EFFECTIVE: August 25, 2017
The information we collect on or through the Services and how we collect it.
How we use and process the information we collect.
If you have not done so already, please also review our Terms of Service (“Terms”). The Terms contain provisions that limit our liability to you and require you to resolve any dispute with us through final and binding arbitration on an individual basis and not as part of any class or representative action.
2. Information We Collect
“Personal Information” means information associated with or used to identify a specific person. Your Personal Information includes: (1) contact data (such as your e-mail address, mailing address, telephone number, school name and school grade); and (2) Location Data (as defined below) and (3) certain Usage Data, such as the IP address from which you access the Services (as further discussed in Section 3b. below)
“Location Data” is a category of Personal Information collected about the location of a mobile device or computer, including: (1) the location of the mobile device of computer used to access the Services derived from GPS or WiFi use; (2) the IP address of the mobile device, computer, or internet service used to access the Services; or (3) other information made available by a user or others that indicate location, such as geotag information in photographs. You can change your preferences on your mobile device and/or browser to deny us access to your Location Data. Please note that if you disable location tracking, certain features of the Services may not be available to you.
“General Information” is information about an individual’s online activity that, by itself, cannot be used to identify him or her, such as browser type, operating system and the dates/times of Services access.
Personal Information and General Information may be linked together. Different types of General Information also may be linked together and, once linked, may identify an individual person.
3. How We Collect Information
a. Information that You Provide to Surfrider Foundation: You may provide us with your Personal Information when you contact us for help or information, create an account to use one of the Services; make a donation to one of our campaigns, post your biographical information on the Sites or otherwise voluntarily supply your Personal Information to us. We may collect information, some of which may be Personal Information, as otherwise described to you at the point of collection or pursuant to your consent.
b. Information that We Collect When You Use the Services: When you use the Services, we may automatically collect Information about how you interact with the Services, such as (i) IP address; (ii) domain server; (iii) type of device(s) used to access the Services; (iv) web browser(s) used to access the Services; (v) statistics and information associated with the interaction between your browser or device and the Services; and (vi) referring webpage or other source through which you accessed the Services (collectively, “Usage Data”). Depending on applicable law, some Usage Data is Personal Information and some is General Information.
c. Information Collected from Other Sources: Third parties that assist us with our business operations also collect information (including Personal Information and Usage Data) from you and share it with us. For example, we may purchase mailing lists and use email service providers that help us to more effectively administer our communications and programs.
4. How We Use, Share and Disclose Information
a. How We Use Information
We use the information that we collect or that you provide to us to operate, maintain and enhance the Services, including:
To present the Services to you and to customize, improve and develop content and functionality that helps us better serve your needs;
To troubleshoot problems with the Services;
To facilitate communication between Surfrider Foundation and you;
To connect you to local events, chapters and volunteers in your area;
To prevent, detect and investigate prohibited or illegal activities, such as claims of copyright infringement and security breaches;
To send emails and other communications that display content that we think will interest you, such as news about our campaigns, programs, services, products and promotions;
To generate statistical information about how users interact with the Services and conduct analyses to support, improve and enhance the Services;
To carry out our obligations and protect our rights arising from any contracts entered into between you and us, including our Terms of Service;
To protect the safety, security and legal rights of other users of the Services;
To fulfill any other purpose for which you provide information to us or to which you consent.
b. How We Share and Disclose Information
We may share and disclose information:
With third party service providers that we retain to perform functions on our behalf, such as web hosting, data analyses and promotion services providers, communication services providers, e-commerce vendors, and technology and data service providers, that have access to Personal Information needed to perform their functions;
With affiliated non-profit organizations and our business partners;
To enforce our agreements with other users or third parties, including in connection with claims of copyright infringement;
To protect the safety and security of users;
To comply with a subpoena, regulation, binding order of a data protection agency, legal process, governmental request or other legal or regulatory process; and
If we believe you have or are violating our Terms of Service or in order to protect or defend Surfrider Foundation’s rights or property, even without a subpoena, warrant or other court order.
5. Online Advertising, Data Collection And “Do Not Track”
a. Cookies & Other Data Collection Tools. “Data Collection Tools” means technology that that collects information about your use of the Services and potentially about your activities when you leave the Services and visit other sites on the Internet, such as cookies and web beacons.
b. Online Advertising. The Services use Data Collection Tools to help manage our online advertising program. These Data Collection Technologies are provided by us as well as our ad management partners and other third parties.
