Updated June 15, 2018 to comply with GDPR requirements
The terms of this policy apply to the Company’s website: http://www.ernestbrooksfoundation.org (the “Site”), unless different terms are otherwise specified or provided to you.
Updating Your Personal Information and Privacy Preferences
When you visit this Site, some Personal Information may be collected automatically as part of the Site’s operation. This information may include your IP (Internet Protocol) address, your browser type, access time, the website that referred you to us, and navigational information, such as the pages you view on the Site. We collect information about your use of the Site and our other customers in the aggregate to learn more about how our Site is used by our customers in order to improve our service and our Site.
Additionally, we collect the following types of data from specific users:
Brooks Institute Alumni.
If you are an alumnus of the former Brooks Institute, you may provide us with your name and email address. This data helps us maintain records and any financial transactions (e.g., donations). This data is collected whenever you claim your alumni status and input your information into our website.
If you choose to stay connected with The Ernest Brooks Foundation, you are required to provide your email address. This data helps us maintain records and provide updates on EBF events. This data is collected whenever you input your information into our website.
EBF Event and Seminar Registrant.
For any event or seminar registration that is available on our Site, your name, primary address, phone number, and email address are gathered in order to verify payment, admit prepaid attendees, and contact you in the event of schedule changes or cancellations. This information is collected upon event registration.
Customers That Make Payments.
When purchasing seminar or event passes, your credit card number will be collected and stored only as long as is necessary to complete the transaction. Credit card purchases can be made via the EBF website, fax, or over the phone. If your transaction is processed via our online servers using the EBF website, your credit card data will be encrypted using SSL encryption. Your credit card number, security code, and expiration date will be destroyed as soon as the transaction has been completed.
Personal Information We Collect and Retain from Contributors
In addition to the Personal Information collected from general users of the Site, if you contribute content to us for licensing, you may be asked to provide your Personal Information such as your name, phone number, primary address, and email address. We may verify this information by asking you to upload a scan of a government issued ID (which will be stored securely on our servers) or provide a credit card number.
In order to pay you and to report sales to you, we may ask that you provide certain Personal Information such as payment information, payment method, payment emails, and tax information.
Some of this information is mandatory, and if you choose not to disclose, we may not be able to engage in any activity with you.
How We Use Your Personal Information
If you license content from us, we collect your full name, telephone number, email address and postal address, credit card number, username and password, and other Personal Information to process your orders and complete the license transaction, for license transaction history record keeping purposes, or to receive products or services. Your email address is used to confirm the licensing transaction.
We may contact you using your email or other Personal Information to respond to requests and inform you of special offers services.
We may ask you questions relating to your user preferences in order to better serve you and improve the use of our Site. Providing information regarding your usage and preferences is always voluntary.
We may contact you to administer promotions or sweepstakes you enter and notify you of the results.
We collect Personal Information regarding your use of the Site, your donations, and other account information as part of your history with us.
We may disclose to carefully-chosen third parties navigational and transactional information in the form of anonymous, aggregate usage statistics and demographics, but only in forms that do not reveal your identity or other confidential information.
We may contact you to investigate or take any action regarding illegal activity or any violations of our Terms of Service.
We may disclose Personal Information if required by law (for example, to comply with a subpoena, warrant, court order, or legal process) or when necessary to protect our rights, avoid litigation, protect your safety or the safety of others, investigate fraud, and/or respond to a government request. We may also disclose information about you if we determine that such disclosure should be made for reasons of national security, law enforcement, or other issues of public importance.
Legal Bases & Legitimate Interests for Collection of Personal Information
We rely on a number of legal bases to use your information in the above ways. These legal bases include where: (1) necessary to perform contractual obligations (outlined in our Terms of Service) and in order to provide services to you; (2) you have consented to the processing, which you can revoke at any time; (3) necessary to comply with a legal obligation, a court order, or to exercise or defend legal claims; (4) you have expressly made the information public; (5) necessary in the public interest; and (6) occasionally necessary to protect your vital interests, or those of others.
Where we process your information on the basis of legitimate interests, we do so as follows:
Providing and improving our services.
