The North Central Massachusetts Chamber of Commerce and its affiliates is committed to protecting the privacy of our members’ personal information, as well as the information of visitors to our websites. This policy outlines how we store and handle information provided by members, users, customers or visitors.
This policy covers the following websites:
Designated Information Security Manager
Roy Nascimento, President and CEO of the North Central Massachusetts Chamber of Commerce and its affiliates is the designated information security officer. He is responsible for maintaining the written information security policy. The Written Information Security Program (attached hereto) is compliant with the Massachusetts data security laws and regulations – 201 CMR 17.00.
Collection of Information
The North Central Massachusetts Chamber of Commerce and its affiliates receives, collects, and may store certain types of information when users interact with our websites. It’s also important to note that your internet browser may also store, recognize, or automatically generate information you have previously submitted to the Chamber’s site or other sites. Enabling or disabling certain settings on your internet browsers may allow or disallow certain login and/or passwords to be saved to our sites. Internet “cookies” store data on your hard drive to enable our web systems to recognize you and your browser. Disabling or erasing “cookies” may not allow certain aspects of our website to function properly.
What we may see when you visit our websites:
- The internet domain and IP address from with the user accesses our websites
- The type of browser and operating system used to access our websites
- The date and time of access
- The pages visited
- If the user linked to our website from another website
The Chamber and its affiliates have many web links to outside organizations and services. The Chamber is not responsible for the privacy statements or protections and content on websites outside of the sites listed above.
Email is used by the Chamber and its affiliates as a marketing tool. By joining as a member of the Chamber, or registering for an event through our website, you may be providing the Chamber with your email. Based on your interest in that event, the Chamber may provide you with information on events, programs or other services by way of email marketing. These emails are generally sent through a service that allows you to “opt out” or “unsubscribe” from the email service. If at any time you have questions about your subscription preferences, you may call the Chamber and speak with a staff member.
Information You Provide
We receive and may store information you enter on our websites or give us in other ways. At times, we specifically ask for information about you or from you when you register for an event or services, when you order a product, or when you join the Chamber. We may require certain information – such as name, email address, billing address, credit card number, etc., – in order to provide you with that service or product. Registration and payment information may be collected and/or processed by a third-party vendor contracted by the Chamber. Any agreements with third-party vendors adhere to policies similar to this one and ensures your information is not stored, sold, or used for any purpose other than what you have elected to provide.
Please note that if you disclose personally identifiable information or personally sensitive message through public facing messages, social media comments or other non-secure platforms you do so at your own risk and peril and the Chamber is not responsible for any information shared in this manner.
Use of IP Addresses
The North Central Massachusetts Chamber of Commerce and its affiliates may use your IP address to diagnose problems with our server, administer our website, or understand user experience on our website. We will never use an IP address to personally identify users.
The Chamber and its affiliates collects information from members annually through the Chamber Verification Form process. Any information supplied – including names, addresses and websites may be made public on the Chamber’s website. Members are welcome to login and change information at any time. Email addresses will not be distributed unless consent has been received. If a user submits information through an online form containing personal information, we may use the information to respond, however the personal information will not be collected or stored.
Chamber Insurance Inc.
Clients of Chamber Insurance Inc. provide personally identifiable information – including social security numbers in order to obtain health insurance. There are two on-staff licensed insurance producers on staff, and they are the only members of the staff who receive or ask for this type of personally identifiable information. If this information is provided, or requested electronically it will be done so through a secure email only. Any printing that may include personally identifiable information for insurance clients will not be performed on shared printers. Custody of personally identifiable information is limited to our licensed insurance producers.
North Central Massachusetts Development Corporation
Clients and potential clients of the North Central Massachusetts Development Corporation provide personally identifiable information – including social security information and financial information. Any information collected is only viewed and analyzed by lending staff who are trained and aware of information security and control. The North Central Massachusetts Development Corporation follows data protection policies set forth to micro-lenders by the Economic Development Administration, Small Business Administration and the United States Department of Agriculture. Routine security audits are performed by staff, as well as independent auditors on an annual basis.
Security of Information
All information collected on our website is stored in a secure location. We retain information for the period necessary to fulfill the purposes outlined in this policy unless a longer retention period is required or permitted by applicable law or regulation. Destruction of information is performed on an office grade shredder. Checks received from customers are locked until deposited in the bank.
Sharing Personal Information
We will only share personal information for certain reasons. We may share information in order to:
- Perform services to complete payment transactions, specifically with third party payment processors we contract with;
- Comply with law or other legal obligations such as responding to subpoenas, or other requests from government agencies;
If a Breach Occurs
If the information security manager determines that personally identifiable information has occurred without authorization, they will notify the Office of Consumer Affairs and Business Regulation and the Attorney General’s Office describing the breach in detail.