Privacy Policy

Effective November 13, 2018

At The Chamber of Commerce for Greater Philadelphia, protecting your privacy is important to us. We understand that you may have questions or concerns regarding your Personal Data and how it will be used. With this in mind, we have developed this Privacy Policy (the “Privacy Policy” or the “Policy”).

The Chamber of Commerce for Greater Philadelphia (“us”, “we”, or “our”) operates the https://chamberphl.com website (the “Service” or the “Site”). This Policy informs you of our policies regarding the collection, use, and disclosure of Personal Data when you use our Service and the choices you have associated with that data.  This Privacy Policy does not address Personal Data that you provide to us in other contexts (e.g., through a business relationship not handled through the Site).

We use your data to provide and improve the Service. By using the Service, you agree to the collection and use of information in accordance with the Policy. Unless otherwise defined in this Privacy Policy, terms used in this Privacy Policy have the same meanings as in our Terms and Conditions, accessible from the Site.

The Policy applies solely to information we collect through the Site. 

  • Service
    Service is the https://chamberphl.com website operated by The Chamber of Commerce for Greater Philadelphia
  • Personal Data
    Personal Data means data about a living individual who can be identified from that data (or from that data and other information either in our possession or likely to come into our possession).
  • Usage Data
    Usage Data is data collected automatically that is generated either by the use of the Service or from the Service infrastructure itself (for example, the duration of a page visit).
  • Cookies
    Cookies are small pieces of data that a website transfers to a user’s device (computer or mobile device) for the purposes of storing information about a user’s preferences.
  • Data Controller
    Data Controller means the natural or legal person who (either alone or jointly or in common with other persons) determines the purposes for which and the manner in which any Personal Data are, or are to be, processed.For the purpose of this Privacy Policy, we are a Data Controller of your Personal Data.
  • Service Provider
    Service Provider (also known as a Data Processor) means any natural or legal person who processes the data on behalf of the Data Controller.We may use the services of various Service Providers in order to process your data more effectively.
  • User
    User (also known as a Data Subject) is any living individual who is using our Service and is the subject of Personal Data.

We collect several different types of information for various purposes to provide and improve our Service to you.

Types of Data Collected

Personal Data

We collect certain personally identifiable information that can be used to contact or identify you (“Personal Data”) through the Site when you choose to provide such information, such as when you:

  • Submit information through the “Contact Us” page of the Site
  • Subscribe to our newsletter
  • Submit information through the “Learn More about Membership” page of the Site
  • Create an account
  • Register for a program or event, or
  • Apply for a job posting

This information can include:

  • First name and last name
  • Email addresses
  • Phone numbers
  • Physical addresses such as address, state, province, ZIP/postal code, and city
  • Work and educational history
  • Current employer and job title, and
  • Log-in information including password

We also collect Cookies and Usage Data, including your Internet Protocol (“IP”) address, browser type, and web log data (see the section of this Policy on Usage Data below for more details). 

If you choose to give us Personal Data, we may use that Personal Data to correspond with you, provide you with requested materials, and contact you with newsletters, marketing or promotional materials, and other information that may be of interest to you. You may opt out of receiving any, or all, of these communications from us by following the unsubscribe link or instructions provided in any email we send.

Usage Data

Each time you visit the Site, we collect some information to improve the overall quality of your online experience, including Usage Data, which may include information such as your computer’s IP address, browser type, and browser version; the pages of our Service that you visit; the time and date of your visit; the time spent on those pages; unique device identifiers; and other diagnostic data.

Aggregated Data.  We collect aggregate queries for internal reporting and also count, track, and aggregate a visitor’s activity into our analysis of general traffic flow at the Site.  To these ends, we may merge information about you into aggregated group data.  In some cases, we may remove personal identifiers from Personal Data and maintain them in aggregate form that may later be combined with other information to generate anonymous, aggregated statistical information. Such anonymous group data may be shared on an aggregated basis with our affiliates, business partners, Service Providers and/or vendors; if such data is shared, we will not disclose your individual identity.

Web Server Logs and IP Addresses.  An IP address is a number that automatically identifies the computer or device you have used to access the internet. The IP address enables our server to send you the web pages that you want to visit, and it may disclose the server owned by your internet service provider.  We may use IP addresses to conduct website analyses and performance reviews and to administer the Site, though we will not combine traffic data with User accounts.

Cookies, Web Beacons, and Other Tracking Technologies.

We use Cookies and similar tracking technologies to track the activity on our Service and hold certain information.

