Your privacy is critically important to us. At AUMSA, we have a few fundamental principles:

  • We are thoughtful about the personal information we ask you to provide and the personal information that we collect about you through the operation of our services.
  • We store personal information for only as long as we have a reason to keep it.
  • We share your billing/payment information only with selected partners.
  • We aim for full transparency on how we gather, use, and share your personal information.
  • You’re free to cancel your account and delete all your data at any moment.

Below is AUMSA’s privacy policy, which incorporates and clarifies these principles.

Who We Are and What This Policy Covers

The Auckland Medical Students Association is dedicated to ensuring our members stay safe on the internet. For our ball this year, we will be using the the open source ticket reservation system, Alf.io, the open source ticket reservation system. This allows us to have our own private ticket selling system — to save you money!! (TicketMaster charges an excessive overhead).

This Privacy Policy applies to information that we collect about you when you use:

  • Our website (aumsa.org.nz);
  • Other products and services that are available on or through our websites. e.g. ball.aumsa.org.nz

Throughout this Privacy Policy we’ll refer to our website and other products and services collectively as “Services.”

Below we explain how we collect, use, and share information about you, along with the choices that you have with respect to that information.

Please note that this Privacy Policy does not apply to any of our products or services that have a separate privacy policy.

If you have any questions about this Privacy Policy, please contact us.

Information We Collect

We only collect information about you if we have a reason to do so –for example, to provide our Services, to communicate with you, or to make our Services better.

We collect information in three ways: if and when you provide information to us, automatically through operating our services, and from outside sources. Let’s go over the information that we collect.

Information You Provide to Us

It’s probably no surprise that we collect information that you provide to us. The amount and type of information depends on the context and how we use the information. Here are some examples:

  • Basic Account Information: We ask for basic information from you in order to set up your account. For example, we require individuals who sign up for a AUMSA account to provide First, Last Name, a username and email address –and that’s it. You may provide us with more information but we don’t require that information to create your account.
  • Transaction and Billing Information: If you buy something from us –a subscription to one of our plans, for example– you will provide additional personal and payment information that is required to process the transaction and your payment, such as your billing and credit card information, and contact information.
  • Content Information: If you subscribe to the “Managed” plan, you may also provide us with information about you in the draft and published content of your Alf.io instance. For example, the date and location of all your events, and the data of all attendees. Please note that your data won’t be analyzed nor shared with anyone, and we won’t access it, unless you ask us to do so.
  • Credentials: Depending on the Services you use, you may provide us with credentials for your existing infrastructure (like AWS ID/secret for example). For example, customers of our “Private” plan may provide us with these credentials in order to use our one-click installation feature, or to allow us to update their installation.
  • Communications with Us (Hi There!): You may also provide us information when you respond to surveys, communicate with our System Engineers about a support question, or post a question/bug about your instance on GitHub.

Information We Collect Automatically

We also collect some information automatically:

  • Log Information:Like most online service providers, we collect information that web browsers, mobile devices, and servers typically make available, such as the browser type, IP address, unique device identifiers, language preference, referring site, the date and time of access, operating system, and mobile network information. We collect log information when you use our Services –for example, when you create or make changes to your Alf.io instance on ball.aumsa.org.
  • Usage Information:We collect information about your usage of our Services. For example, we collect information about the actions that instance administrators and users perform on an Alf.io instance hosted on our infrastructure –in other words, who did what, when and to what thing on an instance (e.g., [alf.io username] issued a refund for ticket “[uuid]” at [time/date]). We also collect anonymized information about what happens when you use our Services (e.g., page views, number of events created, etc.) along with information about your device (e.g., desktop or mobile). We use this information to, for example, provide our Services to you, as well as get insights on how people use our Services, so we can make our Services better.

How We Use Information

We use information about you as mentioned above and as follows:

  • To provide our Services –for example, to set up and maintain your account, host backup and restore your Managed Alf.io instance, or charge you for any of our Services;
  • To further develop our Services –for example by adding new features that we think our users will enjoy or will help them to create and manage their websites more efficiently;
  • To monitor and analyze trends and better understand how users interact with our Services, which helps us improve our Services and make them easier to use;
  • To monitor and protect the security of our Services, detect and prevent fraudulent transactions and other illegal activities, fight spam, and protect the rights and property of AUMSA and others;
  • To communicate with you about offers and promotions offered by AUMSA and others we think will be of interest to you, solicit your feedback, or keep you up to date on AUMSA and our products.

