Privacy

Effective Date: May 2018

Software.org, the BSA Foundation (“Software.org”) believes that addressing data protection, privacy and security requirements is critical. To this end, this Website Privacy & Cookies Statement (“Privacy Statement”) describes how Software.org collects, uses, shares, and otherwise processes individually identifiable data (“Personal Data”) about visitors to this Site (defined below) as well as current and prospective members, government, media and policy contacts, and job applicants. This Privacy Statement applies to Personal Data that we collect through our public websites, mobile applications, and other online properties (each, a “Site”), as well as through events, research, and other offline means, or from third parties.

Here are key points about our Personal Data practices:

  • Collection and Use: As an independent, nonpartisan, and international research organization, we collect name, contact details, and other Personal Data in the context of our education and outreach efforts. We use Personal Data to engage with representatives of the global software industry, policymakers and others to help the public better understand the global software industry and maintain internal operations, process job applications, provide relevant marketing and outreach, and to fulfill other internal purposes.
    See below to learn more.
  • Sharing: We may share Personal Data within Software.org and with other parties to provide Software.org services, to improve the Site, and to comply with applicable law.
    See below to learn more.
  • Security: We maintain reasonable security controls to protect Personal Data from unauthorized access and use as well as to meet the requirements of applicable law, and we require our service providers by contract to do the same.
    See below to learn more.
  • International Transfers: We maintain appropriate protections for cross-border transfers as required by applicable law.
    See below to learn more.
  • Retention and Storage: We keep Personal Data for as long as necessary to provide our Site and services, operate the Software.org organization, and comply with legal obligations.
    See below to learn more.
  • Children: We do not target or knowingly collect any Personal Data from children under the age of 16.
    See below to learn more.
  • Rights: You may request access to your Personal Data and exercise certain rights by contacting us.
    See below to learn more.
  • Choices: You have choices regarding how we use and share your Personal Data for marketing and other purposes.
    See below to learn more.
  • Cookies and Similar Technologies: We use cookies and similar technologies to provide and help maintain our Site, understand and personalize your experience, and display relevant advertising. You have the ability to exercise control over such technologies as they relate to you or your device(s).
    See below to learn more.
  • Links to Other Websites: The Site may include links to third-party websites that are not governed by this Privacy Statement.
    See below to learn more.
  • Changes to this Privacy Statement: We will notify you of any material changes by posting the updated version of this Privacy Statement and taking other steps as needed under applicable law.
    See below to learn more.
  • Contact Us: Please contact us as detailed below with any questions.
    See below to learn more.

1. COLLECTION AND USE

The categories of Personal Data we collect, which may be collected both on the Site and offline, and our uses of Personal Data depend on the context, as described below:

  • Site visitors: We collect the following information from Site visitors, including those who request further information about Software.org and its services, to the extent they provide it to us: name, title, company, job responsibilities, phone number, mailing address, email address, and contact details (collectively, “Contact Data”), as well as information related to requests from Site visitors, including information or newsletter requests, subscriptions, downloads, and username/passwords used to access our Site (if necessary) (collectively, “Registration Data”). In addition to Personal Data provided by Site visitors, we may also collect the following information about the device used to access our Site: computer Internet Protocol (IP) address, unique device identifier (UDID), cookies and other data linked to a device, and data about usage of our Sites, (collectively, “Device Data”). Note, however, we do not consider Device Data to be Personal Data except where we link it to you as an individual or where applicable law provides otherwise. We use this data to facilitate our Site and its services, make our Sites more intuitive and easy to use, respond to inquiries and requests, provide our services, manage accounts, maintain internal operations, maintain our contacts, provide relevant marketing and materials, protect the security of the Site and our systems, address compliance and legal obligations, and interact with Site visitors (collectively, “General Uses”).
  • Current and prospective supporters, policymakers, and media contacts: We may collect the Contact Data, Registration Data and Device Data related to contacts at current and prospective Software.org supporters and about policymakers and media contacts. In addition, we may collect data about participation in trade shows, policy events, and conferences, as well as credentials and associations of such individuals from both online and offline sources, including from the individuals directly. To the extent a transaction or reimbursement is involved, we may also collect necessary information for payments (e.g., credit card information, bank account information, personal identity card information) (“Payment Data”). In addition to the General Uses, we use this data to promote Software.org support, work with existing Software.org supporters, process support, provide access to Software.org resources, host and sponsor events, disseminate materials related to our education and outreach efforts, to advance our education and outreach with such contacts, provide invitations to and facilitate events, and interact with current and prospective supporters, and government, media and policy contacts.
  • Job applicants: We may also collect data provided by job applicants or others on our Sites and/or via offline means in connection with employment opportunities, including Contact Data, Registration Data, Device Data. Information provided by job applicants may include information about applicants’ education, training, diplomas, professional certifications, non-profit experience, employment background, functional experience, leadership experience, honors or awards, and job change data. We may also collect certain background check information, including government identification numbers, criminal background, associated companies, and other information (all to the extent permitted under applicable law) from the individual and from third parties (“Background Check Information”). We use this information to consider individuals for employment and contractor opportunities, address compliance and legal obligations, and manage on-boarding procedures.

