Last updated: February 04, 2020
1. Information we collect
Social Innovation Booster ("We", or "Us") collects, uses, and is responsible for certain personal information about you, via innovationbooster.org (our "website"), and other applications such as Mighty Networks, Mailchimp, Google Docs, Stripe (together, the "Service"). For those in the European Union, we are regulated under the General Data Protection Regulation ("GDPR") which applies across the European Union and United Kingdom, and we are responsible as Controller of that personal information for the purposes of those laws.
While using our Service, we collect the following personal information
Personal information, when you share it voluntarily (Email address and first and last name)
While using our Service, others may share the following data with us:
Analytics: We use Google Analytics on parts of the Service, which shares information about your browser type, access times, pages viewed, IP Address, and activity just before and during your use of the Service with us (your “Analytic Information”). You can read more about this collection and sharing, as well as your ability to opt out, below in the section entitled “Cookies and other Usage Information.”
Purchases: If you make a purchase on the Service (such as purchasing a Booster Program on Mighty Networks, the platform holder of your device (Apple or Google, for example) or Service that processes your payment will share information about your purchase history, so that we can properly credit you and provide you with any purchases on the Service (your “Purchase Information”).
2. How we use the personal information
We use your personal information as follows:
To set up your account on the Service, to communicate with you about Service-related issues and to send you newsletters.
Your posts are used and displayed publicly within Mighty Networks when you make posts, comments or chat using the Service.
Your Purchase Information is used to process purchases made on the Service, keep records of those purchases, and to ensure that those purchases are properly credited to you.
3. Who we share your personal information with
We share your personal information with certain third parties in operating the Service. This data sharing enables us to provide you with all of the Service’s functionality.
Some of those third party recipients may be based outside the European Economic Area — for further information, including how we safeguard your personal data when this occurs, see the section entitled “Transfer of your Information out of the EEA,” below.
We share your personal information with the following third parties:
In addition to the above, we will share your personal information if we have a good faith belief that (i) access, use, preservation or disclosure of such information is reasonably necessary to satisfy any applicable law, regulation, legal process, such as a court order or subpoena, or a request by law enforcement or governmental authorities, (ii) such action is necessary to detect, prevent, or otherwise address fraud, security or technical issues associated with the Service, or (iii) such action is appropriate to protect the rights, property or safety of IoE, its employees, clients, or users of the Service.
We will not share your personal information with any other third party.
4. Retention of your personal information
We will keep your personal information for the length of time required to provide you with the Service, or until you request its deletion, unless a longer retention period is required by law. Afterwards, we delete all such data in our possession within a reasonable timeframe. We do not verify the correctness of personal data that we collect or that you provide.
Please note that some data may be retained, if necessary, to resolve disputes, enforce Social Innovation Booster service agreements, and comply with technical and legal requirements and constraints related to the security, integrity, and operation of the Service.
5. Reasons we can collect and use your personal information
The laws in certain jurisdictions require that we notify you of the lawful basis for collecting your personal information.
To the extent that such laws apply, we rely on the following as the lawful basis on which we collect and use your personal information:
Consent: We rely on your implied or explicit consent for the collection, processing, storage, transfer, and disclosure of your Account Information and Contact Information.
To fulfill our contractual obligations: In order to fulfill our contractual obligations to you, either in providing the Service functionality or fulfilling purchases, we must collect, process, share, and store your personal information.
Furtherance of legitimate interests: We may collect, process, store, transfer, or disclose your personal information in furtherance of those legitimate interests of ours which are not overridden by your interests or fundamental rights and freedoms as set forth in the applicable laws. These legitimate interests include, but are not limited to, (i) providing you with the Service, (ii) protecting our users, staff, and property from fraud and other harm, and (iii) collecting information on how you use the Service in order to optimize the functionality of the Service.
Legal compliance: We may collect, process, store, transfer, or disclose your personal information to comply with our legal obligations.
“Do Not Track” Signals: Because there’s not yet a consensus on how companies should respond to web browser-based or other “do not track” mechanisms yet, we do not respond to web browser-based do not track signals.
6. Cookies and other usage information
“Cookies” are small bits of electronic information that a website sends to a visitor’s browser and are stored on the visitor’s hard drive. Like many websites, we employ cookies in certain areas of the Service to allow us to provide information to make your online experience more convenient and to enhance your experience with the Service. Cookies are not spyware or adware, and can’t deliver viruses or run programs on your computer. A user may configure his or her web browsers to accept or reject or delete the cookies, or notify the user when a cookie is being set.
We use these technologies on the Service for the purpose of tracking users of the Service for marketing purposes, as follows:
o Google Ads Settings (http://www.google.com/settings/ads),
o the Google Analytics Opt-out Browser Add-on (https://tools.google.com/dlpage/gaoptout/), or
o NAI’s consumer opt-out (http://www.networkadvertising.org/choices/).
7. EU residents, your rights
Under the GDPR, EU residents have several important rights free of charge, including the right to:
Fair processing of information and transparency over how we use your use personal information
Access to your personal information
Require us to correct any mistakes in your information which we hold
Require the erasure of personal information concerning you in certain situations
Receive the personal information concerning you which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit those data to a third party in certain situations
Object at any time to processing of personal information concerning you for direct marketing
Object to decisions being taken by automated means which produce legal effects concerning you or similarly significantly affect you
Object in certain other situations to our continued processing of your personal information, or otherwise restrict our processing of your personal information in certain circumstances
If you would like to exercise any of those rights, please:
Email us at firstname.lastname@example.org
Give us enough information to identify you
Show us proof of your identity (a copy of your driving licence or passport, for example)
Let us know the information to which your request relates
8. For non-EU residents
You may update the information that we hold about you by emailing us at email@example.com
9. Keeping your personal information secure
We have taken steps to put appropriate security measures in place to prevent personal information from being accidentally lost or used or accessed in an unauthorized way.
Limited access to your personal information only to those who have a genuine business need to know it through access controls.
Those processing your information will do so only in an authorized manner and are subject to a duty of confidentiality.
We use SSL on our Site and any Account Information is encrypted at rest and in transit to protect transfers and storage of your personal information.
Additionally, we never ask you for your passwords and we advise you never to enter your account name or password into an email or after following a link from an email.
Although we make good faith efforts to store the information collected on the Service in a secure operating environment that is not available to the public, we cannot guarantee the absolute security of that information during its transmission or its storage on our systems. While we attempt to ensure the integrity and security of our network and systems, we cannot guarantee that our security measures will prevent third-party “hackers” from illegally obtaining access to this information.
We do not warrant or represent that your information will be protected against, loss, misuse, or alteration by third parties. No method of transmission over the Internet, or method of electronic storage, is 100% secure. Therefore, we cannot guarantee its absolute security. However, we have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.
10. How to resolve disputes
We hope that we can resolve any questions or concerns you raise about our use of your personal information. Please contact us via the methods listed below in the section entitled “How to contact us” to let us know about any of your questions or concerns, and we will get back to you to resolve the issue. If you are an EU resident, the GDPR also gives you right to lodge a complaint with a supervisory authority, in particular in the European Union (or European Economic Area) state where you work, normally live, or where any alleged infringement of data protection laws occurred.
12. How to contact us
Please send us an email firstname.lastname@example.org