Effective Date: July 19, 2018
HOW TO CONTACT US
You may contact Mansueto Ventures directly if you have any question regarding the Services or our privacy practices. Please send your query to privacyofficer[at]mansueto.com or Privacy Officer, Mansueto Ventures, 7 World Trade Center, New York, NY 10007.
INFORMATION WE COLLECT
We provide various informational, educational, and entertainment features as part of the Services. To operate these features, we collect information from our Users. The types of information that Mansueto collects depends on the purpose for which each User chooses to use the Services.
We use the information we collect from Users to provide more meaningful editorial and advertising content and to offer relevant products and services, as well as to maintain, protect and improve Users’ overall experience.
- When a User subscribes to one or both of the Magazines, Mansueto may collect the name, email address and postal service address of the subscriber and, if a gift subscription, of the purchaser.
- When a User creates an account to use a premium service, Mansueto may collect name, title, company name, email address, and postal address.
- When a User registers for a live event or conference, Mansueto may collect name, title, company name, gender, age, email address, and postal address.
- When a User enters an awards program, Mansueto may collect name, title, company name, email address, and postal address as well as other information about the User’s activities,
- When a User enters a survey, contest, or sweepstakes, which is an entirely voluntary act, Mansueto may collect name, title, company name, email address, and postal address as well as other information about the User’s interests
- When a User submits a request for support, Mansueto may collect the following types of information: name, telephone number, email address and other information that the User chooses to give us to respond to the support request.
- When you connect with us through a social media platform, we may, depending on your privacy settings, receive some information from your social media account.
When you use the Services, we use collect information about which features you’ve used, how you’ve used them and the devices you use to access the Services. Depending on the settings of a User’s computer or mobile device (“Device“), Mansueto also automatically collects: Internet Protocol (IP) address; MAC address; Device make, model and operating system version; mobile network information; internet service provider; browser type and language; country and time zone in which the Device is located; and metadata stored on the Device. This information is collected through cookies and other tracking tools. (For more information about cookies, please see below [and our Cookie Notice].)
Mansueto may supplement the information you provide to us with information from other sources. All of this information is treated as personal information when it directly or indirectly identifies an individual User.
HOW WE USE INFORMATION
We use information to operate the Services, including:
To administer your account and provide the Services to you
- Create and manage your account
- Provide you with customer support and respond to your requests
- Communicate with you about the Services
To inform you about offers and events
- Develop, display and track content and advertising tailored to your interests on the Services and other websites
- Communicate with you by email, phone, social media or mobile device about products or services that we think may interest you
- The information collected in conjunction with events may also be used for the marketing of additional services and events by us and/or our promotional partners and sponsors beyond the contest, sweepstakes and/or special event. Depending on the event, Users either grant their approval on how their information is used before it is collected (‘opt-in’), or choose to deny use of their information for additional purposes (‘opt-out’).
To improve the Services and develop new ones
- Administer focus groups and surveys
- Conduct research and analysis of Users’ behavior to improve the Services
- Develop new features and services.
To prevent, detect and fight fraud or other illegal or unauthorized activities
- Address ongoing or alleged fraud or other misbehavior on or though the Services
- Analyze data to better understand and design countermeasures against fraud
- Retain data related to fraudulent activities to prevent against recurrences
To ensure legal compliance
- Comply with legal requirements
- Assist law enforcement
- Enforce or exercise our rights, for example our Terms of Service
- Legitimate interests: We may use your information where we have legitimate interests to do so. For example, we analyze our Users’ behavior to improve the Services, to prevent and detect fraud and misuse, and to market the Magazines to you.
- Consent: From time to time, we may ask for your consent to use your information. You may withdraw your consent at any time by contacting us using the contact information provided above.
USE AND COLLECTION OF INFORMATION BY OPERATIONAL PROVIDERS
HOW WE SHARE INFORMATION
With our operational providers and partners
We also provide co-branded services or promotions with certain sponsors or other business partners. As a part of these services or promotions, we may request the submission of your personal information for participation and/or registration. We share this information with the sponsor or partner participating in the service or promotion. If the sponsor or partner collects your personal information, they may also share your information with us.
With our affiliates
We share your information with our affiliates to help us with technical processing operations, such as data hosting and maintenance, customer care, marketing and targeted advertising, better understanding how the Services are used and Users’ behavior to improve the Services, securing our data and systems, fighting against spam, abuse, fraud and intellectual property infringement.
For corporate transactions
We may transfer your information if we are involved, whether in whole or in part, in a merger, sale, acquisition, divestiture, restructuring, reorganization, dissolution, bankruptcy or other change of ownership or control.
