Last Updated: June 22nd 2018
Please note the arbitration provision set forth in Section P, requiring you to arbitrate any claims you may have against us on an individual basis. ARBITRATION ON AN INDIVIDUAL BASIS MEANS THAT YOU WILL NOT HAVE, AND YOU WAIVE, THE RIGHT FOR A JUDGE OR JURY TO DECIDE YOUR CLAIMS, AND THAT YOU MAY NOT PROCEED IN A CLASS, CONSOLIDATED, OR REPRESENTATIVE CAPACITY.
- Information Collected
We collect two types of information: (1) Personally Identifiable Information (“PII”) and (2) Non-Personally Identifiable Information (“Non-PII”). “Personally Identifiable Information” is any information that relates to an identified or identifiable natural person. “Non-Personally Identifiable Information” can be technical information or it can be demographic information, such as your age, gender or interests, as long as such information cannot be used to identify you personally. We consider aggregated information, which is not PII, to be Non-PII. Please note that, over time, non-personally identifiable information could become personally identifiable information through regulatory developments, technological advancements, or co-mingling with personally identifiable information. We collect the following information from and about you:
- We collect your first and last name and email address if you subscribe to receive our news bulletin;
- We collect your email address if you contact us with a question;
- We collect your first and last name, employer name, address, credit card and billing information when you make a donation; and
- We collect your first and last name, date of birth and email address if you choose to participate in a contest or sweepstakes.
- We collect your IP address when you visit the site. An IP address is a number that lets computers attached to the Internet know where to send your data, such as the web pages you view.
- We collect demographic information, such as gender, age, zip code and interests, when you voluntarily provide such information to us on the Site.
If you do not want ITDP to collect your PII, please do not provide it to us.
- Cookies and Similar Technologies
A “cookie” is a small text file that may be used to collect information about your activity on the Site. For example, when someone visits a page within the Site, a cookie is placed on the user’s machine (if the user accepts cookies) or is read if the user has visited the Site previously. We use the information we collect from cookies for marketing and informational purposes. Collected data may be shared, in aggregate form, with third-parties. We do not currently honor any “do-not-track” signal sent by browsers. However, you may opt-out of targeted advertising by visiting networkadvertising.org/choices. You may set most browsers to notify you if you receive a cookie, or you may choose to block cookies with your browser, but if you do, you may not be able to take advantage of the personalized features enjoyed by other users to our Site. Different cookies are used to perform different functions, which we explain below:
- Strictly Necessary. Some cookies are essential in order to enable you to move around our Site and use their features, such as accessing secure areas of the Site. Without these cookies, we cannot enable appropriate content based on the type of device you are using.
- Browsing and Functionality. These cookies allow us to remember choices you make on the Site, such as your preferred language, and provide enhanced, more personalized features.
We will never (and will not allow any third party to) use the statistical analytics tool to track or to collect any PII of visitors to our Site (such as a name, email address or billing information) without your consent. Google will not associate your IP address with any other data held by Google. Neither we nor Google will link, or seek to link, an IP address with the identity of a computer user. We will not associate any data gathered from this site with any PII from any source, unless you explicitly submit that information via a fill-in form on our website.
In addition, we use web Beacons (also known as “clear gifs,” “web bugs” or “pixel tags”), which are tiny graphics with a unique identifier, similar in function to cookies, and are used to allow us to count users who have visited certain pages of the Site and to help determine the effectiveness of promotional or advertising campaigns. When used in HTML-formatted email messages, web beacons can tell the sender whether and when the email has been opened. In contrast to cookies, which are stored on a user’s computer hard drive, web beacons are embedded invisibly on web pages.
- Use of Information
(1) Personally Identifiable Information
We use your PII primarily for the following purposes:
- To deliver services, such as educational programs, newsletters or other information that you request;
- To complete a transaction or service requested by you;
- To fulfill the terms of a promotion;
- To ensure the Site is relevant to your needs;
- To help us create and publish content most relevant to you;
- To match your donation with your employer’s donation;
- To allow you access to limited-entry areas of the Site;
- To contact you in response to your requests or when you contact us; and
- To alert you to important information regarding our mission and our policies, including relevant information distributed by ITDP or to forward promotional materials.
(2) Non-Personally Identifiable Information
Non-PII is used as described in Section A (2) above and in other ways as permitted by applicable laws, including combining Non-PII with PII.
