Effective date: August 24, 2021
For individuals in the European Economic Area (“EEA”), NVF is considered to be the “controller” of your personal data.
This Policy contains the following sections:
- The information we collect
- How we use your information
- Legal bases for use of your information
- Cookies and similar technologies
- How we share and disclose your information
- Security and retention of your information
- Your data rights and choices
- Changes to the Policy
- Contact us
By using the Services, you agree to this Policy and that we may process, transfer, and store your information in the United States.
The information we collect
The information we collect about you depends on how you interact with our Services and the information you choose to provide to us by using the Services. We collect information in three main ways: (1) information you choose to provide to us; (2) information we collect automatically through technology when you use the Services; and (3) information we collect from other sources.
Information you choose to provide to us
When you interact with our Services, you may choose to provide certain information to us, such as your name and email address. For example, we collect information from you when you register for and/or attend our events, participate in our initiatives (including associated account registrations), sign up for a newsletter, fill out an email survey, and otherwise communicate or interact with us.
Information we collect through automated means
We may automatically receive and store certain information about the computers or devices you use to access the Services. We and our vendors may use a variety of technologies, including cookies, to assist in this automatic collection. Please refer to our “Cookies and similar technologies” section below for further information.
Some of the information we automatically collect when you use our Services includes:
- Computer or Device information. We collect technical information associated with the computers or devices you use to access our Services, including information related to your browser and operating system, IP address (the Internet address of your computer/device), unique device identifiers, device type, model, and operating system.
- Usage information. We also collect a variety of information to better understand your use of our Services. This may include the webpage that you were visiting before accessing our Services, the webpages or features of our Services you use, how much time you spend there, date, time and use, and information about your usage preferences.
Information we collect from other sources
We may also receive information about from third parties such as partners, social networks (when you post on our social media pages or message us through a social media platform), and others.
How we use your information
We may use the information we collect from you through the Services for the following purposes:
- To provide the services you have requested;
- To communicate with you, including to send you newsletters and information about our services or your relationship with us;
- To contact you with information or surveys that we believe may be of interest to you;
- To process and respond to your inquiries or to request your feedback;
- To improve our Services, including bug detection and error reporting, to understand how you interact with our Services, improve usability and effectiveness of our Services across different devices, perform research and analytics, and to test and create new features and services;
- For our business operations, including for security, fraud prevention, maintaining your account, and legal compliance, such as detecting security incidents and protecting against malicious, deceptive, fraudulent, or illegal activity; and
- For any other purpose with your consent.
For the purposes discussed in this Policy, we may combine the information that we collect through the Services with information that we receive from other sources, both online and offline, and use such combined information in accordance with this Policy.
We may aggregate and/or de-identify any information collected through the Services so that such information can no longer be linked to you or your computer or device (“Aggregate/De-Identified Information”). We may use Aggregate/De-Identified Information for any purpose, including without limitation for research and marketing purposes, and may also share such data with any third parties in our discretion.
Legal bases for use of your information
The laws in some jurisdictions require companies to tell you about the legal grounds they rely on to use your information. This is called a legal based for using your information. Our legal bases for using your information as described in this Policy are as follows
- Where we have your consent to do so;
- Where use of your information is necessary to perform our obligations under a contract with you (e.g., to comply with our Terms and Conditions);
- Where use of your information is necessary for our legitimate interests or the legitimate interest of others (e.g., to operate our Services; provide security for our Services; prevent fraud; analyze use of and improve our Services; and for similar purposes); and
- Where use of your information is necessary to comply with applicable legal obligations.
Cookies and similar technologies
The term “cookie” is used in this section of the Policy in the broad sense to include all similar techniques and technology, including those listed above.
Here are examples of the types of information that we collect through cookies:
- The number of users visiting the Services, the frequency with which the Services were viewed, the pages viewed, the clicks made on the Services, and the total duration of navigation on the Services;
- The name of the website visited prior to the Services;
- Whether you are visiting our Site for the first time or not;
- Your viewing preferences (e.g., layout, sizing preferences, language, etc.); and
- The type of browser used and your IP address, so that we can identify you during your next visits.
Types of cookies we use
We use first-party and third-party cookies for several reasons:
- First-party cookies: these cookies are created by us. They are, for the most part, used to allow you to browse our Services and use its features. They may also help us to analyze how you use our Services and allow us to improve and personalize our Services.
- Third-party cookies: in addition to cookies that we create, some third-party and affiliated companies may place cookies on your computer or device, access them and associate other technologies, like web beacons or pixels, with them. These cookies enable third-party features or functionalities to be provided on or through the Services. The parties that set these third-party cookies can recognize your computer or device both when it visits our Services and also when it visits certain other websites.
The types of first- and third-party cookies we use on the Service are:
- Strictly necessary cookies: these cookies are strictly necessary to provide you with services available through our Services and cannot be turned off. These cookies allow you to use some of the Service’s features, such as setting your privacy preferences.
- Functional cookies: these cookies allow you to browse our Services or benefit from some of its enhanced features, such as memorizing language preferences. Similar to strictly necessary cookies, if these cookies are disabled, it could impact your experience to use some Services functionality, such as your desired preferences.
- Analytics cookies: these cookies allow us or our third-party analytics providers to collect information and statistics on the use of the Services by you and other visitors. Thanks to this information, we are able to improve the features offered and the interface design of our Services.
