Skip to Main Content
Sun City Texas Community Association Home

Help Desk | Login
 
Privacy Policy, Sun City Texas Community Association

Privacy Policy

SUN CITY TEXAS COMMUNITY ASSOCIATION:

CONSOLIDATED PRIVACY POLICY

Purpose

The purpose of this Privacy Policy is to establish clear standards and guidelines for the collection, storage, and usage by Sun City Texas Community Association ("SCTCA") of certain personal information of individual resident members. The standards and guidelines contained in this Privacy Policy reflect an attempt to balance the need of SCTCA both to reasonably collect and use certain personal information of members in conjunction with SCTCA’s operational activities and to protect against the dissemination of such information in a format or manner that could be harmful to members.

Scope

This Privacy Policy applies to all operational activities performed by SCTCA, including specifically those related to the SCTCA web portal. This Privacy Policy supercedes and replaces the current web portal privacy policy ( i.e., the previously adopted Sun City Texas Community Association: Privacy Policy for Community Web Portal).

Defined Terms

As used in this Privacy Policy, the following terms have the prescribed definitions:

Authorized Individuals: Directors, officers and administrative staff employees of SCTCA, or other persons who are specifically authorized by the SCTCA Board or Executive Director to view or handle Confidential Personal Information.

Confidential Personal Information ("CPI"): CPI includes the following: (1) That certain identifying information about a specific individual resident and member of the SCTCA which would be deemed Publishable Personal Information except that the resident has requested that the information not be published; (2) social security numbers, birth dates, and other identifying information that could be used in conjunction with identity theft; (3) any financial records or data of individual residents, including specifically bank account information used in conjunction with electronic payments; (4) Modifications Committee information; (5) Covenants Committee information; and (6) employee compensation.

Online Residential Directory: That portion of the SCTCA web portal which displays and publishes the Publishable Personal Information of individual residents.

Printed Residential Directory: That certain printed documents the SCTCA may from time to time cause to be printed and distributed to its membership for their personal, non-commercial use. In most instances, this document will contain in a printed form that information provided in the Online Resident Directory.

Privacy Policy: This Sun City Texas Community Association: Consolidated Privacy Policy.

Publishable Personal Information ("PPI"): That certain identifying information of individual SCTCA members and Sun City residents which is collected by SCTCA and: (a) is not deemed CPI; or (b) has not been subject to a specific request from the resident that it not be published. The PPI includes, but is not limited to, the following information: first and last name, SCTCA ID number, street address, Sun City neighborhood number, home state, telephone number, e-mail address, and membership in recognized SCTCA organizations, committees and boards.

Sun City Texas Community Association ("SCTCA"): The legal entity responsible for operating and governing the Sun City Texas community, in accordance with its Articles of Incorporation, Bylaws, Declaration of Covenants, Conditions and Restrictions, and other governing documents.

General Privacy Policies

The following general privacy policies apply to all SCTCA activities and operations.

1. No publishing of CPI. SCTCA shall not publish or otherwise intentionally allow persons other than Authorized Individuals to access any CPI of individual residents, except to the extent that SCTCA must provide CPI: (a) to financial institutions or other requesting private entities or individuals that legally require such information, or by necessity must have such information, in conjunction with services provided to SCTCA, or (b) in response to a legal request or demand by a governmental entity, including but not limited to taxing authorities and courts of law.

2. Storage and use of CPI. SCTCA shall take all reasonable precautions to ensure that CPI is stored in a location and manner that minimizes the risk that it can be accessed or viewed by anyone other than Authorized Individuals. Written CPI records shall be stored in locked filing cabinets or other enclosed areas when not in actual use. Electronic CPI records shall be stored in conjunction with password access, encryption, firewalls, or such other safeguards as the SCTCA Executive Director determines are reasonably necessary. ( See also Web Portal Privacy Policies, below.)

CPI records shall be used and made available only to Authorized Individuals, except as expressly provided herein or specifically authorized on a case-by-case basis by the SCTCA Executive Director. CPI records shall not be used or left in plain view of areas where members of the public or persons other than Authorized Individuals regularly congregate (e.g., the front desk area of the SCTCA office) unless under the direct control and supervision of an Authorized Individual. All Authorized Individuals shall be given a copy of this Privacy Policy, including any updates or revisions, and shall receive such other training or instruction as may be necessary to ensure compliance with this Privacy Policy .

