​1. Purpose

 

South Jersey Cultural Alliance (SJCA) Data Policy outlines how SJCA collects, manages, and shares data to:

​

• Support cultural landscape assessment & advocacy by gathering aggregated data on cultural participation and impact.

• Promote cultural tourism by providing publicly accessible information on South Jersey’s artists, cultural organizations, and events.

• Enhance visibility for individual cultural assets and creative professionals through digital profiles on the South Jersey Cultural Asset Map and Mobile Application.

• Ensure transparency and compliance with applicable data privacy laws and user rights.

 

SJCA provides members full control over their profiles and data via a self-service ArcGIS online portal, allowing them to update, modify, or remove their information at any time.

 

2. Data Collection & Sources

​

SJCA collects data from various sources to populate the South Jersey Cultural Asset Map, Membership Directory, and Cultural Tourism Resources.

​

A. Member-Provided Data (Self-Managed in ArcGIS Portal)

• Profile Information (organization/artist name, contact details, website, social media links, artistic discipline, location, membership level).

• Images & Media (photos, videos, and descriptions).

• Event Listings & Offerings (exhibitions, performances, workshops, and cultural tourism activities).

B. Public & Partnership Contributions

• Verified Public Data (integrated from local arts councils, historical registries, and tourism agencies).

• Collaborative Data Sharing (cultural districts, municipalities, and tourism organizations).

C. Data from SJCA Programs & Engagements

• Surveys & Feedback Forms (collected from members and audiences to improve services).

• Cultural Impact Reporting (aggregated data for grant applications, advocacy, and funding assessments).

 

3. Member Data Management & Access

​

A. Member Control & Self-Management

• Members own and control their own data and can update, modify, or remove their records through the ArcGIS online portal.

• Only verified members can edit their profiles.

B. Public Visibility & Cultural Tourism Promotion

• Member profiles and cultural assets may appear on:

  • SJCA.net

  • The South Jersey Cultural Asset Map

  • The SJCA Mobile App

  • Tourism promotion initiatives & partnerships

C. Data Opt-Out & Removal Requests

• Members may request removal of their profile by contacting info@sjca.net.

• Publicly sourced data subjects may also request removal through this process.

​

4. Data Usage & Sharing

​

A. Intended Use

​

Data hosted on SJCA’s platforms is used to:
✔ Promote cultural tourism & local engagement.
✔ Support arts advocacy & grant reporting.
✔ Connect artists, organizations, and audiences.
✔ Inform research on the regional cultural economy.

​

B. Data Sharing with Partners

​

• Local & State Tourism Agencies (for cultural promotion).

• Funding, Service, & Advocacy Groups (for impact analysis).

• Academic & Research Institutions (for cultural studies).

• ​

C. Commercial Use & Licensing

​

• Non-Commercial Use – Data is free for public exploration and non-commercial research.

• Third-Party Licensing – Organizations wishing to use data commercially must obtain explicit permission from SJCA.

 

5. Advertising & Sponsorship Policy

​

A. Purpose of Advertising & Sponsorships

​

SJCA offers paid advertising and sponsorships within the Cultural Asset Map and Mobile Application to:
✔ Promote local cultural organizations, tourism businesses, and artists.
✔ Generate revenue to sustain SJCA’s digital infrastructure.
✔ Support South Jersey’s reputation as a cultural destination.

​

B. Advertising Standards & Vetting Process

​

• Advertisements must align with SJCA’s mission and cultural tourism goals.

• Prohibited Content: No misleading, discriminatory, political, or inappropriate ads.

• Review Process: All advertisements are subject to SJCA approval before publication.

• Advertiser Responsibility: Advertisers must certify that they own or have permission for all media and claims made in their advertisements.

​

C. Non-Endorsement & Indemnification

​

• SJCA does not endorse the products, services, or claims made by advertisers.

• Advertisers must indemnify and hold SJCA harmless against false advertising claims, consumer disputes, or legal action.

 

6. Privacy & Data Security Compliance

​

A. Compliance with State Data Protection Laws

​

Since SJCA collects and processes data primarily from individuals or entities in New Jersey, it complies with applicable state data protection laws, including:

​

1. New Jersey Consumer Fraud Act (CFA) & Data Breach Notification Law

   • Requires that businesses and nonprofits safeguard personal information and notify affected individuals in the event of a data breach.

   • Personal information includes names, email addresses, and publicly available professional specialization data. 

   • SJCA data does not include sensitive identifiers (e.g., Social Security Numbers, driver’s license numbers, account passwords).

​

B. Implied Consent & Data Collection

​

By engaging with SJCA’s membership system, submitting information to the South Jersey Cultural Asset Map, or participating in SJCA’s data collection initiatives, users imply consent to the collection, processing, and public display of relevant data in accordance with this policy.

​

• SJCA Member Users automatically receive a secure login with a paid membership, enabling them to access, update, modify, or delete their data at any time.

• Basic (No-Cost) Members may request a free login to manage their profile, event listings, and cultural asset information.

• Some cultural asset information is obtained through field research conducted by SJCA field experts and partner organizations. This data is vetted for accuracy and relevance before inclusion in the Cultural Asset Map to ensure it aligns with SJCA’s mission.

​

• By maintaining a presence on SJCA’s platforms, users acknowledge that:

  • Their submitted data may be publicly displayed to promote cultural tourism and regional engagement.

  • SJCA may integrate field-researched data into its platforms for historical, cultural, or tourism-related purposes.

  • Users are responsible for ensuring the accuracy of their submitted information and may update or remove it as needed.

