All collection, use, disclosure and processing of your data, regardless of how obtained, by the YMCA of Greater Kansas City is governed by the Notice of Privacy Practices of YMCA of Greater Kansas City. Please refer to that document for additional information.
Collection and Use of Personal Information
Personal information is data that can be used to identify or contact a single person.
Here are some examples of the types of personal information YMCA of Greater Kansas City may collect and how we may use it:
What personal information we collect
- When you interact with the YMCA by creating a YMCA of Greater Kansas City Login ID, registering for a class, program or event at a YMCA of Greater Kansas City facility or program, contact us or participate in an online survey, (depending on the interaction) we may collect a variety of information, including your name, mailing address, phone number, email address, contact preferences, and credit card/banking information.
- When you share your content with family and friends using YMCA of Greater Kansas City websites, send gift certificates and programs, or invite others to participate in YMCA of Greater Kansas City services or forums, YMCA of Greater Kansas City may collect the information you provide about those people such as name, mailing address, email address, and phone number. YMCA of Greater Kansas City will use such information to fulfill your requests, provide the relevant product or service, or for anti-fraud purposes.
- In certain situations for specific programs, we may ask for a government-issued ID in limited circumstances including [when you must provide government issued ID] for the purpose of participating in government or insurance administered programs, managing reservations, or as required by law.
How we use your personal information
- The personal information we collect allows us to keep you posted on YMCA of Greater Kansas City’s latest announcements, programs, and upcoming events. If you don’t want to be on our mailing list, you can opt out anytime by updating your preferences.
- We also use personal information to help us create, develop, operate, deliver, and improve our programs, services, content and advertising, and for loss prevention and anti-fraud purposes.
- We may use your personal information, including date of birth, to verify identity, assist with identification of users, and to determine appropriate services. For example, we may use date of birth to determine the age of YMCA of Greater Kansas City ID account holders.
- From time to time, we may use your personal information to send important notices, such as communications about purchases and changes to our terms, conditions, and policies. Because this information is important to your interaction with YMCA of Greater Kansas City, you may not opt out of receiving these communications.
- We may also use personal information for internal purposes such as auditing, data analysis, and research to improve YMCA of Greater Kansas City’s programs, services, and customer communications.
- If you enter into a sweepstake, competition, swim meet, contest, or similar promotion we may use the information you provide to administer those programs.
- If the program or service you participate in is funded by a third party company, organization or grant your participation data (attendance, facility access) may be reported to the funding organization.
Collection and Use of Non-Personal Information
We also collect data in a form that does not, on its own, permit direct association with any specific individual. We may collect, use, transfer, and disclose non-personal information for any purpose. The following are some examples of non-personal information that we collect and how we may use it:
- We may collect information such as occupation, language, zip code, area code, unique device identifier, referrer URL, location, and the time zone where a YMCA of Greater Kansas City product is used so that we can better understand customer behavior and improve our programs, services, and advertising.
- We may collect and store details of how you use our services, including search queries. This information may be used to improve the relevancy of results provided by our services. Except in limited instances to ensure the quality of our services over the Internet, such information will not be associated with your IP address.
- With your explicit consent, we may collect data about how you use your device and applications in order to help app developers improve their apps.
If we do combine non-personal information with personal information the combined information will be treated as personal information for as long as it remains combined.
Cookies and Other Technologies
Ads that are delivered by YMCA of Greater Kansas City’s advertising platform may appear in YMCA of Greater Kansas City News. If you do not wish to receive ads targeted to your interests from YMCA of Greater Kansas City's advertising platform, you can choose to enable Limit Ad Tracking, which will opt your YMCA of Greater Kansas City ID out of receiving such ads regardless of what device you are using. If you enable Limit Ad Tracking on your mobile device, third-party apps cannot use the Advertising Identifier, a non-personal device identifier, to serve you targeted ads. You may still see informational messages based on context like your search query or the channel you are reading. In third-party apps, you may see informational messages based on other information.
Please note that certain features of the YMCA of Greater Kansas City website will not be available if cookies are disabled.
