SIG assures its members, event participants and visitors to its website(s) that information provided online is used responsibly and appropriately. To protect online privacy, SIG has implemented the following policy. Please read this policy carefully as it provides answers to questions regarding personal data and your legal rights with respect to that data. If our privacy policies change, they will be updated on this page and if they are changed in a material way, we will notify all users by email or by special announcement.
- What information does SIG collect and when is it collected?
- How does SIG use data collected?
- Who does SIG share your personal data with?
- How does SIG use profiling?
- How long does SIG keep your personal data?
- What are your legal rights?
- Anything else that is important to know?
- What means of redress are available?
What information does SIG collect and when is it collected?
Most of the data SIG collects is used only to help us better serve our members. It is our general policy to collect and store only personal information that our members and visitors knowingly provide.
From General Visitors. SIG does not collect any personal information from users browsing its website(s) if they are not already in the respective SIG, SIG University and/or Future of Sourcing databases and logged in. Known contacts that are not logged in are identifiable by their IP addresses through the use of a marketing automation tool. General website visitors who are not already in the SIG, SIG University and/or Future of Sourcing database(s) are not tracked. We also track aggregate data, such as the number of hits per page. Aggregate data are only used for internal and marketing purposes and do not provide any personally identifying information.
From SIG's Members, Event Registrants, Award Nominees and Other Partners. To gain access to members-only resources and personalization features on the SIG websites, members and other users are asked to register and provide limited information. This information is submitted voluntarily. Personal information may also be collected when someone:
- registers for a SIG event (e.g., Summit, SIGnature event, Executive Immersion Program, CPO Meet & Eat, Webinar, Town Hall Teleconference, etc.)
- submits a nomination for a Future of Sourcing award
- responds to a peer to peer request
- fills out a form as a result of an advertisement
- applies for a job
- is photographed or videotaped at a SIG event
- requests a subscription to a newsletter, blog or other publication
- completes a survey
- enters a SIG contest.
The information we collect includes name, email address, title, company name, office address, phone number(s), event details (e.g., arrival and departure dates), marketing preferences, device information and (if logged in) IP address and browsing history. If attending an event, we collect credit/debit card details related to that event. SIG does not disclose credit card account information provided by its members and prospects. When members and prospects choose to pay using their credit cards, SIG submits the information needed to obtain payment to the appropriate clearinghouse and does not save that information.
How does SIG use data collected?
Generally, SIG uses data collected to improve its own web and mobile content; to respond to visitors' interests, needs and preferences; and to develop new products and services. However, we also use data to:
- contact members and prospective members with upcoming event details;
- distribute information in the form of newsletters;
- inform contacts of SIG University curriculum changes and semester start dates;
- announce major SIG-related news;
- share information on partner benefits for SIG members;
- provide SIG University students with critical course information;
- ask for feedback in the form of surveys;
- provide you with information that you request from us or that we think you may be interested in based on preferences you have selected;
- fulfill any obligations we may have based on contracts we have entered into with you or your company;
- provide services at hotels where we hold events, for example for hospitality or safety purposes;
- respond to any complaints or service issues that you report;
- promote SIG through videos and photos; and
- notify you about any changes to our policies.
Through our marketing automation tool (Hubspot), we send emails based on the permissions you have granted in our preference center, and collect specific information regarding what recipients do with those emails. Specifically, SIG monitors:
- recipient clicks to links included
- email open rates
- time spent viewing email
- email client used to view email
We use that information to make decisions on how to best reach and interact with our members.
Please note: If you have given us your consent to reach out to you, you may withdraw your consent at any time by: clicking the unsubscribe link in the footer of any email you receive from us, updating your preferences also available in the footer of any email or by contacting us at firstname.lastname@example.org.
Who does SIG share your personal data with?
SIG shares personal data with other SIG companies as identified above. SIG also:
- Shares information with service providers who help manage any of our IT and back office systems. In those situations where information is legitimately shared with a third party, SIG will obtain reasonable reassurances that the data will be properly protected and processed for lawful reasons.
