ACM & ACM-W Privacy Policy
The Association for Computing Machinery (“ACM“, “we“, “us” or “our“) is committed to protecting the privacy of its members and other individuals with whom it interacts.
This Privacy Policy (“Policy“) explains how we use and maintain the privacy of personal information we collect online in connection with the acm.org web site (the “Web Site“). For the purposes of any applicable data protection laws (including the EU General Data Protection Regulation), the data controller in relation to your personal information is the Association for Computing Machinery, 1601 Broadway, 10th Floor, New York, NY 10019-7434.
This Policy will apply to personal information ACM collects or otherwise receives about third parties (“you“), including ACM members (“Members“), when you use our Web Site or otherwise engage with us. Personal information which is provided to us, or otherwise obtained by us, from which you can be identified (“Personal Information“) will only be used in the manner set out in this Policy. By visiting and/or contacting us through the Web Site (or otherwise engaging with us), you need to be aware that we may collect, use and transfer your Personal Information in the manner described in this Policy.
1. How We Collect and Use Your Personal Information
ACM only collects Personal Information that is relevant to its activities and seeks to ensure the Personal Information is accurate and up-to-date. Personal Information collected by ACM may include: your name, address and contact details, including your email address and telephone number, age range, gender, whether you identify as a member of an underrepresented group, and if you have a disability. The Personal Information that ACM collects and that you provide to us may occasionally be used to improve our Web Site and wider offerings (on a confidential basis) or to enable us to comply with our legal obligations. Aside from this, we will only use your personal information for staying in touch with you (as described in more detail below) and generally for the purposes for which you provided it, including in order to:
- process your request to join ACM as a member, and for the renewal and update (and general administration) of your membership;
- process orders and supply the products and/or services you have requested and provide information or support to you in respect of those products and/or services;
- process your application and registration for a conference, contest, or other activity.
Member Databases
ACM maintains member databases that contain mailing, billing, and Member profile information (such as your name, address, and contact details), as well as a record of each Member’s product and service purchases. ACM also maintains databases of Member and non-member purchases and of registrations for conferences and other ACM activities. The information in these databases is used by authorized ACM staff members to process orders; mail invoices, purchases, renewal notices, and announcements; respond to Member inquiries; and help us improve our offerings. Member records are maintained as long as an individual is an ACM member and for two years following a membership lapse. Purchases and credit card transactions are retained for as long as required to meet contractual, tax, or auditing needs.
All personally identifiable information contained in ACM membership, purchase, and registration databases is treated as confidential and will be used only for the purposes stated in this Policy, except where required by law.
Sanctions Database
ACM maintains a secure database that contains details of complaints filed with respect to suspected violation(s) of ACM policies. Any complaint received regarding suspected violations of these policies will be addressed in accordance with ACM’s complaints procedures. Information about complaints and their resolution will remain in this database for two years following the expiration of the sanction. In the case of harassment complaints that could not be investigated due to reporting anonymity or requests to only be investigated if there were additional reports, the complaints will remain in the database for 10 years. Information about sanctions will be revealed only to authorized volunteers on a need-to-know basis.
ACM Emails
From time to time, ACM may send emails to Members or other visitors to the Web Site, such as:
- “Must Have” messages that help to service ACM Members including answers to Member questions; acknowledgments of the receipt of membership applications, renewal notices, and other orders;
- Occasional “Member Update” announcements about ACM services that we believe to be of some importance to Members. These announcements are short, straightforward messages that contain pointers to online resources where members can explore the information more fully;
- Email messages that are part of a program for which a Member has registered (e.g. an ACM Digital Library early alert email system); and
- Where we have the consent of Members or users, emails targeted at specific ACM groups and which are on distribution lists (e.g. special interest group members, chapter officers, etc.). Only ACM headquarters staff can create and support “acm.org” email distribution lists.
ACM does not sell, rent, or exchange email addresses of its Members and customers. If at any time you decide that you no longer wish to receive any of the emails described above, you may do so by using the “unsubscribe” instructions set out at the bottom of each email.
ACM Web Accounts
Some portions of the ACM Web Site, specifically the ACM Digital Library, require an ACM Web Account for both Members and visitors. To create an account, ACM Members and customers must provide their name, Member number (if applicable), and email address. They are assigned a “username” (which they may change) and asked to create a password and provide the day and month of their birth (for account verification purposes).
Non-members are asked for their names and email address when they create their accounts. ACM may send information about ACM products and services that we think may be of interest to non-member ACM Web account holders via email. If at any point you decide that you do not want to receive these emails, you may do so by using the “unsubscribe” instructions set out at the bottom of each email.
Postal Mail
ACM also sends information to its Members via post, using the address details provided by Members via the Web Site when they join. ACM provides two postal mailing list options to its Members, as follows:
- ACM Subscription & Renewal Notices: receive only products subscribed to plus renewal invoices.
