Website
Privacy Statement (US)
This privacy statement was last changed on December 16, 2024, last checked on December 16, 2024, and applies to citizens and legal permanent residents of the United States.
In this privacy statement, we explain what we do with the data we obtain about you via https://www.nelsonspca.org. We recommend you carefully read this statement. In our processing we comply with the requirements of privacy legislation. That means, among other things, that:
- we clearly state the purposes for which we process personal data. We do this by means of this privacy statement;
- we aim to limit our collection of personal data to only the personal data required for legitimate purposes;
- we first request your explicit consent to process your personal data in cases requiring your consent;
- we take appropriate security measures to protect your personal data and also require this from parties that process personal data on our behalf;
- we respect your right to access your personal data or have it corrected or deleted, at your request.
If you have any questions, or want to know exactly what data we keep of you, please contact us.
1. Purpose and categories of data
We may collect or receive personal information for a number of purposes connected with our business operations which may include the following: (click to expand)
1.1 Contact - Through phone, mail, email and/or webforms
1.1 Contact - Through phone, mail, email and/or webforms
The following categories of data are collected
- A first and last name
- A home or other physical address, including street name and name of a city or town
- An email address
- A telephone number
- IP Address
- Date of birth
- A signature
- Professional or employment-related information
Retention period
We retain this data upon termination of the service for the following number of months: 26 months
1.2 Newsletters
1.2 Newsletters
The following categories of data are collected
- An email address
- A first and last name
- IP Address
- Internet activity information, including, but not limited to, browsing history, search history, and information regarding a consumer's interaction with an Internet Web site, application, or advertisement
- Geolocation data
Retention period
We retain this data until the service is terminated.
1.3 To support services or products that a customer wants to buy or has purchased
1.3 To support services or products that a customer wants to buy or has purchased
The following categories of data are collected
- A first and last name
- A home or other physical address, including street name and name of a city or town
- An email address
- A telephone number
- Date of birth
- A signature
- Professional or employment-related information
Retention period
We retain this data upon termination of the service for the following number of months: 26 months
1.4 To be able to comply with legal obligations
1.4 To be able to comply with legal obligations
The following categories of data are collected
- A first and last name
- A home or other physical address, including street name and name of a city or town
- An email address
- A telephone number
- Geolocation data
- Date of birth
- A signature
- Professional or employment-related information
Retention period
Upon termination of the service we retain this data for the following period: 26 months.
1.5 Compiling and analyzing statistics for website improvement.
1.5 Compiling and analyzing statistics for website improvement.
The following categories of data are collected
- IP Address
- Internet activity information, including, but not limited to, browsing history, search history, and information regarding a consumer's interaction with an Internet Web site, application, or advertisement
- Geolocation data
Retention period
Upon termination of the service we retain this data for the following period: 26 months.
2. Sharing with other parties
We only share or disclose this data to other recipients for the following purposes:
Purpose of the data transfer: Analytics
Country or state in which this service provider is located: United States
3. Disclosure practices
We disclose personal information if we are required by law or by a court order, in response to a law enforcement agency, to the extent permitted under other provisions of law, to provide information, or for an investigation on a matter related to public safety.
If our website or organisation is taken over, sold, or involved in a merger or acquisition, your details may be disclosed to our advisers and any prospective purchasers and will be passed on to the new owners.
4. How we respond to Do Not Track signals & Global Privacy Control
Our website responds to and supports the Do Not Track (DNT) header request field. If you turn DNT on in your browser, those preferences are communicated to us in the HTTP request header, and we will not track your browsing behavior.
5. Cookies
Our website uses cookies. For more information about cookies, please refer to our Cookie Policy on our Opt-Out Preferences webpage.
The inclusion of full IP addresses is blocked by us.
6. Security
We are committed to the security of personal data. We take appropriate security measures to limit abuse of and unauthorized access to personal data. This ensures that only the necessary persons have access to your data, that access to the data is protected, and that our security measures are regularly reviewed.
The security measures we use consist of:
- Website Hardening/Security Features
- Vulnerability Detection
- HTTP Strict Transport Security and related Security Headers and Browser Policies
- (START)TLS / SSL / DANE Encryption
- DKIM, SPF, DMARC and other specific DNS settings
- Login Security
7. Third-party websites
This privacy statement does not apply to third-party websites connected by links on our website. We cannot guarantee that these third parties handle your personal data in a reliable or secure manner. We recommend you read the privacy statements of these websites prior to making use of these websites.
