Last Updated: June 22nd 2018

This privacy policy applies to information collected by the Institute for Transportation & Development Policy and its affiliated entities (“ITDP,” “we,” “our” or “us”), including, data collected offline as well as on the website, www.itdp.org (the “Site”). Please read this privacy policy carefully. BY USING THE SITE, YOU ACKNOWLEDGE YOU HAVE READ AND UNDERSTOOD THIS PRIVACY POLICY. IF YOU DO NOT AGREE WITH THE TERMS OF THIS PRIVACY POLICY, PLEASE DO NOT USE THE SITE.

Please note the arbitration provision set forth in Section P, requiring you to arbitrate any claims you may have against us on an individual basis. ARBITRATION ON AN INDIVIDUAL BASIS MEANS THAT YOU WILL NOT HAVE, AND YOU WAIVE, THE RIGHT FOR A JUDGE OR JURY TO DECIDE YOUR CLAIMS, AND THAT YOU MAY NOT PROCEED IN A CLASS, CONSOLIDATED, OR REPRESENTATIVE CAPACITY.

  1. Information Collected

We collect two types of information: (1) Personally Identifiable Information (“PII”) and (2) Non-Personally Identifiable Information (“Non-PII”). “Personally Identifiable Information” is any information that relates to an identified or identifiable natural person. “Non-Personally Identifiable Information” can be technical information or it can be demographic information, such as your age, gender or interests, as long as such information cannot be used to identify you personally. We consider aggregated information, which is not PII, to be Non-PII. Please note that, over time, non-personally identifiable information could become personally identifiable information through regulatory developments, technological advancements, or co-mingling with personally identifiable information. We collect the following information from and about you:

  • We collect your first and last name and email address if you subscribe to receive our news bulletin;
  • We collect your email address if you contact us with a question;
  • We collect your first and last name, employer name, address, credit card and billing information when you make a donation; and
  • We collect your first and last name, date of birth and email address if you choose to participate in a contest or sweepstakes.
  • We collect your IP address when you visit the site. An IP address is a number that lets computers attached to the Internet know where to send your data, such as the web pages you view.
  • We collect demographic information, such as gender, age, zip code and interests, when you voluntarily provide such information to us on the Site.

If you do not want ITDP to collect your PII, please do not provide it to us.

  1. Cookies and Similar Technologies

A “cookie” is a small text file that may be used to collect information about your activity on the Site. For example, when someone visits a page within the Site, a cookie is placed on the user’s machine (if the user accepts cookies) or is read if the user has visited the Site previously. We use the information we collect from cookies for marketing and informational purposes. Collected data may be shared, in aggregate form, with third-parties. We do not currently honor any “do-not-track” signal sent by browsers.  However, you may opt-out of targeted advertising by visiting networkadvertising.org/choices. You may set most browsers to notify you if you receive a cookie, or you may choose to block cookies with your browser, but if you do, you may not be able to take advantage of the personalized features enjoyed by other users to our Site. Different cookies are used to perform different functions, which we explain below:

  • Strictly Necessary. Some cookies are essential in order to enable you to move around our Site and use their features, such as accessing secure areas of the Site. Without these cookies, we cannot enable appropriate content based on the type of device you are using.
  • Browsing and Functionality. These cookies allow us to remember choices you make on the Site, such as your preferred language, and provide enhanced, more personalized features.
  • Performance and Analytics. Our Site uses Google Analytics to help analyze how users use our Site. The tool uses cookies to generate information about your use of the Site (including IP address, operating system, browser type, language, and referring website) and to transmit that information to Google. This information is then used to evaluate visitors’ use of the Site and to compile statistical reports on Site activity for ITDP. ITDP uses these reports to monitor online engagement and improve our Site. Google also provides a complete privacy policy and instructions on opting-out of Google Analytics here. Please note the Google Analytics opt-out browser add-on does not prevent data from being sent to the Site itself or in other ways to web analytics services.

We will never (and will not allow any third party to) use the statistical analytics tool to track or to collect any PII of visitors to our Site (such as a name, email address or billing information) without your consent. Google will not associate your IP address with any other data held by Google. Neither we nor Google will link, or seek to link, an IP address with the identity of a computer user. We will not associate any data gathered from this site with any PII from any source, unless you explicitly submit that information via a fill-in form on our website.

