Geological Society of America Privacy Policy
(Updated 10/22/2024)
Introduction
The Geological Society of America (GSA) is committed to safeguarding your privacy and ensuring your personal data is protected. This Privacy Policy explains how we collect, use, disclose, and protect your personal data when you interact with our services, visit our websites, attend events, or engage with us. Our practices are designed to comply with the CAN-SPAM Act, General Data Protection Regulation (GDPR), the Canada Privacy Act, the California Privacy Rights Act (CPRA), and the Payment Card Industry Data Security Standard (PCI DSS).
We prioritize the privacy and security of our customers' payment card information by adhering to the Payment Card Industry Data Security Standard (PCI DSS). Our organization employs strong security measures, including encryption and access controls, and conducts regular assessments to protect sensitive data. We are committed to maintaining the highest data protection and privacy standards. By using our services or interacting with GSA, you agree to the practices described in this policy.
Data Collection
GSA collects personal information you provide directly to us, such as when registering for events, subscribing to newsletters, making purchases, or contacting us for support. This data may include your name, contact information, payment details, and professional or academic background. We may also collect information automatically when you visit our website, including your IP address, device details, and browsing behavior. Additionally, we may receive information about you from third parties, such as social media platforms or event organizers.
Information You Provide to Us
We collect personal information that you provide to us directly. This may occur when you:
- Register for membership, conferences, or events
- Sign up for newsletters or other communications
- Purchase products or services from us
- Submit inquiries, feedback, or requests for customer service
- Apply for grants, scholarships, or awards
- Participate in surveys, research, or other engagement activities
- Submit abstracts or manuscripts for publication
- Post content on forums or discussion boards
The personal information we collect may include, but is not limited to:
- Full name
- Contact information (email address, mailing address, telephone number)
- Payment information (credit card or other payment details)
- Employment information (job title, employer, professional associations)
- Academic information (degree, discipline, areas of expertise)
- Communications preferences
- Demographic information (gender, age, nationality, etc.)
- Any other information you provide voluntarily
Information We Automatically Collect
When you visit our websites, we may automatically collect certain information through cookies, web beacons, and other tracking technologies. This information may include:
- IP address
- Browser type and version
- Operating system and device type
- Website usage data, including pages viewed, time spent on the site, and links clicked
- Referring websites or search engine
- Geolocation data
Information from Third Parties
We may receive information about you from third parties, such as:
- Social media platforms when you interact with us on those platforms
- Conference and event organizers if you attend our events
- Payment processors who facilitate your transactions with us
- Public databases or professional networks
Cookie Disclosure Notice
The Geological Society of America (GSA) uses cookies and similar technologies to enhance your experience on our website. Cookies are small text files stored on your device that help us understand how you use our site, improve functionality, and provide personalized content.
Types of Cookies We Use
- Necessary Cookies: These cookies are essential for the website to function properly, such as enabling secure logins and remembering your preferences.
- Functional Cookies: These cookies allow us to offer enhanced functionality and personalization, such as remembering your login details and providing support services.
- Analytical Cookies: These cookies help us analyze how users interact with our website, allowing us to improve site performance and user experience.
- Marketing Cookies: These cookies deliver advertisements that are more relevant to you and your interests. They may also track your browsing activity across different websites.
Managing Cookies
You can manage or disable cookies through your browser settings at any time. Please note that disabling cookies may affect the website's functionality, preventing you from using all features. You can also adjust your cookie preferences through our cookie consent tool, which allows you to accept or reject different types of cookies.
Legal Basis for Processing
Depending on the context, we process personal data based on your consent, contractual obligations, legitimate interests, and/or legal requirements. For example, we use your data to provide services, communicate with you, process payments, and improve our offerings. We may also use your information for marketing purposes, but only if you have given explicit consent.
CAN-SPAM (for U.S. Residents)
The CAN-SPAM Act is a U.S. law that establishes rules for commercial email messages, giving recipients the right to opt out of receiving further emails. It requires senders to include clear and accurate subject lines, a valid physical address, and a clear method for recipients to unsubscribe from future emails. The law prohibits misleading or deceptive content in emails, and businesses must honor opt-out requests promptly.
Canada Privacy Act
The Canada Privacy Act is a federal law that governs how government institutions collect, use, and disclose personal information. It grants individuals the right to access and correct their personal information held by federal institutions and requires these institutions to protect the privacy of individuals by limiting data collection to necessary purposes. The law ensures transparency by requiring institutions to inform individuals why their data is being collected and how it will be used.
GDPR (For EU Residents)
The General Data Protection Regulation (GDPR) is a comprehensive data protection law that applies to organizations handling individuals' personal data within the European Union (EU). It ensures that individuals have greater control over their personal data, granting rights such as access, correction, deletion, and restriction of data processing. GDPR requires organizations to obtain explicit consent for data collection, implement strong security measures, and report data breaches within strict timelines.
CPRA (for California Residents)
The California Privacy Rights Act (CPRA) expands upon the California Consumer Privacy Act (CCPA) and strengthens privacy protections for California residents. It provides individuals with enhanced rights over their personal information, such as the right to access, delete, and correct their data, and to opt out of the sale or sharing of their information. The CPRA also introduces new protections for sensitive personal data, including health, financial, and biometric information.
How We Use Your Data
GSA uses your personal data primarily to deliver services you request, such as processing memberships, handling event registrations, and providing customer support. We also use it to communicate with you, send promotional materials, and personalize your experience with GSA. Additionally, we may use your data to improve our services, conduct analytics, and ensure the security of our platform.
Sharing Your Information
GSA shares personal data with third-party service providers who help us operate our services, such as payment processors and email marketing platforms. We ensure that these providers are contractually obligated to protect your information and use it only for our specified purposes. We do not sell or trade your personal data to third parties. In certain situations, we may be required to disclose your information to legal authorities if mandated by law.
Data Security
We take the security of your personal data seriously. We employ industry-standard security measures, including encryption and access controls, to protect your data from unauthorized access, alteration, or loss. However, no system is entirely secure, so we cannot guarantee absolute security. In the event of a data breach, we will notify you and the appropriate authorities as required by law.
Your Rights
You have specific rights depending on where you are located. Under GDPR, you have the right to access, correct, delete, or restrict the processing of your data. Under the Canada Privacy Act, you can access and correct your data or withdraw consent at any time. California residents under the CPRA have the right to know what data has been collected about them, request its deletion, and opt out of the sale of personal data. If you wish to exercise any of these rights, please contact us using the information below.
Data Retention
We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, or as required by law. When we no longer need your data, we securely delete or anonymize it. Your information may be transferred and processed in countries other than your own, but we ensure that appropriate safeguards are in place to protect your data when transferred internationally.
Changes to This Privacy Policy
This Privacy Policy may be updated periodically to reflect changes in our practices or legal requirements. We encourage you to review this page regularly for the most current information.
Contact Us
If you have any questions or concerns about this policy, or if you wish to exercise your rights, you can contact us at:
The Geological Society of America
P.O. Box 9140
Boulder, CO 80301-9140
Email: gsaservice@geosociety.org
Phone: +1-303-357-1000
Toll free: +1-800-472-1988