- What personally identifiable information is collected from you through the Services, how it is used and with whom it may be shared.
- What choices are available to you regarding the use of your data.
- The security procedures in place to protect the misuse of your information.
- How you can correct any inaccuracies in the information.
Information Collection, Use, and Sharing
We have access to/collect information that you voluntarily provide to us via email, online forms or other direct contact from you, such as your name, email address, home address, telephone number, and credit card information.
We will use your information to deliver the services you have requested, respond to you regarding the reason you contacted us, maintain our records, customize the content and layout of the Services, and to contact you regarding information about the Services, including updates and new services.
As is true of most websites, we also gather certain information automatically and store it in log files based upon usage of our Services. This information includes internet protocol (IP) addresses, browser type, internet service provider (ISP), referring/exit pages, operating system, date/time stamp, and click-stream data. We use this information, which does not identify individual users, to analyze trends, to administer the Services, to track users’ movements around our sites and to gather demographic information about our user base as a whole. We do not link this automatically-collected data to personal information.
We may share your information with third parties outside of our organization as necessary to provide the Services to you and to secure the Services. Identifying and non-identifying user information and data may be disclosed or distributed to a third party with which we enter or reasonably may enter into a corporate transaction, such as, credit card processing. We will disclose information we maintain when required to do so by law or in the good faith belief that such action is necessary to: (a) conform to the edicts of the law or comply with legal process served on us; (b) protect and defend our rights or property; and, (c) act under exigent circumstances to protect the personal safety of our users or the public.
Aggregated demographic information may be shared with our partners and/or affiliates. This is not linked to any personal information that can identify any individual person.
Your Access to and Control Over Information
You can do the following at any time by contacting us via email at firstname.lastname@example.org:
- See what data we have about you, if any.
- Change/correct any data we have about you.
- Have us delete any data we have about you.
- Express any concern you have about our use of your data.
To protect your privacy and security, we may also take reasonable steps to verify your identity before updating or removing your information.
If you are a registered user, you may access certain information associated with your Account by logging into our Services or emailing email@example.com. If you terminate your Account, any public activity on your Account prior to deletion may remain stored on our servers and may remain accessible to the public.
The information you provide us may be archived or stored periodically by us according to backup processes conducted in the ordinary course of business for disaster recovery purposes.
Our Services may contain links to other sites. Please be aware that we are not responsible for the content or privacy practices of such other sites. We encourage our users to be aware when they leave our site and to read the privacy statements of any other site that collects personally identifiable information.
If you are uncomfortable with the idea of your information being used in this way, most computer systems and web browsers offer privacy settings and options, such as disabling cookies or opting for “Do Not Track” features. We do not override these settings or options, and encourage you to use them to enhance your choices and personalize your experiences.
We use physical, electronic, and procedural safeguards to protect your information. Our infrastructure is hosted and managed within WP Engine. WP Engine manages risk and undergoes recurring assessments to comply with industry standards.
Wherever we collect sensitive information (such as credit card data), that information is encrypted and transmitted to us in a secure way. You can verify this by looking for a closed lock icon at the bottom of your web browser, or looking for “https” at the beginning of the address of the web page.
While we use encryption to protect sensitive information transmitted online, we also protect your information offline. Only employees who need the information to perform a specific job (for example, billing or customer service) are granted access to personally identifiable information. The computers/servers in which we store personally identifiable information are kept in a secure environment.
Please be advised that the security and confidentiality of any communication or material transmitted through the Internet or any wireless network, including via the Services, email or text messages, cannot be and is not guaranteed.
Legal Basis for Processing Personal Information
Our legal basis for collecting and using the personal information described above will depend on the personal information concerned and the specific context in which we collect it.
However, we will normally collect personal information from you only (i) where we need the personal information to perform a contract with you; (ii) where the processing is in our legitimate interests and not overridden by your rights; or (iii) where we have your consent to do so. We have a legitimate interest in operating our Services and communicating with you as necessary to provide these Services, for example when responding to your queries, improving our platform, undertaking marketing, or for the purposes of detecting or preventing illegal activities.
In some cases, we may also have a legal obligation to collect personal information from you or may otherwise need the personal information to protect your vital interests or those of another person.
If we ask you to provide personal information to comply with a legal requirement or to perform a contract with you, we will make this clear at the relevant time and advise you whether the provision of your personal information is mandatory or not (as well as of the possible consequences if you do not provide your personal information).
We retain personal information we collect from you where we have an ongoing legitimate business need to do so (for example, to provide you with a service you have requested or to comply with applicable legal, tax, or accounting requirements).
When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymize it or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible.
Your Data Protection Rights Under the General Data Protection Regulation (GDPR)
If you are a resident of the EEA, you have the following data protection rights:
- If you wish to access, correct, update, or request deletion of your personal information, you can do so at any time by emailing firstname.lastname@example.org.
- In addition, you can object to the processing of your personal information, ask us to restrict the processing of your personal information, or request portability of your personal information. Again, you can exercise these rights by emailing email@example.com.
- You have the right to opt-out of marketing communications we send you at any time. You can exercise this right by clicking on the “unsubscribe” link in the marketing emails we send you. To opt-out of other forms of marketing, please contact us by emailing firstname.lastname@example.org.
- Similarly, if we have collected and process your personal information with your consent, then you can withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect the processing of your personal information conducted in reliance on lawful processing grounds other than consent.
- You have the right to complain to a data protection authority about our collection and use of your personal information. For more information, please contact your local data protection authority.
We respond to all requests we receive from individuals wishing to exercise their data protection rights in accordance with applicable data protection laws.
You can use some of the features of the Services without registering, thereby limiting the type of information that we collect.
You may unsubscribe from receiving certain promotional emails from us. If you wish to do so, simply follow the instructions found at the end of the email. Even if you unsubscribe, we may still contact you for informational, transactional, account-related, or similar purposes.
The data controller of your personal information is NumFOCUS, Inc.
May 25, 2018
Science needs open-source software.
Osvaldo Martin, Supporting Member