As is true of most internet services, we gather some information automatically and store it in log files. This information includes Internet Protocol (IP) addresses, browser type and language, Internet service provider (ISP), referring and exit websites and applications, operating system, date/time stamp, and clickstream data.
We use this information to understand and analyze trends, to administer the site, to learn about user behavior on the site, to improve our product and services, and to gather demographic information about our user base as a whole. We may use this information in our marketing, program administration and use of advertising services.
In some of our email messages, we use a “click-through URL” linked to content on our websites. When customers click one of these URLs, they pass through a separate web server before arriving at the destination page on our website. We track this click-through data to help us determine interest in particular topics and measure the effectiveness of our member and customer communications. If you prefer not to be tracked in this way, you should not click text or graphic links in the email messages.
Pixel tags enable us to send email messages in a format customers can read, and they tell us whether mail has been opened. We may use this information to reduce or eliminate messages sent to customers and members.
Disclosure to Third Parties
At times we may make certain personal information available to strategic partners that work with us to provide programs and services, or that help us market to and better serve our members and customers or allow them to participate in government or other third-party affiliated services. For example, we will share data with the YMCA of the USA to allow us to participate in the YMCA National Membership Program. If you open accounts or engage in these types of services, your account will be governed by YMCA of Greater Kansas City and you’re the third party providers’ respective privacy policies. Personal information will only be shared by us to provide or improve our programs, services and advertising and to administer programs which we cooperate with third-party providers and/or governmental agencies; it will not be shared with third parties for their marketing purposes. As described above, you may always refer to our Notice of Privacy Practices immediately following this notice for more information.
It may be necessary − by law, legal process, litigation, and/or requests from public and governmental authorities within or outside your country of residence − for YMCA of Greater Kansas City or associated operating entities to disclose your personal information. We may also disclose information about you if we determine that for purposes of law enforcement, or other issues of public importance, disclosure is necessary or appropriate.
We may also disclose information about you if we determine that disclosure is reasonably necessary to enforce our terms and conditions or protect our operations or users. Additionally, in the event of a reorganization, merger, or sale we may transfer any and all personal information we collect to the relevant third party.
Protection of Personal Information
We take the security of your personal information very seriously. Our online services which transfer your data to third-party servers protect your personal information by using encryption during transit. When your personal data is stored by us, we use computer systems with limited access housed in facilities using physical security measures. Personal information is stored and transmitted in encrypted form including when we utilize third-party storage.
When you use some YMCA of Greater Kansas City programs, services, or applications or post on a YMCA of Greater Kansas City forum, chat room, or social networking service, the personal information and content you share is visible to other users and can be read, collected, or used by them. You are responsible for the personal information you choose to share or submit in these instances. For example, if you list your name and email address in a forum posting, that information is public. Please take care when using these features.
Integrity and Retention of Personal Information
Access to Personal Information
You can help ensure that your contact information and preferences are accurate, complete, and up to date by logging in to your account. For other personal information we hold, we will provide you with access for any purpose including requesting that we correct the data if it is inaccurate or delete the data if YMCA of Greater Kansas City is not required to retain it by law or for legitimate business purposes. We may decline to process requests that are frivolous/vexatious, jeopardize the privacy of others, are extremely impractical, or for which access is not otherwise required by local law. Access, correction, or deletion requests can be made by sending a communication to Compliance@KansasCityYMCA.org.
Children and Education
We understand the importance of taking extra precautions to protect the privacy and safety of children using all YMCA programs and services. Children under the age of 13 are not permitted to create their own YMCA of Greater Kansas City user accounts.
To provide location-based services on YMCA of Greater Kansas City programs, YMCA of Greater Kansas City and our partners and licensees may collect, use, and share precise location data, including the real-time geographic location of your YMCA of Greater Kansas City computer or device. Where available, location-based services may use GPS, Bluetooth, and your IP Address, along with crowd-sourced Wi-Fi hotspot and cell tower locations, and other technologies to determine your devices’ approximate location. Unless you provide consent, this location data is collected anonymously in a form that does not personally identify you and is used by YMCA of Greater Kansas City and our partners and licensees to provide and improve location-based programs and services. For example, your device may share its geographic location with application providers when you opt in to their location services.
