General 1 — PPI

PRIVACY POLICY

Effective Date: May 25, 2018

This Privacy Notice explains how Pacific Pension & Investment Institute (“PPI”, “we” or “us”) collects and processes your personal data. Each time you use our Site the current version of the Privacy Notice will apply. Accordingly, whenever you use our Site, you should check the date of this Privacy Notice. This Privacy Notice is applicable to all Site visitors, registered users, and all other users of our Site.

By visiting www.ppi.institute, other addresses that point to our site (www.pacificpension.org, www.ppiinstitute.org, www.apowerfulperspective.org, www.ppi.community), or using our mobile application, (together the “Site”), you acknowledge that you have read and understood the processes and policies referred to in this Privacy Notice. This Notice does not apply to any other web pages or web sites.

Updates Related to the General Data Protection Regulation (GDPR)

Effective May 25, 2018, the General Data Protection Regulation applies across the European Union. Given the cross-border nature of PPI, we are currently reviewing our policies to ensure they are in compliance with the new regulation, identify any gaps and create and implement any changes required to our policies.

PPI takes the protection of your personal information seriously. In light of the new regulation, we will scrutinize all the ways we collect personal information throughout the year and implementing consent mechanisms. We will continually evaluate our agreements with the third parties who process some of your personal information to ensure they/we are GDPR compliant.

Who we are
How to contact us
How we collect personal data
Cookies and Beacons
“Do not track” signals
How we use your personal data
When we share and who can access your personal data
Selling of your personal data
Children and privacy
Security
Transfer of personal data outside of the European Economic Area (EEA) and international users
How long we store your personal data
Where we store your personal data
Your rights
Changes to this Privacy Notice
Information correction, removal, and opting out

Who we are

For the purposes of the General Data Protection Regulation 2016/679 (the “GDPR”), the Data Controller is PPI registered in California with a registered address at 465 California Street, Suite 610, San Francisco, California 94104.

How to contact us

If you have any questions or concerns about this Privacy Notice, please contact us using the contact information on our Site. Alternatively, you can contact us by phone at +1 (415) 576-1187 by sending an email to dataprotection@ppi.institute or by post to 465 California Street, Suite 610, San Francisco, California 94104.

How we collect personal data

Personal data that you give us

We may collect and process the following personal data:

Contact information
Membership information
Dues payment information
Registration information

Personal data we collect from you

With regard to each of your visits to the Site we will not automatically collect information. You are able to browse the non-password-protected public PPI website without actively providing us with your personal information. We do not collect personal information when you browse, such as your email address.

Non-personal data

We collect information that is sent to us automatically by your web browser and we may use this information to generate aggregate statistics about visitors to our Site, including, without limitation:

Browser/device type
Operating system
IP address, as well as your
Access date and time and your
Referring and exiting URLs

We may use non-personal data for various business purposes such as providing customer service, fraud prevention, market research, and improving our Site. Please check your web browser if you want to learn what information your browser sends or how to change your settings.

Cookies and Beacons

We do not place "cookies" (small data files) on the hard drive of your computer when you connect to our site.

We do not use “beacons” (also known as Internet tags, pixel tags and clear GIFs) that would allow our platforms to collect web log information. Our mass emails sent through contact management software do include beacons in the email messages in order to determine whether messages have been opened.

“Do not track” signals

We do not track Site users over time or across third-party websites in order to provide targeted advertising and therefore do not respond to Do Not Track (DNT) signals.

How we use your personal data

We will only process your personal data, including sharing it with third parties, where (1) you have provided your consent which can be withdrawn at any time, (2) the processing is necessary for the performance of a contract to which you are a party, (3) we are required by law, (4) processing is required to protect your vital interests or those of another person, or (5) processing is necessary for the purposes of our legitimate commercial interests, except where such interests are overridden by your rights and interests.

We may use personal data for the following purposes:

Personal data you give to us

We will use this personal data:

to carry out our obligations arising from your membership, or any other contract entered into between you and us and to provide you with the information, products and membership services that you request from us;
to organize events that you have purchased or registered for, and to provide you with information, and other materials, relating to the content of the event, the speakers, sponsors and other attendees;
to provide our periodic communications and publications, provided you have given your consent;
to respond to your questions and provide related membership services;
to provide you with information about other events, products and services we offer that are similar to those that you have already purchased, provided you have not opted-out of receiving that information;
to provide you, or permit selected third parties to provide you, with information about events, products or services we feel may interest you, provided you have given your consent;
to transfer your information as part of a merger or sale of the business;
to notify you about changes to our membership service; and
to ensure that content from our Site is presented most effectively for you and your computer.

Information we collect about you

We will use this personal data:

to administer our Site and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;
to improve our Site to ensure that content is presented most effectively for you and your computer;
as part of our efforts to keep our Site safe and secure;
to measure or understand the effectiveness of advertising we serve to you and others, and to deliver relevant advertising to you; and
to make suggestions and recommendations to you and other users of our Site about goods or services that may interest you or them.

