Effective/Last Updated: June 1, 2021
Table Of Contents
- Who we are and how to contact us
- Categories of personal data collected about you and others
- How your personal data is used and the legal basis for its processing
- Data Retention
- How your personal data is disclosed
- Third-Party Websites
- Your Data Protection Rights
- Communities and Forums Offered on our Site
- Children’s Privacy
- Transfers of Personal Data Outside of Europe
- Privacy Shield
- Changes to This Policy
Categories of personal data collected about you and others
A. General. Personal data refers to any information about an identified or identifiable individual. When you engage in certain activities on our Site, such as purchasing a product, submitting content and/or posting content on any of our blogs, or sending us feedback, we may ask you to provide certain information about yourself. Examples of personal data may include your first and last name, email address, mailing address, telephone numbers, age group, gender and other identifying information. When setting up your profile on our Site, you may be asked to provide an e-mail address, phone number, and address.
We gather certain information about you based upon where you visit on our Site, and what other sites may have directed you to us. This information, which is collected in a variety of different ways, is compiled and analyzed on both a personal and an aggregated basis. This technology enables us to determine (i) your IP Address of your computer and its geographic location from installing the applications onto your computer or mobile device; (ii) your search terms or interactive behavior via BNI Site; (iii) your purchasing behavior; (iv) source of the information sought by you during your search; and (v) the age of your results data (collectively, “Shared Information”).
B. Other Information You Provide. We may also collect and store any personal data you enter on our Site or provide to us in some other manner, including personal data that may be contained in any comment you post to our Site. This includes your images (both still and moving).
C. Information About Others. We may also collect and store personal data about other people provided to us by users, potentially including their businesses, contact details including email addresses and/or IP addresses. This data is used in the legitimate interests of providing information to potential members, for the purposes of generating invitations to Chapter meetings and other BNI events, and for the provision of certain other information related to the potential purchase of goods or services from BNI.
D. Automatic Collection of Data. Information concerning your computer hardware and software is automatically collected and may be shared with other BNI or affiliated websites. This information may include: your IP address, browser type and language, domain names, access times, referring website addresses and the content of any undeleted cookies that your browser previously accepted from us (see “Cookies” below).
E. Cookies. When you visit our Site, if you provide opt-in consent, we may use one or more “Cookies” to make our Site easier for you to use and to personalize your online experience. Through the use of a cookie, we also may automatically collect information about your online activity on our Site, such as the web pages you visit, the links you click, and the amount of time you spend on the Site. You can withhold or withdraw consent, but if you choose to decline cookies, you may not be able to sign in or use some of the features offered on our Site.
F. Other Technologies. We may use the ever-evolving Internet technology, such as web beacons and other similar technologies, to track your use of our Site. We also may include web beacons in company e-mail messages, newsletters, or notifications to determine whether messages have been opened and/or acted upon. This enables us to customize the services we offer our Site visitors to deliver targeted advertisements and to measure the overall effectiveness of our online advertising, content, programming or other activities.
G. Information From Other Sources. We sometimes supplement the information that we receive that has been outlined in this Policy with information from other sources and companies. Such outside information includes updated delivery and address information from carriers or third parties, which enables us to correct our records and deliver, for example, future communications more easily; account information, purchase or redemption information, and page-view information from some merchants with which we operate co-branded businesses or for which we provide technical, fulfilment, advertising, or other services; search term and search result information from some searches conducted through the Web search features; search results and links, including paid listings (such as Sponsored Links from Google); and credit history information from credit bureaus, which we use to help prevent and detect fraud and to offer certain credit or financial services to some customers.
How your personal data is used and the legal basis for its processing
We primarily use your personal data to provide support or service offerings to you.
A. Contractual Necessity. On the basis of contractual necessity, we process the personal data of members and membership applicants to:
manage your account and provide you with customer support;
enforce our terms and conditions;
manage our business;
enable and leverage applications such as BNI Connect to provide user functionality;
process payment for any purchases, subscriptions or sales made on our Site, and to protect you and ourselves against, or identify, possible fraudulent transactions, and otherwise as needed to manage our business.
