EFFECTIVE DATE:  November 27, 2018 (summary of changes)

INTRODUCTION

Welcome! This Privacy Policy and the accompanying Cookie and Tracking Technology Policy outline how Chorus Connection Inc. (“we,” “our,” or “us”) collects, uses, and shares information from and about you when operating all services available via www.chorusconnection.com and all other chorusconnection.com subdomains (collectively, “Chorus Connection” or the “Site”). This Privacy Policy also outlines your rights and choices about our collection, use, and sharing of such information. If you do not agree to the terms and practices described in this Privacy Policy and the Cookie and Tracking Technology Policy, please do not visit the Site or submit information to us. If you have any questions, please send us a note at support@chorusconnection.com.

 

INFORMATION WE COLLECT

We collect and process various types of information from and about people who visit the Site (“Visitors”), people who download content, sign up for our mailing list, subscribe to our blog, or otherwise submit information to us on the Site or via third-party websites (“Subscribers”), and people with Chorus Connection accounts (“Users”). Some of this information we collect directly, and some of this information we collect via third parties, such as Google Analytics. We will use and share any information we collect from such third parties in accordance with this Privacy Policy, plus any additional restrictions imposed by the source of the data.

As a Visitor

We automatically collect various types of information about Visitors via third-party analytics and marketing services providers. This may include device-related information (e.g. device, browser, operating system, language settings, IP address, and internet service provider), activity information (e.g. date and time of visits, pages visited, actions taken on those pages, and which web pages or marketing campaigns led you to the Site), and demographic information (e.g. age, gender, and approximate location).

We may use this information for various reasons, including:

  • To maintain and operate the Site.

  • To understand how the Site is used.

  • To present you with advertising related to our products and services, offers, promotions, rewards, and events, via either the Site or third-party websites.

  • To understand the efficacy of our sales and marketing efforts.

  • To enhance your experience as a Visitor.

  • To customize content on the Site.

As a Subscriber

We automatically collect various types of information about Subscribers via third-party analytics and marketing services providers. This may include device-related information (e.g. IP address) and activity information (e.g. which web pages or marketing campaigns led you to the Site, when you open emails from us, and when you click on links in those emails).

We also collect various types of information about Subscribers via other third-party sources (e.g. partners with which we offer co-branded services or engage in joint marketing activities, events such as conferences, trade shows, or other networking events, or public domain sources such as internet search engines, social media websites, your chorus’s website, or public tax filings). This may include information about you (e.g. your name, role in the chorus, email address, phone number, and social media profiles) and information about your chorus (e.g. number of singers, mailing address, budget size, website, social media profiles, and upcoming concerts).

We also collect various types of information that Subscribers provide directly to us. This may include information about you (e.g. your name, email address, and your role in the chorus) and information about your chorus (e.g. the name and type of your chorus).

We may use this information for various reasons, including:

  • To send you information or resources you’ve requested.

  • To send you marketing-related communications based on the marketing preferences you’ve selected.

  • To customize our communications with you.

  • To present you with advertising related to our products and services, offers, promotions, rewards, and events, via either the Site or third-party websites.

  • To prioritize our sales and marketing efforts.

  • To understand the efficacy of our sales and marketing efforts.

  • To understand how the Site is used.

  • To enhance your experience as a Subscriber.

  • To conduct research that will help us improve the Site.

  • To respond to any inquiries from you.

  • To customize content on the Site.

  • To alert you to changes in our Terms of Service, this Privacy Policy, or our Cookie and Tracking Technology Policy.

  • To meet legal requirements.

As a User

We automatically collect various types of information about Users, in some cases, via third-party service providers. This may include device-related information (e.g. device, browser, operating system, language settings, and IP address) and activity information (e.g. pages you visit, files you download, emails you send through the Site’s email distribution lists, and your payment history).

We also collect various types of information about Users via third-party sources (e.g. partners with which we offer co-branded services or engage in joint marketing activities, events such as conferences, trade shows, or other networking events, or public domain sources such as internet search engines, social media websites, your chorus’s website, or public tax filings). This may include information about you (e.g. your name, role in the chorus, email address, phone number, and social media profiles) and information about your chorus (e.g. number of singers, mailing address, budget size, website, social media profiles, and upcoming concerts).