We do not use automated decision-making without human intervention, including profiling, in a way that produces legal effects concerning individuals (e.g., not offering an employment opportunity) or that otherwise significantly affects individuals.

Some jurisdictions require an explanation of the legal basis for the collection and processing of Personal Data. We have several different legal grounds on which we collect and process Personal Data, including: (a) as necessary to perform a transaction (such as when we respond to your requests); (b) as necessary to comply with a legal obligation (such as when we use Personal Data for record keeping to substantiate tax liability); (c) consent (where you have provided consent as appropriate under applicable law); and (d) as necessary for legitimate interests (such as when we act to maintain our operations generally).

2. SHARING

We may share Personal Data:

  • Within Software.org. We may share Personal Data with Software.org affiliates worldwide to centralize administration and business management.
  • With Service Providers. We may share Personal Data with unaffiliated third-party service providers to enable such third parties to perform functions on our behalf and under our instruction. The purposes for sharing may be to maintain and provide the Site, or our products and services. For example, we may engage third-party service providers to assist us with Software.org mailing services, regulatory compliance, or logistics. These service providers are not permitted to use Personal Data for their own purposes.
  • As Required by Legal Obligations and Rights. We may share Personal Data in order to comply with any subpoena, court order or other legal process, or other governmental request. We may also share Personal Data to establish or protect our legal rights, property, or safety, or the rights, property, or safety of others, including Software.org supporters, or to defend against legal claims.

We may also share statistical or other information that does not identify individuals personally with third parties.

3. SECURITY

Software.org employs reasonable technical and organizational measures designed to protect Personal Data from loss, misuse, alteration or unintentional destruction. We also require that third-party service providers acting on our behalf also provide such reasonable security measures. However, no security measure can guarantee against compromise. While we take steps designed to protect Personal Data, you also play a role in protecting your Personal Data. You should not share any login information, including passwords, with anyone. If you have any reason to believe that your login information or password have been compromised, please contact us as detailed below.

4. INTERNATIONAL TRANSFERS

We may transfer Personal Data to jurisdictions outside of the individual’s home country as necessary for the purposes described in this Privacy Statement, including to countries that may not provide the same level of data protection as the individual’s home country. We provide appropriate protections for cross-border transfers as required by law for international data transfers, including for Personal Data transferred to third parties. With respect to such transfers from the European Economic Area (“EEA”) to the United States and other non-EEA jurisdictions, we implement standard contractual clauses approved by the European Commission and other approved mechanisms to protect such Personal Data as required by applicable law. As permitted by such laws, individuals may request a copy of the suitable mechanisms we have in place by contacting us as detailed below.

5. RETENTION AND STORAGE

We will retain Personal Data for no longer than the period necessary to fulfil the purposes outlined in this Privacy Statement and as otherwise needed to comply with applicable law and our internal policies.

6. CHILDREN

Software.org does not knowingly collect Personal Data from children under 16 through operation of the Site. If Software.org has actual knowledge that Personal Data about a child under 16 years old has been collected, then Software.org will take the appropriate steps to delete such Personal Data.

7. RIGHTS

As permitted by applicable law, you may have the right to obtain confirmation of the existence of certain Personal Data relating to you, to verify its content, origin and accuracy, as well as the right to access, review, port, delete or to block or withdraw consent to the processing of certain Personal Data (without affecting the lawfulness of processing based on consent before its withdrawal), by contacting us as detailed below. Before acting on any such request, Software.org will need to verify your identity. To the extent Software.org does not have sufficient information about you or is unable to verify your identity, we may not be able to honor your request. Please note that we may need to retain certain Personal Data as required or permitted by applicable law.