​

• Users and listed organizations have the right to:

  • Access their profile and submitted data.

  • Modify or correct any inaccuracies.

  • Update, replace, or delete media files (e.g., photos, videos, descriptions).

  • Request a review or correction of field-researched listings if they believe the information is inaccurate.

  • Request the removal of their profile or listing if they no longer wish to be included.

 

Users who do not wish to have their data included may request removal or modification by contacting info@sjca.net or adjusting their settings via SJCA’s Member login portal link.

​

C. Data Security Measures

​

SJCA is committed to protecting personal information and has implemented state-compliant security measures in accordance with New Jersey, Pennsylvania, Delaware, and New York data protection laws. These measures include:

​

1. Restricted Access Controls

​

SJCA employs role-based access controls (RBAC) and multi-factor authentication (MFA) to ensure that only authorized personnel can access sensitive data.

• Limited Access Permissions:

  • Only designated SJCA administrators and IT personnel have access to secure databases and complete member records.

  • User data within the ESRI ArcGIS system is accessible only by users with authenticated SJCA Member or Basic (No-Cost) logins.

• Authentication Protocols:

  • Unique User Logins: Each member receives individual login credentials with permissions based on membership level.

  • Multi-Factor Authentication (MFA): Required for administrative access to SJCA’s data management systems.

• Data Encryption & Transmission Security:

  • All sensitive information is encrypted at rest and in transit on ESRI ArcGIS servers.

  • Data transfers use SSL/TLS encryption protocols to protect against unauthorized interception.

• Monitoring & Intrusion Detection:

  • SJCA systems include real-time activity monitoring to detect unauthorized access attempts or anomalies.

  • Failed login attempts and suspicious activities trigger automatic security alerts for review.

​

2. Regular Security Audits

​

SJCA conducts routine security audits to assess vulnerabilities, ensure compliance, and maintain data integrity.

• Quarterly Compliance Reviews:

  • Data handling processes are reviewed every year to verify compliance with NJ data laws.

• Access Logs & Review Procedures:

  • All data modifications and access logs are tracked, recorded, and reviewed to identify unauthorized activities.

• Policy Updates & Employee Training:

  • SJCA’s security policies are updated annually based on emerging cybersecurity threats and best practices.

  • Staff handling sensitive data undergo mandatory cybersecurity training to stay informed on phishing risks, data handling protocols, and incident response procedures.

​

3. Data Breach Response Plan

​

In the event of a data breach, SJCA follows a structured incident response plan to minimize damage and comply with state reporting regulations.

​

Step 1: Immediate Containment & Investigation

​

• Detection & Confirmation: SJCA’s team investigates potential breaches via intrusion detection systems and access logs.

• Containment Measures:

  • Temporarily disable compromised accounts or limit access to affected systems.

  • Revoke unauthorized access tokens and update security credentials.

  • Isolate affected servers or databases to prevent further exposure.

 

Step 2: Risk Assessment & Forensic Analysis

​

• Determine the Scope of the Breach:

  • Identify what data was accessed, altered, or stolen.

  • Assess potential risks for affected members and SJCA systems.

• Engage External Cybersecurity Experts (if needed):

  • If a large-scale breach occurs, SJCA will consult cybersecurity specialists to perform forensic analysis and recommend corrective actions.

​

Step 3: Notification to Affected Individuals & Authorities

​

• State-Mandated Notifications:

  • If personal data of New Jersey, Pennsylvania, Delaware, or New York residents is compromised, SJCA will notify state regulatory bodies as required by law.

• User Notification Process:

  • Affected users will be notified via email and platform announcements within the state-required notification timeframe.

  • SJCA will provide details on:

    • What information was compromised

    • What steps users should take to protect themselves (e.g., password changes, fraud alerts)

    • What corrective actions SJCA is implementing

​

Step 4: Corrective Measures & Future Risk Mitigation

• Security Patch Implementation:

  • Identify vulnerabilities and apply necessary security patches to affected systems.

• Strengthened Security Protocols:

  • Introduce additional encryption layers, stricter access controls, and system-wide security enhancements.

• Post-Breach Audit & Policy Review:

  • Conduct internal audits to determine the effectiveness of the response.

  • Update SJCA’s Data Security Policy based on lessons learned.

  • Reinforce employee training on breach prevention and incident handling.

 

7. Legal Disclaimers & Limitation of Liability

​

A. No Warranties & User Reliance Disclaimer

​

• SJCA provides the Cultural Asset Map and Mobile Application “as is,” without warranties of any kind.

• SJCA is not liable for errors, omissions, or reliance on the provided data.

• ​

B. Member & Advertiser Indemnification

​

• Members submitting data must indemnify SJCA against legal claims arising from inaccurate, false, or unauthorized content.

• Advertisers must agree to hold SJCA harmless from legal claims related to their ads, offers, or promotional content.

​

C. Force Majeure Protection

​

• SJCA is not responsible for disruptions due to cyberattacks, government regulations, server failures, or natural disasters.

 

8. Terms of Use & Policy Updates

​

• Compliance: All users must comply with this policy and applicable laws.

• Policy Changes: SJCA may update this policy as needed. Changes will be posted on SJCA.net.

 

9. Contact & Questions

​

For data inquiries, profile updates, or opt-out requests, please contact:

info@sjca.net
South Jersey Cultural Alliance
https://www.sjca.net

​

By using South Jersey CultureQuest Cultural Asset Map and Mobile Application, CultureConnect Membership Directory, contributors and users agree to the terms outlined in this policy.