"GOOD FENCES MAKE GOOD NEIGHBORS."
ROBERT FROST
Privacy Policy
(revised May 2018)
This Web site (the "Site") is owned and operated by Armenian American Society of Certified Public Accountants (AASCPA), using membership software powered by WildApricot. AASCPA is concerned about your privacy on the Internet and is providing the following information concerning privacy issues pertaining to this Site.
AASCPA exists, in part, to facilitate the sharing of information among its dues paying members ("Members"). At times, it is desirable that Member information be gathered and shared among the Members. AASCPA also recognizes that some visitors to the Site may not be AASCPA Members ("Non-members"). Certain types of information about our users is gathered and tracked by AASCPA. This Privacy Policy discloses what information AASCPA gathers and how it is used.
Summary of Recent Changes
What's New as of 5/25/2018: We recently changed our Privacy Policy to, among other things, reflect compliance with our obligations under the European Union (EU) General Data Protection Regulation (GDPR). The following is a summary of key changes:
Transparency: We’ve provided additional clarity regarding the information we collect from Customers, Members and Non-Members and how we process this information. We’ve also explained the choices and control individuals have over their information.
Data Control: We’ve described how individuals can (i) access, correct or delete their personal data from our systems; and (ii) provide or withdraw consent, as appropriate.
Readability: We’ve updated our Privacy Policy to make it easier to understand by re-organizing it and using plain English.
Last modified 05/25/2018
Are you a Customer, Member or Non-Member?
What types of personal data do our Customers collect?
How do our Customers collect personal data?
How do our Customers use personal data?
Does AASCPA use personal data collected by our Customers?
What is the legal basis for AASCPA to process personal data from the EEA?
How long does AASCPA store personal data collected by our Customers?
How do you access, correct or delete your information?
How does AASCPA use cookies and similar technologies?
How does AASCPA process data from Non-Members?
Does AASCPA process information of children under the age of 13?
Where does AASCPA transfer the data it processes?
How does AASCPA secure the data it processes?
What services AASCPA may offer?
How do you contact AASCPA or AASCPA’s Data Protection Officer?
How does AASCPA publicize changes to its Privacy Policy?
Are you a Customer, Member or Non-Member?
This policy applies to the following classification of individuals that interact with AASCPA:
CUSTOMERS: Individuals that are employees or associates of AASCPA’s direct customers (for example, event planners and speakers), including customer personnel that are assigned a login id and are authorized to access and use our Applications pursuant to an active AASCPA agreement, or under a temporary trial period, if available.
MEMBERS: Members are individuals that interact with our Customers through our Applications. These include our Customers’ current and prospective clients, members, attendees, sponsors, exhibitors, marketing partners, or other business contacts.
NON-MEMBERS: Individuals that interact with our Websites (for instance, to read about AASCPA services, download a white paper, or sign up for an online demo), as well as those who attend AASCPA marketing events (for instance, Fly-Ins, AASCPA events and AASCPA webinars if available) and whom we meet at a trade-show or learn about through a referral from third parties or other external sources.
What types of personal data do our Customers collect?
Our Applications are flexible and allow our Customers to collect a variety of personal data from and about their Members, including name, organization, title, postal address, e-mail address, telephone number, fax number, social media account ID, opinions, and gender.
AASCPA use of personal information collected through our Applications shall be limited to the purpose of providing the service for which our Customers have engaged AASCPA.
If you do not agree with our policies and practices, you may choose not to use our Applications.
How do our Customers collect personal data?
When Members voluntarily and explicitly enter personal data into our Applications or is provided by the Members company.
When our Customers enter Members into our Applications, when permitted, including by having a legitimate business interest or obtaining explicit consent from a Member.
Automatically, as Members interact with our Applications, using commonly used information gathering technologies such as cookies. For additional information about these technologies, see the section below titled "How does AASCPA use cookies and similar technologies?"
How do our Customers use personal data?
If a Member chooses to use our Applications to conduct business with a Customer (for example: register for or check into an event, respond to an online survey, download a mobile application, or assist other Members, any information provided in connection with that interaction will be transferred to, and under the control of, the Customer.
Customers will also have access to information (including personal data and Application usage data) related to how Members interact with the Applications they use. In such instance, the Customers act as data controllers towards the Members, under the European Economic Area (“EEA”) data protection laws. Therefore, AASCPA cannot and does not take responsibility for the privacy practices of Customers.