We may use your information to improve and customize our services, including sharing your Personal Information for such purposes, and we do so as it is necessary to pursue our legitimate interests of improving our services for our users. This is also necessary to enable us to pursue our legitimate interests in understanding how our services are being used, and to explore and unlock ways to develop and grow our business. It is also necessary to allow us to pursue our legitimate interests in improving our services, efficiency, and interest in services for users and obtaining insights into usage patterns of our services.
Keeping our services safe and secure.
We may also use your Personal Information for safety and security purposes, including sharing of your Personal Information for such purposes, and we do so because it is necessary to pursue our legitimate interests in ensuring the security of our services.
Legal and Safety.
We may also retain, preserve, or release your Personal Information to a third party in the following limited circumstances: in response to lawful requests by public authorities, including to meet legitimate national security or law enforcement requirements; to protect, establish, or exercise our legal rights or defend against legal Claims, including to collect a debt; to comply with a subpoena, court order, legal process, or other legal requirement; or when we believe in good faith that such disclosure is reasonably necessary to comply with the law, prevent imminent physical harm or financial loss, or investigate, prevent, or take action regarding illegal activities, suspected fraud, threats to our property, or violations of Company’s Terms of Service. In these cases, our use of your Personal Information may be necessary for the purposes of our or a third party’s legitimate interest in keeping our services secure, preventing harm or crime, enforcing or defending legal rights, or preventing damage. Such use may also be necessary to comply with a legal obligation, a court order, or to exercise or defend legal claims. It may also be necessary in the public interest (such as to prevent crime) or to protect vital interests (in rare cases where we may need to share information to prevent loss of life or personal injury).
If Company receives a lawful, verified request for your Personal Information in one of the limited circumstances described in the previous paragraph, we may disclose Personal Information, which may include, but may not be limited to, your name, address, phone number, and email address.
We also need to engage third-party companies and individuals (such as payment processors, research companies, and analytics and security providers) to help us operate, provide, and market our services. These third parties have only limited access to your Personal Information, may use your Personal Information only to perform these tasks on our behalf, and are obligated to us not to disclose or use your Personal Information for other purposes. Our engagement of service providers is often necessary for us to provide the services to you, particularly where such companies play important roles like processing payments and shipments and helping us keep our service operating and secure.
We will retain your Personal Information for as long as your information is needed to provide you services, your account is active, or as required to fulfill our legal obligations, resolve disputes, and enforce our agreements. If you wish to delete your account or request that we no longer use your information to provide you services or send you updates, contact us at email@example.com. We will respond to your request within 30 days.
If you are a contributor and have submitted model releases with any content, we will retain the releases to comply with our legal obligations, dispute resolutions, licensing transactions, or to enforce our contractual obligations. We will not publicly disclose any Personal Information regarding any model.
When you visit Company’s Site, a text file called a cookie is placed in the browser directory of your computer’s hard drive. A cookie is information that a website can store on your web browser and later retrieve. The information that cookies collect includes the date and time of your visit, your registration information, and your navigational and licensing information. It allows the web browser to recognize the pages you have been to when you are visiting the Site and allows you to quickly return to viewed pages. We may also use “web beacons” that monitor your use of our Site. Web beacons are small strings of code that provide a method for delivering a graphic image on a web page for the purpose of transferring data, such as the IP address of the computer that downloaded the page on which the web beacon appears, the URL (Uniform Resource Locator) of the page on which the web beacon appears, the time the page containing the web beacon was viewed, the types of browser that fetched the web beacon and the identification number of any cookie on the computer previously placed by that server.
When corresponding with you via HTML capable email, web beacons let us know whether you received and opened our email.
You may adjust your browser to reject cookies from us or from any other website. Additionally, by setting your web browser to display HTML emails as text only, you may be able to prevent the use of some web beacons. Please consult the “Help” section of your browser for more information. However, certain areas of our Site can only be accessed in conjunction with cookies or similar devices, and you should be aware that disabling cookies or similar devices might prevent you from accessing some of our content.
If at any time you decide that you do not want to receive marketing emails from us, you will have the option of opting out and/or unsubscribing from our emails and mailing lists by adjusting your personal information preferences as follows: (1) checking or unchecking the appropriate box on your online registration form; and (2) sending an email to firstname.lastname@example.org. If you choose not to receive marketing emails, you may continue to receive transactional emails (e.g., donation confirmations).