When required by law
Applicable law may require us and our service providers to disclose your information if: (i) reasonably necessary to comply with a legal process, such as a court order, subpoena or search warrant, government investigation or other legal requirements; or (ii) necessary for the prevention or detection of crime (subject in each case to applicable law).
To enforce legal rights
We may also share information: (i) if disclosure would mitigate our liability in an actual or threatened lawsuit; (ii) as necessary to protect our legal rights and legal rights of our users, business partners or other interested parties; (iii) to enforce our agreements with you; and (iv) to investigate, prevent, or take other action regarding illegal activity, suspected fraud or other wrongdoing.
With your consent or at your request
We may ask for your consent to share your information with third parties. When we do, we will make clear why we want to share the information.
We may collect and provide aggregate information about our Users (such as how many persons visited a particular page or activity or the likes and dislikes of our Users) to our advertisers, sponsors, promotional partners and affiliates but this aggregated information does not include personal information about any individual User.
The Websites also use clear GIFs [Graphics Interchange Formats] (also known as pixel tags, web beacons or web bugs). A clear GIF is computer code that contains a unique identifier that enables us to monitor user activity and traffic of the Websites. We use GIFs to gather aggregate information on visits to our Websites, track usage of Website links and assist with registration and other features.
USE AND COLLECTION OF INFORMATION BY ADVERTISERS AND SPONSORS; THIRD PARTY COOKIES AND TRACKING TOOLS
We use third-party advertising companies to serve ads on the Websites. These advertising companies may collect and use information (not including your name, address, e-mail address or telephone number) about your visits to the Websites and other websites not owned and operated by us, and may also combine this information with other data about your purchases and interests from other online and offline sources, in order to provide advertisements about goods and services that may interest you (as inferred from your online activity).
We also share usage information about Users of the Websites with these companies for the purpose of managing and targeting advertisements and for market research analysis on the Websites and other websites. For these purposes, we and our third party advertising companies may note some of the pages you visit on the Websites through the use of GIFs. In the course of serving advertisements to the Websites, our third party advertisers may place or recognize a unique ‘cookie’ on your computer. The Websites may post banner ads and other forms of advertisements, and/or links to the websites of affiliate entities or of advertisers or sponsors who are companies that are not owned or operated by us, or our affiliates or subsidiaries. These entities may independently solicit and collect personal information, or send their own cookies and/or clear GIFs to our Users. The data collected is used in order to provide advertisements about goods and services that may be of interest to Users of the Websites and other interactive media and may be used to keep track of user response to each advertisement. We also work with third-party data analytics and online targeting companies. Some of these companies may use non-personal information (not including your name, address, email address or telephone number) about your visits to the Websites and other websites in order to provide data and targeting recommendations based on which we may provide advertisements about goods and services of interest to you.
Many of the third-party companies we work with are members of the Network Advertising Initiative (NAI), a cooperative on online marketing and analytics companies committed to building consumer awareness and establishing responsible business and data management practices. The NAI has developed a tool that allows consumers to opt out of targeted advertising delivered by NAI members’ ad networks. To learn more about opting out of targeted advertising or to use the tool, go to http://optout.networkadvertising.org/.
Following are the names and websites of some of the other companies who may set cookies on the Websites to serve or present the ads that appear on the Websites and to conduct research about the advertisements. You may learn about opting out of their targeted advertising programs by going to their respective websites.
Brightcove – www.brightcove.com/privacy
Casale Media – www.casalemedia.com/privacy.html
Clearspring – www.clearspring.com/legal/privacy
Collective Media – www.collective-media.com/privacy
Context Web – www.contextweb.com/ppolicy.html
DrivePM – www.drivepm.com/privacy-policies.php
Dynamic Logic – www.dynamiclogic.com/na/company/privacypolicy
Eyeblaster – www.eyeblaster.com/privacy.asp
Eyewonder – www.eyewonder.com/privacy.php
Google Analytics – www.google.com/intl/en_ALL/privacy.html
Hitwise – www.hitwise.com/other/privacy-policy.php
InsightExpress – www.insightexpress.com/main.asp?pageID=143
Interpolls – www.interpolls.com/privacy.html
Jupiter Media Metrix – www.internet.com/corporate/privacy/privacypolicy.html
Mediaplex – www.mediaplex.com/mojo_privacy_statement.shtml
Millward Brown IntelliQuest – www.millwardbrown.com/Sites/millwardbrown/Content/Global/TermsAndConditions.aspx
Omniture – www.omniture.com/en/privacy/policy#optout
Pointroll – www.pointroll.com/privacy-policy.aspx
Quantcast – www.quantcast.com/docs/privacy
Quigo – www.quigo.com/privacy.htm
Unicast – www.unicast.com/privacy-policy.aspx
Vizu – answers.vizu.com/privacy-policy.htm
HOW WE PROTECT AND RETAIN INFORMATION
We use physical, technical and organizational measures designed to protect your information against unauthorized access, theft and loss. We restrict access to your personal information to those employees who need to know that information to service your account or perform their job functions.
