Last updated on September 10, 2019
Please note that this document explains our policies regarding privacy practices with respect to information collected when you contact us or visit our websites, including SASB Navigator. It does not extend to the privacy practices of third parties.
Collection and Use of Personal Information
Personal information is data that can be used to identify or contact a single person.
You may be asked to provide your personal information anytime you are in contact with us. We may also combine it with other information to provide and improve our products, services, content, and advertising. You are not required to provide the personal information that we have requested, but, if you chose not to do so, in many cases we will not be able to provide you with our products or services or respond to any queries you may have.
Payment information is required for some of our services. Your sensitive payment details are used solely for billing purposes by our PCI-certified payment providers. We do not store payment information on our systems, and only authorized employees at The SASB Foundation can view transaction information.
We collect personal information about you in the following ways:
- Through SASB Foundation configured web forms located on sasb.org or any subdomains of sasb.org
- Through SASB Foundation configured web forms located on sites hosted by our third party service providers. These include, but are not necessarily limited to: GoToWebinar, Salesforce.com, Stripe, HubSpot, Google Forms, Eventbrite, Kryterion and BenchPrep
- Public comment letters, surveys, and other information submitted by you
- Email communications
- Orders for a SASB Foundation product, subscription or publication
- Phone calls
Note: While we collect the above-mentioned information, we respect requests for anonymity in SASB’s standards development process. To request anonymity, please send a written request to the SASB sector analyst assigned to your sector. Respondents can remain anonymous if desired, but SASB retains the right to refer to participants in general terms (“an issuer in the extractive industries sector,” “a private investment manager holding public equities and debt,” “a sell-side industrials analyst,” and similar).
Your personal information may be used by us to:
- Build and market products and services based on user trend and user interest analysis
- Personalize your website experience
- Pre-populate online forms for convenience
- Send periodic communications based on user interest or user type
- Directly contact you via phone or email
- Maintain records
- Develop stakeholder and/or participant lists for internal use by The SASB Foundation
- Assist our standard setting process
- Support the operation of the site (for example, technical troubleshooting, account maintenance, etc.)
It may be necessary − by law, legal process, litigation, and/or legally binding requests from public and governmental authorities within or outside your country of residence − for The SASB Foundation to disclose your personal information.
We require a subpoena or court order to provide user records to law enforcement. We only disclose content, like the substance of your communications with us, in response to a probable cause search warrant. If we have a good faith belief that there is an emergency involving danger of death or severe physical injury, we may provide the limited information necessary to prevent that harm, if we have it.
If we are ever compelled by law to disclose your information, we will notify you and give you the full details of the request before we disclose it unless prohibited by law or a court order.
Collection and Use of Non-Personal Information
We also collect data in a form that does not, on its own, permit direct association with any specific individual. The following are some examples of non-personal information that we collect and how we may use it:
We may collect information such as language, zip code, area code, referrer URL, location, and the time zone where our service and/or product is used so that we can better understand customer behavior and improve our products, services, and advertising.
If we do combine non-personal information with personal information the combined information will be treated as personal information for as long as it remains combined.
Lawful Bases for Processing Data
We use your data to provide you with information and updates about our work and Services. Specifically, we use your data to:
- Provide, update, maintain and protect our Services and business. For example, we make it easier to share and collaborate by storing your contacts and making them available for you to use.
- Communicate with you by responding to your requests, comments, and questions. If you contact us with questions or concerns about the Services, we may use your personal information to respond.
- Send you emails and other communications. We may contact you about important changes to our Services and Service-related notices. These communications are considered part of The SASB Foundation’s services and you may not opt out of them.
We will collect and use your data in furtherance of its legitimate interests in operating our Services and business. Specifically, we use your data to:
- Understand how you use our Services and improve them.
- Investigate and prevent security issues and abuse of The SASB Foundation services or The SASB Foundation users.
- Protect any person from death or serious bodily injury.
- Comply with applicable law, legal process, or regulation.
- Perform a task carried out in the public interest.
Finally, we will sometimes collect and use your data with your consent to:
- Send you updates and/or marketing materials about our Services. If you do not wish to receive these materials, simply click the Unsubscribe link in any email, or update your email preferences by clicking the email preferences link in any email.
Information About Use of Our Services
Our sites collect usage-related information, including URLs visited, date and time of visit, Internet Protocol (IP) address and referring pages. We use HubSpot, Hotjar, and Google Analytics to track user engagement, troubleshoot problems and improve Site usability.
