What do we mean by “personal information?”
For us, “personal information” means information which either directly identifies you (like your name, email address, or phone number) or can be reasonably linked or combined to identify you (like an account identification number or IP address). We’ll always tell you what personal information we are collecting from you.
Any information that falls outside of this is “non-personal information.”
If we store your personal information with information that is non-personal, we will consider the combination as personal information. If we remove all personal information from a set of data then the remaining is non-personal information. What do we do with your information once we have it?
We learn information about you when:
- you give it to us directly (e.g., when you choose to send us crash reports);
- we collect it automatically through our products and services;
- someone else tells us information about you ; or
- when we try and understand more about you based on information you’ve given to us (e.g., when we use your IP address to customize language for some of our services).
How do we learn information about you?
When you give us information, we will use it in the ways for which you’ve given us permission. Generally, we use your information to help us provide and improve our products and services for you.
When do we share your information with others?
- When we have asked and received your permission to share it.
- For processing or providing products and services to you, but only if those entities receiving your information are contractually obligated to handle the data in ways that are approved by Cherrytwist.
- When we are fulfilling our mission of being open. We sometimes release information to make our products better and foster an open web, but when we do so, we will remove your personal information and try to disclose it in a way that minimizes the risk of you being re-identified.
- When the law requires it. We follow the law whenever we receive requests about you from a government or related to a lawsuit. We’ll notify you when we’re asked to hand over your personal information in this way unless we’re legally prohibited from doing so. When we receive requests like this, we’ll only release your personal information if we have a good faith belief that the law requires us to do so. Nothing in this policy is intended to limit any legal defenses or objections that you may have to a third party’s request to disclose your information.
- When we believe it is necessary to prevent harm to you or someone else. We will only share your information in this way if we have a good faith belief that it is reasonably necessary to protect the rights, property or safety of you, our other users, Cherrytwist or the public.
- If our organizational structure or status changes (if we undergo a restructuring, are acquired, or go bankrupt) we may pass your information to a successor or affiliate.
How do we store and protect your personal information?
We are committed to protecting your personal information once we have it. We implement physical, business and technical security measures. Despite our efforts, if we learn of a security breach, we’ll notify you so that you can take appropriate protective steps.
We also don’t want your personal information for any longer than we need it, so we only keep it long enough to do what we collected it for. Once we don’t need it, we take steps to destroy it unless we are required by law to keep it longer.
We may need to change this policy and our notices. The updates will be posted online. If the changes are substantive, we will announce the update through Cherrytwist’s usual channels for such announcements such as blog posts and forums. Your continued use of the product or service after the effective date of such changes constitutes your acceptance of such changes. To make your review more convenient, we will post an effective date at the top of the page.
For users in the EU, EEA, Switzerland, and California
These regions have data protection laws that require us to specify the following:
Our lawful bases for collecting and processing personal information under the European General Data Protection Regulation (“GDPR”) include:
- Legitimate interests: We receive technical and interaction data of users, which may include IP addresses, to customize and offer location specific features, improve the security and reliability of our services and prevent abuse, and to understand where people learn about Cherrytwist.
- Consent: Where we ask for your consent to process your information, you can always withdraw this consent.
The following rights are granted under the GDPR and California Consumer Privacy Act (“CCPA”). Cherrytwist applies these rights to all users of our products, regardless of your location:
- The right to know what personal data is collected
- The right to know if personal data is being shared, and to whom
- The right to access your personal data
- The right to exercise your privacy rights without being discriminated against
In many cases, you can access, update, or delete your personal information directly from our product settings.
If you have a question or concern, please contact us and we hope to resolve it for you. If we cannot, you have the right to lodge a complaint with your local data protection authority.