(Last Updated May 24, 2018)
Children Under 16 Years of Age
The Sites are not directed to children under the age of 16, and Cloud Foundry Foundation will never request personally identifiable information from anyone whom it knows to be under the age of 16 without verifiable parental or guardian consent. Cloud Foundry Foundation does not knowingly collect, or wish to obtain, personally identifiable information from children.
Information That Cloud Foundry Foundation Collects
Through user interaction with the Sites, Cloud Foundry Foundation may collect personal information submitted by such users, including community forum content, blog posts and comments, profiles, photographs, names, geographic location, unique identifiers (e.g., social media handles or usernames), contact information (e.g., email address, postal address, telephone, fax), and transaction information. Cloud Foundry Foundation may also collect information users provide regarding their interests, demographics, industry, title, experience, and detailed contact preferences. Cloud Foundry Foundation may collect or access this information from third-party service providers who provide services, such as user surveys, in connection with the Sites.
Cloud Foundry Foundation and third-party service providers and advertisers who interact with Cloud Foundry Foundation, may also collect certain technical information about your use of the Sites. This technical information may include information about user device(s), browser type and version, geo-location, computer, computer connection, statistics on page views, traffic to and from the Service, ad data, Wi-Fi connection, internet protocol (“IP”) address, and standard web log.
Cloud Foundry Foundation does not intentionally collect sensitive personal information, such as social security numbers, genetic data, health information, or religious information; except to the extent you may voluntarily provide such information in anonymized surveys that would not allow Cloud Foundry Foundation to identify you as the source of the sensitive personal information.
Cookie Use Policy; Third-Party Analytics
How Cloud Foundry Foundation Uses the Information Collected
Cloud Foundry Foundation uses collected information for purposes related to Cloud Foundry Foundation’s business activities, including, but not limited to:
- To understand a user’s needs and create content that is relevant to the user;
- To generate statistical studies;
- To conduct market research and planning by sending user surveys;
- To notify user referrals of Cloud Foundry Foundation Services, information, or products when a user requests that Cloud Foundry Foundation send such information to referrals;
- To improve Services, information, and products;
- To help a user complete a transaction, or provide Services or customer support;
- To communicate back to the user;
- To update the user on Services, information, events and products;
- To notify the user of any changes with a Site, which may affect the user;
- To allow the user to purchase products, access Services, or otherwise engage in activities the user selects.
Cloud Foundry Foundation is not-for-profit organization and an open source project and collaborative community. This means that portions of our Sites, including information you voluntarily provide, will be public-facing for the open sharing of ideas, best practices and information from users around the world. If you do not want to share your information, including personally identifiable information, with other community members and the public, please be thoughtful as to how you interact with our Sites and Services and what information you provide. For example, user names, identifications or IDs, and email addresses (as well as any additional attribution information that a user voluntarily posts or provides) may be publicly available through your creation or linking of a public profile, project contributions, comments, and blog posts. Another example is when a user posts information in conjunction with content subject to an open source license, or as part of a message posted to a public forum or a publicly-released software application.
The personal information you provide to Cloud Foundry Foundation may reveal or allow others to discern aspects of your life that are not expressly stated in your profile (for example, your picture or your name may reveal your hair color, race, or approximate age). You should be aware that your information may continue to be viewable to others after you close your account, such as on cached pages on Internet search engines. Users may not be able to change or remove public postings once posted. Such information may be used by visitors of these pages to send unsolicited messages. Cloud Foundry Foundation is not responsible for any consequences which may occur from the third-party use of information that a user chooses to submit to public pages. If you do not wish for others to view or access this information, please do not provide it to Cloud Foundry Foundation or post it on the Sites.
In some cases you may be able to provide project contribution-related information directly to third party sites and services; these third parties are independent data controllers and their use of your personal information is subject to their own policies.
From time to time, Cloud Foundry Foundation may contact you with information, including promotional, marketing, and advertising information and recommendations that Cloud Foundry Foundation believes may be of interest to you, but only if you have provided your consent to receive such communications (if such consent is required by applicable law). Consistent with applicable laws, including United States CAN-SPAM laws, if you do not wish to receive commercial emails, you may unsubscribe by following the instructions on any email or by contacting us at email@example.com. Cloud Foundry Foundation may still send you administrative notices in response to specific requests you submit or in connection with a contract you may have with us.