We also collect various types of information that Users provide directly to us. This may include information for your profile (e.g. your name, email address, phone number, mailing address, height, birthday, profile picture, links to social media accounts, and other information your chorus chooses to collect from or track about you), information for your account (e.g. your password), activity information (e.g. bulletin board posts and comments), and payment instrument information (see “Payment Instruments” below for more information).

We also collect various types of information about Users from their chorus’s administrators. This may include information for your profile (e.g. your name, email address, phone number, mailing address, section and divisi, membership status, membership start date, height, birthday, profile picture, links to social media accounts, and other information your chorus chooses to collect from or track about you), information for your account (e.g. your level of administrative access within Chorus Connection), and activity information (e.g. your attendance records, your history of offline payments to the chorus, and your position in riser charts).

We may use this information for various reasons, including:

  • To validate your identity.

  • To communicate with you about your account.

  • To investigate errors you encounter while using the Site.

  • To send you marketing-related communications based on the marketing preferences you’ve selected.

  • To customize our communications with you.

  • To present you with advertising related to our products and services, offers, promotions, rewards, and events, via either the Site or third-party websites.

  • To prioritize our sales and marketing efforts.

  • To understand the efficacy of our sales and marketing efforts.

  • To process your choir’s Chorus Connection subscription fee.

  • To process payments you make to your choir.

  • To send you payment receipts.

  • To populate your chorus’s membership directory.

  • To populate the bulletin board and send you bulletin board notifications.

  • To ensure that you receive communications sent via Chorus Connection.

  • To archive such communications and make them available within the Site.

  • To generate reports for or otherwise share data with your choir’s administrators.

  • To alert you to new features of the Site.

  • To understand how the Site is used.

  • To enhance your experience as a User.

  • To conduct research that will help us improve the Site.

  • To respond to any inquiries from you.

  • To customize content on the Site.

  • To alert you to changes in our Terms of Service, this Privacy Policy, or our Cookie and Tracking Technology Policy.

  • To meet legal requirements.

Note: See Section 3.4 of our Terms of Service (“User Content”) for additional restrictions on how we can use information we collect from and about Users, including for marketing and advertising purposes.

PAYMENT INSTRUMENTS

You can use credit or debit cards to make payments within Chorus Connection. When you do, we may collect your credit or debit card number, security code, expiration date, and other information (“Payment Instrument Information”).

When your chorus upgrades to a paid Chorus Connection account, we collect Payment Instrument Information from a representative of your chorus to process your organization’s initial payment, and we save that Payment Instrument Information so we can process subscription renewals at the beginning of future billing cycles. We also collect Payment Instrument Information when you pay your membership dues or make other payments to your chorus through Chorus Connection. When you make payments to your chorus, you have the option of saving your Payment Instrument Information to speed up future payments.

For all types of payments made through Chorus Connection, highly sensitive information (e.g. full credit or debit card numbers and security codes) is never sent to our servers and is NOT stored in the Chorus Connection database. Instead, such information is securely processed and stored using the PCI-compliant, third-party service Stripe (for more information on Stripe’s security practices, visit https://stripe.com/docs/security/stripe). Less sensitive information (e.g. the last 4 digits of credit or debit card numbers and expiration dates) may get sent to our servers and may get stored in our database.

INFORMATION WE SHARE

We will never sell, rent, or trade any information that you provide us or share any personally identifying information with any third parties, except as provided in this Privacy Policy or with your consent.

Legal Proceedings

We may disclose information from or about you in response to service of legal process, such as court orders, summons, subpoenas, or as permitted or required by law, or when we reasonably believe it is necessary or appropriate to investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, or violations of our Terms of Service.

Service Providers

We may hire third-party companies and individuals to provide some of the services available on Chorus Connection. For example, we may use service providers:

  • To send you emails (e.g. when your artistic director communicates with you through Chorus Connection).

  • To process credit card transactions (e.g. when you pay your membership dues within Chorus Connection).

  • To store digital files (e.g. when you upload a profile picture within Chorus Connection).

