top of page

PRIVACY POLICY

The Council of Scottish Clans and Associations (COSCA) values its constituents’ privacy. While the United States does not currently have a federal law regarding online privacy, some states and countries are stepping in. For example, California’s Online Privacy Protection Act (CalOPPA) requires all nonprofits that interacts with its citizens to post a privacy policy on its website. In 2018, the European Union (EU) agreed on the General Data Protection Regulation (GDPR) that aims to protect the fundamental right to privacy and the protection of the personal data of the citizens of its member nations. This regulation affects any entity (including websites) that processes EU citizens' personal data. This affects you if you have EU website visitors.


This Privacy Policy (“Policy”) will help you understand how we collect and use information from those who visit our website, make use of our online services, and respond to our requests for information. This Policy also explains what we will and will not do with the information we collect. Our Policy has been designed and created to ensure those affiliated with COSCA of our commitment and realization of our obligation not only to meet, but to exceed, most existing privacy standards.


Website
 

Like most websites, COSCA collects information from its users through “cookies,” which are small pieces of data created by webservers that play a behind-the-scenes role in making your online experience smoother. When you visit a website, your browser sends a piece of data to the web server hosting that site. This data usually appears as strings of numbers and letters in a text file.


These cookies can contain various information:

 

  • Session cookies: Temporary cookies that expire when you close your browser. They help maintain your session (like keeping you logged in) while you navigate a website.
     

  • Persistent cookies: These stick around even after you close your browser. They remember your preferences across visits, such as language settings or personalized content.
     

  • Third-party cookies: Set by domains other than the one you’re directly interacting with. Advertisers often use these to track your behavior across different sites.
     

  • Secure cookies: Encrypted and used for sensitive data like login credentials.


The COSCA website is maintained by the web hosting company Wix that sends a minimum number of necessary cookies. Those cookies are:

 

  • ssr-caching: The cookie is set by WIX and indicates how a site was rendered. Duration is less than a minute. 
     

  • XSRF-TOKEN: This cookie enhances visitor browsing security by preventing cross-site request forgery. Duration is the session. 
     

  • hs: Wix platform sets this cookie for security purposes. Duration is the session. 
     

  • svsession: platform sets this cookie to identify unique visitors and track a visitor's session on a site. Duration: I year, 1 month, 4 days. 
     

  • fedops.logger.sessionld: Registers statistical data on users' behavior on the web site. Used for internal analytics by the web site, specifically determining new users. Duration: 12 months.


You can clear these and other cookies through your browser, usually by clicking “Security and Privacy” in your settings.
 

Links to Other Websites
 

Our website contains links to other websites. COSCA does not claim nor accept responsibility for any privacy policies, practices and/or procedures of other such websites. Therefore, we encourage all users and visitors to be aware when they leave our website and to read the privacy statements of every website that collects personally identifiable information. This Privacy Policy Agreement applies only and solely to the information collected by our website.


Email List
 

By signing up for the COSCA free monthly email newsletter, you are required to provide your email address. Any other information you provide is optional.  By entering this information, you have given COSCA permission to send you email information. COSCA does not sell, give, or trade this information to any other organization or individual. You can opt out of this email service by clicking the “Unsubscribe” link provided at the bottom of every email newsletter.


Membership Management and Payments
 

COSCA utilizes two third party services for managing membership information and processing payments. MembershipWorks stores the information that you provide on its own servers. COSCA determines the level of privacy implemented, which is tight. Please see Managing Your Membership Data Privacy & Security at https://membershipworks.com/data-privacy-security/. COSCA processes payment information through Stripe. We use a Stripe service called "Link," which allows us to store your payment methods with Stripe to conveniently use them for future payments. When you process your payment, you may agree to allow Strip to store your Personal Data (such as name, contact information, payment method details.) This will allow for a more streamlined purchasing experience when using Link in the future. You can also opt out of storing this information. You may also choose to pay by check. Please see Stripe’s Privacy Policy at https://stripe.com/privacy. COSCA does not sell, give, or trade this information to any other organization or individual.


Access to Member Services


Through Wix, COSCA maintains a private side of the public website known as “Member Services” for representatives of all current Organizational Members. You are required to provide a username (email address) and password. COSCA does not sell, give, or trade this information to any other organization or individual.


Security


COSCA takes precautions to protect your information. When you submit sensitive information via the website, your information is protected both online and offline. Wherever we collect sensitive information (e.g. credit card information), that information is encrypted and transmitted to us in a secure way. To do this, COSCA uses Secure Socket Layer (SSL) for authentication and private communications. You can verify this by looking for “https” at the beginning of the address of the webpage.