8. CHOICES

You have the following choices regarding our use and disclosure of your Personal Data:

  • Marketing Communications. If you no longer wish to receive any marketing communications or remain on a mailing list to which you previously subscribed, please follow the unsubscribe link in the relevant communications or contact us using the link below.
  • Cookies and Similar Technologies. Please review your browser or computer settings for certain cookies and see below to exercise certain choices regarding cookies.

9. COOKIES AND SIMILAR TRACKING TECHNOLOGIES – INTEREST-BASED ADVERTISING

In accordance with applicable law, Software.org uses and allows third parties to use essential and non-essential cookies, web beacons and similar technologies (collectively, “cookies”) on our Site.

What are cookies?

Cookies are small amounts of data that are stored on your browser, device or the page you are viewing. Some cookies are deleted once you close your browser, while other cookies are retained even after you close your browser so that you can be recognized when you return to a website. More information about cookies and how they work is available at www.allaboutcookies.org.

How do we use cookies?
We (including through our service providers) use cookies to provide the Site and services and gather information about your usage patterns when you navigate the Site in order to enhance your personalized experience, and to understand usage patterns to improve our Site, products and services.

We also allow certain third parties to place cookies on our Site in order to collect information about your online activities on our Site over time and across different websites you may visit. This information can be used to provide advertising tailored to your interests on websites you may visit, also known as interest-based advertising, and to analyze the effectiveness of such interest-based advertising.

Cookies on our Site are generally used for the following purposes:

  • Strictly Necessary Cookies: These are required for the operation of our Site. They include, for example, cookies that enable you to log into secure areas. These cookies are session cookies that are erased when you close your browser.
  • Analytical/Performance Cookies: These allow us to recognize and count the number of users of our Site and see how such users navigate through our Site. This helps improve how our Site works, for example, by ensuring that users can find what they are looking for easily. These cookies are session cookies, which are erased when you close your browser.
  • Functional Cookies: These improve the functional performance of our Site and make it easier for you to use. For example, cookies are used to remember that you have previously visited the Site and asked to remain logged into it. These cookies are session cookies, which are erased when you close your browser.
  • Targeting Cookies: These record your visit to our Site, the pages you have visited, and the links you have followed, to recognize you as a previous visitor and to track your activity on the Site and other websites you may visit. These cookies qualify as persistent cookies, because they remain on your device for us to use during the next visit to our Site. You can delete these cookies via your browser settings. We will not collect these cookies from individuals in the EEA without proper consent.

What are your options if you do not want cookies on your computer?

  • You can review your Internet browser settings, typically under the sections “Help” or “Internet Options,” to exercise choices you have for certain Cookies. If you disable or delete certain Cookies in your Internet browser settings, you might not be able to access or use important functions or features of this Sites, and you may be required to re-enter your log-in details.
  • To learn more about the use of cookies for Google analytics and to exercise choice regarding such cookies, please visit https://tools.google.com/dlpage/gaoptout.
  • Adobe also provides an opt-out mechanism to the public for websites using cookies set from Adobe’s 2o7.net and omtrdc.net domains. This opt-out mechanism can be accessed from the Adobe Privacy Center.
  • To learn more about certain cookies used for interest based advertising by third parties, including through cross-device tracking, and to exercise certain choices regarding such cookies, please visit the Digital Advertising Alliance, Network Advertising Initiative, Digital Advertising Alliance-Canada, European Interactive Digital Advertising Alliance or your device settings, if you have the DAA or other mobile app.

Do-Not-Track Signals. We currently do not employ technology that recognizes “do-not-track” signals from your browser.

10. LINKS TO OTHER WEBSITES

The Site may contain links and references to other internet websites administered by Software.org or its affiliates where this Privacy Statement may not apply, as well as unaffiliated third-party websites. When you click a link to visit a third-party website, you will be subject to that website’s privacy practices. We encourage you to familiarize yourself with the privacy and security practices of the linked third-party websites before providing any Personal Data on those websites.

11.CHANGES TO THIS PRIVACY STATEMENT

Software.org may update this Privacy Statement from time to time as our organization’s strategy and focus changes or as required by law. The effective date of our Privacy Statement is posted above, and we encourage individuals to visit our Site periodically to stay informed about Software.org’s privacy practices. We will post the updated version of the Privacy Statement on our Site and ask for consent to the changes if legally required.

12. CONTACTING US

If you have questions or comments regarding this Privacy Statement or Software.org’s privacy practices, please contact us at info@software.org.

You may also have a right to lodge a complaint with a supervisory authority.