3. Financial CPI. Members occasionally provide SCTCA financial account information, most notably by means of a cancelled check, which is used at the request of a member to set up electronic fund transfers. In addition to the other requirements established herein, this financial CPI shall be used and accessed only by those Authorized Individuals who, as part of their job description, regularly handle financial matters for SCTCA. All cancelled checks and other written documents containing financial CPI shall be stored in locked filing cabinets or containers when not in actual use, and shall be destroyed when no longer needed by means of a shredder or other device rendering the related document unreadable.

4. Action in Case of Unauthorized Access to CPI. If, in spite of the precautions taken under this Privacy Policy, SCTCA discovers that unauthorized persons have gained access to CPI and there is a reasonable belief such access may result in identity theft or financial harm, SCTCA shall take immediate steps to notify the affected members of the unauthorized access. Whether such unauthorized access supports a reasonable belief of potential harm shall be determined based upon the totality of the circumstances involved, including the nature of the CPI involved, whether the unauthorized person is identifiable, and the means by which access was obtained. By way of example, if a cleaning person has access to an area overnight where CPI containing only the birth dates of various residents was left out in plain sight, such a situation would not pose a reasonable risk of harm to the members involved. In contrast, if an unidentified person breaks into the SCTCA offices or "hacks" into the web portal and gains access to names, social security numbers, birth dates, and checking account information of members, there exists an obvious and reasonable risk of harm, and SCTCA should act immediately to notify affected members. Consequences if a member violates the policy will be referred to the Covenants Committee for sanction. Consequences if an employee violates the policy will be referral to their supervisor for appropriate disciplinary action, up to and including termination of employment.

5. Protection of PPI; Residential Directories. PPI records are used by SCTCA in conjunction with its daily operations. These records may be used by SCTCA without restriction, except that they may not be sold or provided to third parties to facilitate the commercial solicitation of SCTCA members.

PPI records are also made available to SCTCA members by means of the Online Residential Directory and the Printed Residential Directory (the "Residential Directories"). The Residential Directories are provided for the sole purpose of strengthening community bonds and communication. SCTCA members or other persons receiving or accessing the Residential Directories shall not keep or use such information for commercial purposes, or publish it to third parties for any reason, except as required by law or with the prior written consent of the affected residents. The SCTCA Executive Director shall cause the Residential Directories to contain a copy of this policy provision, which may be in summary form, to ensure that all persons receiving or using such directories are aware of this restriction.

6. Ability of individual residents to restrict/prohibit publication of PPI: Any individual member or resident, at any time, may restrict or prohibit the publication of some or all of his or her PPI in the Residential Directories. The process for creating or removing such restrictions or prohibitions shall be as outlined from time to time by SCTCA, including as provided in the "Sun City Texas Community Web Portal User Guidelines."

Web Portal Privacy Policies

In addition to general privacy policies outlined above, use and operation of the SCTCA web portal shall be governed by the following specific policies. In the event of a conflict between these web portal privacy policies and the general privacy policies, the more restrictive policy shall control.

1. Passwords. Electronic access to that portion of the SCTCA web portal containing the Online Residential Directory, SCTCA financial information, and CPI shall be controlled by unique passwords issued to SCTCA members, employees, and other authorized users of the web portal. A user of the web portal shall be permitted access to the Online Residential Directory only after having logged in to the web portal by use of a personal and unique ID and password. The passwords shall not be visible or accessible to other users of the web portal, and shall be stored in an encrypted manner.

2. Electronic connection to SCTCA computer files. SCTCA shall not permit any electronic connection between the web portal and the on-site computer systems used by SCTCA to manage community operations and services, except to the extent that SCTCA establishes reasonable safeguards (e.g., firewalls, encryption, etc.) to ensure that such a connection provides reasonably equivalent level of security and privacy protection as afforded by the on-site computer systems, and as required by this policy.

3. No "cookies"; tracking of usage: The SCTCA web portal shall not use "cookies" or other software codes intended to track the pages viewed on the web portal by individual residents. Nevertheless, SCTCA shall be permitted to track log-in data of individual users and to collect statistical information about usage and users to understand general usage patterns and loads on the web server.

 

REVISED, APPROVED and ADOPTED by the SCTCA Board of Directors on the 24 th day of July, 2008.

__________________________________

By: ____________________________

Title: ____________________________

Created by Communications and Finance Committees

Board Approved July 24, 2008

© Sun City Texas Community Association Top of page | Add to Favorites | Print version | Privacy Policy | Contact