Any data collected through the Services enables CfAD and its partners to fulfill its mission of transforming design and development practice, ensuring equitable access to vibrant public and private spaces that support healthy communities.
How We Collect Your Data
Likely situations when you make personal data available to CfAD include, but are not limited to: (i) by visiting our websites such, (ii) registering for Services, contests and special events; (iii) accessing Services using a third party ID, such as social networking sites or gaming services; (iv) subscribing to newsletters; (v) requesting technical support; and (vi) otherwise through use of CfAD Services where personal data is required for use and/or participation.
The data we process on you may include, but is not limited to: your name, email address, device ID, IP-address, and user names. CfAD may supplement your data with data received from third parties in connection with demographic, advertisement, market and other analytics surveys or services.
We may combine your information with information we collect from other companies and use it to improve our services, content, and advertising. If you do not wish to receive marketing communications from us or participate in our ad-customization programs, you may opt-out from receiving these communications by following the directions that may be provided within the communication or advertisement.
Analytics and Anonymized Data
CfAD may use Anonymized Data to perform its own analytics and to enable analytics provided by third parties. We may use Anonymized Data for supporting business analysis and operations, business intelligence, product development, improving products and services, personalizing content, providing advertising, and making recommendations. We reserve the right to provide Anonymized Data to third parties for the purpose of evaluating the Services, evaluating the performance of the Services, or for other purposes.
Data Retention and Correctness
Please note that some data may be further retained if necessary to resolve disputes, enforce CfAD user agreements, and comply with technical and legal requirements and constraints related to the security, integrity and operation of Services.
Cookies, Beacons and Tracking
The Services may use “cookies” and other technologies such as pixel tags, local shared objects, hardware-based device identifiers, Operating System-based identifiers, clear GIFs and web beacons. CfAD treats information collected by cookies and similar technologies as non-personal data.
Cookies: A “cookie” is a small file stored by your browser when told to do so by a website. Typically websites place a number of different cookies on an end-user’s machine. Some of the cookies are “1st Party,” from the website itself, and others are “3rd party,” belonging to advertising and analytics entities or social networks. CfAD’s cookies will not include personal data and are typically used to quickly identify your device and to “remember” your browser during subsequent visits for purposes of functionality, preferences, and website performance. You can disable cookies or set your browser to alert you when cookies are being sent to your device; however, disabling cookies may affect your ability to use the Services.
Flash cookies & HTML5: CfAD may also use Flash cookies (local shared objects) and HTML5 local storage. Flash cookies are small files similar to browser cookies, but which are not stored in the browser and can also be used to remember your settings, to personalize the look and feel of the Services, or for advertising and analytics. You may prevent Flash cookies from being stored by following the instructions provided by Adobe at http://helpx.adobe.com/flash-player/kb/disable-local-shared-objects-flash.html.
Web Beacons and pixel tags: A “web beacon” or a “pixel tag” is an electronic image (often not visible to the end-user) that allows CfAD to count users who have visited certain pages or viewed certain advertisements. Additionally, e-mails and other electronic communications CfAD sends to you may contain pixel tags that enable CfAD to track your usage of the communication, including whether the communication was opened and/or what links were followed, if any.
Third Party Terms and Conditions
Please note that your access to and use of the Services may be subject to certain third party terms and conditions and CfAD is not liable for any such third parties’ use of your personal data.
Certain Services that CfAD may offer, such as connection to social networking services, may use third party services to provide authentication for the Services. In connection with such use, certain personally identifiable user and/or membership data may be transferred automatically to and from CfAD.
Legal Grounds of Data Processing
The processing of your personal data is based on the following legal grounds, if you are a citizen of the European Economic Area (EEA):
- Performance of a contract. When we need to process your personal data to enter into a contract with you or your employer or to perform a contract that you or your employer may have with us, the processing is based on Article 6, section 1 (b) GDPR. For example, when you use our services, we will use your personal data to respond to your requests and provide you with such services.
- Consent. When we process personal data based on your consent, the legal grounds for processing is Article 6 section 1 (a) GDPR.
