PRIVACY POLICY

Who we are

This privacy policy sets out how Assault City Roller Derby, a 501(c)(7) organization (Syracuse Roller RevolutionInc) based in Syracuse NY, uses and protects any information that you give us when you use this website as well as other information you may provide to us from time to time. If you’d like to get in touch with someone from our organization, please email our official league email: assaultcityrd [at] gmail.com

What personal data we collect and why we collect it

  • Recruitment:
    We may collect basic personal information for the purposes of recruitment via electronic or paper means. This information includes, but may not be limited to: first and last name, phone number, email address, and a quick survey for marketing purposes. (how you heard about the recruitment event, for example)
  • Ticket/Event RSVP/Merchandise Orders:
    We may collect basic personal information for the purposes of fulfilling a merchandise, ticket, or event RSVP transaction. This information includes, but may not be limited to: first and last name, phone number, email address, physical address, WFTDA insurance number, and a quick survey. Credit card information is handled by a third party (Square Inc) and NO credit card information is ever shared or saved by the league for any purpose or at anytime outside of the window of the actual transaction.
  • Analytics/Security:
    All traffic to this website is sent through a web application firewall, which may result in certain data such as IP address and browser useragent string being transmitted to an automated security service provider for the purposes of preventing abuse of our systems. All traffic to this website is subject to analysis by analytics software. For more information, see “Analytics” below.
  • Mailing Lists:
    Users that opt-in to receive email updates from the league will have the option to opt-out at any time via a “unsubscribe” link in the email footer.

Cookies

“Cookies” are text-only pieces of information that a website transfers to an individual’s hard drive or other website-browsing equipment for record-keeping purposes.

Name/type: _ga (first party, performance)
Duration: 2 years
Description: Used by Google Analytics to distinguish unique users by assigning a randomly generated number as a client identifier. It is included in each page request in a site and used to calculate visitor, session and campaign data for the sites analytics reports.

Name/type: _gat (first party, performance)
Duration: 10 minutes
Description: Used by Google Analytics, used to throttle request rate.

Name/type: _gid (first party, performance)
Duration: 24 hours
Description: Used by Google Analytics. Stores and update a unique value for each page visited.

Name/type: PHPSESSID (first party, necessary)
Duration:
Description: This is a general purpose identifier used to maintain user session variables. How it is used can be specific to the site, but a good example is maintaining a logged-in status for a user between pages.

Name/type: pum-2410 (first party, functionality)
Duration: 1 month
Description: Used to prevent site-wide popup announcement from displaying repeatedly after opt-out.

Embedded content from other websites

Our website makes use of the Facebook API to receive public data for the purposes of displaying our Facebook feed on this website. Facebook may load scripts and embed content which may track visitors. Facebook embeds are regulated under the terms of Facebook’s Privacy Policy.

Our website makes use of the Instagram API to receive public data for the purposes of displaying our Instagram feed on this website. Instagram may load scripts and embed content which may track visitors. Instagram embeds are regulated under the terms of Instagram’s Privacy Policy.

Analytics

We use a third party analytics provider called Google Analytics to provide us with general demographic and interest-level information. Google Analytics uses cookies in order to collect usage information from users that visit this site, including but not limited to: information about the pages where users enter and exit the site and what pages users view on the site, time spent, browser, operating system, and IP address. In addition, inferences are made on the Google side to correlate demographic information (age range, interests) to these site usage records. We take reasonable measures to prevent linking of information we receive from Google with any of your personally identifiable information.

For more information regarding Google’s use of cookies and collection and use of information see the Google Privacy Policy. To opt out of Google Analytics, please visit the Google Analytics Opt-Out Page to learn about opting out and installing the appropriate browser add-on.

Who we share your data with

Personally identifiable data collected is not shared with anyone outside of the league and is used for league business only. Website transactional data, such as IP addresses and site activity may be shared with third-party agents for the purposes of security and analytics.

How long we retain your data

Data collected is retained for as long as deemed necessary for the purposes of conducting league business. Periodic purging of records is performed to remove old data.

What rights you have over your data

If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase/remove any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.

How we protect your data

We employ technical and security measures like using HTTPS everywhere to protect against access to your personal data by unauthorized persons and  accidental loss, destruction and damage. We also take reasonable steps to protect personal data from external threats such as malicious software or hacking. However, there are always inherent risks in sending information by public networks or using public computers and we cannot 100% guarantee the security of all data sent to us.