OUR PRIVACY PLEDGE (GDPR)
WHO WE ARE
WorldSmart is an internationally focused association offering online guidance and support helping members access travel articles, risk management resources, exclusive benefits and insurance information. Our mission is to provide our members with access to ever-growing online community that aims to enhance the international experience through strategic partnerships, content sharing, and education.
Should you wish to refuse to accept cookies or restrict the data what we collect through our tracking software, you can alter your cookies setting in your web browser. This may however mean you will be unable to access parts of our website. For more information on cookies you can visit http://www.allaboutcookies.org/.
THE EU GENERAL DATA PROTECTION REGULATION (GDPR)
The General Data Protection Regulation is a regulation in EU law on data protection and privacy in the European Union and the European Economic Area. It also addresses the transfer of personal data outside the EU and EEA areas.
INFORMATION WE COLLECT
We may collect personal information about you from a variety of sources. A great deal of the information we collect comes from you during your application to become a WorldSmart member. We may collect information about you to provide you with WorldSmart benefits. We may also collect information about you from our trusted partners, such as Clements Worldwide. The information we collect can include such things as information concerning the benefits you have received from our partners.
HOW WE USE YOUR INFORMATION
We may use the information we collect to send you information about our products and services. We may use the information we collect for analytical purposes and to assist us in improving our processes, products and services. We will use your information collected to comply with applicable laws and regulatory obligations (including laws outside your country of residence) and establish and defend legal rights. We will also use your information to handle requests for data access or correction as well as when we are resolving complaints.
You have the right to know what information is held about you. GDPR in the EU provides a framework to ensure that personal information is handled properly. This information must be:
- Processed fairly, lawfully and in a transparent manner
- Processed for specific, legitimate and lawful purposes
- Adequate, relevant and not excessive
- Accurate and up to date
- Not kept for longer than necessary
- Processed in line with an individual’s rights
- Not transferred other than in accordance with agreed terms and conditions
INFORMATION WE DISCLOSE TO THIRD PARTIES
We may share personal information about you with third parties (that is, people and companies that are not affiliated with us) only as appropriate or necessary to provide you with our products and services and as otherwise permitted by law.
Persons and other third parties to whom we may make such disclosures may include persons who perform a business function for us or law-enforcement authorities (The represented companies may share information with their affiliates so that they may offer you additional products and services. They do not disclose information to other companies or organizations not affiliated with them for the purpose of using information to sell their products or services to you.) attorneys who are retained by us or by them, and persons requesting information pursuant to subpoena or court order.
INTERNATIONAL TRANSFER OF PERSONAL DATA
Due to the global nature of our business, for the purposes set out above we may transfer Personal Information to parties located in other countries. We may transfer information internationally to our partners, service providers, business partners and governmental or public authorities. If your data originate in the European Economic Area (EEA), we may send your data outside the EEA for processing and storage. By submitting your personal data to us you are consenting to the storage and transfer of your data in this way. If we do this, we will take reasonable steps to protect your data. Such transfer will comply with all applicable data protection regulations and with our obligation to adequately protect and secure your personal information.
RETENTION OF PERSONAL DATA
By providing your personal information to WorldSmart you consent to the processing, transfer and retention of your personal data. We do not knowingly collect, use, or disclose information of children under the age of sixteen (16) without the consent of their parents or legal guardians. In any instance where such information was collected, it would be purely accidental and unintentional.
SUBJECT ACCESS REQUEST
THE CALIFORNIA CONSUMER PRIVACY ACT OF 2018 (“CCPA”)
The following information applies solely to visitors, users and others who reside in the state of California. We adopt this policy to comply with the California Consumer Privacy Act of 2018 (“CCPA”)
INFORMATION WE COLLECT
We may collect some information that identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or device (“personal information”). In particular, we may have collected some the following categories of personal information from consumers within the last 12 months:
|Identifiers||A real name, alias, postal address, unique personal identifier, online identifier, internal protocol address, email address, account name, , other similar identifiers.|
|B. Personal information categories listed in the California customer records statute (Cal.Civ Code 1798.80)||A name, signature, security number, physical characteristics or description, address, telephone number, education, employment, employment history, some personal information included in these categories may overlap with other categories.|
|C. Protected Classification characteristics under California or federal Law||Age (40 years or older) race, colour, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information).|
|D. Commercial information||Some records of property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.|
|F. Internet or other similar network activity||Browsing history, search history, information on a consumer’s interaction with a website, application, or advertisement|
|G. Geolocation data||Physical location or movements.|
|I. Professional or employment-related information||Current or past job history|
The provision of such information is necessary for us to be able to administer your membership. Such information will only be used for the specific purposes set out in our notice. Personal information does not include: publicly available information from government records, de-identified or aggregated consumer information and information excluded from the CCPA’s scope.
