I. |
General Principles |
|
A. |
Our visitor’s privacy and anonymity are of paramount importance. |
|
|
We should not track the visits of our users by any means other than the standard Web site access logs (These are logs that are used for maintaining aggregate usage statistics. There will be further discussion about these logs later in this document.) |
|
B. |
The privacy and anonymity of all N.A. members (including trusted servants) must be respected at all times. |
|
|
All efforts will be made to prevent personally identifiable data (PID) from being made available on this site. |
|
C. |
PID (Personally Identifiable Data) is considered the property of the person(s) to whom that data applies. |
|
|
Most Web sites consider data that they have harvested as the property of the owners of the Web site. As an anonymous organization, we understand the issues inherent in this attitude. We consider all PID in our possession to be a trust, and we will take care of the sensitive data entrusted to us.Specifically, it does not matter where we get the PID. It is NEVER ours. It belongs to the person to whom it applies. Period. End of story. |
II. |
Specific Guidelines |
|
A. |
Absolutely NO PID is to EVER be made publicly available (with some exceptions, outlined in Section II.F) on this Web Site. |
|
|
To be specific, we will consider personally identifiable data (PID) to include, but not be limited to: |
|
|
1. |
Personal names |
|
|
|
This will include all personal names, even nicknames and/or first names only. ALL trusted servants MUST be identified ONLY by their title. |
|
|
2. |
Gender |
|
|
3. |
Race |
|
|
4. |
Religion |
|
|
5. |
Political Affiliation |
|
|
6. |
Nationality |
|
|
7. |
Ethnicity |
|
|
8. |
Physical Characteristics (Including disabilities) |
|
|
9. |
Personal Postal or Street Addresses |
|
|
|
Please note: This means that subcommittee meetings, events or NA meetings that gather in personal homes cannot be referenced by this site. Business/Church/School, etc. addresses should only be listed in conjunction with a sanctioned NA event. |
|
|
10. |
Personal or Business Email Addresses |
|
|
|
Any email address reachable via this Web site can ONLY be official email addresses assigned to the Greater New York Region, any of its component area services, or cooperating NA service entities. We will use the Web Mail forms for all email, as this prevents the visitor from seeing the email address to which the message is being sent. |
|
|
11. |
Personal or Business Telephone/Fax Numbers |
|
|
12. |
Individual IP Numbers or DNS names of Visitors’ Hosts |
|
|
13. |
Personal Web Sites |
|
|
|
This will be covered in greater detail in the general site policy. We should not link to any personal Web site. As a matter of basic principle, the Web sites to which we do link will be very heavily restricted. |
|
B. |
Handling of Web Access Logs |
|
|
Access logs are text files, automatically generated by the Web server, that report which pages and files have been requested by visitors. These logs do contain the Internet Protocol (IP) number of site visitors, but make no effort to match that IP number with any other data. In most cases, the IP numbers are only used in the most general sense, such as telling us that a visitor was coming in from aol.com, as opposed to identifying the visitor explicitly. However, the number is recorded, and can be accessed in the future. This is standard practice at every Web site you ever visit. Most will not explicitly tell you about this, but we believe in maximum privacy and full disclosure. We promise to never abuse this information. The only time that we should ever spend any time trying to determine the IP number of a particular visitor is when performing a forensic evaluation (usually done if the server is attacked.) |
|
C. |
Handling of Email Addresses |
|
|
We will take great care to never expose an email address on this Web site. All email contacts made from this Web site are done so via a special contact form that does not expose the recipient’s address. The sender may choose to provide their own email address (it is not required.) If they do so, we promise never to use this email address for any purpose other than to contact you only in response to your email to us. Your email address will never be shared with any other party unless you have explicitly stated that this is allowed. We run the site as an “opt in” system, where nothing is assumed. You must explicitly tell us that it is OK to use your email address, and even so, you are free to attach conditions to the use of that address. We promise to abide by those conditions, unless they run counter to our operating policy or to the Twelve Traditions of NA. If that is the case, we will not retain your email address. |
|
D. |
Retention and Handling of PID |
|
|
In the infrequent times that we may retain PID, then anyone receiving PID that originates from this Web site (such as email from our Contact Us page, or information provided to our eCommerce site,) is specifically enjoined from doing anything with this data unless specifically authorized by the owner of that data (defined as the person to whom the data applies, NOT the person currently in possession of the data.) To make it perfectly clear: 1) We consider the owner of any personal data to be the person to whom the data applies. Possession of PID DOES NOT give us the right to do with that data as we please. It is to be handled as a trust. 2) With this in mind, we must NEVER distribute PID to anyone not specifically authorized to have that data. This includes third-party organizations. For example: If we were to have consultants review Web logs in a forensic evaluation, they must be absolutely bound to destroy that data after the evaluation is complete. ANY third-party entity that has any access at all to PID that originates from this Web site MUST agree to be bound by this privacy policy. It is the responsibility of the Greater New York Region to ensure that the third-party entity is made aware of this policy, and that they agree to it, PRIOR to being allowed to handle PID. |
|
E. |
Cookies |
|
|
This site uses cookies to track logins and preferences. These are standard WordPress cookies. We do not display advertising or use external site statistics applications. |
|
F. |
Exceptions |
|
|
The exceptions to the above policy are only for purposes of publishing the FIRST NAME AND INITIAL OF THE LAST NAME (Example: “Jimmy K.” or “Pepe A.”) of members for purposes of Trusted Servant elections, and Newsletter articles. The member may also be identified by Service Position. In these exceptional cases, the member MUST be made completely aware that their name and Service position will be published on the Web, AND THEY MUST PROVIDE WRITTEN CONSENT. Under no circumstances must PID be published on this site without meeting these criteria (For example, you cannot post flyers with peoples’ full names and phone numbers; even if they did give written consent. They can only be identified by first name and last initial. Their phone number cannot be displayed on this site under any conditions. |
III. |
Summary |
|
We believe that this privacy policy is one of the strictest and most comprehensive policies on the Internet. It is important that ALL trusted servants and third-party organizations (such as eCommerce providers and ISPs) be bound to this policy. |