- Legal obligation. When the processing of personal data is necessary for compliance with a legal obligation to which we are subject, the processing is based on Article 6 section 1 (c) GDPR.
- Legitimate interests. We may process your personal data for our legitimate interests, e.g. to improve our products and services and to provide you with relevant information including information for marketing purposes. When we process your personal data based on our legitimate interests, the legal grounds for such processing is Article 6, section 1 (f) GDPR.
If you are not a citizen of the EEA, please contact us for details on the legal grounds of data processing. You find our contact details above.
CfAD follows generally accepted industry standards and maintains reasonable safeguards to attempt to ensure the security, integrity and privacy of the information in CfAD’s possession. CfAD uses robust security measures to protect your personal data. Taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons, we have implemented appropriate technical and organizational measures to ensure an appropriate level of security.
Transfer of Personal Data
For citizens of the EEA: Please be aware that the laws of the USA and other countries outside of the EEA may not protect your Personal Data to the same level as the laws of the EEA or give you the same rights that you would have in the EEA (including right relating to access to personal data by law enforcement or national security/intelligence agencies). But when we transfer your Personal Data outside of the EEA, if the receiving country’s data protection laws do not offer the same level of protection as the laws of the EEA, we place contractual obligations (e.g. the EU Model Clauses) on the recipients of your personal data to ensure that your personal data is adequately protected.
Your Rights in the EEA
As a data subject based in the EEA, you have the following rights:
- The right to information (Art. 13 GDPR). This is your right to be informed whether and to what extent we process your personal data.
- The right of access (Art. 15 GDPR). This is your right to get a confirmation as to whether or not we process your personal data, and only if we (still) do, request access to your data.
- The right to rectification (Art. 16 GDPR). This is your right to request correction of your personal data, or completion, in case that the data we process is incorrect or incomplete.
- The right to deletion (Art. 17 GDPR). This is your right to request deletion of your personal data. Yet, an immediate deletion may not be possible, if the retention of your personal data is still required to meet legal or regulatory obligations.
- The right to restrict the processing (Art. 18 GDPR). This is your right to request a restriction of the processing of your personal data under certain conditions: a) If you have reasons to doubt the accuracy of your personal data, you may request that its processing is restricted while we verify its accuracy, b) If the processing of your personal data is considered unlawful, but you do not request the deletion of your personal data, c) If we no longer need the data for the purposes of its processing, but you need it for the establishment, exercise or defense of legal claims, d) If you object to the processing of your personal data based on our legitimate interests under Art. 6(1) (f) GDPR, or where the processing is based on Art. 6(1) (e) GDPR.
- The right to data portability (Art. 20 GDPR). Where the processing takes place on the basis of your consent or contract, and is carried out by automated means, you have the right to request that we provide your personal data to you in a machine-readable format.
- The right to object to the processing (Art. 21 GDPR). You have the right to object to the processing of your personal data in certain situations.
- Rights in relation to automated decision making and profiling (Art. 22 GDPR). You have the right to object to decisions based exclusively on the automated processing of your personal data.
- The right to withdraw your consent. If your personal data is processed on the basis of your consent (Art. 6 (1) (a) or Art. 9 (2) (a) GDPR), you have the right to withdraw your consent at any time. The withdrawal of your consent does not affect the lawfulness of processing based on consent before its withdrawal.
- You also have the right to file a complaint with a competent supervisory authority. For more information, please contact your local data protection authority. Contact details for data protection authorities in the European Union are available at ec.europa.eu.
Special Note about Children’s Privacy
Use of CfAD Services by individuals under the age of 18 is prohibited and we do not knowingly collect any Personal Information from children.
If we change this privacy statement in a way that expands the collection, use or disclosure of children’s Personal Information to which a parent has previously consented, the parent will be notified and we will be required to obtain the parent’s additional consent.
CfAD makes good faith efforts to enable you to review, update or correct your personal data in CfAD’s possession. CfAD will need sufficient information from you to establish your identity and to verify your request, and also to assist us in handling your request.