Microsoft Alumni Network Privacy Statement
Version date: April 2, 2016
The Microsoft Alumni Network (“MSA”) provides a broad array of services to You as a member. As You use these services, We want You to be clear about how We’re using personal information You share with Us and the ways in which You can help protect Your privacy. Your privacy matters to MSA so whether You are new to MSA or a long-time member, please take the time to review this Privacy Statement. This Privacy Statement (“Statement”) applies to data collected by MSA through the MSA Website, as well as its offline services.
The privacy practices set forth in this Privacy Statement are for the MSA Website and other specified activities relating to the Microsoft Alumni Network only. This Website contains links to other websites. We are not responsible for the privacy practices or the content of such websites. If You link to or visit other websites managed by third parties, please review the privacy statements posted on those sites. MSA has no control over those websites and is not responsible or liable for the policies and practices followed by third parties.
YOUR USE OF OUR WEBSITE OR PROVISION OF ANY PERSONAL DATA CONSTITUTES AGREEMENT TO THIS PRIVACY STATEMENT. PLEASE DO NOT USE THE WEBSITE OR PROVIDE INFORMATION (OR ALLOW OTHERS TO DO SO ON YOUR BEHALF) IF YOU DO NOT AGREE WITH ALL OF THE TERMS AND CONDITIONS
AND THIS PRIVACY STATEMENT, AND ANY APPLICABLE SUPPLEMENTAL RELATED POLICIES.
Management of the Website and the Safe Harbor
iModules Software (“iModules”) hosts and manages the MSA Website. As MSA’s third party vendor, iModules collects and uses certain personally identifiable information that it receives in the United States from all MSA members wherever they reside in the world including, but not limited to, the European Union. iModules also shares this information with MSA.
Throughout this Privacy Statement, We will refer to this personally identifiable information as “Personal Data” and mean this term to include European Union (“EU”) or Switzerland Personal Data from users located in the EU or Switzerland, as well as, Personal Data from users located anywhere else in the world. iModules complies with the U.S.-EU Safe Harbor Framework and the U.S.-Swiss Safe Harbor Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information from European Union member countries and Switzerland. iModules has certified that it adheres to the Safe Harbor Privacy Principles of notice, choice, onward transfer, security, data integrity, access, and enforcement. To learn more about the Safe Harbor program and to view iModules' certification, please visit www.export.gov/safeharbor/.
Collection of Your Personal Data
We collect Personal Data that You actively provide to Us through the use of the MSA Website and via other methods, such as when You volunteer, sign up to receive a newsletter or request other information, when You send Us an inquiry, when You choose to make a donation, fill out a nomination form, or provide Personal Data in response to other opportunities on the Website. In connection with these activities, We may collect some Personal Data about You, including but not limited to: name, address, telephone number, company name, email address, and credit/debit card or other payment related information.
The Microsoft Alumni Network may share some Personal Data with Microsoft for the purpose of validating employment, events registration, recruiting purposes, or providing benefits to the Microsoft Alumni Network. All communications between Microsoft and the Microsoft Alumni Network is transmitted over an industry standard Secure Socket Layer (SSL).
It is always Your choice as to whether to provide Personal Data on the MSA Website. However, some of Your Personal Data must be provided to participate in certain programs or activities in which You choose to participate. Should You choose not to provide information, this could limit or eliminate certain functions of the Website or Your ability to benefit from the services You have requested.
This Website's registration form requires You to provide Your full name, address, email address, password, city, state, country, and zip code. You may also choose to provide optional details, such as maiden name, nickname, birthday, occupation, company, spouse's name, photos, or personal comments. All date of birth data values are stored in an encrypted format.
