Last Updated: June 19, 2018
ACCEPTANCE OF PRIVACY NOTICE
- INFORMATION WE COLLECTAs part of its mission to advance and connect women in technology, law and policy, ChIPs collects certain Personal Data to provide you with Services. ChIPs processes Personal Data received from a range of sources, including but not limited to individuals that visit our Website, members, speakers, donors, and other third parties in connection with the Services offered by ChIPs. We collect Personal Data that you make available to ChIPs if you choose to directly communicate or register with ChIPs to receive additional information, to donate to ChIPs in any way, or to participate in ChIPs events through our Website, via e-mail or otherwise. That information may include your first and last name, e-mail address, your social media profile (URL), organization, current position, city, state / province, country industry, chapter preference and other info you provide. We collect a record of communication(s) we have with you (such as emails, letters, telephone calls, messages sent to us through our social media platforms, feedback) when you contact us, when we contact you, or when you respond to our requests for feedback. We collect information about you and your location, how you use our Website, and your interests and preferences when you accept our cookies placed on your device and/or browser, when you update your user account information, when you open our marketing emails, when you complete forms on our Website, when you contact us, and when you respond to our requests for feedback.
Automatically As You Navigate
Each time you visit ChIPs’ Website, ChIPs, its partners, and/or vendors collect information to improve the overall quality of your online experience. We track and aggregate certain information about the visits to our Website for the purpose of analysis of general traffic flow and feature usage related to ChIPs’ Website. Information we collect to observe site traffic includes, but is not limited to, your browser, general location, and other browsing based information. ChIPs may remove personal identifiers from Personal Data or may use pseudonymization to disassociate the individual from the Personal Data, allowing statistically accurate analysis of data without exposing any individual’s identity. We compile traffic-based statistics that show the numbers and frequency of visitors to our Website and its individual pages. These are an aggregated statistical report that we use internally to better understand our Website traffic, manage our Website, and help diagnose any problems. The statistics contain no personally identifiable information and cannot be used to gather such information. To these ends, ChIPs may include information about you in aggregated group data. Such anonymous data may be shared with ChIPs affiliates, business partners, service providers and/or vendors; if it does so, ChIPs will not disclose your individual identity.
Web Server Logs and IP Addresses
An IP address is a number that automatically identifies the computer or device you use to access the Internet. The IP address enables our server to send you the web pages that you want to visit, and it may disclose the server owned by your Internet Service Provider. ChIPs may use IP addresses to conduct analyses and performance reviews and to administer the Website, and also may use other information provided by you or your browser for purposes such as enabling support for services being used.
- INFORMATION WE DO NOT INTEND COLLECTWhen you submit a member registration form to ChIPs, you may provide us information such as include your first and last name, e-mail address, profile (URL), organization, current position, city, state / province, country industry, chapter preference and other info you provide. ChIPs does not intend to record and retain records of any sensitive personal data, data regarding minority status, or unauthorized third party data.
- HOW WE USE YOUR PERSONAL DATAWe can use your Personal Data only if we have a justification for doing so. According to the law, we can only use your Personal Data for one or more of these reasons:
- To fulfill a contract we have with you, or
- If we have a legal duty to use your data for a particular reason, or
- When you consent to it, or
- When it is necessary to protect your vital interests or that of another person; or
- When it is necessary for the performance of a task carried out in the public interest; or
- When it is in our legitimate interests.
Legitimate interests are our business or commercial reasons for using your data, but even so, we will not unfairly place our legitimate interests above what is best for you. Below, we have detailed the different ways in which we use your Personal Data and the reasons we rely on for using that data.
ChIPs processes your Personal Data in order to comply with legal and regulatory obligations, contractual obligations, requests by you or on your behalf to provide our Services to you, and for other purposes for which ChIPs has a legitimate interest or other lawful basis including but not limited to: (i) keeping our records up to date (ii) providing ChIPs’ Services for you; (iii) maintaining or administering the Services, performing business analyses or for other internal purposes to improve the quality of our business and the Services we offer; (iv) prevention of fraud and financial crime to protect the public; (v) communicating with you concerning programs or services consistent with ChIPs’ obligations to provide those services or otherwise; and (vi) participating in litigation, investigations, regulatory or governmental enquiries or for other legal or regulatory purposes involving ChIPs members who use or have used ChIPs’ services and programs or other third parties.
