Privacy Statement

Last Updated: May 24, 2018

Your Privacy Matters to Us

Welcome to RMA, your source for risk management products, services, and information. Because we are committed to protecting your privacy in all aspects of our business, we hope you will take the time to read this policy that explains what information we collect from you and how we use that information. By using our website, becoming a member, registering for an event, or purchasing products or services from us, you agree to be bound by this policy. Please read this policy before using the RMA website or providing any personal data to RMA. If we decide to change our privacy policy, we will post those changes on this page so that you are always aware of what information we collect and how we use it. Please check back periodically!

We may collect two types of information from you when you visit our website, become a member, register for an event, or purchase or use a product or service from us: "personally identifiable information" and "personal data."

"Personally identifiable information" is any information that can be used to identify a person such as your name, telephone number, email address, job title, and employer. "Personal data" is a broader concept than "personally identifiable information" and is defined under the European Union General Data Protection Regulation ("GDPR") to mean "any information relating to an identified or identifiable natural person." Under the GDPR, cookie strings and IP addresses are considered "personal data" because they could possibly identify a person. Thus, all "personally identifiable information" is "personal data" but not all "personal data" is personally identifiable information." The term "data" as used in this privacy policy means both "personally identifiable information" and "personal data."

Some countries consider some personal information particularly sensitive or special, such as your gender. RMA collects data regarding members' or customers' gender for statistical purposes only and only if you voluntarily provide it. RMA does not share this information with third parties for direct marketing purposes.

We are not responsible for the privacy policies of other websites or applications, and we encourage you to read all applicable terms, conditions and privacy policies when using other websites and applications.

Your data is stored on secure servers hosted by RMA or third parties in the United States.

We are the data controller for the purposes of the GDPR. Questions, comments and requests regarding this Privacy Policy and how we use your personal data are welcomed and should be addressed to webrequests@rmahq.org.

Why we collect data about you

As a member-driven professional association, we collect data for a variety of purposes to better serve you and our other members and customers. We collect data to fulfill our obligation to deliver to you products and services that you have ordered such as, for example, The RMA Journal®. We also collect data from you to operate efficiently, to improve the functionality and user experience for visitors to our website, to interact with our members and customers, and to customize content for our members and customers.

How we collect data from you

In general, we collect data from you in two ways:

(1) You provide some of this data directly to us. You will provide us with basic information when you become a member, when you register for an event, subscribe to a service, or when you report a problem. The information that you give us may include your name, nickname, job title, employer, business address, telephone number, email address, credit card information, and information about your job function and any area of specialty. For more information, please see "Account Setup" below. We depend on you to update or correct your personally identifiable information as and when necessary.

If you choose not to provide RMA with your personally identifiable information, you may still visit most of the RMA website, but you will not be able to become a member of RMA, which means that you will be unable to access "members only" content of our website, receive The RMA Journal®, attend certain RMA events or engage in certain peer-sharing activities, or otherwise take advantage of the benefits of RMA membership.

(2) We also obtain data by recording how you interact with our website and online products through the use of cookies. We may automatically collect technical information including your IP address, your log-in information, screen resolution details, browser type and version, time zone setting, mobile and network information, browser plus-in types and versions, operating systems, platform, and information about your geographic location. Your IP address also is used to gather broad demographic information that does not personally identify you. In addition, we may collect information about your visit, including the full URL clickstream to, through and from our on-line and digital products; pages that you viewed or searched for; page response times; download errors; length of visits to certain pages; page interaction information such as scrolling, clicks and "mouse overs"; methods used to browse away from the page; and any phone number used to call our customer service number. This data is used to customize our website content and advertising in an effort to provide a better experience for our users.

Cookies

Most websites you visit will use cookies in order to improve your user experience by enabling that website to 'remember' you. The RMA website uses "cookies," which are small pieces of information that are stored by your browser on your computer's hard drive or mobile device by a website's server. Each cookie is unique to your web browser. Our cookies do not contain any personally identifiable information, but they do enable us to provide a shopping cart and to store your shipping and billing information between visits. If you've set your browser to reject cookies, you can still use our site, but will not be able to purchase items.

For additional information on RMA's use of cookies, please see our cookie policy.

How we use your data and share it with others

In general, we use your personally identifiable information and other data to support your membership in RMA, enhance member engagement, and to administer and manage our website and products and services to improve your experience and to provide you with relevant information.

