U.S. Naval Cryptologic Veterans Association

Privacy Policy

This Policy describes our practices regarding your access to services provided by the U.S. Naval Cryptologic Veterans Association website and web services. These products and services include our website, email, newsletters and the CRYPTOLOG, mobile and other applications operated by us, our offline contacts, and other services provided by the US NCVA.

Disclaimers

The US NCVA is not responsible for the:

  1. Privacy practices or the content of third-party websites.
  2. Protection of personal data anyone submits to social media companies, such as Facebook, Twitter, Reddit, LinkedIn, etc.
  3. Protection of personal or financial data submitted by an individual to an online financial institution, such as PayPal.

Definitions

Visitor An individual who uses only the public areas of the website.
Subscriber A current member of the US NCVA or any former US Navy or US Marine Corps cryptologist eligible for membership in the US NCVA who has registered a user account with the website to access Association data.
Personal Data Any information relating to an identified or identifiable natural person.
Public Area An area of the website that can be accessed both by subscribers and visitors without needing to login.
Restricted Area Any area of the website that requires login by authorized subscribers to open and use.
Subscriber Data Personal data, reports, addresses, files, folders or documents in digital form that an authorized user stores within this website.
Personally Identifiable Information PII are any data that could potentially identify a specific individual or can be used to distinguish one person from another and can be used for de-anonymizing anonymous data.
Personally Identifiable Financial Information PIFI are any data that a consumer provides to a financial institution that would not be available publicly such as an individual’s name, contact details, bank account number, credit card number, Social Security number, etc.

Security Design

The US NCVA website is protected by an industry-standard Secure Socket Layer (SSL) certificate and 128-bit encryption. All passwords are encrypted and retained within the website SSL certificate.

Subscribers to the US NCVA website control the visibility of their data to other subscriber by the privacy protection they applied to their data (login to see the appropriate Profile FAQ under the Members menu). The privacy level applied to profile data fields are identified to the individual subscriber.

NOTE: The System Administrator has access to all data stored on the US NCVA website.

Access to subscriber Profiles is controlled through the secure login procedure, a strong Access Control List (ACL), and by the membership lists, which are segregated by membership category.

Data Protection

Automatic Account Removal The US NCVA does not automatically delete subscriber accounts.
Explicit Consent The only personal data (PII) collected and stored by the US NCVA on this website are those data you, the subscriber, voluntarily enters to establish your website user account and Profile.Subscribers are required to acknowledge their acceptance of our Terms and Conditions and Privacy Policy when they signup for a website user account. This constitutes the subscriber’s explicit consent to our terms and privacy policy.
Data Minimization The US NCVA does not automatically delete subscriber accounts.
Google Analytics We use Google Analytics on our website to better understand the needs of our website visitors and subscribers and to detect any issues users are having with our website.

Data Retention

Contact Information

When you use the Contact Form to reach an individual listed on our website, the system asks you to accept our collection of these data:

  • IP (Internet Protocol) Address
  • IP (Internet Protocol) Based Location
  • Web Browser
  • Operating System
  • Screen Resolution

These data are retained until the information you action you requested is acted upon by the recipient, after which your request is removed or archived.

PII

US NCVA website subscribers provide these data at the time they setup their website user accounts:

  • Name (as provided)
  • Email address
  • Registration date
  • Last Visit date
  • Subscription history
  • U.S. Navy Service history (as provided)
  • IP address
  • Contact information (as provided)

These data are stored and secured on the web servers we use using strong Secure Socket Layer (SSL) certificates. The technical means we use to manage these data enable us to support our subscribers and maintain the security of their accounts.

The US NCVA does not share any personally identifiable information with any outside party for any reason.

PIFI

The US NCVA does not store any personally identifiable financial information online for any reason. All personally identifiable financial data are stored and secured by Square and PayPal, our third-party payment processors.

What Data Do We Automatically Collect?

