Right To Be, Inc. (“Right To Be”, “we”, “our”, or “us”) is the owner and operator of the sites https://righttobe.org/ and https://stories.righttobe.org/ (the “Sites”). This Privacy Policy applies to the Sites and any other websites or services offered by us that reference or link to this Privacy Policy (collectively, the “Services”). “You” or “Your” refers to the person accessing the Services. This Privacy Policy provides important information regarding the collection, use, and disclosure of personal information collected on the Services when you register with, access, or use the Services.
This Privacy Policy is incorporated into and subject to the Terms of Use. Each time that you access or use the Services you signify that you agree to be bound by the Terms of Use and this Privacy Policy. IF YOU DO NOT AGREE WITH OUR POLICIES AND PRACTICES, DO NOT REGISTER WITH, ACCESS, OR USE THE SERVICES.
Information obtained from our business customers pursuant to our contractual arrangements (“Customer Data”) is subject to the privacy and data protection requirements set forth in those agreements and is processed at the direction of the respective business customer. If you have questions about Customer Data, please contact the relevant data controller for further assistance or contact [email protected] for help in identifying the appropriate contact.
- COLLECTION OF PERSONAL INFORMATION
“Personal information” is data that can be used to uniquely identify or contact a single person (directly or indirectly). We may collect the following kinds of personal information for members (verified and unverified) of the Services and for visitors who use the Services.
Information you provide directly to us.
Members. If you register as a member on the Services, we collect your name, email address, display name, password, and profile photo. If you are a verified member, you can view help requests and provide support on the Services. To become a verified member, you must link and connect a Twitter, LinkedIn, or other social media account to your account on the Services or have a current verified member recommend you. As a verified member, you may share details of a story of harassment, including whether you experienced such harassment or witnessed such harassment, the location of such harassment, the type of harassment experienced, the narrative of the harassment, a photo representing the experience of such harassment.
Journalists. If you are a verified member and a journalist, you can request a “journalist account” on the Services to allow for more specific and attentive support from other members. If we grant you a journalist account, you may be subject to additional moderation review and authentication.
Visitors and Others. Even if you do not use the Services as a member, you may still provide us information. We may use links throughout the Services to provide you with the opportunity to contact us via email to partner with us, ask questions, receive newsletters, and attend webinars. To do so, we may request additional personal information from you such as your name, email address, company/organization name, title, entity type, operating budget, phone number, company/organization’s physical address, and any other details you may provide. If you decide to donate to us, you will provide us with payment information such as the donation amount, donation frequency, payment method, and where a credit card is used, name, address, credit card number, expiration date, and credit card security.
Information we collect automatically.
We or our service providers may collect certain information automatically or passively when you use our Services, such as your Internet protocol (IP) address and other device identifiers that are automatically assigned to your computer or device when you access the Internet such as browser type, operating system, Internet service provider, pages that you visit before and after using the Services, the date and time of your visit, information about the links you click and pages you view within the Services, and other standard server log information. This information helps us manage, improve, and customize the Services.
We may use cookies, pixel tags, and similar technologies to automatically collect this information as further set forth in our cookie policy. Cookies are small bits of information that are stored by your computer’s web browser. Pixel tags are very small images or small pieces of data embedded in images, also known as “web beacons” or “clear GIFs,” that can recognize cookies, the time and date a page is viewed, a description of the page where the pixel tag is placed, and similar information from your computer or device. We may also use analytics software or providers (such as Google Analytics) to help us operate our business and the Services or administer activities on our behalf. Google Analytics is a web analytics service provided by Google, Inc. that uses cookies to help the Services analyze how users navigate the Services. The information generated by the cookie about your use of the Services (including your IP address) will be transmitted to and stored by Google in aggregate form. Google uses this aggregated information on our behalf in order to evaluate use of the Services, compile reports on Services activity and other services relating to activity and usage of the Services. You can learn more about Google Analytics and how to opt out here: https://tools.google.com/dlpage/gaoptout.
We may utilize a short-lived form of cookie when you visit the Services. A cookie is used to identify one unique visitor from another visitor during a particular session. A session is the period of active Services use while that unique visitor is linked to our server. We may use cookie technology during a session as a
tool to carry forward your input information. This enables the visitor to input their information once and have the information appear later. A pixel tag may tell your browser to get content from another server. We, or our service providers, may place cookies or similar files on your computer or other devices used to access the Services for security purposes, to facilitate Services navigation and to personalize your experience while visiting the Services.
