Privacy Statement (CA)

This privacy statement was last changed on September 2, 2021, last checked on September 2, 2021, and applies to citizens and legal permanent residents of Canada.

In this privacy statement, we explain what we do with the data we obtain about you via We recommend you carefully read this statement. In our processing we comply with the requirements of privacy legislation. That means, among other things, that:

  • we clearly state the purposes for which we process personal data. We do this by means of this privacy statement;
  • we aim to limit our collection of personal data to only the personal data required for legitimate purposes;
  • we first request your explicit consent to process your personal data in cases requiring your consent;
  • we take appropriate security measures to protect your personal data and also require this from parties that process personal data on our behalf;
  • we respect your right to access your personal data or have it corrected or deleted, at your request.

If you have any questions, or want to know exactly what data we keep of you, please contact us.

1. Purpose and categories of data

We may collect or receive personal information for a number of purposes connected with our business operations which may include the following: (click to expand) 

2. Sharing with other parties

We only share or disclose this data to other recipients for the following purposes:

Purpose of the data transfer: process payments
Country or state in which this service provider is located: United States

Purpose of the data transfer: process payments
Country or state in which this service provider is located: United States

Purpose of the data transfer: 
Country or state in which this service provider is located: 

3. Disclosure practices

We disclose personal information if we are required by law or by a court order, in response to a law enforcement agency, to the extent permitted under other provisions of law, to provide information, or for an investigation on a matter related to public safety.

4. How we respond to Do Not Track signals & Global Privacy Control

Our website does not respond to and does not support the Do Not Track (DNT) header request field.

5. Cookies

Our website uses cookies. For more information about cookies, please refer to our Cookie Policy on our Cookie Policy (CA) webpage.  

6. Security

We are committed to the security of personal data. We take appropriate security measures to limit abuse of and unauthorized access to personal data. This ensures that only the necessary persons have access to your data, that access to the data is protected, and that our security measures are regularly reviewed. 

7. Third party websites

This privacy statement does not apply to third party websites connected by links on our website. We cannot guarantee that these third parties handle your personal data in a reliable or secure manner. We recommend you read the privacy statements of these websites prior to making use of these websites. 

8. Amendments to this privacy statement

We reserve the right to make amendments to this privacy statement. It is recommended that you consult this privacy statement regularly in order to be aware of any changes. In addition, we will actively inform you wherever possible. 

9. Accessing and modifying your data

If you have any questions or want to know which personal data we have about you, please contact us. Please make sure to always clearly state who you are, so that we can be certain that we do not modify or delete any data of the wrong person. We shall provide the requested information only upon receipt of a verifiable consumer request. You can contact us by using the information below.

9.1 You have the following rights with respect to your personal data

  1. You may submit a request for access to the data we process about you.
  2. You may request an overview, in a commonly used format, of the data we process about you.
  3. You may request correction or deletion of the data if it is incorrect or not or no longer relevant. Where appropriate, the amended information shall be transmitted to third parties having access to the information in question.
  4. You have the right to withdraw consent at any time, subject to legal or contractual restrictions and reasonable notice. You will be informed of the implications of such withdrawal.
  5. You have the right to address a challenge concerning non-compliance with PIPEDA to our organization and, if the issue is not resolved, to the Office of the Privacy Commissioner of Canada.
  6. We shall give access to personal information in an alternative format to an individual with a sensory disability who has a right of access to personal information under PIPEDA and who requests that it be transmitted in the alternative format if (a) a version of the information already exists in that format; or (b) its conversion into that format is reasonable and necessary in order for the individual to be able to exercise rights.

10. Children

Our website is not designed to attract children and it is not our intent to collect personal data from children under the age of consent in their country of residence. We therefore request that children under the age of consent do not submit any personal data to us.

11. Contact details

Women’s Caucus for Art
PO Box 1498
Canal St Station
New York, NY 10013
United States

Phone number: 212-634-0007

We have appointed a contact person for the organization’s policies and practices and to whom complaints or inquiries can be forwarded:
Karin Luner, Director of Operations
Women’s Caucus for Art
640 Bartholomew Road–Rm 122A
Piscataway, NJ 08854  



Who we are

The Women’s Caucus for Art (WCA) is a Non-Profit Membership Organization for Women in the Visual Arts with 21 Chapters in the United States. Our mission is to facilitate networking and communication among our members, and our Membership Database is our networking platform. On our application form members supply the information they want to share with others.

