Updated August 1, 2019
2. INFORMATION WE COLLECT
Personal Data is information that directly or indirectly identifies you, such as your name, email address, date of birth and telephone number.
Other Information is information that, by itself does not individually identify you, such as browser type, operating system, the webpages you viewed and how long you viewed them.
The Koa Club generally does not treat Other Information as Personal Data unless required by applicable law. If The Koa Club links together different types of Other Information or links Other Information to Personal Data, The Koa Club treats the linked information as Personal Data when it directly or indirectly identifies you or another person.
3. HOW WE COLLECT INFORMATION
You may choose not to provide The Koa Club with your Personal Data. If you choose not to provide your Personal Data, you may not be able to enjoy the full range of the Services.
The Koa Club collects information:
When you register for the Services
When you register for the Services, we collect Personal Data, including your name, email address, mobile telephone number, date of birth and password. If you are a member of The Koa Club, we also collect your Member ID, which may be Personal Data under certain laws.
When you use the Services
We collect information about the Services that you use and how you use them. We may also ask for information, some of which is Personal Data, so that we may keep you informed about The Koa Club, provide you with information on upcoming events in your area or inform you of opportunities to support The Koa Club’s mission.
From Your Device
We collect information about your computer, tablet or mobile telephone (“Device”), such as model, operating system version, mobile network information, telephone number, internet service provider and similar identifiers. The Koa Club may associate your Device information with your The Koa Club account. We may collect and store information (including your Personal Data) on your Device through browser web and web application data caches.
We also may collect your geolocation information (“Location Data”) from your wireless carrier, through a wearable or other device you have connected (for example, wirelessly) to our Services, and/or directly from the Device on which you use our Services.
If you are accessing the Services through www.thekoaclub.com, how The Koa Club collects Location Data will differ depending on your Device’s operating system. We do not collect Location Data unless you have “allowed” its collection in your Device’s operating system settings. If you decline to allow Location Data collection in the app, we will not collect your Location Data unless you manually enter it.
The Koa Club may collect information from sensors that provide The Koa Club with information on nearby devices, including Bluetooth address, Wi-Fi access points, and information made available by you or others that indicates your current or prior location.
Through Data Collection Technology
Through Server Logs
A server log is a list of the activities that a server performs. The Koa Club’s servers automatically collect and store in server logs your search queries, hardware settings, browser type, browser language, the date and time of your request and referral URL and certain cookies that identify your browser or The Koa Club account. Sone of this information is collected through Data Collection Technology.
4. DATA COLLECTION TECHNOLOGY
Data Collection Technology collects all sorts of information, such as how long you engage with the Services, the content you view, your search queries, error and performance reports, as well as Device identifier or IP address, browser type, time zone and language settings and operating system.
Data Collection Technology deployed through the Services includes cookies.
Cookies are small text files that are sent to or accessed from your web browser or your computer’s hard drive. A cookie typically contains the name of the domain (internet location) from which the cookie originated, the “lifetime” of the cookie (i.e., when it expires) and a randomly generated unique number or similar identifier. A cookie also may contain information about your Device, such as user settings, browsing history and activities conducted while using the Services.
The Services use the following cookies:
- Strictly necessary cookies, which are required for the operation of the Services. Without them, for example, you would not be able to register or log in for the Services that The Koa Club offers.
- Analytical/performance cookies, which allow The Koa Club to recognize and count the number of visitors, learn how visitors navigate the Services, and improve the Services.
- Functionality cookies, which The Koa Club uses to recognize you when you return to the Services.
The Koa Club also uses analytics services, such as Google Analytics, to collect information. Generally, analytics services do not identify individual users. Many analytics services allow you to opt out of data collection.
For example, to learn more about Google Analytics practices and to opt out, visit www.google.com/settings/ads or by downloading the Google Analytics opt-out browser add-on at https://tools.google.com/dlpage/gaoptout.
How The Koa Club Uses Data Collection Technology
Some Data Collection Technology is deployed by The Koa Club when you visit the Services. Other Data Collection Technology is deployed by third parties with which The Koa Club partners to deliver the Services.
Data Collection Technology helps us improve your experience of the Services by compiling statistics about use of the Services and helping us analyze technical and navigational information about the Services.
We also may use Data Collection Technology to collect information from the Device that you use to access the Services, such as your operating system type, browser type, domain and other system settings, as well as the language your system uses and the country and time zone in which your Device is located.
