Last modified 1/31/2019
Dispute Resolution Foundation Board, Inc., (“DRBF” or “We”, “us”), respect your privacy and we are committed to protecting your privacy through our compliance with this policy.
This policy describes our practices in connection with information that we collect through our DRBF event mobile application developed by Attendee Hub of Crowd Compass, a subsidiary of Cvent (“Mobile App”), as well as DRBF’s privacy practices in relation to the use of the DRBF website and external marketing activities.
This policy also describes your data protection rights, including a right to object to some of DRBF’s processing. The Policy does not apply to information collected by any third party, including through any third-party application or content that links to or is accessible from our Website or Mobile App.
Are you a Member or Visitor?
This policy applies to the following classification of individuals that interact with DRBF:
- MEMBERS: Customers are patrons, benefactors, sustaining corporates, sustaining professionals, corporate or government entities, professionals, individuals, governments or academic employees, emerging nations, students or emerging nation government or academics that register on our Website for authorized access to use our Website and Mobile App pursuant to an active DRBF agreement, or under a temporary evaluation license, if available. Additionally, Members who use our Mobile App are ones who have pre-registered for our events on our Website.
- VISITORS: Individuals that interact with our Website (for instance, to read about DRBF products and services, download a white paper, or sign up for an online event), and whom we meet at various meetings or learn about through a referral from third parties or other external sources.
What types of personal data do our Members collect?
Our Website is flexible and allows our Members to search our Membership Directory to collect a variety of personal data from and about our members, including name, organization, title, postal address, e-mail address, telephone number, fax number, website address, and other information including but not limited to, experience, profession, sector, county, geographical data, and languages.
If you do not agree with our policies and practices, you may choose not to use our Website or Mobile App.
How do our Members collect personal data?
- When Members voluntarily and explicitly enter personal data into our Website.
- When our Members conduct a search of our Member database on our Website or Mobile App, including having a valid membership that is purchased and validated through our Website and organizational team.
How do our Members use personal data?
If a Member chooses to use our Website or Mobile App to conduct business with another Member, any information provided in connection with that interaction will be transferred to, and under the control of, the Member.
Members can interact with other members and conduct business transactions in any way they see fit, but DRBF cannot and does not take responsibility for the privacy practices of Members.
The information practices of our Members are governed by their privacy policies. We encourage Members to review their Members’ privacy policies to understand their practices and procedures.
Does DRBF use personal data collected by our Members?
DRBF does not use personal data of our Members for any purpose other than to provide services that our Members have contracted us to provide through our Website or Mobile App, as noted below, or as required by law.
We process personal data in the following manner:
- To disclose to our subsidiaries and affiliates for the purpose of providing services to our Members.
- To disclose to contractors, service providers, and other third parties as reasonably necessary or prudent to provide, maintain and support our Website, such as, for example, payment processors and data center or Web hosting providers. DRBF does not share, sell or trade any information with such third parties for promotional purposes.
- To deliver the Website and Mobile App that our Members have contracted us to provide. Some examples include:
- If a Member uses our Website to register for an event, we will use their provided e-mail address to send them information and announcements relating to that event.
- If a Member uses our Website to pay for event registration fees or other products and services using their credit cards, we will pass the credit card information to payment card processors to validate the payment information and complete the transactions.
- To deliver to a third party in the event of a merger, divestiture, restructuring, recapitalization, reorganization, dissolution or other sale or transfer of some or all DRBF’s assets, whether as a continuing operating business or as part of bankruptcy, liquidation or similar proceeding, in which personal data held by DRBF about our Members is among the assets transferred.
- As we believe to be necessary or appropriate:
- Under applicable law, including laws outside your country of residence;
- To respond to requests from public and government authorities including public and government authorities outside your country of residence; and
- To protect against or identify fraudulent transactions.
- For other purposes when Members provide explicit consent.
We aggregate and anonymize information about (i) Members, and (ii) the use of our Website and Mobile App in order to improve our digital products and to create benchmark and other business intelligence products. None of the aggregated and anonymized information contain personal data (i.e., does not identify any individual).
What is the legal basis for DRBF to process personal data from the EEA?
How long does DRBF store personal data collected by our Customers?
Where we process personal data for legitimate business interests described in the section “Does DRBF use personal data collected by our Members”, unless otherwise provided in our membership with our Member, we process the data until 90 days after the termination of the membership, at which time we remove it from our production environment. Within 13 months, we remove the data from our backup media.
How do you access, correct or delete your information?
In various countries, including countries in the EEA, upon their request, Members have the right to access their personal data and, if necessary, have it amended, deleted or restricted. Members can also ask for some types of personal data to be delivered to them, or another organization they nominate, in a structured and machine-readable format.
Where we process your personal data on the basis of your consent, you have the right to withdraw your consent. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal. Members also have the right to complain to a supervisory authority for data protection in the country where they live, or where they work – although we hope that we can assist with any queries or concerns you have about our use of your personal data.