In addition, we use web Beacons (also known as “clear gifs,” “web bugs” or “pixel tags”), which are tiny graphics with a unique identifier, similar in function to cookies, and are used to allow us to count users who have visited certain pages of the Site and to help determine the effectiveness of promotional or advertising campaigns. When used in HTML-formatted email messages, web beacons can tell the sender whether and when the email has been opened. In contrast to cookies, which are stored on a user’s computer hard drive, web beacons are embedded invisibly on web pages.

  1. Use of Information

(1) Personally Identifiable Information

We use your PII primarily for the following purposes:

  1. To deliver services, such as educational programs, newsletters or other information that you request;
  2. To complete a transaction or service requested by you;
  3. To fulfill the terms of a promotion;
  4. To ensure the Site is relevant to your needs;
  5. To help us create and publish content most relevant to you;
  6. To match your donation with your employer’s donation;
  7. To notify you about a material change to this privacy policy, if necessary;
  8. To allow you access to limited-entry areas of the Site;
  9. To contact you in response to your requests or when you contact us; and
  10. To alert you to important information regarding our mission and our policies, including relevant information distributed by ITDP or to forward promotional materials.

(2) Non-Personally Identifiable Information

Non-PII is used as described in Section A (2) above and in other ways as permitted by applicable laws, including combining Non-PII with PII.

  1. Legal Bases for Processing

We base the above mentioned processing activities of your PII on the following legal bases:

  • For letters a) through i), processing is necessary to establish and fulfill a contract with you ( Art. 6 para. 1 sentence 1 b) GDPR).
  • For letter j), processing is based on statutory provisions or your consent (Art. 6 para. 1 sentence 1 a) GDPR) as required by applicable law.

 

  1. Sharing and Disclosure of Information

(1) Personally Identifiable Information

We share or disclose your PII in the following instances and to the following parties:

(i) To fulfill a service to you. For example, if you subscribe to receive information from us or order materials from us, we may share your PII in order to provide the information and materials to you. In addition, if you email us a question, we may use your email address to process your request and respond to your question. Also, if you are entering a sweepstakes or contest, we may use your PII in order to fulfill the terms of that promotion. This means that we may share the information for prize fulfillment purposes or mail carriers. We also may share your information with the co-sponsor of that promotion.

(iii) To unaffiliated third-party service providers, agents or independent contractors who help us maintain our Site and provide other administrative services to us, such as order processing and fulfillment, providing customer service, maintaining and analyzing data, sending customer communications on our behalf, and entry collection, winner selection and prize fulfillment for contests, sweepstakes and other promotions.  For example, if you want to find out if your employer matches donations, we may use a third party to compile and access that information and to help us to maintain our records. We seek to ensure that these unaffiliated third parties will not use the PII for any other purpose than to provide the administrative services for which they are responsible. Because such unaffiliated third-party service providers that help us administer our Site will have access to users’ PII, if you do not wish for our unaffiliated third-party service providers to have access to your information, please do not register or submit any PII to us.

(iv) To complete your transaction. If you choose to make a purchase or donation, we may collect from you your credit card number, billing address and other information related to such transaction, and we may use such collected information in order to complete your transaction. We may also provide such information, or other PII provided by you, to unaffiliated third parties as necessary to complete your transaction (for example, to process your credit card).

(v) To comply with the law or in the good faith belief that such action is necessary in order to conform to the requirements of law or comply with legal process served on us, protect and defend our rights or property, including the rights and property of ITDP or act in urgent circumstances to protect the personal safety of our end users.

(vii) To track and analyze non-identifying and aggregate usage and volume statistical information from our visitors and customers and provide such information to third parties.

(viii) To protect against potential fraud, we may verify with third parties the information collected from the Site. In the course of such verification, we may receive PII about you from such services. In particular, if you use a credit card or debit card to purchase services with us, we may use card authorization and fraud screening services to verify that your card information and address matches the information that you supplied to us, and that the card has not been reported as lost or stolen.

(2) Non-Personally Identifiable Information

We use Non-PII in the manner disclosed above. We may share this Non-PII with third parties.

  1. Collection and Use of Information from Children

The Site does not knowingly target children under the age of 13, or 16 in the European Union (“EU”), and we do not collect PII from any child under the age of 13, or 16 in the EU. In the event we learn that such information has been provided to the Site, we will delete or destroy it.

