This Policy applies to Singularity Sites and Solutions that link or reference this Policy. This Policy describes how Singularity collects, uses, shares, and otherwise processes Personal Data, as defined in the section below, and the choices available to you regarding: (1) how we collect, use, access, and store your Personal Data; and (2) how to confirm your Personal Data is updated, corrected, or deleted. Additional terms and information about SU’s Personal Data handling practices may be provided in offer descriptions, supplement statements, or contract terms, or notices provided prior to or at the time of information collection.
C. Definition of Personal Data
“Personal Data” is any information that can be used to identify an individual, and may include, but is not limited to: name, address, email address, phone number, login information (account number, password), marketing preferences, social media account information, IP addresses, location data (if combined with other identifiers), personal identification numbers (passport numbers, social security numbers, etc.), photos, video footage with your likeness, audio recordings, payment card number, criminal record, educational and professional records, and any form of biometric, health, genetic, racial, religion, political affiliation, gender-based, sexual preference, age-related, or other identifying personal data. If we link other data with your personal information, we will treat that linked data as Personal Data. We also collect Personal Data from trusted third-party sources and engage third parties to collect Personal Data to assist us.
Our Site may contain links to other websites, applications and services maintained by third parties. The information practices of such other services, or of social media networks that host our branded social media pages, are governed by third parties’ privacy statements, which we encourage you to review to better understand those third parties’ privacy practices.
Singularity acts as a “data controller” (as that term is defined in the EU General Data Protection Regulation (“GDPR”)) with respect to the Personal Data that it collects, uses, accesses, and stores under this Policy. For more information on the GDPR, please go to https://gdpr-info.eu/.
D. Collection and Use of Your Personal Data
We may collect a variety of information, including Personal Data, about you as you use our Sites and Solutions and interact with us. A summary of what we collect and how we use the Personal Data associated with our Sites and Solutions is compiled for your convenience below. For additional information regarding the Personal Data we typically collect and how we use it by Site and Solution family, please view the SU Personal Data Usage document.
a) Community Membership Profile
When you become an SU community member, we collect information about you including (but not limited to) your name, your employer’s name, your work address (including your country location), and your email address. We may also collect your personal email address, a personal mailing address, and a mobile phone number. We ask members to voluntarily provide additional information in their membership profile, such as information about their educational background, professional experience, interests in exponential technologies, a photo, social media identifiers, and some other information. Members may edit their profile at any time to change, add, or remove Personal Data.
We process your Personal Data for membership administration, to deliver member benefits to you, and to inform you of SU-related events, content, and other benefits or opportunities associated with your SU membership. We may also use this information to help us understand our members’ needs and interests to better tailor our Site and Solutions to meet your needs.
Members can participate in local SU chapter meetings organized by volunteers which take place at various locations. We may collect registration information from SU users, community members and their guests, which we may share with a sponsoring SU partner and location hosts for purposes of verifying registration and to ensure only registered guests are allowed attendance.
b) Personal Data Provided at Live or Web Programs and Events
SU hosts many events throughout the year. These include in-person and web-based conferences, summits, speakers’ series, and other in-person as well as virtual gatherings (collectively, “events”). If you register for one of our events and you are a member, we will access the information in your member account to provide you with information and services associated with the event. If you are not a member and you cregister for one of our events, we will collect your name, telephone number, address, email address and select other information, which we will store in our database(s) and use to provide you with information and services associated with the current and future events, SU community membership and SU content.
If you are a presenter or speaker at one of our events, we will collect information about you including your name, employer, educational and professional background, contact information, and photograph. We may collect information provided by event attendees who evaluated your performance as a presenter. For those events that are recorded, we may also make and store a recording of your voice, image and likeness. Such recordings may be used on our Sites and Solutions or for other commercial or non-commercial purposes.
If you attend an in person SU event, you may be offered the option to download a mobile application to help you navigate the event and plan your schedule. This event app may require the device identifier associated with your device but does not collect or use any other personal data without your consent.