Use of Your Personal Data
The information We collect helps Us understand Your needs and interests, provide superior customer service, and continually improve Our products and services. For example, We may use Your Personal Data and aggregate information to:
- Allow You to connect with other members of the network
- Create groups and participate in groups
- Upload documents to share with other members or third-parties
- Create or participate in events
- Allow You to participate in blogs
- Invite a colleague to join MSA
- Update, amend, or delete inaccuracies in Your Personal Data
- Receive service-related emails, marketing-related emails and newsletters
- Add a photo of yourself, contact information, education history, and other personal information
- Provide information or services that You have requested
- Customize and personalize Your experience
- Monitor and measure Our website performance
- Respond to Your inquiries
- Send You webinar archives that You have requested
- Process Your donations
- Process submitted nomination forms
- Other Website operational activities related to providing the services You have requested on the Website
Please note that some of the information or content You have in Your profile or elsewhere on the MSA Website may be viewed by other members of the Website, depending on the privacy settings You have selected for this information or content. Your Personal Profile features information You may wish to share with other Website members on your Profile Page. Only people who are members of the Website can view the directory and other members' Profile Pages. The only information automatically displayed on Your Profile Page is your First Name, Last Name, state of residence and selected additional information. Additional information fields from Your Personal Profile information — including comments and other personal information You choose to share, along with any photos — will appear only if You have opted to provide those items and have also selected to have those fields in your Profile Page View. You may edit or delete any of this information at any time by accessing Your profile by clicking the "edit" link, from any profile information section.
The Website provides You with the opportunity to choose to receive email communications about this Website and the groups You are registered with, as well as emails from other members. You may opt out of receiving email communications from this community. In all email communications You receive from this community — except confirmation emails for event registrations, purchases, donations, or other payments — You will be provided an unsubscribe option to opt out of the specific email communication type. You can also modify the email types You receive at any time by going to Your account profile and changing Your opt-in status.
Sharing of Your Personal Data
We use Your Personal Data to pursue MSA’s mission and operations and to engage in the activity (and related activities) for the purposes which You have shared the information with Us. We do not share Personal Data with companies, organizations and individuals outside of MSA unless one of the following circumstances applies:
- With Your consent
We will share Personal Data such as name, address, email address, password, gender, city, state, country, and zip code with companies, organizations or individuals outside of MSA when We have Your consent to do so. Please note we do not allow clients to store any sensitive personal information relating to Social Security Numbers, Driver License Numbers, or any other government-issued identification.
- For external processing or services
We provide some Personal Data to Our affiliates or other trusted business partners or persons to process it for Us or provide services. These third-parties can only use Your Personal Data based on Our instructions and in compliance with Our Privacy Statement and any other appropriate confidentiality and security measures.
- For legal reasons
We will share some Personal Data with companies, organizations or individuals outside of MSA if We have a good faith belief that access, use, preservation or disclosure of the information is reasonably necessary to:
- meet any applicable law, regulation, legal process or enforceable governmental request
- enforce applicable Terms of Service, including investigation of potential violations
- detect, prevent, or otherwise address fraud, security or technical issues
- protect against harm to the rights, property or safety of MSA, its users or the public as required or permitted by law
We may share aggregated, non-personally identifiable information publicly and with Our partners – like publishers, advertisers or connected sites. For example, We may share information publicly to show trends about the general use of Our services.
If MSA is involved in a merger, acquisition or asset sale, We will give affected members notice before Personal Data is transferred or becomes subject to a different privacy statement policy.
Protection of Your Personal Data
Pursuant to applicable regulations, We maintain commercially reasonable measures to help protect Your Personal Data against accidental or unlawful destruction or accidental loss, alteration, unauthorized disclosure or access. Login, electronic commerce, and administrative activity is transmitted over an industry standard Secure Socket Layer (SSL). Strong passwords are required for each login, and they are stored in a salted, hashed format that cannot be read by administrators or employees. Multiple failed logins or lost login requests are challenged by reCaptcha. An administrative rights system restricts authenticated but unauthorized access to member data.
Do not divulge Your password to anyone. Also remember to sign out of Your account and close Your browser window when You have finished using the Website, particularly if You share a computer with someone else or are using a computer in a public place like a library or Internet cafe.
We restrict access to Personal Data to iModules and MSA employees, contractors and agents who need to know that information in order to process it for Us.
Unfortunately, no information security system can be 100% secure. As a result, although We strive to protect Your Personal Data, We cannot ensure or warrant the security of Your Personal Data against any possible loss or unauthorized access.
