Overview

The DACdb Usage Policy applies to all Rotarians and Users who have access to the District and Club Database (DACdb). Use of the system is permitted and encouraged where such use supports the goals and objectives of Rotary. However, access to DACdb is a privilege and all users must adhere to the policies as defined herein.

Personal information including, but not limited to; contact information, personal addresses, telephone numbers, credentials, and email addresses are the private property of the individual. The club and district are allowed the use of this data for Rotary business purposes only, with the individual's consent.

Purpose

The purpose of this policy is to protect the use of, and privacy of, our members' data by preventing the distribution or use of this data by anyone, except in accordance with the following procedures.

DACdb Usage:

Unacceptable use of DACdb includes, but is not limited to:

Violations

Violation of this policy (depending on the severity of any abuses) may result in, but not limited to the following actions:

Violations of this policy at the club level will be resolved by the respective Club Officers with the help of the District Communications Officer (DCO) and/or DACdb. Any violation at the district level will be made by the District Communications Officer (DCO) and District Governor and/or DACdb. Any decisions made by DACdb and/or the DCO, with regard to violations of this policy, will be communicated immediately to the District Governor.

Appeal of decisions may be made to the District Governor and/or DACdb. The decisions of DACdb in all such matters are final and may not be appealed further.

Violations of the DACdb Usage Policy may also be voilations of Rotary International rules and those of the European Union's General Data Protection Regulation (GDPR) which will be adopted 25 May 2018 by both Rotary International and all of its licensed vendors.

User compliance

Anyone accessing the District and Club data base ( DACdb), must agree to the terms of this policy, the first time they sign on, before access is granted. By accepting the Usage Policy below, you are acknowledging your understanding of the policy and will abide by the Usage Policy.

Information We Collect About You and How We Collect It

We collect several types of information from and about users of our Website and others, including information:

by which you may be personally identified, including your name, postal address, e-mail address or telephone number ("personal information"), age, gender, language preferences, expertise, date of birth, your internet connection, the equipment you use to access our Website and usage details.

We collect this information:

Directly from you when you provide it to us.

Information You Provide to Us

We collect information you provide when you interact with our Websites or when dealing with Rotary or our network offline including:

Information that you provide by making an inquiry, joining as a member registering for an event, etc. This includes information provided at the time of registering through any of DACdb's websites. We may also ask you for information when you enter a contest or promotion sponsored by us, and when you report a problem with our Website. Records and copies of your correspondence (including e-mail and other electronic messages, including social media posts), if you contact us. Your responses to surveys that we might ask you to complete for research purposes. Details of transactions you carry out through our Website and of the fulfillment of your orders. You may be required to provide financial information before placing an order through our Website. Your search queries on our Website. There may be features that are developed in the future that may result in the collection of additional new information.

You also may provide information to be published or displayed (hereinafter, "posted") on public areas of the Website, or transmitted to other users of the Website or third parties (collectively, "User Content"). Your User Content is posted on and transmitted to others at your own risk. Although we limit access to certain pages and you may set certain privacy settings for such information by logging into your account profile, please be aware that no security measures are perfect or impenetrable. Additionally, we cannot control the actions of other users of the Website with whom you may choose to share your User Content. Usage Details, IP Addresses, Cookies and Other Technologies

As you navigate through and interact with our Website, we may automatically collect certain information about your equipment, browsing actions and patterns, including:

Details of your visits to our Website, including traffic data, location data, logs and other communication data and the resources that you access and use on our Website. Information about your computer and internet connection, including your IP address, operating system and browser type.

How We Use Your Information

We use information that we collect about you or that you provide to us, including any personal information

Accessing and Correcting Your Information

Where you are a registered user on this Website, you can review and change your personal information by logging into our Website and visiting your account profile page.

You may also send us an e-mail at support@dacdb.com to request access to, correct or delete any personal information that you have provided to us. We cannot delete your personal information except by also deleting your user account. We may not accommodate a request to change information if we believe the change would violate any law or legal requirement or cause the information to be incorrect. Your account information may also be held in Rotary International's systems.

