We at the Center for Institutional Courage are profoundly grateful to Gibson Dunn for its generous pro-bono legal support from our inception. Special thanks to Daniel Angel, Stephanie Kann, Sam Lee, Alex Marcellesi, Lorna McDill, Sara Schlafstein, Eric Sloan, Lisa Zivkovic, and David Wilf.
Privacy Policy.
This website Privacy Policy (this “Privacy Policy”) discloses the privacy practices of the Center for Institutional Courage, Inc. (“Courage,” “we”, “us” or “our”) with respect to our collection and use of Personal Information (defined below), including on our websites such as https://www.institutionalcourage.org and any other media form, media channel, mobile website or mobile application related, linked or otherwise connected thereto (collectively, the “Site”).
PLEASE READ THIS PRIVACY POLICY CAREFULLY. THIS PRIVACY POLICY, ALONG WITH OUR TERMS OF USE, WHICH IS INCORPORATED BY REFERENCE IN ITS ENTIRETY, CONSTITUTE A LEGALLY BINDING AGREEMENT BETWEEN YOU AND COURAGE THAT CONDITIONS YOUR USE OF THE SITE. BY USING, ACCESSING, OR DOWNLOADING A SITE, YOU SIGNIFY YOUR ACCEPTANCE OF THIS PRIVACY POLICY AND THE TERMS OF COURAGE’S TERMS OF USE.
1. What We Collect and How We Use Your Personal Information.
In order to better provide you with services, we may collect, process and store personal information about you.
For the purposes of this Privacy Policy, “Personal Information” means information that identifies, relates to, describes, is reasonably capable of being associated with, or could be reasonably linked, directly or indirectly, with a particular consumer, device or household. It does not include de-identified or aggregate information, or public information lawfully available from governmental records.
When you engage in certain activities on the Site, we may ask you to provide certain information about yourself such as your first and last name, email address, credit card and billing information when you subscribe for our listserv or donate to our organization. It is completely optional for you to engage in these activities; however, we may ask that you provide us personal information (detailed in the chart below). Depending upon the activity, some of the information we ask you to provide are in mandatory fields and some are in voluntary fields. If you do not provide the mandatory data with respect to a particular activity, you will not be able to engage in that activity.
The following chart describes the categories of Personal Information we may have collected about you in the past 12 months and, for each category, where and why we collected it, and the categories of entities with which we shared or sold the Personal Information, if any:
| Category of Personal Information | Sources of Personal Information | Purpose of collection | Categories of entities with whom Personal Information was shared |
|---|---|---|---|
| Address and other identifiers – such as name, postal address, email address, account name, Social Security number, driver’s license number, passport number, or other similar identifiers* | Directly from you; Automatically when you use our Site; and Publicly available sources. | To provide you services; To verify your identity or for other fraud and/or crime prevention; To debug errors in our systems; For our marketing and promotional purposes; and For internal research, analytics, and development. | Professional advisers, including accountancy and legal firms, in order to provide us with advice; Service providers, including to provide and support our data management, analytics, security, and storage systems; and Government authorities or other entities with legal authority to request the information. |
| Unique and online identifiers – such as IP address, device IDs, or other similar identifiers | Directly from you; Automatically when you use our Site; and Through publicly available sources. | To respond to any questions or concerns you have raised; To deal with administrative matters such as audit donations; and For internal research, analytics and development. | Professional advisers, including accountancy and legal firms, in order to provide us with advice; Service providers, including to provide and support our data management, analytics, security, and storage systems; and Government authorities or other entities with legal authority to request the information. |
| Financial information | Directly from you. | To respond to any questions or concerns you have raised; To deal with administrative matters such as to audit donations; To carry out compliance checks and controls; To verify your identity or for other fraud and/or crime prevention; To debug errors in our systems; and For internal research, analytics and development. | Professional advisers, including accountancy and legal firms, in order to provide us with advice; Service providers, including to provide and support our data management, analytics, security, and storage systems; and Government authorities or other entities with legal authority to request the information. |
| Education or other professional information | Directly from you; and Through publicly available sources. | To verify your identity or for other fraud and/or crime prevention; For our marketing and promotional purposes; and For internal research, analytics and development. | Professional advisers, including accountancy and legal firms, in order to provide us with advice; Service providers, including to provide and support our data management, analytics, security, and storage systems; and Government authorities or other entities with legal authority to request the information. |
* These represent the categories listed in the CCPA.