Sharing Information

How We Share Information

We do not sell our users’ private personal information.

We share information about you in the limited circumstances spelled out below and with appropriate safeguards on your privacy:

  • Subsidiaries, Employees, and Independent Contractors: We may disclose information about you to our subsidiaries, our employees, and individuals who are our independent contractors that need to know the information in order to help us provide our Services or to process the information on our behalf. We require our subsidiaries, employees, and independent contractors to follow this Privacy Policy for personal information that we share with them.
  • Third Party Vendors: We may share information about you with third party vendors who need to know information about you in order to provide their services to us. This group includes vendors that help us provide our Services to you (like payment providers that process your credit and debit card information). We require vendors to agree to privacy commitments in order to share information with them.
  • As Required by Law: According to the Swiss Code of Obligations, and only upon request of the Swiss Authority, we may disclose information about you in response to a subpoena, court order, or other governmental request.
  • Business Transfers: In connection with any merger, sale of company assets, or acquisition of all or a portion of our business by another company, or in the unlikely event that AUMSA goes out of business or enters bankruptcy, user information would likely be one of the assets that is transferred or acquired by a third party. If any of these events were to happen, this Privacy Policy would continue to apply to your information and the party receiving your information may continue to use your information, but only consistent with this Privacy Policy.
  • Aggregated and De-Identified Information: We may share information that has been aggregated or reasonably de-identified, so that the information could not reasonably be used to identify you. For instance, we may publish aggregate statistics about the use of our Services.
  • Published Support Requests: And if you send us a request (for example, via a support email or one of our feedback mechanisms), we reserve the right to publish that request in order to help us clarify or respond to your request or to help us support other users.

Information Shared Publicly

Information that you choose to make public is –you guessed it– disclosed publicly. That means, of course, that information like your events that you make public on your Alf.io instance, are all available to others –and we hope you sell out your tickets soon! Public information may also be indexed by search engines or used by third parties.

Security

While no online service is 100% secure, we work very hard to protect information about you against unauthorized access, use, alteration, or destruction, and take reasonable measures to do so. To enhance the security of your account, we encourage you to enable our advanced security settings, like Two Step Authentication.

Choices

You have several choices available when it comes to information about you:

  • Opt-Out of Electronic Communications: You may opt out of receiving promotional messages from us. Just follow the instructions in those messages. If you opt out of promotional messages, we may still send you other messages, like those about your account and legal notices.
  • Set Your Browser to Reject Cookies:At this time, AUMSA does not respond to “do not track” signals across all of our Services. However, you can usually choose to set your browser to remove or reject browser cookies before using AUMSA websites, with the drawback that certain features of AUMSA websites may not function properly without the aid of cookies.

Other Things You Should Know (Keep Reading!)

Transferring Information

AUMSA is a worldwide service. By accessing or using the Services or otherwise providing information to us, you consent to the processing, transfer, and storage of information in and to the New Zealand,  and other countries, which may have rights and protections that are different from those in your home country.

Our Users’ Event Pages

If you are a visitor to one of our users’ event page –a self-hosted Alf.io instance, for example– please note that this privacy policy doesn’t apply to you in regard to that specific event page. We process information that visitors provide to our users’ event pages on behalf of our users and in accordance with our user agreements. We encourage our users to have a privacy policy that accurately describes their practices on data collection, use, and sharing of personal information.

Privacy Policy Changes

Although most changes are likely to be minor, AUMSA may change its Privacy Policy from time to time. AUMSA encourages visitors to frequently check this page for any changes to its Privacy Policy. If we make changes, we will notify you by revising the change log below, and, in some cases, we may provide additional notice (such as adding a statement to our homepage or sending you a notification through e-mail or your dashboard). Your continued use of the Services after any change in this Privacy Policy will constitute your consent to such change.

Changelog

  • 2018-22-07: first version

Acknowledgements:

This “Privacy Policy” document has been originally created by fantastic folks at Automattic, Inc. for WordPress.com and released under Creative Commons Sharealike. The content of this page is available under the same license for you to use. Open Source rocks!