Last updated: September 14, 2023
The Clooney Foundation for Justice (“CFJ,” “we,” or “us”) has created this privacy notice to explain how we collect, use and disclose personal information, including our practices for information that we collect through our websites, email messages that we send to you that link to this notice, and other communications with you, including those delivered through online forms; and offline interactions you have with us (collectively, our “Sites”). In these instances, CFJ is the controller responsible for your personal information.
CFJ may modify this policy from time to time to reflect changes in our practices and applicable law, so we encourage you to check this page when revisiting our Sites. If at any time you have questions about this notice, please let us know by contacting us at the information listed below in the section titled, “Contact Us.”
This notice may be supplemented by a supplemental privacy notice applicable to a particular interaction with us, which may either be embedded in this notice or made available separately to you. We will tell you when a supplemental privacy notice applies.
Collection of Personal Information
CFJ may need to collect personal information to provide the Sites and/or requested services to you. It is your choice whether to provide this data, however, if you do not provide the information requested, we may not be able to provide the services. When you submit any online forms, email us, or take other actions on our Sites, we may ask you to give us certain information, such as your name, address, telephone number and/or email address. Not every use of our Sites or pages requires the same information from you.
We may also obtain personal information about you from outside sources, including your company/organization, professional references, publicly available sources, and other third parties and add it to or combine it with the information we collect through our Sites.
Collection of Other Information
In addition to personal information, CFJ and our service providers may collect certain other information that does not reveal your specific identity or does not directly relate to an identifiable individual automatically, including browser information, Media Access Control (MAC) address, computer type, screen resolution, operating system information, type, name and version of services (such as an app) you are using and information that has be aggregated in such a manner that it no longer reveals your specific identity (“Other Information”). We may use and disclose Other Information for any purpose, except where we are required to do otherwise under applicable law. If we are required to treat Other Information as personal information under applicable law, we may use and disclose it for the purposes for which we use and disclose personal information as detailed in this notice. In some instances, we may combine Other Information with personal information. If we do, we will treat the combined information as personal information as long as it is combined.
Personal Information You Provide About Others
Please do not provide us with personal information about others unless you are authorized or required to do so by contract or applicable law. You may provide personal information on behalf of another person if you have provided them with a copy of this notice (and any applicable supplemental privacy notice) and obtained their explicit consent where this is required. We may ask you to provide evidence of that notice and consent, if applicable.
How We Use Your Personal information
We and our service providers use personal information only where you have given your consent for one or more specific purposes, where it is necessary to perform a contract to which you are a party, it is necessary for legitimate business interests and your interests and fundamental rights do not override those interests, it is necessary to protect the vital interests of you or another natural person, or it is necessary to comply with a legal obligation. These uses include use to operate our Sites, send news and information to you about CFJ, to solicit your participation in CFJ programs, events, and activities, to fulfil your requests, and obtain and confirm RSVPs to events and programs. We use your email address to send such information by email and may use your telephone number to call you for these purposes.
We and our service providers may also use your personal information for the following legitimate purposes:
- For data analysis, for example, to improve the efficiency of our Sites.
- For audits, to verify that our internal processes function as intended and to address legal, regulatory, or contractual requirements.
- For fraud prevention and fraud security monitoring purposes, for example, to detect and prevent cyberattacks or attempts to commit identity theft.
- For developing new platforms and services.
- For enhancing, improving, repairing, maintaining, or modifying our current platforms and services, as well as undertaking quality and safety assurance measures.
- For identifying usage trends, for example, understanding which parts of the website is of most interest to users.
- For operating and expanding our activities, for example, understanding which parts of our Sites are of most interest to our users so we can focus our energies on meeting our users’ interests.
We engage in these activities to manage our contractual relationship with you, to comply with a legal obligation, and/or based on our legitimate interest.
We may aggregate and/or anonymize personal information so that it will no longer be considered personal information. We do so to generate other data for our use, which we may use and disclose for any purpose, as it no longer relates to you or any other individual.
