Last Updated Date: March 21, 2019
Particularly Important Information
Who we are: For the purpose of applicable data protection legislation, the data controller of your personal data is the Minerva Project Inc. of 1145 Market Street. Floor 9, San Francisco, CA 94103.
Must Read Sections: We draw your attention in particular to the sections entitled “International Data Transfer” and “Your Rights.”
Changes to this Policy: We will post any modifications or changes to the Policy on our Site. We reserve the right to modify the Policy at any time, so we encourage you to review it frequently. The “Last Updated” legend above indicates when this Policy was last changed. If we make any material change(s) to the Policy, we will post a notice on our Site prior to such changes(s) taking effect.
1. PURPOSES OF PROCESSING
What is personal data?
We collect information about you in a range of forms, including personal data. As used in this Policy, “personal data” is as defined in the [UK Data Protection Act 1998/the European Data Protection Directive 95/46/EC/General Data Protection Regulation 2018] and any successor legislation, this includes any information which, either alone or in combination with other information we hold about you, identifies you as an individual, including, for example, your name, postal address, email address and telephone number.
Why do we need your personal data?
We will only process your personal data in accordance with applicable data protection and privacy laws. We need certain personal data in order to provide you with access to our Site. [If you created a profile/registered with us, you will have been asked to tick to agree to provide this information in order to view our content]. This consent provides us with the legal basis we require under applicable law to process your data. You maintain the right to withdraw such consent at any time. If you do not agree to our use of your personal data in line with this Policy, please do not use our Site.
2. COLLECTING YOUR PERSONAL DATA
We collect information about you in the following ways:
Information You Give Us. This includes:
[Information from Social Networking Sites. Our Site include(s) interfaces that allow you to connect with social networking sites (each a “SNS”). If you connect to a SNS through our Site, you authorize us to access, use and store the information that you agreed the SNS could provide to us based on your settings on that SNS. We will access, use and store that information in accordance with this Policy. You can revoke our access to the information you provide in this way at any time by amending the appropriate settings from within your account settings on the applicable SNS.]
[Information We Get from Others. We may also get information about you from other sources, for example, if you have agreed to share information with one of our partners or we may add this to information we get from Site.
[Information Automatically Collected. We automatically log information about you and your computer or mobile device when you access our Site, we log your computer or mobile device operating system name and version, manufacturer and model, browser type, browser language, screen resolution, the website you visited before browsing to our Site, pages you viewed, how long you spent on a page, access times and information about your use of and actions on our Site. We collect this information about you using cookies. Please refer to the sections on cookies, Flash Technology and Pixel Tags below.]
Automated Decision Making and Profiling.
[We do not use your personal data for the purposes of automated decision-making. However, we may do so in order to fulfill obligations imposed by law, in which case we will inform you of any such processing and provide you with an opportunity to object.]
What are cookies?
We may collect information using “cookies.” Cookies are small data files stored on the hard drive of your computer or mobile device by a website. We may use both session cookies (which expire once you close your web browser) and persistent cookies (which stay on your computer or mobile device until you delete them) to provide you with a more personal and interactive experience on our Site.
We use two broad categories of cookies: (1) first party cookies, served directly by us to your computer or mobile device, which are used only by us to recognize your computer or mobile device when it revisits our Site; and (2) third party cookies, which are served by service providers on our Site, and can be used by such service providers to recognize your computer or mobile device when it visits other websites.
Cookies we use
Our Site use[s] the following types of cookies for the purposes set out below:
Essential Cookies: These cookies are essential to provide you with services available through our Site and to enable you to use some of its features. [For example, they allow you to log in to secure areas of our Site and help the content of the pages you request load quickly]. Without these cookies, the services that you have asked for cannot be provided, and we only use these cookies to provide you with those services.
Functionality Cookies: These cookies allow our Site to remember choices you make when you use our Site, [such as remembering your language preferences, remembering your login details and remembering the changes you make to other parts of our Site which you can customize]. The purpose of these cookies is to provide you with a more personal experience and to avoid you having to re-enter your preferences every time you visit our Site.
Analytics and Performance Cookies: These cookies are used to collect information about traffic to our Site and how users use our Site. The information gathered does not identify any individual visitor. [It includes the number of visitors to our Site, the websites that referred them to our Site, the pages they visited on our Site, what time of day they visited our Site, whether they have visited our Site before, and other similar information.] [We use this information to help operate our Site more efficiently, to gather broad demographic information and to monitor the level of activity on our Site.]
