Privacy Policy for IMAccess.org
We are staunchly committed to protecting and meticulously safeguarding the privacy, confidentiality, and security of personal information relating to our website visitors and service users. This commitment extends across all our operations, systems, and processes.
This policy applies where we are acting as a data controller with respect to the personal data of our website visitors and service users; in other words, where we determine the purposes and means of the processing of that personal data. In this role, we are responsible for maintaining comprehensive oversight of how your personal information is collected, used, and protected throughout our systems.
We may process usage data (“usage data”), which comprehensively includes browser type and version, operating system details, page view timestamps, interaction patterns, feature utilization metrics, and session duration statistics. This information is collected through automated logging systems, cookies, and analytics tools and may include navigation paths through our accessibility resources, interaction with educational content, and tool usage patterns. The source of this data is our website analytics software and server logs. We process this information for several important purposes, including improving website accessibility features, optimizing user experience, analyzing content effectiveness, and enhancing platform performance, which enables us to deliver more personalized content, improve navigation efficiency, and enhance accessibility features. The legal basis for this processing is our legitimate interests in monitoring and improving our website and services.
We may process account data (“account data”), which comprehensively includes name, email address, telephone number, postal address, and account settings preferences. This information is collected through registration forms, account setup processes, and profile updates and may include communication preferences, accessibility requirements, and support needs. The source of this data is direct user input during account creation and management. We process this information for several important purposes, including user authentication, service delivery, communication management, and support provision, which enables us to personalize user experience, provide technical assistance, and maintain security protocols. The legal basis for this processing is the performance of a contract between you and us and/or taking steps, at your request, to enter into such a contract.
We may process profile data (“profile data”), which comprehensively includes biographical information, professional details, interests, preferences, and accessibility requirements. This information is collected through profile completion forms, preference settings, and user surveys and may include specific accessibility needs, content interests, and communication preferences. The source of this data is your direct input and interaction with our platform. We process this information for several important purposes, including personalizing content delivery, improving accessibility features, facilitating community connections, and enhancing user support, which enables us to provide tailored resources, relevant recommendations, and appropriate accessibility accommodations. The legal basis for this processing is our legitimate interests in providing personalized and accessible services to our users.
Your Rights:
Right to Access: You have the right to access personal data we hold about you and receive confirmation of how we process it. This includes the ability to request copies of your data, understand processing purposes, and verify data categories we maintain. To exercise this right, you can submit a formal request through our dedicated privacy portal or contact our data protection team directly at [email protected]. We will respond within 30 calendar days and may require government-issued identification, proof of address, and account verification details to verify your identity.
Right to Rectification: You have the right to have inaccurate personal data rectified and incomplete data completed. This includes the ability to update profile information, correct account details, and modify accessibility preferences. To exercise this right, you can use our account management interface or submit a correction request through our support system. We will process your request within 15 business days and may require current account credentials, specific correction details, and supporting documentation to verify your identity.
Right to Erasure: You have the right to request the deletion of your personal data when there is no compelling reason for its continued processing. This includes the ability to remove account information, delete usage history, and withdraw consent for data processing. To exercise this right, you can initiate account deletion through your profile settings or submit a formal erasure request. We will complete the erasure within 30 days and may require password confirmation, written authorization, and identity verification documents to verify your identity.
Right to Restrict Processing: You have the right to limit how we use your personal data when you have a particular reason for wanting the restriction. This includes the ability to pause data processing, limit data usage, and temporarily suspend account activities. To exercise this right, you can adjust your privacy settings or submit a restriction request through our privacy center. We will implement restrictions within 7 business days and may require account verification, specific restriction parameters, and formal written request to verify your identity.
Right to Data Portability: You have the right to receive your personal data in a structured, commonly used, and machine-readable format and transmit it to another controller. This includes the ability to download your data, transfer information between services, and receive data copies. To exercise this right, you can use our data export tool or submit a portability request through our privacy portal. We will provide your data within 30 days and may require two-factor authentication, service verification, and identity confirmation to verify your identity.Data Handling & Security
Data Processing Details
We process Service Data which includes user account details, accessibility preferences, assistive technology settings, and platform interaction records. This processing involves automated collection, analysis, and storage, enabling us to personalize accessibility features and improve user experience. For example, in the context of accessibility, this includes adapting content presentation based on screen reader preferences. The legal basis for this processing is legitimate interest and contract fulfillment, specifically to provide accessible services and maintain platform functionality.
We process Technical Data which includes device information, browser settings, IP addresses, and accessibility tool configurations. This processing involves automated logging, analysis, and optimization, enabling us to ensure compatibility with assistive technologies. For example, in the context of accessibility, this includes adjusting interface elements based on input devices. The legal basis for this processing is legitimate interest and necessity for service provision, specifically to maintain technical functionality and accessibility standards.
We process Communication Data which includes email correspondence, support requests, and feedback submissions. This processing involves storage, analysis, and response management, enabling us to provide effective support and improve our services. For example, in the context of accessibility, this includes handling specific accommodation requests. The legal basis for this processing is consent and contract fulfillment, specifically to address user needs and maintain communication channels.
We process Transaction Data which includes service subscriptions, payment information, and usage records. This processing involves secure storage, processing, and verification, enabling us to manage service delivery and billing. For example, in the context of accessibility, this includes processing accessibility tool subscriptions. The legal basis for this processing is contract performance and legal obligation, specifically to provide paid services and maintain financial records.