Some of our events are sponsored. We may provide an attendee list to certain sponsors. If you do not wish to have your information shared with a sponsor or to receive information from sponsors, you can express your preferences when you register for events.
c) Personal Data Provided to Acquire Content Access
We offer exciting content for SU’s community members and non-community members alike. In addition to producing original content, we also subscribe to news feeds and blogs produced by others, which we link to and from our website. This means you may find yourself on an SU site or reading SU content and we will offer you a link to another organization’s website where you will find content on exponential technologies or exponential thinking that we or our faculty find relevant and useful to you. At these times, you will be leaving the SU Site(s). SU is not responsible or liable for content provided by these third-party websites or Personal Data they may happen to gather from you.
You may manage your SU subscriptions by subscribing or unsubscribing at any time. Please note that if you have set your browser to block cookies, this may have an impact on your ability to unsubscribe. If you have any difficulties managing your email or other communication preferences with SU, please contact us at DataSecurity@su.org.
We use Google Analytics to track how often people gain access to or read our content. We use this information in the aggregate to understand what content our community members find useful or interesting, so we can produce the most valuable content to meet your needs.
We also conduct surveys that we use to evaluate content quality and relevance to our SU community. We do not track individuals but look at information in the aggregate only. Participation in surveys is voluntary.
d) Personal Data Provided in Site or Solution Forums and Chat Rooms
e) Personal Data Provided for Training
You may sign up directly with us to participate in our in-person or on-line training courses delivered over a learning management system (LMS), in which case we collect your name and contact information directly from you. Alternatively, your employer or an SU partner may register you to participate in the training. Your Personal Data will be stored in our database (hosted by a cloud service provider) and may also be shared with a delivery partner or co-sponsor of the training program (to verify numbers and attendance rates), trainers (to determine the experience level, industry, and the demographics of the target audience(s)), and vendors supporting event delivery (to verify your identity).
f) Personal Data Provided in Correspondence with Singularity
If you correspond with us by email, the postal service, or other form of communication, we may retain the correspondence and the information contained in it and use it to respond to your inquiry and to keep a record of the complaint, accommodation, or other request.
If you ask us not to contact you by email at a certain email address, SU will retain a copy of that email address on its “master do not send” list in order to comply with your no-contact request.
g) Personal Data Provided to Process Payment
You may purchase Solutions using a payment card. Payment card information may be provided directly by users, via an SU Site or authorized third party event registration vendor site, into the PCI/DSS-compliant payment processing service to which SU subscribes. We do not process or store the card information. Occasionally, members or customers ask SU employees or SU event volunteers to enter payment card or other financial account information into the PCI/DSS-compliant payment processing service to which SU subscribes. We strongly encourage you not to submit this information by email. When SU employees receive payment card or other financial account information from customers or members by email, phone, or mail, it is entered as instructed and then deleted or destroyed.
h) Personal Data Received from Third Parties
Periodically, SU receives Personal Data about individuals from third parties. For example, this may happen if your employer is participating in a corporate program and signs you up for an event, training, SU membership, or SU Solution access. SU may also collect Personal Data about prospective employees, faculty, vendors, contractors, and partners from due diligence vendors who conduct business and criminal history background checks on information available from the public domain. Additionally, SU may combine or append information it receives from third parties, including Personal Data, with other Personal Data it has collected.
a) Personal Data Collected on Sites
We use common information-gathering tools, such as log files, embedded web links, web beacons, and cookies, to automatically collect certain standard information that your browser sends back to our Site(s). Examples include:
These tools help make your visit to our Sites easier, more efficient, and more valuable by providing you with a customized experience and recognizing you when you return.
b) Use of Google Analytics and Other Backend Analytics Tools
We use Google Analytics, a service that transmits our Site traffic to Google servers in the United States of America. Google Analytics does not identify individual users or associate your IP address with other data held by Google. We use reports and data provided by Google Analytics and other website traffic tracking services to help us understand our Site traffic trends and usage. For more information regarding how Google collects and processes data, please visit www.google.com/policies/privacy/partners.