[We use Google Analytics for this purpose. Google Analytics uses its own cookies. It is only used to improve how our Site works. You can find out more information about Google Analytics cookies here: https://developers.google.com/analytics/resources/concepts/gaConceptsCookies]
[You can find out more about how Google protects your data here: www.google.com/analytics/learn/privacy.html.]
[You can prevent the use of Google Analytics relating to your use of our Site by downloading and installing the browser plugin available via this link: http://tools.google.com/dlpage/gaoptout?hl=en-GB]
Social Media Cookies: [These cookies are used when you share information using a social media sharing button or “like” button on our Site or you link your account or engage with our content on or through a social networking website such as Facebook, Twitter or Google+. The social network will record that you have done this.]
You can typically remove or reject cookies via your browser settings. In order to do this, follow the instructions provided by your browser (usually located within the “settings,” “help” “tools” or “edit” facility). Many browsers are set to accept cookies until you change your settings.
Further information about cookies, including how to see what cookies have been set on your computer or mobile device and how to manage and delete them, visit www.allaboutcookies.org and www.youronlinechoices.com.uk.
If you do not accept our cookies, you may experience some inconvenience in your use of our Site. For example, we may not be able to recognize your computer or mobile device and you may need to log in every time you visit our Site.
4. FLASH TECHNOLOGY
We may also use Flash cookies (which are also known as Flash Local Shared Object (“LSOs”)) on our Site to collect and store information about your use of our Site. Unlike other cookies, Flash cookies cannot be removed or rejected via your browser settings. If you do not want Flash cookies stored on your computer or mobile device, you can adjust the settings of your Flash player to block Flash LSO storage using the tools contained in the Website Storage Settings Panel at https://www.macromedia.com/support/documentation/en/flashplayer/help/settings_manager07.html. You can also control Flash LSOs by going to the Global Storage Settings Panel at https://www.macromedia.com/support/documentation/en/flashplayer/help/settings_manager03.html and following the instructions. Please note that setting the Flash Player to restrict or limit acceptance of Flash LSOs may reduce or impede the functionality of some Flash applications, including, potentially, Flash applications used in connection with our Site.]
7. PIXEL TAGS
We may also use pixel tags (which are also known as web beacons and clear GIFs) on our Site to track the actions of users on our Site. Unlike cookies, which are stored on the hard drive of your computer or mobile device by a website, pixel tags are embedded invisibly on webpages. Pixel tags measure the success of our marketing campaigns and compile statistics about usage of our Site, so that we can manage our content more effectively. The information we collect using pixel tags is not linked to our users’ personal data.]
6. DO NOT TRACK SIGNALS
Some Internet browsers may be configured to send "Do Not Track" signals to the online services that you visit. We currently [do/do not] respond to do not track signals. To find out more about "Do Not Track," please visit http://www.allaboutdnt.com.]
7. USING YOUR PERSONAL DATA
We may use your personal data as follows:
8. SHARING YOUR PERSONAL DATA
We may share your personal data as follows:
9. ANONYMOUS DATA
When we use the term “anonymous data,” we are referring to data and information that does not permit you to be identified or identifiable, either alone or when combined with any other information available to a third party.
We may create anonymous data from the personal data we receive about you and other individuals whose personal data we collect. Anonymous data might include analytics information and information collected by us using cookies. We make personal data into anonymous data by excluding information (such as your name) that makes the data personally identifiable to you. We use this anonymous data to analyses usage patterns in order to make improvements to our Site.
10. THIRD PARTY SITES
Our Site may contain links to third party websites and features. This Policy does not cover the privacy practices of such third parties. These third parties have their own privacy policies and we do not accept any responsibility or liability for their websites, features or policies. Please read their privacy policies before you submit any data to them.
11. USER GENERATED CONTENT
You may share personal data with us when you submit user generated content to our Site. Please note that any information you post or disclose on our Site will become public information, and will be available to other users of our Site and to the general public. We urge you to be very careful when deciding to disclose your personal data, or any other information, on our Site. Such personal data and other information will not be private or confidential once it is published on our Site.
If you provide feedback to us, we may use and disclose such feedback on our Site, provided we do not associate such feedback with your personal data]. [If you have provided your consent to do so, we may post your first and last name along with your feedback on our Site.] [We will collect any information contained in such feedback and will treat the personal data in it in accordance with this Policy.]
12. INTERNATIONAL DATA TRANSFER
Your information, including personal data that we collect from you, may be transferred to, stored at and processed by us [and our affiliates and other third parties] outside the country in which you reside, including, but not limited to the United States, where data protection and privacy regulations may not offer the same level of protection as in other parts of the world. [By using our Site, you agree to this transfer, storing or processing.] We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Policy.