If you delete your User Content from the Website, copies of your User Content may remain viewable in cached and archived pages, or might have been copied or stored by other Website users. Proper access and use of information provided on our Website, including User Content, is governed by our Useage Policy, although for EU/EEA based individuals this does not prejudice your mandatory rights under EU Protection Law (see EU Privacy Notice below).

Information Sharing and Disclosures

We may share your information, including your personal information, with other parties as follows:

Cookie Policy

We use cookies (small text files placed on your device) and similar technologies to enable effective provision of our website and online services and to help collect usage and performance data. Cookies allow us to help us recognize you when you return, store your preferences and settings, enable you to sign-in, and analyze how our website and online services are performing.

You have a variety of tools to control cookies and similar technologies, including browser controls, to block and delete cookies. Your browser and other choices may affect your experiences with our website.

If you wish to restrict or block the cookies that are set by the DACdb website(s), you can do so through your browser settings.

Please be aware that restricting cookies may affect the functionality of the DACdb website(s), such as signing in, managing your account, remembering settings, etc.

EU Privacy Notice

If you are a resident of the European Union (EU) or European Economic Area (EEA) whose personal information we collect, the following additional information applies to you.

1 Introduction

1.1 - Where you are an EU or EEA resident and DACdb knowingly collects your personal information (also called 'personal data'), we will do so in accordance with applicable laws that regulate data protection and privacy. This includes, without limitation, the EU General Data Protection Regulation (2016/679) ('GDPR') and EU member state national laws that implement or regulate the collection, processing and privacy of your personal data (together, 'EU Data Protection Law').

1.2 - This EU privacy notice ('EU Privacy Notice') which should be read in conjunction Rotary's Privacy Policy provides further information as required under EU Data Protection Law on how we handle or process the personal data we collect and who we may share it with.

1.3 - This Privacy Notice also provides information on your legal rights under EU Data Protection Law and how you can exercise them.

2 How personal data is collected

2.1 - Because of the global nature of the Rotary organization and its club network, DACdb may hold and process personal data that is collected from clubs, districts and partner organizations around the world, including within the EU/EEA.

2.2 - This also means that if you are a member or individual contact of this network resident in the EU/EEA, your personal data may be transferred from the EU/EEA to DACdb systems in the United States.

2.3 - US data privacy laws are currently not considered to meet the same legal standards of protection for personal data as set out under EU Data Protection Law. However, in order to safeguard personal data received from the EU/EEA, we only allow such a transfer of personal data to the US or other third countries under an approved contract or another appropriate mechanism which is legally authorized under EU Data Protection Law.

2.4 - This is to make sure that the personal data that DACdb receives and processes (so far as it relates to residents of the EU/EEA) is properly safeguarded in accordance with similar legal standards of privacy you would eniov under EU Data Protection Law.

3 Direct Marketing

3.1 - If DACdb provides direct marketing communications to individuals in the EU/EEA regarding services and/or events which may be of interest, this will be done in accordance with EU Data Protection Law, and in particular where we contact individuals for direct marketing purposes by SMS, email, fax, social media and/or any other electronic communication channels, this will only be with the individual's consent or in relation to similar services to services that the individual has purchased (or made direct enquiries about purchasing) from DACdb before.

3.2 - Individuals are also free to object or withdraw consent to receive direct marketing from us at any time, by contacting us at support@dacdb.com.

4 The lawful grounds on which we collect and process personal data

4.1 - We process your personal data for the above purposes, relying on one or more of the following lawful grounds under EU Data Protection Law:

(a) where you have freely provided your specific, informed and unambiguous consent for DACdb to process your personal data for particular purposes:

(b) where we agree to provide services to you, in order to set up and perform our contractual obligations to you and/or enforce our rights:

(c) where we need to process and use your personal data in connection with our legitimate interests as a global network and being able to effectively manage and operate our organization in a consistent manner across all territories. We will always seek to pursue these legitimate interests in a way that does not unduly infringe on your legal rights and freedoms and, in particular, your right to privacy: and/or

(d) where we need to comply with a legal obligation or for the purpose of us being able to establish, exercise or defend legal claims.

