Voices International ASBL
Personal Data Security Policy
Photos, Videos, Social Media
When you sign up to be a member of VI, you agree that any photos /videos which include you can be posted on Social Media or the VI Website, without identification. These photos can be taken at any time during rehearsals or performances.
You also agree to not post photographs or videos of choir performances or rehearsals without prior approval of the committee.
Conversely, we would love people to take good pictures! If you take any, please forward them to the committee for approval. Once committee approval is given, they can then be posted anywhere, and we can also post them on the VI website!
Practice tracks, Digital Music and other copywrite materials.
Many tools are available for your use on the website. These include MP3, pdf, and other file formats. They are not to be distributed outside the choir and are intended for private use. If you do so you are responsible for any litigation from the copy write owners.
Your Personal Data
It is, and has been the policy of Voices International ASBL to do everything possible to protect your personal data.
VI will collect only the minimum amount of personal information needed to operate the choir.
Your preferences page (https://www.voicesinternational.lu/account/preferences.php) gives you the ability to control you own personal data. It contains about 95% of the personal data collected. The other 5% is made up of information used by the Lepton Content Management System(the software of our website) to operate the website.
It is your responsibility to maintain a good password (see recommendations below) and prevent fraudulent access to the website through your user access.
Access to your information
You have the right to see all your information we have collected.
The right to be forgotten
If at any time a former member wishes to leave the website, and all his/her information deleted, he/she only needs to notify the Membership Secretary, or other Committee member, and this will be done.
Who can see your data?
Only current Members and Committee Members can see any of your data. People leaving the choir have their access restricted immediately if they leave mid-season, or after the cut-off date of the next season if they don't re-join. For a full description of who can see what, see below.
If there is an incident in which your information is exposed, you will be notified of the incident and the steps taken to re-secure your information.
When a new member signs up to the website they are automatically placed in a special category called Guest. This provides them with limited access to the member’s area, and without revealing any other members' personal information. Once they have started attending rehearsals their access is elevated to that of Member. This prevents someone from fraudulently signing up in order to access members' information. See the full description of access categories below.
Non-members and Former-members
When a Member leaves the choir, they usually become a Former Member on the website. However a departing member may choose to be deleted altogether, and no information is kept on them. In exceptional circumstances, the Committee may decide to delete a member from the website. Deleted members become like any member of the public, as if they had never been a member, they only have access to the public sections of the website.
In order to keep departing members from accessing the information intended only for other members, every effort will be made to quickly deactivate members when they become non-members, and limit access to members who become former-members. Becoming a non-member can happen by:
Becoming a Former-member:
- Not coming to the rehearsals up to the cutoff date of the next season.
- Informing your section leader or a committee member that you will not return.
- Failure to pay the membership fee within three months of receipt of the demand for payment in writing(Art.5).
If you are deactivated, you will no longer have access to your preferences page, or any part of the website that is not public. Because you no longer have control of your personal information, it will no longer be shared with the members even if you had checked the share box.
If you become a former member you still have access to change your preferences, and can control the sharing of your data yourself.
Website Area Access according to Membership status
The website contains many access-restricted areas that in turn contain the tools necessary to carry out a specific function within the choir.
In order of increasing access:
- The Public Area is open to everyone in the world.
- Guest have limited access to the members area including Photo Gallery, Videos, Calendar but not to pages with personal data(i.e. the staff page).
- Former Members have limited access to the members area including Photo Gallery, Videos, Calendar but not to pages with personal data(i.e. the staff page).
- Members have access to the Member’s area and the Public area.
- Contributors(practice track team and other content providers) have access to the Contributor’s area, the Member’s area and the Public area
- Section Leaders have access to the Section Leader’s area, the Contributor’s Area, the Member’s area and the Public area. This is the first group to have access to all personal data.
- Committee Members have access to the Committee Member’s area, the Section Leader’s area, the Contributor’s area, the Member’s area and the Public area.
- Administrators have access to all information.
- Other areas may be added in the future as needed.
Writing Web Pages
If you have been granted the ability to change the content of web pages, and you are deemed a potential threat to the website’s integrity, your access to that ability will be withdrawn at the webmasters discretion. This decision can be overturned by a majority vote of the committee.
Your password is saved in an encrypted way (md5) so that no one, including the administrators can see what it is. The administrators can change your password but not tell you what it is currently set as.
It is important for everyone’s security that you choose a password that is secure. It is recommended that you choose a password that is secure.
5 steps to build a strong password
The strongest passwords look like a random string of characters to attackers. But random strings of characters are hard to remember.
Make a random string of characters based on a sentence that is memorable to you but is difficult for others to guess.
- Think of a sentence that you will remember
Example: "My son Aiden is three years old."
- Turn your sentence into a password
Use the first letter of each word of your memorable sentence to create a string, in this case: "msaityo".
- Add complexity to your password or pass phrase
Mix uppercase and lowercase letters and numbers. Introduce intentional misspellings.
For example, in the sentence above, you might substitute the number 3 for the word "three", so a password might be "MsAi3yo".
- Substitute some special characters
Use symbols that look like letters, combine words, or replace letters with numbers to make the password complex.
Using these strategies, you might end up with the password "M$8ni3y0."
- Keep your password a secret
Treat your passwords with as much care as the information that they protect.
Qualities of strong passwords
- Each character you add to your password increases the protection it provides.
- 8 or more characters are the minimum for a strong password; 14 characters or longer are ideal.
- The greater variety of characters that you have in your password, the harder it is to guess.
- An ideal password combines both length and different types of symbols.
- Use the entire keyboard.
Easy to remember, hard to guess
- The easiest way to remember your passwords is to write them down.
- It is OK to write passwords down, but keep them secret so they remain secure and effective.
Password strategies to avoid
To avoid weak, easy-to-guess passwords:
- Avoid sequences or repeated characters
"12345678," "222222," "abcdefg," or adjacent letters on your keyboard do not make secure passwords.
- Avoid using only look-alike substitutions of numbers or symbols
Criminals will not be fooled by common look-alike replacements, such as to replace an 'i' with a '1' or an 'a' with '@' as in "M1cr0$0ft" or "P@ssw0rd".
These substitutions can be effective when combined with other measures, such as length, misspellings, or variations in case.
- Avoid your login name
Don't use any part of your name, birthday, social security number, or similar information for your loved ones.
This type of information is one of the first things criminals will try, and they can find it easily online from social networking sites, online resumes, and other public sources of data.
- Avoid dictionary words in any language
Criminals use sophisticated tools that can rapidly guess passwords that are based on words in multiple dictionaries, including words spelled backwards, common misspellings, profanity, and substitutions.
- Avoid using only one password for all your accounts
If your password is compromised on any one of the computers or online systems that use it, you should consider all of your other information protected by that password compromised as well.
It is critical to use different passwords for different systems.
- Be careful with password recovery questions
Many Web sites offer a "password " service that lets you provide the answer to a secret question. If you forget your password, the service will send it to you if you can remember the answer to your secret question.
The questions are often random, but sometimes the answers to these questions are freely available on the Web. Choose your questions carefully or make up the answers.
- Avoid using online storage
If criminals find your passwords stored online or on a networked computer, they have access to all your information.