need to perform our obligations under a contract or to perform related precontractual duties;
- the legitimate interests pursued by us, such as to recruit new members as well as to retain data for facilitating re-enrollment; and
- any other ground, as required or permitted by law in the specific respective context.
If you provide us personal data with regard to the performance of a contract, we require this information to be able to enter into a contract with you. Please note that you may withdraw your consent at any time by visiting https://readingrecovery.org/contact/. This will not affect the lawfulness of processing, based on consent before the withdrawal.
Categories of Personal Data
These may include:
- contact information, such as first and last name, email address, phone number, and residence address;
- events attendance data;
- online store purchases;
- proposal system submissions; and
- any other type of information we may ask you for or that you may choose to provide us with.
How We Receive Personal Data
We receive personal data through our website when:
- you sign up as a member of our association;
- you interact with our website by, for example, registering for an event; or
- information that you provide to us by any other means is entered into our system by us, e.g., for the purpose of sending email newsletters.
We may also receive your personal data from third parties and will notify you, where required by applicable laws, without undue delay.
Purposes of Processing
These may include:
- registering you as a member of our association;
- enabling your use of the features of our website;
- handling dues and fee billings for membership, events, and other association business;
- retaining statistical information about your involvement, activity, and dues/fee payment;
- tracking donations and store purchases;
- tracking event attendance and committee membership;
- scheduling volunteer activity;
- tracking proposal submissions for a call-for-proposals;
- tracking online learning participation;
- featuring news articles/press releases related to your association activity;
- responding to your inquiries, and/or other requests or questions; and
- periodically sending you newsletters and other marketing materials.
When the purposes of the processing are satisfied, we will purge/anonymize your personal data within 6 months.
Sharing Personal Data with Third Parties
We may share your personal data with other entities, solely to enable them to perform the services for us. In doing so, we require that those third-party vendors maintain at least the same level of security that we maintain for such personal data. These vendors may include:
- association management software;
- web development services;
- hosting services;
- cloud storage services;
- IT support services;
- analytics services;
- customer support services;
- payment services; and
- any other type of external services we might need for us to be able to operate our Website and to provide you with our services.
If we would need to transfer your personal data to third parties, we will ensure that this will be subject to appropriate safeguards and other requirements, as stated in the applicable laws.
Other Disclosure of Your Personal Data
We may also disclose your personal data:
- to the extent required by law or if we have a good-faith belief that such disclosure is necessary, in order to comply with official investigations or legal proceedings initiated by governmental and/or law enforcement officials, or private parties, including but not limited to in response to subpoenas, search warrants, or court orders;
- to our affiliates, only if necessary for business and operational purposes.
We reserve the right to use, transfer, sell, and share aggregated, anonymous data, which does not include any personal data, about our website users as a group for any legal business purpose, such as analyzing usage trends and seeking compatible advertisers, sponsors, clients, and customers.
If we must disclose your personal data, in order to comply with official investigations or legal proceedings initiated by governmental and/or law enforcement officials, we may not be able to ensure that those recipients will maintain data privacy or security.
We do not perform automated decision-making activities, such as profiling.
Data Integrity and Security
We have implemented and will maintain technical, organizational, and physical security measures that are reasonably designed to help protect your personal data from unauthorized processing, such as unauthorized access, disclosure, alteration, or destruction.
Access, Correction, and Deletion
You may have the right to request access to, and the opportunity to update, correct, or delete your personal data. See the Contact Us section below. We will implement your requested changes as soon as we reasonably can.
Restriction and Objection to Processing, Portability
You may have the right to ask that we limit our processing of your personal data, as well as the right to object to that processing. You may also have the right to ask to have your personal data exported in a machine-readable format. To exercise such rights, where applicable, see the Contact Us section below.
Privacy of Children
Our website is not directed at, or intended for use by, children under the age of 13, and we do not knowingly allow anyone under the age of 18 to provide any personal data. Children should always get permission from a parent or guardian before sending personal information over the Internet. If you believe your child may have provided us with personal data, see the Contact Us section below and we will delete that data.
Supervisory Authority Oversight
You may also have the right to lodge a complaint with a data protection regulator in one or more of the European Union Member States.
Changes to This Policy
We may update this policy from time to time by posting a new version and effective date on this webpage. You should visit this page occasionally to ensure you agree with any changes. By continuing to use our website after we post any such changes, you agree that you accept the policy as modified.
If you suspect that information you submit to RRCNA has been used in a way that violates this privacy statement, please contact us so we can investigate your concerns.
RRCNA’s online security and privacy policies may be updated at any time, and it is the website visitor’s responsibility to review them periodically.