Privacy Policy

Last updated November 15, 2022

Welcome to Michigan Victim Advocacy Network (MiVAN). MiVAN is a project of the Division of Victim Services, a subdivision of the Michigan Department of Health and Human Services.

What data is collected:

When you register for MiVAN.org, we ask you for your first and last name, email address, work telephone number, agency, agency county, your role within your agency, the type of victimization your agency serves, whether you receive funding from the State of Michigan, and whether you are a manager or supervisor, executive director or CEO, or sexual assault grantee. If you identify yourself as an employee of the Division of Victim Services, we also collect that information.

Members may elect to provide social media information with MiVAN.org to gain access to private social media accounts operated by MiVAN. URL information about social media accounts is also collected.

We also monitor user enrollment and completion in courses and lessons created by Michigan Victim Advocacy Network and/or the Division of Victim Services on our online learning system, and related quizzes, certificates, transcripts, and surveys.

Through a third-party service, Google Analytics, we also collect information about how the website is used. Things we look for include: website traffic (what times of day you use our site, and where you find us online), popularity of pages (which pages you visit most, and for how long), and website activity (tracking the flow from page to page as you navigate the site).

How data is being collected

Data is collected through the information you enter into our website’s registration form, contact request form, and any other forms. Data is also collected via the website through our learning management system based on your engagement with courses, lessons, and relevant content.

Data is also collected via Google Analytics. More about Google Analytics can be found in “Third-Parties and Cookies.”

What we are doing with the data

The information we collect is used for several purposes.

1) The information we collect on the registration form helps us know who you are, which in turn helps us develop information, training, and share resources that will be most relevant to you. It also helps us know which groups you belong to based on the type of advocacy you practice, your role within your organization, and whether or not you are a sexual assault grantee, so that if/when specific information becomes available, we can streamline its delivery to you. Finally, the email address you provide will be used to contact you via email, sometimes through our third-party email client, Mailchimp.

2) The information we collect from the contact form (as well as our response and the dates of all correspondence) is used to understand the needs of our current users as regards technical assistance and training and technological support.

3) The information from our learning management system is used to identify who, when, and how many people are taking particular lessons and courses, and relevant information is shared with the Division of Victim Services on a quarterly basis. We may also share your learning management system data with your employer, upon your employer’s request. We also reserve the right to share users’ anonymized survey feedback (e.g. your thoughts and experiences taking MiVAN trainings) with stakeholders and in our marketing and promotions.

4) In general, information such as agency, agency county, and agency role, are used to create reports to give us an understanding of who we serve so that we can better meet users’ needs. All information can and may be used to evaluate the efficacy of our programs, and improve the products that we present to you, including sharing the data with our partners.

5) Social media URL data, which is only collected when you update your profile information to include it, is only used to verify you when and if you choose to join us on Facebook. These private accounts require a verification, and your URL settings stored to your user profile allows us to cross reference your request to join us on Facebook. You can learn more about Facebook’s privacy policy on their website: Facebook.

6) Personal information that you provide when you register (first and last name, email address, work telephone number, agency, agency county, your role within your agency, the type of victimization your agency serves) is used to create your listing on MiVAN’s private, members-only advocate directory. The advocate directory can be used by any registered user of MiVAN.org to search for other registered users based on a variety of categories. Inclusion in the directory is not automatic upon registration. Users may select to opt-in to the advocate directory using their personal profile settings. Users may also select how much information is made available on the advocate directory listing by using their personal profile settings.

Third-Parties and Cookies

MiVAN employs the use of cookies on our website. These are necessary cookies, without which the site won’t work properly or be able to provide certain features and functionalities. Some of these may be manually disabled in your browser but may affect the functionality of the site.

MiVAN uses the third-party service, Google Analytics to help us understand activity on our website. Google Analytics uses cookies and other sources to collect data. We use Google Analytics to monitor activity on our website like traffic (what times of day you use our site, and where you find us online), popularity of pages (which pages you read most, and for how long), and website activity (tracking the flow from page to page as you navigate the site) to improve our content. You can read more about Google Analytics’ cookie policy here.

You can choose to have your computer warn you each time a cookie is being sent, or you can choose to turn off all cookies. You do this through your browser settings. Each browser is a little different, so look at your browser’s Help menu to learn the correct way to modify your cookies.

If you disable cookies, some features will be disabled that make your site experience more efficient and some services will not function properly.

MiVAN also employs the services of Mailchimp to communicate via email with registered users. Read more about Mailchimp’s privacy policy.

Information Disclosure

Information we collect is shared with the Division of Victim Services, a subdivision of the Michigan Department of Health and Human Services.

