GDPR Privacy Policy

GDPR Privacy Policy for GDPR - Protected Individuals

Last updated: August 29, 2018

This privacy policy (“Privacy Policy”) governs how we, Girls Who Code Inc. (“GWC” “we”, “our” or “us”) use, collect and store information pertaining to you (“User”, “you”) when you make use of our website: https://girlswhocode.com/ , and any other website that we operate (each, together with its sub-domains, content and services, the “Website”).

We greatly respect your privacy, which is why we make every effort to provide a platform that would live up to the highest of user privacy standards. Please read this Privacy Policy carefully, so you can fully understand our practices in relation to Personal Data. “Personal Data” means any information that can be used, alone or together with other data, to uniquely identify any living human being.

Table of contents:

This Privacy Policy may be updated from time to time and therefore we ask you to check back periodically for the latest version of the Privacy Policy, as indicated below. If there will be any significant changes made to the use of your Personal Data in a manner different from that stated at the time of collection, we will notify you by posting a notice on our Website or by other means.

  1. WHAT INFORMATION WE COLLECT, WHY WE COLLECT IT, AND HOW IT IS USED
Data we collect Why is the data collected and for what purposes? Legal basis Third parties with whom we share your data Period of storage Consequences of not providing the data
Full Name and Email To create an Account. We may use your email to send you important information regarding the Site, changes to our terms, conditions, and policies and/or other administrative information. Because this information may be important to your use of the Site, if you have provided an email, you may not opt-out of receiving such communications. Consent Salesforce, Zendesk, Campaign Monitor Forever Our services cannot be provided to you.
Contact Information (Phone, home address) This information may be collected when users submit an online form that we make available or send an email to us. It is used to contact a user interested in receiving information about our Site in general or our different programs in particular. Collection and use depends on role (Adults administering programs are required to provide contact information). Consent Salesforce, Zendesk Deleted after 7 years Optional
Demographic Information (Gender, Race/Ethnicity) For our internal business purposes, including for data analysis and audits. We use this data, in conjunction with other sources of data. Consent Salesforce Forever Our services cannot be provided to you.
Date of Birth For our internal business purposes, including for data analysis and audits. We use this data, in conjunction with other sources of data. Consent Salesforce Forever Our services cannot be provided to you.
Affiliations (School, Employment, Community-based Organizations) For our internal business purposes, including for data analysis and audits. We use this data, in conjunction with other sources of data (for example, responses to surveys we administer to stakeholders; data obtained from the National Student Clearinghouse) to assess the quality and impact of our programs, and inform you of programs which may be of interest to you, and ongoing program planning and improvements. Consent Salesforce, SurveyGizmo, LinkedIn Forever Optional – users are not required to share this with us.
Log File Data (IP address, browser type, Internet Service Providers (ISP), date/time stamps, referring/exit pages, clicked pages, and any other information your browser may send to us) We use such information to analyze usage, administer the Site and track users’ movement around the Site. Consent AWS, SurveyGizmo, Campaign Monitor Deleted after 7 years This is collected automatically; it is not possible to use the Site without providing this information.
IP address This data from cookies is collected in order for us to provide our Site and keep you logged in. Certain cookies and other technologies may serve to recall Personal Information, such as an IP address, previously indicated by a user. Consent AWS, SurveyGizmo, Campaign Monitor Deleted after 7 years Mandatory; this is collected automatically.
From Google Analytics and Leanplum: Information about your use of the Site, such as how often you visit this Site, what pages you visit when you do so, and what other sites you used prior to coming to this Site. The information we receive from Google Analytics and Leanplum is used to maintain and improve the Site and our products. Information collected through the use of of these products may be personally identifiable. Google’s ability to use and share information collected by Google Analytics about your visits to this Site is restricted by the Google Analytics Terms of Service, available at http://www.google.com/analytics/terms/us.html, and the Google Privacy Policy, available at http://www.google.com/policies/privacy/. Consent Google Analytics, LeanPlum, AWS Deleted after 7 years Mandatory; this is collected automatically.
Personal Information (Email, third party website account user names or IDs) This data is used in order to enable you to invite your friends to use our Site by sending them an invitation email or message. Inviting friends may be done by either using the Site to send or post an invitation message via your Third Party Account; and/or by using the Site to send an invitation email to your friend’s external email address (for example, a Gmail address). Consent Deleted after 7 years Optional – if users invite a friend to use our Site.
User Submissions (Project Gallery) This information may be publicly available to other Site users, and may also be accessed and used by people off the Site. Consent Deleted after 7 years Optional – The notices and tools that we provide on the Site are intended to inform you which information will be made publicly available. If you publish your contact information in any User Submissions, you may receive unsolicited messages from other users of the Site or the public. We, therefore, encourage you only to post information that you are sure you want to be accessible to anyone.
Criminal & Identity Background Screenings Applicants for adults administering and/or hosting programs (SIP, Clubs, Campus) are required to provide personal information to verify eligibility, which is reviewed internally by GWC Staff. Consent Deleted after 1 year Optional – only for adults administering programs
Financial Document for Income Verfification Applicants for stipend application upload documents to confirm program eligibility, which is reviewed internally by GWC Staff. Consent Deleted after 1 year Optional – only for SIP stipend applications.

