Privacy Policy Archive: September 10, 2019

Last updated on September 10, 2019

Introduction

Your privacy is important to The SASB Foundation. We’ve developed a Privacy Policy that covers how we collect, use, disclose, transfer, and store your information, as well as the choices you have when it comes to your information and how it’s treated. If you have any questions or concerns, please email [email protected]

Please note that this document explains our policies regarding privacy practices with respect to information collected when you contact us or visit our websites, including SASB Navigator. It does not extend to the privacy practices of third parties.

To learn about our other policies and practices regarding software, services and content, please review our Terms of Use, which can be found here.

Collection and Use of Personal Information

Personal information is data that can be used to identify or contact a single person.

You may be asked to provide your personal information anytime you are in contact with us. We may also combine it with other information to provide and improve our products, services, content, and advertising. You are not required to provide the personal information that we have requested, but, if you chose not to do so, in many cases we will not be able to provide you with our products or services or respond to any queries you may have.

Payment information is required for some of our services. Your sensitive payment details are used solely for billing purposes by our PCI-certified payment providers. We do not store payment information on our systems, and only authorised employees at The SASB Foundation can view transaction information.

We collect personal information about you in the following ways:

  1. Through SASB Foundation configured web forms located on sasb.org or any subdomains of sasb.org
  2. Through SASB Foundation configured web forms located on sites hosted by our third party service providers. These include, but are not necessarily limited to: GoToWebinar, Salesforce.com, Stripe, HubSpot, Google Forms, Eventbrite, Kryterion and BenchPrep
  3. Public comment letters, surveys, and other information submitted by you
  4. Email communications
  5. Orders for a SASB Foundation product, subscription or publication
  6. Phone calls

Note: While we collect the above-mentioned information, we respect requests for anonymity in SASB’s standards development process. To request anonymity, please send a written request to the SASB sector analyst assigned to your sector. Respondents can remain anonymous if desired, but SASB retains the right to refer to participants in general terms (“an issuer in the extractive industries sector,” “a private investment manager holding public equities and debt,” “a sell-side industrials analyst,” and similar).

Your personal information may be used by us to:

  1. Build and market products and services based on user trend and user interest analysis
  2. Personalize your website experience
  3. Pre-populate online forms for convenience
  4. Send periodic communications based on user interest or user type
  5. Directly contact you via phone or email
  6. Maintain records
  7. Develop stakeholder and/or participant lists for internal use by The SASB Foundation
  8. Assist our standard setting process
  9. Support the operation of the site (for example, technical troubleshooting, account maintenance, etc.)

It may be necessary − by law, legal process, litigation, and/or legally binding requests from public and governmental authorities within or outside your country of residence − for The SASB Foundation to disclose your personal information.

We require a subpoena or court order to provide user records to law enforcement.  We only disclose content, like the substance of your communications with us, in response to a probable cause search warrant. If we have a good faith belief that there is an emergency involving danger of death or severe physical injury, we may provide the limited information necessary to prevent that harm, if we have it.

If we are ever compelled by law to disclose your information, we will notify you and give you the full details of the request before we disclose it unless prohibited by law or a court order.

Collection and Use of Non-Personal Information

We also collect data in a form that does not, on its own, permit direct association with any specific individual. The following are some examples of non-personal information that we collect and how we may use it:

We may collect information such as language, zip code, area code, referrer URL, location, and the time zone where our service and/or product is used so that we can better understand customer behaviour and improve our products, services, and advertising.

We may collect information regarding user activities on our websites, products and services. This information is aggregated as needed to help us understand which parts of our website, products, and services are of most interest. Aggregated data is considered non‑personal information for the purposes of this Privacy Policy.

If we do combine non-personal information with personal information the combined information will be treated as personal information for as long as it remains combined.

Lawful Bases for Processing Data

We use your data to provide you with information and updates about our work and Services. Specifically, we use your data to:

  • Provide, update, maintain and protect our Services and business. For example, we make it easier to share and collaborate by storing your contacts and making them available for you to use.
  • Communicate with you by responding to your requests, comments, and questions. If you contact us with questions or concerns about the Services, we may use your personal information to respond.
  • Send you emails and other communications. We may contact you about important changes to our Services and Service-related notices. These communications are considered part of The SASB Foundation’s services and you may not opt out of them.

We will collect and use your data in furtherance of its legitimate interests in operating our Services and business. Specifically, we use your data to:

  • Understand how you use our Services and improve them.
  • Send you marketing emails and other communications in certain instances (see the Marketing section in our privacy policy for more details).
  • Investigate and prevent security issues and abuse of The SASB Foundation services or The SASB Foundation users.
  • Protect any person from death or serious bodily injury.
  • Comply with applicable law, legal process, or regulation.
  • Perform a task carried out in the public interest.

Finally, we will sometimes collect and use your data with your consent to:

  • Send you updates and/or marketing materials about our Services. If you do not wish to receive these materials, simply click the Unsubscribe link in any email, or update your email preferences by clicking the email preferences link in any email.

Information About Use of Our Services

Our sites collect usage-related information, including URLs visited, date and time of visit, Internet Protocol (IP) address and referring pages. We use HubSpot, Hotjar, and Google Analytics to track user engagement, troubleshoot problems and improve Site usability.

Cookies and Other Technologies

The SASB Foundation sites, email messages, and advertisements use “cookies” and other technologies such as pixel tags and web beacons.

These technologies help us to:

  • Better understand user behaviour
  • Market products and services
  • Analyse which parts of our websites people have visited
  • Facilitate and measure the effectiveness of web pages, products, services and advertisements (including remarketing).