- Legal Bases for Processing
We base the above mentioned processing activities of your PII on the following legal bases:
- For letters a) through i), processing is necessary to establish and fulfill a contract with you ( Art. 6 para. 1 sentence 1 b) GDPR).
- For letter j), processing is based on statutory provisions or your consent (Art. 6 para. 1 sentence 1 a) GDPR) as required by applicable law.
- Sharing and Disclosure of Information
(1) Personally Identifiable Information
We share or disclose your PII in the following instances and to the following parties:
(i) To fulfill a service to you. For example, if you subscribe to receive information from us or order materials from us, we may share your PII in order to provide the information and materials to you. In addition, if you email us a question, we may use your email address to process your request and respond to your question. Also, if you are entering a sweepstakes or contest, we may use your PII in order to fulfill the terms of that promotion. This means that we may share the information for prize fulfillment purposes or mail carriers. We also may share your information with the co-sponsor of that promotion.
(iii) To unaffiliated third-party service providers, agents or independent contractors who help us maintain our Site and provide other administrative services to us, such as order processing and fulfillment, providing customer service, maintaining and analyzing data, sending customer communications on our behalf, and entry collection, winner selection and prize fulfillment for contests, sweepstakes and other promotions. For example, if you want to find out if your employer matches donations, we may use a third party to compile and access that information and to help us to maintain our records. We seek to ensure that these unaffiliated third parties will not use the PII for any other purpose than to provide the administrative services for which they are responsible. Because such unaffiliated third-party service providers that help us administer our Site will have access to users’ PII, if you do not wish for our unaffiliated third-party service providers to have access to your information, please do not register or submit any PII to us.
(iv) To complete your transaction. If you choose to make a purchase or donation, we may collect from you your credit card number, billing address and other information related to such transaction, and we may use such collected information in order to complete your transaction. We may also provide such information, or other PII provided by you, to unaffiliated third parties as necessary to complete your transaction (for example, to process your credit card).
(v) To comply with the law or in the good faith belief that such action is necessary in order to conform to the requirements of law or comply with legal process served on us, protect and defend our rights or property, including the rights and property of ITDP or act in urgent circumstances to protect the personal safety of our end users.
(vii) To track and analyze non-identifying and aggregate usage and volume statistical information from our visitors and customers and provide such information to third parties.
(viii) To protect against potential fraud, we may verify with third parties the information collected from the Site. In the course of such verification, we may receive PII about you from such services. In particular, if you use a credit card or debit card to purchase services with us, we may use card authorization and fraud screening services to verify that your card information and address matches the information that you supplied to us, and that the card has not been reported as lost or stolen.
(2) Non-Personally Identifiable Information
We use Non-PII in the manner disclosed above. We may share this Non-PII with third parties.
- Collection and Use of Information from Children
The Site does not knowingly target children under the age of 13, or 16 in the European Union (“EU”), and we do not collect PII from any child under the age of 13, or 16 in the EU. In the event we learn that such information has been provided to the Site, we will delete or destroy it.
- International Transfer of Information
If you choose to provide us with PII, ITDP may transfer that information to its affiliates and subsidiaries or to other third parties, across borders, and from your country or jurisdiction to other countries or jurisdictions around the world. If you are visiting from the European Union or other regions with laws governing data collection and use that may differ from U.S. law, please note that you are transferring your PII to the United States which does not have the same data protection laws as the EU. Where necessary, we utilize Standard Contractual Clauses approved by the European Commission to legitimize the transfer of personally identifiable information from the EU to the United States and other countries. With knowledge of these risks, by providing your personally identifiable information you acknowledge that you understand:
- Your PII will be transferred to the United States and other jurisdictions as indicated above.
- Forums, Chat Rooms and Other Public Posting Areas
Please note that any information you include in a message you post to any chat room, forum or other public posting area is available to anyone with Internet access. If you don’t want people to know your e-mail address, for example, don’t include it in any message you post publicly. PLEASE BE EXTREMELY CAREFUL WHEN DISCLOSING ANY INFORMATION IN CHAT ROOMS, FORUMS AND OTHER PUBLIC POSTING AREAS. WE ARE NOT RESPONSIBLE FOR THE USE BY OTHERS OF THE INFORMATION THAT YOU DISCLOSE IN CHAT ROOMS, FORUMS AND OTHER PUBLIC POSTING AREAS.