Cookies are files with small amounts of data, which may include an anonymous unique identifier. Cookies are sent to your browser from a website and stored on your device. Cookies in and of themselves do not personally identify users, although they do identify a user’s computer.  Many websites use Cookies as a standard practice to provide useful features when a user visits the websites, and most web browsers are set up to accept Cookies.  We use Cookies to improve your online experience when visiting the Site.  For example, Cookies may be used to prevent you from receiving multiple requests to participate in the same survey.  Information collected via the use of Cookies may be used for marketing and/or research purposes and may be shared by us with our affiliates and unaffiliated parties.  You can instruct your browser to refuse all Cookies or to indicate when a cookie is being sent.  However, if you do not accept Cookies, you may not be able to use some portions of our Service.

A “Session Cookie” is one that exists for the period that your browser is open. A “Persistent Cookie” is one that is saved on your device/computer even after the browser is closed.  Like many websites, we may use both Session Cookies and Persistent Cookies.  We also use Security Cookies for security purposes.

Some of the Site’s web pages may use web beacons in conjunction with Cookies to compile aggregate statistics about website usage.  A web beacon is an electronic image (also referred to as an “action tag,” “single-pixel,” or “clear GIF”) that is commonly used to track the traffic patterns of users from one web page to another in order to maximize web traffic flow and to otherwise analyze the effectiveness of a website.  Some web beacons may be unusable if you elect to reject their associated Cookies.  Tracking technologies also used are tags and scripts to collect and track information and to improve and analyze our Service.

We use the collected data for various purposes:

  • To provide and maintain our Service and operate the Site
  • To provide you with requested information
  • For our everyday business purposes
  • To notify you about changes to our Service
  • To allow you to participate in interactive features of our Service when you choose to do so
  • To provide customer support
  • To gather analysis or valuable information so that we can improve our Service
  • To monitor the usage of our Service
  • To detect, prevent and address technical issues
  • To provide you with newsletters, special promotional offers, marketing materials, communications and information about other goods, services and events which we offer that are similar to those that you have already purchased or enquired about unless you have opted not to receive such information
  • To serve you third-party advertisements (see the section of this Policy on Third-Party Advertising below for more details).

If you provide your email address, we may send you administrative and promotional emails. Where required in the relevant jurisdiction, we will obtain your consent before sending you promotional emails.  If you wish to opt out of promotional emails, you may do so by following the “unsubscribe” instructions in the email.

If you are from the European Economic Area (“EEA”), you have certain rights in relation to your Personal Data under the applicable European data privacy laws. Our legal basis for collecting and using the Personal Data described in this Privacy Policy depends on the Personal Data we collect and the specific context in which we collect it.

We may use your Personal Data for the following key purposes:

  • to contact you: subject to applicable law, we or our third-party service and business providers may send you communications; especially if you have subscribed to one of our services. Such communications are designed to make your experience of our Site more efficient and may include, but are not limited to: communications about our organization and other notifications including important news that could affect your relationship with us. Where required under applicable data privacy laws, we will not send you marketing communications without your prior consent;
  • for legal purposes: we may use and share Personal Data for legal purposes, including financial, regulatory, tax and other legal obligations and to respond to governmental or regulatory requests or subpoenas or for litigation purposes;
  • for our legitimate interests and those of a third party: we may use your Personal Data to manage our legal, regulatory, financial and business requirements, including obtaining legal advice, in the course of disputes and litigation, internal and/or regulatory investigations and other legitimate interests;
  • for our business purposes: we may use your Personal Data to help us perform a contract with you, for payment processing purposes or otherwise manage the objectives of our organization;
  • or other purposes: subject to applicable law, we may use your Personal Data for additional purposes in connection with our organization, where you have provided your prior consent.

We will retain your Personal Data only for as long as is necessary for the purposes set out in this Privacy Policy. We will retain and use your Personal Data to the extent necessary to comply with our legal obligations (for example, if we are required to retain your data to comply with applicable laws), resolve disputes, and enforce our legal agreements and policies. To determine the appropriate retention period, we consider the amount, nature and sensitivity of the Personal Data, the potential risk of harm from unauthorized use or disclosure of your Personal Data, the purposes for which we process your Personal Data and whether we can achieve the purposes through other means, and applicable legal requirements.

We will also retain Usage Data for internal analysis purposes. Usage Data is generally retained for a shorter period, except when this data is used to strengthen the security or to improve the functionality of our Service, or we are legally obligated to retain this data for longer periods.

We are located in the United States and are subject to the applicable laws of the United States (where data-privacy laws may be less stringent than in your country of residence).  If you are visiting the Site, or any part thereof, from outside the United States, please be aware that your information, including Personal Data, may be transferred to, stored, or processed in the United States, where our servers are located and our central database is operated.  By using the Site, you understand and consent to such transfer, use and disclosure of your information to our facilities in the United States and those third parties with which we share it as described in this Policy (who may also have less stringent data privacy laws than those of your country of residence) and subject to such applicable laws.