- USE OF INFORMATION
We use payment information, such as credit card numbers, expiration date, and security codes, as necessary to complete a particular transaction such as a donation, or as otherwise required by law.
We use the personal information we collect for a variety of business purposes, depending on how you interact with the Services, including to:
- Share member-inputted stories of harassment and to facilitate commentary on such stories; • Assist partners in setting up local Right To Be sites;
- Assist members in setting up accounts with Right To Be;
- Sign up member or visitors for e-mail updates;
- Communicate support resources with members who have shared stories of harassment;
- Share anonymized member reports (e.g., narrative of a story of harassment, location of a story of a harassment) or non-personal aggregate data with third party researchers for research purposes or universities or legislators for advocacy purposes;
- Analyze the use of the Services and member data to understand and improve the Services;
- Customize the content you see when you use the Services – for example, location information is used to tag the location of a story of harassment reported by a member, which location may be edited by the member;
- Respond to your questions or requests;
- Do all things necessary to provide and administer the Services;
- Manage, protect, and improve the Services; and
- For any other purposes disclosed to you at the time we collect your information or pursuant to your consent.
III. DISCLOSURE OF INFORMATION
We want you to understand when and with whom we may share the information we collect.
- General Public. We may disclose information to the general public via the Services if you submit content in a public forum, such as stories of harassment or comments on such stories. If you choose to engage in public activities on the Services, you should be aware that any information you share there can be read, collected, or used by other users of these areas. You should use caution in disclosing personal information while participating in these areas. We are not responsible for the information you choose to submit in these public areas.
- Advocacy. We may disclose your anonymized information (e.g., location of harassment) to universities or legislators for advocacy purposes.
- Research. We may disclose your anonymized information to third party researchers (e.g., narrative of harassment) for research purposes.
- Service Providers. We may disclose your personal information to service providers that require access to your personal information for business purposes, to protect the security and integrity of the Services, to correct technical problems and malfunctions of the Services, to technically process your personal information, to provide the Services, or to take precautions against liability. We also may provide your personal information to service providers who provide services on our behalf, such as our website developer or analytics provider.
- Legal purposes. We may disclose information to other third parties as required to respond to subpoenas, court orders, legal process, law enforcement requests, legal claims or government inquiries, and to protect and defend the rights, interests, safety, and security of Right To Be, our affiliates, members, or the public. Such information disclosed includes any information disclosed or collected in connection with a member-inputted story of harassment, including the content of such story and the name and e-mail address of the member.
- Business transfers. We may share your information in connection with a substantial corporate transaction, such as the sale, merger, consolidation, asset sale, change in control, reorganization, or in the unlikely event of bankruptcy of our business.
- With your consent. We may share information for any other purposes disclosed to you at the time we collect the information or pursuant to your consent.
- Mobile Carriers. If you request the Services via a mobile device, your request will be transmitted via your mobile carrier’s network and your carrier may have access to it. Consult your carrier’s privacy policy for additional information.
- THIRD-PARTY SITES AND PLATFORMS
The Services may include links to third-party websites or services that we think may be of interest to you. Please note that these websites and services are independent from the Services and are not controlled by us. These links are made available to your as a convenience, and you agree to use these links at your own risk. If you access third-party services, such as Facebook, ShareThis, Google, or Twitter, through the Services to login to the Services or to share information about your experience on the Services with others, these third-party services may be able to collect information about you, including information about your activity on the Site, and they may notify your connections on the third-party services about your use of the Site, in accordance with their own privacy policies.
We may collect information including your email address, location, and other biographical information from such third-party websites or services. The information we receive from these third-party websites or services depends on your privacy settings. You should always review, and if you prefer, adjust your privacy settings on third-party websites and services before linking them to or interacting with them through the Services. You should always review, and, if you prefer, adjust your privacy settings on third party websites and services before linking or connecting them to the Services. We are not responsible for the content or privacy practices of other websites or platforms. Your use of such third-party websites or services, including using them to interact with the Services, will be subject to the third party’s privacy policy and terms of use.
- YOUR RIGHTS AND CHOICES
Your California Privacy Rights.
