Privacy

Overview

Privacy Policy
Effective as of May 25, 2018

 

The California Museum is committed to its constituents, and to the protection of their privacy and data. In addition to remaining compliant with relevant requirements, we strive to engage in data protection and privacy best practices.

Our electronic data and communications have adhered to the CAN-SPAM Act since 2010. In addition, we have put in place appropriate changes to ensure compliance with the General Data Protection Regulation (GDPR), the new EU-wide privacy and data protection law effective May 25, 2018. This law protects European Union data subjects’ right to privacy and the protection of personal data.

Read on to learn more about what that our Privacy Policy means for you.

Individual Rights

If you are a resident of the EEA or Switzerland, you are entitled to the following rights:

  • The right to be forgotten — Individuals have the right to ask the California Museum to erase all personal data without undue delay in certain circumstances.
  • The right to data portability — If an individual has provided personal data to a service provider, they can require the provider to ‘port’ the data to another provider, provided this is technically feasible.
  • The right to object to profiling — Individuals can exercise this right to not be subject to a decision based solely on automated processing.
  • The right to restrict or object to our processing — Individuals have the right to restrict the processing of their personal data where they have a specific reason for requesting the restriction.
Your Personal Information

The California Museum and its websites offer several opportunities for members of the public to interact and conduct business with us. In providing these opportunities, some data on our customers and constituents is collected and maintained in databases on our internal servers and by third-party service providers.

We define “personal data” as information that personally identifies an individual or allows us to contact you, such as a name, phone number, mailing address and email address. We do not collect Personal Data on visitors to our websites unless they choose to provide it voluntarily.

All data submitted to us is only made available to employees for sole purpose of contacting customers and constituents who have agreed to communicate or do business with us.

Customers and constituents may opt out of receiving mailings and their consent to use their data at any time by contacting us at museuminfo@californiamuseum.org or at the mailing address listed in Inquiries and Complaints section.

We Operate in the United States

Our place of business and servers are located in the United States, and all information is stored and processed in the United States. While the United States’ data protection, privacy and other laws may not be as comprehensive as those in other countries, we are committed to adhering to the CAN-Spam Act of 2009 and the United States / European Union Privacy Shield Arrangement. You can find more information on the CAN-SPAM Act at https://www.ftc.gov/tips-advice/business-center/guidance/can-spam-act-compliance-guide-business, and the Privacy Shield program at https://www.privacyshield.gov/.

By using our website, you understand and consent to the collection, storage, processing and transfer of your information to our facilities in the United States and those third parties with whom we share it as described in this policy in the Third-Party Service Providers section below.

Sharing and Usage

The California Museum will not sell, share, rent or disclose your personal information unless ordered by a court of law or required by data management conducted through third-party service providers.

IP Information Tracked

We use your IP address to administer and maintain our websites, help diagnose problems with our servers and to identify anonymous information on visitors’ computer systems and mobile devices for the purposes of providing site visitors with an optimized user experience.

An IP address is a unique identifier used by devices to identify and communicate with each other on the Internet. IP addresses are not linked to personally-identifiable information. We also track browser types and versions to help us understand our visitors’ needs related to our websites’ design and functionality.

Cookies

Cookies are small alphanumeric identifiers created by your browser on your system when you visit a website. We use cookies through Google Analytics to analyze user activity and maintain the functionality of our websites. Cookies used on our website do not gather or provide any personally identifiable information.

Using cookies, we can determine aggregate patterns that help us determine how our website and programs can be optimized for our customers and constituents. For example, we use cookies to track the average number of visitors to an exhibit or event webpage, or the most popular web browsers used by our website visitors. We use the analysis to gain insights about how to improve the functionality our websites and the appeal of our programming to customers and constituents.

Visitors may block the use of cookies while visiting our websites by using the Google Analytics Opt-out Browser Add-on, a free download at https://tools.google.com/dlpage/gaoptout.

For more information on our Cookie Policy, visit http://www.californiamuseum.org/cookies. For more information on Google Analytics, Google cookies and Google policies, visit https://policies.google.com/privacy.

Security

The California Museum takes the security of our systems very seriously and all appropriate measures to ensure our systems and data remain safe. While no website can guarantee security, we maintain appropriate technical and procedural safeguards to protect your personal information. We also take care to reinforce the importance of our web site visitors’ security and privacy to our employees.