The information practices of our Customers are governed by their privacy policies. We encourage Members to review the Customers’ privacy policies to understand their practices and procedures.
Does AASCPA use personal data collected by our Customers?
AASCPA does not use personal data of our Members for any purpose other than to provide services that our Customers have contracted us to provide through our Applications, as noted below, or as required by law.
We process personal data in the following manner:
To disclose to our subsidiaries and affiliates, for the purpose of providing services to our Customers and their Members.
To disclose to contractors, service providers, and other third parties as reasonably necessary or prudent to provide, maintain and support our Applications, such as, for example, data center or Web hosting providers. AASCPA does not share, sell or trade any information with such third parties for promotional purposes.
To deliver the Applications that our Customer has contracted us to provide. Some examples include:
If a Member uses one of our Applications to register for an event, we will use their provided e-mail address to send them information and announcements relating to that event.
When a Customer or Member uses our knowledge base to voluntarily provide assistance or opinions to assist another Customer or Member within the application.
When a Customer or Member uses their social media credentials to share information on their social media platform or to log into one of our Applications, we will share information with their social media account provider. The information we share will be governed by the social media site’s privacy policy.
To deliver to a third party in the event of a merger, divestiture, restructuring, recapitalization, reorganization, dissolution or other sale or transfer of some or all AASCPA’s assets, whether as a continuing operating business or as part of bankruptcy, liquidation or similar proceeding, in which personal data held by AASCPA about our Customers and Members is among the assets transferred.
As we believe to be necessary or appropriate: (a) under applicable law, including laws outside your country of residence; (b) to respond to requests from public and government authorities including public and government authorities outside your country of residence; and (c) to protect against or identify fraudulent transactions.
For other purposes when Members provide explicit consent.
We aggregate and anonymize information about (i) Customers and Members, and (ii) the use of our Applications in order to improve our Applications and to create benchmark and other business intelligence products. None of the aggregated and anonymized information contain personal data (i.e., does not identify any individual).
What is the legal basis for AASCPA to process personal data from the EEA?
For individuals that are from the European Economic Area (EEA), our legal basis for collecting and using their personal information will be our legitimate interest where the processing is in our, or a third party's, legitimate interests and not overridden by the individual’s data protection interests, or fundamental rights and freedoms. These interests are to provide individuals with access to the Applications and features of the Applications; to send them information they have requested; to ensure the security of our Applications by trying to prevent unauthorized or malicious activities; or, to enforce compliance with our terms of use, contracts and other policies. In some EEA countries, we are relying on consent as a legal basis for using data for marketing purposes.
How long does AASCPA store personal data collected by our Customers?
Where we process personal data for legitimate business interests described in the section “Does AASCPA use personal data collected by our Customers”, unless otherwise provided in our contract with our Customer, we process the data until 30 days after the termination of the contract, at which time we remove it from our production environment. Within 12 months, we remove the data from our backup media.
How do you access, correct or delete your information?
In various countries, including countries in the EEA, upon their request, Members have the right to access their personal data and, if necessary, have it amended, deleted or restricted. Members can also ask for some types of personal data to be delivered to them, or another organization they nominate, in a structured and machine-readable format.
Where we process your personal data on the basis of your consent, you have the right to withdraw your consent. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal. Members also have the right to complain to a supervisory authority for data protection in the country where they live, or where they work – although we hope that we can assist with any queries or concerns you have about our use of your personal data.
AASCPA processes Members data under the direction of our Customers and has no direct control or ownership of the personal data we process. Customers are responsible for complying with any regulations or laws requiring notice, disclosure or obtaining consent prior to transferring the data to AASCPA for processing purposes. Any Members that seeks to access, correct or delete data, should direct their query to the Customer. If the Customer requests AASCPA to remove the personal data of a Member to comply with data protection regulations, AASCPA will process this request within 30 days.
We will not accommodate a request to change information if we believe the change would violate any law or legal requirement or cause the information to be incorrect. In such instances, we will inform the Customer about the legal obligations that prevent us from fulfilling the request.
How does AASCPA use cookies and similar technologies?
Cookies
We use cookies or similar automatic data collection technologies as individuals interact with our Applications to collect certain information about their equipment, browsing actions and patterns, including:
Details of your visits to our Applications, such as the date and time you access our Applications, length of time you spend on our Applications, websites you visited before or after our Applications, the resources and content that you access and use on the Applications.
