Privacy Policy
At New River Wetlands (“we,” “us,” or “our”), accessible via newriverwetlands.com (the “Website”), we are committed to upholding the highest standards of privacy and data protection. Your privacy is of paramount importance to us, and this Privacy Policy outlines how we collect, use, disclose, and safeguard your personal data in accordance with applicable law, including the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and other relevant statutes. We recognize and respect your rights and are dedicated to ensuring they are fully honored and protected.
1. Scope of Policy and Data Controller Role
This Privacy Policy applies to all personal data collected through newriverwetlands.com, whether you are accessing the Website as a visitor, subscriber, donor, partner, or any other user. For the purpose of applicable privacy legislation, New River Wetlands is the data controller of your personal information and is responsible for determining the purposes and means of processing your data.
2. Categories of Data Processed
We may collect and process the following categories of personal data:
a. Usage Data
Includes information about how you use the Website, such as your IP address, browser type, browsing patterns, session durations, pages visited, and referring URLs.
b. Account Data
Includes personal identifiers such as your name, mailing address, email address, phone number, and any account login credentials you provide when creating a profile or subscribing to our services.
c. Profile Data
Covers user preferences, records of purchases (if applicable), interaction histories, behavioral data collected from interaction with our content or tools, and other profiling details created based on your engagement with the Website.
d. Communication Data
Includes information contained in any communications sent through email, web forms, customer support requests, or other communication mechanisms, as well as records of those interactions.
e. Technical Data
Includes device identifier information, operating system, system hardware settings, browser plug-in types and versions, screen resolution, and other system configurations used to access our Website.
f. Transaction Data
Covers any payment details you may provide, including billing and delivery addresses, transaction references, and payment status, where you make purchases or donations on the Website.
g. Preference Data
Includes information about your marketing preferences, communication consents, and areas of interest based on your interactions or explicit disclosures made through forms or settings within the Website.
3. Legal Bases for Processing
We process your personal data using the following lawful bases, as defined by the GDPR:
– Consent: Where you have explicitly consented to the processing of your data, such as email subscriptions or marketing communications.
– Contract: Where processing is necessary to perform a contract or pre-contractual measures at your request (e.g., processing donations or transactions).
– Legal Obligation: Where processing is required to comply with legal mandates, such as record retention or tax reporting.
– Legitimate Interest: Where processing serves the legitimate interests of New River Wetlands, such as security improvements, Website optimization, fraud detection, and maintaining service integrity, and only where such interests are not overridden by your rights.
4. Your Rights
Subject to certain limitations under applicable law, you have the following rights with regard to your personal data:
– Right of Access: You may request access to the data we hold about you.
– Right to Rectification: You may request correction of inaccuracies in your personal data.
– Right to Erasure: You may request deletion of your personal data under certain conditions.
– Right to Restriction: You may request restriction of processing where, for example, you contest the accuracy of the data.
– Right to Data Portability: You may request to receive data you have provided in a structured, commonly used, and machine-readable format and have the right to transmit that data to another controller.
To exercise any of the above rights, please contact us at [email protected].
5. Security Measures
We have implemented appropriate technical and organizational measures to protect your personal data from unauthorized access, disclosure, alteration, and destruction. These include:
– Encryption for stored and transmitted data
– Role-based access controls
– Secure server environments and regular patching
– Regular backups
– Staff training on data protection responsibilities
All third-party service providers handling personal data on our behalf are required to implement similar security safeguards.
6. International Data Transfers
When your data is transferred outside the jurisdiction in which you reside, such as from the European Economic Area (EEA) to the United States, we implement appropriate safeguards to protect your rights. These may include the use of Standard Contractual Clauses (SCCs), compliance with adequacy decisions, or other lawful transfer mechanisms as approved under applicable law.
7. Data Retention
We retain your personal data only for as long as necessary for the purposes for which it was collected, and in compliance with legal, regulatory, and internal policy requirements.
– Usage and Technical Data: Up to 26 months
– Account and Profile Data: While your account is active and up to 6 months thereafter
– Communication Data: 2 years from last contact
– Transaction Data: 7 years for tax and audit purposes
– Preference Data: Until withdrawal of consent or settings change
Data no longer needed will be securely destroyed or anonymized.
8. Cookie Policy
Our Website uses cookies and similar technologies for essential operations, functionality enhancements, performance analytics, and personalized user experiences.
– Essential Cookies: Required for the operation of the Website, including login, security, and session management.
– Functional Cookies: Enable site customizations and saved user preferences.
– Analytics Cookies: Track Website usage and engagement metrics; used to improve performance and user experience.
– Performance Cookies: Measure the effectiveness of features and content, enabling us to optimize navigation and delivery.
9. Cookie Management and Compliance
You can manage or withdraw your cookie consents at any time via the cookie banner presented on your first visit or by accessing your browser’s privacy settings. In compliance with both GDPR and CCPA, we honor user opt-out requests and provide clear consent mechanisms prior to deploying non-essential cookies.
California residents may also use an authorized agent to manage their data preferences under the CCPA, and may opt-out of the “sale” or “sharing” of personal data, as defined by that regulation.
10. Children’s Privacy
We do not knowingly collect personal data of children under the age of 13. If you are a parent or guardian and believe that your child has provided us with personal information, you may contact us at [email protected] to request removal of that information.
11. Policy Updates
This Privacy Policy may be updated from time to time to reflect changes in regulatory requirements, technology, or our internal practices. We will take reasonable measures to notify you of any significant changes, which may include an update notice on newriverwetlands.com or direct communication where required.
12. Contact Us
If you have any questions, concerns, requests, or complaints regarding this Privacy Policy or your personal data, please contact us at:
Email: [email protected]
Website: https://www.newriverwetlands.com
We are committed to ensuring full compliance with applicable privacy laws and to addressing your privacy concerns in an accountable and timely manner.