Our Privacy Commitment
Last Updated: March 24, 2016
Please note that information collected on our Websites is stored and processed in the United States. By using our Websites you consent to any such transfer of information outside of your country. The Family Online Safety Institute complies with the U.S.-EU Safe Harbor Framework and the U.S.-Swiss Safe Harbor Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information from European Union member countries and Switzerland. The Family Online Safety Institute has certified that it adheres to the Safe Harbor Privacy Principles of notice, choice, onward transfer, security, data integrity, access, and enforcement. To learn more about the Safe Harbor program, and to view the Family Online Safety Institute's certification, please visit http://www.export.gov/safeharbor/.
As of the effective date of this policy, the U.S. Department of Commerce has advised that it continues to administer the Safe Harbor program despite an adverse judgment by the European Court of Justice on October 6, 2015. We are retaining our Safe Harbor certification for now pending U.S. and EU government approval of a new framework (i.e. the EU-US Privacy Shield).
Table of Contents
- Q2. What types of information do we collect about you?
- Q3. How is your personally identifiable information used and shared?
- Q4. What choices do you have about the collection, use, and sharing of your personally identifiable information?
- Q5. What are your California Privacy Rights?
- Q6. What kinds of security measures do we take to safeguard your personally identifiable information?
- Q7. How can you update your personal information and profile?
With the exception of your Internet Protocol (IP) address, we do not require personal information to access our Websites. If you prefer not to disclose personal information, you may not be able to enjoy certain features of our Websites. Personal information is information that identifies you and may be used to contact you.
We do not knowingly collect personal information from children under 13. We take kids' privacy seriously, and encourage parents to play an active role in their children's online experience at all times. If it is discovered that we have unintentionally collected information from a user under the age of 13, we will delete the child's information. If parents believe that we have unintentionally collected their child’s personal information, they should contact us to request the deletion of the information at [email protected].
Information You Provide Us
FOSI only collects personal information from you on a voluntary basis. When you submit personal information to FOSI, it will usually take the form of:
- Registration for our mailing list
- Registration for our events
- Use of "Share" or "Tell-a-friend" features
- Customer or technical support inquiries
- Participation in online surveys, polls or questionnaires
The information we collect may include personal information such as your:
- email address
- telephone number
- shipping address
Additionally, we and our third-party service providers may also collect other types of non-personal information (known as demographic information) such as your country, age or date of birth, gender, hobbies, occupation. This demographic information may be associated with your personal information.
Information Collected Through Third Parties
In certain instances, we may collect information from you through our third-party service providers. FOSI, like many other website operators, uses Google Analytics for the purpose of analyzing our user base and improving the performance of our Websites and services. If you wish to learn more about Google Analytics, including how to opt-out, please visit https://tools.google.com/dlpage/gaoptout.
We use MailChimp as a third-party email service provider, and may collect your IP address and location information from them. Additionally, your credit card information may be shared with us if you submit a donation to us via PayPal or register for one of our events through Eventbrite.
Information Collected Through Social Networking Sites
You also can engage with our content on or through third-party social networking sites, such as Facebook and Twitter (or third-party social media plug-ins and applications). When you engage with our content on or through third-party social networking sites, plug-ins and applications, you may allow us to have access to certain information from your social media profile (e.g., name, e-mail address, photo, gender, birthday, location, your list of friends, people you follow and/or who follow you, the posts or the 'likes' you make) to deliver the content or as part of the operation of the application. We may also obtain non-personally identifiable information (e.g., content viewed, game performance, high scores, and information about advertisements within the content you have been shown or may have clicked on,) from your interaction with our content.
Information Collected Through Technology
We collect information through technology to make our Websites more interesting and useful to you. For example, when you visit our Websites, we collect your IP address. At times, we also use IP addresses to collect information regarding the frequency with which our guests visit various parts of our Websites.
Please be sure to review our Cookie Policies at: https://www.fosi.org/cookie-policy/ and http://www.fosigrid.org/learn-more-about-grid/cookie-policy.
Whatever the purpose may be, we will only collect information to the extent reasonably necessary to fulfill your requests and our legitimate business objectives.