- TECHNOLOGY WE USE
- SECURITY OF TRANSMISSION OF PERSONAL DATAUnfortunately, the transmission of information via the internet or e-mail is not completely secure. Although we will do our best to protect personal data that you submit to us, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorized access.
- HOW WE SHARE YOUR INFORMATIONWe share some of your data with, or obtain data from, the following categories of third parties:
- ChIPs will share certain Personal Data about members who use its Services with (a) any U.S. or international governmental department or agency, including regulatory authorities with a legitimate interest in the Personal Data; (b) any organization with your approval; (c) any other organization where ChIPs has a legitimate interest in doing so; (d) any other organization or individual if ChIPs is satisfied that the third party has a legitimate interest in such information including but not limited to providing services to or for members; and (e) for other purposes in support of ChIPs’ mission.
- Disclosures to third parties who assist us in our operations: We may share your Personal Data under confidentiality agreements and any required data processing agreements with other companies that work with or on behalf of ChIPs to provide products and services such as, but not limited to, those who provide (i) email or mail solutions; (ii) payment processing solutions; (iii) software to prepare for, manage and plan events, such as Hubb, Swoogo and EventBrite; (iv) analysis of usage of ChIPs’ Website; (v) support and maintenance services for ChIPs’ Website, such as Freshdesk; (vi) surveys such as Survey Monkey, and (vii) email campaign services such as MailChimp. ChIPs may also share contact information with ChIPs committee members and chapter leaders in your region so as to provide information to you from your local chapter. For example, if you are a member, ChIPs may use the information you provide us to process your registration, maintain memberships, keep you abreast of latest news, events, and programs, or respond and render the Services to you. We also may share your Personal Data with our legal, regulatory, audit, and other professional advisors. Those companies may use your Personal Data to assist us in our operations consistent with our legitimate business interests. However, those companies do not have any independent right to share the information. We will make sure that our suppliers respect your Personal Data and comply with data protection laws.
- Any other organizations: Personal Data will be shared with any other organizations with your approval or where ChIPs has a legitimate interest in doing so, including but not limited to when ChIPs must verify information relating to members; where ChIPs is satisfied that the third party has a legitimate interest in such information, including but not limited to where there is a need for those third parties to update and maintain their databases, to provide services to members and for other purposes in support of ChIPs’ mission.
- Disclosures under special circumstances. We may provide information about you, including Personal Data, to respond to subpoenas, court orders, legal processes, regulatory authority investigations, or governmental regulations or inquiries, or to establish or exercise our legal rights or defend against legal claims, or when we believe it is necessary to share such information in order to investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, or as otherwise required by law or to protect the public.
ChIPs shares both non-personal and Personal Data with those parties under certain limited restrictions including requirements to keep the Personal Data confidential, destroy the Personal Data once it no longer is needed for the intended purpose, and to prevent unauthorized release of Personal Data. ChIPs conducts such exchanges in a secure manner designed to protect against access by unauthorized parties.
- HOW TO MANAGE THE MARKETING MESSAGES YOU RECEIVEWe use third party service providers such as MailChimp and EventBrite to send you marketing communications by email (such as e-newsletters, announcements, invites to events) if you have indicated that you are happy to receive such emails. Our marketing communications include information about our events we think you might be interested in participating.
If you have previously opted-in to receiving emails from us, you can update your preferences to tell us specifically what you are interested in hearing about by clicking on the preferences link included in the marketing e-mails. You can update your preferences at any time. You can also opt out of receiving marketing emails by clicking on the unsubscribe link which we include in all our marketing emails. Please note that if you tell us that you do not wish to receive marketing emails, you will still receive service emails which are necessary for example to confirm your attendance reservation for an event. Please note that if you ask us to stop sending marketing emails, we will keep a note of your personal information and your request so that we can make sure you are excluded from the emails when they are sent out.
- HOW WE KEEP YOUR INFORMATIONWe will store your Personal Data for as long as for as long as is reasonably necessary to achieve the purposes for which it was collected, whether that is to provide services to you, for our own legitimate interests (described above), or so that we can comply with the law. We reserve the right to retain it to the full extent not prohibited by law. We may delete Personal Data in our discretion, so you should retain your own records, and not rely upon our storage of any Personal Data, content, or other data.
We will actively review the information we hold and when there no longer is a user, legal, or business need for us to hold it, we will either delete it securely or in some cases irreversibly anonymize it. When we delete any information, it will be deleted from our active databases but may remain in our archives.
By sharing information with us, you consent to the worldwide transfer and processing of your information, even in jurisdictions that may have less restrictive privacy practices than your own.