Forums and Other Interactive Services
Our website may include discussion forums or other interactive areas or services, including blogs, chat rooms, bulletin boards, message boards, online hosting or storage services, or other areas or services in which you or third parties create, post or store any content, messages, comments, materials, or other items on the Site (“Interactive Areas”). If you use an Interactive Area, you should be aware that these areas are open to the public and any Personal Information you post or provide at registration may be viewable by others. We are not responsible for Personal Information you submit in connection with the Interactive Areas, nor are we responsible for how others might use that information, including to send you unsolicited messages. Interactive Area postings may be retained indefinitely. If at any time you would like to remove a posting, please email us at email@example.com. Keep in mind that removal of a posting from an Interactive Area does not mean that the posting will be deleted from our systems.
Security of Our Data
Whenever you submit an order to Company, you can do so over a secure (i.e., encrypted) connection. This ensures that your Personal Information is not at risk. Additionally, we encrypt your credit card information and store it in a secure location, which can be accessed only by authorized personnel. As no method of transmission over the Internet or method of electronic storage is 100 percent secure, while Company uses commercially reasonable methods to protect your Personal Information, we cannot guarantee that it is absolutely secure. In the unlikely event that an unauthorized third-party compromises Company’s security measures, Company will not be responsible for any damages directly or indirectly caused by an unauthorized third-party’s ability to view, use, or disseminate information.
Reviewing, Updating, or Correcting Your Information
If at any point you wish to access your Personal Information to (1) change your preferences; (2) review the accuracy; or (3) correct, supplement, or modify your information, you may make a written request to firstname.lastname@example.org.
If you are located in the European Economic Area (EEA), you may also have certain additional rights with respect to your Personal Information, such as: (1) data access and portability (including the right to obtain a copy of your personal data you provided to Company); (2) data correction (including the ability to update your Personal Information); (3) data deletion (including the right to have Company delete your Personal Information, except information we are required to retain); and (4) withdrawal of consent or objection to processing (including in limited circumstances, the right to ask Company to stop processing your Personal Information, with some exceptions).
Where you have provided your consent, you have the right to withdraw your consent to our processing of your Personal Information and your use of the Site. You can choose to withdraw your consent to our processing of your information and your use of the Site at any time by closing your account through your account settings and emailing email@example.com to request that your Personal Information be deleted, except for information that we are required to retain. This deletion is permanent, and your account cannot be reinstated.
Links to Third-Party Sites
On some pages, we allow you to share Personal Information with third parties, such as social networks like Facebook. In these instances, you are agreeing to the data being shared and the shared data is subject to the privacy policies of the third parties. We do not control and do not assume any responsibility for the use of Personal Information by such third parties. For more information about the third party’s purpose and scope of their use of Personal Information in connection with sharing features, please visit the privacy policies of such third parties.
Referral Program Emails
If you choose to use our referral service to tell a friend about our Site, we will ask you for your friend’s name and email address. We will automatically send your friend a one-time email inviting him or her to visit the Site. We store this information for the sole purpose of sending this one-time email and tracking the success of our referral program.
Your friend may contact firstname.lastname@example.org to request that we remove this information from our database.
We do not solicit or collect Personal Information from anyone under the age of 18. If you are under 18, do not enter information on this Site or engage our services. If you believe a child under the age of 18 has given his or her Personal Information to us, please contact email@example.com to have the data removed and terminate the child’s account.
International Privacy Laws
Individuals located in certain countries, including the EEA, have certain statutory rights in relation to their Personal Information. Subject to any exemptions provided by law, if you live in this area you have the right to request access to your Personal Information, as well as to seek to update, delete, or correct this information.
You can contact Company by email at firstname.lastname@example.org or by mail at The Ernest Brooks Foundation, P.O. Box 997, Santa Barbara, California 93116.
U.S. Federal Trade Commission Enforcement
Company’s commitments under the Privacy Shield are subject to the investigatory and enforcement powers of the United States Federal Trade Commission.