  1. International Transfer of Information

If you choose to provide us with PII, ITDP may transfer that information to its affiliates and subsidiaries or to other third parties, across borders, and from your country or jurisdiction to other countries or jurisdictions around the world. If you are visiting from the European Union or other regions with laws governing data collection and use that may differ from U.S. law, please note that you are transferring your PII to the United States which does not have the same data protection laws as the EU. Where necessary, we utilize Standard Contractual Clauses approved by the European Commission to legitimize the transfer of personally identifiable information from the EU to the United States and other countries. With knowledge of these risks, by providing your personally identifiable information you acknowledge that you understand:

  • Your PII will be used for the uses identified above in accordance with this privacy policy; and
  • Your PII will be transferred to the United States and other jurisdictions as indicated above.
  1. Forums, Chat Rooms and Other Public Posting Areas

Please note that any information you include in a message you post to any chat room, forum or other public posting area is available to anyone with Internet access. If you don’t want people to know your e-mail address, for example, don’t include it in any message you post publicly. PLEASE BE EXTREMELY CAREFUL WHEN DISCLOSING ANY INFORMATION IN CHAT ROOMS, FORUMS AND OTHER PUBLIC POSTING AREAS. WE ARE NOT RESPONSIBLE FOR THE USE BY OTHERS OF THE INFORMATION THAT YOU DISCLOSE IN CHAT ROOMS, FORUMS AND OTHER PUBLIC POSTING AREAS.

  1. Third Party Web Sites and Social Media Buttons

This privacy policy applies solely to information collected on the Site. The Site may contain links to other web sites. We are not responsible for the privacy practices or the content of these other web sites.

In particular, we use the following social media plug-ins: Facebook and Twitter. The plug-ins can be identified by the social media buttons marked with the logo of the provider of the respective social media networks.

We have implemented these plug-ins using the so-called 2-click solution. This means that when you use our Site, PII will not initially be collected by the providers of these social media plug-ins. Only if you click on one of the plug-ins will your PII be transmitted: By activating the plug-in, information is automatically transmitted to the respective plug-in provider and stored by them. We neither have influence on the information collected and processing operations conducted by the providers, nor are we aware of the full extent of information collection, the purposes, or the retention periods.

Information on the purpose and scope of information collection and its processing by the plug-in provider can be found in the respective privacy policies of these providers, where you will also find further information on your rights and options for privacy protection.

Facebook Inc., 1601 Willow Road, Menlo Park, California 94304, USA: https://www.facebook.com/privacy/explanation.

Twitter, Inc., 1355 Market St, Suite 900, San Francisco, California 94103, USA: https://twitter.com/privacy.

  1. Your Individual Rights

You may be entitled to ask us for a copy of your information, to correct it, erase or restrict its processing, or to ask us to transfer some of this information to other organizations. You may also have the right to object to some processing activities and, where we have asked for your consent to process your information, to withdraw this consent. These rights may be limited in some situations – for example, where we can demonstrate that we have a legal requirement to process your information. In some instances, this may mean that we are able to retain your information even if you withdraw your consent.

 

We hope that we can satisfy queries you may have about the way we process your information. If you have any concerns about how we process your information, or would like to opt-out of marketing, you can get in touch at mobility@itdp.org.

 

In the event you have unresolved concerns, you also have the right to complain to a data protection authority.

  1. Assignment

In the event that all or part of our assets are sold or acquired by another party, or in the event of a merger, you grant us the right to assign the PII and Non-PII collected via the Site.

  1. Changes to this Privacy Policy

We reserve the right to change this privacy policy from time to time. When we do, we will also revise the “Last Updated” date at the top of this privacy policy. If we make material changes to the privacy policy, we will notify you via email at the primary email address specified in your account and by placing a prominent notice on the Site.

  1. Security and Data Retention

No data transmissions over the Internet can be guaranteed to be 100% secure. Consequently, we cannot ensure or warrant the security of any information you transmit to us and you understand that any information that you transfer to ITDP is done at your own risk.

Once we receive your transmission, we make reasonable efforts to ensure security on our systems. We use firewalls to protect your information from unauthorized access, disclosure, alteration, or destruction. However, please note that this is not a guarantee that such information may not be accessed, disclosed, altered or destroyed by breach of such firewalls and secure server software.

If we learn of a security systems breach we may attempt to notify you electronically so that you can take appropriate protective steps. By using the Site or providing PII to us you agree that we can communicate with you electronically regarding security, privacy and administrative issues relating to your use of the Site. We may post a notice on our Site if a security breach occurs. We may also send an email to you at the email address you have provided to us in these circumstances. Depending on where you live, you may have a legal right to receive notice of a security breach in writing.