Although we takes precautions intended to help protect information that we process, no system or electronic data transmission is completely secure. Any transmission of your personal data is at your own risk and we expect that you will use appropriate security measures to protect your personal information.
You are responsible for maintaining the security of your account and the information in your account. We may suspend your use of all or part of the Services without notice if we suspect or detect any breach of security. You understand and agree that we may deliver electronic notifications about breaches of security to the email address on record on your account.
If you believe that your account or information is no longer secure, please notify us immediately at privacyofficer[at]mansueto.com.
The criteria used to determine our retention periods include:
- The length of time we have an ongoing relationship with you and provide services to you (for example, for as long as you have an account with us or keep using the Websites);
- Whether there is a legal obligation to which we are subject (for example, certain laws require us to keep records of your transactions for a certain period of time before we can delete them)
- Whether retention is advisable; and considering our legal position (such as, for statutes of limitations, litigation or regulatory investigations).
CROSS BORDER DATA TRANSFERS
Sharing of information sometimes involves cross-border data transfers to or from the United States of America and other jurisdictions. For example, where the Services are available to Users in the European Economic Area (“EEA”), personal information is transferred to the United States. We use the EU-US and Swiss-US Privacy Shield and standard contractual clauses approved by the European Commission to validate transfers of EEA residents’ personal information from the EEA to other countries. For more information about our Privacy Shield certification, please read the PRIVACY SHIELD section below. Standard contractual clauses are commitments between companies transferring personal information of EEA residents to protect the privacy and security of the transferred personal information.
YOUR CHOICES ABOUT YOUR INFORMATION
If you would like to review, correct, update, suppress, restrict or delete personal information (including Personal Data as defined in the PRIVACY SHIELD section below) that you have previously provided to us, or if you would like to receive an electronic copy of your personal information for purposes of transmitting it to another company (if this right to data portability is provided to you by law), you can contact us at privacyofficer[at]mansueto.com or by mail to Mansueto Ventures LLC, 7 World Trade Center, New York NY 10007 USA
In your request, please make clear what personal information you would like to have changed, whether you would like to have your personal information suppressed from our database, or other limitations you would like to put on our use of your personal information. For your protection, we only fulfill requests for the personal information associated with the particular email address that you use to send us your request, and we may need to verify your identity before fulfilling your request. We will try to comply with your request as soon as reasonably practicable.
If you are an EEA resident, you have the right to lodge a complaint with a data protection authority about how we process your personal information. Please also see the PRIVACY SHIELD section below.
Mansueto Ventures respects the privacy of your child and we want to share with you our policies regarding children under the age of thirteen (13). Although Users of all ages may navigate through the Services, we do not knowingly collect personal information from anyone under age thirteen (13). If we learn that a child under age thirteen (13) has improperly provided us with information, we will notify the child’s parent or legal guardian and thereafter delete the child’s personal information from our records.
YOUR CALIFORNIA PRIVACY RIGHTS
If you are a California resident, you can request a notice disclosing the categories of personal information about you that we have shared with third parties for their direct marketing purposes during the preceding calendar year. To request this notice, please submit your request to Privacy Officer, Mansueto Ventures, 7 World Trade Center, New York, NY 10007 or privacyofficer[at]mansueto.com. Please allow 30 days for a response.
LINKS TO OTHER WEBSITES AND SERVICES
Mansueto Ventures complies with the EU-U.S. Privacy Shield Framework and Swiss-U.S. Privacy Shield Frameworks (together “Privacy Shield Frameworks“) as set forth by the U.S. Department of Commerce regarding the collection, use and retention of Personal Data (as defined below) transferred from European Union member countries and Switzerland to the United States. Mansueto Ventures has certified that it adheres to the Privacy Shield Principles with respect to such Personal Data. If the policies in this Privacy Shield Policy and the data subject rights under the Privacy Shield Principles conflict, the Privacy Shield Principles shall govern.
To learn more about the Privacy Shield program and to view our certification page, please visit https://www.privacyshield.gov.
With respect to Personal Data received or transferred pursuant to the Privacy Shield Frameworks, Mansueto Ventures is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission.
In this PRIVACY SHIELD section:
“Personal Data” means any information relating to a EU User that identifies or can be used to identify that EU User, either separately or in combination with other readily available data that is received by Mansueto Ventures in the U.S. from the EEA or Switzerland in connection with the Services, including information provided offline, including Sensitive Personal Data.