c) Mobile Application
If you use our Mobile App, we may collect information about the device on which the Mobile App is installed such as a device identifier (IMEI or UDID), subscriber identifier, mobile phone number, device name, type, and manufacturer, operating system type and version, wireless carrier, network type, country of origin, and IP address. We may also collect location data from the GPS on your device.This information may be used to provide you with access and use of the Mobile App, for security and fraud prevention, and other uses as set out in this Policy.
d) Do Not Track Option
Some web browsers may give you the ability to enable a “do not track” (DNT) feature that sends signals to the SU Sites you visit, instructing that you do not want your online activities to be tracked; however, these features are not yet uniform and there is no common standard that has been adopted by industry groups, technology companies or regulators. Be aware that this is different from blocking or deleting cookies, and that browsers with “do not track” features enabled may still accept cookies. Singularity takes privacy and meaningful choice seriously and will make efforts to continue to monitor developments around DNT browser technology and the implementation of a standard. While SU Sites do not currently recognize and respond to “do not track” signals, if we do in the future, we will describe how in this Policy.
e) Singularity Cookies Statement
To learn more about how to update your choices in relation to cookies and other web browsing technologies, please go to the SU Cookies Statement.
f) Personal Data Use Summary
Personal Data you provide to us is used either to respond to requests that you make or to aid us in serving you better. For additional information about the type(s) of Personal Data we typically collect and how we use it by Site and Solution family, please visit this link. A summary of the ways we may use your Personal Data is set forth below:
Please see “Your Rights and Choices Regarding Your Personal Data” to learn how you can control the processing of your Personal Data by SU for marketing purposes.
E. Sharing Your Personal Data with Third Parties
We may share your Personal Data with third parties for the purposes of operating our business, delivering, improving, and customizing our Sites and Solutions, sending marketing and other communications related to our business, and for other legitimate purposes permitted by applicable law or otherwise with your consent. We may share Personal Data in the following ways:
SU makes community member information available through its community directory, known as the SU Global Hub, using the SU Global Site. Community members are invited to opt-in to have their information shared in the SU Global Hub.
F. International Transfers of Your Personal Data
Singularity is headquartered in the United States and Personal Data we collect from you will be processed in the United States. The United States has not sought nor received a finding of “adequacy” from the European Union under Article 45 of the GDPR. We aim to collect and transfer Personal Data only: i) with your consent; ii) to perform a contract with you; or iii) to fulfill a compelling legitimate interest in a manner that does not outweigh your rights and freedoms.
By providing us with your Personal Data, you acknowledge and agree that we may from time to time transfer any of your Personal Data to any of our offices, agents, partners, or appointed representatives located around the world. We are implementing appropriate safeguards for transfers of Personal Data originating from the European Economic Area (EEA) to countries located outside of the EEA. These safeguards include implementing standard data protection clauses that have been approved by the European Commission or such other legal legal mechanisms as described in this EU Data Protection Unit FAQ. Please do not submit any Personal Data to us if you do not wish for your data to be transferred internationally.
G. Your Rights and Choices Regarding Your Personal Data
SU encourages you to keep your Personal Data accurate and current. In addition, you have the right to ask us not to process your Personal Data for marketing purposes. You can exercise your right to prevent such processing by checking certain boxes on the forms we use to collect your data, clicking the unsubscribe button on any communication we have sent to you or by contacting us.
Where you have consented to allowing us to use your Personal Data, you can withdraw that consent at any time. If the information we hold about you is inaccurate or incomplete, you can notify us and ask us to correct or supplement it. You may request that we erase that Personal Data or cease processing it, subject to certain exceptions. You also have the right, with some exceptions and qualifications, to ask us to provide a copy of any Personal Data we hold about you.To make a request to correct, delete or supplement Personal Data you have provided, please fill out this form.
You may also request information about: (i) the purpose of the processing; (ii) the categories of Personal Data concerned; (iii) who else other than SU might have received the Personal Data; (iv) what the source of the information was (if you didn’t provide it directly to us); and (v) the location and length of time it will be stored.