Data Calls


COSCA regularly collects and disseminates information through direct emails and online surveys. COSCA regularly requests and disseminates information from other organizations. Respondents agree to allow COSCA limited use of the materials submitted, to extend to inclusion in survey data reports and Web postings. In return, COSCA acknowledges respondent's intellectual property rights in the materials submitted and undertakes to respect and protect them from unauthorized use. (See Copyright: Content and Fair Use Notice.)


Disclosure of Information


COSCA may not use or disclose the information provided by you except under the following circumstances:

​

  • as necessary to provide services or products you have requested; 
     

  • in other ways described in this Policy or to which you have otherwise consented;
     

  • in the aggregate with other information in such a way that your identity cannot reasonably be determined;
     

  • as required by law, or in response to a subpoena or search warrant;
     

  • to outside auditors who have agreed to keep the information confidential; and 
     

  • as necessary to maintain, safeguard and preserve all the rights and property of COSCA for non-marketing purposes


Children Under the Age of 13


COSCA’s website is not directed to, and does not knowingly collect personal identifiable information from, children under the age of thirteen (13). If it is determined that such information has been inadvertently collected on anyone under the age of thirteen (13), we shall immediately take the necessary steps to ensure that such information is deleted from our system’s database, or in the alternative, that verifiable parental consent is obtained for the use and storage of such information. Anyone under the age of thirteen (13) must seek and obtain parent or guardian permission to use this website.


Notice to European Union Users


COSCA’s operations are located primarily in the United States. If you provide information to us, the information will be transferred out of the European Union (EU) and sent to the United States. (The adequacy decision on the EU-US Privacy became operational on August 1, 2016. This framework protects the fundamental rights of anyone in the EU whose personal data is transferred to the United States for commercial purposes. It allows the free transfer of data to companies that are certified in the US under the Privacy Shield.) By providing personal information to us, you are consenting to its storage and use as described in this Policy. 


Under the regulations of the General Data Protection Regulation (“GDPR”) of the EU you have certain rights as a Data Subject. These rights are as follows:

 

  • The right to be informed: this means we must inform you of how we intend to use your personal data and we do this through the terms of this Policy.
     

  • The right of access: this means you have the right to request access to the data we hold about you and we must respond to those requests within one month. You can do this by sending an email to cosca@bforbes.com.
     

  • The right to rectification: this means that if you believe some of the date, we hold is incorrect, you have the right to have it. You can do this by logging into your account with us, or by sending us an email with your request.
     

  • The right to erasure: this means you can request that the information we hold be deleted, and we will comply unless we have a compelling reason not to, in which case you will be informed of same. You can do this by sending an email to cosca@bforbes.com.
     

  • The right to restrict processing: this means you can change your communication preferences or opt-out of certain communications. You can do this by sending an email to cosca@bforbes.com.
     

  • The right of data portability: this means you can obtain and use the data we hold for your own purposes without explanation. If you wish to request a copy of your information, contact us at cosca@bforbes.com.
     

  • The right to object: this means you can file a formal objection with us regarding our use of your information with regard to third parties, or its processing where our legal basis is our legitimate interest in it. To do this, please send an email to cosca@bforbes.com.


Unsubscribe or Opt-Out


All users and visitors to our website have the option to discontinue receiving communications from us by way of email or newsletters. To discontinue or unsubscribe from our website please send an email that you wish to unsubscribe to cosca@bforbes.com. If you wish to unsubscribe or opt-out from any third-party websites, you must go to that specific website to unsubscribe or opt-out. COSCA will continue to adhere to this Policy with respect to any personal information previously collected.


Acceptance of Terms


By using this website, you are hereby accepting the terms and conditions stipulated within the Privacy Policy. If you are not in agreement with our terms and conditions, then you should refrain from further use of our sites. In addition, your continued use of our website following the posting of any updates or changes to our terms and conditions shall mean that your agreement and acceptance of such changes. We reserve the right to make changes to this Policy at any given time. If you want to make sure that you are up to date with the latest changes, we advise you to frequently visit this page. on collected.


How to Contact Us


If you have any questions or concerns regarding the Privacy Policy Agreement related to our website, please feel free to contact us at the email, telephone number or mailing address below. The data controller responsible for your personal information for the purposes of GDPR compliance is: 

 

Bart Forbes, COSCA Communications Chairman
131 Saltgrass Avenue, Surfside Beach, Texas 77541
Email: cosca@bforbes.vom
Telephone: 703-945-0330

​

bottom of page