Skip to content

numfocus/privacy-policy

Repository files navigation

Privacy Policy

This privacy policy discloses the privacy practices of NumFOCUS Inc. P.O. Box 90596, Austin, Texas, 78709 (“Provider”, “NumFOCUS”, “we”, “us”, “our”) for https://www.numfocus.org/ and any other website operated by NumFOCUS Inc. including event and project sites, educational platforms, and all related technologies, software, and services provided by Provider (collectively, the “Services”), including: (i) information you provide through your user account on the Services (your “Account”) if you register for the Services; (ii) your use of the Services; and (iii) from third-party websites, services, and partners. This privacy policy applies solely to information collected by the Services. It will notify you of the following:

  • What personal data is collected from you through the Services, how it is used and with whom it may be shared
  • What choices are available to you regarding the use of your personal data
  • The security procedures in place to protect the misuse of your personal data
  • How you can correct any inaccuracies in your personal data

If you have any questions about this Privacy Policy or NumFOCUS’s data collection, use, and disclosure practices, please contact us at [email protected].

This privacy policy also applies to services provided by NumFOCUS in connection with events organized or sponsored by NumFOCUS and related data processing activities. In this respect, NumFOCUS can collect personal data of the attendees in order to process the participation agreement and/or to organize certain discussion forums and/or lectures.

Information Collection, Use, and Sharing

We have access to/collect information that you voluntarily provide to us via email, online forms or other direct contacts from you, such as your name, email address, home address, telephone number, and credit card information. We will use your information to deliver the services you have requested, respond to you regarding the reason you contacted us, maintain our records, customize the content and layout of the Services, and to contact you regarding information about the Services, including updates and, with your consent, new services.

As is true of most websites, we also gather certain information automatically and store it in log files based upon usage of our Services. This information includes internet protocol (IP) addresses, browser type, internet service provider (ISP), referring/exit pages, operating system, date/time stamp, and click-stream data. We use this information, which does not identify individual users, to analyze trends, to administer the Services, to track users’ movements around our sites and to gather demographic information about our user base as a whole. We do not link this automatically-collected data to personal data. For detailed information on our use of cookies, see the Cookies section below.

With your consent you can subscribe to our newsletter, with which we provide you with news concerning the current activities of our organization and community. We use the so-called double-opt-in procedure to subscribe to our newsletter. This means that after your registration, we will send you an email to the email address provided, in which we ask you to confirm that you wish to receive the newsletter. If you do not confirm your registration within 24 hours, your information will be blocked and automatically deleted after one month. In addition, we store your IP address and the time of registration and confirmation. The purpose of this procedure is to be able to prove your registration and, if necessary, to clarify any possible misuse of your personal data. Your email address is the only mandatory information for sending the newsletter. The provision of further, separately marked data is voluntary and is used to address you personally. After your confirmation we will save your email address for the purpose of sending you the newsletter. You may revoke your consent to receive the newsletter at any time and unsubscribe from the newsletter. You can revoke your consent by clicking on the link provided in each newsletter email, or by email to [email protected].

We may share your personal data with third parties outside of our organization as necessary to provide the Services to you and to secure the Services. Identifying and non-identifying user information and data may be disclosed or distributed to a third party with which we enter or reasonably may enter into a corporate transaction, such as credit card processing.

We transmit your personal data to the third parties named below in order to provide the Services to you and to secure the Services. To the best of our knowledge, your personal data will be processed and stored in the United States, insofar as the named parties are based in the United States. Your data may be processed and stored in another country if the parties named below use non-U.S. facilities for data storage and processing.

We will disclose the information we maintain when required to do so by law or in the good faith belief that such action is necessary to: (a) conform to the edicts of the law or comply with legal process served on us; (b) protect and defend our rights or property; and, (c) act under exigent circumstances to protect the personal safety of our users or the public. Where required, we have concluded a controller-processor agreement with these third parties as listed above.