HOW WE OBTAIN PERSONAL INFORMATION
We obtain the categories of personal information listed above from a number of sources such as; directly from our clients or their agents, indirectly from our clients or their agents, directly and indirectly from activity on our website https://worldsmartassociation.com and from third parties that interact with us in connection with the service we perform.
USE OF PERSONAL INFORMATION
We may use the personal information we hold about you for the purposes for which the information was collected (e.g., helping to connect you with insurance through one of our trusted partners); servicing and administering benefits and any other related purposes, pricing or statistical purposes. We may also use your data to safeguard against fraud and to meet our general legal and regulatory obligations or to respond to law enforcement requests.
SHARING PERSONAL INFORMATION
We may disclose your personal information for business purposes to third parties involved in providing products or services to us, or to service providers who perform services on our behalf. These include affinity partners and regulatory authorities, and as may be required by law. In the preceding twelve (12) months, we have disclosed the following categories of personal information for a business purpose;
- California customer records personal information categories
- Protected classification
- Commercial information
- Internet or other similar network activity
- Geolocation data
- Professional or employment-related information.
In the preceding twelve (12) months we have not sold any personal information.
The CCPA provides consumer (California residents) with specific rights regarding their personal information. You have the right to request that we disclose certain information to you about our collection and use of your personal information over the past 12 months. Once we receive and confirm your request, we will disclose to you:
- The categories of personal information we collected about you
- The categories of sources for the person information we collected
- Our business or commercial purpose for collecting that personal information
- The categories of third parties with whom we share that person information
- The specific pieces of personal information we collected about you
- Whether we sold or disclosed your personal information for a business purpose.
You have the right to request that we delete any of your personal information that we collected from you and retained, subject to certain exceptions. Once we received and confirm your consumer request, we will delete your personal information from our records, unless an exception applies.
We may deny your deletion request if:
- Complete the transaction for which we collected the personal information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform our contract with you.
- Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities.
- Exercise free speech ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law.
- Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 seq.).
- Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information’s deletion may likely render impossible or seriously impair the research’s achievement, if you previously provided informed consent.
- Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us.
- Comply with a legal obligation.
- Make other internal and lawful uses of that information that are compatible with the context in which you provided it.
To exercise the access, data portability, and deletion rights described above (GDPR & CCPA) please submit a consumer request to us by contacting email@example.com
Only you or a person registered with the California Secretary of State that you authorize to act on your behalf, may make a verifiable consumer request related to your personal information. You may also make a verifiable consumer request on behalf of your minor child.
You may only make a verifiable consumer request for access or data portability twice within a 12-month period. The verifiable consumer request must:
- Provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative.
- Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.
We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you. Making a verifiable consumer request does not require you to create an account with us. We will only use personal information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request.
We endeavour to respond to a verified consumer request within 30 days of its receipt. Any disclosures we provide will only cover the 12-month period preceding the verifiable consumer request’s receipt.
We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.
We will not discriminate against you for exercising any of your CCPA rights. Unless permitted by the CCPA, we will not deny you goods or service, charge you different prices or rates for goods or services, provide you with a different level or quality of goods or services or suggest that you may receive a different price or rate for goods or services.
We restrict access to personal information about you to those employees who need to know that information in order to provide products and administrative services to you. We maintain physical, electronic and procedural safeguards to guard your personal information. If you have any questions concerning our use of your personal information, please contact firstname.lastname@example.org.
1301 K Street NW, Suite 1200 West
Washington, DC 20005
P: +1.800.872.0067 or +1.202.872.0060
For information concerning WorldSmart Association please visit https:worldsmartassociation.com