Central European History Society Privacy Policy

Introduction

This Privacy Policy describes how the Central European History Society (“we,” “us,” or “our”) collects, uses, and discloses your personal information when you use our website and services (the “Service”).

We are committed to protecting your personal information and your right to privacy. When you visit our website and services and use our products, you trust us with your personal information. We take your privacy very seriously. In this Privacy Policy, we seek to explain to you in the clearest way possible what information we collect, how we use it, and what rights you have in relation to it.

This Privacy Policy applies to all information collected through our website and services, as well as any related services, sales, marketing, or events.

Please read this Privacy Policy carefully as it will help you understand what we do with the information we collect.

Definitions

To help explain things as clearly as possible in this Privacy Policy, every time any of these terms are referenced, they are strictly defined as:

Cookie: a small file placed on your device to enable certain features and functionality.
Company: when this policy mentions “Company,” “we,” “us,” or “our,” it refers to the Central European History Society (CEHS).
Country: where the Central European History Society or the owners/founders of the Central European History Society are based, in this case the United States.
Customer: refers to the company, organization, or person that signs up to use the Central European History Society’s Service.
Device: any internet-connected device such as a phone, tablet, computer, or any other device that can be used to visit the Central European History Society’s website and use the services.
Personal Data: any information that directly, indirectly, or in connection with other information allows for the identification of a natural person.
Service: refers to the website and services provided by the Central European History Society as described in the relative terms and on this platform.
Third-party service: refers to advertisers, contest sponsors, promotional and marketing partners, and others who provide our content or whose products or services we think may interest you.
Website: Central European History Society’s site, which can be accessed via https://centraleuropeanhistory.org.
You: a person or entity that is registered with the Central European History Society to use the Services.

Information We Collect

We collect several different types of information for various purposes to provide and improve our Service to you.

Personal Data

While using our Service, we may ask you to provide us with certain personally identifiable information that can be used to contact or identify you. Personally identifiable information may include, but is not limited to:

Email address
First name and last name
Phone number
Address, State, Province, ZIP/Postal code, City
Cookies and Usage Data

Financial Data

Financial information such as payment method details (including credit card numbers, banking information) is collected and stored by our payment processors, and we may receive certain information from these payment processors to facilitate payments. All payment data is stored by our payment processor (such as PayPal, Stripe, etc.), and you should review their privacy policies to understand their privacy practices.

Usage Data

We may also collect information about how the Service is accessed and used (“Usage Data”). This Usage Data may include information such as your computer’s Internet Protocol address (e.g. IP address), browser type, browser version, the pages of our Service that you visit, the time and date of your visit, the time spent on those pages, unique device identifiers and other diagnostic data.

Tracking Technologies and Cookies

We use cookies and similar tracking technologies to track the activity on our Service and hold certain information.

Cookies are files with a small amount of data which may include an anonymous unique identifier. Cookies are sent to your browser from a website and stored on your device. Tracking technologies also used are beacons, tags, and scripts to collect and track information and to improve and analyze our Service.

You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our Service.

Examples of Cookies we use:

Session Cookies: We use Session Cookies to operate our Service.
Preference Cookies: We use Preference Cookies to remember your preferences and various settings.
Security Cookies: We use Security Cookies for security purposes.
Advertising Cookies: Advertising Cookies are used to serve you with advertisements that may be relevant to you and your interests.

Information Received from Other Sources

We may receive information about you from publicly available and third-party databases or services that provide information about historians and combine this data with information we already have about you. This helps us to update, expand and analyze our records, identify others interested in the history of Central Europe, and provide products and services that may be of interest to you. We will obtain your consent before contacting you if required by the law of the country in which you are located.

How We Use Your Information

The Central European History Society uses the collected data for various purposes:

To provide and maintain our Service;
To notify you about changes to our Service;
To allow you to participate in interactive features of our Service when you choose to do so;
To provide customer support;
To gather analysis or valuable information so that we can improve our Service;
To monitor the usage of our Service;
To detect, prevent and address technical issues;
To fulfill any other purpose for which you provide it;
To provide you with news, special offers and general information about other goods, services and events which we offer that are similar to those that you have already purchased or enquired about unless you have opted not to receive such information;
In any other way we may describe when you provide the information;
For any other purpose with your consent.