We seek to use reasonable organizational, technical and administrative measures to protect personal data within our organization. Unfortunately, no transmission or storage system can be guaranteed to be completely secure, and transmission of information via the internet is not completely secure. If you have reason to believe that your interaction with us is no longer secure (for example, if you feel that the security of any account you might have with us has been compromised), please immediately notify us of the problem by contacting us using the details in Section 20 below.
We will only retain your personal data [as long reasonably required for you to use the Site ]/[until you close your account/cancel your subscription] unless a longer retention period is required or permitted by law (for example for regulatory purposes).
15. OUR POLICY ON CHILDREN
Our Site is/are not directed to children under 16. [Note: The GDPR defines “children” as those under the age of 16 although it allows individual Member States to set the age at 15, 14 or 13. We are using the highest standard here.] If a parent or guardian becomes aware that his or her child has provided us with information without their consent, he or she should contact us using the details in Section 20 below. We will delete such information from our files as soon as reasonably practicable.
16. SENSITIVE PERSONAL DATA
Subject to the following paragraph, we ask that you not send us, and you not disclose, any sensitive personal data (e.g., social security numbers, information related to racial or ethnic origin, political opinions, religion or other beliefs, health, biometrics or genetic characteristics, criminal background or trade union membership) on or through our Site or otherwise to us.
If you send or disclose any sensitive personal data to us when you submit user generated content to our Site, you consent to our processing and use of such sensitive personal data in accordance with this Policy. If you do not consent to our processing and use of such sensitive personal data, you must not submit such user generated content to our Site.
17. YOUR RIGHTS
If you wish to exercise any of these rights, please contact us using the details in Section 20 below. In your request, please make clear: (i) what personal data is concerned; and (ii) which of the above rights you would like to enforce. For your protection, we may only implement requests with respect to the personal data associated with the particular email address that you use to send us your request, and we may need to verify your identity before implementing your request. We will try to comply with your request as soon as reasonably practicable and in any event, within one month of your request. Please note that we may need to retain certain information for recordkeeping purposes and/or to complete any transactions that you began prior to requesting such change or deletion.
We are committed to resolve any complaints about our collection or use of your personal data. If you would like to make a complaint regarding this Policy or our practices in relation to your personal data, please contact us at: firstname.lastname@example.org. We will reply to your complaint as soon as we can. We hope to resolve any complaint brought to our attention, however if you feel that your complaint has not been adequately resolved, you reserve the right to contact your local data protection supervisory authority, which for the UK, is the Information Commissioner’s Office.
19. CONTACT INFORMATION
We welcome your comments or questions about this Policy. You may contact us in writing at email@example.com or 1145 Market Street, Floor 9, San Francisco, CA 94103
20. EU-U.S. PRIVACY SHIELD
The Minerva Project, Inc. complies with the EU-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal data transferred from the EU to the United States. We have certified to the Department of Commerce that we adhere to the Privacy Shield Principles. If there is any conflict between the terms in this Policy and the Privacy Shield Principles, the Privacy Shield Principles shall take precedence. To learn more about the Privacy Shield program, the Privacy Shield Principles and to view our certification, please visit www.privacyshield.gov.
As described in the Privacy Shield Principles, the Minerva Project, Inc. is accountable for personal data that it receives and subsequently transfers to third parties. If third parties that process personal data on our behalf do so in a manner that does not comply with the Privacy Shield Principles, we are accountable, unless we prove that we are not responsible for the event giving rise to the damage.
In compliance with the Privacy Shield Principles, the Minerva Project, Inc. commits to resolve complaints about our collection or use of your personal data. EU individuals with inquiries or complaints regarding this Policy should first contact us at: firstname.lastname@example.org.
We hope to resolve any complaint brought to our attention; however if you feel that your complaint has not been adequately resolved, you reserve the right to contact the appropriate governmental authority. In California, this is the Bureau of Private Postsecondary Education (www.bppe.cal.gov), in the EU, it is the local data protection supervisory authority, and in the UK, the Information Commissioner's Office.
As further explained in the Privacy Shield Principles, binding arbitration before a Privacy Shield Panel will also be made available to you in order to address residual complaints not resolved by any other means. the Minerva Project, Inc. is subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission.]
21. EMPLOYEE PERSONAL DATA
The Minerva Project, Inc. commits to cooperate with the panel established by the EU data protection authorities (DPAs) and comply with the advice given by the panel with regard to human resources data transferred from the EU in the context of the employment relationship. Please contact us to be directed to the relevant DPA contacts.]