Last updated: January 1, 2020
Information We Collect
We may collect two types of information from and about you: (a) information that you voluntarily provide us that personally identifies you and (b) information that does not personally identify you that we automatically collect when you visit our Website or that you provide us.
- We only collect personally identifiable information about you, such as your name, phone number, e-mail address, physical address, commercial information, and professional or employment related information, to the extent you voluntarily provide it, by entering information in forms or requesting information on the Website. If you do not wish to share this information with us, you may choose not to provide it.
Use of Information
To the extent you provide it to us, we use your personally identifiable information primarily to enhance your use of the Website, to respond to your requests for information about our services, and in other ways related to the circumstances under which you provided the information to us. We may also use that information to later contact you for a variety of reasons, such as customer service, offering of programs or services that we believe may be of interest to you, or to communicate with you about content or other information you have posted or shared with us via our Website. You may opt-out of receiving such communications from us at any time, by clicking on the “unsubscribe” link in any of our communications. We will comply with any opt-out request(s) within ten (10) business days. Please also note that if you do opt out of receiving communications from us, we may still communicate with you to respond to any subsequent requests for information about our services.
We use the non-personally identifiable information that we collect in a variety of ways, including to administer the Website, help us analyze site traffic, understand customer needs and trends, carry out targeted promotional activities, improve the quality of the pages that make up our Website, gather broad demographic information, and to improve our Website and our services. We may use your non-personal information by itself or aggregate it with information we have obtained from others. We may share your non-personal information with our affiliated companies and third parties to achieve these objectives and others. Aggregated information is anonymous information that does not personally identify you.
We may disclose your personally identifiable information as we believe reasonably necessary to (a) comply with laws, regulations, or demands of governmental authorities, (b) prevent harm to yourself or others, (c) investigate or respond to abuse or unauthorized access to our Website, or (d) exercise or protect legal rights or defend against legal claims. In addition, we may share your personally identifiable information with third parties we have engaged to help us provide and maintain the Website or to perform marketing, business, or other services for us, or third parties we have engaged to provide our services. For example, we may engage subcontractors to perform portions of the services we provide and we may provide those subcontractors with your personally identifiable information to the extent necessary to enable them to perform those services. Our contracts with these other service providers prohibit them from using or further disclosing your personally identifiable information, except for the purpose of providing the services in question as directed by us. Finally, we may transfer your personally identifiable information as part of the assets of our company if our company is, or parts of our business are, sold to, merged with or acquired by, a third party.
Your California Privacy Rights.
Residents of the State of California, under certain provisions of the California Civil Code, have the right to request from companies conducting business in California a list of all third parties to which the company has disclosed certain personally identifiable information as defined under California law during the preceding year for third party direct marketing purposes. You are limited to one request per calendar year. Should you make a request, in your request, please attest to the fact that you are a California resident and provide a current California address for our response. You may request the information from us in writing at: [email address], with the subject heading “California Privacy Rights.”
Some browsers have incorporated “Do Not Track” (DNT) features that can send a signal to the websites you visit indicating you do not wish to be tracked. Because there is not yet a common understanding of how to interpret the DNT signal, our Website does not currently respond to browser DNT signals. You can use the range of other tools available to you to control data collection and use, including the ability to opt out of receiving marketing from us as described above.
Collection of Information From Children
We do not knowingly collect personally identifiable information relating to children. The features, programs, promotions, services and other aspects of our Website requiring the submission of personally identifiable information are not intended for anyone under 18 years of age. In the event we learn we have collected personally identifiable information from anyone under 13 years of age without prior parental consent, we will take steps to promptly delete such information. By providing your personal information to us, through the Website, you represent that you are 13 years of age or older.