In order to provide you with these and other services available on Chorus Connection, we may disclose information from or about you to one or more of these service providers, but only under the following conditions: (i) those entities need to know that specific information in order to provide their services; and (ii) those entities have a contractual obligation to us to only use identifying information in connection with providing us their services, although we may permit them to use aggregate or otherwise de-identified information for other purposes. By using Chorus Connection, you consent to the transfer of such information to these service providers.

Please note that some of the service providers we hire may be based outside of your home country. If you have any questions about the service providers we use, please contact us at support@chorusconnection.com.

Business Partners

We may share information from or about you with our business partners if we’ve collected such information in connection with offering you co-branded services, promotions, surveys, or in connection with joint marketing activities.

Corporate Events

We may share information from or about you with a potential acquirer (or its agents or advisors) for the purpose of facilitating and completing a merger, acquisition, change of control, debt financing, insolvency, bankruptcy, sale of our assets, or similar transaction. If we (or our assets) are acquired by another company in such an event, that company would receive all information we’ve collected from and about Visitors, Subscribers, and Users. In case of such an event, we will attempt to notify you via email or a prominent notice on the Site of any change in ownership, updates to this Privacy Policy, and choices you have regarding the use of your information.

Aggregate and De-identified Data

We may share aggregated data or de-identified information from or about you with third parties for any purpose except as prohibited by applicable law.

INTEGRATIONS

We may allow you to connect your Chorus Connection account with various third-party services (“Integrated Services”). Possible uses include: making it easier to set up your Chorus Connection account, helping you market your concerts and fundraisers, or streamlining your bookkeeping.

If you authorize us to connect with such Integrated Services, you grant us the permission to collect any information about you and your choir that such Integrated Services make available to us. You also authorize us to share relevant information with such Integrated Services. Your use of these Integrated Services is governed by their terms of service and privacy policies. We will use and share any information we collect from Integrated Services in accordance with this Privacy Policy, plus any additional restrictions imposed by the Integrated Services that provided the data.

CHILDREN

Chorus Connection is not intended for and may not be used by children under the age of 16 in the European Economic Area or children under the age of 13 in other jurisdictions (“Young Children”). We do not knowingly collect information from Young Children and we do not target the Site to Young Children. Do not become a Subscriber or sign up for a User account if you are a Young Child.

If your choir has Young Children, you can use our children’s choir features to set up User accounts for parents or guardians who can then access information within Chorus Connection on behalf of those children.

If you suspect a Young Child has set up a Chorus Connection account or that we have otherwise collected information directly from a Young Child, please contact us at support@chorusconnection.com and we will investigate and respond appropriately to ensure we continue to comply with applicable laws.

PROTECTION OF INFORMATION

We employ appropriate administrative, physical, and technical safeguards designed to keep your information safe and protect against unauthorized access, disclosure, alteration, or deletion of data. These safeguards include the use of encrypted User passwords and transferring data to and from the Site using the “https” protocol.

Unfortunately, even with such safeguards, no data transmission or storage system can be guaranteed to be 100% secure. If you have reason to believe that your User account or the information you’ve submitted to us is no longer secure, please contact us immediately at support@chorusconnection.com.

HOW LONG WE RETAIN YOUR INFORMATION

We retain information from and about you as long as we have an ongoing legitimate business need to do so, unless a longer retention period is required or permitted by law.

YOUR RIGHTS AND CHOICES

Cookies and Other Tracking Technologies

We use cookies and other tracking technologies for a range of purposes, including running the Site, keeping track of information you submit on the Site, website analytics, and advertising. You can learn more about how we use these technologies and the options available to you by visiting our Cookie and Tracking Technology Policy. The Cookie and Tracking Technology Policy is an addendum to this Privacy Policy and has been expanded and given its own web page to enhance clarity and cohesiveness.

Promotional Emails

You can opt out of receiving promotional emails from us at any time by visiting this link, by clicking the unsubscribe link in our promotional emails, or by emailing us at marketing-maestros@chorusconnection.com. Please note that you cannot opt out of non-promotional emails, such as those about your account, transactions, our ongoing business relationship, or major changes to this Privacy Policy.

Your Account

Once your Chorus Connection User account has been created, you can review and revise your account information by logging into your account. Some information related to your account cannot be updated by you, and must be updated or deleted by an administrator of your organization’s Chorus Connection account. Please reach out to one of your organization’s administrators if you need help updating such information.