Personal data we receive from other sources

We will combine this information with information you give to us and information we collect about you. We will use this information and the combined personal data for the purposes set out above (depending on the types of information we receive).

When we share and who can access your personal data

We may share your personal data for the purposes described in this Privacy Notice with:

a member of our group
partners, suppliers and sub-contractors
trusted third-party companies and individuals
in the event that we sell or buy any business or assets, in which case we will disclose your personal data to the prospective seller or buyer of such business or assets.
if PPI or substantially all of its assets are acquired by a third party, in which case personal data held by it about its customers will be one of the transferred assets.

We will only transfer your personal data to trusted third-parties who provide sufficient guarantees in respect of the technical and organizational security measures governing the processing to be carried out and who can demonstrate a commitment to compliance with those measures.

Selling your personal data

We will not sell your personal data to third parties for their use without your consent.

Children and privacy

Our Site is not directed to children under the age of 13. If you are not 13 years or older, do not use our Site. We do not knowingly collect personal data from children under the age of 13. If we learn that personal data of persons less than 13 years-of-age has been collected through our Site, we will take the appropriate steps to delete this information.

In accordance with California law, minors under the age of 18 residing in California may remove or request and obtain removal of content and information that they post on the website or app. In order to remove or to request and obtain removal of such content and information, the user must contact dataprotection@ppi.institute.

Security

Although we use security measures to help protect your personal data against loss, misuse or unauthorized disclosure, we cannot guarantee the security of information transmitted to us over the internet.

Transfer of personal data outside of the European Economic Area (“EEA”) and international users

We will not transfer personal data, relating to individuals within the European Economic Area (“EEA”), to third parties (i.e., those outside of our group), located outside of the EEA without ensuring adequate protection under European law.

Where a third party is located in a country not recognized by the EU Commission as ensuring an adequate level of protection, we will take appropriate steps, such as implementing standard contractual clauses recognized by the EU Commission, to safeguard your personal data.

We are headquartered in the United States. Your personal data may be accessed by us or transferred to us in the United States or to our affiliates, partners, merchants, or service providers who are located worldwide. If you are visiting our Site from outside the United States, be aware that your information may be transferred to, stored, and processed in the United States where our servers are located, and our central database is operated. By using our Service, you consent to any transfer of this information.

How long we store your personal data

We will store your personal data, in a form which permits us to identify you, for no longer than is necessary for the purpose for which the personal data is processed. We may retain and use your personal data as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements and rights, or if it is not technically reasonably feasible to remove it. Consistent with these requirements, we will try to delete your personal data quickly upon request.

We maintain one or more databases to store your personal data and may keep such information indefinitely.

Where we store your personal data

All information you provide to us is stored on secure servers. Any payment transactions will be encrypted using SSL technology. Unfortunately, the transmission of information via the internet is not completely secure.

The personal data that you provide to us is generally stored on servers located in the United States. If you are located in another jurisdiction, you should be aware that once your personal data is submitted through our Site, it will be transferred to our servers in the United States and that the United States currently does not have uniform data protection laws in place.

Your European Rights

You have the right to ask us not to process your personal data for marketing purposes. We will usually inform you (before collecting your personal data) if we intend to use your personal data for such purposes or if we intend to disclose your information to any third party for such purposes. You can exercise your right to prevent such processing by checking certain boxes on the forms we use to collect your personal data. You can also exercise the right by contacting us using the Contact Us section on our Site.
Under European data protection law, in certain circumstances, you have the right to:

Request access to your personal data
Request correction of your personal data
Request erasure of your personal data
Object to processing of your personal data
Request restriction of processing your personal data Request transfer of your personal data
Withdraw your consent

In addition, where you believe that PPI has not complied with its obligations under this Privacy Notice or European law, you have the right to make a complaint to an EU Data Protection Authority, such as the UK Information Commissioner’s Office.

You can exercise any of these rights by contacting us using the contact information on our Site.

Your Californian Rights

FOR RESIDENTS OF CALIFORNIA ONLY. Section 1798.83 of the California Civil Code requires select businesses to disclose policies relating to the sharing of certain categories of your personal data with third parties. If you reside in California and have provided your personal data to Company, you may request information about our disclosures of certain categories of Personal data to third parties for direct marketing purposes. Such requests must be submitted to us at one of the following addresses: dataprotection@ppi.institute.

Changes to this Privacy Notice

Any changes that we make to our Privacy Notice in the future will be posted on this page with the updated effective date and, where appropriate, notification sent to you by e-mail. Please check back frequently to see any updates or changes to this Privacy Notice.

Information correction, removal and opting out

If any of the information that we have about you is incorrect, or you wish to have information (including personal data) removed from our records, please contact us at dataprotection@ppi.institute.

Additionally, if you prefer not to receive marketing messages from us, please let us know by clicking on the unsubscribe link within any marketing message that you receive, or by sending a message to us at dataprotection@ppi.institute.