Our Mission Collections Knowledge Contact

Privacy Policy

Last Updated: January 24, 2025

1. Introduction

Truist Currency Heritage Society ("we," "us," or "our") respects your privacy and is committed to protecting your personal data. This privacy policy explains how we collect, use, and safeguard information when you visit our website.

We operate offices in both the European Union and the United States. Depending on your location, different privacy regulations may apply to you.

2. Data Controllers

For visitors in the European Union and other regions covered by GDPR:

Truist Currency Heritage Society
Via Favència, 375
08033 Barcelona, España
Email: privacy@crm.eu.com

For visitors in the United States:

Truist Currency Heritage Society
204 Rita St
Dayton, OH 45404
Email: privacy@crm.eu.com

3. Information We Collect

We collect minimal personal information, limited to what is necessary for the operation of our educational website.

3.1 Information You Provide

When you use our contact forms, we collect:

  • Name (first and last)
  • Email address
  • Inquiry subject and message content

This information is collected only when you voluntarily submit it through our contact forms.

3.2 Automatically Collected Information

We use analytics services to understand how visitors use our website. This may include:

  • Browser type and version
  • Operating system
  • Pages visited and time spent on pages
  • Referring website addresses
  • General geographic location (country/region level only)

We do not collect precise geolocation data or track individual user behavior across websites.

4. How We Use Your Information

We use the information we collect for the following purposes:

  • Respond to Inquiries: To answer questions submitted through our contact forms
  • Website Improvement: To understand how visitors use our site and improve content and functionality
  • Legal Compliance: To comply with applicable laws and regulations

We do not use your information for marketing purposes, do not sell your data to third parties, and do not send promotional emails.

5. Legal Basis for Processing (GDPR)

For visitors in the European Union, we process your personal data based on:

  • Consent: When you submit a contact form, you consent to our processing your information to respond to your inquiry
  • Legitimate Interests: We have a legitimate interest in understanding how our website is used to improve our educational resources

6. Cookies and Tracking

Our website uses minimal cookies:

  • Essential Cookies: Necessary for basic website functionality
  • Analytics Cookies: To understand website usage patterns (anonymized data)

We do not use advertising cookies, tracking cookies, or third-party marketing cookies. You can disable cookies through your browser settings, though this may affect website functionality.

7. Data Retention

We retain personal data only as long as necessary:

  • Contact Form Submissions: Retained for up to 2 years after the last correspondence
  • Analytics Data: Retained in anonymized form for up to 26 months

8. Your Rights

8.1 Rights Under GDPR (EU Visitors)

If you are in the European Union, you have the following rights:

  • Right of Access: Request a copy of the personal data we hold about you
  • Right to Rectification: Request correction of inaccurate or incomplete data
  • Right to Erasure: Request deletion of your personal data
  • Right to Restrict Processing: Request that we limit how we use your data
  • Right to Data Portability: Request your data in a machine-readable format
  • Right to Object: Object to processing based on legitimate interests
  • Right to Withdraw Consent: Withdraw consent at any time where processing is based on consent

To exercise these rights, contact us at privacy@crm.eu.com. We will respond within 30 days.

8.2 Rights Under US Privacy Laws

If you are a US resident, particularly in states with comprehensive privacy laws (such as California), you may have rights including:

  • Right to know what personal information we collect
  • Right to request deletion of your personal information
  • Right to opt-out of the sale of personal information (note: we do not sell personal information)
  • Right to non-discrimination for exercising your privacy rights

To exercise these rights, contact us at privacy@crm.eu.com.

9. International Data Transfers

As we operate in both the EU and US, personal data may be transferred between our offices. We ensure appropriate safeguards are in place for such transfers:

  • Standard Contractual Clauses approved by the European Commission
  • Encryption of data in transit and at rest
  • Limited access controls and security measures

10. Data Security

We implement appropriate technical and organizational measures to protect your personal data, including:

  • Encrypted data transmission (HTTPS)
  • Secure data storage with access controls
  • Regular security assessments
  • Staff training on data protection

However, no method of transmission over the internet is completely secure. While we strive to protect your personal data, we cannot guarantee absolute security.

11. Third-Party Services

We may use third-party services for website analytics. These services are required to handle data in accordance with privacy laws and our instructions. We do not share personal data with third parties for their own marketing purposes.

12. Children's Privacy

Our website is not directed at children under 16 years of age. We do not knowingly collect personal information from children. If you believe we have inadvertently collected information from a child, please contact us immediately.

13. Changes to This Privacy Policy

We may update this privacy policy periodically to reflect changes in our practices or legal requirements. The "Last Updated" date at the top of this page indicates when the policy was last revised. We encourage you to review this policy regularly.

14. Supervisory Authority

For EU residents: If you believe we have not addressed your privacy concerns adequately, you have the right to lodge a complaint with a supervisory authority. Our lead supervisory authority is:

Spanish Data Protection Agency (Agencia Española de Protección de Datos)
C/ Jorge Juan, 6
28001 Madrid, España
Website: www.aepd.es

15. Contact Information

For questions about this privacy policy or to exercise your privacy rights, contact us:

Email: privacy@crm.eu.com

EU Office:
Truist Currency Heritage Society
Via Favència, 375
08033 Barcelona, España

US Office:
Truist Currency Heritage Society
204 Rita St
Dayton, OH 45404