Your Control of Cookies
Do Not Track
Some web browsers (including Safari, Internet Explorer, Firefox and Chrome) incorporate a “Do Not Track” (“DNT”) or similar feature that signals to websites that a user does not want to have his or her online activity and behavior tracked. If a website that responds to a particular DNT signal receives the DNT signal, the browser can block that website from collecting certain information about the browser’s user. Not all browsers offer a DNT option and DNT signals are not yet uniform. For this reason, many website operators, including The Koa Club, do not respond to DNT signals.
5. HOW WE PROCESS PERSONAL DATA
The Koa Club processes Personal Data:
- To set up and maintain your registration and account with the Services;
- To communicate with you;
- To deliver relevant content to you;
- To provide features through the Services, such as social networking options;
- To prevent and investigate fraud and other misuses of the Services;
- To protect our rights and property;
- To operate, manage and improve the Services; and
- To ensure the technical functionality and security of the Services.
The Koa Club processes Other Information:
- To administer and improve the Services and your experience on the Services;
- To analyze trends and gather broad aggregate demographic information;
- To statistically monitor how many people are using the Services or opening our emails;
- To develop, improve and protect the Services;
- To conduct audience research;
- To audit and analyze the Services; and
- To ensure the technical functionality and security of the Services.
6. HOW WE SHARE INFORMATION
We may share your Personal Data collected via the Services as follows:
To Protect Legal Rights. Applicable law may require The Koa Club to disclose your Personal Data if: (i) reasonably necessary to comply with legal process (such as a court order, subpoena or search warrant) or other legal requirements; (ii) disclosure would mitigate The Koa Club’s liability in an actual or threatened lawsuit; (iii) necessary to protect legal rights of The Koa Club, users, customers, business partners or other interested parties; or (iv) necessary for the prevention or detection of crime (subject in each case to applicable law).
The Koa Club may aggregate information collected though the Services and remove identifiers so that the information no longer identifies or can be used to identify an individual (“Anonymized Information”). The Koa Club shares Anonymized Information with third parties and does not limit third parties’ use of the Anonymized Information because it is no longer Personal Data.
7. CHILDREN’S PRIVACY
The Koa Club does not knowingly collect or solicit any information from anyone under the age of 18 or knowingly allow such persons to register for the Services. The Services and its content are not directed at anyone under the age of 18. In the event that we learn that we have collected personal information from a child under age 18 without parental consent, we will delete that information as quickly as possible. If you believe that we might have any information from or about a child under 18, please contact us at email@example.com.
8. SECURITY OF YOUR PERSONAL DATA
The Koa Club takes precautions intended to help protect information that we process but no system or electronic data transmission is completely secure. Any transmission of your Personal Data is at your own risk and we expect that you will use appropriate security measures to protect your Personal Data.
You are responsible for maintaining the security of your account credentials for the Services. The Koa Club will treat access to the Services through your account credentials as authorized by you. Unauthorized access to password-protected or secure areas is prohibited and may lead to criminal prosecution. We may suspend your use of all or part of the Services without notice if we suspect or detect any breach of security. If you believe that information you provided to us is no longer secure, please notify us immediately using the contact information provided below.
If we become aware of a breach that affects the security of your Personal Data, we will provide you with notice as required by applicable law. To the extent permitted by applicable law, The Koa Club will provide any such notice that The Koa Club must provide to you at your account’s email address. By using the Services, you agree to accept notice electronically.
9. RETENTION OF YOUR PERSONAL DATA
The Koa Club retains Personal Data in identifiable form only for as long as necessary to fulfill the purposes for which the Personal Data was provided to The Koa Club or, if longer, to (i) comply with law legal obligations, (ii) detect and prevent fraud, (iii) resolve disputes, (iv) enforce agreements, (v) take actions we deem necessary to protect the integrity of the Service or our users, and (vi) similar essential legal purposes.
10. YOUR CHOICES ABOUT YOUR PERSONAL DATA
Your Privacy Preferences
When you register for the Services, you consent to receive email messages from us. You may modify this consent later by visiting your account settings. You also may opt out of receiving marketing emails by clicking the opt-out request in each marketing email. (It may take up to 10 days for us to process an opt-out request.) You may not opt out of transactional emails, such as service announcements, administrative notices and surveys.
The Koa Club also may deliver notifications to your Device. You can disable some of these notifications through your Device’s operating system, through your account settings or by disabling the applicable Service.