Purpose of Collection and Use of Personal Data

The California Museum collects personal data such as name, email address, postal address and telephone number of email list subscribers, members, volunteers, donors, facility rental clients and donation requests. We do not collect sensitive personal information of our consumers or constituents, such as information about medical or health conditions, racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership or other sensitive information as defined by the Privacy Shield framework.

Volunteer applicants are required to submit a background check application to obtain security clearance for engaging with minors. Data collected for volunteer security clearance is managed by a third-party service provider and accessible to our staff for the purpose of completing and responding to applications.

We use personal data of our consumers and constituents (i) to respond to their requests, (ii) to evaluate the quality of our products and services, (iii) to communicate with them about our products, services and related issues, (iv) to notify them of and administer offers and promotions, (v) for internal administrative and analytics purposes, and (vi) to comply with our legal obligations, policies and procedures.

Choice

The California Museum shares Personal Data with its third-party service providers. With respect to Personal Data we share, we provide customers and constituents located in the EU with the opportunity to opt-out of such sharing. You can opt-out at any time by sending an email to museuminfo@californiamuseu.org.

We do not use Personal Data for purposes incompatible with the purposes for which the information was originally collected without notifying the relevant consumers, customers, suppliers and others of such uses and offering an opportunity to opt-out.

In addition, we may disclose Personal Data: (i) if we are required to do so by law or legal process, (ii) to law enforcement authorities or other government officials based on an enforceable governmental request or as may be required under applicable law, or (iii) when we believe disclosure is necessary or appropriate to prevent physical harm or financial loss or in connection with an investigation of suspected or actual illegal activity.

Onward Transfer of Personal Data

We may share Personal Data with third-party service providers we have retained to perform services on our behalf. Our service providers to whom we disclose Personal Data are based in the United States and may not be subject to laws based on the European Union Data Protection Directive, nor may they subscribe to the Privacy Shield principles or agree to provide the same level of protection for Personal Data as is required by the relevant Privacy Shield principles. More information on our third-party providers and links to their individual policies are provided for your reference below.

Third-Party Service Providers

The California Museum uses the following third-party service providers to collect and manage electronic communications and data.

Access to Personal Data

The California Museum will provide customers and constituents with reasonable access to their Personal Data maintained about them. We will also provide a reasonable opportunity to correct, amend or delete that information where it is inaccurate.

We may limit or deny access to Personal Data where providing such access is unreasonably burdensome or expensive under the circumstances, or as otherwise permitted by the Privacy Shield principles. To request access to your Personal Data, please see the Inquiries and Complaints section below.

Data Integrity

The California Museum takes all reasonable measures to ensure that personal data collected is relevant for the purposes for which it is to be used, and that the information is reliable for its intended use and is accurate, complete and current. We depend on our customers and constituents to update or correct their Personal Data as necessary.

Your Rights to Access, to Limit Use and to Limit Disclosure

EU citizens have rights to access Personal Data about them, and to limit use and disclosure of their Personal Data. Through our commitment to adhering Privacy Shield policies, we are committed to respect the rights of EU citizens.

Compelled Disclosure

The California Museum may be required to disclose personal information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

Inquiries and Complaints

The California Museum is committed to resolving complaints about your privacy and our use of data containing your personal information. European Union individuals with inquiries or complaints regarding this privacy policy should contact us by email to museuminfo@californiamuseum.org, or at the mailing address below.

California Museum
Attention: Privacy Policy
1020 O Street
Sacramento CA 95814
USA

The California Museum will respond within 45 days. If our response does not address your concern with a third-party service provider, we will contact the service provider’s independent resolution body as disclosed in their policies to arbitrate the complaint. Dispute resolution will be provided at no cost to you.

If neither the California Museum nor the service provider’s outside arbitrator resolves your complaint, you may have the possibility to engage in binding arbitration through the Privacy Shield Panel.

As a non-profit organization, the California Museum is not subject to the investigatory and enforcement powers of the United States Federal Trade Commission. For details on our third-party service providers’ policies, their arbitration bodies and their individual eligibility on investigatory and enforcement powers by the United States Federal Trade Commission, please visit links to service providers in the Third-Party Service Providers section above.

Notification of Changes

We will post any changes to our privacy policy on this page.

Amendment

The California Museum’s Privacy Policy may be amended from time-to-time in compliance with the requirements of our service providers and changes to United States law. Appropriate notice will be given concerning such amendments.

This policy is effective as of May 25, 2018.