This Privacy, Data Collection and Data Breach Policy describes how the Association of Ship Brokers & Agents (USA) Inc. (“ASBA”) processes and uses personal information disclosed to ASBA by its members, subscribers and event attendees and also sets forth a data breach contingency plan.
Some or all of the following personal data is collected from delegates attending an ASBA event:
- name and contact details;
- date of birth, passport information and credit card information;
- information on any food allergies or mobility restrictions.
This data will be collected on either a printed registration form or through an online registration process.
ASBA also collects and retains very limited personal data relating to its members. Retained member data includes information disclosed on the ASBA membership application form and includes the names and contact details of individual members or similar personal data relating to company member employees who may be disclosed on the application form.
The personal data collected for ASBA events and programs and retained by ASBA is limited to name, company affiliation and email address. This data is used by ASBA to contact the attendee with information on the event and for encouraging participation in the same or other ASBA events, conferences, courses or seminars. The names of participants and their company will be recorded in the event’s Delegate List, shared with other participants, posted on the ASBA website and retained by ASBA for historical purposes.
Date of birth, passport and credit card information will be destroyed and deleted following the event. Data collected in relation to one specific event will only be used for that event; it will not be transferred to another event. Where the same information is required for two separate events, it will be requested separately for each.
Member data is used to contact and alert members about ASBA events and programs, issues of interest and concern to ASBA members, new postings on the ASBA website and notice of the Annual General Meeting. Retained personal data will not be sold or transferred to third parties.
ASBA respects the right of recipients of ASBA emails and alerts to be removed from ASBA’s mailing list and email notifications and will provide an opt-out or unsubscribe option on all such communications. A recipient can also call (201-569-2882) or email (firstname.lastname@example.org) ASBA to change its email preferences.
USE OF PHOTOGRAPHS OR VIDEO FOOTAGE:
Photographs or video footage taken during an ASBA event, or where an ASBA representative participates in an external event, may be used for ASBA’s own publicity purposes and posted on the ASBA website or its social media accounts on Facebook and LinkedIn.
Speakers, interviewees and event attendees are deemed to be aware that they may be photographed or videotaped during the event and that they may be identified by name should the photographs or videos be used. Photographs or video footage of a general nature, for example of a larger group of event participants, will not separately identify those participants. In posting or publishing event photographs or videos, ASBA will not knowingly embarrass or cause harm to the subjects involved. Any person wishing to have photographs or video images of themselves removed from the ASBA website or its social media should notify ASBA, in which case the images will be taken down as soon as possible. (See the Data Collection Statement below).
DATA COLLECTION STATEMENT:
Any printed or online form that collects personal information for event registration shall include the following statement:
“ASBA’s DATA COLLECTION AND RETENTION POLICY:
Personal information collected in respect of participation in, or registration for, this event will be held securely by ASBA. Date of birth, passport and credit card information will be destroyed and deleted following the event. Photographs or video footage taken during the event may be posted to ASBA’s website or social media sites or otherwise used to promote ASBA. An attendee may request that ASBA not publish, or remove, photographs or video footage containing the attendee’s image. Action will be taken promptly after the request is received.”
DATA SECURITY, BREACH PREVENTION & INVESTIGATION:
ASBA is committed to protecting member, subscriber or event attendee personal information from unauthorized access, alteration, disclosure or destruction. To prevent unauthorized access or disclosure, to maintain data accuracy and to ensure the proper use of personal information, ASBA undertakes a range of appropriate physical, technical and administrative measures to safeguard the information collected.
Notwithstanding such measures and efforts, ASBA recognizes that data breaches can occur and that a coherent and structured course of action must be in place should such a breach take place.
Any person whose data is collected or processed by ASBA and who believes such information has been compromised while in ASBA’s possession, is requested to immediately notify the Executive Director. Upon receipt of such notice, ASBA will promptly investigate and ascertain whether a personal data breach actually occurred.
Likewise, if ASBA itself becomes aware of a data breach, ASBA will take prompt action to identify the scope and cause of the breach and will assess the likely impacts on the persons concerned. In either case, ASBA will promptly notify the affected persons and advise them of actions taken by ASBA, as well actions that can be taken by the affected persons, to mitigate any adverse impacts of the breach.
ASBA will also initiate measures to reduce the risk that such a breach will reoccur. This may involve implementing enhanced cyber security protections, modifying data collection, processing and retention policies and procedures or any other action that may be appropriate and proportional to the scale of the breach and the information involved.