Aggregated demographic information may be shared with our partners and/or affiliates. This is not linked to any personal information that can identify any individual person.

If we transfer personal information from the European Economic Area (EEA) to territories outside the EEA, the transfer will only take place if the relevant third country has been confirmed by the EU Commission as having an adequate level of data protection (Art. 45 (1) GDPR) or if other appropriate data protection guarantees within the meaning of Art. 47 GDPR (e.g. binding internal company data protection regulations pursuant to Art. 46 (2) b), Art. 47 GDPR, standard data protection clauses issued by the EU Commission pursuant to Art. 46 (2) c) GDPR) are in place.

Links

Our Services may contain links to other sites. Please be aware that we are not responsible for the content or privacy practices of such other sites. We encourage our users to be aware when they leave our site and to read the privacy statements of any other site that collects personally identifiable information.

Cookies

The Services use cookies and other similar technologies, in accordance with industry standards. A cookie is a piece of data stored on a site visitor’s hard drive to help us improve your access to the Services and identify repeat visitors to the Services. For instance, when we use a cookie to identify you, you would not have to enter a password more than once, thereby saving time. Cookies can also enable us to track and target the interests of our users to enhance the user experience. We store information that we collect through cookies, log files, and/or clear gifs to record your preferences. We may also automatically collect information about your use of features of the Services, about the functionality of the Services, frequency of visits, and other information related to your interactions with the Services. We may track your use across different websites and services.

In some countries, including countries in the European Economic Area (“EEA”), the information referenced above in this paragraph may be considered personal information under applicable data protection laws. Usage of a cookie is in no way linked to any personally identifiable information on our sites.

As stated above in the section on Information Collection, Use, and Sharing, we use this information, which does not identify individual users, to analyze trends, to administer the Services, to track users’ movements around our sites and to gather demographic information about our user base as a whole.

We use analytics providers such as Google Analytics. Google Analytics uses cookies to collect non-identifying information. Google provides some additional privacy options regarding its Analytics cookies at http://www.google.com/policies/privacy/partners/.

If you are uncomfortable with the idea of your information being used in this way, most computer systems and web browsers offer privacy settings and options, such as disabling cookies or opting for “Do Not Track” features. We do not override these settings or options and encourage you to use them to enhance your choices and personalize your experiences. You can also install the free Google Analytics Opt-out Browser Add-on that you can download here: https://tools.google.com/dlpage/gaoptout/?hl=en. Many browsers have an option for disabling cookies, which may prevent your browser from accepting new cookies or enable selective use of cookies.

Security

We use physical, electronic, and procedural safeguards to protect your information. Our infrastructure is hosted and managed within WP Engine. WP Engine manages risk and undergoes recurring assessments to comply with industry standards. Wherever we collect financially sensitive information (such as credit card data), that information is encrypted and transmitted to us in a secure way. You can verify this by looking for a closed lock icon at the bottom of your web browser, or looking for “https” at the beginning of the address of the web page.

We also protect your personal data offline. Only employees or NumFOCUS representatives who need the information to perform a specific job (for example, billing or customer service) are granted access to personal data. The computers/servers in which we store personal data are kept in a secure environment.

Please be advised that the security and confidentiality of any communication or material transmitted through the Internet or any wireless network, including via the Services, email, or text messages, cannot be and is not guaranteed.

Legal Basis for Processing Personal Information

We process your data only in accordance with the relevant legal provisions and only if an applicable legal provision (in particular from the EU-GDPR where relevant) permits this. Should we wish to process your data for purposes other than those originally collected, we will ensure that we have a sufficient legal basis for this. In particular, we will base the processing of your data on the following legal bases, among others. Please note that these examples are only intended to make the legal bases more transparent and are not an exhaustive list.

Consent (Art. 6 para. 1 sentence 1 lit. a), Art. 7 GDPR: We will only process certain data if you have given us your express and voluntary consent beforehand. You have the right to revoke your consent at any time with effect for the future.