Where you have provided your data to us and it is processed by automated means, you may be able to request that we provide it to you in a structured, machine readable format.
We may need to request specific information from you to help us confirm your identity and ensure your right to access your Personal Data (or to exercise any of your other rights). This is a security measure to ensure that Personal Data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to enable us to address your request or to speed up our response.
Reasonable access to a record of your Personal Data will be provided at no cost on request made to https://su.org/contact/privacy-and-data-access/. We may charge a reasonable fee if your request(s) is clearly unfounded, repetitive, or excessive; alternatively, we may refuse to comply with your request(s) in these circumstances. If access cannot be provided within a reasonable time frame, we will provide you with an estimated date when a record of the Personal Data will be provided. If for some reason we cannot supply you with a record of the Personal Data we have collected, used, and stored, we will provide an explanation as to why we cannot provide the record.
If you have a complaint about how we have handled your Personal Data, you may be able to ask us to restrict how we use it while your complaint is resolved. In some circumstances you can ask us to erase your Personal Data:
H. Security of Your Personal Data
Singularity endeavours to protect the Personal Data entrusted to us and treat it securely in accordance with this Policy. SU implements various physical, administrative, and technical measures designed to protect your Personal Data from unauthorized access, use or disclosure. We contractually require our critical vendors to protect such information from unauthorized access, use and disclosure. We restrict access to your Personal Data to those who need to know that information to provide Solutions or other benefits to you. In addition, we train our employees about the importance of confidentiality and maintaining the privacy and security of your information. We commit to taking appropriate disciplinary measures to enforce our employees’ privacy responsibilities.
We may require you to enter a password to access Personal Data associated with your SU account. Please do not disclose your account password to unauthorized people. Note, however, that no method of transmission over the Internet, or method of electronic storage, is 100% secure. While we use reasonable efforts to protect your Personal Data, we cannot ensure or warrant the security of any Personal Data you provide to us.
I. Retention of Personal Data
We will retain your Personal Data for the period required to fulfill the purposes for which it has been collected. These purposes may include the need to fulfill various commercial and legal requirements. Key requirements driving the need for collection, analysis and storage of Personal Data may include for example:
Your Personal Data is stored by SU on servers of the cloud-based database management services we engage, located primarily in the United States. Unless you request otherwise, we will retain data for the duration of your business relationship with us or for as long as is required by law. For more information on where and how long your Personal Data is stored, please contact DataSecurity@su.org.
J. Children’s Privacy
We encourage parents and guardians to take an active role in their children’s online activities. We do not knowingly collect Personal Data from minors under the age of eighteen (18) without appropriate parental or guardian consent. If you believe that we may have collected Personal Data from someone under the applicable age of consent in your country without proper consent, please let us know using the methods described in the “Contact Us” section and we will take appropriate measures to investigate and address the issue promptly.
K. Changes to this Policy
We may revise this Policy on occasion. If we make any material changes to the way we intend to use your Personal Data we will notify you by sending you an email to the last email address you provided to use and by prominently posting the changes on our Sites. Changes will be effective no later than thirty (30) days following notification. You are responsible for making certain that we have your current email address on file. If the email address we have on file is invalid, our dispatch of the email to your last known email address along with posting the notice of material Policy changes on our Sites will constitute effective notice of the changes. If you do not wish to permit the changes in the use of your Personal Data, you must notify us prior to the effective date of the changes. Continued use of our Services or Solutions following notice will indicate your acknowledgement of, and agreement to be bound by, the changes until such time that you notify us you would like to deactivate your account and have your Personal Data deleted as set forth in the “Contact Us” section of this Policy.
L. Additional Policies
Certain services and solutions provided by or through Singularity may be subject to additional privacy terms or Personal Data disclosures (collectively, “Additional Policies”). In the event of any direct conflict between any Additional Policies and this Policy, the Additional Policies will control.
