Privacy Policy

Last Updated: May 2023

The Museum of Science Fiction knows the importance of treating your information with confidence and accordingly, we are committed to caring for your information.

This Privacy Policy discloses how the Museum of Science Fiction (“Museum” or “we”) collects, uses, and shares data that we gather related to your interaction with this website (the "Site") and other Museum applications, websites and services, including the Virtual Reality Museum (together, the "Services"). The Services do not include websites, mobile applications, or other services that link to another privacy policy. This Privacy Policy also describes the choices you have regarding our use of your data and your ability to access, correct, or delete your data. By using the Services, you accept the terms of this Privacy Policy and agree to the data collection, use, and sharing described in this policy. We may seek your consent by other means such as by asking you to click on a button or to change a setting. Where we do so, we will also offer you a way to revoke your consent.

This Privacy Policy does not cover the practices of vendors outside of our Services as we do not control vendors’ technologies. The Museum utilizes Steam to host the Virtual Reality Museum (“VR Museum”), and Steam’s privacy practices and any available opt-outs are available on its website.

Information we collect.

In order to operate the Services and to maximize your enjoyment of the Museum, we may collect and use information, some of which may be considered personal data.

We may collect different types of information based on your use of the Site or the Services. For example, we may utilize Cookies (defined below) if you visit the Site but may not if you visit the VR Museum. Please note that you may choose not to provide us with certain information; by doing so, however, you may not be able to receive the full range of Services from us.

We collect information in the following ways:

User-Provided Information. We may collect your information, for example, when you complete a transaction or through another voluntary method. You may voluntarily provide us with information by sending emails (i.e., a suggestion for the site or a general inquiry), completing membership forms, registering for classes, events, or other programs, responding to surveys or ordering merchandise. We may also request information related to your prior affiliation with other museums or similar organizations. The Museum asks that you do not provide information that may be regarded as sensitive personal data.

Shopping. We also collect data offered by you which is reasonably necessary to complete an order. When you place an order, we’ll ask for personal information, like your name, email address, telephone number or credit card number (or if you choose an alternative payment options such as an electronic check, PayPal or similar method).

Voice Features.  You can engage with the VR Museum and use certain of its features with voice commands. With this feature, your voice commands will be transmitted to us and your voice commands will be converted into text to provide the voice recognition features. The Museum may collect and retain anonymized text of voice commands so that we can evaluate and improve the features.

Automatic Information.  We also receive data from the device (i.e. mobile phone or computer) you use to access the site:  

  • Information Sent. This may include your IP address and other data such as the domain you used to access the Internet (i.e. aol.com if using an AOL account), the type (including identifiers) of browser or operating system you use, date and time you use the site. It may also include information about how you interact with the Museum, such as pages or files you visit or the site you used to link Museum.

  • Cookies. Cookies are small files of information that are stored on your computer's hard drive by your Web browser. The cookies we use do not contain any personal data. Most Web browsers automatically accept cookies, but you can change the preferences of your browser so that it does not accept them.

  • Third Party Cookies. Where legally permissible, some cookie information is also shared with a third-party, Google Analytics, to measure and analyze relevant data, in order to improve the site. Data is retained only in anonymized aggregate form. Moreover, information is only kept for the duration necessary for the purposes mentioned in this policy.

  • Opting-Out of Cookies. You can disable cookies by adjusting the settings on most web browsers. However, if you choose to set your browser to reject cookies, for technical reasons, this may adversely affect the functionality of any website you visit. On museumofsciencefiction.org you will still have access to most of the site, but some of the shopping or interactive site functions may be disabled. You may also opt-out of Google Analytics using the Google Analytics Opt-out Browser Add-on.

  • You may also opt out of future information collection by ceasing use of the Services.

How we use collected information.

We use the information we collect only to provide, maintain, protect and improve our services. We may keep a record of your interaction with Museum of Science Fiction to resolve future concerns. This information can help when responding to your inquiry or to inform you of museum activities, membership, development opportunities or products that may interest you. Any follow-up e-mail we send, will explain how to opt-out of future communications, if you so choose. Any questions relating to opt-in or opt-out choices, please contact our webmaster at info@museumofsciencefiction.org.

We will ask for your consent before using data for any purpose other than those listed here.

Affiliate Uses.

Some subdivisions of the Museum of Science Fiction on occasion, rent or exchange select member name and address information with other similar well-established charitable, or cultural non-profit organizations that we partner with. You will have the opportunity to opt-out of any such sharing.

The user may have opportunities to opt-in to receive information from sites owned by non-Museum of Science Fiction entities.  You must explicitly consent to receive such information.