Fulfillment of a contract / pre-contractual measures (Art. 6 para. 1 sentence 1 lit. b) GDPR): In the course of the fulfillment or initiation of your purchase contract or any other contract with us, we have to process certain data.

Fulfillment of a legal obligation (Art. 6 para. 1 p. 1 lit. c) GDPR): We must process some of your data in order to fulfill legal obligations to which we are subject.

Protection of legitimate interests (Art. 6 para. 1 sentence 1 lit. f) GDPR): We also process some of your data in order to protect the legitimate interests of ourselves or third parties, but only if your interests do not outweigh our own in individual cases.

Data Retention

Your data will be stored (in accordance with Art. 17 GDPR) for as long as we are legally obliged to do so, or we need your data for the purposes mentioned above. Your data will then be deleted in order to comply with the principle of data minimization.

For example, after complete processing of a contract, your data will be blocked for further use and deleted after the expiry of statutory retention periods, unless you have expressly consented to further use of your data or we reserve the right to use your data for other purposes which are permitted by law and about which we inform you.

Your Data Protection Rights Under the General Data Protection Regulation (GDPR)

You can do the following at any time, for example by contacting us via email at [email protected]:

  • Request to see what data we have about you, if any.
  • Request changes/corrections to any data we have about you.
  • Request that we delete any data we have about you.
  • Express any concern you have about our use of your data.

To protect your privacy and security, we may also take reasonable steps to verify your identity before updating or removing your information.

If you are a registered user, you may access certain information associated with your Account by logging into our Services or emailing [email protected]. If you terminate your Account, any public activity on your Account prior to deletion may remain stored on our servers and may remain accessible to the public.

If you are a resident of the EEA, you have the following data protection rights:

  • If you wish to access, correct, update, or request the deletion of your personal data, you can do so at any time, for example by emailing [email protected]. Such requests may or may not be honored, depending upon the specific circumstances of the request, as enumerated in the Art. 15 GDPR (Right of access by the data subject), Art. 16 GDPR (Right to rectification), or Art. 17 GDPR (Right to erasure (‘right to be forgotten’)).
  • In addition, you can object to the processing of your personal information, ask us to restrict the processing of your personal information or request portability of your personal information. Again, you can exercise these rights for example by emailing [email protected]. Such requests may or may not be honored, depending upon the specific circumstances of the request, as enumerated in the Art. 18 GDPR (Right to restriction of processing).
  • You have the right to opt-out of marketing communications we send you at any time. You can exercise this right by clicking on the “unsubscribe” link in the marketing emails we send you or by emailing [email protected].
  • Similarly, if we have collected and processed your personal information with your consent, then you can withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect the processing of your personal information conducted in reliance on lawful processing grounds other than consent.
  • You have the right to complain to a data protection authority about our collection and use of your personal information (Art. 77 GDPR: Right to lodge a complaint with a supervisory authority). For more information, please contact your local data protection authority.

We respond to all requests we receive from individuals wishing to exercise their data protection rights in accordance with applicable data protection laws.

Your Choices

You can use some of the features of the Services without registering, thereby limiting the type of information that we collect.

You may unsubscribe from receiving certain promotional emails from us. If you wish to do so, simply follow the instructions found at the end of the email. Even if you unsubscribe, we may still contact you for informational, transactional, account-related, or similar purposes.

Updates

Our Privacy Policy may change from time to time and all updates will be posted on this page.

If you have any questions or concerns about this privacy policy, please contact us via email at [email protected].

The data controller of your personal information is:

NumFOCUS, Inc.
P.O. Box 90596
Austin, TX, USA 78709
[email protected]
+1 (512) 831-2870

For the purposes of GDPR, our NumFOCUS representative in the EU is Sylvain Corlay, member of the NumFOCUS Board of Directors, [email protected] (France).

EFFECTIVE DATE: December 13, 2017 UPDATED: June 23, 2020