California Civil Code Section 1798.83 entitles California residents the right to request from a business with whom the California resident has an established business relationship which types of personal information, if any, concerning whether a business has disclosed personal information to any third parties for the direct marketing purposes by such third parties and the identities of the third parties with whom the business has shared such information in the mediately preceding calendar year. We do not currently share your personal information with third parties for direct marketing purposes by such parties and have not done so in the last 12 months. You may request more information by contacting us using the contact information at the bottom of this Privacy Policy.
Website Data Collection and “Do Not Track” Notices. Except as otherwise provided herein, we do not knowingly allow other parties to collect personal information about your online activities over time and across third-party websites when you use the Services. The Sites do not currently respond to browser based do not track signals. For more information on Do Not Track, please visit http://allaboutdnt.org.
Your Choices. If you need to correct, update, delete, or deactivate your personal information or change your contact information, please contact us at any time by sending an email to [email protected]. Please note that we may not be able to correct or update your personal information previously provided to us by third parties.
You may be able to refuse or disable cookies by adjusting your web browser settings. Because each web browser is different, please consult the instructions provided by your web browser (typically in the “help” section). If you do disable or opt out of receiving cookies, please be aware that some features and services on the Services may not work as intended and you may not have access to all of the features and services we may offer.
If you receive any promotional e-mail communication from us, you will be given the option to “unsubscribe” from receiving further e-mail communications from us at any time. Your option not to receive promotional and marketing material will not preclude us from corresponding with you, by email or otherwise, regarding your existing or past business relationships with us, and will not preclude us from accessing and viewing your personal information in the course of maintaining and improving the Services.
For individuals located in the European Economic Area or the United Kingdom, please also see the additional rights in Section VI. below.
- NOTICE TO INDIVIDUALS IN THE EEA OR UK
If you are engaging with the Services and are located in the European Economic Area or the United Kingdom, then this section VI. also applies to you.
Right To Be, Inc. is the data controller for members, journalists, and visitors of the Services. View the “Contact Us” section below for contact details. We are not the data controller for Customer Data processed on behalf of business customers.
Legal Bases for Processing. Your personal information may be used by us, our employees, service providers, and disclosed to third parties for the following purposes. For each of the purposes, we have set out the legal bases on which we use your personal information.
Purpose | Legal Bases |
Provide the Services to you | For our legitimate business interests, including to provide the Services to you and, depending on the circumstances, to perform a contract between you and us |
Communicate with you and to respond to questions that you have raised with us | For our legitimate business interests, including provision of the Services to you and, depending on the circumstances, to perform a contract between you and us |
Share member-inputted stories of harassment and to facilitate commentary on such stories | For our legitimate business interests, including provision of the Services to you and, depending on the circumstances, to perform a contract between you and us |
Sign up member or visitors for e-mail updates | With your consent |
Communicate support resources with members who have shared stories of harassment | For our legitimate business interests, including provision of the Services to you and, depending on the circumstances, to perform a contract between you and us |
Share anonymized member reports (e.g., narrative of a story of harassment, location of a story of a harassment) or non-personal aggregate |
For research purposes / public interests when information is anonymized |
data with third party researchers for research purposes or universities or legislators for advocacy purposes | |
Analyze the use of the Services and member data to understand and improve the Services | For our legitimate business interests, including provision of the Services or with your consent |
Customize the content you see when you use the Services | For our legitimate business interests, including provision of the Services to you or with your consent |
Manage, protect, and improve the Services | For our legitimate business interests, including fraud prevention and security |
Where we rely on the legitimate interests of Right To Be or those legitimate interests of a third party to justify the purposes for using your personal information, this will include the commercial interests of Right To Be relating to improvement and development of our business operations and service offerings, or those of a third party; or protection of our business, employees, or those of a third party.
Categories of Recipients. View Section III (Disclosure of Information) for the categories of recipients with whom we share personal information.
Data Retention. We will retain your personal information for as long as is necessary for purposes for which it was collected. The precise period will depend on the reason why it was collected. Those periods are also based on the requirements of applicable laws, applicable legal and regulatory requirements and periods relating to the commencement of legal actions.
Your Rights. The following is a summary of the data protection rights available to individuals in the European Economic Area and the United Kingdom in connection with their personal information. The rights may only apply in certain circumstances and are subject to certain exemptions. Please see the list below for a summary of your rights. You can exercise these rights using the contact details at the end of this Privacy Policy (see “Contact Us” below).