- ACM Announcements: information about ACM’s Member Value Plus Program (a program offering discounts on products and services other than ACM’s.
You can withdraw your consent to us sharing your Personal Information with our Member Value Plus Program partners in this way at any time. To do so, or to otherwise update your postal tolerance, you will need to contact ACM’s Member Services Department by phone: +1-212-626-0500, 1-800-342-6626, fax: +1-212-944-1318, or email: acmhelp@acm.org. You can also go to myacm.acm.org.
2. Technical Personal Information
Other than in the restricted-access portions of the Web Site that require an ACM Web Account, ACM does not log the identity of visitors. However, we may keep access logs, for example containing a visitor’s IP address and search queries. We may analyze log files periodically to help maintain and improve our Web Site and enforce our online service policies. ACM only uses analytical cookies and does not use any user-specific targeting cookies.
A cookie is a small file of letters and numbers that is placed on your device. Cookies are only set by ACM when you visit restricted portions of our Web Site and help us to provide you with an enhanced user experience. Raw log files are treated as confidential.
Information collected about ACM Web account usage (including logs of Web pages visited, searches performed, and Digital Library content downloaded) will be stored in an anonymized form and used to improve the ACM Digital Library and other ACM Web offerings.
3. Third Parties
From time to time, we may share Personal Information about ACM Members and customers with third parties where we have your explicit consent or it is necessary (i) for the performance or provision of the goods or services you have requested, (ii) to process your application and registration for a conference, contest or other activity (for example, for the capture and storage of conference registration information we use the services of CVENT – see privacy policy at https://www.cvent.com/en/cvent-global-privacy-policy), (iii) in response to valid legal process (for example, a search warrant, subpoena, or court order), or (iv) our legitimate business interests.
Third parties with whom your Personal Information may be shared include outside contractors, auditors, consultants, and others hired by ACM to assist in carrying out financial or operational activities. ACM informs these third parties about safeguarding personal information, and requires them to use it only for an authorized purpose consistent with this Policy, and to return it to ACM or destroy it upon completion of the activity.
Conversely, ACM may receive Personal Information from these third parties that they collect from you in the course of any engagement you have with them. Where this is the case, once ACM is holding your Personal Information it will be treated in accordance with this Policy.
4. Global Transfer of Personal Information
ACM is located in the United States and consequently the Personal Information you provide to ACM will be transferred to and stored on servers in the United States of America. However, you should be aware that, regardless of where your Personal Information is stored, we take all appropriate steps to protect your Personal Information from unauthorized access and against unlawful processing, accidental loss, destruction and damage. To the extent that your Personal Information is transferred outside of the UK and/or EU to a third party operating on our behalf outside of the UK/EU, we shall ensure that the transfer is conducted in accordance with our obligations under all applicable data protection laws.
ACM is an international organization and in using and processing your Personal Information it may on occasion be transferred to, stored and/or processed by our offices outside the United States which are located outside of your country of residence. Any such transfer of your Personal Information from your country of residence will be in relation to our use and retention of your Personal Information as described in this Policy. By submitting your Personal Information, you are acknowledging this transfer, storage and processing. As ACM recognizes the importance of data security, we require all of our offices to handle your data in accordance with this Policy or equivalent data protection provisions, subject to their compliance with local law requirements.
5. Links
Our Web Site may, from time to time, contain links to and from the web sites of third parties. If you follow a link to any of these web sites, please note that these web sites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any Personal Information to these web sites.
6. Security
The security of personal information is important to ACM. ACM maintains all personal data with technical, administrative, and physical safeguards to protect against loss, unauthorized access, destruction, misuse, modification, and improper disclosure. No computer system or information can ever be fully protected against every possible hazard. ACM provides reasonable and appropriate security controls to protect personal information against foreseeable hazards.
7. Changes to this Policy
Any changes we may make to this Policy in the future will be posted on our Web. It is your responsibility to ensure that you are aware of the latest version of this Policy and by continuing to use our Web Site or otherwise engage with us, you will be deemed to accept any revised terms.
8. Updating your Personal Information
You can find out what Personal Information ACM holds about you by contacting us at dpo@acm.org. In the event that any of the Personal Information we hold about you is incorrect, you can ask us to update it or remove it.
ACM Members may access the Personal Information contained in their membership records and correct and update their member profile and mailing information by logging into myACM and clicking on the “My Contact Information” link at left. For further assistance please contact ACM’s Member Services Department by phone: +1-212-626-0500, 1-800-342-6626, fax: +1-212-944-1318, or email: acmhelp@acm.org.
9. Contact Us
Questions, comments, and requests regarding this Policy should be sent to privacy@acm.org.
For more information about ACM’s management of personal data, contact us at dpo@acm.org.