Our website address is: We are a tax-exempt nonprofit. Our EIN # 51-0162358

What personal data we collect and why we collect it

We only collect your personally identifiable information—which is information that directly identifies you, such as your name, street address, phone, email address, and other questions on our application form when you knowingly provide it to us. We may gather such information during the following interactions:
  • When you become a member of WCA
  • When you renew your membership or rejoin WCA
  • When you register for a conference, gala, exhibition, or related WCA event
  • When you participate in a WCA survey, whether on the Sites, in person, or offline.
  • When you use your membership ID and password to access WCA’s Online Database to network with other WCA members
  • When you make a contribution to WCA.

Use of Your Personal Data

Your personal data is processed by the Women’s Caucus for Art (WCA) under the GDPR principle of legitimate business interest. If you engage in business transactions with us, such as a membership purchase or attending a conference, or participate in an exhibition, you may receive occasional follow-up communications via mail or email, even if you have not given explicit permission for this. You always have the right to opt out of these communications. WCA uses many third-parties to provide services to our members, donors, and customers. (e.g. Mailchimp, Stripe, Paypal, as well as numerous WP plugins to facilitate communications and information, as well newsletter mailings.)

Purpose and scope of notice

This Privacy Notice (“Notice”) is intended to explain how your personal information will be handled by the Women’s Caucus for Art (“WCA” “we”, “our” and “us”) and sets out the information including the personal information detailed below relating to you (“Personal Data”) that will be collected and processed by WCA and/or in the context of your engagement with (the “Website”) and the membership platform and services provided thereon. WCA provides a membership database and event management to its members and customers that facilitates administration and organization of these events (Exhibitions, Conferences, Galas, etc) plus the promotion of the events to, and the purchase of tickets to these events by, potential and actual attendees (“Attendees”). In certain circumstances, WCA Event Organizers may be the controller of certain Attendees’ Personal Data. Attendees who are a customer of, or otherwise interact through WCA with, any of our Event Organizers are asked to also read Section 8 of this Privacy Notice. For the purposes of this Notice, the controller of your Personal Data is WCA. If you have any questions or concerns about this Notice, please contact our President, Laura Morrison who can be contacted at