DRBF processes Members data under the direction of our Members and has no direct control or ownership of the personal data we process. Members are responsible for complying with any regulations or laws requiring notice, disclosure or obtaining consent prior to transferring the data to DRBF for processing purposes. Any Members that seek to access, correct or delete data, should direct their query to DRBF. If the Member requests DRBF to remove the personal data of a Member to comply with data protection regulations, DRBF will process this request within 30 days.
We will not accommodate a request to change information if we believe the change would violate any law or legal requirement or cause the information to be incorrect. In such instances, we will inform the Member about the legal obligations that prevent us from fulfilling the request.
Cookies and Web Beacons
- Details of your visits to our Website and Mobile App, such as the date and time you access our Website and Mobile App, length of time you spend on our Website and Mobile App, websites you visited before or after our Website and Mobile App, the resources and content that you access and use on the Website and Mobile App.
- Information about your computer and internet connection, such as your IP Address, computer type, screen resolution, language, Internet browser type and version.
Below are the technologies we use for automatic data collection. We do not use any of these technologies to collect information from Customer Business Contacts for marketing or advertising purposes.
- Session Cookies and Persistent Cookies. A “session” cookie lasts for a single browser session only and is deleted when the user closes the web browser. Session cookies allow website operators to link the actions of a user during a browser session. A “persistent” cookie remains on the user’s device (even while powered off) until it expires or is deleted. A persistent cookie will be reactivated when a user returns to the website which posted the cookie. We use persistent cookies to help customize your web experience when you return to a web page or our website. Neither of these cookies can read or access other cookies or any data from a user’s hard drive. Further, neither of these cookies alone will personally identify a user; however, a cookie will recognize a user’s individual web browser or device through an IP Address, browser version, operating system, and other information, and individuals who log in to their DRBF accounts will be individually identifiable to particular Applications using session cookies.
- Web Beacons. Pages in our Website and Mobile App and our e-mails will contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags, and single-pixel gifs). Web beacons differ from cookies in that the information is not stored on your hard drive, but invisibly embedded on web pages or in an email. Web beacons permit us to track online movements of web users, for example: to count users who have visited those pages or opened an e-mail and for other related website statistics (for example, recording the popularity of certain website content and verifying system and server integrity). This enables DRBF to provide a website experience more tailored to our users’ preferences and interests.
At this time, we do not respond to browser ‘do not track’ signals, as we wait for a uniform standard put forth by regulators or the privacy industry. DRBF earnestly considers an individual’s independent right to determine how their personal data is processed and continues to monitor developments in this area.
You can learn about how you can adjust your browser’s settings to limit or disable cookies and other tracking technologies by visiting the section below titled “Third Party Analytics Providers.”
Third Party Analytics Providers
- You may opt-out of Google Analytics by clicking here.
How does DRBF process data from Visitors?
Visitor Personal Data Collected
Visitor data is processed the same way that Member data collection is processed.
Does DRBF process information of children under the age of 13?
Our Website and Mobile App is not intended for children under 13 years of age. We do not directly solicit or collect personal data from children under 13. If you are under 13, do not
- Use or provide any information on Website and Mobile App or on or through any of its features,
- Register to use our Website and Mobile App,
- Make any purchases through our Website,
- Use any of the interactive or public comment features of our Website and Mobile App or provide any information about yourself to us, including your name, address, telephone number, e-mail address or any screen name or user name you will use.
Where does DRBF transfer the data it processes?
EU-U.S. and Swiss-U.S. Privacy Shield
DRBF is committed to subjecting all personal data received from European Union (EU) member countries and Switzerland, in reliance on the Privacy Shield Frameworks to the Framework’s applicable Principles. To learn more about the Privacy Shield Framework, visit the U.S. Department of Commerce’s Privacy Shield Website.
DRBF is responsible for the processing of personal data it receives, under the Privacy Shield Framework, and subsequently transfers to a third party acting as an agent on its behalf. DRBF complies with the Privacy Shield Principles for all onward transfers of personal data from the EU and Switzerland, including the onward transfer liability provisions.
With respect to personal data received or transferred pursuant to the Privacy Shield Framework, DRBF is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. In certain situations, DRBF may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact us.
Under certain conditions, more fully described on the Privacy Shield website https://www.privacyshield.gov/article?id=How-to-Submit-a-Complaint, you will be entitled to invoke binding arbitration when other dispute resolution procedures have been exhausted.
How does DRBF secure the data it processes?
We use a variety of organizational, technical and administrative measures to protect personal data within our organization. Unfortunately, no data transmission or storage system can be guaranteed to be 100% secure. If you have reason to believe that your interaction with us is no longer secure (for example, if you feel that the security of any account you might have with us has been compromised), please immediately notify us of the problem by contacting us in accordance with the “Contact Information” section below.
How do you contact DRBF or DRBF’s Data Protection Officer?
3440 Toringdon Way, Suite 205
Charlotte, North Carolina 28277