This policy was updated on 25 May, 2018, in accordance with the European Union General Data Protection Regulation (GDPR). We are committed to modeling best practices as global privacy standards continue to evolve, and we will be rolling out additional updates over the next several months with the goal of increasing transparency and strengthening consent across all of our systems, for all of our supporters worldwide. If you have questions or feedback regarding this process, please reach out to us at email@example.com.
- What personally identifiable information is collected through the Site;
- How such information is used;
- With whom your information may be shared;
- What security procedures are in place to protect the loss, misuse or alteration of information under our control;
- How you can correct any inaccuracies in your information, and request to be forgotten.
Information We Collect and How We Use It
Our online forms ask users to give us contact information that may include name, email address, format preference (HTML vs. text), address, interests, and similar information. We do not request or store sensitive information from our visitors, such as credit card or social security numbers. To protect your privacy, we will never send you mail with the word “psychedelic” or “psychedelics” on the outside of the envelope.
Internet Protocol (IP) Address
We collect an Internet Protocol (IP) address from all visitors to our Site. An IP address is a number that is automatically assigned to your computer when you use the Internet. We use IP addresses to help diagnose problems with our server, administer our Site, analyze trends, gather broad demographic information for aggregate use to help us to improve the site, and deliver customized, personalized content. IP addresses are not linked to personally identifiable information.
As with almost all websites, temporary log files are kept which identify some information about our visitors, including the IP addresses of machines that access the site. Our Web logs are not available to the public. These logs allow Site administrators to see how many people visit the Site, how many pages have been accessed, which pages are accessed most frequently, and which links are leading people to the site.
Standard logs (including ours) also track which pages are visited by each IP address. This information is important for us to have because it allows us to catch “denial of service” attacks (for example, individual computers accessing hundreds of thousands of pages per day). We take great care to make sure this information cannot be used to compromise the privacy and security of our visitors.
Use of “Cookies”
Third Party Providers
MAPS uses a number of third-party providers to host our website and constituent database, process donations, sell event tickets and merchandise, and manage our communications. We may share information from or about you with these third party providers so that they can perform their services or complete your requests. All shared data is transferred and stored securely, in accordance with the privacy policies of each provider. We endeavor to work with providers with privacy standards that match our own, but in some cases, third-party providers collect more information on you than MAPS does, and we encourage you to review their privacy policies, which are linked below.
Z2 Systems (Neon)
Our CRM, through which we process donations, event registrations, and product sales, as well as volunteer interest forms, and applications to the Zendo Project. Most of the data from our front-facing forms are stored in Neon.
Our payment gateway, through which credit card transactions are securely processed, and payment information is encrypted and stored for recurring donors.
Our mass email service, through which the Email Newsletter, Zendo Newsletter, Event/Outreach Volunteer Updates, and Study Recruitment Updates are sent. Your email address and any location information that you provide is used to customize certain updates by region, and is not required. We do not track opens and clicks using Mailchimp’s built-in analytics features because we do not want to store your IP address; instead, we track visits to campaign-specific URLs using Matomo, which is explained in more detail below.
Analytics and Tracking
MAPS uses Matomo, an open-source alternative to Google Analytics (GA), in an effort to reduce the amount of information that is being collected and stored about our supporters, while still empowering us to gain insights into how our website is being used. Some of our third-party providers use GA, however, and they are therefore collecting information about your activity, including your IP address. IP anonymization is a requirement of GDPR, with which all of our providers have pledged compliance, but we encourage all of our supporters to learn more about Google Analytics. Google has also provided a tool for opting out of Google Analytics that can be installed on all major browsers.
MAPS endeavors to not track the activity of our supporters in any personally identifiable way. Matomo supports us in this, and we do not use the Facebook Pixel, but some externally hosted or embedded services do engage in tracking for their own analytics purposes, as explained above. If you want to block tracking beacons and gain greater control over targeted ads, consider installing a tool like Ghostery or Privacy Badger, the latter of which is maintained by the Electronic Frontier Foundation (EFF) – the leading nonprofit defending digital privacy, free speech, and innovation.
Removal of Identifying Information
If you have previously submitted information to our Site and would like to have your name or contact information removed from the submission, please email firstname.lastname@example.org, or call our office at (831) 429-6362. Our public digital archives include several independent collections of information. Some of these archives may display names or contact information without the permission of the author. We are happy to anonymize submissions, though we will need to verify that you are the original submitter. We are also happy to delete your information from our database, in accordance with the “right to be forgotten.”
All information provided to the Multidisciplinary Association for Psychedelic Studies (MAPS) is transmitted using SSL (Secure Socket Layer) encryption. SSL is a proven coding system that lets your browser automatically encrypt, or scramble, data before you send it to us. We also protect account information by placing it on a secure portion of our Site that is only accessible by certain qualified employees of the Multidisciplinary Association for Psychedelic Studies (MAPS). Unfortunately, no data transmission over the Internet is 100% secure. While we strive to protect your information, we cannot ensure or warrant the security of such information.
Other Web Sites
Our Site contains links to other Web sites. Please note that when you click on one of these links, you are entering another Web site for which the Multidisciplinary Association for Psychedelic Studies (MAPS) has no responsibility. We encourage you to read the privacy statements on all such sites as their policies may be different than ours.
MAPS respects the privacy of all its donors. We believe in safeguarding personal information and ensuring that donor privacy is protected. Your name, address, and any other personal data you provide will be used only by MAPS to keep you informed of our activities including our programs, special events, and funding needs.
Here are the types of donor information that we collect and maintain:
- Contact information: name, organization/company (if applicable), complete address, phone number, and email address.
- Payment information: credit card number and expiration date, and billing information needed to complete transactions (no credit card numbers are retained by MAPS).
- Gift designation information by program, fund, or event, as provided by donor at time of gift.
- Information you have shared, such as general feedback, comments, or questions.=
- Requests to receive periodic updates via our online e-newsletters or through printed MAPS publications.
We routinely publish donor names in our Annual Report and e-newsletters to recognize donor support and both are available for viewing online. We honor requests from donors who prefer to give anonymously and safeguard such preferences along with stored donor contact information. If you would prefer to remain completely anonymous, we also accept a growing number of cryptocurrencies.
Our website contains links to third-party websites. If you use these links, you will leave our sites. MAPS is not responsible for the privacy practices or the content of such websites.
We process donations for a number of fiscal sponsorship projects that are in alignment with our mission. If you make a donation to a fiscal sponsorship project, the project will be clearly named on the donation form, and in the automated donation acknowledgement email. Your email address, as well as the date and amount of your donation, will be shared with the project so that they can follow up with their donors directly. Your credit card information will not be shared.
Our Commitment to Donor Privacy
- MAPS will not sell, rent, or lease your personal information to other organizations.
- Donor information is maintained in a secured database; only authorized personnel have access to this information, and only for appropriate business purposes.
- Credit card numbers submitted to process gifts or transactions are not retained by MAPS. Credit card numbers are retained by our payment processor, BluePay, to process recurring credit card donations (e.g. monthly, quarterly, or yearly donations). However, stored credit card numbers are not readily accessible to MAPS, and are totally inaccessible to any third parties.
Authorized Release of Information
MAPS may be legally required to disclose information to the IRS in the case of an audit. MAPS complies with all applicable legal requirements and standards.
Multidisciplinary Association for Psychedelic Studies (MAPS)
1115 Mission Street
Santa Cruz, CA 95060
You can also send an email to email@example.com.