2. How We Share Your Personal Information.
We provide some of our services through contractual arrangements with affiliates, services providers, partners, and other third parties. We and our affiliates, services providers, partners, and other third parties may use your Personal Information to operate our sites and to deliver our services. Third parties with whom we share your Personal Information are bound to comply with similar and equally stringent undertakings of privacy and confidentiality.
Occasionally, we may be required to share your Personal Information with third parties for legitimate business purposes, or to comply with legal obligations. For example, we may share Personal Information when we believe in good faith that an applicable law requires it; at the request of law enforcement, judicial authorities (e.g. upon receipt of a court order or subpoena), appropriate governmental authorities; to detect and protect against fraud, or any technical or security vulnerabilities; to respond to an emergency; or otherwise to protect the rights, property, safety or security of third parties, visitors to our Site, our businesses, or the public.
3. We Do Not Sell Your Personal Information.
We do not disclose and have not disclosed your Personal Information to any other third parties for any purpose other than those described in this Privacy Policy or unless the law requires it.
We, also, will not sell and have not sold within the past 12 months the Personal Information of minors under 16 years of age to non-affiliated third parties without affirmative authorization.
4. Children.
We are committed to protecting the privacy of children. Our Site is not designed or intended to attract children under the age of 13. Our Site does not collect personal information from any person we actually know is under the age of 13. If you are a parent or guardian and you are aware that your child has provided us with Personal Information, please contact us. If we become aware that we have collected Personal Information from children without verification of parental consent, we take steps to remove that information from our servers.
5. Security of Personal Information.
We implement and maintain reasonable security appropriate to the nature of the Personal Information that we collect, use, retain, transfer or otherwise process.
Though we are committed to developing, implementing, maintaining, monitoring and updating a reasonable information security program, unfortunately, no data transmission over the Internet or any wireless network can be guaranteed to be 100% secure. Data security incidents and breaches can occur due to vulnerabilities, criminal exploits or other factors that cannot reasonably be prevented. Accordingly, it cannot be assumed that the occurrence of any given incident or breach results from our failure to implement and maintain reasonable security. To the maximum extent allowed by applicable law, you agree and acknowledge that we shall not be liable or responsible if any information about you is intercepted, accessed, and/or used by an unintended recipient. If you have reason to believe that the security of your communications or Personal Information has been compromised, please notify us immediately at: institutionalcourageoffice@gmail.com.
6. Cookies.
Like many other websites, we use and have used within the past 12 months “cookies” to collect information about your use of the Site when you use the Site in order to facilitate and customize your use of the Site. A “cookie” is a small data text file, which a website stores on your computer’s browser (if your Web browser permits) that can later be retrieved to identify you to us. The cookies make your use of the Site easier, make the Site run more smoothly, and help us to maintain a secure Site. Such cookies can only access Personal Information that you have provided on our Site and cannot be accessed by other sites. These cookies are strictly necessary for the operation of the Site, so you do not have the option to accept or decline them individually.
We also use performance and analytics cookies. These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site for our users and measure the effectiveness of our content. They help us to know which pages are the most and least popular and see how visitors move around the site.
You are always free to decline our cookies if your browser permits, but some parts of the Site may not work properly if you do so. Please note that in a few cases some of our website features may not function if you remove the cookies from your browser.
7. Do-Not-Track Signals.
Certain mechanisms may allow you to send web browser signals, known as “Do Not Track” (“DNT”) signals, indicating your choice to disable tracking on the Site. We do not respond to browser do not track signals at this time. We may not be aware of or able to honor and respond to every such mechanism. More information about “do not track” is available at www.allaboutdnt.org concerning such information.
Third parties, other than our service providers (such as our website analytics provider), do not have our permission to track which websites you visited prior to and after visiting the Site.