Application of this notice

IMPORTANT: Please note that this Notice, while intended to be as complete and accurate as reasonably possible, is not exhaustive and may be updated from time to time in accordance. This Notice applies to the way we collect and process your Personal Data. Personal Data will be collected and processed during the course of our relationship with you and for a period afterward as may be required by applicable law. During the course of your dealings with us, we will collect Personal Data:
    • from you: for example, when you communicate with us, sign-up to the WCA as a Member, work with us or supply us with services, when you supply Personal Data via our Website or through WCA, submit an enquiry or request support or when you subscribe to or express an interest in any of our newsletters or mailing lists; and
    • from Event Organizers or other third-party sources: for example, when you are an attendee who expresses an interest in or purchases a ticket to an event promoted by WCA or an Event Organizer under WCA’s umbrella, through software platforms we use for business processes, statutory and regulatory authorities, third party service providers and occasionally some additional sources.
What personal data we process We may collect and process the following Personal Data; this includes information such as your name, email address, company, phone number and your password, as well as your professional area, or related professional preferences This includes any other information which is provided to us by you or on your behalf. Why we process your personal data It is necessary to process this Personal Data to enter into and perform our contract with you in relation to:
    • your use of the WCA’s membership platform or as an Event Organizer; and
    • your use of the Website and being able to connect to other WCA members
If you do not wish to provide us with your Personal Data for these purposes, we will not be able to enter into or perform our contract(s) with you and you will not be able to avail of WCA’s networking possibilities;
    • To provide you with access to the Website and to allow you to use the online database.
    • To determine, perform and execute the terms on which you will engage with us as an Event Organizer;
    • to process your payments, through our third-party payment providers; and
    • to contact you in relation to any aspect of your membership;
    • To create your account for you to use on the Website;
    • to process your actions through this account; and
    • to otherwise manage and administer your account.
It is also necessary for the purposes of our legitimate interests to process your Personal Data to respond to any queries or requests submitted by you to us. Before we process your Personal Data to pursue our legitimate interests for these purposes, we determine if such processing is necessary and we carefully consider the impact of our processing activities on your fundamental rights and freedoms. On balance, we have determined that such processing is necessary for our legitimate interests and that the processing which we conduct does not adversely impact on these rights and freedoms.
    • to monitor metrics such as total number of visitors, traffic data and demographic patterns on our Website; and
    • to ensure the content on the Website is presented in the most effective manner for you and your device.
    • To process and respond to any queries or requests you submit to us whether through the Website, by emailing us or otherwise; and
    • to seek your views on the Website and our services.
    • To send you a personal introduction email when you first sign up;
    • to keep you updated with our news; and
    • to send you promotional and marketing material which we believe would be of use or interest to you.
Disclosure of your personal data WCA does not collect your Personal Data to sell to third parties or other service providers; we are a membership organization which promotes networking among its members. WCA and its members are committed to respect each other’s rights. Members who use WCA data in an unauthorized manner will have their membership revoked. Other recipients If such disclosure is necessary, we will share your Personal Data with external advisors such as our lawyers, accountants and auditors, (e.g. donations over $5,000 have to be reported on the 990 Form to the IRS, including your name and address) WCA transfers of your personal data We store and process your Personal Data on servers located in the US. Unfortunately, the transmission of information via the internet is not completely secure. Although we will always do our best to protect your Personal Data, we cannot guarantee the security of any information you transmit to us. Any transmission is at your own risk. Once we have received your information, we use strictly maintained physical, electronic and procedural safeguards to prevent unauthorized access. We do not store or process any of your card or payment information. All payment information is processed by our trusted third-party payment providers. Retention of your personal data In general, we expect to keep your Personal Data for as long as you are a WCA Member plus a period of up to 7 years thereafter. How we store and safeguard your personal data We care about protecting your information. We are committed to taking reasonable and appropriate steps to protect the Personal Data that we hold from misuse, loss, or unauthorized access. Members who use WCA data in an unauthorized manner will have their membership revoked. Your rights and how to exercise them You have a number of rights in relation to your Personal Data, which are set out in this Section 9. Note that in certain circumstances these rights might not be absolute. Right to be Informed You have the right to know whether your Personal Data is being processed by us, how we use your Personal Data and your rights in relation to your Personal Data. Right of Access You have the right to request a copy of the Personal Data held by us about you and to access the information which we hold about you. Right to Rectification You have the right to have any inaccurate Personal Data which we hold about you updated or corrected. Right to Restriction of Processing You have the right to ask us to restrict processing your Personal Data in certain cases, including if you believe that the Personal Data we hold about you is inaccurate or that our use of your Personal Data is unlawful. If you validly exercise this right, we will store your Personal Data and will not carry out any other processing on it until the issue is resolved. Consumers of our event organizers WCA provides event management such as Conference or Exhibition participation through which Event Organizers reach out to, communicate with, and sell to Attendees. Whenever WCA processes an Attendee’s Personal Data on its behalf or of an Event Organizer, we are acting as a processor, and we therefore conduct such activities strictly in accordance with the instructions of that Event Organizer and pursuant to the contractual arrangements in place with them. If you are an Attendee with an existing relationship with one of our Event Organizers, you should refer to the Event Organizer’s website or any terms provided by that Event Organizer to understand their privacy practices and policies. Where you, as an Attendee, would like to exercise your rights in relation to your Personal Data over which the Event Organizer is the controller, you should contact the Event Organizer with such requests. We will cooperate as appropriate with requests from our Event Organizers to assist with such requests. Changes to this notice and questions We may amend this Notice on occasion, in whole or in part, at our sole discretion. Any changes will be effective immediately upon communicating the revised Notice to you. If at any time we decide to use your Personal Data in a manner significantly different from that stated in this Notice, or otherwise disclosed to you at the time it was collected, we will notify you by e-mail, and you will have a choice as to whether or not we use your Personal Data in the new manner. If you have any questions, comments or concerns about the way your Personal Data are being used or processed by WCA, please submit your question, comment or concern in writing to our office at


When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection. An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: After approval of your comment, your profile picture is visible to the public in the context of your comment.


If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.


If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year. If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser. When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed. If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.
Marketing Page WCA’s does not use Google Analytics. Cookies are used solely for the login into the Membership database to link your email to the account. Stripe Cookies If a WCA customer is using Stripe, then Stripe sets a cookie on initial page load. These cookies are set by Stripe and are used by Stripe’s fraud detection software to assist in ensuring that only safe and legitimate transactions are allowed through their payment system. 

Embedded content from other websites

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website. These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.


WCA’s does not use Google Analytics or any other marketing software to track our web visitors.

By default WordPress does not collect any analytics data. However, many web hosting accounts collect some anonymous analytics data.

Who we share your data with

We use Paypal and Stripe to process our membership fees or handle ticket purchases.