Information about your computer and internet connection, such as your IP Address, computer type, screen resolution, language, Internet browser type and version.
Below are the technologies we use for automatic data collection. We do not use any of these technologies to collect information from Members for marketing or advertising purposes.
Browser Cookies
A cookie is a small file placed on a computer hard drive. Web browsers can be configured to restrict or entirely block cookies, to configure cookie notification settings and/or to delete cookies already present on the browser or device. Information on how to do this is provided by the web browser’s help/reference section. Limiting or restricting certain types of cookies may prevent a Customer or Members from using certain portions of our Applications, depending on how the browser settings are configured. For example, event registration cannot be completed successfully if cookies are disabled in the web browser. Unless the browser setting has been adjusted so that it will refuse cookies, our system will issue cookies when the browser interacts with our Applications. For more information about cookies and how to disable them, see www.allaboutcookies.org.
Session Cookies and Persistent Cookies
A "session" cookie lasts for a single browser session only and is deleted when the user closes the web browser. Session cookies allow website operators to link the actions of a user during a browser session. A "persistent" cookie remains on the user’s device (even while powered off) until it expires or is deleted. A persistent cookie will be reactivated when a user returns to the website which posted the cookie. We use persistent cookies to help customize your web experience when you return to a web page or our website.
Neither of these cookies can read or access other cookies or any data from a user’s hard drive. Further, neither of these cookies alone will personally identify a user; however, a cookie will recognize a user’s individual web browser or device through an IP Address, browser version, operating system and other information, and individuals who log in to their AASCPA accounts will be individually identifiable to possible applications using session cookies.
At this time, we do not respond to browser ‘do not track’ signals, as we await for a uniform standard put forth by regulators or the privacy industry. AASCPA earnestly considers an individual’s independent right to determine how their personal data is processed and continues to monitor developments in this area.
You can learn about how you can adjust your browser’s settings to limit or disable cookies and other tracking technologies by visiting the section below titled "Third Party Analytics Providers."
Third Party Analytics Providers
We use third party analytics providers, including Google and others, to collect information about the usage of our Applications and enable us to improve how these Applications work. The information allows us to see the overall patterns of usage on the Applications, helps us record any difficulties you have with the Applications, shows us whether our advertising is effective or not, and allows us to use responses to advertisements to optimize ad performance. Google Analytics use cookies and other similar technologies to collect information about the usage of our Applications and to report website trends to us, without storing any personal data on external third-party analytics provider platforms. See below for more information, or to opt out of these practices:
You may opt-out of Google Analytics by clicking here.
How does AASCPA process data from Non-Members?
AASCPA processes Non-Members data separately and distinctly from the way we process Customer and Members data. By visiting our websites, attending AASCPA events or providing us with your personal information, Non-Members consent to the collection, processing and storage of their personal information as described in this section.
Non-Member Personal Data Collected
AASCPA collects personal data including name, title, postal address, e-mail address, telephone number, company information, survey responses, message board posts, and chat messages. We use this information to provide you with additional details about our services, conduct research, provide whitepapers or to contact you after your visit.
We also collect personal data from third party sources, such as public databases, joint marketing partners, and social media platforms. For example, if a Non-Member elects to connect their social media account to their account for our websites, certain personal data from the social media account will be shared with us, which may include personal data that is part of the Non-Member’s profile or their friends’ profiles.
Additionally, we collect personal data from cookies and similar technologies to collect information about the pages Non-Member view, links Non-Member click on, Non-Members’ web browser information, Non-Members’ IP address and other actions Non-Members may take when accessing our websites. For additional information about our use of these technologies and how to control them, see "Cookies and similar technologies" section below.
AASCPA's Use of Non-Member Personal Data Collected
AASCPA processes Non-Member personal data to:
Analyze how our websites are accessed
Personalize your browsing experience and present products or features that may be more applicable to you;
Identify website technical problems;
Discover, investigate and remediate fraudulent or illegal activity;
Transmit notices related to product, service, or policy changes;
Respond to your product and service inquiries;
Send you information such as product announcements, newsletters, whitepapers, other relevant offers, and upcoming promotions or events (where required, dependent on jurisdiction, we will seek and obtain your explicit consent before sending marketing emails);
Plan and host AASCPA events, host online forums and social networks in which Non-Members may participate;
Analyze, score and identify new prospects;
Create tailored advertising, sales and promotional programs; and
Bill customers for our services and assess the financial capability of prospective customers to afford AASCPA’s solutions.
