Updated July 14, 2022
The Great Lakes Observing System (GLOS) is a 501(c)(3) nonprofit with a mission to provide end-to-end data services that support policy, science, management, and industry in the Great Lakes. Based in Ann Arbor, Michigan, GLOS has served as the Integrated Ocean Observing System (IOOS) Regional Association for the Great Lakes since 2008. In 2016, GLOS was certified as a Regional Information Coordination Entity (RICE) under the authority of the Integrated Coastal and Ocean Observation System Act of 2009 (ICOOS Act).
In 2022, GLOS launched Seagull, a platform for Great Lakes data and information to serve the region’s need for easy access to observing data. Seagull and other GLOS work products, including how personal data is managed, is guided by our three core values. And we endeavor to treat others’ personal information as if it were our own.
GLOS collects personally identifiable information (PII) about people in order to better serve them. At the same time, GLOS only does so only when necessary, respecting individual privacy. We do not sell data and only share with third parties when needed for product development or as part of a collaborative project.
What is protected:
This policy describes what PII GLOS collects and how it is used. The policy applies to all GLOS data or information products and services. GLOS is responsible for the PII collected from you and your organization, if applicable. GLOS reserves the right to change this policy at any time. Any material changes will be communicated via the GLOS newsletter and to registered Seagull users.
In this policy all GLOS data and information products, including Seagull and GLOS.org are referred to as “GLOS services.”
What information does GLOS Collect?
GLOS stores information provided by people, for example, when people create a Seagull account, send GLOS an email, subscribe to the newsletter, fill out a survey, or leave comments on social media channels. For example, this provided information could include:
- Full name
- email address
- Phone number
- Organizational affiliation
- Preferences for viewing information on Seagull
Information collected by GLOS
GLOS automatically captures information from people when they interact with GLOS services, as device settings allow. Typically, this information is anonymous and used only in aggregate (thousands of anonymous data points lumped together), and at times, this information can be tied to an individual.
Information collected can include:
- Device configuration (device type, operating system, browser, IP address, and location).
- The web address that referred someone to GLOS.
- Search history, taps, or clicks when using GLOS services.
- Email opens and link clicks, tied to individual newsletter subscribers.
- Interactions with GLOS posts on social media.
How GLOS uses personally identifiable information
As a nonprofit, GLOS has no commercial interest in PII. Everything collected is used to better understand people and build better products, services, and communications. For example, GLOS may use PII to:
- Share news from GLOS.
- Create email lists, including to specific groups who show interest in a topic or feature.
- Understand peoples’ use patterns and identify sticking points to improve Seagull’s design.
- Share anonymized information with GLOS board, leadership, or other outside supporters.
- Protect against activity that is illegal, for personal or corporate gain, safety and privacy of others.
- Combine with other related content associated with your personally identifiable information.
When PII may be shared
GLOS only shares PII when absolutely necessary. GLOS works with a variety of organizations, including data providers, subcontractors, and other partners or service providers. GLOS may share PII with these organizations in order to provide services:
- Subcontractors: GLOS works with subcontractors under binding agreements that prevent them from collecting, storing, or using your PII. GLOS may share PII with them only when required for the development of GLOS services.
- Third-party services: GLOS services, particularly Seagull, leverage a wide range of third-party service providers including for cloud computing, search, authentication, communication platforms, and database administration services. GLOS may provide your PII as required by any of these third-parties in connection with the performance of the applicable service to GLOS services.
- Co-organizers: GLOS frequently collaborates on projects with other organizations and may need to disclose PII collected as part of these efforts. For example, when co-organizing a webinar, GLOS may share names, email addresses, and other PII provided by attendees.
- Legal Requirements and Proceedings: If the law requires it, GLOS may disclose information to law enforcement authorities or other government officials to comply with subpoenas, court orders, legal process or other law enforcement or other government measures, and to comply with other legal obligations. GLOS may also disclose information if GLOS believes disclosure is necessary or appropriate in connection with an investigation of suspected or actual fraudulent or illegal activity.
GLOS does not otherwise share PII with organizations within the IOOS network, data providers, partners, or social media companies. If someone uses a social media platform to log into Seagull, GLOS does not process or store credentials or any data related to these services and does not track activity, though the social media platform may.
Storage of PII
GLOS stores some PII, allowing access only by authenticated GLOS staff or affiliated organizations as described above. GLOS services are usable anonymously, but if people choose to log in or sign up, GLOS will store PII. Information related to email, web forms, social media and more may be stored. GLOS only keeps your data for as long as is necessary, except if required by a legal or regulatory authority to keep it for longer. Secure access to Seagull cloud infrastructure is limited to authenticated GLOS employees and GLOS-approved individuals acting on behalf of GLOS.
People may request GLOS delete any PII at any time by emailing firstname.lastname@example.org.
Upon request, GLOS will delete your PII within a 30-day grace period, or immediately by contacting email@example.com.
Anonymized usage data will be stored for understanding how people use Seagull and GLOS services.
Seagull user accounts are password protected, but people can take extra precautions to prevent a security breach of PII, including:
- Limiting unauthorized account access.
- Signing off after each session.
- Choosing a strong password.
- Limiting access to your device.
GLOS is committed to protecting the confidentiality of your PII and has physical, electronic, and procedural safeguards in place to protect personal information. Though not all PII is protected with all the methods below, GLOS is continually working to improve security of PII, including through:
- Encryption of stored information.
- Data transmission via HTTPS.
- Access to PII limited to GLOS employees with a specific programmatic need or authorized individuals acting on behalf of GLOS.
However, no system can prevent all potential security breaches. Unauthorized entry or use, hardware or software failure, or other factors can compromise the security of PII at any time.
In the case of a suspected breach, people should contact GLOS immediately at firstname.lastname@example.org.
Interaction with Children
If you have any questions or concerns about how PII is handled, please reach out to email@example.com.
You may also write GLOS at:
Great Lakes Observing System
4840 S. State Road,
Ann Arbor, MI, USA