This Privacy and Security Policy is provided for the benefit of customers and clients of the Illinois Public Risk Fund (“IPRF”) as well as other consumers and parties who seek information from or about IPRF and/or its website(s), particularly IPRF.com (“Website” or “IPRF.com”) (collectively, “IPRF”).
1. OPENING STATEMENTS
1.2 Our Commitment to Privacy. At IPRF, we respect the privacy and the confidentiality of our customers’ information, particularly our customers’ PII (also commonly referred to as personally identifiable information) (“PII”). We are committed to keeping confidential the PII you share with us. This Privacy and Security Policy explains how IPRF collects, uses, discloses and protects the information we obtain.
1.3 Applicability of Privacy and Security Policy. Our Privacy and Security Policy applies to all individuals and entities from whom or for the benefit of whom we receive PII, whether it be collected through our websites; traditional mailing and/or faxing channels; telephone or electronic communications; from some other medium; and/or from our clients.
1.4 Website Not Directed to Minors. An individual must be aged sixteen (16) or over to create an account through the Website. As such, the Website is not directed toward children or minors.
2. PERSONAL INFORMATION COLLECTED AND HOW IT IS USED
2.1 Personally Identifiable Information or PII is any information that would, by itself or in combination, identify you or tend to identify you as a particular individual or entity. This PII may include, but not be limited to, your name, your address, credit card number, bank account information, and/or personal identification number (such as a social security number or driver’s license number).
2.1.1 PII does not include any public information that is readily attainable through federal, state or local public record distribution channels.
2.1.2 PII does not include any information that, by itself or in combination, could not identify you as a particular individual or entity.
2.1.3 PII also does not include raw data that becomes aggregated for statistical purposes and cannot, thereafter, be identified with you as a unique individual or entity.
2.1.4 IPRF does consider your Internet Protocol (“IP”) address to be PII and will treat it as such.
2.2 Information Collected
2.2.1 IPRF collects information that is considered PII and other information that, by itself, would not be considered personally identifiable information (“Non-PII”).
2.2.2 When you create an account and register for any of our IPRF Services (whether through a Website or other portal), we collect information submitted by you including, but not limited to, your username, your full name, IPRF name (if applicable), school name, physical address, email address, telephone number, zip code, and any additional information provided by the account holder that could identify that account holder. We use this information to identify our customers and send notifications related to the use of our IPRF Services. We reserve the right to request additional information from you.
2.2.3 IPRF may also collect information to one or more of your financial accounts for purposes of processing payments to provide you with IPRF Services. This information may likely contain both PII and Non-PII.
2.3 Collecting and Using Personally Identifiable Information
2.3.1 IPRF will explain how it intends to use PII either before it collects the information (such as in this Privacy and Security Policy) or contemporaneously with the solicitation of such information. Exceptions may exist where the intended use is obvious to a reasonable person.
2.3.2 We will use the PII collected only for the purposes explained to you. Further, we limit the collection of PII to only that information which is necessary for the purposes explained to you.
2.3.3 We use the PII collected and/or received about you in connection with our Website, Website Services, IPRF Services, and their various features. We also use information collected and/or received about you in connection with other users. For example, we may use the information we receive about you
(a) as part of our efforts to keep IPRF safe and secure;
(b) to provide IPRF Services;
(c) to make suggestions to you and other users on IPRF; and
(d) to provide support. Additionally, we may use aggregated information derived from PII to improve the IPRF Services and any related matters thereto. Granting us this permission, by submitting PII and other data, not only allows us to provide IPRF as it exists today, but it also allows us to provide you with innovative features and services we develop in the future that use the PII we receive about you in new ways.
2.3.4 Your submission of PII and other data on this website represents your granting of permission to share that information with IPRF, IPRF staff, IPRF’s strategic partners, and/or association administrators in the normal course of providing IPRF Services. At the same time, you continue to own, and always own, all of your PII. Your trust is important to us, which is why we do not share PII we receive about you with others unless we have:
(a) received your permission;
(b) given you notice, such as by telling you about it in this policy; or
(c) removed your name and any other PII from it.
By submitting your PII and other data using this service, you acknowledge that Event Managers, Event Staff, or league or association administrators using IPRF Services may contact you using those methods. Managers may share with the public, or request that IPRF share with the public, data that you provide on this website. That data could include, but is not limited to, the public posting of Event schedules or results of Events, which may contain the information described in Section 2.3.7 below.
2.3.5 Unless we are required to do so by law, we shall not obtain your consent before collecting PII about you from other parties. Rather, IPRF shall presume that you have previously provided such consent to any such third party from whom IPRF obtains such information.
2.3.6 In the normal course of its business operations, IPRF restricts the use of and access to your PII to IPRF’s personnel and its strategic partners.
2.3.7 We shall not sell your PII in the normal course of business operations. Should all or any part of IPRF’s business operations be sold, this paragraph shall not restrict the transfer of your PII as part of the Website sold to a third party.
2.3.8 IPRF will not use information submitted about Members or their employees to build a profile about them for the purposes of targeting them with advertisements.