Third Party Sites and Services
YMCA of Greater Kansas City websites, programs, applications, and services may contain links to third-party websites, programs, and services. Our programs and services may also use or offer programs or services from third parties − for example, online registration is completed at https://apm.activecommunities.com/kansascityymca.
Information collected by third parties, which may include such things as location data or contact details, is governed by their privacy practices. We encourage you to learn about the privacy practices of those third parties.
While accessible from around the world, this website is designed and administered primarily for residents of the United States of America in conjunction with our programs in this country.
Declaration of a “Hybrid Entity”
YMCA of Greater Kansas City (“YMCA”) operates a number of programs for which it collects personally identifiable information (“PII”) about its members, employees, and volunteers. YMCA has implemented policies to describe the expectations of its Board, management, employees, contractors, and volunteers (“Workforce”) related to the privacy and security of this PII. Many of the expectations in the policies apply to all PII maintained by YMCA.
Some programs offered by the YMCA are also subject to the Health Insurance Portability and Accountability Act of 1996, as amended, and implementing regulations found at 45 C.F.R. Parts 160 and 164 (collectively “HIPAA”). YMCA also operates a Head Start program that is subject to privacy and security requirements under 45 C.F.R. 1303.20 to 1303.24. To comply with the additional requirements under HIPAA and Head Start regulations, the YMCA may implement additional policies or subsections of policies that are applicable only to the “HIPAA Programs” or the “Head Start Program.” Because of the variations in data privacy and security obligations, YMCA has designated itself a “hybrid entity.”
The following programs of YMCA are HIPAA Programs:
- Diabetes Prevention
- Blood Pressure Management
- Arthritis Management
- Childhood Obesity
- KU Medical Center Studies
- Behavioral Health
The remaining programs are subject to the general obligations for PII within the Data Privacy and Data Security policies. These programs include:
- Youth Development Programs
- Programs (Youth Sports, Aquatics, Healthy Living, Personal Training, etc.)
- Mobile Fit
For the HIPAA Programs, YMCA Workforce must treat all non-HIPAA Programs as if they were a separate legal entity. Thus, YMCA will only provide Workforce with access to PHI maintained on behalf of the HIPAA Programs if that Workforce Member performs functions related to the HIPAA Program. The HIPAA Programs may only disclose PHI to a non-HIPAA Program where disclosure would be permitted under HIPAA if the two programs were separate legal entities.
YMCA of Greater Kansas City Inc. is the Data Controller for this website and we can be contacted at:
YMCA of Greater Kansas City3100 Broadway Street, Suite 1020Kansas City, MO 64111 USA816.561.9622
Notice of Privacy Practices
THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND SHARED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW IT CAREFULLY.
If you have questions about this notice or want more information, please contact our Privacy Officer at Compliance@KansasCityYMCA.org. The effective date of this notice is November 7, 2017.
The YMCA of Greater Kansas City operates a number of health care programs that involve provision of health care services and collection of medical information. This Notice of Privacy Practices describes how we use and disclose the information gathered by these programs. For a full listing of the health care programs subject to this notice, please see the list following this document. For information regarding how we use and disclose personally identifiable information that is collected in our other programs, please see our Privacy Notice listed above.
The type of information we collect will vary based on the health care program with which you participate and may include, but is not limited to, demographic information (e.g. address, phone, email, date of birth, etc.); payment information (e.g. insurance coverage, credit card number, etc.); and medical information (e.g. diagnoses, medications, etc.). We may use and share the information we collect about you in the ways described below.
We may change the terms of this Notice and the revised Notice will apply to all health information in our possession. If we change this Notice, a copy of the new Notice will be posted on our website and a copy may be requested from our Privacy Officer.
For certain health information, you can tell us your choices about what we share. If you have a clear preference for how we share your information in the situations described below, talk to us. Tell us what you want us to do, and we will follow your instructions. You have the choice to tell us to:
Share information with your family, close friends, or others involved in your care to the extent the information is relevant to their involvement.
Share information with public or private agencies for disaster relief purposes.
If you are not able to tell us your preference, for example, if you are unconscious, we may go ahead and share your information if we believe it is in your best interest.