Cookies

There are different types of software cookies used today to capture various visitor data, such as:

Essential Website Cookies These cookies are strictly necessary to provide you with services through our website and to use some of its features, such as access to subscriber-only areas. Because these cookies are strictly necessary for website operation, you cannot opt-out of their use. You can block or delete them by changing your browser settings.
Performance and Functionality Cookies These cookies enhance the performance and functionality of our website but are non-essential to their use. However, without these cookies, certain functions may be unavailable.
Analytics and Customization Cookies These cookies collect information used either in aggregate form to help us understand how our website is used, how effectively we are reaching out to US Navy cryptologic veterans, or to help us customize our website to enhance your experience. These cookies do not identify any person specifically.
Advertising/Targeting Cookies The US NCVA does not use advertising or targeting cookies.

Google Analytics

This website uses Analytics services from Google LLC. Google Analytics uses "cookies", which are stored on your computer, to help the website analyze how users use the site during their visit. The collected data (including your truncated IP address) is transmitted and stored on a server controlled by Google, located in the United States.

Google will use this information about your use of the website to generate reports on website activity for website operators and to provide other services relating to website activity and internet usage. Google will not link the IP address provided by your browser in Google Analytics to any other Google data.
Google will retain user and event data for 26 months.

You can deactivate the installation and use of Cookies by simply setting up your web browser. However, you will not be able to access all the functions of the site in an optimal way. If you wish to prevent the storage of personal data (including your IP address) and their use by Google, you can install the plugin.

For more information, please see the Google Analytics Terms of Use and Privacy Policy.

reCAPTCHA

We use Google LLC’s reCAPTCHA service to protect submissions and prevent spam on the site. It checks if you are a person to prevent certain features of the website from being abused by spam bots.

By filling out the forms using this plugin, you consent to sending your IP address and possibly other data required by Google for the reCAPTCHA service. Your data will be communicated to Google and used by their services. However, your IP address will first be truncated by Google in EU Member States—or in other states that are part of the European Economic Area agreement. In exceptional cases, your full IP address will be transmitted to a Google server in the United States and then subsequently truncated. Google will use this information to evaluate your use of this service. The IP address provided to reCAPTCHA through your browser will not be merged with any other Google data. This data collection is subject to Google’s Privacy Policy.

Advertising and Remarketing

The U.S. Naval Cryptologic Veterans Association does not promote our products or services through third-party advertising programs such as Google AdSense and Facebook.

Sharing Information As Required by Law

The U.S. Naval Cryptologic Veterans Association may be required by law to disclose the data you provide us.

Breach Notification

The US NCVA will immediately notify all registered subscribers if or when a breach of profile data is discovered.

Subscriber Rights

Right to Data Access

Personal Profile

Each and every subscriber to the US NCVA website has the absolute right to access, add, modify, and delete her or his personal data.

Contact Form

Individuals who use the website to contact an officer of the US NCVA are required to explicitly acknowledge and allow the US NCVA to retain and use the data they enter in the Contact Form so that we can answer their concerns.

Right to be Forgotten

  1. A subscriber may completely delete his or her website user account at any time (login to read the appropriate Profile FAQ under the Members menu).
  2. As advised by the Membership Secretary, the Webmaster will completely remove the profile of a subscriber who either has passed away or whose membership has lapsed.

Data Portability

The subscriber database design has elements unique to the needs of the U.S. Naval Cryptologic Veterans Association and those data may not be applicable to other websites or desktop database software. Regardless, when requested, the Webmaster will provide a CSV file to any subscriber containing her or his downloadable data. These exclusions apply:

  1. Digital images uploaded by the subscriber to Profile albums the subscriber creates. (The subscriber is responsible for using the software options provided to download his or her digital images to her or his separate device.)
  2. Files, including .docx, .xlsx, .pdf, etc. uploaded by a subscriber to his or her Profile. (The subscriber is responsible for downloading copies of her or his files to his or her separate device.)

How Often Will We Update this Policy?

We will update this policy when needed due to, for example, advanced technologies, legal requirements, and changing Association business standards. You should check this article routinely.

Naval Security Group Command  Cryptology - Information WarfareCenter for Information Dominance