Our commitment: Protecting your privacy.
Member Privacy Promise
Sons of Norway respects your privacy. Your information is personal, and we promise to keep it confidential. We want you to understand what personal information we collect, how we use it, and how we protect it.
Information We Collect
Sons of Norway may collect nonpublic personal information about you, such as name, age, mailing and email addresses, marital status, and social security number. We may also collect other information that you authorize us to obtain, such as medical records, medical exam information, and information from consumer reporting agencies.
Specific examples of personal information that we collect and may disclose to affiliates and certain third parties may include:
- Information we receive from you on new product and service request
- Information about your transactions with us, our affiliates, and others such as account balances, payment history, account activity and
- If you visit our Internet web site, sofn.com (the “website”), information you may submit to us on our website forms and information we may collect from your web browser and through “cookies.”
- If you use any of our online services, we may collect your IP address and other identifying information as part of the normal operations of those services.
What Information We Use and Share
Unless you tell us not to, we use your personally identifiable information within Sons of Norway so that we may provide you with membership services or financial products, and to administer both the lodge system and the Sons of Norway Foundation. We disclose information to critical business partners, to detect, prevent, mitigate and investigate fraudulent or illegal activities, and as required by law. We never share your personally identifiable medical or financial information for any purpose other than underwriting insurance applications. As permitted by law, we may disclose:
- Limited information, such as name, phone number, mailing and email addresses, to organizations with whom we have agreements to provide you certain products, services or benefits, such as Ski for Light and Visa.
- Information about you to organizations that provide business services, such as reinsurance, printing, and mailing services.
- Any personal data when required to do so by law, such as responding to requests for personal data in connection with a judicial, administrative or investigative
We may share non-personally identifiable information (such as anonymous usage data, access and source URLs, platforms, etc.) with third parties to help us understand usage patterns and improve our services to you. Non-personally identifiable information may be stored indefinitely.
We do not sell personal information to anyone and only share it with third parties who are facilitating the delivery of our services.
Sharing with Nonaffiliated Service Providers
We may disclose personal data to nonaffiliated service providers who perform business functions on our behalf, which may include marketing of our products and services, check printing, and data processing. Nonaffiliated third party service providers often aid us in the efficient and effective delivery of services and there may be circumstances where it is necessary to disclose personal data we collect to such parties. However, before disclosing personal data to a nonaffiliated party, we require confidentiality agreements, keeping that information confidential and secure and to use it only as authorized by us. Also, we will only share your nonpublic information with nonaffiliated third parties where permitted by applicable law. All data shared with nonaffiliated service providers needed for the service provider to provide service.
Sons of Norway does not share, sell, or rent personal data with outside marketers.
Information about your Sons of Norway products and services are maintained in association with your profile account. The personal data that Sons of Norway collects from you is stored in one or more databases hosted by third parties located in the United States. These third parties do not use or have access to your personal data for any purpose other than cloud storage and retrieval. On occasion, Sons of Norway engages third parties to mail information to you.
Security & Confidentiality Safeguards
Sons of Norway maintains a comprehensive security program that provides administrative, technical, and physical safeguards to protect your information against loss, misuse, unauthorized access, disclosure, and alteration. Safeguards include firewalls, data encryption, limited physical access to computer rooms, data access limited to individuals requiring access to provide you service, policies and procedures on handling your information, confidentiality requirements with outside organizations, ongoing review of procedures and ongoing staff training on these items.
Sons of Norway also maintains processes to detect, prevent and when necessary respond to attacks, intrusions or unauthorized access to confidential information as well as internal training programs to insure that all employees are trained regarding our information security program, the confidentiality of your information, and the laws applicable to the proper safeguarding and disposal of your personal data.
While we have many security controls in place, we cannot and do not guarantee that unauthorized, inadvertent disclosure never may occur.
Retention and Destruction
Your personal data is stored by Sons of Norway on our servers, and on the servers of the cloud-based database management services Sons of Norway engages, located in the United States. Sons of Norway retains data for the duration of a member’s relationship with Sons of Norway. We retain your personal information for as long as necessary to provide the Services you have requested, or for other essential purposes such as complying with our legal obligations, resolving disputes, and enforcing our policies. Personal information may be retained beyond the closure of accounts for as many as ten years or longer.
For more information on where and how long your personal data is stored, and for more information on your rights of erasure and portability, please contact our data protection officer at [email protected].
Sons of Norway disposes of all business records containing personal data in accordance with its record retention policy, and in compliance with applicable state and federal laws.
Based upon any personal data you may provide to us, we may occasionally send you some or all of the following promotional communications:
- information on products, services, special deals, promotions
Out of respect for your privacy, we provide you a way to unsubscribe from these communications. Please see the “Choice and Opt-out ” section.
In addition, however, based upon any personal data we receive from you as a result of an account you create or products or services you request from us, we also may occasionally send you some or all of the following:
- service-related announcements, on rare occasions when it is necessary to do so (for instance, if our service is temporarily suspended for maintenance, we might send you an email)
- communications in response to inquiries, service requests, and account management
Generally, you may not opt-out of these communications, which are not promotional in nature. If you do not wish to receive them, you have the option to cancel your membership, subject to any contractual obligations.
Choice and Opt-out
As our communications are required to provide Sons of Norway services, joining Sons of Norway as a member or joining a Sons of Norway affiliated lodge constitutes opting-in to our communications.
If you no longer wish to receive any promotional communications from us, you may opt- out of receiving them by following the instructions included in each newsletter or electronic communication.