We will take all steps reasonably necessary to ensure that your Personal Data is treated securely and in accordance with this Privacy Policy and no transfer of your Personal Data will take place to an organization or a country unless there are adequate controls in place including the security of your data and other Personal Data.

We share information about your Site experiences with our affiliates for our affiliates’ everyday business and marketing purposes. We may need to share your Personal Data with our professional tax, legal, audit or financial advisors. We will not sell, rent, license, or trade your Personal Data with nonaffiliate third parties for our own direct marketing use unless we receive your express consent to do so.  Unless you give us permission to do so, we will not share your Personal Data with third parties other than as specified in this Privacy Policy. In particular, we may be required to share your Personal Data when we receive requests for data in the context of legal disputes, investigations, regulatory enquiries or similar requests.

Disclosures to Third Parties Assisting in Our Operations

We may share your Personal Data under confidentiality agreements and any legally required data-processing agreements with other companies that we work with, or that work on our behalf, to provide products and services, such as those that are providing email solutions, providing cloud hosting services, providing payment processing, monitoring and analyzing data and usage of the Site, or providing support and maintenance services for the Site, as well as legal, regulatory, audit and other professional advisors.  These companies may use your Personal Data to assist us in our operations or for our legitimate business interests.  However, these companies do not have any independent right to share this information.

Google Analytics

Among other third-party Service Providers, we may use Google Analytics to monitor and analyze the use of our Service.  Google Analytics is a web analytics service offered by Google that tracks and reports website traffic. Google uses the data collected to track and monitor the use of our Service. This data is shared with other Google services. Google may use the collected data to contextualize and personalize the ads of its own advertising network.

You can opt out of having made your activity on the Service available to Google Analytics by installing the Google Analytics opt-out browser add-on, which prevents the Google Analytics JavaScript (ga.js, analytics.js, and dc.js) from sharing information with Google Analytics about visits activity.

For more information on the privacy practices of Google, please visit the Google Privacy & Terms web page: https://policies.google.com/privacy?hl=en.

Payments

Further, we may provide paid products and/or services within the Service. In that case, we use third-party services for payment processing (e.g., payment processors).

We will not store or collect your payment card details. That information is provided directly to our third-party payment processors, whose use of your Personal Data is governed by their Privacy Policies. These payment processors adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands such as Visa, MasterCard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of payment information.

The payment processors we work with are:

Disclosures Under Special Circumstances.

We may disclose your Personal Data in the good faith belief that such action is necessary to:

  • Respond to subpoenas, court orders, search warrants, legal processes or governmental regulations or inquiries, or to otherwise comply with a legal obligation
  • Protect, establish, and/or defend our rights or property
  • Prevent or investigate possible wrongdoing in connection with the Service, including by cooperating with law enforcement authorities in investigating and prosecuting Users who violate our rules or engage in behavior that is illegal or harmful to other Users
  • Protect the personal safety of users of the Service or the public
  • Investigate, prevent, or take action regarding illegal activities or suspected fraud, or as otherwise required by law
  • Protect against legal liability

Other Parties with Your Consent or at Your Direction.

In addition to the disclosures described in this Privacy Policy, we may share information about you with third parties when you consent to or request such sharing.

Business Transfers. 

We may share your Personal Data with another business entity in connection with the sale, assignment, merger or other transfer of all or a portion of our business to such entity.  We will require any such successor business entity to honor the terms of this Privacy Policy.

The security of your Personal Data is important to us, but remember that no method of transmission over the internet or method of electronic storage is 100% secure.  We have put in place appropriate security measures to prevent your Personal Data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your Personal Data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your Personal Data on our instructions and they are subject to a duty of confidentiality. While we strive to use commercially acceptable administrative, technical and physical safeguards designed to protect your Personal Data, we cannot guarantee its absolute security.

Some web browsers may transmit “do not track” signals to the websites with which a User communicates, though web browsers incorporate and activate this functionality in different ways, and it is not always clear whether users intend for these signals to be transmitted. There currently is a disagreement, including among participants in the leading internet standards-setting organization, concerning what, if anything, websites should do when they receive such signals. We currently do not take action in response to these signals, but if and when a standard is established and accepted, we may reassess how to respond to these signals.

If you are a resident of the EEA, you have certain data protection rights. We aim to take reasonable steps to allow you to correct, amend, delete, or limit the use of your Personal Data.

If you wish to be informed what Personal Data we hold about you and if you want it to be removed from our systems, please contact us.

