Who we are
What personal data we collect and why we collect it
Our online payment form for membership includes fields for the following:
- First and last name(s) for either one parent or both, address, phone number, email address (if different from your PayPal email address)
- Types of volunteering you're willing to do for OFTP
- Your payment will also reveal your PayPal email address and the number of years of membership you're paying for.
This information is collected so as to process your membership request. It is sent to PayPal first and retained in our PayPal account's transaction history. We receive the information through PayPal's email notification of the transaction. We then use it to email you your membership benefits: a membership card and letter of good standing sent by the membership secretary, monthly e-newsletters sent by the membership secretary, and a unique-to-you user-account registration link sent automatically by the website's membership plugin through integration with the PayPal API. We never receive your credit card or bank account information, as that remains between you and PayPal.
If you register a user account on our website through the special link emailed to you upon paying for membership or a resource listing, the payment history will be part of your user account data retained in the website's database until your account is deleted:
- the PayPal transaction ID
- the End Of Term (EOT) date and time (i.e. when your membership or listing will expire unless renewed)
- the IP address used at the time of payment
This information will be associated with your user account, and retained in the database until your account is deleted, along with all the information you enter when registering (or as edited thereafter), or that you add to your profile after registration:
- Email address (required but can be edited as needed)
- Username (required and cannot be changed after it's set)
- First name
- Last name
- Display name (in profile form, not in registration form)
- Biographical info (may not be used at all on the site, but if it ever is, it may be publicly visible)
- Any Gravatar profile picture if you've associated with your email address
When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.
If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.
If you are uploading files for the use of OFTP members only, please avail yourself of the option to protect it from public viewing through the Media Vault plugin.
We do not have a contact form on our site. You must use your own email client program to contact us by email.
If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
If you have a user account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select "Remember Me", your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.
Embedded content from other websites
Articles on this site may include embedded content (e.g. videos from YouTube, Vimeo, etc.). Embedded content from other websites behaves in exactly the same way as if the visitor has visited the other website.
Server logs (a history of page requests) are provided to us by our web host for the purpose of analytics and troubleshooting. Information about each page request can including client IP address, request date/time, page requested, HTTP code, bytes served, user agent, and referrer. The only information collected that is close to being user-specific is the IP address. However, IP addresses can be shared and can change over time, so it is not personally identifying information.
Who we share your data with
We do not share collected data with any third parties beyond those involved in maintaining this site:
- Our web host can view server logs
- PayPal can view the payment information and retains it for necessary processing and transaction history.
- Our website manager can access server logs, files, the database, user accounts, and (for the purposes of verifying user account access level permissions) may receive copies of the website's (not PayPal's) payment confirmation email that includes the payer's first name, last name, email address, and amount paid.
Membership information that is not also available through user accounts (or the confirmation email) is only seen by our treasurer and membership secretary.
How long we retain your data
User account data is not retained after deletion of the account, except in back-ups of the database which are themselves deleted once replaced by newer back-ups.
Membership data in our offline records is not retained past expiry of the membership.
Data on payment transactions is retained by PayPal in accordance with their own policies.
If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.
What rights you have over your data
Anyone with a user account can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.
If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
Where we send your data
Our web host's servers are located in the U.S.
Visitor comments may be checked through an automated spam detection service.
Payment data is sent to PayPal, who then forwards it to us.
How we protect your data
We use security software and password protection to protect the site and your data. We never receive your credit card or bank account information, which remains visible only to PayPal.
Our contact information
See our Contact Us page.