Legal Basis for Processing Personal Data under GDPR

If you are from the European Economic Area (EEA), the Central European History Society’s legal basis for collecting and using the personal information described in this Privacy Policy depends on the Personal Data we collect and the specific context in which we collect it. (See also the section “EU Data Subjects” below.)

Central European History Society may process your Personal Data because:

We need to perform a contract with you;
You have given us permission to do so;
The processing is in our legitimate interests and it is not overridden by your rights;
It necessary to comply with the law.

Retention of Your Personal Data

The Central European History Society will retain your Personal Data only for as long as is necessary for the purposes set out in this Privacy Policy. We will retain and use your Personal Data to the extent necessary to comply with our legal obligations (for example, if we are required to retain your data to comply with applicable laws), resolve disputes, and enforce our legal agreements and policies.

The Central European History Society will also retain Usage Data for internal analysis purposes. Usage Data is generally retained for a shorter period of time, except when this data is used to strengthen the security or to improve the functionality of our Service, or we are legally obligated to retain this data for longer time periods.

Data Retention for Physical Goods

For orders involving physical goods, we retain your shipping and billing information, including your name, address, and contact details, as necessary to fulfill your order, process returns, manage warranty claims, and comply with tax, legal, and regulatory obligations. This information may be retained for a longer period than other personal data to ensure proper delivery of goods and to handle any post-purchase issues that may arise.

Transfer of Your Personal Data

Your information, including Personal Data, may be transferred to — and maintained on — computers located outside of your state, province, country or other governmental jurisdiction where the data protection laws may differ from those of your jurisdiction.

If you are located outside United States and choose to provide information to us, please note that we transfer the data, including Personal Data, to the United States and process it there.

Your consent to this Privacy Policy followed by your submission of such information represents your agreement to that transfer.

The Central European History Society will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy and no transfer of your Personal Data will take place to an organization or a country unless there are adequate controls in place including the security of your data and other personal information.

Disclosure of Your Personal Data

Business Transactions

If the Central European History Society is involved in a merger, acquisition or asset sale, your Personal Data may be transferred. We will provide notice before your Personal Data is transferred and becomes subject to a different Privacy Policy.

Disclosure for Law Enforcement

Under certain circumstances, the Central European History Society may be required to disclose your Personal Data if required to do so by law or in response to valid requests by public authorities (e.g. a court or a government agency).

Legal Requirements

The Central European History Society may disclose your Personal Data in the good faith belief that such action is necessary to:

Comply with a legal obligation
Protect and defend the rights or property of Central European History Society
Prevent or investigate possible wrongdoing in connection with the Service
Protect the personal safety of users of the Service or the public
Protect against legal liability

Third Party Disclosure

We may provide paid products and/or services within the website. In that case, we use third-party services for payment processing (e.g. payment processors).

We will not store or collect your payment card details. That information is provided directly to our third-party payment processors whose use of your personal information is governed by their Privacy Policy. These payment processors adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, Mastercard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of payment information.

The payment processors we currently work with are:

PayPal: Its Privacy Policy can be viewed at https://www.paypal.com/webapps/mpp/ua/privacy-full
Stripe: Its Privacy Policy can be viewed at https://stripe.com/us/privacy

Security of Your Personal Data

We are committed to taking reasonable efforts to secure the information that you choose to provide us, and we use a variety of security technologies and procedures to help protect against unauthorized access to or alteration, disclosure, or destruction of Personal Data. We restrict access to Personal Data to our employees, contractors and service providers (described in the “Disclosure of Information” section above) who need to know the information in order to operate, develop, or improve our services.

Unfortunately, no transmission of Personal Data over the Internet can be guaranteed to be 100% secure. Accordingly, and despite our efforts, CEHS cannot guarantee or warrant the security of any information you transmit to us, or to or from our online products or services. CEHS has no responsibility or liability for the security of information transmitted via the Internet. If you have questions about this Privacy Policy or the security of your Personal Data, please contact us as indicated under the “Contact Us” section below. We retain your Personal Data for as long as your account is active or as needed to provide you services, comply with our legal obligations, resolve disputes and enforce our agreements. We retain Personal Data collected through the Platforms we process on behalf of our Clients for as long as needed to provide services to our Client and pursuant to our contract with that Client.

