Chicon 8 recognizes that personal data is valuable and needs to be treated with respect. Our intent is to keep it safe, only needed access and remove it when no longer needed.
This policy includes information on what data Chicon 8 collects, how we collect it, and how we use it. The personal information collected by Chicon 8 is stored and managed using the guidance of California Consumer Privacy Act (CCPA) and EUs (General Data Protection Regulation) GDPR.
Chances to This Policy
Chicon 8 may change this policy. When changes are made, we will update our website with the changes.
General Information
In regard to the storage and management of the data collected by Chicon 8, the convention acts to ensure that all personal data is:
- Collected for lawful purposes
- Processed legally and fairly
- Relevant; and not excessive
- Kept up to date for accuracy
- Destroyed two years after the convention
- Kept secure
- Only accessed by authorized Chicon 8 staff
- Not shared without permission
How We Use This Data
In order to conduct the business of Chicon 8, we collect personal data submitted to us by people who interact with our convention in order to provide the agreed upon services and to share information and updates regarding our services and events. This may also include providing relevant information to future worldcons.
Personal Data
Chicon 8’s personal data includes information, facts, and interests that identify and are tied to living people, including such things as name, contact information, and professional history. Sensitive and personal data may also be collected from some individuals.
Required Personal Data
While a variety of data types may be requested and collected for use by Chicon 8, only an individual’s name, email, street address, and country is required for membership.
Sensitive Personal Data
Sensitive personal data is collected for the purposes of making health-based accommodations, enhancing diversity, and identifying topics of a sensitive nature that potential program participants would be comfortable talking about as part of Chicon 8’s program. Sensitive personal data may include such things as racial or ethnic origin, political opinions, religious or philosophical beliefs, disability, or medical needs, etc.
Accessing/Updating Data
Members may view their registration-related information and they can update all of their data themselves. Alternatively they should contact the relevant division directly.
Destroying Data
All data collected on individuals will be changed, deleted, or modified upon request.
In addition, all personal data in the Chicon 8 systems will be deleted two years after the convention unless we have a legal requirement to retain it.
Securing Data
Data collected by us will be stored securely and managed through appropriate protections.
Data Processing
All third-party data processors contracted by Chicon 8, which store, access, and house information via cloud services, on websites, in apps, etc. will be compliant with relevant data regulations.
Financial and Biometric information
Chicon 8 does not collect either Financial or Biometric information. All payments are processed through 3rd party vendors such as Stripe and no payment information is held by Chicon 8.
Division Specific Data
Within Chicon 8 there may be certain division specific requests and protections around personal data. This information may be shared within Chicon 8 but only with the same level of protection and for the same purpose.
Contact
If you have any questions or further concerns about this policy or Chicon 8’s data policies, please contact the Data Protection Officer for Chicon 8 at DPO@chicon.org.