Your information is never disclosed to other users without your consent. Your information is never used to advertise to you, or to assist anyone else in advertising to you.

In the event we are legally required to share user information, we will honor such requests.

How you can control your data

You may opt-out of email communications. You may opt-out of providing non-required information in the registration form and on the MiVAN user profile. You may opt-out of having your information listed on the membership directory.

You may also contact us directly for support related to controlling your personal data.

How we store the data and keep it safe

Our contact form uses form encryption to protect your data. We do not use vulnerability scanning, malware scanning, or run an SSL certificate because we do not collect sensitive user data such as credit card information.

Your data is stored confidentially on our website and is backed up to a remote server managed by Addis Enterprises (908 E Mt Hope Ave, Lansing, MI 48910). Our website’s administrative team regularly updates our passwords to ensure the website remains secure, a tool which works in tandem with built-in security features to prevent hacks, bots, or other unwanted interference.

Your data is stored indefinitely. If you are no longer interested in remaining a user of the Michigan Victim Advocacy Network, for example, if you have changed careers, and would like for us to erase your user data from the website and all future reports, please feel free to contact us directly at admin@mivan.org with the subject “remove from MiVAN.org.”

Further contact information can be found below:

Michigan Victim Advocacy Network (MiVAN)

Mailing address:

Michigan Victim Advocacy Network

Psychology Building

316 Physics Road, #139B

East Lansing, MI 48824

www.Mivan.org

Contact admin@mivan.org for direct inquiries.

California Online Privacy Protection Act

CalOPPA is the first state law in the nation to require commercial websites and online services to post a privacy policy. The law’s reach stretches well beyond California to require a person or company in the United States (and conceivably the world) that operates websites collecting personally identifiable information from California consumers to post a conspicuous privacy policy on its website stating exactly the information being collected and those individuals with whom it is being shared, and to comply with this policy. See more at consumercal.org.

According to CalOPPA we agree to the following:

  1. Users can visit our site anonymously
  2. Once this privacy policy is created, we will add a link to it on our home page, or as a minimum on the first significant page after entering our website.
  3. Our Privacy Policy link includes the word ‘Privacy’, and can be easily be found on the page specified above.

Users will be notified of any privacy policy changes:

  • On our Privacy Policy Page

Users are able to change their personal information:

  • By emailing us or by updating their profile information

How does our site handle do not track signals?

We honor do not track signals and do not track, plant cookies, or use advertising when a Do Not Track (DNT) browser mechanism is in place. Google Analytics may have different policies as regards DNT practices.

Does our site allow third-party behavioral tracking?

Apart from our use of third-party service Google Analytics, we do not allow third-party behavioral tracking. When we send emails via Mailchimp, although it is not considered behavioral tracking, we do look at who opens our emails and who clicks on the links in each email.

COPPA (Children Online Privacy Protection Act)

When it comes to the collection of personal information from children under 13, the Children’s Online Privacy Protection Act (COPPA) puts parents in control. The Federal Trade Commission, the nation’s consumer protection agency, enforces the COPPA Rule, which spells out what operators of websites and online services must do to protect children’s privacy and safety online.

We do not specifically market to children under 13.

Fair Information Practices

The Fair Information Practices Principles form the backbone of privacy law in the United States and the concepts they include have played a significant role in the development of data protection laws around the globe. Understanding the Fair Information Practice Principles and how they should be implemented is critical to comply with the various privacy laws that protect personal information.

In order to be in line with Fair Information Practices we will take the following responsive action, should a data breach occur:

We will notify the users via email

  • Within 7 business days

We also agree to the individual redress principle, which requires that individuals have a right to pursue legally enforceable rights against data collectors and processors who fail to adhere to the law. This principle requires not only that individuals have enforceable rights against data users, but also that individuals have recourse to courts or a government agency to investigate and/or prosecute non-compliance by data processors.

CAN SPAM Act

The CAN-SPAM Act is a law that sets the rules for commercial email, establishes requirements for commercial messages, gives recipients the right to have emails stopped from being sent to them, and spells out tough penalties for violations.

We collect your email address in order to:

  • Send information, respond to inquiries, and/or other requests or questions.

To be in accordance with CANSPAM we agree to the following:

  • NOT use false, or misleading subjects or email addresses
  • Identify the message as an advertisement in some reasonable way
  • Include the physical address of our business or site headquarters
  • Monitor third-party email marketing services for compliance, if one is used.
  • Honor opt-out/unsubscribe requests quickly
  • Allow users to unsubscribe by using the link at the bottom of each email

If at any time you would like to unsubscribe from receiving future emails, you can:

  • Follow the instructions at the bottom of each email and we will promptly remove you from ALL correspondence