B. Legitimate Interest. In our legitimate interests in the maintenance and development of our business, we may process your data to:
- perform research and analysis about your use of, or interest in, our products, services, or content, or products, services or content offered by others; this information may be used, by way of example only, to help us understand the demographics of potential members, identify chapters with openings for certain professions, inform future marketing campaigns, and judge the success of marketing strategies;
- cross market your services/products with our services and our affiliates’ services;
- verify your eligibility and deliver online and/or offline in connection with contests and sweepstakes;
- protect and defend the rights or property of BNI or one of BNI’s referral networks.
C. Consent. You may consent to us:
- providing your email address and other information to our business partners for offers to you of products, services, promotions, contests and/or sweepstakes;
- sending you email notifications and/or newsletters.
- Creating and operating cookies on your devices when you visit our websites.
You have the right to withdraw your consent at any time by emailing us at email@example.com.
D. Legal Necessity. When legally necessary, we may also process your personal data:
- to establish or exercise our legal rights, or to defend against legal claims;
- in the vital interests of staff, members and users of BNI, or the public, to protect their personal safety.
Your data will only be retained for as long as necessary to fulfil the purposes for which it was obtained and/or to meet any applicable legal obligations. Please see our Data Retention Policy, accessible at http://bnitos.com/retention.html for more information.
How your personal data is disclosed
We may share your personal data with:
A. Authorized Service Providers. Authorized service providers performing services on our behalf, e.g., processing credit card payments, delivering products and services, providing customer service and marketing assistance, performing business and sales analysis, supporting our Site’s functionality, and supporting other features and promotions offered through our Site.
B. Business partners. From time to time, we may offer products, services, promotions, contests and/or sweepstakes on our Site and share personal data with the businesses with which we partner to provide these offers.
C. Franchisees. We may share your personal data with BNI Master Franchisees or (Sub)franchisees of BNI, who are joint controllers of data (“Data Controller”) with our affiliate BNI Worldwide Development Limited, in order to, for example, direct you to a BNI Chapter or potentially provide you with additional information about franchise opportunities based on your interest. As joint Data Controllers, Master Franchisees and (Sub)franchisees have separate obligations for implementing appropriate technical and organizational measures to ensure and to demonstrate that their processing activities are compliant with the requirements of the European Union’s General Data Protection Regulation (“GDPR” or the “Regulation”).
D. Other Situations. We may also disclose your information:
- under a legal obligation, including but not limited to, subpoena or court order;
- under legal authority to respond to requests for cooperation from a law enforcement or other government agency (including civil and criminal matters);
- to prevent illegal activity, to prevent imminent bodily harm, or to protect ourselves and you from people violating our Terms of Service, accessible at https://www.bni.com/terms-and-conditions. This may include sharing personal data with, for example, other companies, lawyers, courts or other government entities where applicable;
- In connection with a substantial corporate transaction, such as the sale of our business, a merger, divestiture, consolidation, or asset sale, though in any event, any acquiring entity or other third-party assignee will be bound by the provisions of this Policy; to protect and defend the rights or property of BNI or one of BNI’s referral networks; and, act under exigent circumstances to protect the personal safety of members and users of BNI, its Site, or the public. This may include sharing personal data with, for example, other BNI members, visitors, government health agencies, or other government entities.
Any third parties to whom we may disclose personal data may have their own data protection and privacy notices/policies, which we encourage you to view on the websites of those third parties.
There are a number of places on our Site or through our services where you may click on a link to access other websites that do not operate under this Policy. For example, if you click on an advertisement or a search result on our Site, you may be taken to a website that we do not control. These third-party websites may independently solicit and collect personal data from you and, in some instances, provide us with information about your activities on those websites. We recommend that you consult the data protection and privacy notices/policies of all third-party websites you visit.
Your Data Protection Rights
Under GDPR, you have the following rights:
- You have the right to be provided on request with a copy of your personal data.
- You have the right to rectification of inaccurate data we may have recorded about you.
- You have the right to the erasure of your data (“Right to be Forgotten”) which we no longer have justification for recording.
- You have the right to object to processing of your data which is being done on the basis of our legitimate interests.
- You have the right to refuse to be contacted for direct marketing purposes.