2.3.9 We may also use the PII you provide in registering with and using IPRF to inform you by electronic mail, phone, text or other communication method of additional products and services about which you might be interested, which may include our periodic e-newsletters and other promotional communications from IPRF.
2.4 Disclosing Personal Information
2.4.1 We do not share with others PII we obtain from your use of our IPRF Services, except as described in this Privacy and Security Policy and the Terms and Conditions.
2.4.2 IPRF may use PII in the normal course of providing the IPRF Services; to operate or improve the Website and/or IPRF Services; to outsource certain services to strategic partners; to complete a transaction that has been requested; to develop aggregate information; and/or as otherwise disclosed to you.
2.4.3 IPRF may provide PII to other persons where
(a) we have your consent;
(b) the disclosure is necessary to complete a transaction requested;
(c) we have obtained information from a third party;
(d) we are required or permitted to do so by law;
(f) the terms of this Privacy and Security Policy and/or the Terms and Conditions otherwise permit and/or provide for such disclosure.
2.4.4 Strategic Partners. IPRF may employ, engage or retain certain trusted third parties (“strategic partners”) to perform functions and/or provide services on its behalf. IPRF will share PII with these strategic partners only to the extent necessary to perform the functions and/or provide the services for which they have been employed, engaged or retained.
2.4.5 Business Transfers. IPRF reserves the right to sell, transfer or otherwise share stored PII in connection with a sale of assets; a merger, acquisition, or reorganization; or filing for bankruptcy. You will have the opportunity to opt out of any such transfer if the planned processing of your information by the purchaser differs materially from that set forth in this Privacy and Security Policy.
2.4.6 Legal Compliance. IPRF may disclose any information about you and/or Content created by you to government or law enforcement officials or private parties as we, in our sole discretion, believe necessary or appropriate to:
(1) comply with an order from a court of competent jurisdiction, regulatory agency, and/or other governmental authority;
(2) respond to claims, court orders, or other legal process (including subpoenas);
(3) to enforce the terms of this and other IPRF agreements as well as to protect the property and rights of IPRF, its strategic partners or other third parties;
4) to protect, in IPRF’s sole discretion, the public or any person from harm;
(5) to investigate, prevent, stop, or take other action regarding any action perceived to be fraudulent, illegal, unethical, or legally actionable in IPRF’s sole discretion; or, generally,
(6) to comply with the law.
2.4.7 Notice. Unless restricted from doing so, IPRF will attempt to notify you before it releases any of your PII or Content pursuant to (1) and (2) in Paragraph
2.4.6 only. In such cases, IPRF will also provide you with general information on how you may seek to block such a release of information and/or direct you to resources that can provide such general information. The provision of such general information to you is not and should not be construed as providing you with legal advice. Additionally, IPRF is under no other obligation to assist you in challenging or opposing a release of your information.
2.5 Non-Personally Identifiable Information. In addition to collecting PII as previously described, IPRF also collects other non-PII. Non-PII collected by IPRF may be utilized without restriction. Although non-PII can be used in a number of ways, you can be assured that the use of the non-PII cannot identify you as a particular individual. Because non-PII cannot be used to identify you, IPRF may in its discretion provide non-PII to other persons or entities.
2.6 Information Obtained from Use of IPRF’s Websites
2.6.1 We do not share with others information we obtain from your use of our IPRF’s Websites, except as described in this Privacy and Security Policy and the Terms and Conditions.
2.6.2 Cookies. Cookies can be defined as bits of data stored on your computer that allow websites to identify your browser and session. Most web browsers automatically accept and collect cookies. However, most browsers also allow you to configure them to accept all cookies, reject all cookies, or notify you when a cookie is set. Depending upon your web browser’s security settings, you may have the ability to reject all cookies. If you reject all cookies, you may not be able to use the IPRF Services or products that require you to “sign in” and you may not be able to take full advantage of all offerings. The IPRF Website uses its own cookies for a number of purposes including, but not limited to:
A. Requiring you to re-enter your password after a certain period of time has elapsed to protect you against others accidentally accessing your account contents;
B. Keeping track of preferences specified by our users while using the IPRF Website;
C. Estimating and reporting our total audience size and traffic; and
2.6.3 Browser and Session Information. IPRF may collect information about your browser and session at the Website and/or using the Website Services.
2.6.4 IP Addresses IPRF may maintain a log of Internet Protocol (IP) addresses when any IPRF owned computers, servers, and/or websites (including, the Website) have been accessed. An IP address by itself does not allow us to collect additional PII about you. IP addresses may be used for various purposes, including to:
A. Diagnose and prevent service or technology problems reported by our users or engineers that are associated with the IP addresses controlled by a specific web IPRF or ISP;
B. Estimate the total number of users visiting an IPRF computer, server and/or website from specific geographical regions.
C. Help determine which users have access privileges to certain content, services or resources offered; and
D. Monitor and prevent fraud and abuse.
2.7 Data Retention
2.7.1 IPRF shall use commercially reasonable efforts to maintain storage information subject to the terms of this Privacy and Security Policy and the Terms and Conditions.
