Last updated: April 30, 2020
PrivacySafe staff and Commons volunteers uphold strict internal policies against unauthorized disclosure or use of personal information. We will never share your information with parties outside our organization unless we have explicitly made you aware that we will before you give it to us. We use services for payment processing, which requires sharing the transaction information over a secure connection, under legal agreement that appropriately controls its use and retention. We may establish similar arrangements with other service providers, but always use privacy and security as key criteria when selecting them, and do not share any more data than is required for those providers to perform their duties.
High-level traffic statistics are collected through our website through the privacy-oriented Fathom Analytics. We do not share information resulting from the use of our products and services unless we have a legally valid reason to do.
By using this website and participating in the Commons, you agree to be respectful toward all speakers and to refrain from discourteous conduct. PrivacySafe staff reserve the right to restrict the participation of registrants who act inappropriately or in an unreasonable manner at any time and for any reason. This misconduct is defined broadly to include (but is not limited to) harassment, spamming, commercial solicitation, vulgar or obscene language, illegal activity, and defamatory statements. No refund of donations or registrant fees will be given to registrants who violate this policy.
- All information related to donations and member logins is handled through a secure connection.
- PrivacySafe does not store complete credit card numbers on our servers.
When you voluntarily provide us with personal information such as name, billing address, and credit card number when registering online, we use the information to fulfill your order. We may forward the information collected to Stripe, a payment processor, or its associated merchant bank for the sole purpose of verifying the information and to submit payment for the donation or services provided. Information about Stripe GDPR compliance can be found here.
Donations & Purchases
Contact information is requested at the time of a donation and/or purchase. This information is used to verify the initial credit card transaction. Customer/donor lists are not sold or distributed to third parties without your consent. PrivacySafe may use these lists to send notifications, updates, and summaries pertaining to the Commons. Customers/donors can opt out of all contact during the checkout process and by emailing firstname.lastname@example.org.
Information collected via e-mail may be retained at our discretion in readable form for as long as necessary to complete our responsibilities to you. The e-mail itself may be retained in an archival form, but not for longer than is necessary to facilitate the Commons or as required under applicable law (in the event of a legal dispute). At no time is the information provided in email form distributed or sold for any reason.
Statement Regarding Third Party or Ancillary Services
Functions of BigBlueButton, Matrix, or other services may appear on our website, email communication, or related applications to promote the Commons, its speakers, and ideas. Though we go to great extent to facilitate a private and secure communication environment, please be aware that any information you submit, requests you make, or comments you provide may only rise to the level of confidentiality you should expect in a public environment. Participants in the Commons may have their attendance, likeness, and speech recorded for promotion and event archives.
BigBlueButton is used for Commons videoconferencing and is hosted by Kitchener-Waterloo Linux User Group (KWLUG) in Canada. Usage of cookies is required for BigBlueButton services to function.
California Consumer Privacy Act
It our position that the California Consumer Privacy Act (“CCPA”) does not apply to this Commons, as we neither sell personal information nor meet the minimum revenue thresholds specified in the Act. That being said, if you are a California resident concerned about privacy, feel free to send any requests regarding your information to email@example.com.
General Data Protection Regulation
We have the right to process personal data of EU residents (i) due to their provided consent to us as part of the Commons; or (ii) in order to conclude an agreement with them and to fulfill it. The legal basis for the processing of personal data is Article 6 (1) (a)-(b) of the General Data Protection Regulation. EU residents under the age of 16 should not submit their personal data for subscribing to our email solicitations and we will delete any such data if we become aware of it. The personal data recipients may be data processors who provide ancillary services to us. We will store personal data during the term of the agreement and during the limitation period as defined by applicable law or until the consent for direct marketing is revoked.
We agree to process personal data to ensure its security and implement appropriate technical and organizational measures against unlawful destruction, accidental change, disclosure and unlawful handling. EU-based donors and participants are entitled to (i) request that we allow them to access and correct personal data submitted by them; (ii) request that we erase or limit the processing of personal data submitted by them and disagree with the processing of data if such requests are compatible with the performance of the agreement and applicable law; (iii) data portability; (iv) submit a complaint regarding the processing of personal data to the competent EU data protection authority. You have the right to contact us for all matters relating to the processing of your personal data by email to firstname.lastname@example.org.
Changes to this Policy
We reserve the right to make changes to this Policy at any time and without notice. It is strongly recommended to check this page often, referring to the date that it was last updated. Should the changes affect processing activities performed on the basis of a customer/donor’s consent, we will collect new consent from these individuals, where required.