Cookies and Other Technologies
The SASB Foundation sites, email messages, and advertisements use “cookies” and other technologies such as pixel tags and web beacons.
These technologies help us to:
- Better understand user behavior
- Market products and services
- Analyze which parts of our websites people have visited
- Facilitate and measure the effectiveness of web pages, products, services and advertisements (including remarketing).
Information about how to opt out of our cookie-based tracking is below.
Third-party cookies and other technologies used for tracking usage and marketing on our sites are the following:
- HubSpot Tracking Cookie – For more information, click here
- Google Analytics & Advertising Cookies – For more information, click here
- Hotjar Tracking Code – For more information, click here
- Twitter Pixel Tags – For more information, click here
- Facebook Pixel Tags – For more information, click here
You can opt out of the above-mentioned cookie tracking by turning on the “Do Not Track” settings within your browser.
You can opt out of the collection and use of your information for ad targeting here.
You can opt out of the collection of your data by Hotjar here.
Third‑Party Sites and Services
We share your personal information with the following trusted third parties to provide, improve, protect and analyze our Services:
- Amazon Web Services, Inc.
- Dropbox, Inc.
- Google LLC
- Hotjar Ltd.
- HubSpot, Inc.
- Jorsek LLC (EasyDITA)
- Microsoft Corporation
- RingLead, Inc.
- Salesforce.com, LLC
Transfer of Assets
The SASB Foundation sites are not directed to children under the age of 13. If we become aware that a child under 13 is using our service, we will delete any data that we have collected about that child.
Protection of Personal Information
The SASB Foundation takes the protection of your personal information seriously. All login transactions and credit card transactions are protected in transit using Transport Layer Security (TLS), or Secure Sockets Layer (SSL) when TLS is not available. Sensitive payment information like credit card information is stored in systems provided by service providers who have PCI compliance certification. Only authorized SASB Foundation employees have access to view transaction information.
User’s Rights Regarding Control and Access to Information
You have control over your personal information and how it is collected, used, and shared. For example, you have a right to:
- Change or correct personal data.
- Access and export your data.
- Erase or delete personal data.
- Object to or restrict our use of your personal data.
- Withdraw consent for us to use your personal data, as discussed below.
You can contact us at email@example.com to exercise your rights.
We keep information about you and your use of the Services for as long as necessary for our legitimate business interests in understanding stakeholder interest and usage patterns over time, and for legal reasons including as described in the Collection and Use of Personal Information section. If you’d like to request that we delete your data, you can do so by contacting us at firstname.lastname@example.org.
You have a right to ask us to stop using or limit our use of your personal data in certain circumstances—for example, if we have no lawful basis to keep using your data, if you think your personal data is inaccurate, or if you have given us consent to use certain data and you’ve changed your mind.
You have an absolute right to object to our use of your personal information. You can opt out in the following ways:
Email Communication – If you do not wish to receive communications from us, you can use the links provided in each email communication to opt out of any future communications. If you continue to receive email communications please contact us at email@example.com.
Google Analytics – To opt out of Google Analytics tracking, download and install the add-on for your web browser. The Google Analytics opt-out add-on is designed to be compatible with Chrome, Internet Explorer 11, Safari, Firefox and Opera. In order to function, the opt-out add-on must be able to load and execute properly on your browser. For Internet Explorer, 3rd-party cookies must be enabled. Learn more about the opt-out and how to properly install the browser add-on here.
Hotjar – You can opt out of the collection of your data by Hotjar here. We also recommend you turn on the “Do Not Track” setting within your web browser.
If you believe that The SASB Foundation has no lawful basis for using your personal data, or believe there are other inaccuracies in your personal data, please let us know by contacting us at firstname.lastname@example.org and we’ll look into it.
SASB Commitment to Your Privacy
To make sure your personal information is secure, we communicate our privacy and security guidelines to The SASB Foundation employees and strictly enforce privacy safeguards within the company.
The SASB Foundation is the data controller responsible for your personal data. Any complaints related to the SASB Foundation’s Data and Privacy practices should be emailed to email@example.com or sent via postal mail to:
The SASB Foundation
Attn: Technology Director
1045 Sansome Street, Suite 450
San Francisco, CA 94111
EU and EFTA users who feel they haven’t received a timely or satisfactory response to a question or complaint related to this policy may raise the issue with their local supervisory authority without prejudice to any other rights they may have.
Please contact firstname.lastname@example.org for any inquiries.
Updates to Policy