Additional purposes for use of your personal information may be described in a supplemental privacy notice.
CFJ will never sell your email address or any of your personal information to any other person or organization, for any purpose. If you decide to purchase tickets to an event or to make a contribution, we may ask for your credit card information. That information is used solely for processing your contribution; is not maintained by our organization; and is never disclosed to anyone, for any other purpose other than for processing your transaction, under any circumstances.
How We Store and Protect Information You Provide
We seek to use reasonable and appropriate organizational, technical, and administrative measures to protect the information under our control. We may also allow employees and service providers around the world access to personal information as provided in this notice. If your personal information is subject to the General Data Protection Regulation (GDPR), UK GDPR, or other applicable privacy laws, we will seek to ensure your legal rights and protections travel with any such transfer of your data as required by applicable law.
Unfortunately, no data transmission or storage system can be guaranteed to be 100% secure. If you have reason to believe that your interaction with us is no longer secure, please immediately notify us in accordance with the “Contact Us” section below.
We may require you to create and use a password to access our learning management system. Those passwords should be strong to help ensure the security of your account.
If we learn of a data security incident that affects your personal information, we may attempt to notify you via email, mail, telephone, or any other means permitted by law so that you can take appropriate protective steps. We may also post a notice if a data security incident occurs.
We will retain your personal information for the period necessary to fulfill the purposes outlined in this Privacy and Cookies Notice unless a longer retention period is required or permitted by law, for example, for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements.
The criteria used to determine our retention periods include (i) the length of time we have an ongoing relationship with you and provide the Sites and related services to you (for example, for as long as you have an account with us or keep using the Sites); (ii) whether there is a legal obligation to which we are subject (for example, certain laws require us to keep records of your transactions for a certain period of time before we can delete them); or (iii) whether retention is advisable in light of our legal position (such as in regard to applicable statutes of limitations, litigation or regulatory investigations).
Where a legal obligation arises or retention is advisable in light of our legal position, in some circumstances, we will retain certain personal information, even after your account has been deleted and/or we no longer provide the services to you, for example:
To cooperate with law enforcement or public, regulatory and government authorities: If we receive a preservation order or search warrant, related to your account, we will preserve personal information subject to such order or warrant after you delete your account.
To pursue or defend a legal action: We may retain relevant personal information in the event of a legal claim or complaint, including regulatory investigations or legal proceedings about a claim related to your personal information, or if we reasonably believe there is a prospect of litigation (whether in respect of our relationship with you or otherwise) for up to 10 years after the dispute has been settled or decided by a court or tribunal from which there is no further right of appeal.
In some circumstances we will anonymize your personal information (so that it can no longer be associated with you) for research or statistical purposes, in which case we may use this information indefinitely without further notice to you.
Jurisdiction and Cross-Border Transfer
Your personal information may be stored and processed in any country where we have facilities or in which we engage service providers, and by using the Sites you understand that your personal information will be transferred to countries outside of your country of residence, including the United States, which may have data protection rules that are different from those of your country. In certain circumstances, courts, law enforcement agencies, regulatory agencies or security authorities in those other countries may be entitled to access your personal information.
Additional Information Regarding the European Economic Area (EEA) and the UK: Where this will involve transferring your personal information outside the UK and/or EEA, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:
- Adequacy Decisions: Some non-EEA countries are recognized under the UK GDPR and by the European Commission as providing an adequate level of data protection according to EEA standards (the full list of these countries is available here: https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/adequacy-protection-personal-data-non-eu-countries_en
- Standard Contractual Clauses: For transfers of personal information from the UK and/or EEA to countries, which are not considered adequate under the UK GDPR and/or by the European Commission, we have put in place standard contractual clauses adopted under the UK GDPR and/or by the European Commission to protect your personal information. You may obtain a copy of these measures by contacting us in accordance with the “Contact Us” section below.
