*** This policy awaits approval from APTA's Board of Directors***
describes the information we collect when you become a member of APTA and/or
purchase goods/services from APTA. This
policy sets out how we use, disclose, and protect this information. This policy
also tells you about rights and choices you may have with respect to your
information, and how you can reach us to update your information or get answers
to questions you may have about our privacy practices. Your access and use of
our website indicates your consent to the terms of this policy and our Terms of
Information We Collect and You
To be an APTA
member or purchase goods/services from APTA, we require you to provide us with
certain information, including: (1) your name, location, and your contact
information (such as your e-mail address, phone number, billing and physical
address); and (2) payment information (such as your credit or debit card
number, bank account routing number, and billing and shipping address). If you
communicate with us by, for example, e-mail, telephone, online form, any
information voluntarily provided in such communication may be collected. Note,
when you become a member of APTA or purchase goods/services from APTA, our
payment processor directly collects and processes the payment information that
you provide, as necessary to complete your membership/purchase.
In order to be
an APTA member or purchase good/services from APTA, we may ask you to provide
information about your company, which includes, but is not limited to: company
name, company address, billing and payment information, location, team size,
budget, payment information (e.g. payment number and invoice details), and
In some cases,
APTA members can assign several levels of administrative access to their
personnel that use our APTA website. You should be aware that certain user
roles include heightened privileges with an account on our website and may be
able to access, view, and edit your information, as needed to perform their
functions. For example, some users can enter information on behalf of their
fellow team members, access, edit, or otherwise change information on the account.
In addition, some users may have the ability to view information about team
members without the ability to edit or change the information.
Information We Receive from Third
In order to
support your APTA membership or purchase of good/services, we may also collect
information about you from credit card processors, sales, and housing bureau
third party partners and combine it with other information we collect from you.
Automatically Collected Information
We automatically collect information when you become an
APTA member or purchase goods/services from APTA. We may also track user
tracking technologies. Cookies are small text files that web servers place on
your device; they are designed to store basic information and to help websites
and applications recognize a browser. Cookies help us track and target the
interests of our members to enhance their experience with our association. We
use IP address to derive your approximate location. We work with analytics
to collect and analyze information about use of the website and report on
activities, trends, and demographics. You can learn about Google’s practices by
going to www.google.com/policies/privacy/partners/, and opt out of them by downloading
the Google Analytics opt-out browser add-on, available at tools.google.com/dlpage/gaoptout. For information about how to opt-out
and Choices section below.
How We Use Information
We may use the
information we collect for various purposes, including:
Providing & Improving Our Services
When you become
an APTA member or purchase goods/services from APTA, we use the information you
provide to create and maintain your account. The information we collect also
helps us improve, enhance, personalize, and promote our association.
communicate with you if you’ve provided us the means to do so. For example, if
you’ve provided your phone number, we may call you to discuss association
activities/events, to the extent permitted under applicable law. If you’ve
given us your email address, we may send you promotional email offers or email
you about APTA events, to the extent permitted under applicable law. If you do
not want to receive promotional emails from us, please indicate your preference
by opting-out via the links provided in the emails. Note, that if you opt-out
of receiving our promotional emails, you may still receive transactional emails
We reserve the
right to access, use, preserve, transfer, or disclose, at any time without
notice to you, any information as reasonably necessary to: (1) comply with any
applicable law, regulation, subpoena, or legal process, or respond to any
governmental requests or regulatory investigation and to cooperate with law
enforcement, if we believe such action is required or permitted by law; (2)
violations; (3) protect the safety, integrity, rights, or security of our
users, our Services or equipment, or any third party; or (4) detect, prevent,
or otherwise address fraud, security, or technical issues related to APTA.
We may also
perform data analyses (including anonymization of personal information).
We may process
personal information in connection with prospective service engagements,
partnerships or vendor relationships.
Data Controller and Processor
Note that when
we collect personal information provided by our members or when a good/service
is purchased, we are a data controller and we collect personal information for
very limited purposes. In addition, we
often use third-party vendors to process personal information and we have
contracts in place requiring those data processors to protect your personal
information consistent with this policy.