“Sensitive Personal Data” means Personal Data regarding an individual’s racial or ethnic origin, political opinions, religious or philosophical beliefs, trade-union membership, genetic or biometric data that uniquely identifies an individual, physical or mental health, or sexual life or orientation.
“EU User” means an individual who accesses and uses the Services and who resides in the EEA or Switzerland.
Privacy Shield Principles
Mansueto Ventures commits to processing Personal Data in accordance with the Privacy Shield Principles as follows:
Prior to collecting Personal Data, Mansueto Ventures notifies EU Users about the categories of Personal Data that Mansueto Ventures collects and the purposes for collection and use of their Personal Data. Mansueto Ventures will only process Personal Data in ways that are compatible with the purpose for which Mansueto Ventures collected it or for purposes later authorized.
Please see the YOUR CHOICES ABOUT YOUR INFORMATION section above for more information about how to exercise your choices.
Accountability for Onward Transfer
Mansueto Ventures shares Personal Data collected through the Services as described above.
If Mansueto Ventures transfers Personal Data to a third party, Mansueto Ventures takes reasonable and appropriate steps to ensure that each third party transferee processes Personal Data transferred in a manner consistent with Mansueto Venture’s obligations under the Privacy Shield Principles. Mansueto Ventures will ensure that each transfer is consistent with any notice provided to EU Users and any consent they have given. Mansueto Ventures requires a written contract with any third party receiving Personal Data that ensures that the third party (i) processes the Personal Data for limited and specified purposes consistent with any consent provided by EU Users, (ii) provides at least the same level of protection as is required by the Privacy Shield Principles, (iii) notifies Mansueto Ventures if it cannot comply with Privacy Shield; and (iv) ceases processing Personal Data or takes other reasonable and appropriate steps to remediate.
As noted above, under certain circumstances, Mansueto Ventures may be required to disclose Personal Data in response to valid requests by public authorities, including for national security or law enforcement requirements.
Mansueto Ventures remains liable under the Privacy Shield Principles if an agent processes Personal Data in a manner inconsistent with the Principles unless Mansueto Ventures is not responsible for the event giving rise to the damage.
Mansueto Ventures takes appropriate measures to protect Personal Data from loss, misuse and unauthorized access, disclosure, alteration, unavailability and destruction. In determining these measures, Mansueto Ventures takes into account the risks involved in the processing and the nature of the Personal Data.
Data Integrity and Purpose Limitation
Mansueto Ventures takes reasonable steps to ensure that such Personal Data is reliable for its intended use, accurate, complete and current. Mansueto Ventures adheres to the Privacy Shield Principles for as long as it retains Personal Data in identifiable form. Mansueto Ventures takes reasonable and appropriate measures to comply with the requirement under the Privacy Shield to retain Personal Data in identifiable form only for as long as it serves a purpose of processing.
Mansueto Ventures limits the collection of Personal Data to information that is relevant for processing. Mansueto Ventures does not process Personal Data in a way that is incompatible with the purpose for which it was collected or subsequently authorized by an EU User.
A EU User has the right to access his or her Personal Data and to correct, amend, limit use of or delete the Personal Data if the Personal Data is inaccurate or processed in violation of the Privacy Shield Principles. Mansueto Ventures is not required to grant the rights to access, correct, amend and delete Personal Data if the burden or expense of providing access, correction, amendment or deletion is disproportionate to the risks to the EU User’s privacy or if the rights of persons other than the EU User are or could be violated.
Please see the YOUR CHOICES ABOUT YOUR INFORMATION section above for more information about how to exercise your choices.
Recourse, Enforcement, and Liability
In compliance with the Privacy Shield Principles, Mansueto Ventures commits to resolve complaints about your privacy and our collection or use of your Personal Data transferred to the United States pursuant to Privacy Shield. European Union and Swiss individuals with Privacy Shield inquiries or complaints should first contact Mansueto Ventures at PrivacyOfficer[at]mansueto.com.
Mansueto Ventures has further committed to refer unresolved privacy complaints under the Privacy Shield Principles to an independent dispute resolution mechanism, the BBB EU PRIVACY SHIELD, operated by the Council of Better Business Bureaus. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit http://www.bbb.org/EU-privacy-shield/for-eu-consumers for more information and to file a complaint. This service is provided free of charge to you.
If your Privacy Shield complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms. See Privacy Shield Annex 1 at www.privacyshield.gov/article?id=ANNEX-I-introduction.
Mansueto Ventures commits to periodically review and verify its compliance with the Privacy Shield Principles and to remedy any issues arising out of failure to comply with the Privacy Shield Principles. Mansueto Ventures acknowledges that its failure to provide an annual self-certification to the U.S. Department of Commerce will remove it from the Department’s list of Privacy Shield participants.