Privacy Statement (US)

This privacy statement was last changed on December 19, 2023, last checked on December 19, 2023, and applies to citizens and legal permanent residents of the United States.

In this privacy statement, we explain what we do with the data we obtain about you via https://cvillebiohub.org. We recommend you carefully read this statement. In our processing we comply with the requirements of privacy legislation. That means, among other things, that:

  • we clearly state the purposes for which we process personal data. We do this by means of this privacy statement;
  • we aim to limit our collection of personal data to only the personal data required for legitimate purposes;
  • we first request your explicit consent to process your personal data in cases requiring your consent;
  • we take appropriate security measures to protect your personal data and also require this from parties that process personal data on our behalf;
  • we respect your right to access your personal data or have it corrected or deleted, at your request.

If you have any questions, or want to know exactly what data we keep of you, please contact us.

1. Purpose and categories of data

We may collect or receive personal information for a number of purposes connected with our business operations which may include the following: (click to expand)

1.1 Contact - Through phone, mail, email and/or webforms

The following categories of data are collected

  • An email address

Retention period

We retain this data until the service is terminated.

1.2 Registering an account

The following categories of data are collected

  • A first and last name
  • A home or other physical address, including street name and name of a city or town
  • An email address
  • Education information
  • Professional or employment-related information
  • Employment history

Retention period

We retain this data until the service is terminated.

1.3 Newsletters

The following categories of data are collected

  • An email address

Retention period

We retain this data until the service is terminated.

1.4 Compiling and analyzing statistics for website improvement.

The following categories of data are collected

  • IP Address
  • Internet activity information, including, but not limited to, browsing history, search history, and information regarding a consumer's interaction with an Internet Web site, application, or advertisement

Retention period

We retain this data until the service is terminated.

2. Sharing with other parties

We only share or disclose this data to other recipients for the following purposes:

3. Disclosure practices

We disclose personal information if we are required by law or by a court order, in response to a law enforcement agency, to the extent permitted under other provisions of law, to provide information, or for an investigation on a matter related to public safety.

If our website or organisation is taken over, sold, or involved in a merger or acquisition, your details may be disclosed to our advisers and any prospective purchasers and will be passed on to the new owners.

4. How we respond to Do Not Track signals & Global Privacy Control

Our website does not respond to and does not support the Do Not Track (DNT) header request field.

5. Cookies

Our website uses cookies. For more information about cookies, please refer to our Cookie Policy on our Cookie Policy (US) webpage. 

We have concluded a data processing agreement with Google.

6. Security

We are committed to the security of personal data. We take appropriate security measures to limit abuse of and unauthorized access to personal data. This ensures that only the necessary persons have access to your data, that access to the data is protected, and that our security measures are regularly reviewed.

7. Third-party websites

This privacy statement does not apply to third-party websites connected by links on our website. We cannot guarantee that these third parties handle your personal data in a reliable or secure manner. We recommend you read the privacy statements of these websites prior to making use of these websites.

8. Amendments to this privacy statement

We reserve the right to make amendments to this privacy statement. It is recommended that you consult this privacy statement regularly in order to be aware of any changes. In addition, we will actively inform you wherever possible.

9. Accessing and modifying your data

If you have any questions or want to know which personal data we have about you, please contact us. Please make sure to always clearly state who you are, so that we can be certain that we do not modify or delete any data of the wrong person. We shall provide the requested information only upon receipt of a verifiable consumer request. You can contact us by using the information below. You have the following rights:

9.1 You have the following rights with respect to your personal data

  1. You may submit a request for access to the data we process about you.
  2. You may object to the processing.
  3. You may request an overview, in a commonly used format, of the data we process about you.
  4. You may request correction or deletion of the data if it is incorrect or not or no longer relevant, or to ask to restrict the processing of the data.

9.2 Supplements

This section, which supplements the rest of this Privacy Statement, applies to citizens and legal permanent residents of California (CPRA) and Virginia (CDPA)

California

Right to know what personal information is being collected about you

A consumer shall have the right to request that a business that collects personal information about the consumer disclose to the consumer the following:

  1. The categories of personal information it has collected about that consumer.
  2. The categories of sources from which the personal information is collected.
  3. The business or commercial purpose for collecting or selling personal information.
  4. The categories of third parties with whom the business shares personal information.
  5. The specific pieces of personal information it has collected about that consumer.

The right to know whether personal information is sold or disclosed and to whom

A consumer shall have the right to request that a business that sells the consumer’s personal information, or that discloses it for a business purpose, disclose to that consumer:

  1. The categories of personal information that the business collected about the consumer.
  2. The categories of personal information that the business sold about the consumer and the categories of third parties to whom the personal information was sold, by category or categories of personal information for each third party to whom the personal information was sold.
  3. The categories of personal information that the business disclosed about the consumer for a business purpose.

The Right to equal service and price, even if you exercise your privacy rights


A consumer shall have the right to request that a business delete any personal information about the consumer which the business has collected from the consumer.


A business that receives a verifiable request from a consumer to delete the consumer’s personal information pursuant to subdivision (a) of this section shall delete the consumer’s personal information from its records and direct any service providers to delete the consumer’s personal information from their records.


