Privacy Policy

Privacy Policy for VA.org

At va.org (“we”; “us”; “our”), the privacy of our visitors is of extreme importance. This Privacy Policy (“Policy”) will help you understand how we collect and use personal information from those who visit our website or make use of online facilities and services, and what we will and will not do with the information we collect. Our Policy has been designed and created to ensure those affiliated with us of our commitment and realization of our obligation to meet the most existing privacy standards.

We reserve the rights to make changes to this Policy at any given time. If you want to make sure that you are up to date with the latest changes, we advise you to frequently visit this page.  If at any time we decide to make use of any personally identifiable information on file, in a manner vastly different from that which was stated when this information was initially collected, the user or users shall be promptly notified by email. Users at that time shall have the option as to whether to permit the use of their information in this separate manner.

Please note that this Policy does not govern the collection and use of information by companies that va.org does not control, nor by individuals not employed or managed by us. If you visit a website that we mention or link to, be sure to review its privacy policy before providing the site with information. It is highly recommended and suggested that you review the privacy policies and statements of any website you choose to use or frequent to better understand the way in which websites garner, make use of, and share the information collected.

Specifically this Policy will inform you of the following:

1. What personally identifiable information is collected from you through our website?
2. Why we collect personally identifiable information and the basis for such collection?
3. How we use the collected information and with whom it may be shared?
4. What choices are available to you regarding the use of your data; and
5. The security procedures in place to protect the misuse of your information.

Information We Collect

It is always up to you whether to disclose personally identifiable information to us, although if you elect not to do so, we reserve the right to not register you as a user or provide you with any products or services. This website collects various types of information such as:

• Voluntarily provided information which may include your name, address, email address, billing and/or credit card information etc. which may be used when you avail our products/services and to deliver services you have requested.
• Like may other websites, va.org use of log files. The information inside the log files includes internet protocol (IP) addresses, type of browser, Internet Service Provider(ISP), date/time stamp, referring/exit pages, and the number of clicks to analyze trends, administer the site, track users movement around the site, and gather demographic information. IP addresses and other such information are not linked to any information that is personally identifiable.

• Information automatically collected when visiting our websites, which may include use of cookies and web beacons to store information about your preferences, record your specific information related to pagesyou accessed or visited, customize webpage page content based on your browser type or other information that you send via your browser.

 

• DoubleClick DART Cookie
• Google, as a third-party vendor, makes use of cookies to serve ads on va.org.
• Google’s use of the DART cookie enables it to serve ads to our users based on their visit to va.org and other sites on the Internet.
• Users may opt out of the use of the DART cookie by visiting the Google ad and content network privacy policy at the following URL – https://www.google.com/privacy_ads.html
• Some of our advertising partners may use cookies and web beacons on our site. Our advertising partners include – Google Adsense. These third-party ad servers or ad networks use technology to the advertisements and links that appear on va.org sent directly to your browsers. They automatically receive your IP address when this occurs. Other technologies (such as cookies, JavaScript, or Web Beacons) may also be used by the third-party ad networks to measure the effectiveness of their advertisements and/or to personalize the advertising content that you see.
• VA.org has no access to or control over these cookies that are used by third-party advertisers. You should consult the respective privacy policies of these third-party ad servers for more detailed information on their practices as well as for instructions on how to opt-out of certain practices. VA.org’s privacy policy does not apply to, and we cannot control the activities of, such other advertisers or websites.
• If you wish to disable cookies, you may do so through your individual browser options. More detailed information about cookie management with specific web browsers can be found at the browsers’ respective websites.

 

Please rest assured that this site will only collect personal information that you knowingly and willingly provide to us by way of  filling different forms on the website. It is the intent of this site to use personal information only for the purpose for which it was requested, and any additional uses specifically provided for on this Policy.

Why We Collect Information, How we use information collected, and For How Long

We are collecting your data for several reasons:

• To better understand your needs and provide you with the services you have requested;
• To fulfill your legitimate interests in improving our services and products;
• To send you promotional emails containing information that we think you may like when we have your consent to do so;
• To conduct market research when we have your consent to do;
• To customize our website according to your online behavior and personal preference.

The data that we collect from you will be stored. Due to regulatory and information retention requirements, we do not delete your information when you deactivate your account. We will disable your account and cease sending any communications.

Disclosure of Information

va.org may not use or disclose the information provided by you except under the following circumstances:

• as necessary to provide the services to you;
• in other ways described in this Policy or to which you have otherwise consented
• to third parties like our affiliate partners
• as required by law, or in response to a subpoena or search warrant
• as necessary to enforce the Terms of Service
• as necessary to maintain, safeguard and preserve all the rights and property of VA.org

 

Non-Marketing Purposes

VA.org greatly respect your privacy. We do maintain and reserve the right to contact you if needed for non-marketing purposes (such as bug alerts, security breaches, account issues, and/or changes to our products and services). In certain circumstances, we may use our website to post a notice.