Links to Third-Party Websites
Sharing of Information
Cloud Foundry Foundation may share the personally identifiable information a user provides online with other entities that are part of our corporate network, including corporate affiliates, joint-venturers, and companies under common control, and/or outside service providers who we engage to distribute materials, create surveys, process credit card payments, provide technical support, handle transaction processing, or otherwise act on Cloud Foundry Foundation’s behalf. Third-party service providers and suppliers receiving personal information are authorized to use such personal information only for the purpose it was originally intended or as required or permitted by law. Specifically, Cloud Foundry Foundation may share a user’s email and other personally identifiable information with our third-party managed services provider, The Linux Foundation, which may send email correspondence to users on our behalf.
To keep your information safe, prevent unauthorized access or disclosure, maintain data accuracy, and ensure the appropriate use of information, Cloud Foundry Foundation implements industry-standard physical, electronic, and managerial procedures to safeguard and secure the information Cloud Foundry Foundation collects. However, Cloud Foundry Foundation does not guarantee that unauthorized third parties will never defeat measures taken to prevent improper use of personally identifiable information. As a result, Cloud Foundry Foundation cannot guarantee or warrant the security of any information transmitted on or through the Sites and you do so at your own risk.
Internal Cloud Foundry Foundation access to users’ nonpublic personally identifiable information is restricted to Cloud Foundry Foundation’s personnel, including contractors on a need-to-know basis. These individuals are bound by confidentiality agreements.
In the event Cloud Foundry Foundation becomes aware that the security of a Site has been compromised or users’ personally identifiable information has been disclosed to unrelated third parties as a result of external activity, including but not limited to, security attacks or fraud, Cloud Foundry Foundation will take reasonable response measures, including but not limited to, investigation and reporting, and notification to and cooperation with law enforcement authorities.
International Data Protection and Transfer
Notice of Privacy Rights to European Data Subjects
For persons located in the EEA (“EU Data Subjects”), commencing on May 25th, 2018 and in case of inquiries to any Cloud Foundry Foundation affiliates or service providers in Europe (such as event orders or applications), we will process your personal information in accordance with the Regulations (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016, known as the General Data Protection Regulation (“GDPR”) according to which you have the following rights:
- You have the right to information as to whether or not and to which extent we process which of your personal information.
- You have the right to object the processing of your data based on Article 6 (1) (e), (f) of the GDPR on grounds relating to your particular situation at any time.
- You have the right to rectification of any inaccurate personal information about you and, taking into account the purposes of the processing, to have any incomplete personal data about you completed.
- You have the right to the erasure of your personal information without undue delay unless we have a legitimate interest to keep the information, such as in the event we need the information to execute an agreement with you.
- You have the right to restrict the processing of your personal information, unless we have a legitimate interest to continue processing the information for the purpose in respect to which you requested the restriction. For example, you have the right to object to our processing of your personal information for direct marketing purposes (including profiling for direct marketing purposes). If you make such an objection, we will cease to process your personal information for this purpose. You have the right to receive your personal information from us in a structured, commonly used and machine-readable format in certain circumstances. However, this right does not apply where it would adversely affect the rights and freedoms of others.
- You have the right to withdraw your previously given consent at any time.
If you are an EU Data Subject, you may exercise any of your rights in this section in relation to your personal data by written notice to us at the following email address: firstname.lastname@example.org.
If you believe our processing of your personal information violates data protection laws, you have a legal right to lodge a complaint with a supervisory authority responsible for data protection. You may do so in the EU member state of your habitual residence, your place of work or the place of the alleged violation.
For EU Data Subjects, we rely on the following legal bases to process your personal information:
- The legal bases for the processing of information we obtain while you visit our Sites are the performance of a contract with respect to the use of our Sites (Art. 6 Para. 1 lit. b GDPR) and our legitimate interests (Art. 6 Para. 1 lit. f GDPR) in improving the performance of our Sites and the Services we offer.
- The legal bases for the processing of information we obtain through email messages or forms are your consent (Art. 6 Para. 1 lit. a GDPR) and our legitimate interests (Art. 6 Para. 1 lit. f GDPR).
