OMIDYAR NETWORK PRIVACY POLICY
Last Updated: May 1, 2021
Purpose
Omidyar Network and its affiliated companies (including Omidyar Network UK Limited, Omidyar Network India Advisors Private Limited, “ON”, “we”, “us”, or “our”) respect your right to privacy.
This Privacy Policy (“Policy”) describes the information ON may collect, how it is used, and with whom it is shared in connection with the http://omidyar.com website, including the mobile-dedicated website (the “Website”). It will also apply, and be updated accordingly, to all future online offerings operated by or on behalf of ON.
The data controller for data collected and processed in accordance with this Policy is Omidyar Network Services LLC.
This Policy does not address our other personal data processing operations. Additional policies and procedures addressing these processes are in place and we provide relevant information to data subjects at the point of data collection, or subsequently, as required by law.
Any questions regarding this Policy should be submitted to [email protected]; any data protection issue related to Omidyar Network should be submitted per the instructions on the “Contact Us” page (http://omidyar.com/contact/). You can also submit questions via mail to:
Omidyar Network Services LLC
c/o Legal Department
1991 Broadway, #200
Redwood City, CA 94063
Guiding Principles
ON is a social change venture that works to bring about structural changes that will fundamentally shift the systems that govern our daily lives. We are also committed to complying with data protection laws globally.
We engage some third-party service providers in order to help us in meeting these objectives. Third-party service providers are contractually restricted from using or disclosing any personal information except as necessary to perform services on our behalf or to comply with legal requirements.
We also institute appropriate technical and organizational measures and strive to provide a high level of protection against unauthorized access to, and potential misuse of, the personal data we process.
What We Process and Why
The personal data that we collect from persons (or data subjects) who visit our website is limited to the Internet protocol (IP) address of the computer accessing the Website; the browser software and operating system that the computer uses; and the Internet address (URL) of the outside website from which the visitor came.
This information is processed for technical purposes in our legitimate interest, which provides a legal basis for such processing. Specifically, we process personal data for the purposes of (i) providing basic statistical information about the use of our website; and (ii) assisting in diagnosing technical problems and defending attacks against it.
Additional personal information – name, email, and other contact information – is collected from users of the Website who send us emails or letters using contact information listed the Website or in this Policy (e.g., [email protected]).
Data Retention
After 90 days, we delete or anonymize all personal data processed for technical purposes. Anonymization is achieved through the aggregation of statistical data that prevents the re-identification of individual users.
On occasion, we may need to retain personal data for longer than 90 days. This includes for the purposes of defending against attacks on our website. In these situations, we will delete personal data as soon as it is no longer needed for the purpose for which it was kept.
Sensitive Data
We do not directly collect any sensitive data (or “special category data” as defined in EU law) through our website. All internet usage generates additional “metadata” that is collected and retained by internet service providers. This data can be accessed by law enforcement and intelligence agencies, who may extrapolate upon it to build up detailed “pictures” of specific individuals and communities. Individuals concerned about this kind of surveillance are encouraged to take measures to protect their privacy.
Cookies and Do Not Track
Like all websites, ON’s website uses “cookies” and other technical measures to monitor and protect the Website against malicious traffic and to collect limited analytical data in order to understand how users engage the information we provide.
If you accepted the non-essential cookies, these will have been deployed with your consent, which provides a legal basis for the processing of the analytical data they collect about your use of the Website. If you declined the cookies, they will not have been deployed.
The Cloudflare cookies perform essential Website security functions and as such it is not possible to opt-out. Similarly, our Website deploys GDPR consent cookies which are necessary for compliance purposes.
Browser settings can also be used to manage cookie preferences. Each browser is different, so check the Help or Settings menu of your particular browser to learn how to change your cookie preferences.
In accordance with our principles, ON’s website honors “Do Not Track” requests and has limited the cookies it deploys.
Information Security
We take all reasonable steps to ensure that personal data is processed securely and treated in accordance with this Policy. The technical and organizational measures to prevent unauthorized access to personal data include limiting staff and sub-processor access to personal data in accordance with specific job responsibilities or contractual obligations, the encryption of data where possible, the institution of security protocols and staff training.
Although we do our best to protect personal data, information transmitted over the internet remains vulnerable to interception – for this reason, the transmission of any personal data to our website or via email to us is therefore at the data subjects’ own risk.
Data Sharing and Sub-processors
We work with carefully selected third-party service providers who perform certain data processing tasks in order to maintain this Website. These third parties are engaged by ON under terms which ensure confidentiality and compliance with data protection laws.
We share some data with other Omidyar Network companies, such as Omidyar Network UK Limited (Companies House # 07588080), to accomplish our goals. We share this on the basis of our legitimate interests to operate globally. For example, if you submit a media inquiry, the information you provide may be transferred from your country of residence to other countries in which ON operates, including the United States, so that your inquiry can be addressed.