Children under the age of 13

va.org’s website is not directed to and does not knowingly collect personal identifiable information from children under the age if thirteen (13). If it is determined that such information has been inadvertently collected of anyone under the  age of thirteen (13), we shall immediately take the necessary steps to ensure that such information is deleted from our system’s database. Anyone under the age of thirteen (13) must seek and obtain parent or guardian permission to use this website.

Unsubscribe or Opt-Out

All users and visitors to our website have the option to discontinue or unsubscribe from our website by sending an email at dpo@va.org. If you wish to unsubscribe or opt-out from any third-party websites, you must go to that specific website to unsubscribe or opt-out. We will continue to adhere to this Policy with respect to any personal information previously collected.

Links to Other Websites

Our website does contain links to other third-party websites. Va.org does not claim nor accept responsibility for any privacy, practices and/or procedures of such other websites. Therefore, we encourage all users and visitors to be aware when they leave our website and to read the privacy statements of every website that collects personally identifiable information. This Policy applies only and solely to the information collected by our website.

Security

va.org takes precautions to protect your information. When we submit sensitive information via the website, your information is protected both inline and offline. Whenever we collect sensitive information (e.g. credit card information), that information is encrypted and transmitted to us in a secure way. You can verify this by looking for a lock icon in the address bar and looking for “https” at the beginning of the address of the webpage.

While we use encryption to protect sensitive information transmitted online,  we also protect your information offline. Only employees who need the information to perform the specific job are granted access to the personally identifiable information. The computers and servers in which we store personally identifiable information are kept in a secure environment. This is all done to prevent any loss, misuse, unauthorized access, disclosure or modification of the user’s personal information under our control.

The company also uses Secure Socket Layer (SSL) for authentication and private communication to build user’s trust and confidence in the internet and website use by providing simple and secure access and communication of credit card and personal information.

 

Acceptance of Terms

By using this website, you are hereby accepting the terms and conditions stipulated within this Policy and Terms of Service. If you are not in agreement with our terms and conditions, then you should refrain from further use of our site. In addition, your continued use of our website following the posting of any updates or changes to our terms and conditions shall mean that you agree and acceptance of such changes.

 

How to Contact Us?

If you require any more information or have any questions about our privacy policy, please feel free to contact us by email at dpo@va.org

Changes to the Policy

We reserve the right to amend this Policy at our discretion and at any time. If we make changes to this Policy, we will immediately post the updated notice on our website and update the Policy’s effective date. Any such changes will be effective immediately upon being posted unless otherwise stated in the change. Your continued use of our website following the posting of changes constitutes your acceptance of such changes.

Effective Date:

This Policy is Effective as of March 30, 2021.

Notice to EU/EEA  Users

va.org’s operations are located primarily in the United States. If you provide information to us, the information will be transferred out of the European Union (EU) and sent to the United States. (The adequacy decision on the EU-US Privacy became operational on August 1, 2016. This framework protects the fundamental rights of anyone in the EU whose personal data is transferred to the United States for commercial purposes. It allows the free transfer of data to companies that certified in the US under the Privacy Shield). By providing personal information to us, you are consenting to its storage and use as described in this Policy. We collect and process information about you only where we have a legal basis for doing so under applicable EU laws, including General Data Protection Regulation (GDPR). The legal is dependent on the services you use and how you use them. This means we collect and use your information only where:

• It is necessary for the performance of a contract, such as to provide you with the services you requested, including to operate the services, provide customer support and protecting the safety and security of the services, including all processing necessary for the performance of our contract(s) with you;
• It satisfies a legitimate interest that is not outweighed by your data protection rights and interests, such as to market or promote our services, and to protect our legal rights and interests;
• You give us consent to do so for a specific purpose; or
• We need to process your data to comply with a legal obligation.

All of our information, including the data we collect about you, described in this notice is stored in the United States of America.

Data Protection Officer

Our Data Protection Officer can be reached at dpo@va.org

Your Rights as Data Subject

Under certain circumstances, you have rights under data protection laws in relation to your personal data. You have the right to:

• Request access to your personal data
• Request correction to your personal data
• Request erasure of your personal data
• Object to processing of your personal data
• Request restriction of processing of your personal data
• Request to transfer of your personal data
• Request to withdraw consent

 

If you wish to exercise any of the rights set out above, please contact us at dpo@va.org

No Fee Usually Required

You will not have to pay a fee to access your personal data (or exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.

What We May Need From You

We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.