Changing information in your account or otherwise opting out of promotional email communications will only affect future activities or communications from The Koa Club. If The Koa Club already provided your information to a third party (such as a service provider) before you have changed your account settings or updated your information, you may have to change your preferences directly with that third party.
Your Right to Review Your Personal Data
If you would like to review the Personal Data that The Koa Club maintains about you, please contact us in writing using the contact information below. If you are a registered user, you can review certain Personal Data that you provided to The Koa Club by logging in to your account. If you are not a registered user, The Koa Club may take reasonable steps to verify your identity before providing access to Personal Data. Inquiries to review personal data can be sent to The Koa Club by email at firstname.lastname@example.org.
Your Right to Correct or Delete Your Personal Data
The easiest way to correct or delete certain Personal Data that you have provided to the Services is to log in to your account and enter the necessary changes to your user profile. If you have additional questions regarding the correction or deletion of your Personal Data, please contact The Koa Club at email@example.com.
The Koa Club will review your request but may not be able to grant access to or change or delete certain of your Personal Data. We will respond to your requests within the time allowed by all applicable data protection laws and will make every effort to respond as accurately and completely as possible. If The Koa Club cannot provide access or correct or delete your Personal Data, then The Koa Club will notify you within 30 days.
11. ONWARD TRANSFER AND CONSENT TO INTERNATIONAL PROCESSING
If you are visiting from the European Union or other regions with laws governing data collection and use, please note that you are agreeing to the transfer of your Personal Data by The Koa Club from your region to countries in which privacy laws might not provide the same level of protection. By providing your Personal Data, you consent to any transfer and processing in accordance with this Policy.
12. COMPLAINTS ABOUT HOW THE KOA CLUB PROCESSES YOUR PERSONAL DATA
If you have any complaints regarding how The Koa Club processes your Personal Data, please contact The Koa Club at firstname.lastname@example.org with a detailed description of the complaint. The Koa Club responds to complaints as soon as practicable, and in any event, within the time limits prescribed by law.
14. APPLICABLE LAW
15. HOW TO CONTACT US
If you have any questions, comments, or concerns about how we handle your Personal Data, then please contact us as follows:
- Mailing Address:
The Koa Club
1414 4th Avenue
Seattle, WA 98101
16. EU Privacy Notice
For residents of the European Union (EU) and European Economic Area (EEA) whose information has been knowingly collected by The Koa Club, the following information applies to you:
If you are an EU or EEA resident and The Koa Club knowingly collects your personal information (also called ‘personal data’), we will do so in accordance with applicable laws that regulate data protection and privacy. This includes, without limitation, the EU General Data Protection Regulation (2016/679) (‘GDPR’) and EU member state national laws that implement or regulate the collection, processing and privacy of your personal data (together, ‘EU Data Protection Law’).
This Privacy Notice also provides information on your legal rights under EU Data Protection Law and how you can exercise them.
When personal data is collected
When you register for the Services, use the Services, apply to become or become a member of The Koa Club, or attend any events or other activities organized by The Koa Club, we collect Personal Data, including your name, email address, mobile telephone number, date of birth and password. If you are a member of The Koa Club, we also collect your Member ID, which may be Personal Data under certain laws.
The lawful grounds on which we collect and process personal data
We process your personal data for the above purposes, relying on one or more of the following lawful grounds under EU Data Protection Law:
- where you have freely provided your specific, informed and unambiguous consent for The Koa Club to process your personal data for particular purposes:
- where we agree to provide services to you as a member of The Koa Club, donor or other lawful purpose, in order to set up and perform our contractual obligations to you and/or enforce our rights:
- where we need to process and use your personal data in connection with our legitimate interests as a global network and being able to effectively manage and operate our organization in a consistent manner across all territories. We will always seek to pursue these legitimate interests in a way that does not unduly infringe on your legal rights and freedoms and, in particular, your right to privacy: and/or
- where we need to comply with a legal obligation or for the purpose of us being able to establish, exercise or defend legal claims.
Please also note that some of the personal data we may unintentionally receive and may include what is known as ‘sensitive’ or ‘special category’ personal data about you, for example, information regarding your ethnic origin or political, philosophical and religious beliefs. This is not the type of data that The Koa Club would routinely collect, but if we process such sensitive or special category data we will only do this in specific situations where:
- you have provided this with your explicit consent for us to use it: or,
- there is a legal obligation on us to process such data in accordance with EU Data Protection Law
- it is needed to protect your vital interests (or those of someone else) such as in a medical emergency: or,
- where you have clearly chosen to publicize such information: or,
- where needed in connection with a legal claim that we have or may be subject to.
