CMS Privacy Policy

​

3.    What personal information is collected
When you apply to become a member of CMS, we collect certain personal information as listed below. This is necessary for us to register you as a member of the society and to provide you with our services. CMS will not collect any sensitive information (as defined in the Privacy Act) from, or about you, without your explicit consent.
•    Your name, email address and contact details.
•    The name of your organisation, your employer or education provider as relevant.
•    Details of your interest in carbon management strategies and solutions.
•    Your credit card details for the payment of membership fees.
When you visit our website, access our member services, use our platform, engage in discussion forums, webinars or attend in-person events, CMS will collect the following information, which may include personal information: 
•    Records of your comments, posts and interactions in online webinars, training sessions or discussion boards; and
•    Your device information, IP address and technical metadata.

​

4.    How we use your personal information
CMS will use your personal information to:
•    provide you with access to the CMS platform;
•    provide you with member services, products and information;
•    administer our business activities;
•    manage, research and develop our products and services;
•    provide you with information about our products and services;
•    communicate with you by a variety of measures including, but not limited to, by telephone, email, SMS or mail; 
•    process your payments (using a secure third-party payment processor); and
•    investigate any complaints.
If you do not provide the personal information requested by us, it may not be possible for us to provide you with our products and services or for you to fully access our website.
If there is a change of control in our business or a sale or transfer of business assets, we reserve the right to transfer (to the extent permissible at law) our user databases, together with any personal information and non-personal information contained in those databases.
CMS will use your personal information to make you aware of CMS news, CMS products and services which are available to you, and any new products or events. Every marketing communication we send to you will include a "simple, one-click means" to opt-out.

 

CMS does not use algorithms, artificial intelligence, or other computer programs to make decisions that could be expected to impact your rights or interests. 

 

CMS will not sell your personal information for monetary gain, or otherwise.

​

5.    When might we disclose personal information
The focus of CMS is knowledge sharing and development and disclosing relevant data and information is a primary purpose of the CMS platform. The CMS platform includes discussion forums which are accessible by, and to, all members. You are able to control the visibility of any information you personally share through the platform. CMS will not publish any information you post on our website outside of the website without your express permission.
CMS may disclose your personal information to other entities or individuals to facilitate the purpose for which information was collected. Such entities and individuals include:
•    third parties as expressly permitted in our terms and conditions with members (as applicable);
•    governmental or regulatory authorities having jurisdiction over CMS or any of our services; 
•    a third-party payment processor in order to process any payments made by you; or
•    any person if you have given your express consent to the disclosure. 
•     any of our employees, officers, insurers, professional advisers, agents, suppliers or subcontractors insofar as reasonably necessary for the purposes set out in this privacy policy.
We may disclose your personal information to comply with a legal requirement, such as a law, regulation, court order, subpoena, warrant, legal proceedings or in response to a law enforcement agency request.

​

6.    Hosting and International Transfers
Information that we collect may from time to time be stored, processed in or transferred between parties or sites located in countries outside of Australia. These may include, but are not limited to Australia, United States of America, Ireland, South Korea, Taiwan, Israel and UAE.
The hosting facilities for our website are situated in Israel. International transfers of information will be protected by appropriate safeguards, these include the use of standard contractual clauses adopted or approved by the European Commission which you can obtain from the European Commission Website. CMS acknowledges that it remains legally accountable for any privacy breaches committed by our overseas hosting providers. 
You acknowledge that in circumstances where:
•    you have provided us with express permission to post personal data and information on our website or platform; and
•    where you have posted information directly to our website or platform; 
that information may be available, via the internet, around the world. We cannot prevent the use (or misuse) of such personal data or information by others.

​

7.    General Data Protection Regulation (GDPR) for the European Union (EU)
CMS will comply with the principles of data protection set out in the GDPR for the purpose of fairness, transparency and lawful data collection and use.
The Processor for the data we collect from you is Wix and we are a Controller as defined in the GDPR.
We must establish a lawful basis for processing your personal information. The legal basis for which we collect your personal information depends on the data that we collect and how we use it.
We will only collect your personal information with your express consent for a specific purpose and any data collected will be to the extent necessary and not excessive for its purpose. We will keep your data safe and secure.
We will also process your personal information if it is necessary for our legitimate interests, or to fulfil a contractual or legal obligation.
We process your personal information if it is necessary to protect your life or in a medical situation, it is necessary to carry out a public function, a task of public interest or if the function has a clear basis in law.
We do not collect or process any personal information from you that is considered to be in a special category of personal data under Article 9 GDPR such as personal information relating to your sexual orientation or ethnic origin unless we have obtained your explicit consent, or if it is being collected subject to and in accordance with the GDPR.
You must not provide us with your personal information if you are under the age of 16 without the consent of your parent or someone who has parental authority for you. We do not knowingly collect or process the personal information of children.

a)    Your rights under the GDPR
If you are an individual residing in the EU, you have certain rights as to how your personal information is obtained and used. 
Except as otherwise provided in the GDPR, you have the following rights:
•    to be informed how your personal information is being used;
•    access your personal information (we will provide you with a free copy of it);
•    to correct your personal information if it is inaccurate or incomplete;
•    to delete your personal information (also known as "the right to be forgotten");
•    to restrict processing of your personal information;
•    to retain and reuse your personal information for your own purposes;
•    to object to your personal information being used; and
•    to object against automated decision making and profiling.
Please contact us at any time to exercise your rights under the GDPR at the contact details in this Privacy Policy.  We may ask you to verify your identity before acting on any of your requests.
If you are a resident of the EU and believe that our processing of your personal data infringes upon the GDPR, you have the right to lodge a complaint with a supervisory authority. This right is available to you without prejudice to any other administrative or judicial remedy. You can find a list of supervisory authorities here: https://www.edpb.europa.eu/about-edpb/about-edpb/members_en 