We process Preference Data which includes accessibility settings, content preferences, and notification choices. This processing involves storage, analysis, and application, enabling us to personalize user experience. For example, in the context of accessibility, this includes maintaining individual accessibility profiles. The legal basis for this processing is consent and legitimate interest, specifically to provide personalized accessible services.
Security Measures
Our comprehensive encryption protocols ensure end-to-end protection of your data, incorporating industry-standard algorithms and regular security updates to maintain data integrity. This includes regular security assessments and penetration testing by qualified professionals.
We implement multi-layered security infrastructure, including advanced firewalls and intrusion detection systems that continuously monitor for and prevent unauthorized access attempts. This infrastructure undergoes regular updates and enhancements.
Access to personal data is strictly controlled through role-based permissions, multi-factor authentication, and detailed access logs. We maintain comprehensive audit trails of all data access and modifications.
Our continuous monitoring systems provide real-time threat detection and automated response protocols, ensuring immediate action against potential security threats.
We maintain comprehensive backup procedures with encrypted offsite storage and regular recovery testing, ensuring data availability and integrity.
All staff undergo regular security awareness training and must comply with detailed data protection protocols, including specific training for handling sensitive data.
International Transfers
We may transfer your personal data to countries outside your jurisdiction. These transfers are protected by appropriate safeguards, including Standard Contractual Clauses, Binding Corporate Rules, and Privacy Shield certifications. Each international transfer is conducted under strict protocols that ensure:
– Adequate data protection standards
– Compliant processing procedures
– Enforceable data subject rights
– Effective legal remedies
International transfers are protected by ISO 27001, GDPR standards, and regional data protection regulations, ensuring compliance with international privacy laws. We implement additional measures including:
– Regular compliance audits
– Data protection impact assessments
– Documented transfer mechanisms
– Continuous monitoring procedures
Regarding international transfers, you maintain specific rights including:
– Right to information about transfers
– Right to object to transfers
– Right to withdraw consent
– Right to data protection guarantees
Data Retention
We maintain specific retention periods for different data categories:
Account Information: Retained for the duration of account activity plus 24 months to facilitate account reactivation and maintain service continuity
Usage Data: Stored for 12 months to analyze accessibility patterns and improve service delivery
Transaction Records: Kept for 7 years to comply with financial regulations and audit requirements
Communication History: Maintained for 36 months to ensure continuity in user support and service improvement
Technical Logs: Preserved for 6 months to monitor system performance and security
These retention periods are determined by:
– Legal requirements
– Business purposes
– Technical necessities
– User preferences
Special circumstances affecting retention:
– Legal obligations
– Dispute resolution
– Security investigationsCookie Policy
Essential cookies serve fundamental functions for basic website operations at IMAccess.org. These cookies process authentication data, session information, and security tokens to maintain a stable, secure browsing experience. For example, in our accessibility context, these cookies store user-selected screen reader preferences and accessibility tool settings throughout your session.
Essential cookies are vital for:
– User authentication and secure login sessions
– Security measures including fraud prevention
– Basic site operations and technical stability
– Session management for accessibility tools
– Maintaining critical accessibility preferences
Functional cookies enhance your experience by remembering your preferences. These cookies process customization data to enable personalized site interaction. In the accessibility context, they remember settings like high contrast modes, font sizing, and keyboard navigation preferences. They enable:
– Language and region-specific content display
– User interface customization options
– Feature optimization for assistive technologies
– Personalized accessibility settings retention
– Custom navigation preferences
Analytics cookies help us understand user behavior to improve accessibility features. They collect anonymized information about how visitors interact with accessibility tools and navigate content. This data helps us optimize the site for all users, including those using assistive technologies. They track:
– Page interactions and tool usage patterns
– Navigation paths through accessible content
– Accessibility feature utilization
– Session duration and engagement
– User preference patterns
Performance cookies assess and improve website operation by monitoring technical aspects that affect accessibility. They process performance metrics to ensure optimal content delivery and assistive technology compatibility. These cookies help us:
– Monitor site speed and response times
– Identify technical barriers to accessibility
– Optimize content delivery for all users
– Analyze user experience with assistive tools
– Track system performance across devices
Cookie Management
You can control your cookie preferences through:
– Browser settings configuration
– Our accessibility-focused cookie consent tool
– Privacy preference center
– Account settings customization
GDPR Compliance
For EU residents, we ensure:
– Explicit consent mechanisms for all tracking
– Minimal data collection for essential functions
– Strict purpose limitation for collected data
– Clear storage limitation policies
– Full processing transparency
CCPA Compliance
California residents have additional rights:
– Complete access to collected personal information
– Ability to request data deletion
– Option to opt-out of data sharing
– Protection against discrimination
– Full access to collected information records
COPPA Compliance
Regarding users under 13:
– Strict age verification processes
– Required parental consent procedures
– Minimal necessary data collection
– Enhanced protection measures
– Complete parental access rights
Updates and Changes
Policy updates involve:
– Regular review procedures
– Proactive user notifications
– Consent renewal requirements
– Detailed change documentation
– Ongoing compliance monitoring
Contact Information
For privacy-related inquiries:
– Primary Contact: [email protected]
– Response Time: Within 48 hours
– Verification Required: For data-related requests
– Available Support: Privacy concerns, data requests, rights exercise
This policy was created specifically for imaccess.org and covers all associated services within the accessibility industry.