Privacy Policy

Who we are

PAGANZ Inc is a non-profit Incorporated Society, registered in New Zealand. PAGANZ Inc is run by a Committee elected by our members. Our website is www.paganz.org

Our principles regarding privacy

We respect your privacy, and won’t do anything with your personal information that we wouldn’t be happy being done with ours.

We must collect personal information in order to carry out our core business, operate our website, and comply with local laws.

Personal information may flow through certain third parties, always via an encrypted connection, such as our website host, email platforms, and payment merchant.

Personal information may be used from time to time for other purposes, such as sending out a security breach notification. There might be some other reason to use this information that we can’t think of right now, but rest assured, we will not abuse it and we aren’t planning anything sneaky.

For example, we will not:

  • Share your data with third parties not described in this document
  • Sell, rent, or lease your data
  • Use your data for political purposes or analysis
  • Perform algorithm-based analytics on your data
  • Track your activity across the world wide web

Overall, we have made efforts to collect as little personal information as possible.

What data we collect

We collect the personal information you explicitly provide. For example, when you register an account, we collect your:

  • Name
  • Username
  • Email address

Optionally you may provide:

  • Your organisation
  • Your country
  • A biographical blurb
  • An avatar (image of yourself, your likeness, or perhaps anything at all)

If you apply to become a member of the Society, we will record:

  • The information you entered in the application form, including the date and time it was submitted
  • The date you became a member
  • Your role if the society (if applicable)

If you complete a form on the website (e.g. submit an abstract, nominate a committee member), we will record:

  • The date and time you submitted the form
  • The IP address reported by the device you use to submit the form
  • The contents of the form

Your password is hashed, not stored. This means no one can view your password or decrypt it.

We otherwise do not knowingly collect or log your IP address, device details, or other information that you have not explicitly shared.

How we use your data

We use your personal information only for core Society business. We will never use your personal information for profit.

Your name, organisation, country, role, avatar, and biographical blurb may be visible to users logged into the website. This is to encourage networking and community. Please note that anyone on the internet can create an account and log in to view this information.

Your IP address is collected when submitting forms in order to deter fraud.

Your email address may be used to contact you for legal purposes or in the event of a data breach. You will asked to consent separately for the use of your email address to send newsletters, announcements, and marketing. Your email address will not be listed publicly or made available to other users without your consent.

How long we retain your data

Personal information collected may be stored indefinitely, or until you ask us to delete it.

If you register an account on our website, we store personal information provided. All users can view and modify their personal information at any time. Website administrators can also see, modify, and delete that information.

We must keep a record of Society members’ names, email addresses, and the date they became members, as required by our Society Rules.

Basic financial and transaction information may be stored for a period of time determined by local tax law.

We make no assurance that your data will be kept for any period of time.

What rights you have over your data

You have the right to:

  • Access your personal data
  • Correct errors in your personal data
  • Request the erasure, anonymisation, or pseudoanonymisation of your personal data
  • Object to the processing of your personal data
  • Receive an export of your personal data

Our ability to comply with these rights may be limited by:

  • Legal requirements to maintain records e.g. transaction details
  • Storage of personal information within backups that are not directly modifiable

We will always do everything within our ability to uphold your rights and requests regarding your personal data.

How we protect your data

Information passed between paganz.org and your device is encrypted. Data is stored on secure servers run by Flywheel. Only website administrators are authorised to view, modify, or delete your data.

What data breach procedures we have in place

In the event of a data breach, we will email you within 72 hours of us becoming aware of it. We will take necessary steps to prevent further breaches.

Sharing of your data

We will not share your personal information with anyone other than our core data processors required for operating our website and business. These data processors are:

  • Flywheel – our hosting and backup provider
  • CloudFlare – our security and website optimisation provider
  • MailChimp – our email list manager (you have to opt-in separately to receive email updates)
  • ManageWP – used to run security checks, run updates, and perform backups
  • PayPal – our payments processor
  • Gmail – emails sent to us are routed through Gmail, and may be forwarded onto other email providers
  • Google Groups – our discussion board provider
  • Gravatar – globally unique avatar service
  • Dropbox – used to store electronic documents and meeting records among committee members

We trust these data processors with your personal information and while we take responsibility for data use, we actually have no control over what these third parties do.

We will generally resist the sharing of your personal information with law enforcement, but only while operating within the law. In other words, we will share your personal information with appropriate parties if compelled by law.

Cookies

We use cookies necessary for our website to operate and process registrations and transactions, as well as maintain security between our website and your device.

All optional cookies including analytics and visitor tracking have been disabled.

We do not believe that we need to annoy you with a cookie banner, per the exemptions listed within the EU cookie legislation.

Final remarks

This privacy policy may change without notice. Rest assured our principles of respecting your privacy are unlikely to change.

If you have any questions about this policy, have suggestions for policy changes, or would like to exercise your rights over your personal information, please contact us at [email protected]