- The legal bases for the processing of obtained information related to your interest in purchasing our products, attending our events, or otherwise obtaining our Services under contract are Art. 6 Para. 1 lit. b GDPR (steps at the request of the data subject prior to entering into a contract) or our legitimate interests (Art. 6 Para. 1 lit. f GDPR).
- The legal bases for the processing of information we obtain in the course of your account registration are performance of a contract (Art. 6 Para. 1 lit. b GDPR) and your consent (Art. 6 Para. 1 lit. a GDPR).
- The legal basis for the processing of information we obtain through your subscription to our e-mail alerts and/or newsletters is your consent (Art. 6 Para. 1 lit. a GDPR).
- The legal basis for the transmission of information to third-party contractors, agents, business partners, sales representatives, or service providers is performance of the contract (Art. 6 Para. 1 lit. b GDPR).
- The legal basis for the transmission of information to third parties in case we become involved in a sale or transfer of assets, bankruptcy, reorganization, dissolution, or any other transaction is our legitimate interest (Art. 6 Para. 1 lit. f GDPR) in preparing and executing the applicable measure.
- The legal basis for the transmission of information to our affiliates is performance of the contract (Art. 6 Para. 1 lit. b GDPR).
- The legal basis for the transmission of information to law enforcement, governmental agencies, or authorized third parties is the compliance with a legal obligation (Art. 6 Para. 1 lit. c GDPR).
- The legal basis for the transmission of information to our legal counsel and other consultants in connection with actual or potential litigation is our legitimate interest (Art. 6 Para. 1 lit. f GDPR) in receiving consulting services.
We will only send EU Data Subjects marketing emails or contact EU Data Subjects regarding marketing matters where they have agreed to this, such as by subscribing to our alerts, email lists, completing our contact forms or sending us email inquiries. As noted above, we may personalize the message content based upon any information you have provided to us and your use of the Sites and Services.
- Customer, distributor or agent: If you are a customer, distributor, or an agent, and you have entered into an agreement with the Cloud Foundry Foundation, your personal data are saved for as long as necessary in order for us to perform the agreement with you, e.g. until we have delivered the product or performed the Services that you have ordered. This does, however, not apply if we need to save your personal data for a longer period of time due to any of the reasons stated below.
- Communication: If you have contacted us, e.g. via email, your personal data will be stored as long as necessary for us to complete any request or handle any issue for which you contacted us.
- Legal obligation: We may retain personal data as long as necessary to comply with legal or accounting obligations.
- Direct marketing: We may process your personal data for direct marketing purposes, until you object to your personal data being used for such purposes.
With respect to transfers of personal data to third parties, we will ensure that your personal information is transferred to a country which according to the EU Commission has been designated as having an adequate level of protection, or if this is not the case, that the company or organization to which the information is transferred has joined a legal framework (such as the EU-US Privacy Shield), adopted binding corporate rules approved by a competent supervisory authority, or signed standard protection clauses adopted by the European Commission (known as “Standard Model Clauses”), or that any other legal grounds for such transfer in accordance with applicable privacy law is satisfied. You may contact us as stated herein to obtain further information on such transfers.
California Privacy Rights; Do Not Track
Section 1798.83 of the California Civil Code permits California residents to request from a business, with whom the California resident has an established business relationship, information related to the personal information disclosed by Cloud Foundry Foundation to third parties for direct marketing purposes and the names and addresses of the third parties with whom the business has shared such information during the immediately preceding calendar year. If you are a California resident, you may make one request each year by emailing Cloud Foundry Foundation at email@example.com or sending a letter to:
Cloud Foundry Foundation
1 Letterman Drive
Building D, Suite 4700
San Francisco, CA 94129
Please note that Cloud Foundry Foundation does not respond to “do not track” signals or other similar mechanisms intended to allow California residents to opt-out of Internet tracking under The California Online Privacy Protection Action. Cloud Foundry Foundation may track and/or disclose your online activities over time and across different websites to third parties when you use the Sites. Cloud Foundry Foundation and third-party advertising companies may track information concerning a user’s use of the Sites, such as a user’s IP address.
Retention of Your Information
Feedback, Questions, Contacting Cloud Foundry Foundation