How We Disclose Information
We may disclose
the information we collect, including in the following ways:
We may share
your information with other APTA members and other APTA affiliates and
subsidiaries, on a limited basis as is reasonably necessary or desirable for us
to disclose your information in order to carry out the above-mentioned
information processing purposes.
credit card processors, sales, and a housing bureau service provider to perform
tasks on our behalf when providing the services to our members. We do not
authorize these service providers to use or disclose the data except as
necessary to perform tasks on APTA’s behalf or comply with legal requirements.
If you would like to review a list of the third-party services used to support APTA,
please see our sub processors list.
our third-party analytics vendors may set and access their own cookies, pixel
tags and similar technologies to collect or have access to information about
you which they may collect over time and across different websites, to provide
us with aggregate information.
We reserve the
right to access, read, preserve, and disclose any information that we
reasonably believe is necessary to comply with law or court order; enforce or
rights, property, or safety of APTA, our employees, our users, or others.
de-identify your information and process and share it in an anonymous and
aggregated form for purposes in addition to those described above. For example,
we may share aggregate reports about business metrics.
Your Rights and Choices
You may update
your preferences, ask us to remove your information from our mailing lists,
delete your membership account, submit a request to exercise your rights
available under applicable law, or express your concern about the use of your
information at any time. To do so, please contact us via the email address or
phone number provided below in the Contact Us section. Additionally, you may
choose not to provide information to us. However, if you do not provide
information when requested, you may not be able to benefit from APTA membership
or purchases from APTA as the information may be necessary to provide you with
the services or we may be legally required to collect it in the context of the APTA
membership. Please note that if you cease being an APTA member, we will terminate
your access to all APTA member services and you may no longer have the ability
to access or update your information.
browsers allow you to manage your preferences relating to cookies. You may be
able to adjust your browser to manage cookies using your browser’s preferences,
however, if you choose to block cookies, doing so may impair the use of APTA
GDPR Rights for EU Individuals
Pursuant to the
EU General Data Protection Regulations, we may obtain your opt-in consent at
the time of collection for the processing of certain information for direct
rely on consent for the processing of your information, you may have the right
to withdraw your consent at any time and, when you do so, this will not affect
the lawfulness of the processing before your consent withdrawal. Under certain
jurisdictions, you may have the right to request access to and receive
information about the information we maintain about you, to update and correct
inaccuracies in your information, to restrict or to object to the processing of
your information, have the information deleted, or to exercise your right to
data portability, as appropriate. Those rights may be limited in some
circumstances by local law requirements. In addition to the above-mentioned
rights, you have the right to lodge a complaint with a competent EU supervisory
authority subject to applicable law. Please refer to http://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm if you would like to locate the appropriate
Data Protect Authority.
committed to protecting your information. We seek to use reasonable
organizational, technical, and administrative measures to protect information
within our organization. We also take measures to delete your personal
information or keep it in a form that does not permit identifying you when this
information is no longer necessary for the purposes for which we process it or
when you request their deletion. Unfortunately, no data transmission or storage
system can be guaranteed to be 100 percent secure. Your password protects your
user account, so you should use a unique and strong password, limit access to
your computer and browser, and log out after having used our website. If you
have reason to believe that your interaction with us is no longer secure (for
example, if you feel that the security of any account with us has been
compromised), please immediately notify us of the problem by contacting us in
accordance with the Contact Us section below.
requests to delete or remove your information do not necessarily ensure
complete or comprehensive removal of the content or information posted and
removed information may persist in backup copies indefinitely. Please note that
if you choose to delete your information or opt-out of the collection and use
of your information, you understand that certain features, including but not
limited to access to the Services, may no longer be available to you.
We may store
the information we collect about you indefinitely, but information generally
will be retained only for as long as necessary to fulfill the purposes for
which the information was collected, or as other required by law. Following termination or deactivation of an
APTA membership, APTA may retain your information and content for backup,
archival, and audit purposes.
and services are not directed to children under the age of 16. We do not
knowingly collect personal information from children under 16.
Updates to this Policy
From time to
time we may, in our discretion, make changes to this Policy. The “Last Updated”
revised. If we make material changes, we may notify you by sending you an email
periodically to stay up-to-date about our privacy practices. Your continued membership
in APTA or the purchases of goods/services from APTA after we have updated this
Policy constitutes your acceptance of the changes.