2.7.2 The length of time for which IPRF retains PII and other information will vary depending on the nature of the services for which the information has been collected and the nature of the information.
2.7.3 Although this period of retention may extend beyond the end of your relationship with IPRF, it will be retained for only so long as necessary for IPRF to respond to any issues arising from your relationship with IPRF. Data that you provide using IPRF services may be retained beyond the end of your relationship with IPRF. Data including, but not limited to, data about participation at events, schedules of events and results of events, which may include data submitted by you, may be retained indefinitely.
2.7.4 When IPRF no longer needs or requires your personal information, IPRF will destroy, delete, erase or convert information to an anonymous form without notice to you.
2.7.5 Depending on the package of services purchased, IPRF may delete information including, but not limited to, stored messages, interviews, videos, audio, other content, and records of your account without notice to you. IPRF recommends that you back up on your own computer any critical and important information prior to allowing your IPRF Services to terminate or expire.
2.7.6 Should your account be terminated, IPRF may immediately and permanently delete all stored messages, interviews, videos, audio, other content, and records of your account without notice to you.
3.1 IPRF may obtain personal information about you through a variety of sources. For each source or method, the manner of consent may differ.
3.2 In general, IPRF operates on an “Opt-out” basis. That is, IPRF presumes that by using its IPRF Services and/or accessing its Website you have read this Privacy and Security Policy and IPRF’s Terms and Conditions. Moreover, by providing the personal information requested (both personally identifiable and non-personally identifiable), you have consented to its use by IPRF for the stated purposes.
3.3 For these reasons, unless and until you expressly inform IPRF you do not wish your information to be used, IPRF shall presume it has your consent.
3.4 Where IPRF obtains information about a consumer from its customers or other third parties, IPRF presumes that the consumer has previously provided appropriate consent to the party from whom IPRF obtains the information. In any case, the consumer can be assured that this Privacy and Security Policy applies to any information obtained from a third party.
4.1 Subject to certain limitations imposed by applicable privacy laws, you may request that IPRF provide you with a copy of your personal information and/or information regarding how we have used that personal information.
4.2 Any requests for access to information should be directed to the contact information provided below.
4.3 We will make every effort to respond to your request in a reasonable timeframe.
5.1 IPRF takes the issue of protecting your anonymity and personal information very seriously. IPRF protects the information it obtains about you with appropriate, commercially reasonable safeguards and security measures consistent with standard information practices. These measures include commercially reasonable technical and procedural steps to protect your data from misuse, unauthorized access or disclosure, loss, alteration, or destruction.
5.2 For security purposes, IPRF does not disclose all of its security measures. Be assured that IPRF does employ commercially reasonable industry standard measures to protect your information.
6. DISCLAIMER AS TO THIRD-PARTY WEBSITES. Although our IPRF-owned websites may contain links to other third-party websites and/or may be advertised on such third-party websites, IPRF is not responsible for the privacy practices or the content of such websites and specifically disclaims any such responsibility. IPRF does not monitor the privacy practices or content of these websites. If you have any questions about the privacy practices of a website other than an IPRF-owned website, you need to contact the Privacy Officer of the website about which you have a question.
7. INCORPORATION OF OTHER APPLICABLE TERMS. Your use of IPRF’s Website and IPRF Services is subject to this Privacy and Security Policy as well as the Terms and Conditions, the terms of which are incorporated into this Privacy and Security Policy by reference. You should carefully review the Terms and Conditions.
8. ADDITIONAL INFORMATION
8.1 When you post content on and/or through the IPRF Services, you have the ability to post content which may include personally identifiable information or PII about yourself. You are responsible for the information you
(a) post online;
(b) post through use of the IPRF Services; or,
(c) share with another website that you link to from our Website. You do so at your own risk. IPRF warns you to be careful in posting information accessible to the public.
8.2 If you post personal information online that is accessible to the public, you may receive unsolicited messages from other parties or other unwanted and possibly harmful contact. IPRF warns you to be careful in posting information accessible to the public.
9. CUSTOMER OBLIGATIONS. By using the IPRF Services, you agree to use any information about any other IPRF Customer, particularly PII, obtained through IPRF Services in a manner consistent with the Terms and Conditions, this Privacy and Security Policy, and the privacy protections provided for in such policies.
10. REVISIONS TO PRIVACY AND SECURITY POLICY.
14.1 IPRF reserves the right to revise, amend, or modify this Privacy and Security Policy, our Terms and Conditions, and other online policies and agreements at any time and in any manner.
14.2 IPRF shall provide notice of such changes by posting the revised policies to the applicable IPRF-owned websites and/or by either (a) providing you a message the next time you login into your account or (b) sending you electronic mail to the email address you provided when creating your account.
14.3 With respect to this Privacy and Security Policy, you should visit our website at IPRF.com from time to time to review the then-current terms. At any time, the current-posted policies govern and shall be binding. For Additional Information or Questions, Contact Us If you have additional questions or concerns regarding how IPRF is managing or using your personal information, please send your concerns in writing to [email protected].