Storing of Non-Member Personal Data
Where we process Non-Member personal data for marketing purposes or with Non-Member consent, we process the data until the Non-Member asks us to stop. It typically takes up to 30 days to implement your request. AASCPA will not retain AASCPA personal data longer than the statutory retention period permitted in the local jurisdictions where AASCPA services are marketed and provided. We also keep a record of when Non-Member have asked us not to send direct marketing or to process Non-Member data indefinitely so that we can respect the Non-Member’s request in the future.
Sharing of Non-Member Data
AASCPA may share information with third party service providers contracted to provide services on our behalf.
AASCPA may also engage with business partners to jointly offer products, services or other programs such as webinars or whitepapers and from time to time, we may share personal data if you purchase or show interest in any jointly-offered products or services.
AASCPA will only share personal data of Non-Member who attend a AASCPA event with third parties if a) the Non-Member explicitly consents, b) the Non-Member permits their badge to be scanned, or c) it is permissible under applicable law.
Access, correct or delete Non-Member data
Non-Member have the same rights to access, correct or delete their personal data as do our Members, as outlined in section "How do you access, correct or delete your information".
Any Non-Member that seeks to access, correct or delete data, can do so by submitting a request using our contact information on our website at https://www.cpasociety.org/Connect.
AASCPA will process this request within 30 days.
We will not accommodate a request to change information if we believe the change would violate any law or legal requirement or cause the information to be incorrect. In such instances, we will inform the Non-Member about the legal obligations that prevent us from fulfilling the request.
We will maintain an audit history of any requests to access, correct or delete personal information to maintain a record of compliance with regulatory requirements.
Cookies and similar technologies
All practices related to cookies and their usage described in section "How does AASCPA use cookies and similar technologies” also applies to Non-Members when they interact with our websites.
Does AASCPA process information of children under the age of 13?
Our Applications are not intended for children under 13 years of age. We do not directly solicit or collect personal data from children under 13. If you are under 13, do not (i) use or provide any information on these Applications or on or through any of its features, (ii) register to use any of our Applications, (iii) make any purchases through our Applications, (iv) use any of the interactive or public comment features of our Applications or provide any information about yourself to us, including your name, address, telephone number, e-mail address or any screen name or user name you will use.
Where does AASCPA transfer the data it processes?
AASCPA processes that handle data are kept within North America and isn’t transmitted outside of the country.
How does AASCPA secure the data it processes?
We use a variety of organizational, technical and administrative measures to protect personal data within our organization. Unfortunately, no data transmission or storage system can be guaranteed to be 100% secure. If you have reason to believe that your interaction with us is no longer secure (for example, if you feel that the security of any account you might have with us has been compromised), please immediately notify us of the problem by contacting us in accordance with the Contact Information section below.
What services AASCPA may offer?
AASCPA may offer internal resources for our Members and have partnered with multiple vendors that have products that the Members are using in their everyday business needs.
Registration for AASCPA is through a third party that implements appropriate technical and organizational measures designed to assist in maintaining the security and confidentiality of personal data; safeguarding against anticipated threats to the confidentiality, integrity and availability of personal data; and protecting your personal data against accidental or unlawful destruction, loss, alteration, and unauthorized disclosure or access. Such technical and organizational measures include all applicable security requirements in accordance with the Payment Card Industry Data Security Standard.
How do you contact AASCPA or AASCPA’s Data Protection Officer?
For details about the DPO’s role or any privacy questions related to AASCPA’s Privacy Policy, please contact us at admin@cpasociety.org. You should also feel free to contact AASCPA regarding details of our implementation of our privacy program at:
AASCPA Representative
13701 Riverside Dr., Suite 707
Sherman Oaks, CA 91423
How does AASCPA publicize changes to its Privacy Policy?
We will update this Privacy Policy to reflect changes to our information practices. If we make any material changes we will notify you by means of a notice on this website thirty (30) days prior to the changes becoming effective, or by email (sent to the e-mail address specified in your account) seven (7) days prior to the changes becoming effective. However, any changes to the Privacy Policy are effective immediately upon publication for new Non-Members, Customers and Members. We encourage you to periodically review this page for the latest information on our privacy practices.