8. Notice to California Residents.
The California Consumer Privacy Act (“CCPA”) provides California residents with certain rights regarding their Personal Information. This section explains these rights and how to make a verifiable consumer request to exercise those rights. You may only make a verifiable consumer request for access or data portability from us twice within a 12 month period, free of charge. You also may request a list of the third parties to whom we have disclosed your Personal Information (if any), as well as the type of Personal Information disclosed to those parties. However, we do not share Personal Information with third parties for their own marketing purposes.
Right to know and access your Personal Information collected and disclosed.
We are committed to ensuring that you know what information we collect about you. Subject to certain exceptions, you can submit a request to us for the following information, with respect to Personal Information we have collected about you in the last 12 months:
The categories of or specific pieces of Personal Information we’ve collected about you.
The categories of sources from which we collected the Personal Information.
The business or commercial purposes for which we collected or disclosed the Personal Information.
The third parties with whom we shared the information.
Right to request deletion of your Personal Information.
Upon your request, we will delete the Personal Information we have collected about you, except for situations where specific information is necessary for us to: provide you with a good or service that you requested; perform a contract we entered into with you; maintain the functionality or security of our systems; or comply with or exercise rights provided by the law. The law also permits us to retain specific information for our exclusively internal use, but only in ways that are compatible with the context in which you provided the information to us or that are reasonably aligned with your expectations based on your relationship with us. If we cannot grant your deletion request, we will specify the basis for denial.
Right to non-discrimination.
We will not discriminate against you for exercising any of your rights under the CCPA. In particular, this means that consumers who exercise their rights in accordance with this Privacy Policy will not be denied or charged different prices or rates for goods or services, nor will we offer a different level or quality of goods or services than others.
California Shine the Light.
California Civil Code Section 1798.83, also known as the “Shine The Light” law, permits California residents to annually request, free of charge, information about the Personal Information (if any) disclosed to third parties for direct marketing purposes in the preceding calendar year. We do not share your Personal Information with third parties for their own marketing purposes.
9. How California Residents Can Exercise Their Rights
If you have the rights described above, you may exercise those rights by submitting a verifiable request to us by contacting us using the information outlined below. We will first acknowledge receipt of your request within 10 days after receipt of your request. We will provide a substantive response to your request within 45 days after its receipt. If we require more time (up to 90 days or the permitted time frame in your jurisdiction), we will inform you of the reason and extension period in writing.
Only you or an authorized agent (as described below) may make a verifiable consumer request related to your Personal Information.
A. How to Authorize an Agent.
You may designate an authorized agent to submit your verified consumer request on your behalf, only if the authorized agent has your written permission to do so and you have taken steps to verify your identity directly with us. If you would like to designate an agent for purposes of making a request under the CCPA, your agent must register as such with the California Secretary of State and submit a copy of this registration along with your verified consumer request.
B. How we Verify Your Request.
To respond to your request under the CCPA we must verify your identity or the authority of your authorized agent to make the request. We will only use the Personal Information provided in a verifiable consumer request to verify your identity or the authority of your authorized agent to make the request. Making a verifiable consumer request does not require you to create an account with us.
To allow us to verify your request, please include the following information: name, address, phone number, and email address. We will verify your consumer request by comparing the information you provide to information already in our possession, and take additional steps to minimize the risk of fraud.
10. Privacy Policies of Third-Party Sites
Our Site may, from time to time, contain links to and from websites of our partner’s networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal information to the websites. We do not endorse or make any representations about third-party websites. Any Personal Information you choose to give to unrelated third parties is not covered by this Privacy Policy.
11. Changes.
We reserve the right to revise this Privacy Policy at any time by amending this page and changes will be effective upon being posted unless we advise otherwise. If we make any material changes to this Privacy Policy we will notify you by means of a notice on our Site prior to the change becoming effective. By continuing to use the Site after changes are made to this Privacy Policy, you agree to such changes. We encourage you to check this page from time to time to take notice of any changes we make. If you do not accept the terms of this Privacy Policy, we ask that you exit our Site immediately.
The Privacy Policy published on our Site is kept up to date.
12. Contact and Exercising Your Privacy Rights.
If you have questions on the processing of your Personal Information, would like to exercise any of your rights, or have a complaint, please contact us here: institutionalcourageoffice@gmail.com or +1-650-427-9535.