M. California Privacy Rights
Subject to certain limitations, under the California Consumer Privacy Act (“CCPA”), California residents have the right to know what personal information about them is collected, request access to or deletion of their personal information, opt-out of the sale of their personal information, and not be discriminated against if they choose to exercise any of these rights. For more details about the personal information we collect and how it is used please see the Collection and Use of Your Personal Data section above. We share this information with the categories of third parties described in the Sharing Your Personal Data with Third Parties section above. You, or an authorized individual we can verify is acting on your behalf, can exercise your rights under CCPA by following the procedures set out in the Your Rights and Choices Regarding Your Personal Data above. Singularity will not discriminate against you for exercising such rights.
N. How to Contact Us
Should you have any queries regarding this Policy or how your information is collected, used and stored, please contact DataSecurity@su.org or mail us at the following location:
1049 El Monte Ave. Suite C #16
Mountain View, CA 94040
2. Contacting Singularity to Request Access to Personal Data or to Report a Suspected Breach of Personal Data
a) If you wish to engage your rights to access, correct, modify, or delete your Personal Data, please contact our technology team using this form.
b) If you want to report a suspected breach of your Personal Data, please contact our technology team using this form.
When we transfer Personal Data from you across national borders, we do so in compliance with applicable law.
For our individual users and customers whose use of our Solutions and Sites results in the transfer of personal information from the European Economic Area (EEA) or Switzerland to non-EEA countries, we rely on one or more legal mechanisms as described in this EU Data Protection Unit FAQ.
Privacy Shield Principles.
Singularity complies with the EU-US Privacy Shield Framework and the Swiss-US Privacy Shield Framework as set forth by the US Department of Commerce regarding the collection, use, and retention of personal information from European Union (“EU”) member countries and Switzerland transferred to the United States pursuant to Privacy Shield. Singularity has certified that it adheres to the Privacy Shield Principles with respect to such data. If there is any conflict between the policies in this Policy and data subject rights under the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification page, please visit https://www.privacyshield.gov/
Complaints and inquiries.
In compliance with the Privacy Shield Principles, Singularity commits to resolve complaints about your privacy and our collection or use of your Personal Data transferred to the United States pursuant to Privacy Shield. EU and Swiss individuals with Privacy Shield inquiries or complaints should first contact Singularity at DataSecurity@su.org. Singularity will respond to all such inquiries and complaints within s30 days of receiving them.
Singularity has further committed to refer unresolved privacy complaints under the Privacy Shield Principles to an independent dispute resolution mechanism, the BBB EU PRIVACY SHIELD, operated by BBB National Programs. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit https://bbbprograms.org/privacy-shield-complaints/ for more information and to file a complaint. This service is provided free of charge to you.
If your Privacy Shield complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms. See Privacy Shield Annex 1 at https://www.privacyshield.gov/article?id=ANNEX-I-introduction
Singularity maintains contracts with third parties that process Personal Data within the scope of the Privacy Shield. These contracts restrict such third parties’ access, use, and disclosure of Personal Data in compliance with Singularity’s Privacy Shield obligations. Singularity remains liable under the Privacy Shield Principles if third-party agents that it engages to process personal data on its behalf do so in a manner inconsistent with the Principles, unless Singularity proves that it is not responsible for the event giving rise to the damage.
Federal Trade Commission authority.
Singularity is subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission.
Singularity may be required to disclose Personal Data in response to lawful requests by public authorities, including meeting national security or law enforcement requirements.
Singularity acknowledges that EU and Swiss individuals have the right to access the personal information/data that we maintain about them. Subject to certain exceptions, upon requests and provided you provide us sufficient information to confirm your identity, Singularity will provide you with the Personal Data that we have collected about you for the purpose of enabling you to correct, amend, or delete any inaccuracies. You may make this request by contacting us at DataSecurity@su.org. If Singularity is not able to provide the information that you are requesting within 30 days of receipt of your request, we will provide you a timeline for providing the requested information. If Singularity denies access to your Personal Data, we will explain why access was denied and give you contact information for further inquiries regarding the denial of access.
