Privacy Policy

Introduction
The Grand Rapids Public Museum (“Company” or “We”) respect your privacy and are committed to the protection of your privacy on this website (“Website”). Please read this Privacy Policy (“Policy”) carefully to understand our policies and practices regarding your information and how we will treat it. If you do not agree with our policies and practices, your choice is not to use our Website. By accessing or using this Website, you agree to this Policy. Your continued use of this Website after we make changes is deemed to be acceptance of those changes, so please check the Policy periodically for updates.

This Website does not collect personal information such as names and email addresses unless individuals knowingly provide that information. We will not share your personal information with any third parties unless collaborating partner contract requires. This includes name, address, financial information, and email address. All information collected in a form within the Website such as group scheduling or employment application information will not be shared with any third party.

Data Collection
Information You Provide
The Website collects personal information for ticket purchases, membership purchases and renewals, program registrations, electronic newsletters and mailings, and general inquiries. This information is used only for the intended services. For some of these services, the Website may request information about background, occupation, demographics, and interests. We are PCI compliant for credit card processing. Secure Socket Layer (SSL) technology protects your information using both server authentication and data encryption, ensuring that your data is safe and secure. We use a payment gateway for session security for all credit card transactions. All exchanges of Server IDs occur within seconds, and require no action by the consumer.

Information We Collect Automatically As You Access and Use the Website
We and our third-party service providers (including any third-party content, advertising, and analytics providers) may use a variety of technologies that automatically or passively collect certain information about your use of the Website whenever you visit or interact with the Website (“Usage Information”). Usage Information may include the browser and operating system you are using, the URL or advertisement that referred you to our Website, the search terms you entered into a search engine that led you to our Website, all of the areas within our Website that you visit, and the time of day you visit the Website, among other information. Usage Information also includes the IP address, mobile device identifier, or other unique identifier (“Device Identifier”) for any computer, mobile phone, or other device used to access the Website. A Device Identifier is a number that is automatically assigned to your device and our servers identify your device by its Device Identifier. We may use Usage Information for a variety of purposes, including enhancing or otherwise improving the Website and our services, and to target content or offers to users. The Usage Information we collect is generally non-identifying, but if we associate it with you as a specific and identifiable person, we will treat it as Personal Information.

Cookies and Local Storage
“Cookies” and local storage are pieces of information (data files) transferred to an individual’s browser on their device when the device is used to visit a site. These technologies are able to store a unique identifier for a device to allow a certain Internet site to recognize the device whenever the device is used to visit the site, and may be used for many purposes, including remembering information that will make your use of the Website more convenient.

Data Storage and Retention
Your personal data is stored by the Company on its servers, and on the servers of the cloud-based database management services the Company engages, located in the United States. The Company retains data for the duration of the customer’s relationship with the Company and for a period of time thereafter to allow members to recover accounts if they decide to reactivate such account, to analyze the data for Company’s own operations, and for historical and archiving purposes associated with Company’s history. For more information on where and how long your personal data is stored, and for more information on your rights of erasure and portability, please contact us at info@grpm.org or 616-929-1700.

Policy on Information Disclosure
This Website collects personal information to operate the Website and to deliver the services you request. This information helps us understand our audience, and that allows us to better meet the needs of Website users. We will not sell, trade, or rent personal information. We may compile aggregate statistics and provide them to third parties, but these statistics will not include information that identifies individual Website users.

We may save personal information to comply with federal and state policies, but we will not disclose this information to third parties or government agencies unless we are required to do so by state or federal law or we must act under exigent circumstances to protect the safety of our users or the public.

Data Subject Rights
This Policy is intended to provide you with information about what personal data the Company collects about you and how it is used. If you have any questions, please contact us at info@grpm.org or 616-929-1700. You can review and change your personal information by logging onto the Website and visiting your account profile page. You may also send us an email at info@grpm.org to request access to, correct or delete any personal information that you have provided to us. Additionally, “opt-out” instructions are contained in each email communication sent to you.

We cannot delete your personal information except by also deleting your user account. We may not accommodate a request to change information if we believe the change would violate any law or legal requirement or cause the information to be incorrect.

Security of Your Information
To help protect the privacy of data and personally identifiable information you transmit through use of this Website, we maintain physical, technical and administrative safeguards. We update and test our security technology on an ongoing basis. We restrict access to your personal data to those employees who need to know that information to provide benefits or services to you. In addition, we train our employees about the importance of confidentiality and maintaining the privacy and security of your information.

Revisions to the Policy
The Policy may be revised at any time. We may revise the Policy in response to changes in the law or other factors. We encourage Website users to periodically visit this page to review the most current Policy.

External Links
Our Policy applies only to your use of the Grand Rapids Public Museum Website. This Website contains links to other sites. We are not responsible for the privacy practices of these sites. Links to other sites do not imply an endorsement of the material or policies of those web sites. You should read the privacy policies of each site you visit to determine what information they may be collecting from you.

Contact Us
This Policy applies only to our online practices and does not encompass other areas of the organization. By accessing or using the Website, you agree to be bound by all terms and conditions of this Policy as posted at the time of your access or use. If you have any questions about our policies or compliance, please email info@grpm.org or write to:
Grand Rapids Public Museum
272 Pearl St NW
Grand Rapids MI 49506
616-929-1700

September 2018