FOSI Activities and Updates
Information collected from those who voluntarily submit it to us is used to provide services like newsletter subscriptions, updates on special events, and e-mail announcements of interest to our users.
Blogs and Message Boards
If you register for access to our blogs or message boards, we will use your personal information to enable you to view and post messages on the boards. You should understand, however, that community forums, blogs, and message boards are tools that allow you to communicate with members of the online community. The information posted in these public areas can be collected and used by other people, so we highly suggest that you do not post any personal information you do not want publicly displayed or shared.
Should you wish to edit or remove a blog comment after you have posted it, you are able to do so by visiting the original post and clicking the “Edit” option underneath your post or by clicking the upside down arrow to the right of your post to select the “Delete” option. Alternatively, you may contact us directly at [email protected] with your content or information removal request.
Removal of this content or information from public view does not guarantee complete or comprehensive removal. After your removal request has been honored, we may retain copies of the content or information you have previously posted on our servers. We are not required to remove your posted content or information if it has been rendered anonymous or if we are required by law to retain it. Additionally, we do not have control over third parties (e.g., other users) who may have copied or reposted this information.
We may also use your personal information for other purposes such as "Operational Uses." For example, we may use your information to send you administrative communications either about your account with us or about features of our Websites.
We occasionally employ other companies to perform services necessary to our internal operations. For example, we have partnered with other companies to personalize our web pages, analyze customers' interaction with our Websites, and process consumer surveys. While providing their services, these companies may access your personally identifying information. These companies have agreed to securely store and maintain the personal information received from us.
For practical reasons, we treat personal information submitted to us in a business capacity different from information we receive in a non-business capacity. Personal information submitted to us in a business capacity (e.g. resumes) may be shared with third parties, depending on the nature of the inquiry.
Purchase or Sale of Businesses
Third Party Use
Our company does not share and has not reserved the right to share personal or demographic information with third parties for their direct marketing purposes.
Disclosures Required By Law and Disclosures to Help Protect the Security and Safety of Our Websites and Others
We will disclose personal information when we believe in good faith that disclosure is required by law (e.g., court order or subpoena) or help enforce:
- protect your safety or security, including the safety and security of your property; or
- protect the safety and security of our Websites or third parties.
Q4. What choices do you have about the collection, use, and sharing of your personally identifiable information?
Since 2005, California Civil Code Section 1798.83 permits our customers who are California residents to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes. We do not share our customer’s personal information with unaffiliated third parties for their own direct marketing purposes. For inquiries regarding our disclosure policy, please write us:
Family Online Safety Institute
400 7th St., NW Suite 506
Washington, D.C. 20004
Q6. What kinds of security measures do we take to safeguard your personally identifiable information?
The security and confidentiality of your information is extremely important to us. That's why we have technical, administrative and physical security measures in place to protect your personal information from unauthorized access and improper use. We also review our security procedures periodically to consider appropriate new technology and updated methods. But, despite our best efforts, no security measure is ever perfect or impenetrable. Specific security measures we currently implement to prevent unauthorized physical or electronic access to web users' personal and demographic information:
- Web user data is stored behind a firewall.
- Data is stored in a secure physical environment (e.g. behind locked doors)
- Data is stored in a database accessible to authorized employees on a need-to-know basis only
- Users or employees must have a unique password before gaining access to user data
We use standard encryption technology when transferring or receiving sensitive personal information like credit card numbers
We maintain written security policies to which all employees must adhere.
You can access and update or request the deletion of the contact information you gave us during registration (that is, your e-mail address or any other information that would directly enable us to contact you), by e-mailing us at [email protected].
Family Online Safety Institute
400 7th St., NW Suite 506
Washington, D.C. 20004
As aforementioned, FOSI is a licensee of the ESRB's Privacy Certified Program. If you believe we have not responded to your privacy-related inquiry or your inquiry has not been satisfactorily addressed, please contact ESRB at https://www.esrb.org/privacy/contact.aspx or
Attn: Privacy Certified Program
420 Lexington Avenue, Suite 2024
New York, NY 10170