The California Museum is committed to its constituents,
and to the protection of their privacy and data. In addition to
remaining compliant with relevant requirements, we strive to
engage in data protection and privacy best practices.
Our electronic data and communications have adhered to the
CAN-SPAM Act since 2010. In addition, we have put in place
appropriate changes to ensure compliance with the General Data
Protection Regulation (GDPR), the new EU-wide privacy and data
protection law effective May 25, 2018. This law protects European
Union data subjects’ right to privacy and the protection of
If you are a resident of the EEA or Switzerland, you are entitled
to the following rights:
The right to be forgotten — Individuals have
the right to ask the California Museum to erase all personal
data without undue delay in certain circumstances.
The right to data portability — If an
individual has provided personal data to a service provider,
they can require the provider to ‘port’ the data to another
provider, provided this is technically feasible.
The right to object to profiling — Individuals
can exercise this right to not be subject to a decision based
solely on automated processing.
The right to restrict or object to our
processing — Individuals have the right to restrict
the processing of their personal data where they have a
specific reason for requesting the restriction.
Your Personal Information
The California Museum and its websites offer several
opportunities for members of the public to interact and conduct
business with us. In providing these opportunities, some data on
our customers and constituents is collected and maintained in
databases on our internal servers and by third-party service
We define “personal data” as information that personally
identifies an individual or allows us to contact you, such as a
name, phone number, mailing address and email address. We do not
collect Personal Data on visitors to our websites unless they
choose to provide it voluntarily.
All data submitted to us is only made available to employees for
sole purpose of contacting customers and constituents who have
agreed to communicate or do business with us.
Customers and constituents may opt out of receiving mailings and
their consent to use their data at any time by contacting us at
or at the mailing address listed in Inquiries and
By using our website, you understand and consent to the
collection, storage, processing and transfer of your information
to our facilities in the United States and those third parties
with whom we share it as described in this policy in the
Third-Party Service Providers section below.
Sharing and Usage
The California Museum will not sell, share, rent or disclose your
personal information unless ordered by a court of law or required
by data management conducted through third-party service
IP Information Tracked
We use your IP address to administer and maintain our websites,
help diagnose problems with our servers and to identify anonymous
information on visitors’ computer systems and mobile devices for
the purposes of providing site visitors with an optimized user
An IP address is a unique identifier used by devices to identify
and communicate with each other on the Internet. IP addresses are
not linked to personally-identifiable information. We also track
browser types and versions to help us understand our visitors’
needs related to our websites’ design and functionality.
Cookies are small alphanumeric identifiers created by your
through Google Analytics to analyze user activity and maintain
the functionality of our websites. Cookies used on our
website do not gather or provide any personally identifiable
Using cookies, we can determine aggregate patterns that help us
determine how our website and programs can be optimized for our
the average number of visitors to an exhibit or event webpage, or
the most popular web browsers used by our website visitors. We
use the analysis to gain insights about how to improve the
functionality our websites and the appeal of our programming to
customers and constituents.
The California Museum takes the security of our systems very
seriously and all appropriate measures to ensure our systems and
data remain safe. While no website can guarantee security, we
maintain appropriate technical and procedural safeguards to
protect your personal information. We also take care to reinforce
the importance of our web site visitors’ security and privacy to
Purpose of Collection and Use of Personal Data
The California Museum collects personal data such as name, email
address, postal address and telephone number of email list
subscribers, members, volunteers, donors, facility rental clients
and donation requests. We do not collect sensitive personal
information of our consumers or constituents, such as information
about medical or health conditions, racial or ethnic origin,
political opinions, religious or philosophical beliefs, trade
union membership or other sensitive information as defined by the
Privacy Shield framework.
