Last Updated: January 31, 2020
Please note that EDRM does not operate the websites at Office 365, Zoom, BrightTALK, Matter Most and Slack.
1. Our Principles
EDRM has designed this policy to be consistent with the following principles:
2. Information We Collect
We collect information in multiple ways, including when you provide information directly to us; when we passively collect information from you, such as from your browser or device; and from third parties.
Information You Provide Directly to Us
We will collect any information you provide to us. We may collect information from you in a variety of ways, such as when you: (a) create an online account, (b) apply to participate an EDRM project, (c) vouch for someone’s application to a project team, (d) make a purchase, (e) select an EDRM license or tool, (f) register for an event, (g) apply for a scholarship, hardship, mentorship, (h) contact us or provide feedback, (i) give your address to a survey distributed by EDRM, (j) upload your creative work or images, (k) subscribe to our newsletter or blog, or (l) apply for a job at EDRM. This information may include but is not limited to your name, email address, phone number, mailing address, payment information, photo, geographic location, and your social media handles. We may also collect additional demographic and other information about you in connection with our conferences and events (e.g., dietary and other preferences), and the provision of this information to us by you is optional.
Information that Is Automatically Collected
We may automatically collect certain information about the computer or devices (including mobile devices or tablets) you use to access the Services. As described further below, we may collect and analyze (a) device information such as IP addresses, location information (by country and city), unique device identifiers, IMEI and TCP/IP address, browser types, browser language, operating system, mobile device carrier information, and (b) information related to the ways in which you interact with the Services, such as referring and exit web pages and URLs, platform type, the number of clicks, domain names, landing pages, pages and content viewed and the order of those pages, statistical information about the use of the Services, the amount of time spent on particular pages, the date and time you used the Services, the frequency of your use of the Services, error logs, and other similar information. As described further below, we may use third-party analytics providers and technologies, including cookies and similar tools, to assist in collecting this information.
Cookies and Other Tracking Technologies
We also collect data about your use of the Services through the use of Internet server logs and online tracking technologies, like cookies and/or tracking pixels. A web server log is a file where website activity is stored. A cookie is a small text file that is placed on your computer when you visit a website, that enables us to: (a) recognize your computer; (b) store your preferences and settings; (c) understand the web pages of the Services you have visited and the referral sites that have led you to our Services; (d) enhance your user experience by delivering content specific to your inferred interests; (e) perform searches and analytics; and (f) assist with security administrative functions. Tracking pixels (sometimes referred to as web beacons or clear GIFs) are tiny electronic tags with a unique identifier embedded in websites, online ads and/or email, and that are designed to provide usage information like ad impressions or clicks, measure popularity of the Services and associated advertising, and to access user cookies. We may also use tracking technologies in our license buttons and/or icons that you can embed on other sites/services to track the website addresses where they are embedded, gauge user interaction with them, and determine the number of unique viewers of them. If you receive email from us (such as the EDRM newsletter, campaign updates, or other ongoing email communications from EDRM), we may use certain analytics tools, such as clear GIFs, to capture data such as whether you open our message, click on any links or banners our email contains, or otherwise interact with what we send. This data allows us to gauge the effectiveness of our communications and marketing campaigns. As we adopt additional technologies, we may also gather additional information through other methods.
Please note that you can change your settings to notify you when a cookie is being set or updated, or to block cookies altogether. Please consult the “Help” section of your browser for more information (e.g., Internet Explorer; Google Chrome; Mozilla Firefox; or Apple Safari). Please note that by blocking any or all cookies, you may not have access to certain features or offerings of the Services.
Information from Third Parties
We may also collect information about you or others through third parties. For example, if you apply for EDRM project participation or mentorship, we may collect information from the references or vouchers you identified in your application. To the extent permitted by law, we may also collect information from third parties, including public sources, social media platforms, and marketing and market research firms. Depending on the source, this information collected from third parties could include name, contact information, demographic information, information about an individual’s employer, information to verify identity or trustworthiness, and information for other fraud or safety protection purposes.
3. How We Use Your Information
We may use the information we collect from and about you to:
We may aggregate and/or de-identify information collected through the Services. We may use de-identified and/or aggregated data for any purpose, including without limitation for research and marketing purposes.
4. When We Disclose Your Information
We may disclose and/or share your information under the following circumstances:
For example, when you apply for a scholarship, grant, or to be selected to participate in one of our projects or other programs, EDRM may share that information with the individuals designated to select participants in, and help manage, those programs, which may include people not employed by EDRM.
Or, when you register for an event, we may share your information with vendors, third party contractors, partner organizations, and volunteers for the purpose of organizing and running the event and related activities.
o In connection with you EDRM project application, we may provide your information to the individuals you’ve selected to vouch for you, and with those reviewing your application, including the Advisory Council and Project Trustee Leadership Team whose members include people not employed by EDRM and who are located in various countries around the world.
o If you vouch for someone’s application to an EDRM project team or Advisory Council, your information will be shared with those reviewing the application, including the Advisory Council, and if you provide a positive vouching statement, that statement will be shared with the applicant if and when they are admitted for membership.
o Once you are a EDRM project participant, we may include you in a list or provide you with a public profile page, editable by you, and pre-populated with certain information you provided in your application such as your name, areas of interest, images or other content you upload, which will be publicly displayed to anyone who visits the site. Other information contained in your profile such as your biographical information, email address, languages spoken, country of residence, social media account information, or URL details may be displayed to other EDRM project participants. These items and pages are in development and will be voluntary.
5. Legal Basis for Processing Personal Data
The laws in some jurisdictions require companies to tell you about the legal ground they rely on to use or disclose information that can be directly linked to or used to identify you. To the extent those laws apply, our legal grounds for processing such information are as follows:
We may also process information for the same legitimate interests of our users and business partners.
6. Online Analytics
We may use third-party web analytics services (such as Google Analytics) on our Services to collect and analyze the information discussed above, and to engage in auditing, research, or reporting. The information (including your IP address) collected by various analytics technologies described in the “Cookies and Other Tracking Technologies” section above will be disclosed to or collected directly by these service providers, who use the information to evaluate your use of the Services, including by noting the third-party website from which you arrive to our Site, analyzing usage trends, assisting with fraud prevention, and providing certain features to you. To prevent Google Analytics from using your information for analytics, you may install the Google Analytics Opt-out Browser Add-on by clicking here.
7. Your Choices and Data Subject Rights
You have various rights with respect to the collection and use of your information through the Services. Those choices are as follows:
8. International Transfers
Our computer systems are currently based in the United States and and the majority of our contractors are based in the United States, the EU or Canada. As described above in the “When We Disclose Your Information” section, we may share your information with trusted service providers or business partners in countries other than your country of residence, including the United States, in accordance with applicable law. This means that some of your information may be processed in the United States, which may not offer the same level of protection as the privacy laws of your jurisdiction. By providing us with your information, you acknowledge any such transfer, storage or use.
9. Security Measures
We have implemented technical, physical, and organizational security measures to protect against the loss, misuse, and/or alteration of your information. These safeguards vary based on the sensitivity of the information that we collect and store. However, we cannot and do not guarantee that these measures will prevent every unauthorized attempt to access, use, or disclose your information since despite our efforts, no Internet and/or other electronic transmissions can be completely secure.
The Services are intended for users over the age of 18 and are not directed at children under the age of 13. If we become aware that we have collected personal information (as defined by the Children’s Online Privacy Protection Act) from children under the age of 13, or personal data (as defined by the EU GDPR) from children under the age of 16, we will take reasonable steps to delete it as soon as practicable.
11. Data Retention
12. Third-Party Links and Services
15. Attribution and thanks