If you have
questions about this Policy please contact us:
American Public Transportation Association
1300 I Street NW, Suite 1200
Washington, D.C. 20005
APTA Privacy Shield Policy for EU & Swiss Personal Data Transferred
to the U.S.
comply with the EU-U.S. Privacy Shield Framework and Swiss-U.S. Privacy Shield
(the “Frameworks”) as set forth by the U.S. Department of Commerce regarding
the processing of Personal Information (as defined below) that is transferred
from the European Economic Area (“EEA”) and Switzerland to the United States,
respectively. APTA created this Privacy Shield Policy to help you learn about
how we handle Personal Information that is collected in the EEA and Switzerland
and transferred to APTA in the U.S.
If there is any conflict between this Policy and the
Principles, the Principles will govern. To learn more about the Frameworks
please visit www.privacyshield.gov. This Privacy Shield Policy
specifically defined in this Policy.
APTA is subject to the jurisdiction and enforcement
authority of the US Federal Trade Commission in relation to the EU and Swiss
data we handle under the Privacy Shield.
How we Obtain Personal Information
We obtain and
process Personal Information in different capacities.
As a data
controller, we collect and process EEA Personal Information directly from
individuals, either via our publicly available websites, including www.apta.com,
or in connection with our customer, partner, and vendor relationships.
We commit to be
subject to the Principles received from the EEA and Switzerland in reliance on
Personal Information Received from
the European Economic Area and Switzerland
We may receive
from the EEA and Switzerland some or all of the information listed in our
or “personal data” (collectively, “Personal Information”) as defined in the
Pursuant to the
Privacy Shield Frameworks EEA and Swiss individuals have access to their
personally identifying data we hold. Individuals wishing to exercise this right
may do so by contacting email@example.com.
Data Integrity and Purpose
We may use the
Personal Information we receive from the EEA and Switzerland for the purposes
reasonable steps to ensure that the Personal Information we process is relevant
and reliable for its intended use, accurate, complete, and current to the
extent necessary for the purposes for which we use the Personal Information. We
will not process Personal Information in a way that is incompatible with the
purposes for which it has been collected or subsequently authorized by you. We
will adhere to the Principles for as long as we retain the Personal Information
collected under the Frameworks.
Policy describes the types of third parties that we may disclose your Personal
information to, and the purposes of such disclosures. If we disclose your
Personal Information to a third party acting as a data processor, we will
comply with, and protect the Personal Information as provided in, the
Accountability for Onward Transfer Principle. We remain responsible for the
processing of Personal Information received under the Frameworks and
subsequently transferred to a third party acting as an agent if the agent
processes such Personal Information in a manner inconsistent with the
Principles, unless we prove that we are not responsible for the event giving
rise to the damage. We may be required to disclose Personal Information in
response to lawful requests by public authorities, including to meet national
security or law enforcement requirements.
You may choose
to change your Personal Information or cancel your APTA membership by
contacting us using the contact details below. You can also unsubscribe from
our marketing communications by following the instructions or unsubscribe
mechanism in the e-mail message. If we intend to use your Personal Information
for a purpose that is materially different from the purposes listed in this
acting as a data processor not previously identified, we will offer you the
opportunity to opt-out of such uses and/or disclosures where it involves
non-sensitive information or opt-in where sensitive information is involved.
Recourse and Enforcement
with the Privacy Shield Principles, APTA commits to resolve
complaints about your privacy and our collection or use of your personal
information transferred to the United States pursuant to Privacy Shield.
European Union and/or Swiss individuals with Privacy Shield inquiries or
complaints should first contact APTA by referring to the
contact information at the end of this policy.
APTA has further
committed to refer unresolved privacy complaints under the Privacy Shield
Principles to an independent dispute resolution mechanism, the BBB EU PRIVACY
SHIELD, operated by the Council of Better Business Bureaus. If you do not
receive timely acknowledgment of your complaint, or if your complaint is not
satisfactorily addressed, please visit www.bbb.org/EU-privacy-shield/for-eu-consumers for more information and to file a complaint. This
service is provided free of charge to you.
If your Privacy Shield
complaint cannot be resolved through the above channels, under certain
conditions, you may invoke binding arbitration for some residual claims not
resolved by other redress mechanisms. See Privacy Shield Annex 1 at https://www.privacyshield.gov/article?id=ANNEX-I-introduction:
If you have
questions, concerns, or complaints about this Privacy Shield Policy or our
privacy practices, please contact us.
American Public Transportation Association
1300 I Street NW, Suite 1200
Washington, D.C. 20005