Use and Choice.
Singularity will not process Personal Data about EU and Swiss individuals maintained in reliance on the Privacy Shield for purposes other than those for which the information was originally obtained or subsequently authorized by the individual, unless an exception applies. EU and Swiss individuals may contact Singularity at any time to withdraw consent. If you withdraw your consent, your Personal Data will not be further processed. Singularity will also provide EU and Swiss individuals with an individual opt-out choice, or opt-in for sensitive data, before we share your data with third parties other than our agents. EU and Swiss individuals may contact Singularity to opt out of Singularity’s sharing Personal Data with most third parties, excluding those necessary for our processing, as required by law, or as necessary to protect Singularity and its users.
Singularity takes your privacy very seriously, including your activities in browsing Singularity owned or controlled Sites.
What Cookies Do We Collect and How Do We Use Them?
Cookies do lots of different jobs, like letting you navigate between web pages efficiently, remembering your preferences, and generally improving your experience on our Sites. They can also help to ensure that advertisements and content you see online are more relevant to you and your interests.
The cookies used on the Sites have been categorized based on function. Here are the main types of cookies we use, and why we use them:
Essential Cookies: These cookies are necessary in order to enable you to move around our Sites and use their features, such as accessing secure areas of our Sites. Without these cookie services, you may not have access to services you have asked for.
Performance Cookies: These cookies collect information about how you use our Sites. For example, they tell us which pages you visit most often, and if you receive any error messages from our web pages. These cookies do not identify you. All information they collect is aggregated and is, therefore, anonymous. We use these cookies to measure and analyze how our customers use our Sites and to improve their functionality and the user experience.
Functionality Cookies: These cookies allow our Sites to remember choices you make (such as your user name, language, or the region you’re in) and provide enhanced, personalized features). These cookies can also be used to remember changes you have made to customizable parts of our Sites. The information these cookies collect may be anonymized and they cannot track your browsing activity on other websites.
Targeting Cookies: These cookies are used to deliver marketing and communications more relevant to you and your interests.
Managing and Deleting Cookies
We partner with a third party to manage our advertising on our Sites. Our third-party partner may use technologies such as cookies to gather information about your activities on the Sites in order to provide you advertising based upon your browsing activities and interests.
Where our Sites include links to other websites, the privacy practices may differ from our own. If you submit Personal Data to any of those other websites, your information is governed by their privacy statements. We encourage you to carefully ready the privacy statement of any website you visit.
Our site may also include social media features, such as the Facebook and Twitter buttons and widgets, or interactive mini-programs that run on our Sites. These features may collect your IP address, which page you are visiting on our Sites, and may set a cookie to enable the feature to function properly. Social Media features and widgets are either hosted by a third party or hosted directly on our Sites. Your interactions with these features are governed by the privacy statement of the company providing it.
Most web browsers allow some control of most types of cookies through the browser settings. To find out more about cookies, including how to see what cookies have been set and how to manage and delete them, visit www.aboutcookies.org or www.allaboutcookies.org. If you are located in the European Economic Area (EEA), visit http://www.youronlinechoices.eu for guidance in multiple languages regarding how to manage and delete advertising cookies. Please note that these reference sites are not owned, managed, or controlled in any way by Singularity, and that visiting these sites will not constitute an opt-out of cookie collection and storage for the Sites.
To opt out of being tracked by Google Analytics across all websites, visit https://tools.google.com/dlpage/gaoptout.
We also use the information collected to maintain and upgrade our systems. Our technical staff may require periodic access to services data to monitor system performance, test systems, and develop and implement upgrades to systems. This services data will generally not include your personal data. Any temporary copies of services data created as a necessary part of this process are only maintained for time periods relevant to those purposes.
Changes to our Cookies Statement
We may change this Cookies Statement from time to time. If we make changes, we will notify you by revising the date at the top of this Statement and in some cases by adding notices on our homepage or other Sites or sending you email updates.
If you have any questions about our Cookies Statement you can contact us at: DataSecurity@su.org.