- HOW WE PROTECT YOUR DATATo prevent unauthorized access, maintain data accuracy, and facilitate the correct use of Personal Data obtained through our Website, we have put in place appropriate physical, technical, and operational measures to safeguard and secure the Personal Data we collect online against unauthorized access, unlawful use, accidental loss, corruption, or destruction.
We also use operational measures to protect the data, for example by limiting the number of people who have access to your membership information. Access to Personal Data is restricted to ChIPs staff members and third party service providers who require the access for specific purposes, such as helping us provide services to you.
We use technical measures such as password protection to protect your data and the systems where they are stored. However, messages you send to us through the Internet or otherwise electronically may not be secure. We recommend that you do not send any confidential information to us by email. If you choose to send confidential information to us, you accept the risk that a third party may intercept this information.
Some of the recipients of Personal Data as specified above may be located in countries (including the United States) that do not provide a level of data protection equivalent to that set forth by the European Union and some other jurisdictions. If you submit any Personal Data or choose to access or use the Services offered by ChIPs such as our Website, you consent to such disclosure, transfer, process, and storage of information in accordance with this Privacy Notice and subject to such applicable laws which may include access by law enforcement and other government entities including courts and tribunals.
If we do transfer Personal Data outside the U.S., we will make sure that it is protected in the same way as if it were being used in the U.S. We will use one of the following safeguards to ensure your information is protected:
- Transfer the data to a non-EEA country that has privacy laws at least as protective as those within the EEA, or
- Put in place a contract with the recipient of the data, which means the recipient must protect the data to the same standards as required within the EEA, or
- Transfer it to organizations that are part of the Privacy Shield. The Privacy Shield is a framework that sets out the standards for data to be sent between the United States and European countries. The Privacy Shield ensures that data are protected to the same standards as used within the EEA.
Consent to Electronic Notice If There is a Security Breach
We will safeguard your Personal Data and prevent such information from unauthorized access, disclosure, or use. If we or a Recipient is required to provide notice of unauthorized access to or other invasion of certain security systems, you agree that we (or they) may do so when required (or voluntarily) by posting notice on our Site or sending notice to any email address we have for you, in our (or their) good faith discretion. You agree that notice to you will count as notice to others for whom you are acting, and agree to pass the notice on to them.
- YOUR RIGHTS OVER YOUR PERSONAL DATAIn accordance with ChIPs’ policies and procedures you have the right to review, verify, correct, and request erasure of the Personal Data that we hold about you under certain circumstances. You also have the right to limit, restrict, or object to the processing of your Personal Data under certain circumstances. You may also have the right to request that we transfer your Personal Data to another party to the extent provided for under applicable data privacy laws. For more information on your rights, please see www.ec.europa.eu. If you want to review, verify, correct, or request erasure of your Personal Data; limit, restrict, or object to the processing of your Personal Data; or request a transfer of your Personal Data to another party, please contact us at firstname.lastname@example.org or write to us at ChIPs Network, Inc., ATTN: Data Protection, 660 4th Street, PMB 350, San Francisco, CA 94107. To protect your privacy and security, we also will take reasonable steps to verify your identity before granting access, making corrections, or following such a request to correct or delete your data.
When you contact us, we will respond as soon as possible and where possible within one month. If your request is more complicated, it may take longer to respond to you, but we will respond within two months of your request. There is no charge for most requests, but if you ask us to provide a significant amount of data, for example, we may ask you to pay a reasonable administrative fee. We also may ask you to verify your identity before we provide any information to you.
- COMPLAINTSIf you have any complaints concerning ChIPs’ processing of your Personal Data, please email us at email@example.com or write to us at:
ChIPs Network, Inc.
ATTN: Data Protection
660 4th Street, PMB 350
San Francisco, CA 94107
Please note that you have the right to lodge a complaint with the supervisory authority that is responsible for the protection of Personal Data in the country where you live or work, or in which you think a breach of data protection laws might have taken place. You can learn more about these rights at www.ec.europa.eu.
Customers in the United Kingdom can contact the Information Commissioner’s Office by telephone on 0303 123 1113, or by using the live chat service that is available through the Information Commissioner’s website www.ico.org.uk.
- CONTACT USIf you’d like more information about our privacy practices or want us to delete your personal information, feel free to contact us at firstname.lastname@example.org. ChIPs Network, Inc. 660 4th Street. PMB 350. San Francisco, CA 94107
- INFORMATION WE COLLECT