In certain circumstances, you have the following data protection rights:

  • Right of access to your personal data.  Your right of access can be exercised in accordance with the European data privacy laws. If you would like a copy of your Personal Data being held by us, please contact us using our contact details at the end of this Privacy Policy. Wherever possible, you can access, update or request deletion of your Personal Data directly within your account settings section. If you are unable to perform such an action yourself, please contact us to assist you.
  • The right of rectification. You have the right to have your Personal Data rectified if that data is inaccurate or incomplete.
  • The right to object. You have the right to object to our processing of your Personal Data.
  • The right of restriction. You have the right to request that we restrict the processing of your Personal Data.
  • The right to data portability. You have the right to be provided with a copy of your Personal Data in a structured, machine-readable and commonly used format.
  • The right to withdraw consent. You also have the right to withdraw your consent at any time where we relied on your consent to process your Personal Data.

Where you have exercised any of your rights listed above, we will need enough information to ascertain your identity as well as the nature of your request. We will aim to respond to your request within one calendar month of receipt of the request. Where we are unable to do so within one calendar month, we will notify you of the soonest practicable time within which we can respond to your request (and within three months from the date of your request). There are certain exemptions and restrictions of these rights under the European data privacy laws that enable Personal Data to be retained, processed or withheld from access and we will inform you of these if applicable. If you would like to exercise any of these rights, please use the contact information at the end of this Privacy Policy.

If you have any concerns regarding how we are handling your Personal Data, please contact us. We will strive to deal with your concerns promptly. You have the right to complain to a supervisory authority about our collection and use of your Personal Data. For more information, please contact your local data protection authority in the EEA.

Our Service may contain links to other sites that are not operated by us for your convenience and information. If you click on a third-party link, you will be directed to that third party’s site. We strongly advise you to review the privacy policy of every site you visit.

We have no control over and assume no responsibility for the content, privacy policies or practices of any third-party sites or services.

We will occasionally host third-party advertisements, conduct independent traffic analysis, or host outside media campaigns. While this content is not under our direct control, we value the integrity of our Site and your privacy concerns. Outside entity advertisements conform to the guidelines and opt-out functionality supplied by the Network Advertising Initiative. To opt out of the initiative’s campaigns, please visit the opt-out section of its website, www.networkadvertising.org.

Under Age 13.  We do not knowingly collect or retain Personal Data about persons under 13 years of age. Any person who provides his or her Personal Data to us via the Site represents that he or she is 13 years of age or older. We encourage parents and legal guardians to monitor the activity of those under 13 years of age. If you have reason to believe that a child under the age of 13 has provided Personal Data to us without parental consent, please contact us, and we will make every effort to delete that information from our databases. It is not our policy to intentionally collect or maintain information about anyone under the age of 13.  No one under the age of 13 should submit any Personal Data to us or the Site.

Under Age 18.  We do not knowingly collect personally identifiable information from anyone under the age of 18.  If you are a parent or guardian and you are aware that your child has provided us with Personal Data, please contact us as specified in the Contact Us section of this Policy and request deletion of that Personal Data. If we become aware that we have collected Personal Data from children without verification of parental consent, we take steps to remove that information from our servers.  Please note that, while we make reasonable efforts to comply with such requests, deletion of your Personal Data does not ensure complete and comprehensive removal of that data from all our systems and back-up systems. Under the GDPR and applicable European data privacy laws, children between the age of 13 to 16 in the EEA may provide valid consent to process their Personal Data. Where consent is required under such applicable European data privacy laws, you have the obligation to provide to us evidence of such consent, or as required as under the applicable European data privacy laws, the authorization of the holder of parental responsibility for the child. We may refuse to process, or continue to process, the child’s Personal Data until we receive this evidence of consent or authorization.

At certain locations on the Site where information about you may be requested, you are offered the opportunity to opt out of receiving communications from us.  You may also review and request changes to your Personal Data that we have collected, including the removal of your Personal Data from our databases in order to prevent receipt of future communications, by contacting us at privacy@chamberphl.com.

It is important that you check back often for updates to this Privacy Policy.  This Policy may be revised from time to time as we add new features and services, as laws change, and as industry privacy and security best practices evolve. If we update the Policy, we will let you know about the changes we consider material by placing a note on the relevant web page you use to access the Site, or you may receive an email with notification of the updated Policy. By accessing or using the Site after we have placed the updated Policy, you consent to the new practice(s) identified in the update. You can check the “effective date” posted at the top of the Policy to see when the Policy was last updated. Small changes or changes that do not significantly affect individual privacy interests may be made at any time and without prior notice.

If you have any questions about this Privacy Policy, please contact us:

  • By email: privacy@chamberphl.com
  • By phone number: (215) 545-1234
  • By mail:
    The Chamber of Commerce for Greater Philadelphia
    ATTN: Director of Information Technology
    200 South Broad Street, Suite 700
    Philadelphia, PA  19102
My Benefit Advisor
Pennsylvania Drug Card