4.2 - Please also note that some of the personal data we receive and that we process may include what is known as 'sensitive' or 'special category' personal data about you, for example, information regarding your ethnic origin or political, philosophical and religious beliefs. This is not the type of data that DACdb, Rotary or its clubs would routinely collect, but if we process such sensitive or special category data we will only do this in specific situations where:

(a) you have provided this with your explicit consent for us to use it: or,

(b) there is a legal obligation on us to process such data in accordance with EU Data Protection Law

(c) it is needed to protect your vital interests (or those of someone else) such as in a medical emergency: or,

(d) where you have clearly chosen to publicize such information: or,

(e) where needed in connection with a legal claim that we have or may be subject to.

5 Disclosing vour personal data to third parties

5.1 - We may disclose your personal data to certain third party organizations who are processing data solely in accordance with our instructions (called 'data processors') such as companies and/or organizations that support our business and operations (for example providers of web or database hosting, IT support, payment providers, event organizers, agencies we use to conduct fraud checks or mail management service providers and Rotary International itself) as well as professionals we use such as lawyers, insurers, auditors or accountants. We only use those data processors who can guarantee to us that adequate safeguards are put in place by them to protect the personal data they process on our behalf.

5.2 - We may also disclose your personal data to third parties who make their own determination as to how they process your personal data and for what purpose(s) (called “data controllers”). The external third party data controllers identified above may handle your personal data in accordance with their own chosen procedures and you should check the relevant privacy policies of these companies or organizations to understand how they may use your personal data.

5.3 - Other than as described above, we will treat your personal data as private and will not routinely disclose it to third parties without you knowing about it. The exceptions are in relation to legal proceedings or where we are legally required to do so and cannot tell you (such as a criminal investigation). We always aim to ensure that your personal data is only used by third parties we deal with for lawful purposes and who observe the principles of EU Data Protection Law.

6 How long we retain your personal data for

6.1 - DACdb retains personal data identifying you for as long as necessary in the circumstances - for instance, as long you are a member of a club or have a relationship with our network: for a reasonable period to send you marketing where we have regular contact with you, or as may be needed to enforce or defend contract claims or as is required by applicable law.

7 Your personal data rights

7.1 - In accordance with your legal rights under EU Data Protection Law, you have a 'subject access request' right under which can request information about the personal data that we hold about you, what we use that personal data for and who it may be disclosed to as well as certain other information.

7.2 - Usually we will have one month to respond to a subject access request. However, we reserve the right to verify your identity and we may, in case of complex requests, require a further two months to respond. We may also charge for administrative time in dealing with any manifestly unreasonable or excessive requests. We may also require further information to locate the specific information you seek and certain legal exemptions under EU Data Protection Law may apply when responding to your subject access request.

7.3 - Under EU Data Protection Law. EU/EEA residents also have the following rights. which are exercisable by making a request to us in writing:

(a) that we correct personal data that we hold about you which is inaccurate or incomplete:

(b) that we erase your personal data without undue delay if we no longer need to hold or process it:

(c) to object to any automated processing (if applicable) that we carry out in relation to your personal data. for example if we conduct any automated credit scoring:

(d) to object to our use of your personal data for direct marketing:

(e) to object and/or to restrict the use of your personal data for purpose other than those set out above unless we have a compelling legitimate reason: or

(f) that we transfer personal data to another party where the personal data has been collected with your consent or is being used to perform contract with you and is being processed by automated means.

7.4 - So we can fully comply, please note that these requests may also be forwarded on to third party data processors who are involved in the processing of your personal data on our behalf.

7.5 - If you would like to exercise any of the rights set out above, please contact us at support@dacdb.com.

7.6 - If you make a request and are not satisfied with our response, or believe that we are illegally processing your personal data, you have the right to complain to the Office of the Information Commissioner in the United Kingdom.

Contact Information

support@dacdb.com
(720) 504-7300 x1



Effective as of May 22, 2018