Privacy Policy

General Statement of Privacy

The Coalition for Government Procurement (CGP) respects the privacy of its members and of those who visit its site. By accessing and/or using the CGP’s website, you consent to, and otherwise agree with, this policy; you consent to our collection, use, and disclosure of information; and you consent to the use of cookies in accordance with the terms of this policy. For its part, the CGP has privacy controls in place that endeavor to afford protection in the processing of personal information, and these controls include expecting the CGP’s staff that have access to data or personal information collected by the CGP to uphold this privacy policy.  In addition, the CGP reserves the right to change this policy as it sees fit.  If material changes are made, the CGP will post such changes here and provide a pop-up notice for a reasonable period of time alerting users of the site to such change.

Personally-Identifiable Information

The CGP collects a limited amount of personally-identifiable information voluntarily provided by users of its site. Doing so enables the CGP to allow you access to information on the site and process requests and purchases. The CGP site employs cookies to facilitate its management of the site.  The CGP does not sell or lease its member information.

Unless otherwise stated, the legal basis for processing all member and program data is based on your Coalition membership or otherwise by becoming registered on, or visiting, the Coalition’s website.  The Coalition also may process any of your personal data where such processing is necessary for compliance with a legal obligation to which it is subject, or in order to protect your vital interests or the vital interests of another person. Please do not supply any other person’s personal data to us, unless we prompt you to do so under the basis of providing goods, services, or programs.  Coalition members can add, correct, or update their personal information in their account online or by contacting info@thecgp.org.

Security

Generally, the CGP provides the security of personally-identifiable information on servers in a controlled, secure environment, protected from unauthorized access, use, or disclosure.  Our cloud data service is with Microsoft Azure.  Microsoft is certified to the EU-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce.  In addition, Microsoft uses encryption to safeguard its customer data.  Here’s a link to Microsoft compliance:

https://www.microsoft.com/en-us/trustcenter/compliance/complianceofferings?&value=Office%20365

The CGP cloud service is enterprise-grade security with Microsoft.  Our data is protected with threat detection and management, device access management, and security dashboards to review activities.

The CGP has policies to address data loss prevention.  Specifically, those policies provide for the detection and suspension of a user account, on desktop and internet, immediately for the following:

  • Repetitive failed log-in attempts
  • Activity from suspicious IP addresses
  • Log-in attempt from unknown countries outside of US
  • Log-ins from 2 or more locations at the same time
  • Ransomware activity

The CGP onsite network is protected by Avast business firewall.  All CGP computers are installed with Avast business antivirus protection.

Announcements

The CGP may use information provided to send announcements, such as notices of events, and newsletters.  Users may opt out at any time via a process consistent with the Controlling the Assault of Non-Solicited Pornography and Marketing (CAN-SPAM) Act.

Third-Party Services

The CGP website may contain links to third party sites with their own policies that are outside our control.  These third-party sites may collect information in accordance with their private policy and are not covered by this Private Policy.

Warranty

There are no warranties provided under this policy.  The website and links are provided on an “as-is/as-available” basis.  Neither the website, nor the content, nor the services provided or associated with it, nor the links provided are subject to any express or implied warranty or condition, including, but not limited to, any warranty of merchantability, satisfactory quality, fitness for a particular purpose or use, and non-infringement.  The CGP does not guarantee that the website will be error-free or uninterrupted, or that the website or anything on it or linked to it will be available over time.

Information We Collect

Data that CGP collects is used to further the mission, programs, operations, and services of the CGP, and to provide the best experience for members and website visitors. Unless otherwise stated, the legal basis for processing all member and program data is contractual and based on your CGP membership or becoming a registered user of any of our websites.

There are two different types of data that can be collected: Personal Identifiable Information (PII) and Non- Personal Identifiable Information (Non-PII). PII is any information that can be used to distinguish or trace an individual’s identity, such as name, address, email, place of employment, or other information that is linked or linkable to an individual. Non–PII data is anonymous to the CGP and cannot be used by the CGP to distinguish or trace an individual’s identity, such as: device IDs, cookies, and IP addresses.

Information we may collect:

  • Access Data – This includes your IP address, geographical location, browser type and version, operating system, referral source, length of visit, page views and website navigation paths.
  • Third parties Data –may include your name and email address. The source of the account data may be you, your employer, or affiliated institution with whom we exchange information.
  • Profile Data – Profile data may include: your name, address, telephone number, email address, profile pictures, gender, date of birth, interests, educational details and employment details.
  • Service Data – Any data that is provided by you when using or participating in any of CGP’s services or programs.
  • Publication Data – Information that you post for publication on our websites.
  • Inquiry Data – Information contained in any inquiry users submit to CGP regarding goods and/or services
  • Transaction Data – May include contact details, credit card details and the transaction details provided by the purchase of any goods and services on our websites.
  • Notification Data – Information provided for the purpose of subscribing to our email notifications, newsletters, journals, and webinar services.
  • Correspondence Data – Data may include: the communication content and metadata associated with the communication.