MemberClicks, LLC., ("MC" or"Company") with its primary location at 3495 Piedmont Rd NE, Building 11 Suite 800, Atlanta, GA 30305 and all related entities, including ePly Services and WebLink Acquisition, comply with the provisions regarding the collection, use, and retention of Personal Data, as defined under the European Union's General Data Protection Regulation (GDPR), from European Union member counties and Switzerland, respectively.
MemberClicks is a participant in the Privacy Shield Program. You may review MemberClicks’ status as a Privacy Shield certified company by clicking here https://www.privacyshield.gov/list
Collection of Personal Data from MemberClicks’ Customers and Prospective Customers
When you visit http://www.memberclicks.com/ and login into to our website portal, MC collects customer login information which is comprised of your name, email address and credit card information. MC collects this information in order to record, support and facilitate your participation with MC with your consent for those purposes. Additionally, the collection of this Personal data is necessary for the performance of any future contractual agreement with MC, as a registered user of our Services or in order to take steps at your request in order to enter into an agreement with MC to provide you the Services. If you provide information to the website, for example, the information is used to provide you access to the website and other benefits that may be made available to you and other registered users. When you access the website, your Personal Data is also used to track your website preferences and provide you information you may find useful to you as a registered user unless you have opted not to receive such communications or such communications are prohibited by law.
MC may collect information about the use of the Services and the Site, such as the number of downloads, types of Services used, how many users we receive daily, and the IP/Internet address of your computer. This information is collected in aggregate form, without identifying any user individually. MC may use this aggregate, non-identifying statistical data for improving the Site and Services, providing more relevant experiences to our customers and for statistical analysis.
MemberClicks’ Role as a Service Provider to its Customers and Prospective Customers
MC is the creator of certain software products that enable organizations to manage their online membership databases, manage membership dues automation and event registrations in order to custom design websites, email marketing and member communities and create tailor-made products to enable small staffs to manage the organization’s memberships. In connection with these software products, MC provides product development services, hosting services, solution engineering services, professional technical services, data migration services, and product technical support services (collectively “Services”) to its hosted and non-hosted customers and prospective customers in the EEA and Switzerland through employees who may be located in the U.S. These U.S.-based employees may process Personal Data to provide Services to customers and prospective customers located in the EEA or Switzerland.
Customers using MC’s hosted solutions, including ePly https://www.eply.com/ and Weblink, are responsible for managing the data that they store at MC's data centers. Except as stated in the paragraph immediately below, customers determine the categories of Personal Data and other information that are stored by MC, how that information will be used, to whom it will be disclosed, and for what purposes. Similarly, MC's hosted and non-hosted customers and prospective customers who share data with MC in connection with any of its Services determine which categories of Personal Data will be shared and for what purposes. Consequently, except as stated in the paragraph immediately below, MC does not know the categories of Personal Data to be processed or the purpose(s) of the processing unless and until MC receives instructions from its customers or prospective customers.
When MC processes Personal Data, MC does so only for the purpose of providing Services pursuant to the customer's or prospective customer's instructions.
The Customer’s and Prospective Customer’s Responsibilities with respect to Personal Data
MC customers and prospective customers may choose to include Personal Data among the data stored at MC data centers originating from the EEA and Switzerland or shared with MC in connection with its provision of Services.
MC processes only the Personal Data that its customers or prospective customers have chosen to share with MC. Except as outlined above in the section regarding the Collection of Personal Data from MemberClicks’ Customers and Prospective Customers MC has no direct or contractual relationship with the subject of such Personal Data (a "Data Subject"). As a result, except for the Personal Data we collect directly from a registered user or prospective customer interested in MC Services, when a customer or prospective customer shares Personal Data, the customer or prospective customer is solely responsible for satisfying all legal obligations owed directly to the Data Subject under applicable data protection laws. MC complies with the Privacy Shield Principles for the information it collects directly from its registered users or prospective customers and therefore the Privacy Shield Principles apply to MC in the context of the collection of Personal Data from the individuals providing such Personal Data only for purposes of engaging MC to provide the Services or registering to use the Services in fulfilment of the agreement between MC and customer.
MemberClicks’ Compliance with the Privacy Shield Principles
MC employees located in the U.S. may provide Services for customers and prospective customers located in the EEA or Switzerland. To provide such Services, MC may access and use Personal Data. MC will apply the following Privacy Shield Principles to Personal Data physically or remotely transferred from the EEA or Switzerland to the U.S.
Data Subjects have the right to access the Personal Data an organization holds about them. If such Personal Data is inaccurate or processed in violation of the Privacy Shield Principles, a Data Subject may also request that Personal Data be corrected, amended, or deleted.
When MC receives Personal Data, it does so on its customer's or prospective customer's behalf. To request access to, or correction, amendment or deletion of, Personal Data, Data Subjects should contact the MC customer or prospective customer that collected their Personal Data. MC will cooperate with its customers' and prospective customers' reasonable requests to assist Data Subjects to exercise their rights under the Privacy Shield.
For registered users of the website or for individuals providing Personal Data to MC in order to obtain the Services as prospective customers, to request access to, or correction, amendment or deletion of, Personal Data, Data Subjects should contact the Chief Privacy Officer.