Unless we request it, we ask that you not send us, and you not disclose, any sensitive personal information (e.g., social security numbers, information related to racial or ethnic origin, political opinions, religion or other beliefs, health, biometrics or genetic characteristics, criminal background, or trade union membership) on or through the Sites or otherwise to us.
Links to Other Websites
Our Sites may link to third-party websites. We are not responsible for the content or privacy policies of third-party sites. We encourage you to read the privacy policies and review the practices of all websites you visit.
Other Uses and Disclosure of Your Information
Though we make every effort to preserve user privacy, we may need to disclose personal information when we have a good-faith belief that release is appropriate to comply with the law, including laws outside of your country of residence (for example, a lawful subpoena), to cooperate with public and government authorities, to cooperate with law enforcement, to protect our rights or property, or to protect our donors, artists, and supporters from fraudulent, abusive, or unlawful conduct, if we reasonably believe that an emergency involving immediate danger of death or serious physical injury to any person requires disclosure of communications or justifies disclosure of records without delay, or in connection with a sale or business transaction (i.e., where we have a legitimate interest in disclosing or transferring your personal information to a third party in the event of any reorganization, merger, sale, joint venture, assignment, transfer, or other disposition of all or any portion of our business, assets, or stock (including in connection with any bankruptcy or similar proceedings)).
We disclose personal information to our third-party service providers, to facilitate services they provide to us. These can include providers of services such as website hosting, data analysis, fraud prevention, information technology and related infrastructure provision, email delivery, and other services.
Finally, we may ask for your consent to share your information in other ways.
Your Rights and Choices
If you would like to request to access, correct, update, suppress, restrict, or delete personal information, object to or opt out of the processing of personal information, or if you would like to request to receive a copy of your personal information for purposes of transmitting it to another company (to the extent these rights are provided to you by applicable law), you may contact us in accordance with the “Contact Us” section below. We will respond to your request consistent with applicable law.
In your request, please make clear what personal information you would like to have changed or whether you would like to have your personal information suppressed from our database. For your protection, we may only implement requests with respect to the personal information associated with the particular email address that you use to send us your request, and we may need to verify your identity before implementing your request. We will try to comply with your request as soon as reasonably practicable.
Please note that we may need to retain certain information for recordkeeping purposes and/or to complete any transactions that you began prior to requesting a change or deletion.
Special Notice for Parents
We want to help you guard your children’s privacy. We encourage you to talk to your children about safe and responsible use of their personal information while using the Internet. CFJ does not knowingly collect, use, or distribute children’s personally identifiable information. If you have any reservations, questions, or concerns about your child’s possible access to this site, please contact us.
How to Unsubscribe or Opt Out
People who subscribe to email lists via cfj.org will receive periodic updates from CFJ by regular mail, fax and/or email. You may opt out of receiving future information via email by using the unsubscribe procedure specified on the email message or by emailing us at the contact information below.
How We Notify You About Changes of this Privacy Notice
We may revise and update this privacy notice if we change our practices, add new site features, or change existing site features. We will post notice to this site of any substantive changes to our privacy notice. The “Last Updated” legend at the top of this privacy notice indicates when this privacy notice was last revised. Any changes will become effective when we post the revised privacy notice on the Sites.
The Clooney Foundation for Justice, with our mailing address located at:
Clooney Foundation for Justice
Mailing Address: 4768 Broadway, #947
New York, New York 10034 USA
Email: [email protected]
FEIN No. 81-3006634
is the company responsible for collection, use, and disclosure of your personal information under this privacy notice.
Because email communications are not always secure, please do not include credit card or other sensitive information in your emails to us.
Additional information Regarding the EEA
You may also lodge a complaint with an EU/EEA data protection authority for your country or region where you have your habitual residence or place of work or where an alleged infringement of applicable data protection law occurs. A list of data protection authorities is available at http://ec.europa.eu/newsroom/article29/item-detail.cfm?item_id=612080.