- Makes limited contact information available to those delegates who register for networking events, partners and to select event sponsors. This limited data includes names, job titles, company names and in some cases, email addresses. Provider recipients of attendee lists must sign a Provider Code of Conduct that prohibits the use of these lists to distribute any commercial information. Members or other delegates may request that SIG refrain from disclosing the data it collects to third parties on the membership application form, event registration form or any other form on which they are providing information; an opt-out box will appear on each form on which a member or other delegate provides information. Alternatively, users may contact SIG at email@example.com express their preferences if they determine later that they do not wish to have the information shared.
- May share information in the event of legal proceedings or in case of a corporate transaction such as a merger, acquisition, consolidation, divestiture or in the unlikely event of a bankruptcy.
How does SIG use profiling?
Based on the preferences you have stated for receiving information from us, SIG may segment and “profile” our members, prospects, students and contributors to ensure that any marketing materials you receive are tailored to your preferences and to what we think you will be interested in. SIG occasionally uses your browsing history to deliver customized and personalized advertisements, offers and content to you as well.
How long does SIG keep your personal data?
We will keep your personal data for as long as is reasonably necessary for the purposes listed within this policy. When you have not engaged with SIG in any way for more than three years and your personal data is not necessary for legal, regulatory, tax or accounting purposes, we will safely anonymize and delete it.
What are your legal rights?
You have many rights associated with your personal data, including the right to:
- Give consent for your data’s use: For any members, prospects, students or contributors who are known to reside in a country within the European Union, SIG will request express permission for us to hold your data and will inform you on how we will use it. Without your explicit approval, SIG will not send you marketing materials or reach out to you for any purposes and will delete your data after three years should you not provide approval or interact with SIG within that time frame.
- Access and rectify your data: You have the right to ask us for a copy of the data we are holding on you, including—for those in the European Union—the right to see how and when you provided consent for us to use that data. You have the right to know who we disclose your data to, whether we transfer it abroad, how we protect your data and how to make a complaint. If your personal data is inaccurate, you have the right to correct it.
- Restrict your data: You have the right to ask us to restrict (i.e., hold but not use) your data, but only if its accuracy is contested, to allow us to verify its accuracy; the processing is unlawful but you do not wish for it to be erased; it is no longer needed for the original purpose but is still required to establish, exercise or defend legal claims; or you have exercised a right to object and verification of any overriding grounds is pending. We may continue to use your data following a request for restriction if:
- We have your consent;
- It is required to establish, exercise or defend legal claims; or
- It is needed to protect the rights of another person
Please note that as it relates to marketing, we will maintain and utilize a suppression list and will not send you marketing content if you have opted out of receiving that content and/or if you are in the European Union and have not opted in.
- Erase your data: You have the right to be forgotten by asking us to delete any and all data we hold on you. Although it may make us sad, we will let you go if:
- the data is no longer needed for the original purpose;
- you have withdrawn your consent (if required); or
- it has been unlawfully processed
We are not required to fulfill a request to be forgotten if: your data is required for us to comply with a legal obligation or in relation to a legal claim; or if your data is necessary to exercise the right of freedom of expression or interest or for archiving purposes in the public interest or for scientific, statistical or historical research purposes.
- Port your data: You have the right to portability, which means that you may ask us to: port your data to another Data Controller; or provide it to you in a structured, commonly-used, machine-readable format, but only if the processing of data is based on your consent or in relation to a contract with you and the processing is automated.
Anything else that is important to know?
What means of redress are available?
We will take commercially reasonable measures to secure and store your Information to protect against the loss, misuse and alteration of the Information under our control. We utilize industry-standard security measures when accepting your credit card Information during your registration or other transaction you have initiated with us, as well as whenever we ask you to log in to any of our sites. If any member or other delegate suspects SIG has handled its personal information in a manner that does not comply with this privacy statement, please contact us via email, phone at 904-310-9560 or mail. The data controller for the purpose of the General Data Protection Regulation (GDPR) and other data protection laws applicable to European Union members is:
Sourcing Industry Group (SIG)
6 North 2nd Street, Suite 202
Fernandina Beach, FL 32034