Data subjects have the right to opt out of (a) disclosures of their Personal Data to third parties not identified at the time of collection or subsequently authorized, and (b) uses of Personal Data for purposes materially different from those disclosed at the time of collection or subsequently authorized. MC’s customers and prospective customers are responsible for informing Data Subjects when they have the right to opt out of such uses or disclosures.
Data Subjects who wish to limit the use or disclosure of their Personal Data should submit that request to MC’s customer or prospective customer that controls the use and disclosure of their Personal Data. MC will cooperate with its customers’ and prospective customers’ instructions regarding Data Subjects’ choices.
For registered users of the website or for individuals providing Personal Data to MC in order to obtain the Services as prospective customers that wish to limit the use or disclosure of their Personal Data should submit that request to the Chief Privacy Officer.
MC is committed to safeguarding the Personal Data that it receives from the EEA and Switzerland. While MC cannot guarantee the security of Personal Data, MC takes reasonable and appropriate measures to protect Personal Data in MC’s possession from loss, misuse, unauthorized access, disclosure, alteration and destruction.
MC utilizes a combination of online and offline security technologies, procedures and organizational measures to help safeguard Personal Data. For example, facility security is designed to prevent unauthorized access to MC computers. Electronic security measures — including, for example, network access controls, passwords and access logging — provide protection from hacking and other unauthorized access. MC also protects Personal Data through the use of firewalls, role-based restrictions and, where appropriate, encryption technology. MC limits access to Personal Data to employees, subcontractors, and third-party agents that have a specific business reason for accessing such Personal Data. Individuals granted access to Personal Data are aware of their responsibilities to protect such information and are provided appropriate training and instruction.
PURPOSE LIMITATION AND DATA INTEGRITY
MC's customers and prospective customers are responsible for limiting their collection of Personal Data to that which is necessary to accomplish the purposes disclosed to Data Subjects and compatible purposes. They also are responsible for providing MC with instructions for the processing of Personal Data consistent with such purposes. MC will process Personal Data only in accordance with the customer's or prospective customer's instructions.
MC's customers and prospective customers also are responsible for ensuring that (a) Personal Data they collect is accurate, complete, current and reliable for its intended uses; and (b) Personal Data is retained only for as long as is necessary to accomplish the customer's or prospective customer's legitimate business purposes disclosed to the Data Subject and for compatible purposes. MC will cooperate with customers' and prospective customers' reasonable requests for assistance in meeting these obligations.
In the performance of Services, MC will request only the minimum amount of information required to perform the applicable Services and will retain such information only for as long as necessary to provide the Services or for compatible purposes, such as to provide additional Services, to comply with legal requirements, or to preserve or defend MC’s legal rights.
MC will not disclose Personal Data to a third party, except as stated below:
MC may disclose Personal Data to subcontractors and third-party agents who assist MC in providing Services to its customers and prospective customers. Before disclosing Personal Data to a subcontractor or third-party agent, MC will obtain assurances from the recipient that it will: (a) use the Personal Data only to assist MC in providing the Services; (b) provide at least the same level of protection for Personal Data as required by the Principles; and (c) notify MC if the recipient is no longer able to provide the required protections. Upon notice, MC will act promptly to stop and remediate unauthorized processing of Personal Date by a recipient. MC will remain liable for onward transfers to its subcontractors and third-party agents.
MC may also be required to disclose, and may disclose, Personal Data in response to lawful requests by public authorities, including for the purpose of meeting national security or law enforcement requirements or in the event of a merger or acquisition. To the extent permitted, MC will inform its relevant customer or prospective customer before making such disclosure and provide it with a reasonable opportunity to object to such disclosure.
RECOURSE, ENFORCEMENT & LIABILITY
In compliance with the EU-US and Swiss-US Privacy Shield Principles, MC commits to resolve complaints concerning its processing of Personal Data in accordance with the Privacy Shield Principles.
Any Data Subject who has a complaint about MC’s processing of his/her Personal Data should first contact MC’s Privacy Officer by emailing privacy-complaints@MemberClicks.com or by calling 404.879.2800.
MC has further committed to refer unresolved privacy complaints under the EU-US Privacy Shield Principles and Swiss-US Privacy Shield Principles to an independent recourse mechanism, BBB EU PRIVACY SHIELD, operated by the Council of Better Business Bureaus (“BBB”). If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed by MC, please visit www.bbb.org/EU-privacy-shield/for-eu-consumers/ for more information and to file a complaint at no cost to you.
In addition to the above dispute resolution mechanisms, Data Subjects may invoke binding arbitration if their complaint is not resolved by the BBB or by the Department of Commerce after referral from the relevant data protection authority in the EEA or Switzerland. For more information about binding arbitration, visit https://www.privacyshield.gov.
MC is subject to the investigatory and enforcement powers of the Federal Trade Commission.
For More Information
Data Subjects with questions about how MC processes Personal Data should first contact the MC customer or prospective customer that collected the Personal Data. MC's Privacy Officer can be contacted email at privacy-complaints@MemberClicks.com or by calling 404.879.2800.
MC may revise this Policy at any time. If MC decides to materially change this Policy, MC will post the revised Policy at this location.
Effective Date: May 24, 2018.