Keeping Your Information Secure
We use commercially reasonable technical, organizational, and administrative safeguards to protect information within our control against unauthorized or unlawful access, use, modification, destruction, processing or disclosure, and against accidental loss, destruction, or damage. We believe that these measures are reasonably adapted to the nature of the information in our custody. From time to time we evaluate new technology for protecting information, and when appropriate, we upgrade our information security systems. However, no security system or storage system can be guaranteed to be 100% effective or secure. Moreover, when you submit information to us through our Website, you should be aware that your information is transmitted across the Internet and that no method of transmission over the Internet is 100% secure. While we strive to protect your personally identifiable information and privacy, we cannot guarantee or warrant the security of any information you disclose or transmit to us online and are not responsible for the theft, destruction, or inadvertent disclosure of your personally identifiable information. In the event that we become aware of a security breach which we believe has resulted, or may result, in the unauthorized access, use, or disclosure of non-public personal information of users, we will promptly investigate the matter and notify the applicable parties of such breach. Such investigation will be without delay, consistent with (i) the legitimate needs of law enforcement; (ii) measures necessary to determine the scope of the breach; (iii) efforts to identify the individuals affected; and (iv) steps to restore the reasonable integrity of our Website and systems.
Storage of Your Information
You can request deletion of your personal data at any time, and we will consider your request in accordance with applicable laws.
When we no longer have a justifiable business need to process your personal data, we will either delete it or anonymize it, or if neither is possible (for example, because your personal data has been stored in backup archives), we will securely store your personal data and isolate it from any further processing until deletion is possible.
Accessing, Correcting or Deleting Your Information
If you have subscribed to our blog, or have created an account with us (if we provide for that functionality), you have the right to review, change, or suppress personal data that we have collected from you. There are several ways to do that. You can update your account information and your profile settings by logging into your account, if applicable. You can also contact us as indicated in the “How to Contact Us” section. We may need to retain certain information for mandatory record keeping purposes. Residual information may remain within our databases and other records, but it will no longer be tied to your identity.
EU/EEA Residents: Data Subject Rights under the GDPR
The EU General Data Protection Regulation (GDPR) grants individuals who are in the European Union and European Economic Area (EU/EEA) the following rights, with some limitations. Users may contact us, at the address provided in the “How to Contact us” section below, to exercise any of those rights and we will respond with the requested action or information or, if we determine that the right does not apply to you, we will let you know that.
Right Not to Provide Consent or to Withdraw Consent: We need your consent in order to process certain personal data. You have the right not to provide your consent, and the right to withdraw your consent at any time with regard to future processing.
Right of Access: You have the right to obtain confirmation as to whether or not we collect or process personal data concerning you and, if we do, you have the right to request a copy of that personal data in digital format.
Right of Rectification: You have the right to require that we correct any inaccurate personal data concerning you, and that we complete any personal data that is incomplete.
Right of Erasure: In certain circumstances, you have the right to request that we erase personal data concerning you; for example, if it is no longer necessary for the purposes for which it was originally collected.
Right to Restrict Processing: In certain circumstances, you have the right to request that we restrict the processing of the personal data that we have collected about you; for example, where you believe that the personal data we hold about you is not accurate or lawfully held.
Right to Data Portability: In certain circumstances, you have the right to receive the personal data concerning you that you have provided us in a structured, commonly used, machine readable format, and the right to require that we transmit the data to another entity where technically feasible.
Right to Object to the Processing: In certain circumstances, you have the right to request that we stop processing your personal data.
Right to Object to the Processing for Direct Marketing Purposes: You have the right to request that we stop sending you marketing communications.
Right Not to be Subject to Decisions Based Solely on Automated Processing that Produce Legal Effects: In certain circumstances, you have the right not to be subject to a decision based solely on automated processing – including profiling – that produces legal effects or similarly affects you.
Right to Complain to a Supervisory Authority: You have the right to lodge a complaint with a supervisory authority if you believe that our processing of personal data relating to you violates the GDPR.
International Transfers of Information We Collect
We store the information we collect primarily in the United States, but that information may be processed or transferred to data centers located throughout the world that are operated by companies that provide services to us. Whenever we transfer your information, we take steps to protect it. When we share information about you with companies we engage, we make use of standard contractual data protection clauses, which have been approved by the European Commission, and we rely on the EU-U.S. and Swiss-U.S. Privacy Shield Framework to safeguard the transfer of information we collect from the European Economic Area and Switzerland.
How to Contact Us
Foghorn Consulting, Inc.
268 Castro Street
Mountain View, CA 94041