Website Data Collection Compliance Policy

Introduction

This Data Collection Compliance Policy outlines how our website collects, uses, and protects

personal information from users. It ensures that data collection practices comply with applicable

privacy laws and regulations.

1. Scope

This policy applies to all visitors and users of our website, as well as all data collected through

forms, cookies, tracking technologies, and other mechanisms. It governs the collection, storage,

usage, and sharing of personal information, including any information that can be used to

identify or contact an individual (hereinafter referred to as "personal data").

2. Types of Data Collected

2.1 Personal Data

We may collect the following personal data when users interact with our website:

 Contact Information: Name, email address, phone number, and mailing address.

 Account Information: Username, password, and other account-related information.

 Financial Information: Payment information, credit card details, and billing information

when making purchases or transactions.

 Preferences: Information about user preferences, interests, and behavior on the site.

2.2 Non-Personal Data

We may collect non-personal data that cannot be used to directly identify an individual,

including:

 Device Information: Browser type, operating system, and IP address.

 Usage Data: Pages visited, time spent on the site, referral URLs, and other interaction

metrics.

 Cookies and Tracking Data: Information collected through cookies, pixel tags, and

similar technologies.

3. Data Collection Methods

We collect data through the following methods:

 Voluntary Submission: Data that users provide when completing forms, signing up for

newsletters, making purchases, or contacting customer service.

 Automated Collection: Data automatically collected through cookies, web beacons, and

other tracking technologies while users navigate the website.

 Third-Party Integrations: Data collected from third-party services or platforms

integrated with our website, such as social media logins or payment processors.

4. Purpose of Data Collection

The data we collect is used for the following purposes:

 Service Provision: To provide and manage services requested by users, such as creating

accounts, processing payments, and delivering products.

 Customer Support: To respond to user inquiries, provide technical support, and manage

customer service requests.

 Marketing and Communication: To send newsletters, promotional offers, and other

communications that users have consented to receive.

 Personalization: To tailor content, recommendations, and ads based on user preferences

and behavior.

 Analytics: To analyze website traffic, user behavior, and engagement to improve website

performance and user experience.

 Compliance: To comply with legal obligations, enforce terms of service, and protect the

website from misuse or fraud.

5. Legal Basis for Data Processing

We process personal data based on the following legal grounds:

 User Consent: When users provide consent (e.g., signing up for newsletters or accepting

cookies).

 Contractual Necessity: To fulfill contractual obligations, such as processing payments

or delivering services.

 Legitimate Interests: When processing is necessary for the legitimate interests of the

business, provided that these interests are not overridden by the user’s privacy rights

(e.g., fraud prevention or website analytics).

 Legal Compliance: When required by law to process or share personal data (e.g., in

response to legal requests or tax obligations).

6. Data Sharing and Disclosure

We do not sell or share personal data with third parties except as described below:

 Service Providers: We may share data with third-party service providers who help us

operate the website, process payments, or deliver products and services (e.g., hosting

services, payment processors).

 Legal Compliance: We may disclose data in response to legal requests, such as

subpoenas or court orders, or to comply with applicable laws.

 Business Transfers: In the event of a merger, acquisition, or sale of assets, personal data

may be transferred to the new entity.

 User Consent: We may share data with third parties when users have given explicit

consent to do so (e.g., for participation in third-party promotions).

7. Data Storage and Security

7.1 Data Retention

We retain personal data for as long as necessary to fulfill the purposes outlined in this policy or

as required by law. Once personal data is no longer needed, it will be securely deleted or

anonymized.

7.2 Data Security

We use appropriate technical and organizational measures to protect personal data against

unauthorized access, disclosure, alteration, or destruction. These measures include:

 Encryption: Encrypting sensitive data, such as payment information, during

transmission.

 Access Controls: Limiting access to personal data to authorized personnel only.

 Security Audits: Conducting regular audits and assessments of security practices.

8. User Rights and Choices

Users have the following rights concerning their personal data:

 Right to Access: Users can request access to the personal data we hold about them.

 Right to Rectification: Users can request corrections to any inaccurate or incomplete

personal data.

 Right to Deletion: Users can request the deletion of their personal data, subject to legal

exceptions.

 Right to Object: Users can object to the processing of their data for specific purposes,

such as direct marketing.

 Right to Data Portability: Users can request a copy of their personal data in a

commonly used format.

 Right to Withdraw Consent: Users may withdraw their consent for data collection or

processing at any time.

To exercise these rights, users should contact the owner of this website.

9. Cookies and Tracking Technologies

Our website uses cookies and similar tracking technologies to enhance user experience and

collect data about website usage. Users can control cookie preferences through their browser

settings.

10. Policy Updates

We may update this policy periodically to reflect changes in our data practices, legal

requirements, or business operations. Users will be notified of any significant changes to this

policy through the website or via email.

11.  SMS Policy

 If you wish to receive communications, you can opt in by logging into your web portal

account and managing your account’s notification settings.

 If you wish to be removed from receiving future communications, you can opt out by

texting STOP.  Messaging frequency and rates may apply

 If you wish to opt in after having opted out of communications, you can opt in by texting

START or by managing your account’s notification settings through your web portal

account.

 Mobile information will not be shared with third parties/affiliates for

marketing/promotional purposes. All the above categories exclude text messaging

originator opt-in data and consent; this information will not be shared with any third

parties.

12. Contact Information

For questions about this policy or concerns regarding data collection practices, please contact:

City of Harrisburg

110 E. Locust Street

Harrisburg, Illinois 62946

618-253-7451