The EU General Data Protection Regulation 2016/679 (“GDPR”) is designed to protect individuals’ online personal data: who holds it, what is held, and allow people more control over how their data is used. The GDPR applies across all EU nations and to any organization worldwide which holds or processes data of EU citizens.
Under GDPR regulations, the Association of Americans Resident Abroad (AARO) is classified as a “data controller,” an organization which collects and uses information of EU citizens. Therefore AARO is required to comply with this legislation.
But going beyond the requirements of GDPR, AARO wants its members and supporters to feel they are being treated respectfully, and with the utmost goal of protecting their privacy, when they share their personal data with AARO. This Data Policy has been prepared to explain how AARO collects, uses and stores the personal information of its members.
4 rue de Chevreuse
75006 Paris, France
+ 33 1 47 20 24 15
Table of Contents
- Who we are
- How we collect member information
- Information AARO collects
- Legal basis for using member information
- AARO Communications
- Sharing member Information
- Keeping member information safe
- Data retention
- Member rights
1. Who we are
The Association of Americans Resident Overseas (AARO), founded in 1973 and headquartered in Paris, is an international, non-partisan association with members in over 45 countries. It researches issues that significantly affect the lives of overseas Americans and keeps its members informed on those issues.
2. How AARO collects member information
AARO gathers necessary information in order to fulfill its mission of keeping its members informed of issues important to Americans abroad and to provide them access to services, resources and events that AARO provides.
AARO collects information directly in the following ways:
- When members and non-members contact AARO for information
- Queries about AARO activities
- Event registration
- Member registration and renewals
- Volunteer applications
Information is also gathered when members and people interested in AARO visit our website at www.aaro.org. Using analytical tools we collect general information about visitors which might include which pages you visit most often and which services, events or information are most interesting to you. We may also track which pages you visit when you click on links in emails sent by us. We also use "cookies" to help our site run effectively. There are more details below in the section 'Cookies.'
We use this information to personalize the way our website is presented when you visit, to make improvements in its operation, and to ensure we provide the best service and experience for our members and visitors to our website. Wherever possible we use anonymous information which does not identify individual visitors to our website.
3. Information AARO collects
The information AARO collects on members include name, date of birth, email address, postal address, telephone and mobile numbers, and U.S. voting district. In addition members and non-members may provide additional information when communicating with AARO.
This information is used for tasks such as:
- Process new membership and renewals, donations or payments for AARO events
- Update members about relevant issues related to AARO and its activities
- Ask members to contact their elected representatives in the United States
- Send AARO publications such as the “AARO News and Views” and the AARO newsletter
- Ask members to participate in surveys
4. Legal basis for using member information
AARO will only use your personal information to fulfill its mission to provide members with the information and services AARO offers under the GDPR’s “legitimate interest” lawful basis for using personal data.
Whenever AARO uses member information under the GDPR’s “legitimate interest,” AARO will ensure that members’ rights are taken into account and will not use that information if members’ interests and rights override the use AARO wishes to make of that data.
When you first join AARO, we will also ask for your consent to collect and use specific personal data in order to fulfill our mission.
5. AARO communication
AARO will only communicate with members who have consented to receive AARO communications and with non-members when it believes that they will be interested in AARO activities.
6. Sharing Member Information
Member data will primarily be used by AARO staff and AARO volunteers and only in the context of fulfilling AARO’s mission or an activity, event, volunteer or fundraising effort.
AARO will never sell or share your personal information with marketing organizations. Nor will AARO share data with any other organization unless AARO has a legal obligation to do so.
7. Keeping Member information safe
AARO has undertaken physical, technical and organizational procedures and policies to the protect the personal information that AARO collects.
Unfortunately, the transmission of information using the internet is not completely secure. Although we do our best to protect your personal information sent to us this way, we cannot guarantee the security of data while it is being transmitted to us.
Our website may contain links to other sites. While we try to link only to sites that share our high standards and respect for privacy, we are not responsible for the content or the privacy practices employed by other sites. Please be aware that advertisers or websites that have links on our site may collect personally identifiable information about you. This privacy statement does not cover the information practices of those websites or advertisers.
We do not collect or hold any credit or debit card information when you make a payment to us. All financial transactions passed to PayPal, our payment gateway, where they are processed securely according to the Payment Card Industry Security Standards. The only information we receive is a confirmation that the transaction has been successfully processed.
8. Data retention
AARO will only keep member data as long as is reasonable and necessary for AARO’s activities and mission.
Under GDPR individuals have the following rights concerning their personal data. The right to:
- Receive a copy of the personal information AARO has retained
- Object to AARO’s “legitimate interest” use of that data
- Ask for a correction of relevant data
- Withdraw their consent for the use of their data by AARO
- Request AARO to delete their data
A “cookie” is a small text file which is downloaded when you visit a website onto your device (such as computer, mobile phone or tablet). It is stored in the web browser application which you have used to access this website. The website and browser, using this cookie for identification, can then work together to provide you a better, personalized experience and gather information about how you use the website.
- “Strictly necessary” cookies are essential for you to move around our website and to use its essential features, such as accessing your member account.
- “Performance cookies” collect anonymous information about how you use our site, such as which pages are visited most.
- “Functionality cookies” collect anonymous information that remember choices you make to improve your own experience, such as your text size or location. They may also be used to provide services you have asked for such as watching a video or commenting on a blog.
- “Analytics cookies” are used to track the use and performance of our website and services
No Cookies, Please
However be warned that if you choose to refuse all cookies, our website may not function for you as we would like it to.