Your California Privacy Rights

If you are a resident of California, you have certain privacy rights defined by California’s “Shine the Light” law. In particular, you can request the types of personal information we share with third parties for those third parties’ direct marketing purposes, and the identities of the third parties with whom we have shared such information during the immediately preceding calendar year. To exercise your rights, you may make one request each year by emailing us at support@chorusconnection.com. Your request should specify your full name. Please email us from the email address we have on file to help us confirm your identity.

Your EEA Data Subject Rights

European Economic Area (“EEA”) data protection laws make a distinction between organizations that process personal data for their own purposes (known as “controllers”) and organizations that process personal data on behalf of other organizations (known as “processors”). Chorus Connection is the data controller for any personal data collected from and about Visitors and Subscribers. For information collected from and about Users, our role depends on the context. For example, there are some instances where we are the controller (e.g. analytic information about which pages in Chorus Connection you visit and which features you use). In other contexts, we are the data processor, and you, your Chorus, or both are the data controllers (e.g. the personal data on your User profile).

In accordance with data protection laws in the EEA, we collect and process information from and about you provided one or more of the following conditions are met: 1) You have given your consent to our processing such data for the specified purpose; 2) Doing so is based on our legitimate interests or the legitimate interests of a third-party controller (e.g. your chorus) for whom we are acting as a processor, and those interests are not overridden by your data protection interests or fundamental rights and freedoms; 3) Doing so is necessary for us to fulfill our obligations as part of a contract with you or your chorus; 4) Doing so is necessary for us to fulfill other legal obligations.

Furthermore, if data protection laws in the EEA apply to your use of Chorus Connection, you have the following data rights:

  • You have the right to request access to or portability of your personal data.

  • You have the right to request that your personal data be updated.

  • You have the right to request that your personal data be deleted.

  • You have the right to object to our processing your personal data or to request that we limit the processing of your personal data.

  • You have the right to withdraw your consent to the processing of your personal data. Please note that doing so will not affect the lawfulness of any processing that occurred before your withdrawal. Similarly, withdrawing your consent will not affect the lawfulness of any processing we do based on lawful reasons other than consent.

  • You have the right to complain to a data protection authority about the collection and use of your personal data. For more information, please contact your local data protection authority. Contact details for data protection authorities in the EEA are available here.

To exercise any of the above EEA data subject rights, please contact us at support@chorusconnection.com. Your request should specify your full name and which data protection rights you are looking to exercise. Please email us from the email address we have on file to help us confirm your identity. We will respond to your request within 30 days. If we are the controller for the personal data in question, we will process your request in accordance with the appropriate laws and notify you of the actions we take. We may request additional information from you to help us confirm your identity or process your request. If we are not the relevant controller, we will direct you to the appropriate person or entity and support them to the extent required by applicable law in responding to the request.

INTERNATIONAL DATA TRANSFER

Chorus Connection is hosted in the United States. If you are accessing the Site from outside the United States, please note that the United States may not have the same data protection laws as the country in which you reside. By submitting information to us, you: (i) agree to the transfer of such information to the United States; and (ii) agree to our use of that information in accordance with this Privacy Policy. If you submit personal data to us from the EEA, we will transfer and process such data subject to appropriate safeguards, such as standard contractual clauses in our agreements with service providers.

LINKS

The Site contains content from and links to websites owned and operated by third parties. Please be aware that we are not responsible for the content or privacy practices of such third parties. We encourage you to be aware when you leave the Site, and to read the privacy policies of any third parties with which you interact.

CHANGES TO THIS POLICY

As our company evolves, we may occasionally update this Privacy Policy to make the language clearer, reflect new business practices, or for other reasons. We will keep this page updated with the latest version of the Privacy Policy. We will also keep prior versions of the Privacy Policy on file. If there are ever material revisions to our Privacy Policy, we will attempt to notify you via email or a notice on the Site.

CONTACT US 

To learn more about the information we collect from and about you or how we use that information, to request a copy of a prior version of the Privacy Policy, or for any other questions or concerns, please email us at support@chorusconnection.com, or you can reach us by mail at the below address.

 

MAILING ADDRESS

Attn: Support

Chorus Connection

157 Columbus Ave, 4th floor

New York, NY 10023