Website Data Privacy Policy
Who we are: State Licensed Benefits Association PAC (“SLBA PAC”) is a registered 527 political organization focused on civic research related to benefits and state‑licensed professionals. We do not sell products or services.
Plain‑Language Summary
- We collect limited information that you provide to us (e.g., contact details, survey responses) and technical data from your device (e.g., IP address, pages visited).
- We use the information to run our website, conduct civic research on benefits awareness and needs, and to communicate with you when you ask us to.
- We do not sell or share your personal information for cross‑context behavioral advertising.
- You can opt out of outreach at any time; we keep an internal Do Not Contact list and honor legal rights available in your state.
Scope
This policy explains how we collect, use, disclose, and safeguard information when you interact with our website, online forms, email communications, and research activities that reference this policy (collectively, the “Services”). It does not cover third‑party websites or services we do not control.
Definitions (simplified)
- “Personal information” (PI): Information that identifies or can reasonably be linked to a particular person or household.
- “Sensitive PI”: Certain information given special protection by law (e.g., precise geolocation, government ID number). We do not intentionally collect Sensitive PI via the website.
- “Sell” / “Share”: As defined by applicable state privacy laws (e.g., California). We do not sell or share PI for cross‑context behavioral advertising.
Information We Collect
- Identifiers & contact information: name, email, phone number, mailing address.
- Survey & research responses: opinions and information you volunteer in questionnaires or calls.
- Device/usage data: IP address, browser type, pages visited, referring/exit pages, timestamps, and similar data (via cookies or comparable technologies).
- Communication & consent records: opt‑in/opt‑out status, Do Not Contact (DNC) preferences, consent timestamps, capture channel (web/phone/mail/email), and script/version references.
- Administrative data: internal IDs and notes necessary to prevent re‑contact where you opt out.
Sources of Information
- Directly from you when you fill out a form, respond to a survey, email us, or speak with a live agent.
- Automatically from your device via cookies or similar technologies when you use the website.
- From service providers that help us operate the Services (e.g., hosting, analytics, communication tools).
- From publicly available sources as permitted by law for research and verification.
How We Use Information
- Civic research & advocacy: analyze benefits awareness, needs, policy views affecting state‑licensed professionals and their families; produce aggregate insights for stakeholders.
- Operations & security: provide, maintain, troubleshoot, and improve the website; detect, prevent, and respond to security incidents and abuse.
- Compliance: maintain internal DNC/opt‑out lists, consent ledgers, and records needed for audit, dispute resolution, or legal obligations.
- Communications: respond to inquiries you send us and honor your stated preferences.
Research Outreach & Consent Management (Live‑Agent)
We conduct research outreach by live agents and manually dialed calls. Consistent with TCPA/FCC rules and applicable state laws, we maintain a centralized opt‑out ledger, scrub calling lists, respect state calling‑time and holiday restrictions, and observe reasonable per‑person contact frequency limits.
Cookies & Analytics
We use essential cookies to operate the website and analytics cookies to understand aggregate usage. You can control cookies through your browser settings; disabling cookies may affect site functionality. We do not use cookies to sell or share your PI for cross‑context behavioral advertising. Where legally required, we honor recognized opt‑out preference signals such as Global Privacy Control (GPC) for any sale/share activities (we do not currently sell/share PI).
How We Disclose Information
We do not sell personal information. We may disclose information:
- To service providers/contractors that process data for us under written agreements (e.g., hosting, analytics, security, communications).
- For legal reasons, including to comply with law or valid legal process, or to protect rights, safety, and the integrity of our operations.
- In organizational changes, if applicable (e.g., reorganization), consistent with this policy and applicable law.
- In aggregate or de‑identified form for reporting and research, without identifying you.
Retention
We retain information only as long as needed for the purposes described and to meet legal, audit, and compliance requirements. Typical periods are:
- Website logs/analytics: up to 12–18 months.
- Contact/consent & DNC records: up to 5 years after last interaction (or longer if necessary to honor a suppression request).
- Research data: may be retained in aggregate or de‑identified form for longitudinal analysis.
We review retention periodically and securely dispose of data when it is no longer needed.
Security
We implement administrative, technical, and physical safeguards (e.g., encryption in transit, role‑based access controls, least‑privilege access, logging/monitoring, and vendor due diligence). No method of transmission or storage is completely secure; we cannot guarantee absolute security.
Your Privacy Rights (U.S.)
Depending on your state, you may have rights to access/know, correct, delete, obtain a portable copy, opt out of sale/share or targeted advertising, and limit use of Sensitive PI. We will honor requests as required by law and may voluntarily accommodate reasonable requests where not required.
How to Exercise Rights
Email info@slbapac.org with the subject line “Privacy Request.” Include your name, contact information, the right you wish to exercise, and details to help locate your records. We may take steps to verify your identity (e.g., match contact details, confirm control of an email/phone). You may authorize an agent where permitted by law; we may require proof of authorization.
Appeals Process
If we deny your request, you may appeal by replying to our decision email with “Appeal” in the subject line. We will review and respond within the timeframe required by applicable law. If you remain unsatisfied, you may contact your state Attorney General.
California (CPRA) Notices
- We do not sell or share PI for cross‑context behavioral advertising.
- We do not use or disclose Sensitive PI for purposes requiring a “Limit Use of Sensitive PI” link.
- We honor authorized agent requests consistent with California law.
- “Shine the Light”: we do not disclose PI to third parties for their own direct marketing purposes.
Nevada/Colorado/Connecticut/Virginia/Utah Notices
We do not sell PI as defined under these laws and do not process PI for targeted advertising. Where required, we provide methods to exercise rights (access, delete, correct, appeal) using the instructions above and recognize legally required opt‑out mechanisms.
Do Not Track & Global Privacy Control
Some browsers send a “Do Not Track” signal; there is no common industry response. We honor legally recognized opt‑out preference signals (e.g., GPC) where applicable. Because we do not sell/share PI for cross‑context behavioral advertising, GPC has no effect on such activities at this time.
International Visitors
Our Services are intended for use in the United States. If you access the Services from outside the U.S., understand that your information may be processed in the U.S. and other countries with different data‑protection laws.
Children’s Privacy
Our Services are not directed to children under 13, and we do not knowingly collect personal information from them. If you believe a child under 13 has provided personal information, contact us and we will take appropriate steps.
Accessibility
If you need this policy in an alternative format due to a disability, email info@slbapac.org and we will provide reasonable assistance.
Changes to This Policy
We may update this policy from time to time. The “Effective date” above reflects the latest version. Material changes will be posted on this page.
Contact Us
Questions or requests may be sent to info@slbapac.org
Appendix A: Categories of Personal Information (California CPRA Mapping)
| CPRA Category | Examples We May Collect | Purpose | Sold/Shared |
|---|---|---|---|
| Identifiers | Name, email, phone, mailing address | Communications; research operations | No |
| Internet activity | IP address, pages viewed, timestamps | Site operations; security; analytics | No |
| Audio (communications) | Voicemail or recorded inbound messages you leave for us | Support; compliance | No |
| Inferences | Aggregate insights about community trends (not tied to you) | Research & advocacy | No |
| Sensitive PI | Not intentionally collected via website | N/A | No |
Appendix B: Illustrative Retention Schedule
| Data Type | Typical Retention |
|---|---|
| Web server logs & analytics | 12–18 months |
| Consent & DNC records | Up to 5 years after last interaction |
| Email correspondence | Up to 3 years, unless needed longer for legal reasons |
| Aggregated/de‑identified research | Indefinite (non‑identifying) |
This policy is provided for general informational purposes and does not constitute legal advice.