- You have the right to restrict the processing of your personal data when:
- the basis for its processing is in dispute;
- its accuracy is in dispute;
- we cannot establish a lawful basis for its processing, but you do not wish it to be erased;
- we no longer need your data, but you need it for the establishment, exercise, or defense of legal claims;
- you object, where applicable, to our processing your data on the basis of our legitimate interests, pending verification of whether our interests override.
- You have the right to be provided in a structured, commonly used and machine-readable format with a copy of your data which we process on the basis of your consent or contractual necessity, or to have it transferred directly to another data controller (“Data Portability”).
If you are not satisfied with our responses or are otherwise concerned with how we process your personal data, you also have the right to make a complaint to our supervisory authority, Ireland’s Data Protection Commission (www.dataprotection.ie).
Communities and Forums Offered on our Site
We may provide areas on our Site where you can post information about yourself, including your name and email address, communicate with others; upload content; and post comments. Such postings are governed by our Terms of Service. Also, whenever you voluntarily disclose personal data on our Site, that data will be available and can be collected and used by others who have authorized access to your content.
We encourage you to exercise discretion and caution with respect to your personal data. Once you have posted data, you may not be able to edit or delete such data.
Any personal data that you disclose through our Site, or other online forums hosted on our Site, may be collected and used by others. We recommend caution when giving out personal data to others in these online forums.
Our Site is a general audience site not intended for use by children, and we do not knowingly collect personal data from children. You may access our Site only if you are of legal age to lawfully form a binding contract.
Transfers of Personal Data Outside of Europe
The global extent of BNI’s business necessitates the transfers of personal data to its franchisees, members, and business partners and service providers on a worldwide basis. When personal data is transferred from the European Economic Area (EEA), at least one of the following safeguards to protect your personal data to a similar level as within the EEA will be applied:
- Our franchisees, business partners or service providers are located in countries which have been designated by the European Commission as having an adequate national standard of data protection; or
- We will require our franchisees, business partners or service providers to adopt the data protection standard contractual clauses (“SCC”) pre-approved by the European Commission.
Although the EU-U.S. and Swiss-U.S. Privacy Shield Frameworks are no longer valid mechanisms to comply with EU and Swiss data protection requirements when transferring personal data from the European Union or Switzerland to the United States, BNI continues to adhere to the Privacy Shield Framework recommendations pertaining to the transfer of information to third parties, access, security, data integrity and purpose limitation and enforcement. Additional information on the Privacy Shield Program can be viewed at https://www.privacyshield.gov. The Federal Trade Commission (FTC) has jurisdiction over BNI’s compliance with the Privacy Shield. While the U.S. Department of Commerce continues to administer the Privacy Shield program, BNI will annually renew its Privacy Shield certification to help ensure the treatment of all personal data continues to be accurate and processed in accordance with the Privacy Shield Framework and applicable Principles. In cases of onward transfer to third parties of EU and Swiss Personal Data received pursuant to the EU-US and Swiss-US Privacy Shield Framework, BNI is potentially liable. All questions or complaints regarding the processing and use of personal data should be directed to firstname.lastname@example.org.
BNI has elected JAMS as its independent dispute resolution mechanism in accordance with requirements set forth by Privacy Shield. If questions or complaints are not resolved satisfactorily through contacting BNI, users can file a complaint with JAMS at https://www.jamsadr.com/file-an-eu-us-privacy-shield-or-safe-harbor-claim.
You may have the option to select binding arbitration for the resolution of your complaint under certain circumstances, provided you have taken the following steps: (1) raised your complaint directly with BNI and provided us the opportunity to resolve the issue; (2) made use of the independent dispute resolution mechanism identified above; and (3) raised the issue through the relevant data protection authority (DPA) and allowed the US Department of Commerce an opportunity to resolve the complaint at no cost to you. For more information on binding arbitration, see US Department of Commerce’s Privacy Shield Framework: Annex I (Binding Arbitration).
Changes to This Policy
We will occasionally update this Policy to reflect changes in our practices and services. When we post changes, we will revise the “Last Updated” date at the top of the Policy. If we make any material changes in the way we collect, use, and/or share your personal data, we will notify you by email to the email address you most recently provided us in your account, profile or registration, if we have such an email address, and/or by prominently posting notice of the changes on our Site. We recommend that you check our Site from time to time to inform yourself of any changes in this Policy.
©2020 BNI Global LLC. All rights reserved.