Log files are collected directly and indirectly by Sons of Norway, and your personal data may be stored with either approach.
Direct collection consists of the Sons of Norway websites and email systems, which gather certain user information automatically, storing it in log files. This information may include, among other things, internet protocol (IP) addresses, browser type, internet service provider (ISP), referring/exit pages, sending servers, operating system, date/time stamp, and clickstream data. We may use this information to analyze trends, to administer the site, to track users’ movements around the site, perform spam filtering, and to gather demographic information about our user base as a whole.
We may use both session cookies and persistent cookies. A session cookie expires when you close your browser. We use session cookies to simplify your use of our site. A persistent cookie remains on your hard drive for an extended period of time. We may set a persistent cookie to store your identity, so you don’t have to enter your username and password more than once. We may also use persistent cookies to enable us to track and target the interests of our users and to enhance your experience on the website. You can remove persistent cookies by following directions provided in your Internet browser’s “help” file.
If you reject cookies, you may still use the website, but your ability to use some areas of the website, such as the member-only areas, may be limited.
Other Sites and Services
The Sons of Norway websites may contain links to other sites that are not owned or controlled by Sons of Norway. Sons of Norway is not responsible for the privacy practices of such other sites. Similarly, Sons of Norway provides services to customers who may hold a relationship with you separate from Sons of Norway. While Sons of Norway may process such data, Sons of Norway does not control it.
If you have concerns regarding the privacy practices of other sites, you should read the privacy statements available at those sites.
This privacy statement applies only to information collected by the Sons of Norway website and services that Sons of Norway controls.
Transfer of Member Information
Member lists and other information provided to us are our business assets. If we merge with another entity or if we sell our assets to another entity, such information, including personal data provided us, may be included among the assets to be transferred.
To provide services to our customers, Sons of Norway may need to transfer personal data to a third party. Under the EU-US Privacy Shield, Sons of Norway shall remain liable if the third party improperly processes your personal data unless we prove that we are not responsible for the event giving rise to the damage.
Transferring Personal Data from the EU to the US
Sons of Norway has its headquarters in the United States. Information we collect from you will be processed in the United States. The United States has not sought nor received a finding of “adequacy” from the European Union under Article 45 of the General Data Protection Regulation (“GDPR”). Sons of Norway relies on derogations for specific situations as set forth in Article 49 of the GDPR. In particular, Sons of Norway collects and transfers to the U.S. personal data only: with your consent; to perform a contract with you; or to fulfill a compelling legitimate interest of Sons of Norway in a manner that does not outweigh your rights and freedoms. Sons of Norway endeavors to apply suitable safeguards to protect the privacy and security of your personal data and to use it only consistent with your relationship with Sons of Norway and the practices described in this Data Privacy Statement. Sons of Norway also minimizes the risk to your rights and freedoms by not collecting or storing sensitive information about you.
Where Sons of Norway serves as a processor, facilitating the transfer of personal data on behalf of our partners, the partners’ privacy policies apply but do not override the requirements on both Sons of Norway and Sons of Norway’s members under applicable law.
Data Subject Rights
To the extent that GDPR applies to the processing of your personal data, this Data Privacy Statement is intended to provide you with information about what personal data Sons of Norway collects about you and how it is used. If you have any questions, please contact us at [email protected].
If you wish to confirm that Sons of Norway is processing your personal data, or to access the personal data Sons of Norway may have about you, please contact us at [email protected].
In compliance with the Privacy Shield Principles, Sons of Norway commits to resolve complaints about our collection or use of your personal information. European Union individuals with inquiries or complaints regarding our Privacy Shield policy should first contact CDI at: [email protected]
Sons of Norway has further committed to refer unresolved Privacy Shield complaints to JAMS , an alternative dispute resolution provider located in the United States. If you do not receive timely acknowledgment of your complaint from us, or if we have not resolved your complaint, please contact or visit https://www.jamsadr.com/eu-us-privacy-shield for more information or to file a complaint. The services of JAMS are provided at no cost to you.
For more information on the arbitration process, please review Section C of the Privacy Shield Annex I at: https://www.privacyshield.gov/article?id=ANNEX-I-introduction
Changes in This Privacy Statement
We reserve the right to modify this privacy statement at any time, so please review it frequently.
If we decide to change our Privacy Statement, we will post those changes on the website so our users and investors are always aware of what information we collect, use and disclose. If at any point we decide to use or disclose personal data received from you in a manner different from that stated at the time it was collected, we will notify you in writing. We will otherwise use and disclose personal data in accordance with the Privacy Statement that was in effect when such information was collected.
We may e-mail periodic reminders of our notices and terms and conditions and will e-mail of material changes thereto, but you should check the Web site frequently to see the current Data Privacy Statement that is in effect and any changes that may have been made to it.
Accuracy & Your Access to Information
We respect your right to access, correct, request deletion or request restriction of our usage of your personal information as required by applicable law. We will provide you with a copy of your personal information in a structured, commonly used and machine readable format on request. You can also ask us to delete or restrict how we use your personal information, but this right is determined by applicable law and may impact your access to some of our Services.
If you see any inaccuracy in your statements or in other communications from us, or to remove yourself from such communications, please email us at [email protected] or call us at 1-800-945-8851.
Sons of Norway complies with the EU Data Protection Directive 95/46/EC framework as set forth by the European Union regarding the collection, use, and retention of personal data.
Form PP-L (01-2020)