- Social media cookies: these cookies are used when information is shared through a social media sharing button or “like” button on our Services, or when you engage with our content on or through social networking sites including, but not limited to Facebook, Twitter, or LinkedIn.
Duration of cookies
Except for strictly necessary cookies, all cookies used on the Services will expire after a maximum of 365 days.
If you want to refuse or otherwise manage cookies placed on our device, please refer to the following instructions:
- All cookies: most web browsers automatically accept cookies, but you may set your browser to block certain cookies. The best way to do this is to consult the instructions for your particular browser. Please note that if you decide to block all cookies, this may interfere with your ability to perform certain transactions, use certain functionality, and access certain content on the Services.
- Analytics cookies: to disable analytics cookies managed by our third-party analytics partners, either use the disablement mechanisms discussed immediately above, or use the analytics opt-out mechanism maintained by our analytics providers. To prevent Google Analytics from using your information for analytics, you may install the Google Analytics Opt-out Browser Add-on by clicking here.
Notice concerning Do Not Track
Do Not Track (“DNT”) is a privacy preference that users can set in certain web browsers. We are committed to providing you with meaningful choices about the information collected on our Services, and that is why we provide the variety of opt-out mechanisms listed immediately above. However, we do not currently recognize or respond to browser-initiated DNT signals. To learn more about Do Not Track, you can do so here.
How we share and disclose your information
We may share your information in the following ways:
We may share information with affiliates and subsidiaries for purposes consistent with this Policy.
We use select third-party vendors to help us provide our Services and we may provide access to or share your information with these vendors to help us provide our Services. These vendors provide a variety of services to us, including marketing, data storage, security, fraud prevention, research, and legal services. These service providers are permitted to access and use your information for purposes of performing services for us or to comply with applicable legal requirements.
We may share information with certain third-party partners for joint-marketing purposes, such as to provide you with information about joint initiatives and opportunities.
Protection of data.org and others
We may disclose the information we collect about you if required to do so by law or in a good faith belief that such disclosure is reasonably necessary to: (a) comply with legal process (for example, a subpoena or court order); (b) enforce our terms of service, this Policy, or other contracts with you, including investigation of potential violations; (c) respond to claims that any content violates the rights of third parties; or (d) protect the rights, property, or personal safety of data.org or others.
In the event another organization combines with or takes over management of our services, we may provide that organization with information collected from the Site.
Security and retention of your information
We implement a variety of security safeguards designed to protect your information. These safeguards may vary based on the sensitivity of the information that we collect. However, no method or transmission over the internet or electronic system is completely secure, so there is no guarantee that such data may not be accessed, disclosed, altered, or destroyed in connection with a breach of our physical, technical, organizational, or managerial safeguards.
We retain information for different periods of time depending on the purposes for which we collect and use it, as described in this Policy. We will delete or de-identify information when it is no longer needed to fulfill these purposes unless a longer retention period is required to comply with applicable laws. There may be technical or other operational reasons where we are unable to fully delete or de-identify your information. Where this is the case, we will take reasonable measures to prevent further processing your information.
Your data rights and choices
Your consent to our use of your information is very important to us. You may instruct us not to use your information to contact you by email, postal mail, or phone regarding updates, the Services, events, and other information by contacting us using the information below. Please note that, regardless of your request, we may still use and share certain information as permitted by this Policy or as required by applicable law. For example, you may not opt out of certain operational emails, such as those reflecting our relationship with you.
Additional information for international residents
We provide you with the ability to exercise certain controls and choices regarding our collection, use, and sharing of your information. Your legal rights to exercise such controls and choices vary based on the laws of your jurisdiction.
Individuals in the European Union, the UK, and Switzerland have certain additional legal rights to do the following with certain information we handle:
- Access to, or a copy of, your information
- Correction or amendment of your information
- Deletion of your information
- Transfer of your information to a third party
- Restriction or objection to certain uses of your information
If you have provided consent for us to use your information for a specific purpose, you may also request to withdraw that consent.
We may ask you to provide us with information necessary to reasonably verify your identity before responding to your request. We will consider all requests and provide our response within the time period required by applicable law. Please note, however, that certain information may be exempt from such requests.
If you have any concerns or complaints about our data processing activities, we urge you to first try to resolve such issues directly with us. However, if applicable, you may make a complaint to the data protection supervisory authority in the country where you are based, or seek a remedy through local courts if you believe your rights have been breached.
Additional information for California residents
California’s “Shine the Light” law gives California residents the right under certain circumstances to request information from us regarding the manner in which we share certain categories of “personal information” (as defined in the Shine the Light law) with third parties for their direct marketing purposes. We do not share your “personal information” with third parties for their own direct marketing purposes.
Changes to this Policy
From time to time we may change or update this Policy to reflect changes in the law, our data collection and use practices, the features of our Services, or advances in technology. You should review the Policy periodically, and you can know if the Policy has changed since the last time you reviewed it by checking the “Effective date” at the beginning of the document.
By continuing to use the Services, you are confirming that you have read and understood the latest version of this Policy. If we make material changes to the Policy, we will provide notice to provide you the opportunity to review the changes before they become effective, in accordance with applicable legal requirements.
If you wish to contact us or have any questions about or complaints in relation to this Policy, please contact us or 1201 Connecticut Ave. NW, Suite 300, Washington, DC 20036.