The Website includes links to external websites, which may process your data or use cookies—for example links to our Twitter page. You can find out more about these services and their use of cookies through their respective websites and privacy policies. Please remember we cannot control the way those external websites collect and retain your personal data, so you use those external services at your own risk.
Jurisdiction
This Policy is governed by the laws of the State of California without regard to its choice of law provisions and California courts will have exclusive jurisdiction over any claims arising out of the use of the Website.
Your Rights
Depending on your place of residence, individuals whose personal data is processed by ON may have the following rights:
- The right to be informed as to whether ON holds data about them;
- The right of access to that information;
- The right to have inaccurate data corrected;
- The right to have their data deleted;
- The right to opt-out of particular data processing operations;
- The right to receive their data in a form that makes it “portable”;
- The right to object to data processing;
- The right to receive an explanation about any automated decision making and/or profiling, and to challenge those decisions where appropriate.
To make a subject access request or complaint related to the processing of your personal data please follow the instructions on our “Contact Us” page here http://omidyar.com/contact/, or write to:
Omidyar Network Services LLC
c/o Legal Department
1991 Broadway, #200
Redwood City, CA 94063
You also have the right to bring concerns to your national data protection regulator if you feel that your personal data has been unlawfully processed. For example, data subjects covered by EU law may also be entitled to lodge complaints in regard to data processing or the handling of subject access requests with data protection supervisory authority in their country of residence.
California Policy
The information provided below should be viewed in conjunction with that provided above. This Policy reflects our compliance with applicable California law, including the California Consumer Privacy Act.
The following table sets forth the categories of personal information we may collect, the source of that personal information, and how we have used and shared such personal information.
Category of Personal Information Collected |
Source of Information |
Purpose for Collection |
Categories of Recipients |
Legal information: Fraud checks or flags raised based on interactions with your information, suspected crimes, complaints, claims and accidents. |
From you, the police, crime and fraud prevention agencies, the public, regulators, your and our professional advisors and representatives. |
To protect you, other users and our business against criminal activities and risks, make sure we understand and can meet our legal obligations to you and others and can defend ourselves. |
Our service providers who help us with fraud protection, and law enforcement and other governmental authorities in accordance with applicable law. |
Preference information: |
From you, from our website technology interaction with your browser/devices and cookies and other similar technologies tracking the pages you visit. (Note, when you first view our website, you may select your cookie preferences, so the “preference information” depends on your selected preference.) |
To enhance your online experience. |
Our third-party service providers that perform website analytic services for us. |
Communications: Communications we have with you. |
From you. |
To handle your requests, to contact you when necessary or requested, including responding to your questions and comments. |
Our third-party service providers that perform website analytic services for us. |
Voluntary information: |
From you. |
To email newsletters, organize events, etc. |
Our partners, other investors or funders, staff, and any other relevant third-party service providers. |
Personalization: |
From you, from our website technology’s interaction with your browser or devices and cookies tracking the pages you visit. (Note, similar to the above, this depends on the cookie preference you select when first viewing our website.) |
To improve our website, services, and user experience. |
Our third-party vendors and service providers that perform website analytic services for us to improve your website experience for our website or elsewhere. |
Device information: IP address, internet provider, operating system and browser used, type of device (such as laptop or smart phone), device cookie settings and other device details. |
From you and from our website interaction with your browser or devices. (Note, similar to the above, this depends on the cookie preference you select when first viewing our website.) |
To make sure our website technology works properly with your device and make sure you can see and use our intended website on the device you are using, for analytical purposes. We also will use this information to protect the security and integrity of the Website and our business, such as by protecting against and preventing fraud, and managing risk exposure, including by identifying potential hackers and other unauthorized users. |
Our service providers who help us with fraud protection, and third-party vendors and service providers that perform website analytic services for us. |
Your California Privacy Rights
If you are a California resident, you may request information about our disclosure of personal information to third parties or affiliated companies for their direct marketing purposes. To make such request, please contact us as set forth below. Please allow up to 30 days for us to process your request. You may submit such a request once per year.
California law also provides you with the following rights with respect to your personal information:
- The right to know what personal information we have collected, used, disclosed and sold about you. To submit a request to know, you may email us at [email protected] or visit http://omidyar.com/contact/.
- The right to request that we delete any personal information we have collected about you. To submit a request for deletion, you may email us at [email protected] or visit http://omidyar.com/contact/.
- While the CCPA gives you the right to opt-out of the sale of your personal information, we will never sell such information. If you have questions, please contact us at [email protected].
Changes to the Privacy Policy
In the event of any updates to this Policy, the new Policy will be made available on this page and we will change the “last updated” date. The last updated date is identified at the top of the page and the terms of this Policy are effective as of that date. Should a change to the Policy result in a material impact on the handling of any personal data provided by consent, ON will contact the data subjects to inform them of the changes and seek their consent as appropriate.
See further:
Terms of Use: http://omidyar.com/terms-of-use/