If The Koa Club provides direct marketing communications to individuals in the EU/EEA regarding services and/or events which may be of interest, this will be done in accordance with EU Data Protection Law, and in particular where we contact individuals for direct marketing purposes by SMS, email, fax, social media and/or any other electronic communication channels, this will only be with the individual’s explicit consent or in relation to similar services to services that the individual has purchased (or made direct enquiries about purchasing) from The Koa Club before.
Individuals are also free to object or withdraw consent to receive direct marketing from us at any time, by contacting us at email@example.com or by selecting “unsubscribe” at the bottom of any marketing email received.
Disclosing your personal data to third parties
We may disclose your personal data to certain third party organizations who are processing data solely in accordance with our instructions (called ‘data processors’) such as companies and/or organizations that support our business and operations (for example providers of web or database hosting, IT support, payment providers, event organizers, agencies we use to conduct fraud checks or mail management service providers) as well as professionals we use such as lawyers, insurers, auditors or accountants. We only use those data processors who can guarantee to us that adequate safeguards are put in place by them to protect the personal data they process on our behalf.
We may also disclose your personal data to third parties who make their own determination as to how they process your personal data and for what purpose(s) (called “data controllers”). The external third party data controllers identified above may handle your personal data in accordance with their own chosen procedures and you should check the relevant privacy policies of these companies or organizations to understand how they may use your personal data.
Other than as described above, we will treat your personal data as private and will not routinely disclose it to third parties without you knowing about it. The exceptions are in relation to legal proceedings or where we are legally required to do so and cannot tell you (such as a criminal investigation). We always aim to ensure that your personal data is only used by third parties we deal with for lawful purposes and who observe the principles of EU Data Protection Law.
Your personal data rights
In accordance with your legal rights under EU Data Protection Law, you have a ‘subject access request’ right under which can request information about the personal data that we hold about you, what we use that personal data for and who it may be disclosed to as well as certain other information.
Usually we will have one month to respond to a subject access request. However, we reserve the right to verify your identity and we may, in case of complex requests, require a further two months to respond. We may also charge for administrative time in dealing with any manifestly unreasonable or excessive requests. We may also require further information to locate the specific information you seek and certain legal exemptions under EU Data Protection Law may apply when responding to your subject access request.
Under EU Data Protection Law. EU/EEA residents also have the following rights, which can be enforced by making a request in writing:
- that we correct personal data that we hold about you which is inaccurate or incomplete:
- that we erase your personal data without undue delay if we no longer need to hold or process it:
- to object to any automated processing (if applicable) that we carry out in relation to your personal data. for example if we conduct any automated credit scoring:
- to object to our use of your personal data for direct marketing:
- to object and/or to restrict the use of your personal data for purpose other than those set out above unless we have a compelling legitimate reason: or
- that we transfer personal data to another party where the personal data has been collected with your consent or is being used to perform contract with you and is being processed by automated means.
So we can fully comply, please note that these requests may also be forwarded on to third party data processors who are involved in the processing of your personal data on our behalf.
If you would like to exercise any of the rights set out above, please contact us at the address below.
If you make a request and are not satisfied with our response or believe that we are illegally processing your personal data, you have the right to complain to the Office of the Information Commissioner in the United Kingdom.
How long we retain your personal data
The Koa Club retains personal data identifying you for as long as necessary in the circumstances – for instance, as long you are a member of a club or have a relationship with our network: for a reasonable period to send you marketing where we have regular contact with you, or as may be needed to enforce or defend contract claims or as is required by applicable law.
The Koa Club retains Personal Data in identifiable form only for as long as necessary to fulfill the purposes for which the Personal Data was provided to The Koa Club or, if longer, to (i) comply with law legal obligations, (ii) detect and prevent fraud, (iii) resolve disputes, (iv) enforce agreements, (v) take actions we deem necessary to protect the integrity of the Service or our users, and (vi) similar essential legal purposes. This criteria takes into consideration the reasonable expectations of those whose personal data we collect in these circumstances, taking into account various legislative requirements and guidance issued by relevant EU regulatory authorities.
In accordance with the above retention policy, the personal data that we no longer need will be disposed of and/or anonymized so you can no longer be identified from it.
If you have any questions about The Koa Club’s privacy protection practices or believe we have not adhered to this Policy, please contact us at firstname.lastname@example.org.