Children’s Privacy

CEHS’s website does not address anyone under the age of 13. We do not knowingly collect personally identifiable information from anyone under the age of 13. If you are a parent or guardian and you are aware that your child has provided us with Personal Data, please contact us. If we become aware that we have collected Personal Data from anyone under the age of 13 without verification of parental consent, we take steps to remove that information from our servers.

If we need to rely on consent as a legal basis for processing your information and your country requires consent from a parent, we may require your parent’s consent before we collect and use that information.

Your Data Protection Rights

Depending on your location and applicable laws, you may have certain rights regarding your personal information, including rights to access, correct, delete, or restrict use of your information. We honor these rights regardless of your location and are committed to providing reasonable access to the information that you have shared with us.

General Data Access and Deletion Rights

Regardless of your location, CEHS acknowledges that you have the right to access your Personal Data. Our website allows you to access, correct, amend or delete inaccurate data. In the case you request us to remove data, we will respond within a reasonable timeframe.

Upon request, CEHS will provide you with information about whether we hold any of your Personal Data. You can update or correct your Personal Data or remove it from our system by making a request to us using the contact information provided at the end of this Privacy Policy.

We will respond to your request within 30 days. Note that we may need to verify your identity before processing your request. If access cannot be provided within that time frame, we will provide the requesting party with an estimated date by which the information will be provided. If for some reason access is denied, we will provide an explanation of why access has been denied.

Moreover, when you create a member profile, we will collect the additional information that you elect to upload to your profile, such as a biography, your education and job history, and employer information. You should carefully consider whether you wish to submit Personal Data and whether you wish to make your profile available to other users, and you should tailor any content you submit appropriately. You should also review any additional terms and conditions that may govern your use of our services.

If you are an EU Data Subject, please see the following “EU Data Subjects” section for information on your rights in relation to the Personal Data we hold about you.

EU Data Subjects

Scope. This section applies if you are an individual located in the European Union (“EU”) (“EU Data Subject”). For these purposes, reference to the EU also includes the European Economic Area countries of Iceland, Liechtenstein and Norway and, where applicable, Switzerland.

Data Controller. The Central European History Society is the data controller for the processing of your Personal Data, but we act as data processor on behalf of Clients for Personal Data that we process through our websites.

Your Rights. Subject to applicable law, you have the following rights in relation to your Personal Data:

Right of access: If you ask us, we will confirm whether we are processing your Personal Data and, if so, provide you with a copy of that Personal Data (along with certain other details). If you require additional copies, we may need to charge a reasonable fee.
Right to rectification: If your Personal Data is inaccurate or incomplete, you are entitled to have it rectified or completed. If we have shared your Personal Data with others, we will tell them about the rectification where possible. If you ask us, where possible and lawful to do so, we will also tell you with whom we shared your Personal Data so that you can contact them directly.
Right to erasure: You may ask us to delete or remove your Personal Data and we will do so in some circumstances, such as where we no longer need it (we may not delete your data when other interests outweigh your right to deletion). If we have shared your data with others, we will tell them about the erasure where possible. If you ask us, where possible and lawful to do so, we will also tell you with whom we shared your Personal Data so that you can contact them directly.
Right to restrict processing: You may ask us to restrict or “block”the processing of your Personal Data in certain circumstances, such as where you contest the accuracy of that Personal Data or object to us processing it. We will tell you before we lift any restriction on processing. If we have shared your Personal Data with others, we will tell them about the restriction where possible. If you ask us, where possible and lawful to do so, we will also tell you with whom we shared your Personal Data so that you can contact them directly.
Right to data portability: Effective May 25, 2018, you have the right to obtain your Personal Data from us that you consented to give us or that is necessary to perform a contract with you. We will give you your Personal Data in a structured, commonly used and machine-readable format. You may reuse it elsewhere.
Right to object: You may ask us at any time to stop processing your Personal Data, and we will do so:
- If we are relying on a legitimate interest to process your Personal Data — unless we demonstrate compelling legitimate grounds for the processing; or
- If we are processing your Personal Data for direct marketing.
Rights in relation to automated decision-making and profiling:You have the right to be free from decisions based solely on automated processing of your Personal Data, including profiling, that affect you, unless such processing is necessary for entering into, or the performance of, a contract between you and us or you provide your explicit consent to such processing.
Right to withdraw consent: If we rely on your consent to process your Personal Data, you have the right to withdraw that consent at any time. This will not affect the lawfulness of processing based on your prior consent.
Right to lodge a complaint with the data protection authority: If you have a concern about our privacy practices, including the way we have handled your Personal Data, you can report it to the data protection authority that is authorized to hear those concerns. You may exercise your rights by contacting us as indicated under the “Contact Us” section below.