We will keep your PII for as long as necessary to perform the purposes set out in this Privacy Policy. Laws may require us to hold certain information for specific periods.

  1. Contacting Us

If you have any questions about this privacy policy or our privacy practices, please contact us at mobility@itdp.org.  All information you provide in any written communication will also be covered by this policy.

  1. Your California Privacy Rights

California Civil Code Section 1798.83 permits our visitors who are California residents to request certain information regarding our disclosure of PII to third parties for their direct marketing purposes. To make such a request, please contact us at:

ITDP Headquarters
9 East 19th Street, 7th Floor
New York, NY 10003 USA
mobility@itdp.org

  1. ARBITRATION AND CLASS ACTION WAIVER

You and ITDP agree that, if there is any controversy, claim, action, or dispute arising out of or related to your use of the Site, or the breach, enforcement, interpretation, or validity of the Privacy Policy or any part thereof (“Dispute”), both parties shall first try in good faith to settle such Dispute by providing written notice to the other party describing the facts and circumstances of the Dispute and allowing the receiving party 30 days in which to respond to or settle the Dispute. Notice shall be sent to ITDP at

[INSERT CONTACT INFORMATION].

Both you and ITDP agree that this dispute resolution procedure is a condition precedent that must be satisfied before initiating any litigation or filing any claim against the other party.

IF ANY DISPUTE CANNOT BE RESOLVED BY THE ABOVE DISPUTE RESOLUTION PROCEDURE, YOU AGREE THAT THE SOLE AND EXCLUSIVE JURISDICTION FOR SUCH DISPUTE WILL BE DECIDED BY BINDING ARBITRATION ON AN INDIVIDUAL BASIS. ARBITRATION ON AN INDIVIDUAL BASIS MEANS THAT YOU WILL NOT HAVE, AND YOU WAIVE, THE RIGHT FOR A JUDGE OR JURY TO DECIDE YOUR CLAIMS, AND THAT YOU MAY NOT PROCEED IN A CLASS, CONSOLIDATED, OR REPRESENTATIVE CAPACITY. Other rights that you and we would have in court will not be available or will be more limited in arbitration, including discovery and appeal rights. All such Disputes shall be exclusively submitted to JAMS (www.jamsadr.com) for binding arbitration under its rules then in effect in the New York, New York, metropolitan area before one arbitrator to be mutually agreed upon by both parties.

The arbitrator, and not any federal, state, or local court or agency, shall have exclusive authority to resolve any dispute arising under or relating to the interpretation, applicability, enforceability, or formation of this Privacy Policy, including any claim that all or any part of this Privacy Policy is void or voidable.

  1. Choice of Law and Forum

You agree that the laws of the state of New York govern the Privacy Policy and any Dispute that you may have against us, without regard to any applicable conflict of laws rules. The parties acknowledge that use of the Site and this Privacy Policy evidences a transaction involving interstate commerce. Notwithstanding the foregoing with respect to applicable substantive law, any arbitration conducted pursuant to the Privacy Policy shall be governed by the Federal Arbitration Act (9 U.S.C., Secs. 1-16).

You further agree that any disputes or claims not subject to the arbitration provision discussed above shall be resolved by a court located in New York, New York, and you agree and submit to the exercise of personal jurisdiction of such courts for the purpose of litigating any such claim or action. PLEASE NOTE THAT BY AGREEING TO THIS PRIVACY POLICY, YOU ARE: (1) WAIVING CLAIMS THAT YOU MIGHT OTHERWISE HAVE AGAINST US BASED ON THE LAWS OF OTHER JURISDICTIONS, INCLUDING YOUR OWN; (2) IRREVOCABLY CONSENTING TO THE EXCLUSIVE JURISDICTION OF, AND VENUE IN, STATE OR FEDERAL COURTS IN NEW YORK FOR ANY DISPUTES OR CLAIMS BROUGHT UNDER THIS PROVISION; AND (3) SUBMITTING YOURSELF TO THE PERSONAL JURISDICTION OF COURTS LOCATED IN NEW YORK FOR THE PURPOSE OF RESOLVING ANY SUCH DISPUTES OR CLAIMS.

 

Subscribe

Sign up for updates on our projects, events and publications.

SIGN UP

Send this to a friend