We use your personally identifiable information and data for the following purposes as applicable:

  • To determine your eligibility to become a member of RMA and to enroll you as a member of RMA;
  • To administer and provide you with the benefits of RMA membership such as access to The RMA Journal®, the RMA Xchange, and RMA's e-newsletters;
  • To provide membership directories for RMA and its Chapters and any Councils, Committees or working groups on which you may serve;
  • To register you for a conference, round table, forum, training course, or other event or meeting;
  • To provide you with the products or services that you have requested that RMA deliver;
  • To process your payment for RMA membership, products and services;
  • To furnish you with information about future RMA events, products and services;
  • To communicate with you and to respond to any questions that you have raised with us;
  • We may use your personally identifiable information to create aggregated, anonymized data records, by removing information that makes the data personally identifiable to you, to perform statistical and trend analysis;
  • We may use other data to help diagnose problems with our server, to administer our website, to analyze data for statistics and trends, and to improve our products and services.

RMA is a member-driven organization that conducts a wide array of peer-sharing, networking and training events intended to facilitate RMA's mission, which is the advancement of sound risk management principles. You agree that we may share your information with the following persons in furtherance of our mission:

  • If you are an Associate Member, we may share your information with other RMA Associate members through our online membership roster, and if you are a Professional Member, we may share your information with other RMA members generally through our online Professional Membership Directory;
  • Third parties which provide services to you on behalf of RMA (for example, the publisher of The RMA Journal). These third parties are prohibited from selling, distributing or otherwise using RMA's membership lists;
  • The provider of our customer management platform;
  • Third party vendors or sponsors of RMA events that you register to attend. We provide lists of attendees generally two weeks before and after an event. If you are a citizen or resident of the European Union, you have the option to opt-out of sharing this information when you register for these events.
  • Other attendees of RMA events such as round tables, conferences, and training courses;
  • RMA's Chapters, which are independent legal entities;
  • Members of RMA Councils, committees, and working groups;
  • We may also share statistical or aggregated non-personally identifiable information about our users, sales, traffic patterns, and related website information with advertisers, business partners, sponsors, and other third parties; but these statistics will not include any personally identifiable information. Put simply, we will not tell our business partners that you bought a particular book, but we may tell them how many customers in certain demographic groups bought certain books.

Account setup

To register for an event or order a product or service from us, you must set up an account. Setting up an account requires you to provide your email address. Our system automatically assigns a password (your "Account Information"), which you can then personalize. When you order from us, we also ask for your name, shipping address, telephone number, and your credit card number, billing address, and expiration date (collectively, "Order Information"). Your Order Information is necessary for us to process your order and to notify you of your order status. We may use your Account Information and Order Information to occasionally notify you about important changes to the website, new RMA features, or special RMA offers you may find of interest. If you would rather not receive this information, visit the Your Account page to change your preferences. At any time, you always have the ability to change your preferences. (Whenever you decide to change your preferences, please make sure to change your preferences for each account or email address you have provided us.)

Data correction and ownership

Any personally identifiable information you submit to us while using our website or one of our products or services belongs to you.

You have the right to access, correct, or restrict our processing of your personally identifiable information. We may request specific information from you to help confirm your identity in order to ensure your right to access your personally identifiable information; this is an appropriate security measure to ensure that your personally identifiable information is not disclosed to any person who has no right to receive it.

You may remove your personally identifiable information at any time by asking us to delete your Account Information, but where such information is necessary to provide a product or service, your use of that product or service may be restricted as a result. If you ask us to delete your Account Information, we will make commercially reasonable efforts to remove all of your personally identifiable information from our servers. Despite such efforts, portions of your personally identifiable information may remain on our backup servers indefinitely.

Any information you submit that can identify you personally on our blog or the RMA Xchange can be viewed and used by other users of those serveries and could be used to send unsolicited messages to you. RMA is not responsible for your disclosure of this information in these forums.

Protecting Your Information

How we protect your data

Our website has security measures in place to protect the loss, misuse, and alteration of the information under our control. When you place orders or access your Account Information, we use a secure server. The secure server layer (SSL) encrypts all information you input before it is sent to us. All of the customer data we collect is similarly protected against unauthorized access.

Except as provided above under "How we use your data and share it with others," RMA will not share your data with third parties unless you have consented to the disclosure or the disclosure is necessary to (1) comply with the law or with legal process, (2) protect and defend our rights and property, (3) protect our customers or users from misuse or unauthorized use of the RMA website, or (4) protect the personal safety or property of our customers or the public.

Links to other websites

The RMA website contains links to other sites, operated by third parties, that we think may be of interest to you. RMA encourages third parties to follow appropriate privacy standards and policies, but is not responsible for the actions of those parties, the content of their websites, or any products or services they may offer.

Children's privacy online

We do not monitor the age of our user audience. However, if you are under age 13, you should not submit personally identifiable information to RMA without the consent of your parent or guardian. If you are a parent and want to limit your children's access to material you believe may be harmful to them, you may want to look into commercially available hardware, software, and filtering devices.

How to contact us

RMA welcomes your questions and comments about privacy. Please send email to webrequests@rmahq.org. You can also contact us at RMA Customer Care, 1801 Market Street, Suite 300, Philadelphia, PA 19103.