In addition, we and our ad management partners may use these Data Collection Tools to track the actions of users of the Services, to measure statistics of our marketing efforts, to deliver advertisements on the Services that may be more relevant to you and that will improve your experience on the Services, and to deliver advertisements to you when you visit other third party sites.
c. How We Respond to Browser “Do Not Track” Signals: Some web browsers (including Safari, Internet Explorer, Firefox and Chrome) incorporate a “Do Not Track” (DNT) or similar feature that signals to websites that a visitor does not want to have his/her online activity and behavior tracked. If a website that responds to a particular DNT signal receives the DNT signal, the browser can block that website from collecting certain Personal Information about the browser’s user. Not all browsers offer a DNT option and DNT signals are not yet uniform. For this reason, we and many website operators do not respond to DNT signals. For more information about DNT signals, visit http://allaboutdnt.com.
6. Credit Card Information
Surfrider Foundation does not process your credit card information. Instead, Surfirder Foundation has entered into an agreement with Trustcommerce, a third party payment processing service, to collect, store, process and transmit your credit card data when you make a donation to us. Trustcommerce certifies as adhering to the Payment Card Industry Data Security Standards. Surfrider Foundation may transfer Personal Information to Trustcommerce for the purpose of facilitating the transaction.
7. Information Protection
Surfrider Foundation has implemented policies, procedures, and safeguards, including secured online connections, designed to protect all information submitted through the Services. We also strive to obligate our agents, contractors and business partners to protect the information that they use or access in connection with providing services to Surfrider Foundation. While we do work hard to protect your information, we cannot guarantee the privacy or security of information that you transmit over the Internet. DISCLOSURE OF INFORMATION TO SURFRIDER FOUNDATION IS AT YOUR OWN RISK. We urge you to take every precaution to protect your information when you use the Internet or store information on your computer, tablet, or mobile device.
All personally identifiable information (PII) is transmitted to Surfrider via SSL-secured connections. Insecure connections to systems that receive this information are not allowed. All information is stored in an encrypted format by the vendors which provide Surfrider with the services we use to process PII, and access to the information is restricted to those personnel and contractors with a business need for such access. All vendors who handle PII on Surfrider's behalf are certified as adhering to the current Payment Card Industry (PCI) Data Security Standard (DSS). Additionally, Surfrider's internal data handling policies and procedures are reviewed twice per year by Surfrider Information Technology personnel to ensure compliance with the current PCI DSS.
8. Links To Other Services
9. Youth Club Network
We administer our Youth Club Network through the Services. While we are a nonprofit entity not subject to the Children’s Online Privacy Protection Act (COPPA), we do not direct the Services to children under the age of 13, and we do not knowingly collect, store or use personal information about children under the age of 13
If we learn that a child under the age of 13 has submitted information about himself/herself to us, we delete it as soon as possible. If you believe that we have collected Personal Information from a child under the age of 13, please contact us at firstname.lastname@example.org.
10. California Consumer Rights Information
California Civil Code section 1798.83 law permits residents of California to opt-out of disclosure of Personal Information to third parties for their direct marketing purposes. You may choose to opt-out of the sharing of your personal information with third parties for marketing purposes at any time by submitting a request in writing to our contact address below or by e-mailing us at email@example.com. We honor all such opt-out requests and it is our policy not to share personal information with third parties for direct marketing purposes where you have submitted such a request. Please note that this opt-out does not prohibit disclosure made for non-marketing purposes.
Under California Civil Code Section 1789.3, we are required to provide California residents with the following specific consumer rights information:
The Services are owned and/or operated by Surfrider Foundation, P.O. Box 73550, San Clemente, CA 92673.
Unless otherwise expressly stated, the Services are provided without charge.
To file a complaint regarding any of the Services or to receive further information regarding use of the Services, please send a letter to Surfrider Foundation P.O. Box 73550, San Clemente, CA 92673 or contact us via email at firstname.lastname@example.org (with “California Resident Request” as the Subject Line). You also may contact the Complaint Assistance Unit of the Division of Consumer Services of California’s Department of Consumer Affairs in writing at 400 R Street, Suite 1080, Sacramento, California 95814 or by telephone at 916.445.1254 or 800.952.5210.
11. Information Transmission
12. How To Contact Us