Data Protection Policy

Data Protection Policy for Seattle Pups and Handlers

Introduction

Seattle Pups and Handlers (the "Organization") is a 501(c)(7) social club committed to protecting the privacy of its members. This Data Protection Policy outlines how we collect, use, store, and disclose personal information collected from our members, including information related to merchandise purchases.

Data We Collect

We collect the following personal information about our members:

• Name (Both real name and scene name)
• Contact information (address, phone number, email)
• Birthdate for Age Verification
• Membership status and history
• Any other information voluntarily provided by members (e.g., dietary restrictions for events, COVID-19 vaccination status)

Payment Card Information

We do not store or have direct visibility of your payment card information for either membership fees or merchandise purchases. When processing payments, we utilize secure third-party processors certified with industry security standards (e.g., PCI DSS) to safeguard your financial information.

Merchandise Sales

• Online Sales: When purchasing merchandise through our website, your payment card information is processed directly by our secure third-party payment processor. We do not receive or store your full card details. We may receive limited information about your transaction, such as order amount and billing address, to fulfill your order.
• In-Person Sales: For in-person merchandise purchases, we utilize a secure point-of-sale system to process your payment card information. This system is compliant with industry security standards and does not store your full card details on our devices.

Data Use and Sharing

We collect and use member data for the following purposes:

• To manage memberships
• To communicate with members about events, announcements, and other club activities
• To process payments for membership fees, event registrations, and merchandise purchases (utilizing secure third-party processors)
• To fulfill merchandise orders
• To comply with legal and regulatory requirements

We will not share your personal information with any third party without your consent, except:

• As necessary to fulfill the purposes listed above (e.g., to a shipping company for merchandise)
• To comply with legal or regulatory requirements
• To protect the rights and safety of the Organization and its members

Data Custody Chains

We maintain clear and documented data custody chains for all member data, including limited transaction information related to merchandise purchases. This establishes who has access to the data, for what purpose, and for how long.

• All member data, excluding full payment card information, will be stored in a secure database managed by the Organization (Currenty TIdyHQ).
• Access to member data will be restricted to authorized personnel with a legitimate business need.
• We will implement appropriate security measures to protect member data from unauthorized access, disclosure, alteration, or destruction.

Revocation of Access

Upon resignation, removal, or end of their term from the Board of Directors, all access to member data will be revoked.

• Former Board members will be required to return any physical copies of member data and delete any electronic copies in their possession.
• The Organization will update its internal access controls to ensure former Board members no longer have access to the member database.

Who Has Access to Data

The following personnel may have access to member data, depending on their role:

• Board of Directors
• Event organizers
• Accounting personnel (for payment processing details, not card information)
• Merchandise fulfillment personnel (limited to order details)

Member Rights

Members have the following rights regarding their personal information:

• Right to access: You have the right to request a copy of the personal information we hold about you, excluding payment card information.
• Right to rectification: You have the right to request that we correct any inaccurate or incomplete information about you.
• Right to erasure: You have the right to request that we delete your personal information, subject to certain legal and regulatory exceptions.
• Right to object: You have the right to object to the processing of your personal information.

Changes to this Policy

We may update this Data Protection Policy from time to time. We will notify members of any changes by posting the updated policy on our website or through direct communication.

Contact Us

If you have any questions about this Data Protection Policy, please contact us at board@seapah.org.

Last Updated

Last updated 5/6/2024