How We Collect Information
- Visiting our website located at paint.org and other websites that are owned or operated by ACA and are linked to on the www.paint.org website (“ACA Websites”)
- Visiting our offices
- Registering for and/or attending our events
- Purchasing our products and services, including any publications and membership benefits
- Subscribing to our newsletters or other communications
Our websites or forms may contain links to other websites or services that are managed by a third party and governed by that party’s own privacy policies. We do not have control over the information you supply directly to these sites or services. We encourage you read the privacy statements of each and every party that collects your information.
Types of Information Collected
The Personal Data that we collect directly from you or from one of our affiliated organizations includes the following:
- If you visit our offices, you may be required to sign in as a visitor and provide us with your full name, email address, and other basic contact information;
- If you contact ACA using the contact information included on the “Contact Us” tab on paint.org or similar features, sign up for one of our events, or subscribe to one of our newsletters or other communications, we generally require you to provide us with your basic contact information, such as your full name, email, company name, job title, phone number, mailing address, business address, username and password for the ACA Websites, and your organization’s web address; and
- If you register for one of our events or membership groups or make any purchase on the ACA Websites, we may also require you to provide us with financial information and billing information, such as billing name and address, payment card number, bank account information, and, for registration or renewal of your ACA membership, your company’s stated annual U.S. net sales total for the purpose of calculating membership dues.
Our Purposes for Collecting Your Information and Our Bases for Collecting It
We collect your Personal Data for the purposes and on the legal bases identified as follows:
Performance of a Contract
- Providing access to membership benefits, including members-only resources and industry-specific features: We will process your Personal Data by managing your membership account for the purpose of providing you with membership services that you have purchased and/or requested;
- Managing event registrations and attendance: We will process your Personal Data to enable you to fully participate in the events you have registered for and to adequately operate such events;
- Managing paid transactions: We will process your financial Personal Data, as provided, to verify the financial qualifications and collect payments to the extent this is necessary for completing transactions with you;
- Managing subscriptions: We will process your Personal Data to ensure that you receive all subscriptions and correspondence you have elected to receive;
- Sending marketing communications: Upon receiving your consent, we will process your Personal Data to market products, events, or other services to you;
- Allowing fellow event participants to contact you: Upon receiving you consent, we will share your Personal Data with event participants to allow them to engage with you directly.
- Managing office visitors: We will process your Personal Data to keep a record of who has visited our offices based on our legitimate business interests, including security purposes;
- Handling contact and user support requests: We will process your Personal Data to communicate with you as necessary to respond to your inquiry based on our legitimate interest to fulfill your request;
- To prevent or investigate a possible crime, such as fraud or identity theft;
- To enforce our Terms and Conditions or other agreements that govern your use of the ACA Websites;
- Complying with legal obligations: We will process your Personal Data to respond to a court order or subpoena or to otherwise comply with the law.
Where we intend to process your Personal Data for a purpose other than the purpose for which it was collected, we will provide you with information regarding the purpose for the processing, as well as other relevant information, prior to processing your Personal Data for the new purpose.
Sharing Your Information
We share your Personal Data, including with the following recipients:
- ACA’s affiliate organizations to ensure continuity and efficiency in our operations;
- Our contracted service providers which provide services such as IT and web-hosting, credit card processing, marketing, subscription and order fulfillment, and cloud services; and
- If you attend an event organized by us, we may share your information with exhibitors, registrants, and/or sponsors of the event, provided that you consent to such sharing.
Your Personal Data may be collected, stored by, and processed by us in the United States and by our affiliates and service providers in other countries where they operate. The United States and such other countries may not have the same level of data protection as those that apply in the jurisdiction where you live. If you reside in the European Economic Area, Switzerland or the United Kingdom, we will transfer your Personal Data across national borders with your consent.
How We Store Your Data and Data Security
All Personal Data collected from you is stored on our servers and/or third-party online cloud storage systems for the purpose of archiving and backing up the information we receive from you. We will determine how long we will retain your Personal Data by factoring the time needed to achieve the purposes of processing your Personal Data, the nature and sensitivity of your data, whether such data is required to be retained by law, and whether we can achieve the same data processing purposes through other means. After weighing these factors, if we determine that your Personal Data is no longer needed for the legitimate purposes discussed herein, we will delete your data. If there is any information that we are unable, for technical reasons, to delete entirely from our systems, we will put in place appropriate measures to prevent any further use of the data.
ACA maintains data security measures to protect information against unauthorized access and disclosure. These measures include the implementation of reasonable technical, physical and administrative data security safeguards. ACA also verifies that any vendors we engage employ reasonable safeguards when carrying out their services on our behalf.
Data Rights of Individuals from the EEA or Switzerland
This section applies to those individuals from the European Economic Area or Switzerland. You have many rights with regards to your Personal Data, subject to local data protection laws. These may include the following rights:
- to access your Personal Data held by us (right to access);
- to correct inaccurate Personal Data and ensure it is complete (right to rectification);
- to erase/delete your Personal Data to the extent permitted by other legal obligations (right to erasure);
- to transfer your Personal Data to another data controller to the extent possible (right to data portability);
- to object to and restrict any processing of your Personal Data by us (right to object);
- to not be subject to a decision based solely on automated processing, including profiling, which produces legal effects (“Automated Decision-Making”); Automated Decision-Making or profiling currently does not take place on our websites; and
To exercise these rights, contact our Data Protection Officer using the information in the “Contact Us” section below. Please be aware that ACA may be unable to afford these rights to you under certain circumstances, such as if we are legally prevented from doing so.
Additionally, you have the right to lodge a complaint against us. To do so, contact the supervisory authority in your country of residence.
ACA reserves the right to use photographs/video taken at ACA-sponsored events, without the expressed written permission of those included within the photograph/video. ACA may use such photographs/video in publications or other ACA media material, including but not limited to: brochures, invitations, books, magazines, websites, etc. To ensure privacy, images will not be identified using names or personally identifying information, without written approval from the photographed subject. A person attending an ACA event who does not wish to have their image recorded for distribution should make their wishes known to the photographer and/or the event organizers. By entering an ACA event, you consent to ACA and its affiliated companies for the foregoing use of your image, voice, and/or likeness.
We reserve the right to change or modify this privacy statement at any time. If we revise our privacy statement, we will post those changes on the homepage of each of the ACA Websites so you are always aware of what information we collect, how we use it, and under what circumstances, if any, we disclose it.
If you have questions about this Privacy Statement or to exercise your rights regarding your data, please contact us in our role as data controller at:
American Coatings Association
901 New York Avenue, NW
Suite 300 West
Washington, DC 20001
Phone: (202) 462-6272
To contact our Data Protection Officer, please send an email to firstname.lastname@example.org