- Third Party Web Sites and Social Media Buttons
In particular, we use the following social media plug-ins: Facebook and Twitter. The plug-ins can be identified by the social media buttons marked with the logo of the provider of the respective social media networks.
We have implemented these plug-ins using the so-called 2-click solution. This means that when you use our Site, PII will not initially be collected by the providers of these social media plug-ins. Only if you click on one of the plug-ins will your PII be transmitted: By activating the plug-in, information is automatically transmitted to the respective plug-in provider and stored by them. We neither have influence on the information collected and processing operations conducted by the providers, nor are we aware of the full extent of information collection, the purposes, or the retention periods.
Information on the purpose and scope of information collection and its processing by the plug-in provider can be found in the respective privacy policies of these providers, where you will also find further information on your rights and options for privacy protection.
Facebook Inc., 1601 Willow Road, Menlo Park, California 94304, USA: https://www.facebook.com/privacy/explanation.
Twitter, Inc., 1355 Market St, Suite 900, San Francisco, California 94103, USA: https://twitter.com/privacy.
- Your Individual Rights
You may be entitled to ask us for a copy of your information, to correct it, erase or restrict its processing, or to ask us to transfer some of this information to other organizations. You may also have the right to object to some processing activities and, where we have asked for your consent to process your information, to withdraw this consent. These rights may be limited in some situations – for example, where we can demonstrate that we have a legal requirement to process your information. In some instances, this may mean that we are able to retain your information even if you withdraw your consent.
We hope that we can satisfy queries you may have about the way we process your information. If you have any concerns about how we process your information, or would like to opt-out of marketing, you can get in touch at email@example.com.
In the event you have unresolved concerns, you also have the right to complain to a data protection authority.
In the event that all or part of our assets are sold or acquired by another party, or in the event of a merger, you grant us the right to assign the PII and Non-PII collected via the Site.
- Security and Data Retention
No data transmissions over the Internet can be guaranteed to be 100% secure. Consequently, we cannot ensure or warrant the security of any information you transmit to us and you understand that any information that you transfer to ITDP is done at your own risk.
Once we receive your transmission, we make reasonable efforts to ensure security on our systems. We use firewalls to protect your information from unauthorized access, disclosure, alteration, or destruction. However, please note that this is not a guarantee that such information may not be accessed, disclosed, altered or destroyed by breach of such firewalls and secure server software.
If we learn of a security systems breach we may attempt to notify you electronically so that you can take appropriate protective steps. By using the Site or providing PII to us you agree that we can communicate with you electronically regarding security, privacy and administrative issues relating to your use of the Site. We may post a notice on our Site if a security breach occurs. We may also send an email to you at the email address you have provided to us in these circumstances. Depending on where you live, you may have a legal right to receive notice of a security breach in writing.
- Contacting Us
- Your California Privacy Rights
California Civil Code Section 1798.83 permits our visitors who are California residents to request certain information regarding our disclosure of PII to third parties for their direct marketing purposes. To make such a request, please contact us at:
9 East 19th Street, 7th Floor
New York, NY 10003 USA
- ARBITRATION AND CLASS ACTION WAIVER
Both you and ITDP agree that this dispute resolution procedure is a condition precedent that must be satisfied before initiating any litigation or filing any claim against the other party.
IF ANY DISPUTE CANNOT BE RESOLVED BY THE ABOVE DISPUTE RESOLUTION PROCEDURE, YOU AGREE THAT THE SOLE AND EXCLUSIVE JURISDICTION FOR SUCH DISPUTE WILL BE DECIDED BY BINDING ARBITRATION ON AN INDIVIDUAL BASIS. ARBITRATION ON AN INDIVIDUAL BASIS MEANS THAT YOU WILL NOT HAVE, AND YOU WAIVE, THE RIGHT FOR A JUDGE OR JURY TO DECIDE YOUR CLAIMS, AND THAT YOU MAY NOT PROCEED IN A CLASS, CONSOLIDATED, OR REPRESENTATIVE CAPACITY. Other rights that you and we would have in court will not be available or will be more limited in arbitration, including discovery and appeal rights. All such Disputes shall be exclusively submitted to JAMS (www.jamsadr.com) for binding arbitration under its rules then in effect in the New York, New York, metropolitan area before one arbitrator to be mutually agreed upon by both parties.
- Choice of Law and Forum