Time Limit to Respond

We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated

Privacy Notice for California Residents

This section applies to all visitors, users and others who reside in the State of California (“consumers” or “you”). We adopt this notice to comply with the California Consumer Privacy Act if 2018 (CCPA) and any terms defined in the CCPA have the same meaning when used in this notice.

Information We Collect

Our Website collects information that identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or device (“personal information”). We have collected the following categories of personal information from its consumers within the last twelve (12) months:

Category	Examples	Collected
A. Identifiers	A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, Social Security number, driver’s license number, passport number, or other similar identifiers.	Yes
B.Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)).	A signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information. Some personal information included in this category may overlap with other categories.	No
C.Protected classification characteristics under California or federal law.	Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information).	Yes
D. Commercial information.	Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.	No
E.Biometric information.	Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as, fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data.	No
F.Internet or other similar network activity.	Browsing history, search history, information on a consumer’s interaction with a website, application, or advertisement.	Yes
G. Geolocation data.	Physical location or movements.	No
H.Sensory data.	Audio, electronic, visual, thermal, olfactory, or similar information.	No
I.Professional or employment-related information	Current or past job history or performance evaluation	No
J.Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)).	Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records.	No
K. Inferences drawn from other personal information.	Profile reflecting a person’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.	No

Personal Information does not include:

• Publicly available information from government records.
• Deidentified or aggregated consumer information.
• Information excluded from the CCPA’s scope, like:
• health or medical information covered by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the California Confidentiality of Medical Information Act (CMIA) or clinical trial data;
• personal information covered by certain sector-specific privacy laws, including the Fair Credit Reporting Act (FRCA), the Gramm-Leach-Bliley Act (GLBA) or California Financial Information Privacy Act (FIPA), and the Driver’s Privacy Protection Act of 1994.

We obtain the categories of personal information listed above from the following categories of sources:

• Directly from you when you provide it to us;
• Automatically as you use our services. Automatically collected information may include usage details, IP addresses, and information collected through cookies, web beacons, and other tracking technologies; and
• From third parties, such as our business partners

Use of Personal Information

We may use, sell, or disclose the personal information we collect for one or more of the following business purposes:

• To fulfill or meet the reason you provided the information. For example, if you share your name and contact information to request a price quote or ask a question about products or services from one of our partners, we will provide the partner that personal information to respond to your inquiry.
• To provide, support, personalize, and develop our Website, products, and services.
• To create, maintain, customize, and secure your account with us.
• To process your requests.
• To provide you with support and to respond to your inquiries, including to investigate and address your concerns and monitor and improve our responses.
• To personalize your Website experience and to deliver content and product and service offerings relevant to your interests, including targeted offers and ads through our Website, third-party sites, and via email or text message (with your consent, where required by law).
• To help maintain the safety, security, and integrity of our Website, products and services, databases and other technology assets, and business.
• For testing, research, analysis, and product development, including to develop and improve our Website, products, and services.
• To respond to law enforcement requests and as required by applicable law, court order, or governmental regulations.
• As described to you when collecting your personal information or as otherwise set forth in the CCPA.
• To evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which personal information held by us about our Website users is among the assets transferred.

We will not collect additional categories of personal information or use the personal information we collected for materially different, unrelated, or incompatible purposes without providing you notice. 

Sharing your personal information

We may disclose your personal information to a third party for a business purpose, or sell your personal information, subject to your right to opt-out of those sales. When we disclose personal information for a business purpose, we enter a contract that describes the purpose and requires the recipient to both keep that personal information confidential and not use it for any purpose except performing the contract. The CCPA prohibits third parties who purchase the personal information we hold from reselling it unless you have received explicit notice and an opportunity to opt-out of further sales.

We share your personal information with the following categories of third parties:

• Service providers.
• Data aggregators.
• Third parties who you have consented to.

Disclosures of Personal Information for a Business Purpose

In the preceding twelve (12) months, we have disclosed the following categories of personal information for a business purpose:

• Category A: Identifiers
• Category C: Protected classification characteristics under California or federal law
• Category F: Internet or other similar network activity

We disclose your personal information for a business purpose to the following categories of third parties:

• Service providers; and
• Third Party (Data Aggregators)

Sales of Personal Information

In the preceding twelve (12) months, we have sold the following categories of personal information:

• Category A: Identifiers
• Category C: Protected classification characteristics under California or federal law
• Category F: Internet or other similar network activity

We sell your personal information to our Business Partners, and as provided for in this Privacy Notice.

Your Rights and Choices

The CCPA provides consumers (California residents) with specific rights regarding their personal information. This section describes your CCPA rights and explains how to exercise those rights.