  1. HOW DO WE PROTECT AND STORE YOUR INFORMATION?

I. Security. We have implemented appropriate technical, organizational and security measures designed to reduce the risk of accidental destruction or loss, or the unauthorized disclosure or access to such information appropriate to the nature of the information concerned. However, please note that we cannot guarantee that the information will not be exposed as a result of unauthorized penetration to our servers. Nevertheless, we make commercially reasonable efforts to make the collection and security of such information consistent with this Privacy Policy and all applicable laws and regulations. As the security of information depends in part on the security of the computer, device or network you use to communicate with us and the security you use to protect your user IDs and passwords, please make sure to take appropriate measures to protect this information.

II. Retention of your Personal Data. In addition to the retention periods mentioned in Section 1 above, in some circumstances we may store your Personal Data for longer periods of time, for example (i) where we are required to do so in accordance with legal, regulatory, tax or accounting requirements, or (ii) for us to have an accurate record of your dealings with us in the event of any complaints or challenges, or (iii) if we reasonably believe there is a prospect of litigation relating to your Personal Data or dealings.

  1. HOW DO WE SHARE YOUR PERSONAL INFORMATION?

In addition to the recipients described in Section 1, we may share your information as follows:

  • To the extent necessary, with regulators, to comply with all applicable laws, regulations and rules, and requests of law enforcement, regulatory and other governmental agencies or if required to do so by court order;
  • If, in the future, we sell or transfer some or all of our business or assets to a third party, we will (to the minimum extent required) disclose information to a potential or actual third party purchaser of our business or assets. In the event that we are acquired by or merged with a third party entity, or in the event of bankruptcy or a comparable event, we reserve the right to transfer or assign Personal Data in connection with the foregoing events;
    • Where you have provided your consent to us sharing the Personal Data (e.g., where you provide us with marketing consents or opt-in to optional additional services or functionality); and
    • Where we receive requests for information from law enforcement or regulators, we carefully validate these requests before any Personal Data is disclosed.

  1. DO WE TRANSFER YOUR PERSONAL INFORMATION?

We might do so. If we do transfer your Personal Data outside of Girls Who Code, for example to third parties who help provide our products and services, we will obtain contractual commitments from them to protect your Personal Data.
Some of these assurances are well recognized certification schemes like the EU - US Privacy Shield for the protection of Personal Data transferred from within the EU to the United States; or Standard Contractual Clauses.

  1. WHAT ARE YOUR RIGHTS IN CONNECTION WITH THE PERSONAL DATA COLLECTED?

The following rights (which may be subject to certain exemptions or derogations), shall apply to individuals who are protected by the GDPR:

  • You have a right to access information held about you. Your right of access is normally be exercised free of charge, however we reserve the right to charge an appropriate administrative fee where permitted by applicable law.
  • You have the right to request that we amend any Personal Data we hold that it is inaccurate or misleading.
  • You have the right to request the erasure of the Personal Data that relates to you. Please note that there may be circumstances in which we are required to retain your data, for example for the establishment, exercise or defense of legal claims.
  • The right to object to or to request restriction of the processing. However, there may be circumstances in which we are legally entitled to refuse your request.
  • The right to data portability. This means that you may have the right to receive your Personal Data in a structured, commonly used and machine-readable format, and that you have the right to transmit that data to another controller.
  • You have the right to object to profiling.
  • You have a right to lodge a complaint with your local data protection supervisory authority (i.e., your place of habitual residence, place or work or place of alleged infringement) at any time. We ask that you please attempt to resolve any issues with us before you contact your local supervisory authority.
  • The right to withdraw your consent. Please note that there may be circumstances in which we are entitled to continue processing your data, in particular if the processing is required to meet our legal and regulatory obligations.
  • You also have a right to request details of the basis on which your Personal Data is transferred outside the European Economic Area, but you acknowledge that data transfer agreements may need to be partially redacted for reasons of commercial confidentiality.

You can exercise your rights by contacting us at hq@girlswhocode.com. Subject to legal and other permissible considerations, we will make every reasonable effort to honor your request promptly or inform you if we require further information in order to fulfil your request. When processing your request, we may ask you for additional information to confirm your identity and for security purposes, before disclosing the Personal Data requested to you. We reserve the right to charge a fee where permitted by law, for instance if your request is manifestly unfounded or excessive.
In the event that your request would adversely affect the rights and freedoms of others (for example, would impact the duty of confidentiality we owe to others) or if we are legally entitled to deal with your request in a different way than initial requested, we will address your request to the maximum extent possible, all in accordance with applicable law.

  1. DO WE LINK TO OTHER SITES (LIKE FACEBOOK AND TWITTER)?

Yes. The Website may enable you to interact with or contain links to a third party account (like your Facebook account) and other third party websites, mobile software applications and services that are not owned or controlled by us (each a “Third Party Service”). We are not responsible for the privacy practices or the content of such Third Party Services. Please be aware that Third Party Services may collect Personal Data from you. Accordingly, we encourage you to read the terms and conditions and privacy policy of each Third Party Service that you choose to use or interact with.

  1. HOW CAN YOU CONTACT US?

If you have any questions, concerns or complaints regarding our compliance with this notice and the data protection laws, or if you wish to exercise your rights, we encourage you to first contact us at hq@girlswhocode.com .