The YMCA of Metropolitan Los Angeles ("YMCA") is very concerned about the privacy of its members and employees and maintains their personal information in confidence. As an expression of the YMCA's commitment to protect the personal information of its members and employees, the following policy has been adopted by its Board of Directors.
The YMCA collects information from members in a proprietary database known as YMCA Membership and Program Support System (Y-MAPSS) for the purposes of billing; supporting the progress of our members toward their goals; encouraging the involvement of the whole family; and providing information on upcoming YMCA events and program opportunities.Member information is also aggregated in certain ways to help staff and YMCA Boards determine how well we are serving our community and how we can improve our operations.
Personal information is also collected as needed from our employees and volunteers. Volunteer staff perform important duties and are subject to many of the same policies and training requirements as our employees.
The YMCA shares member and employee information with financial institutions, government agencies, and companies working on behalf of the YMCA only as needed to conduct YMCA business. Other than as required by law or to conduct YMCA business, the YMCA will not share your personal information with other third parties without your explicit permission. The YMCA will not sell, rent or lease your personal information to others.
You may inspect your records and update your personal information at any time. Please notify the Executive Director of your YMCA branch or the Human Resources Department in the Metropolitan corporate office with regard to any concerns you may have about the privacy of your YMCA records.
How does the YMCA protect your privacy?
The YMCA maintains procedural, electronic, and physical safeguards to protect the MPI of its members, employees, volunteer staff and donors, including but not limited to the following:
The YMCA permits access to MPI only by authorized employees and volunteer staff with a need to have access, and who aretrained in the proper handling of member information. The YMCA removes employee and volunteer staff access to systems immediately upon notification of their termination by the branch executive or the Metropolitan YMCA Human Resources Department.
The YMCA requires all outside vendors and contractors who may be retained to perform services for the YMCA to conform to YMCA privacy standards and/or sign strict confidentiality agreements. In the rare and limited circumstances when a retained service provider is required to use MPI to complete its assignment,the service provider is strictly prohibited from using this information for any other purpose.
The YMCA will not reveal information about your health, character, personal habits or reputation to anyone for marketing purposes.
The YMCA uses outside vendors to conduct periodic network security audits to help prevent security breaches. The Metropolitan YMCA office follows published document management procedures providing for the timely destruction of outdated personal information.
The YMCA masks all but the last four digits of your credit card and bank account numbers in the Y-MAPSS application screens.
The YMCA uses SSL (secure socket layer) transmission to transmit electronic funds transfer payments to and from financial institutions.
The YMCA stores electronic credit card report information in a secure folder with limited employee access on its network drive.
The YMCA does not display any bank and credit card information on any system generated receipts or invoices.
The YMCA ensures that unattended computers display electronic screensavers to help prevent unauthorized access to personal information. Access is locked out until a proper password is entered.
All YMCA employees and volunteers, upon logging on to any networked computer, are prompted with a message that reminds them of the importance of protecting member personal information.
The YMCA’s Verify-it (controlled access) system displays member information for only 30 seconds between card swipes so that your personal information does not linger on the screen.
YMCA automated system policies require employees and volunteer staff to change passwords at random intervals.
The YMCA’s internal audit team periodically audits our Metropolitan office and branches to ensure that reasonable securitypractices and internal controls are being followed.
All YMCA branches have drop-safes and in some cases safety deposit boxes to secure your checks and cash overnight.
All YMCA branches use armored transport services to reduce the incidents of theft and to ensure that your personal checks make it to the bank.
Many YMCA branches have security surveillance cameras to discourage theft on the premises.
The Metropolitan office and many branches have controlled access into their facilities.
The YMCA keeps the transportation of member personal information between the branches and the Metropolitan office to a minimum to help reducethe potential for identity theft.
What are your rights?
You have the right to know what MPI the YMCA has collected about you; this does not apply to MPI that relates to an actual or possible claim or a civil or criminal action.
You may ask the YMCA in writing to correct any MPI you believe is recorded in error.
If this is done, the YMCA will provide you with a written or electronic copy of all of the related legal rights to which you are entitled. This privacy notice supersedes all prior notices the YMCA may have provided you.
How may you contact us?
You may contact the Executive Director of your local YMCA branch or write to:
Vice President of Knowledge Management
YMCA of Metropolitan Los Angeles
625 S.New Hampshire Avenue
Los Angeles,CA 90005-1371