- Right of access to your personal information – You have the right to receive a copy of your personal information that we hold about you, subject to certain exemptions.
- Right to rectify your personal information – You have the right to ask us to correct your personal information that we hold where it is incorrect or incomplete.
- Right to erasure of your personal information – You have the right to ask that your personal information be deleted in certain circumstances. For example (i) where your personal information is no longer necessary in relation to the purposes for which they were collected or otherwise used; (ii) if you withdraw your consent and there is no other legal ground for which we rely on for the continued use of your personal information; (iii) if you object to the use of your personal information (as set out below); (iv) if we have used your personal information unlawfully; or (v) if your personal information needs to be erased to comply with a legal obligation.
- Right to restrict the use of your personal information – You have the right to restrict our use of your personal information in certain circumstances. For example (i) where you think your personal information is inaccurate and only for such period to enable us to verify the accuracy of your personal information; (ii) the use of your personal information is unlawful and you oppose the erasure of your personal information and request that it is suspended instead; (iii) we no longer need your personal information, but your personal information is required by you for the establishment, exercise, or defense of legal claims; or (iv) you have objected to the use of your personal information and we are verifying whether our grounds for the use of your personal information override your objection.
- Right to data portability – You have the right to obtain your personal information in a structured, commonly used and machine-readable format and for it to be transferred to another organization, where it is technically feasible. The right only applies where the use of your personal information is based on your consent or for the performance of a contract, and when the use of your personal information is carried out by automated (i.e. electronic) means.
- Right to object to the use of your personal information – You have the right to object to the use of your personal information in certain circumstances. For example (i) where you have grounds relating your particular situation and we use your personal information for our legitimate interests (or those of a third party); and (ii) if you object to the use of your personal information for direct marketing purposes.
- Right to withdraw consent – You have the right to withdraw your consent at any time where we rely on consent to use your personal information.
- Right to complain to the relevant data protection authority – You have the right to complain to the relevant data protection authority where you think we have not used your personal information in accordance with data protection law.
If you are located in the EEA or UK and you believe we are unlawfully processing your personal information, you also have the right to complain to your local data protection supervisory authority. You can find their contact details here: https://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.htm.
VII. SECURITY
We use reasonable measures to help protect information from loss, theft, misuse and unauthorized access, disclosure, alteration and destruction. You should understand that no data storage system or transmission of data over the Internet or any other public network can be guaranteed to be 100 percent secure. Please note that information collected by third parties may not have the same security protections as information you submit to us, and we are not responsible for protecting the security of such information.
VIII. NOTICE TO RESIDENTS OF COUNTRIES OUTSIDE THE UNITED STATES
We are headquartered in the United States and the Services are hosted in the United States. If you are accessing the Services from outside the United States, be advised that any information you provide to us will be transferred to and stored in the United States and that by providing your information to the Services, you understand that your personal information will be transferred to and stored in the United States for processing and maintenance in accordance with this Privacy Policy and our Terms of Use. If we transfer personal information outside the European Economic Area or the United Kingdom, we will implement appropriate and suitable safeguards to ensure that such data will be protected as required by applicable data protection law. For further information as to the safeguards we implement please contact [email protected].
- CHANGES TO THE PRIVACY POLICY
We may change this Privacy Policy from time to time as technology changes, or as we add new services or change existing ones. The most recent version of the Privacy Policy will be posted on the Services, with the “Last Updated” date posted at the top of the Privacy Policy. If we are going to use any personal information in a manner that is materially different from that stated in this Privacy Policy at the time we collected such information, we will post a notice on our home page that the Privacy Policy has been modified and provide a link to the revised Privacy Policy and notify you if required by applicable law. Any changes to the Privacy Policy will become effective upon posting of the revised policy. By accessing the Services after the Effective Date, you are deemed to consent to our then-current Privacy Policy and any such changes.
- CHILDREN’S DATA
The Services are not intended for children under the age of 13, nor do we knowingly collect or retain information in connection with the Services from children under the age of 13. If we learn that we have collected the personal information of any such individual, we will take steps to delete the information as soon as possible.
- CONTACT US
If you have any questions about this Privacy Policy, or the privacy practices of the Services, please contact us at [email protected] or by mail to: 30 3rd Ave, Brooklyn, NY 11217.
EFFECTIVE DATE: NOVEMBER 16, 2016
UPDATED: JULY 28 2023