​

8.    California Consumer Privacy Act (CCPA)
For purposes of this Section 8, the terms “personal information,” “collection,” “sell,” “share,” “business purpose,” and “commercial purpose” have the meanings given to them under the California Consumer Privacy Act of 2018 as amended by the California Privacy Rights Act of 2020 (collectively, the “CCPA/CPRA”).   
a)    Notice at Collection
CMS provides a Notice at Collection to inform you of the categories of personal information we collect and the purposes for which we use them. In the preceding 12 months, we have collected the following categories of information:   
•    Identifiers: Real name, alias, IP address, and email address.   
•    Professional Information: Employment history, job titles, and professional associations.   
•    Internet Activity: Browsing and search history on our platform.   
•    Sensitive Personal Information: Precise geolocation and racial or ethnic origin (where provided voluntarily in member bios).   
b)    Your Rights under CCPA/CPRA
If you reside in California, you have the following rights in addition to those described elsewhere in this Policy:
1.    Right to Know and Access: You may request that we disclose the categories and specific pieces of personal information we have collected about you, the sources of that data, and the categories of third parties with whom we have shared it.   
2.    Right to Delete: Subject to certain limitations, you have the right to request the deletion of your personal information.   
3.    Right to Correct: You may request that we correct inaccurate personal information that we maintain about you.   
4.    Right to Opt-Out of Sale or Sharing: You have the right to direct us not to "sell" or "share" your personal information for cross-context behavioural advertising. CMS does not sell your data for monetary gain, but we recognise your right to opt-out of data sharing.   
5.    Right to Limit SPI: You have the right to direct us to limit the use of your Sensitive Personal Information to only what is necessary to perform our services.
6.    Right to Non-Discrimination: We will not discriminate against you for exercising any of your privacy rights.   
c)    Exercising Your Rights
You may submit a request by contacting us as set out at section 15. 
You must not provide us with your personal information if you are under the age of 16 without the consent of your parent or someone who has parental authority for you. We do not knowingly collect or process the personal information of children.

​

9.    Data Retention
CMS retains each category of personal information only for as long as is necessary for the purposes outlined in Section 4 of this policy. Member profile data is typically destroyed within 30 days of account closure, while financial records are retained for a minimum of 5 years to comply with tax and audit obligations.

​

10.     Cookie Usage
Cookies are small text files that are placed on your computer's hard drive through your web browser when you visit any web site. They are widely used to make websites work, or work more efficiently, as well as to provide information to the owners of the website.
Like all other users of cookies, we may request the return of information from your computer when your browser requests a web page from our server. Cookies enable our web server to identify you to us, and to track your actions and the pages you visit while you use our website. The cookies we use may last for a single visit to our website (they are deleted from your computer when you close your browser), or may remain on your computer until you delete them or until a defined period of time has passed.
Although your browser software enables you to disable cookies, we recommend that you allow the use of cookies in order to take advantage of the features of our website that rely on their use. If you prevent their use, you will not be able to use all the functionality of our website.
If you are an individual residing in the European Union (EU) or any other jurisdiction that requires us to obtain your consent to use cookies on our website, then you will have an opportunity to manage your consent preference; except that certain cookies are required to enable core site functionality, and you cannot opt-out or choose to disable those cookies.
If you want to know more about cookies, please visit http://www.allaboutcookies.org/

​

11.     Security of your personal information
CMS is committed to ensuring that the information you provide to us is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure information and protect it from misuse, interference, loss and unauthorised access, modification and disclosure. 
Where we employ data processors to process personal information on our behalf, we only do so on the basis that such data processors comply with the requirements under the GDPR and that have adequate technical measures in place to protect personal information against unauthorised use, loss and theft.
The transmission and exchange of information between you and CMS is carried out at your own risk. We cannot guarantee the security of any information that you transmit to us, or receive from us. 
CMS strictly prohibits "doxxing" (the distribution of personal data in a menacing or harassing way) and the unauthorised harvesting of member data. Engaging in such conduct may trigger civil liability under the statutory tort for serious invasions of privacy under Schedule 2 of the Privacy Act.

​

12.    Review or update personally identifiable information
At any time you may review or update the personally identifiable information that we hold about you, by contacting us at the address below. To better safeguard your information, we will also take reasonable steps to verify your identity before granting access or making corrections to your information.
You have a right to withdraw your consent for us to use your personal information at any time by emailing us at secretary@carbonmanagementsociety.org.

​

13.    Dealing with us Anonymously or by Pseudonym
CMS requires that you provide your real name for billing and membership purposes, however, pseudonyms are permitted for specific platform activities like discussion forums or public comments.

​

14.    Complaints about privacy
If you have any complaints about our privacy practices, please feel free to send details of your complaints to the address below. We take complaints very seriously and will respond and attempt to resolve your issue within 30 days after receiving written notice of your complaint.
Please contact us immediately if you become aware of any unauthorised use of your account by anyone else or any other breach of security.
 

15.    How to contact us

Email us at secretary@carbonmanagementsociety.org