Our site contains links to non-Museum of Science Fiction sites. When you use these links, you will no longer be subject to our privacy policies, and it is important to review the privacy policy of the non-Museum site. Although we usually screen any organization with whom we associate, privacy policies change all the time. We cannot be responsible for the practices or content of such sites, nor is a link indicative of any endorsement by the Museum of Science Fiction. 

Additional Third Party Uses.

We use outside vendors to provide specific services on our behalf, such as companies who conduct customer satisfaction surveys or who process credit card transactions. These third-party vendors will have access to the information needed to perform their functions, but may not contractually use your information for any other purpose.

Others.

It may be necessary by law, legal process, litigation, or requests from public and governmental authorities (some may be located outside of the United States) for the museum to disclose your information. We may also disclose your data if it is reasonably necessary for the purpose of national security, law enforcement, other issues of public importance, disclosure is necessary or proper.

We may also disclose your information if we determine that disclosure is reasonably necessary to enforce our terms of use or protect our internal functions or users. Disclosure may also be required for a museum employee to carry out their duties.

Retention Period.

We will retain your information for as long as needed to provide and develop the Services. We will also retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements. We may retain anonymized information that no longer identifies you indefinitely.

Security.

The Museum of Science Fiction is committed to ensuring that its IT systems, applications and infrastructure are secured. The Museum of Science Fiction requires credit card processing be secured based on compliance to Payment Card Industry (PCI) standards. When you use your credit card for any purchase at the Museum of Science Fiction’s network of sites, that transaction is always encrypted when traveling over the Internet.

Unauthorized access and/or unauthorized attempts to change information on this website are strictly prohibited and punishable under the Computer Fraud and Abuse Act of 1986 and the National Information Infrastructure Protection Act.

Financial Information.

Financial Information is personally identifiable information you provide that may include dollar amounts relating to museum purchases, a credit/debit card number, or other data required to place an order. All financial data is fathered securely and will not be disclosed if not necessary for this purpose, or if covered otherwise in this policy. Information will be destroyed after the order has been completed.

Children.

The Museum of Science Fiction is committed to protecting the safety and privacy of young people using the Internet. The Museum does not knowingly collect personal information from visitors 16 years of age and under in compliance with the Children’s Online Privacy Protection Act and other data privacy requirements. Such visitors must obtain parental consent before submitting any personal information to this website. If you become aware that we have collected personal data from a child without parental consent, please notify us promptly at info@museumofsciencefiction.org. If we become aware that a child under age 16 has provided us with personal data without parental consent, we will take steps to remove such personal data.

Changes.

Our Privacy Policy may change from time to time. We typically will not reduce your rights under this Privacy Policy without your consent. We will post any privacy policy changes on this page and, if the changes are significant, we will provide a more prominent notice.

Data Rights

You can request to access, obtain a portable copy of, correct, or delete data related to your stored preferences and your use of the Services. Please note that we may take steps to verify your identity before you can make a request. Because we do not require users to register in order to use our Services, if you use more than one of our Services, or if you use our Services on more than one device or web browser, you will need to manage your data for each of the Services separately. If you have a registered account and are logged in to your account at the time of the request, we will be able to retrieve data related to your use of the Services while you were logged in and all other devices you have used while logged into your registered account.

Please note that following a deletion request, we will resume collecting personal data if you continue your use of the Services.

As permitted by law or to provide our Services, we do not delete data we use to:

  • Complete transactions requiring data such as billing information or transaction histories;

  • Respond to customer support inquiries;

  • Detect and prevent security incidents, identify, and repair errors that impair functionality of our Services (e.g., log files, error diagnostics); and

  • Comply with legal obligations.

In the event that you consider our processing of data related to your use of the Services not to be compliant with the applicable data protection laws, you can contact us at info@museumofsciencefiction.org or lodge a complaint with the relevant data protection authority.

General Data Protection Regulation (GDPR) and Lei Geral de Proteção de Dados Pessoais (LGPD)

Please note that for the purposes of the GDPR and LGPD the data controller is the Museum of Science Fiction Incorporated, incorporated in the Commonwealth of Virginia, which may be contacted at info@museumofsciencefiction.org.

Our processing of your personal data in order to provide you with the Services will typically be based on one of the following processing bases under GDPR and LGPD: (i) because you have provided us with your specific, informed, freely-given, and unambiguous consent, (ii) because we need to process it in order to provide you with the Services or a particular feature of the Services; that is, because we cannot readily fulfil your request without performing the relevant processing, or (iii) because the processing is necessary for the purposes of the legitimate interests pursued either by us or by a third party and such legitimate interests are not overridden by your privacy and related rights as an individual.