Information about how to opt out of our cookie-based tracking is below.

Third parties also use cookies, web beacons, and similar technologies to collect or receive information about your use of our sites and your online activities across other internet sites. Those parties use that information to provide measurement services and target ads.

Third-party cookies and other technologies used for tracking usage and marketing on our sites are the following:

  • HubSpot Tracking Cookie – For more information, click here
  • Google Analytics & Advertising Cookies – For more information, click here
  • Hotjar Tracking Code – For more information, click here
  • Twitter Pixel Tags – For more information, click here
  • Facebook Pixel Tags – For more information, click here

You can opt out of the above-mentioned cookie tracking by turning on the “Do Not Track” settings within your browser.

You can opt out of the collection and use of your information for ad targeting here.

You can opt out of the collection of your data by Hotjar here.

Third‑Party Sites and Services

We share your personal information with the following trusted third parties to provide, improve, protect and analyse our Services:

  • Amazon Web Services, Inc.
  • Dropbox, Inc.
  • Google LLC
  • Hotjar Ltd.
  • HubSpot, Inc.
  • Jorsek LLC (EasyDITA)
  • Microsoft Corporation
  • RingLead, Inc.
  • Salesforce.com, LLC

These third parties will access and use your information only to perform tasks on our behalf in compliance with our Privacy Policy, and we will remain responsible for their handling of your information per our instructions.

Transfer of Assets

We reserve the right to transfer the information identified in this privacy policy in connection with a merger or renegotiation. If such an event occurs, we will take reasonable steps to ensure that your data continues to be treated consistent with the terms of this Privacy Policy.

Children’s Privacy

The SASB Foundation sites are not directed to children under the age of 13. If we become aware that a child under 13 is using our service, we will delete any data that we have collected about that child.

Protection of Personal Information

The SASB Foundation takes the protection of your personal information seriously. All login transactions and credit card transactions are protected in transit using Transport Layer Security (TLS), or Secure Sockets Layer (SSL) when TLS is not available. Sensitive payment information like credit card information is stored in systems provided by service providers who have PCI compliance certification. Only authorised SASB Foundation employees have access to view transaction information.

User’s Rights Regarding Control and Access to Information

You have control over your personal information and how it is collected, used, and shared. For example, you have a right to:

  • Change or correct personal data.
  • Access and export your data.
  • Erase or delete personal data.
  • Object to or restrict our use of your personal data.
  • Withdraw consent for us to use your personal data, as discussed below.

You can contact us at [email protected] to exercise your rights.

Data Retention

We keep information about you and your use of the Services for as long as necessary for our legitimate business interests in understanding stakeholder interest and usage patterns over time, and for legal reasons including as described in the Collection and Use of Personal Information section. If you’d like to request that we delete your data, you can do so by contacting us at [email protected].

Withdrawing Consent

You have a right to ask us to stop using or limit our use of your personal data in certain circumstances—for example, if we have no lawful basis to keep using your data, if you think your personal data is inaccurate, or if you have given us consent to use certain data and you’ve changed your mind.

You have an absolute right to object to our use of your personal information. You can opt out in the following ways:

Email Communication – If you do not wish to receive communications from us, you can use the links provided in each email communication to opt out of any future communications. If you continue to receive email communications please contact us at [email protected].

Google Analytics – To opt out of Google Analytics tracking, download and instal the add-on for your web browser. The Google Analytics opt-out add-on is designed to be compatible with Chrome, Internet Explorer 11, Safari, Firefox and Opera. In order to function, the opt-out add-on must be able to load and execute properly on your browser. For Internet Explorer, 3rd-party cookies must be enabled. Learn more about the opt-out and how to properly instal the browser add-on here.

Hotjar – You can opt out of the collection of your data by Hotjar here. We also recommend you turn on the “Do Not Track” setting within your web browser.

Other Cookies and Tags – You may withdraw your consent for our use of cookies at any time. This involves clearing cookies in your browser settings, then selecting “Decline” when prompted on our website. You can also opt out of cookie-based tracking by blocking cookies from some or all websites – please refer to your browser documentation for more information on how to disable cookies. Additionally, you can block tracking tags using tools such as Network Advertising Initiative’s Consumer Opt Out and Digital Advertising Alliance’s Your Ad Choices and Your Online Choices for the United States, Canada, and the European Union. Doing so may result in reduced functionality on our sites as well as others.

If you believe that The SASB Foundation has no lawful basis for using your personal data, or believe there are other inaccuracies in your personal data, please let us know by contacting us at [email protected] and we’ll look into it.

SASB Commitment to Your Privacy

To make sure your personal information is secure, we communicate our privacy and security guidelines to The SASB Foundation employees and strictly enforce privacy safeguards within the company.

Complaints

The SASB Foundation is the data controller responsible for your personal data. Any complaints related to the SASB Foundation’s Data and Privacy practices should be emailed to [email protected] or sent via postal mail to:

The SASB Foundation

Attn: Director of Technology

1045 Sansome Street, Suite 450

San Francisco, CA  94111

USA

EU and EFTA users who feel they haven’t received a timely or satisfactory response to a question or complaint related to this policy may raise the issue with their local supervisory authority without prejudice to any other rights they may have.

Contact Us

Please contact [email protected] for any inquiries.

Updates to Policy

If we change this privacy policy, we will post those changes so that users are aware of what information we collect, how we use it, and under what circumstances we disclose it. Changes to the Privacy Policy will be dated and will be effective from the date specified forward.

Archive of Previous Privacy Policies

October 24, 2016
June 1, 2018