Privacy Policy
1. Introduction
At nhscaevents.com, we are committed to protecting your privacy and honoring your trust. This Privacy Policy outlines how we collect, use, disclose, and safeguard your personal data, in accordance with applicable data protection regulations, including the General Data Protection Regulation (“GDPR”) and the California Consumer Privacy Act (“CCPA”). We take a privacy-first approach to our data practices and strive to ensure that your personal information remains secure and under your control.
2. Scope of Policy and Data Controller Role
This Privacy Policy applies to your use of the website nhscaevents.com (the “Site”) and any associated services. For the purposes of the GDPR, the data controller responsible for your personal data is National High School Coaches Association Events, which can be contacted at [email protected]. This policy governs how we manage personal data collected online through our Site as well as through any communications or transactions resulting therefrom.
3. Categories of Data Processed
We may collect and process the following categories of personal data:
a. Usage Data
Information about how you interact with our Site, such as browser type, IP address, access times, pages viewed, referring URLs, session duration, and device identifiers. This information helps us improve the performance and content of our services.
b. Account Data
Personal identifiers including full name, email address, phone number, physical address, usernames, and passwords that are necessary to provide access to user accounts and services.
c. Profile Data
Details such as your user preferences, behavior on the site, purchase history, and website interactions which assist us in personalizing your experience.
d. Communication Data
Records of your communications with us, including inquiries, customer support requests, and correspondence history when you contact us via email, web forms, or other communication channels.
e. Technical Data
Device and system information such as operating system, device type, browser configuration, language settings, and diagnostic logs relevant to the function and security of our systems.
f. Transaction Data
Data relating to purchases and financial transactions you make through the Site including billing address, payment details (processed through secure third parties), order history, and delivery information.
g. Preference Data
Information about your choices regarding marketing communications, event participation, and preferences regarding content and product offerings.
4. Legal Bases for Processing
We rely on the following lawful bases to process your personal data, as defined under the GDPR:
– Consent: Where you have given explicit permission, for example to receive promotional emails.
– Contractual Necessity: To fulfill obligations related to transactions or the provision of services you have requested.
– Legitimate Interest: For purposes such as improving our Site, securing our services, and analyzing usage data, provided these interests are not overridden by your rights.
– Legal Obligation: Where we are legally required to retain or disclose certain data.
5. Your Rights
Subject to local data protection laws, you may exercise the following rights regarding your personal data:
– Right of Access: Request a copy of the personal data we hold about you.
– Right to Rectification: Request correction of any inaccurate or incomplete data.
– Right to Erasure: Request deletion of your data, subject to legal and contractual obligations.
– Right to Restrict Processing: Request temporary suspension of data processing.
– Right to Data Portability: Receive your data in a machine-readable format and request transfer to another data controller.
– Right to Object: Object to processing based on legitimate interests or for direct marketing purposes.
– Rights under CCPA: California residents have additional rights, including the right to opt out of sale of personal data and to not be discriminated against for exercising any of their data rights.
To exercise any of the above rights, you may contact us at [email protected].
6. Security Measures
We implement robust organizational and technical safeguards to secure your personal data. These include:
– Encryption of data during transmission and storage.
– Access controls and role-based permissions to limit internal access.
– Regular data backups and integrity checks.
– Staff privacy training and strict confidentiality agreements.
7. International Transfers
Your data may be transferred to and processed in jurisdictions outside of your own, including to third-party service providers located in countries that may not offer data protection laws equivalent to those of your home jurisdiction. Where applicable, we ensure such transfers comply with GDPR through mechanisms such as Standard Contractual Clauses or adequacy decisions.
8. Data Retention
We retain personal data only for as long as necessary to fulfill the purposes for which it was collected or as required under applicable law. Specific retention periods include:
– Account and Profile Data: Retained for the duration of your account and up to 2 years following account closure or inactivity.
– Transaction Data: Retained for 7 years to comply with tax and audit obligations.
– Communication Data: Retained for 3 years following latest communication.
– Technical and Usage Data: Aggregated and anonymized where appropriate; retained up to 12 months for analytics and operational purposes.
9. Cookie Policy
We use cookies and similar technologies to enhance your experience on nhscaevents.com. Cookies are small text files stored on your device and categorized as follows:
– Essential Cookies: Required for the Site’s core functionality, such as authentication and navigation.
– Functional Cookies: Enable user preferences and customized features.
– Analytics Cookies: Collect anonymized data for site analysis and improvement.
– Performance Cookies: Measure system performance and usage patterns to optimize service delivery.
10. Cookie Management and Compliance with GDPR & CCPA
Consent for cookies (except essential cookies) is obtained via a cookie consent banner. Visitors from jurisdictions requiring opt-in consent may select their preferences at the time of entry or modify them at any time using the “Manage Cookies” option on our Site.
Residents of California can opt out of selling or sharing of personal data cookies in accordance with CCPA by using the “Do Not Sell My Personal Information” link available on our Site.
11. Special Protections for Children
Our Site and services are not directed to children under the age of 13. We do not knowingly collect, use, or disclose personal information of anyone under 13. If we become aware that we have unintentionally collected such data, we will promptly delete it. Parents or guardians who believe we may have collected data from a child under 13 may contact us at [email protected].
12. Policy Updates and User Notifications
We may update this Privacy Policy from time to time to reflect changes in legal, regulatory, or operational requirements. When changes occur, we will post the updated version on this page and may notify you via email or prominent notice on the Site where appropriate. Continued use of nhscaevents.com after such updates constitutes acceptance of the revised policy.
13. Contact
If you have any concerns, questions, or requests regarding this Privacy Policy or our data practices, please contact us via email at [email protected].
We are fully committed to compliance with all applicable privacy laws and to ensuring that your personal data is handled with the utmost care and respect.