CGRE uses the Privacy Policy of Rockefeller Philanthropy Advisors, our fiscal sponsor.
Rockefeller Philanthropy Advisors (“RPA” or “We”) respect your privacy and are committed to handling your personal information in a safe and responsible manner and protecting it through our compliance with this Privacy Policy (“Policy”).
It is important that you read this Policy, together with any other privacy or fair processing policy we may provide on specific occasions when we are collecting or processing your personal information, so that you are fully aware of how and why we are using your personal information.
This Policy describes the types of personal information we may collect from you or that you may provide when you visit the website www.rockpa.org (our “Website“), and our practices for collecting, using, maintaining, protecting, and disclosing that information.
“Personal information” is information from which you or other individuals can be identified.
We collect several types of personal information from and about users of our Website, including information about:
We also collect your personal information through our use of automatic data collection technologies – see further in the “Automatic Data Collection Technologies” section below.
We may also collect or receive personal information about you from various third parties and public sources, including but not limited to:
We collect your personal information directly from you when you provide it to us. This will include personal information you provide:
We also collect your personal information through our use of automatic data collection technologies – see further in the “Automatic Data Collection Technologies” section below.
We may also collect or receive personal information about you from various third parties and public sources, including but not limited to:
Technical Data from the following parties: analytics providers, such as Google and search information providers. Contact, financial and transaction data from providers of payment and delivery services. Identity and contact data from publicly available sources.
As you navigate through and interact with our Website, we may use automatic data collection technologies to collect certain information from and about your equipment, browsing actions, and patterns, including:
“Do Not Track” – Certain laws, including that of California, require that we inform you on our response to Do Not Track signals. As there is not an industry or legal standard for recognizing or honoring these signals at this time, we don’t respond to them.
The information we collect automatically is statistical data we may use to improve our Website and to deliver a better and more personalized service, including by enabling us to:
We have set out below the purposes for which we use your personal information. RPA is required under EU data protection law to identify a legal basis for using your personal information – we have highlighted these in brackets below:
If you do not provide RPA with the personal information required to perform our contract with you or comply with our legal or statutory obligations (highlighted as such in the list above), we may not be able to provide those relevant services to you. If you consent to RPA’s use of your personal information and this consent forms the legal basis of our processing of that personal information, you are entitled to withdraw it at any time – see the “Your Rights With Respect To Your Personal Information” section below for more detail.
We may disclose personal information that we collect or that you provide as described in this Policy:
We strive to provide you with choices regarding the personal information you provide to us. We have created mechanisms to provide you with the following control over your personal information:
If our processing of your personal information is subject to EU data protection law, you have a number of rights. These include, in certain circumstances:
We may not be able to accommodate a request relating to your personal information in certain circumstances prescribed by law. Please contact us using the details in the “Contact Information” section of this Policy if you would like more information.
We will only retain your personal information for as long as reasonably necessary to fulfil the purposes for which we use it, including for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements. We may retain your personal information for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you.
To determine the appropriate retention period for personal information, we consider the amount, nature and sensitivity of the personal information, the potential risk of harm from unauthorized use or disclosure of your personal information, the purposes for which we process your personal information and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting or other requirements.
We share your personal information within the RPA Group. For our clients in Europe, this may involve transferring your personal information outside of the European Economic Area (“EEA”). We ensure your personal information is protected by requiring all of our group companies to follow the same rules when processing your personal information. We may also share your personal information with contractors, service providers and other third parties supporting our business when needed. Many of these third parties are based outside of the EEA, so their processing of your personal information will involve a transfer of data outside of the EEA.
Whenever we transfer your personal information out of the EEA, we ensure proper protection is afforded to it by ensuring at least one of the following safeguards is implemented:
We will only transfer your personal information to countries that have been deemed to provide an adequate level of protection for personal information by the European Commission. Where we use certain service providers, we may use specific contracts approved by the European Commission which give personal information an appropriate level of protection when being processed outside Europe. Where we use providers based in the US, we may transfer data to them if they are part of the Privacy Shield which requires them to provide similar protection to personal information shared between Europe and the US. Please contact us if you want further information on the specific mechanism used by us when transferring your personal information out of the EEA.
We have implemented measures designed to secure your personal information from accidental loss and from unauthorized access, use, alteration, and disclosure. For example, all information you provide to us is stored on our secure servers behind firewalls. In addition, we limit access to your personal information to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal information on our instructions and they are subject to a duty of confidentiality.
The safety and security of your information also depends on you. Where we have given you (or where you have chosen) a password for access to certain parts of our Website, you are responsible for keeping this password confidential. We ask you not to share your password with anyone. We urge you to be careful about giving out information in public areas of the Website like message boards. The information you share in public areas may be viewed by any user of the Website.
Unfortunately, the transmission of information via the internet is not completely secure. Although we do our best to protect your personal information, we cannot guarantee the security of your personal information transmitted to our Website. Any transmission of personal information is at your own risk. We are not responsible for circumvention of any privacy settings or security measures contained on the Website.
We may revise and update this Policy from time to time in our sole discretion. All changes are effective immediately when we post them, and apply to all access to and use of the Website and handling of your personal information thereafter. It is our policy to post any changes we make to our Policy on this page. If we make material changes to how we treat our users’ personal information, we will notify you through a notice on the Website home page. The date the Policy was last revised is identified at the top of the page.
To ask questions or comment about this Policy and our privacy practices, contact us at:
Address:
Rockefeller Philanthropy Advisors
90 Church Street Fl 1 #7082
New York, NY 10008
Email:
info@rockpa.org
If you are concerned about how RPA uses your personal information, you have the right to make a complaint to the supervisory authority in your place of work or residence or the place in which the relevant infringement has taken place.