This website collects only basic information, depending on your interaction with us. A non-transactional visit records only your IP (a non-unique number identifying your ISP, such as Comcast) and the type of device. In the case of transactions - specifically event registration - your name, email, the name of your company, and any other contact information you provide is collected. When you use our login form, we also maintain a username and a hashed and salted password. We share none of this with third parties.
Note that we publish a list of event attendees that may be viewed publically during the brief period we collect registrants. This policy is currently under review.
The only third-party API we use is Google Maps, and we do not provide to Google any personally identifiable information or device identifiers. Here are the terms that govern our use of maps, which in our case is very limited. [If you click on the map for the purposes of getting directions, particularly from your mobile device, you will leave our site to interact directly with Google, usually through their app.]
When registering by credit or debit card, we use the payment gateway Stripe. Information submitted to Stripe passes through our website; none of your confidential information, such as credit card number and expiration date, are collected or stored on our server. Moreover, for such confidential information to begin transmission, we must prove to Stripe that the connection is completely encrypted from end to end. Sometimes, when your network has an issue with data-security 'certificate authorities,' we will issue you a login and username to our site in order to establish the requisite data security.
Here is the relevant privacy statement from Stripe (the Customer is you, the User is SAME Piscataqua Post):
If you are a Customer, when you make payments or conduct transactions through a Stripe User’s website or application, we will receive your transaction information. Depending on how the Stripe User implements our Services, we may receive this information directly from you, or from the Stripe User or third parties. The information that we collect will include payment method information (such as credit or debit card number, or bank account information), purchase amount, date of purchase, and payment method. Different payment methods may require the collection of different categories of information. The Stripe User will determine the payment methods that it enables you to use, and the payment method information that we collect will depend upon the payment method that you choose to use from the list of available payment methods that are offered to you by the Stripe User.
When we conduct fraud monitoring, prevention and detection activities, we may also receive Personal Data about you from our business partners, financial service providers, identity verification services, and publicly available sources (e.g., name, address, phone number, country), as necessary to confirm your identity and prevent fraud. Our fraud monitoring, detection and prevention services may use technology that helps us assess the risk associated with an attempted transaction that is enabled on the Stripe User’s website or the application that collects information.
In reference to the fraud monitoring and detection, this once resulted in a declined payment, which allowed us to alert the cardholder to a situation s/he was not aware of.
Three board members are permitted access to the Stripe administration panel, where the only information available to us is the name on the card, type of card used, last four digits of the card number, and transaction details (event, amount, a transaction serial number for reference). In very rare cases, will be notice a declined card (almost always because of a mistyped zip code, seriously). We have no access whatever to any of the private information you submitted to Stripe. Visit their website to read their comprehensive privacy notice, especially the parts that concern use of personal data; note that some of this statement applies to SAME Piscataqua Post (the User).