Access to Specific Information and Data Portability Rights

Once we receive and confirm your verifiable request, we will disclose to you:

• The categories of personal information we collected about you.
• The categories of sources for the personal information we collected about you.
• Our business or commercial purpose for collecting or selling that personal information.
• The categories of third parties with whom we share that personal information.
• The specific pieces of personal information we collected about you
• If we sold or disclosed your personal information for a business purpose:
  • sales, identifying the personal information categories that each category of recipient purchased; and
  • disclosures for a business purpose, identifying the personal information categories that each category of recipient obtained.

Deletion Request Rights

You have the right to request that we delete from our records any of the personal information that we collect and retain, subject to certain exceptions. Once we receive and confirm your verifiable request, we will delete your personal information from our records, unless an exception applies

Why We May Deny Your Request

We may deny your deletion request if retaining the information is necessary for us or our service provider(s) to:

1. Complete the transaction for which we collected the personal information.
2. Provide you with notices about your account, including expiration and renewal notices.
3. Carry out our obligations and enforce our rights arising from any contracts entered into between you and us.
4. Fulfill any other purpose for which you provided it.
5. Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities.
6. Debug products to identify and repair errors that impair existing intended functionality.
7. Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law.
8. Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 et. seq.).
9. Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information’s deletion may likely render impossible or seriously impair the research’s achievement, if you previously provided informed consent.
10. Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us.
11. Comply with a legal obligation and any relevant laws, regulations, ordinances, rules, directives, or statutes.
12. Make other internal and lawful uses of that information that are compatible with the context in which you provided it.

Exercising Access, Data Portability, and Deletion Rights

To exercise the access, data portability, and deletion rights described above, please submit a verifiable consumer request by emailing your request to dpo@va.org

What We May Need From You

We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.

Only you, or a person registered with the California Secretary of State that you authorize to act on your behalf, may make a verifiable consumer request related to your personal information. You may also make a verifiable consumer request on behalf of your minor child.

You may only make a verifiable consumer request for access or data portability twice within a 12-month period. The verifiable consumer request must:

• Provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative.
• Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.

We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you.

Making a verifiable consumer request does not require you to create an account with us. We will only use personal information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request.

Response Timing and Format

We endeavor to respond to a verifiable consumer request within forty-five (45) days of its receipt. If we require more time (up to 90 additional days), we will inform you of the reason and extension period in writing.

If you have an account with us, we will deliver our written response to that account. If you do not have an account with us, we will deliver our written response by mail or electronically, at your option.

Any disclosures we provide will only cover the 12-month period preceding the verifiable consumer request’s receipt. The response we provide will also explain the reasons we cannot comply with a request, if applicable. For data portability requests, we will select a format to provide your personal information that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance.

Fees

We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.

Personal Information Sales Opt-Out and Opt-In Rights

If you are 16 years of age or older, you have the right to direct us to not sell your personal information at any time (the “right to opt-out”). We do not sell the personal information of consumers we actually know are less than 16 years of age, unless we receive affirmative authorization (the “right to opt-in”) from either the consumer who is between 13 and 16 years of age, or the parent or guardian of a consumer less than 13 years of age. Consumers who opt-in to personal information sales may opt-out of future sales at any time.

To exercise the right to opt-out, you (or your authorized representative) may submit a request to us by sending out an optout request with subject “Opt-out Request” to our email dpo@va.org .

Once you make an opt-out request, we will wait at least twelve (12) months before asking you to reauthorize personal information sales. However, you may change your mind and opt back into personal information sales at any time by emailing your request to dpo@va.org

You do not need to create an account with us to exercise your opt-out rights. We will only use personal information provided in an opt-out request to review and comply with the request.

Non-Discrimination

We will not discriminate against you for exercising any of your CCPA rights. Unless permitted by the CCPA, we will not:

• Deny you goods or services;
• Charge you, or suggest you may be charged, for services;
• Impose penalties;
• Provide you a different level or quality of services.

Other California Privacy Rights

California’s “Shine the Light” law (Civil Code Section § 1798.83) permits users of our Website that are California residents to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes. To make such a request, please email your request to dpo@va.org

Contact Information

If you have any questions or comments about this notice, the ways in which we collect and use your information, your choices and rights regarding such use, or wish to exercise your rights under California law, please do not hesitate to contact us.

• Email: Email your request to dpo@va.org

Changes to Privacy Notice

We reserve the right to amend this privacy notice at our discretion and at any time. If we make changes to this Privacy Notice, we will immediately post the updated notice on our website and update the notice’s effective date. Any such changes will be effective immediately upon being posted, unless otherwise stated in the change. Your continued use of our website following the posting of changes constitutes your acceptance of such changes.

Effective date

This Privacy Notice is effective as of March 30, 2021