A business or a service provider shall not be required to comply with a consumer’s request to delete the consumer’s personal information if it is necessary for the business or service provider to maintain the consumer’s personal information in order to:

  1. Complete the transaction for which the personal information was collected, provide a good or service requested by the consumer, or reasonably anticipated within the context of a business’s ongoing business relationship with the consumer, or otherwise perform a contract between the business and the consumer.
  2. Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity; or prosecute those responsible for that activity.
  3. Debug to identify and repair errors that impair existing intended functionality.
  4. Exercise free speech, ensure the right of another consumer to exercise his or her right of free speech, or exercise another right provided for by law.
  5. Comply with the California Electronic Communications Privacy Act pursuant to Chapter 3.6 (commencing with Section 1546) of Title 12 of Part 2 of the Penal Code.
  6. Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the businesses’ deletion of the information is likely to render impossible or seriously impair the achievement of such research, if the consumer has provided informed consent.
  7. Exercise free speech, ensure the right of another consumer to exercise his or her right of free speech, or exercise another right provided for by law.
  8. To enable solely internal uses that are reasonably aligned with the expectations of the consumer based on the consumer’s relationship with the business.
  9. Comply with a legal obligation.
  10. Otherwise use the consumer’s personal information, internally, in a lawful manner that is compatible with the context in which the consumer provided the information.

Right to opt-out

You may submit a request directing us not to make certain disclosures of personal information we maintain about you. For more information about the possibility of submitting an opt-out request, please refer to our Opt-out preferences page.

Financial incentives

Selling of personal data to third parties

We have not sold consumers’ personal data in the preceding 12 months

We have not disclosed consumers’ personal information for a business purpose in the preceding 12 months.

  • IP Address
  • Internet activity information, including, but not limited to, browsing history, search history, and information regarding a consumer's interaction with an Internet Web site, application, or advertisement

Virginia

Right to Data Portability

When exercising the right to Access personal data , you have the right to obtain the personal data in a portable and, to the extent technically feasible, readily usable format that allows you to transmit the data to another entity without hindrance. You may exercise this right no more than two times per calendar year.

Right to opt-out

You may submit a request directing us not to make certain disclosures of personal information we maintain about you.

Under the CDPA this concerns the following purposes:

  1. targeted advertising;
  2. the sale of personal data; or
  3. profiling in furtherance of decisions that produce legal or similarly significant effects concerning a consumer.

For more information about the possibility of submitting an opt-out request, please refer to our Opt-out preferences page.

10. Children

Our website is not designed to attract children and it is not our intent to collect personal data from children under the age of consent in their country of residence. We therefore request that children under the age of consent do not submit any personal data to us.

11. Contact details

CvilleBioHub
700 Harris St.
Charlottesville, Virginia 22903, US
United States
Website: https://cvillebiohub.org
Email: admin@cvillebiohub.org

Phone number: 434-249-5080

Annex

Plugin: Smush

Smush sends images to the WPMU DEV servers to optimize them for web use. This includes the transfer of EXIF data. The EXIF data will either be stripped or returned as it is. It is not stored on the WPMU DEV servers. Smush uses the Stackpath Content Delivery Network (CDN). Stackpath may store web log information of site visitors, including IPs, UA, referrer, Location and ISP info of site visitors for 7 days. Files and images served by the CDN may be stored and served from countries other than your own. Stackpath's privacy policy can be found here. Smush uses a third-party email service (Drip) to send informational emails to the site administrator. The administrator's email address is sent to Drip and a cookie is set by the service. Only administrator information is collected by Drip.

The Events Calendar

Disclaimer: This information is only for guidance and not to be considered as legal advice.

What personal data we collect and why we collect it

Event, Venue, and Organizer Information

If you create, submit, import, save, or publish Event, Venue, or Organizer information, such information is retained in the local database:

  1. Venue information: name, address, city, country, state, postal code, phone, website, geographical coordinates (latitude and longitude)
  2. Organizer information: name, phone, website, email
  3. Event information: website, cost, description, date, time, image

Importing Events, Venues, and Organizers:

  1. All data present within a CSV or ICS file and external URLs (for events, venues, organizers, and tickets)
  2. Import origin data (URL from where events are being imported—such as Eventbrite, MeetUp, other compatible URL sources, and more, which can include similar or same data as listed above)
  3. Eventbrite Ticket information: name, description, cost, type, quantity
Please note that to create new events through the Community Events submission form, a user must hold a website account on this domain. This information is retained in the local database. It is also possible to create events anonymously, if the site owner has this option enabled. When purchasing Eventbrite Tickets, attendee, purchaser, and order information are stored and managed by Eventbrite.

API Keys

We make use of certain APIs, in order to provide specific features.

These APIs may include the following third party services: Google Maps (API key), Meetup (OAuth token), PayPal (email, Client ID, Client Secret), Eventbrite (API key, auth URL, Client Secret), and Zoom (email, Client ID, Client Secret).

How Long You Retain this Data

All information (data) is retained in the local database indefinitely, unless otherwise deleted.

Certain data may be exported or removed upon users’ requests via the existing Exporter or Eraser. Please note, however, that several “edge cases” exist in which we are unable to perfect the gathering and export of all data for your end users. We suggest running a search in your local database, as well as within the WordPress Dashboard, in order to identify all data collected and stored for your specific user requests.

Where We Send Your Data

Modern Tribe does not send any user data outside of your website by default.