We keep Personal Data for as long as We think is necessary or advisable and We reserve the right to retain it to the full extent prohibited by law. We may discard Personal Data in Our discretion, so You should retain Your own records, and not solely rely upon Our storage of any Personal Data, donation information or other data.
Credit Card Transactions
Some features of this Website enable credit card transactions. These features are completely voluntary to members. They include the purchasing of event registrations, merchandise purchases, online donations, membership purchases, or the payment of other types of fees through the Website. This Website uses industry standard Secure Sockets Layer (SSL) servers on its transaction pages. It encrypts all Personal Data submitted in credit card transactions, including name, address, and credit card number, to prevent unauthorized access as the information travels over the Internet. MSA and iModules maintain compliance with Payment Card Industry Data Security Standards (PCI DSS) by meeting all such security requirements to help ensure commerce-based transaction data is protected.
This Website maintains compliance with the Payment Card Industry Data Security Standard (PCI DSS) and is certified compliant as a Level One Service Provider by a Qualified Security Assessor (QSA) authorized by the PCI Security Standards Council. The processes, procedures, network configuration, and overall environment of iModules, the host and manager of the MSA Website, conform to all of the security guidelines as defined in the PCI DSS standard and are annually verified by an external auditor. This Level One compliance, the highest level of PCI DSS compliance, helps ensure your e-commerce transaction data is securely protected, transmitted, and stored by iModules. As part of iModules’ policy, datacenters hosting the Encompass platform must maintain their own annual SSAE 16 audit. Upon request, iModules shall provide the current attestation of compliance for PCI DSS as well as provide a certified SSAE 16, or equivalent review, performed and completed by an external audit firm, on behalf of the datacenter used for iModules Encompass platform.
Access to and Updating Your Personal Data
Whenever You use Our services, We aim to provide You with access to Your personal information. If that information is wrong, We strive to give You ways to update it quickly or to delete it – unless We have to keep that information for legitimate business or legal purposes. You can access, correct and update Your Personal Data via the Website or by contacting Us at the contact information as described in the How to Contact Us section of this Privacy Statement.
You can ask Us to delete or deactivate Your user account, but then You will not be able to access any members-only areas of the Website. You can exercise these rights and choices by contacting Us at:
Microsoft Alumni Network
PO Box 3474
Redmond, WA 98073-3474
We may reject requests that require disproportionate technical effort (for example, developing a new system or fundamentally changing an existing practice), risk the privacy of others, or would be extremely impractical (for instance, requests concerning information residing on backup systems).
We aim to maintain Our services in a manner that protects information from accidental or malicious destruction. Because of this, after You delete information from Our services, We may not immediately delete residual copies from Our active servers and may not remove information from Our backup systems.
MSA sends out an email Newsletter and periodic emails notifying You of upcoming events, activities and other MSA related information. If You receive promotional emails from Us and would like to stop getting them in the future, You can do so by editing your communication preferences in the “Subscription Management” section on your personal profile page.
Your choice to not receive promotional emails from MSA does not apply to the receipt of mandatory service communications that are considered part of the operational elements of MSA. For example, if You signed up to attend an event and the event details have changed, MSA will send You an email with information regarding the changes to the event.
Enforcement of this Privacy Statement
Changes to this Privacy Statement
This Website has the right to make changes or additions to this Privacy Statement at any time. If those changes involve using Your Personal Data in a manner different from the prior version of the Privacy Statement, We will notify You by email. Changes that do not affect use of Personal Data will be posted to the Website. If You have questions regarding this Privacy Statement, please check this Statement periodically or contact Customer Support. We encourage You to check this Website periodically to see if any recent changes to this Privacy Statement have been made. You can also tell if this Privacy Statement has changed recently by reviewing the Effective Date posted at the beginning of this Privacy Statement.
How to Contact Us
If You have any questions about this Privacy Statement or Our privacy practices, please contact Us using the contact methods listed here:
Microsoft Alumni Network
PO Box 3474
Redmond, WA 98073-3474