Volunteer applicants are required to submit a background check
application to obtain security clearance for engaging with
minors. Data collected for volunteer security clearance is
managed by a third-party service provider and accessible to our
staff for the purpose of completing and responding to
We use personal data of our consumers and constituents (i) to
respond to their requests, (ii) to evaluate the quality of our
products and services, (iii) to communicate with them about our
products, services and related issues, (iv) to notify them of and
administer offers and promotions, (v) for internal administrative
and analytics purposes, and (vi) to comply with our legal
obligations, policies and procedures.
The California Museum shares Personal Data with its third-party
service providers. With respect to Personal Data we share, we
provide customers and constituents located in the EU with the
opportunity to opt-out of such sharing. You can opt-out at any
time by sending an email to email@example.com.
We do not use Personal Data for purposes incompatible with the
purposes for which the information was originally collected
without notifying the relevant consumers, customers, suppliers
and others of such uses and offering an opportunity to opt-out.
In addition, we may disclose Personal Data: (i) if we are
required to do so by law or legal process, (ii) to law
enforcement authorities or other government officials based on an
enforceable governmental request or as may be required under
applicable law, or (iii) when we believe disclosure is necessary
or appropriate to prevent physical harm or financial loss or in
connection with an investigation of suspected or actual illegal
Onward Transfer of Personal Data
We may share Personal Data with third-party service providers we
have retained to perform services on our behalf. Our service
providers to whom we disclose Personal Data are based in the
United States and may not be subject to laws based on the
European Union Data Protection Directive, nor may they subscribe
to the Privacy Shield principles or agree to provide the same
level of protection for Personal Data as is required by the
relevant Privacy Shield principles. More information on our
third-party providers and links to their individual policies are
provided for your reference below.
Third-Party Service Providers
The California Museum uses the following third-party service
providers to collect and manage electronic communications and
Websites and webform application data for
memberships, volunteering, facility rentals, donation requests
and contacting us is managed on servers maintained by Digital
Deployment. For more information, visit http://www.digitaldeployment.com/hostingspecs.
Access to Personal Data
The California Museum will provide customers and constituents
with reasonable access to their Personal Data maintained about
them. We will also provide a reasonable opportunity to correct,
amend or delete that information where it is inaccurate.
We may limit or deny access to Personal Data where providing such
access is unreasonably burdensome or expensive under the
circumstances, or as otherwise permitted by the Privacy Shield
principles. To request access to your Personal Data, please see
the Inquiries and Complaints section below.
The California Museum takes all reasonable measures to ensure
that personal data collected is relevant for the purposes for
which it is to be used, and that the information is reliable for
its intended use and is accurate, complete and current. We depend
on our customers and constituents to update or correct their
Personal Data as necessary.
Your Rights to Access, to Limit Use and to Limit
EU citizens have rights to access Personal Data about them, and
to limit use and disclosure of their Personal Data. Through our
commitment to adhering Privacy Shield policies, we are committed
to respect the rights of EU citizens.
The California Museum may be required to disclose personal
information in response to lawful requests by public authorities,
including to meet national security or law enforcement
Inquiries and Complaints
The California Museum is committed to resolving complaints about
your privacy and our use of data containing your personal
information. European Union individuals with inquiries or
email to firstname.lastname@example.org,
or at the mailing address below.
1020 O Street
Sacramento CA 95814
The California Museum will respond within 45
days. If our response does not address your concern
with a third-party service provider, we will contact the service
provider’s independent resolution body as disclosed in their
policies to arbitrate the complaint. Dispute resolution will be
provided at no cost to you.
If neither the California Museum nor the service provider’s
outside arbitrator resolves your complaint, you may have the
possibility to engage in binding arbitration through the Privacy
As a non-profit organization, the California Museum is not
subject to the investigatory and enforcement powers of the United
States Federal Trade Commission. For details on our third-party
service providers’ policies, their arbitration bodies and their
individual eligibility on investigatory and enforcement powers by
the United States Federal Trade Commission, please visit links to
service providers in the Third-Party Service
Providers section above.
Notification of Changes
time-to-time in compliance with the requirements of our service
providers and changes to United States law. Appropriate
notice will be given concerning such amendments.