In other cases, we will not share your information unless you give us written permission. These cases include:
- Psychotherapy Notes. We will not use or share your psychotherapy notes without a written authorization except as specifically permitted by law.
- Marketing. We will not use or share your information for marketing purposes, other than face-to-face communications with you or promotional gifts of nominal value, without your written authorization.
- Sale of Information. We will not sell your information without your written authorization, including notification of the payment we will receive.
- You have the right to request that we limit how information about you is used and shared. We are not required to agree to your request unless you pay for a service in full and ask us not to share that information with your insurer.
- You have the right to request communications with you be made at an alternative address or phone number.
- You have the right to inspect and copy certain information that we maintain regarding the services provided to you.
- If you believe the information we have about you is incorrect or incomplete you may request that we correct your information.
- You have the right to receive a list of those with whom we have shared your information. This list will not include certain situations such as when we share your information for treatment, payment, or healthcare operations.
- You have the right to request a paper copy of this Notice.
- When you have given us permission in writing to use or share your information, you have the right to change your mind at any time. Let us know in writing if you change your mind.
- You have the right to file a complaint. If you believe your privacy rights have been violated you may contact our Privacy Officer at email@example.com or YMCA of Greater Kansas City, ATT: Privacy Officer, 3100 Broadway, Suite 1020, Kansas City, MO 64111, or the Office for Civil Rights. You will not be penalized for filing a complaint.
- We are required by law to maintain the privacy of your information.
- We may only use or share your information as permitted by law.
- We are required to notify you if there is a breach that affects the privacy or security of your information.
- We are required to follow the terms of the current Notice and give you a copy of it.
When We May Share Your Information
There are a number of ways that we may use or share your information. For each of the categories listed below, we may use your information or may contract with a third party to use your information. In some situations, we are allowed to share your information with unrelated persons, organizations or government agencies. We must meet specific conditions in the law before we can share your information for these purposes.
We may use or share your information to:
- Provide You Services. We may use and share your information to provide you with services. Your information may be shared with hospitals and other healthcare professionals providing care to you. For example, we may coordinate your care with your primary care physician or an in-home care professional who provides services to you.
- Bill for Our Services. We may use and share your information to receive payment for the services and treatment provided to you. We use your information to create a bill and share your information when we send the bill to your insurance company, you, or a third party. We may tell your health plan about a treatment you are going to receive to get approval for payment or to determine whether your health plan will cover the treatment.
- Run Our Organization. We may use and share your information to run our organization, improve your care, and contact you when necessary. For example, we may use your information to monitor the quality of the services that we provide to you or to remind you of upcoming appointments.
- Provide Treatment Alternatives. We may provide you with information about treatment alternatives, services we provide, and other health related benefits and services that may benefit you.
- Participate in Organized Healthcare Arrangements. We may affiliate with other healthcare providers or payers to participate in joint activities related to quality of care, utilization of services, or payment activities affecting the communities we serve and may share your information for these purposes. For more information regarding the organized health care arrangements with which we participate, go to KansasCityYMCA.org.
- Comply with the Law. We share information as required by law.
- Help with Public Health. We may share information to health agencies as necessary to prevent or control the spread of disease, help with product recalls, and maintain the safety of our community.
- Prevent a Serious Threat to Health or Safety. We may share information about you to law enforcement or an identified victim to prevent a serious threat to your health or safety or the health or safety of another individual or the public.
- Fundraising. We may use your information to contact you regarding our fundraising efforts. You have a right to opt out of these communications.
- Satisfy Other Specific Requirements or Requests. There are other situations in which we may be required or permitted to share your information. These situations include disclosures to researchers for approved research; to government agencies and boards as necessary for investigations, audits, licensing and compliance; to respond to a court order or subpoena in a judicial or administrative proceeding; in response to law enforcement activity such as a warrant or summons; for organ procurement or coroner functions; for workers’ compensation claims; for specialized government functions such as military or national security; or to a correctional institution if you are an inmate. More information regarding these situations is available to you at www.hhs.gov/ocr/privacy/hipaa/understanding/consumers/index.html.
If Missouri law provides additional protections to your information, we will comply with the additional requirements under Missouri law prior to using or disclosing your information.