Legitimate Interest. “Legitimate interests” means the interests of the CEH in conducting and managing our organization. For example, we have a legitimate interest in processing your Personal Data to analyze how our websites, and our products and services are being used by you, and to ensure network and information security, as described in this Privacy Policy. When we process your Personal Data for our legitimate interests, we make sure to consider and balance any potential impact on you, and your rights under data protection laws. Our legitimate interests do not automatically override your interests. We will not use your Personal Data for activities where our interests are overridden by the impact on you, unless we have your consent or those activities are otherwise required or permitted to by law. You have the right to object to processing that is based on our legitimate interests. For more information on your rights, please see “Your Rights” section above.

CCPA Privacy Rights (California Residents)

If you are a California resident, you are entitled to learn what data we collect about you, ask to delete your data and not to sell (share) it. To exercise your data protection rights, you can make certain requests and ask us:

What personal information we have about you. If you make this request, we will return to you:
- The categories of personal information we have collected about you
- The categories of sources from which we collect your personal information
- The business or commercial purpose for collecting or selling your personal information
- The categories of third parties with whom we share personal information
- The specific pieces of personal information we have collected about you
- A list of categories of personal information that we have sold, along with the category of any other company we sold it to
- A list of categories of personal information that we have disclosed for a business purpose, along with the category of any other company we shared it with.
To delete your personal information. If you make this request, we will delete the personal information we hold about you as of the date of your request from our records and direct any service providers to do the same. In some cases, deletion may be accomplished through de-identification of the information. If you choose to delete your personal information, you may not be able to use certain functions that require your personal information to operate.
To stop selling your personal information. We don’t sell or rent your personal information to any third parties for any purpose. We do not sell your personal information for monetary consideration. However, under some state laws, sharing your data through certain targeted advertisements may be considered a “sale” of information. You are the only owner of your Personal Data and can request disclosure or deletion at any time.

We will respond to verified requests within 45 days as required by the CCPA. If we need more time, we will inform you of the reason and extension period in writing.

Our Security Measures to Protect Your Personal Data

Service Providers

We may employ third-party companies and individuals to facilitate our Service (“Service Providers”), to provide the Service on our behalf, to perform Service-related services or to assist us in analyzing how our Service is used.

These third parties have access to your Personal Data only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose.

Links to Other Sites

Our website may contain links to other sites that are not operated by us. If you click on a third-party link, you will be directed to that third party’s site. We strongly advise you to review the Privacy Policy of every site you visit.

We have no control over and assume no responsibility for the content, privacy policies or practices of any third-party sites or services.

Conditions of Use

By using the websites, and our services, you agree to the terms and conditions contained in this Privacy Policy and Conditions of Use and/or any other agreement that we might have with you. If you do not agree to any of these terms and conditions, you should not use our websites. You agree that any dispute over privacy or the terms contained in this Privacy Policy and Conditions of Use and any other agreement we have with you will be governed by the laws of North Carolina (the state in which the Central European History Society is officially incorporated). You also agree to arbitrate any such dispute in North Carolina, and to abide by any limitation on damages contained in any agreement we may have with you.

Changes to this Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page.

We will let you know via email and/or a prominent notice on our Service, prior to the change becoming effective and update the “effective date” at the top of this Privacy Policy.

You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.

Contact Us

If you have any questions about this Privacy Policy, please contact us:

By email: cehs@centraleuropeanhistory.org
By visiting this page on our website: https://www.centraleuropeanhistory.org/privacy
By mail: c/o History Department, Emory University, 561 South Kilgo Circle NE, Atlanta, GA 30322