8. Amendments to this privacy statement
We reserve the right to make amendments to this privacy statement. It is recommended that you consult this privacy statement regularly in order to be aware of any changes. In addition, we will actively inform you wherever possible.
9. Accessing and modifying your data
If you have any questions or want to know which personal data we have about you, please contact us. Please make sure to always clearly state who you are, so that we can be certain that we do not modify or delete any data of the wrong person. We shall provide the requested information only upon receipt of a verifiable consumer request. You can contact us by using the information below. You have the following rights:
9.1 You have the following rights with respect to your personal data
- You may submit a request for access to the data we process about you.
- You may object to the processing.
- You may request an overview, in a commonly used format, of the data we process about you.
- You may request correction or deletion of the data if it is incorrect or not or no longer relevant, or to ask to restrict the processing of the data.
9.2 Supplements
This section, which supplements the rest of this Privacy Statement, applies to citizens and legal permanent residents of Virginia (CDPA)
Virginia
Virginia
Right to Data Portability
When exercising the right to Access personal data , you have the right to obtain the personal data in a portable and, to the extent technically feasible, readily usable format that allows you to transmit the data to another entity without hindrance. You may exercise this right no more than two times per calendar year.
Right to opt-out
You may submit a request directing us not to make certain disclosures of personal information we maintain about you.
Under the CDPA this concerns the following purposes:
- targeted advertising;
- the sale of personal data; or
- profiling in furtherance of decisions that produce legal or similarly significant effects concerning a consumer.
For more information about the possibility of submitting an opt-out request, please refer to our Opt-out preferences page.
10. Children
Our website is not designed to attract children and it is not our intent to collect personal data from children under the age of consent in their country of residence. We therefore request that children under the age of consent do not submit any personal data to us.
11. Contact details
Nelson SPCA
29 Stagebridge Road
Lovingston, VA 22949
United States
Website: https://www.nelsonspca.org
Email: info@nelsonspca.org
Phone number: (434) 263-7722
12. Data Requests
For the most frequently submitted requests, we also offer you the possibility to use our data request form
Annex
Solid Security
What personal data we collect and why we collect it
Cookies
Some forms on this site require the use of Google's reCAPTCHA service before they can be submitted. If you consent to this service, a cookie is created that stores your consent. This cookie deletes itself after thirty days.
Magic links create a temporary cookie named “itsec-ml-lockout-bypass” that enables users to log in through a link sent to their email. This cookie references session data containing the user’s ID and IP address. It automatically expires after 30 minutes.
A cookie named “itsec_interstitial_browser” is created to track a user’s login process to implement enhanced security features.
Some users can enable the "Remember This Device" feature to skip Two-Factor when using the same device. This generates a cookie named “itsec_remember_2fa”. It contains no personal data and expires after 30 days.
Security Logs
The IP address of visitors, user ID of logged in users, and username of login attempts are conditionally logged to check for malicious activity and to protect the site from specific kinds of attacks. Examples of conditions when logging occurs include login attempts, log out requests, requests for suspicious URLs, changes to site content, and password updates. This information is retained for 60 days.
Who we share your data with
For security, use of Google's reCAPTCHA service is required which is subject to the Google Privacy Policy and Terms of Use.
A QR code image is generated for users that set up two-factor authentication for this site. This image is generated using a SolidWP-hosted API. In the process of generating this image, your username is sent to the API. This data is not logged. For privacy policy details, please see the SolidWP Privacy Policy.
When running Security Check, solidwp.com will be contacted as part of a process to determine if the site supports TLS/SSL requests. No personal data is sent to solidwp.com as part of this process. Requests to solidwp.com include the site's URL. For solidwp.com privacy policy details, please see the SolidWP Privacy Policy.
This site is scanned for potential malware and vulnerabilities by the SolidWP Site Scanner. We do not send personal information to the scanner; however, the scanner could find personal information posted publicly (such as in comments) during the scan.
In order to ensure file integrity, Solid Security pulls data from wordpress.org, solidwp.com, ithemes.com and amazonaws.com. No personal data is sent to these sites. Requests to wordpress.org include the WordPress version, the site's locale, a list of installed plugins, and a list of each plugin's version. Requests to solidwp.com and amazonaws.com include the installed SolidWP products and their versions. For wordpress.org privacy policy details, please see the WordPress Privacy Policy. For solidwp.com privacy policy details, please see the SolidWP Privacy Policy. Requests to amazonaws.com are to retrieve content added and managed by SolidWP which is covered by the Amazon Web Services Data Privacy policy.
How long we retain your data
Security logs are retained for 60 days.