If you request a password reset, your IP address will be included in the reset email.

How long we retain your data

If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue. For users that register on our website, we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time. Website administrators can also see and edit that information.

What rights you have over your data

If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.

Who Should You Contact with Questions?

If you have questions or concerns regarding this Privacy Policy, contact us at

Paid Memberships Pro

Data Collected to Manage Your Membership

At checkout, we will collect your name, email address, username, and password. This information is used to setup your account for our site. If you are redirected to an offsite payment gateway to complete your payment, we may store this information in a temporary session variable to setup your account when you return to our site. At checkout, we may also collect your billing address and phone number. This information is used to confirm your credit card. The billing address and phone number are saved by our site to prepopulate the checkout form for future purchases and so we can get in touch with you if needed to discuss your order. At checkout, we may also collect your credit card number, expiration date, and security code. This information is passed to our payment gateway to process your purchase. The last 4 digits of your credit card number and the expiration date are saved by our site to use for reference and to send you an email if your credit card will expire before the next recurring payment. When logged in, we use cookies to track some of your activity on our site including logins, visits, and page views.


This sample language includes the basics around what personal data your store may be collecting, storing and sharing, as well as who may have access to that data. Depending on what settings are enabled and which additional plugins are used, the specific information shared by your store will vary. We recommend consulting with a lawyer when deciding what information to disclose on your privacy policy.

We collect information about you during the checkout process on our store.

What we collect and store

While you visit our site, we’ll track:
  • Products you’ve viewed: we’ll use this to, for example, show you products you’ve recently viewed
  • Location, IP address and browser type: we’ll use this for purposes like estimating taxes and shipping
  • Home address: we’ll ask you to enter this so we can, for instance, estimate shipping before you place an order, and send you the order!
When you purchase from us, we’ll ask you to provide information including your name, billing address, shipping address, email address, phone number, credit card/payment details and optional account information like username and password. We’ll use this information for purposes, such as, to:
  • Send you information about your account and order
  • Respond to your requests, including refunds and complaints
  • Process payments and prevent fraud
  • Set up your account for our store
  • Comply with any legal obligations we have, such as calculating taxes
  • Improve our store offerings
  • Send you marketing messages, if you choose to receive them
If you create an account, we will store your name, address, email and phone number, which will be used to populate the checkout for future orders. We generally store information about you for as long as we need the information for the purposes for which we collect and use it, and we are not legally required to continue to keep it. For example, we will store order information for 3 years for tax and accounting purposes. This includes your name, email address and billing and shipping addresses. We will also store comments or reviews, if you choose to leave them.

Who on our team has access

Members of our team have access to the information you provide us. For example, both Administrators and Shop Managers can access:
  • Order information like what was purchased, when it was purchased and where it should be sent, and
  • Customer information like your name, email address, and billing and shipping information.
Our team members have access to this information to help fulfill orders, process refunds and support you.


We accept payments through PayPal. When processing payments, some of your data will be passed to PayPal, including information required to process or support the payment, such as the purchase total and billing information. Please see the PayPal Privacy Policy for more details.

Really Simple SSL

Really Simple SSL and Really Simple SSL add-ons do not process any personal identifiable information, so the GDPR does not apply to these plugins or usage of these plugins on your website. You can find our privacy policy here.

PayPal Checkout

By using this extension, you may be storing personal data or sharing data with an external service. Learn more about how this works, including what you may want to include in your privacy policy.


By using this extension, you may be storing personal data or sharing data with an external service. Learn more about how this works, including what you may want to include in your privacy policy.

WP Smush

Plugin: Smush

Note: Smush does not interact with end users on your website. The only input option Smush has is to a newsletter subscription for site admins only. If you would like to notify your users of this in your privacy policy, you can use the information below. Smush sends images to the WPMU DEV servers to optimize them for web use. This includes the transfer of EXIF data. The EXIF data will either be stripped or returned as it is. It is not stored on the WPMU DEV servers. Smush uses the Stackpath Content Delivery Network (CDN). Stackpath may store web log information of site visitors, including IPs, UA, referrer, Location and ISP info of site visitors for 7 days. Files and images served by the CDN may be stored and served from countries other than your own. Stackpath’s privacy policy can be found here.


Third parties

Hummingbird uses the Stackpath Content Delivery Network (CDN). Stackpath may store web log information of site visitors, including IPs, UA, referrer, Location and ISP info of site visitors for 7 days. Files and images served by the CDN may be stored and served from countries other than your own. Stackpath’s privacy policy can be found here.