Privacy Policy
Gas Leaks Project is a fiscally sponsored project of Rockefeller
Philanthropy Advisors (RPA).
Last Updated – May 24, 2022
Rockefeller Philanthropy Advisors (“RPA”
or “We“) respect your
privacy and are committed to handling your personal information
in a safe and responsible manner and protecting it through our
compliance with this Privacy Policy (“Policy”).
It is important that you read this Policy, together with any
other privacy or fair processing policy we may provide on
specific occasions when we are collecting or processing your
personal information, so that you are fully aware of how and why
we are using your personal information.
This Policy describes the types of personal information we may
collect from you or that you may provide when you visit the
website www.rockpa.org (our “Website“), and our
practices for collecting, using, maintaining, protecting, and
disclosing that information.
Personal Information We Collect About You
“Personal information” is information relating to you or other
individuals from which you or they can be identified.
We collect several types of personal information from and about
users of our Website, including information about:
-
How to contact you, such as name, postal address, e-mail
address, and telephone number.
-
Your workplace, such as position title, organizational
affiliations and similar information.
-
Your internet connection, the equipment you use to access our
Website and usage details – see further in the “Automatic Data
Collection Technologies” section below.
How We Collect Your Personal Information
We collect your personal information directly from you when you
provide it to us. This will include personal information you
provide:
-
When filling in forms on our Website. This includes when you
sign up for more information or for our newsletters, for
events, to interact with various tools or to be part of
specific communities; and request material, further
information or services.
-
When you report a problem with our Website or contact us for
any other purpose.
-
When you respond to surveys that we might ask you to complete
for research purposes through our Website.
-
When you input queries using the “search” function on the
Website.
-
When you provide information to be published or displayed on
public areas of the Website, or transmitted to other users of
the Website or third parties.
We also collect your personal information through our use of
automatic data collection technologies – see further in the
“Automatic Data Collection Technologies” section below.
We may also collect or receive personal information about you
from various third parties and public sources, including but not
limited to:
-
Technical Data from the following parties: analytics
providers, such as Google and search information providers.
-
Contact, financial and transaction data from providers of
payment and delivery services.
Automatic Data Collection Technologies
As you navigate through and interact with our Website, we may
use automatic data collection technologies to collect certain
information from and about your equipment, browsing actions, and
patterns, including:
-
Details of your visits to our Website, including traffic data,
location data, logs, and other communication data and the
resources that you access and use on the Website.
-
Information about your computer and internet connection,
including your IP address, operating system, and browser type.
“Do Not Track” – Certain laws, including that of California, require that we
inform you on our response to Do Not Track signals. As there is
not an industry or legal standard for recognizing or honoring
these signals at this time, we don’t respond to them.
The information we collect automatically is statistical data we
may use to improve our Website and to deliver a better and more
personalized service, including by enabling us to:
- Estimate our audience size and usage patterns.
-
Store information about preferences, allowing us to customize
our Website according to individual interests.
- Speed up searches.
- Recognize you when you return to our Website.
The technologies we use for this automatic data collection may
include:
-
Cookies (or browser cookies). A cookie
is a small file placed on the hard drive of your computer. You
may refuse to accept browser cookies by activating the
appropriate setting on your browser. However, if you select
this setting you may be unable to access certain parts of our
Website. Unless you have adjusted your browser setting so that
it will refuse cookies, our system will issue cookies when you
direct your browser to our Website.
-
Flash Cookies. Certain features of our
Website may use local stored objects (or Flash cookies) to
collect and store information about your preferences and
navigation to, from, and on our Website. Flash cookies are not
managed by the same browser settings as are used for browser
cookies. For information about managing your privacy and
security settings for Flash cookies, see the “Choices About
How We Use and Disclose Your Personal Information” section
below.
-
Web Beacons. Pages of our Website and
our e-mails may contain small electronic files known as web
beacons (also referred to as clear gifs, pixel tags, and
single-pixel gifs) that permit RPA, for example, to count
users who have visited those pages or opened an email and for
other related website statistics (for example, recording the
popularity of certain website content and verifying system and
server integrity).
How We Use Your Personal Information
We have set out below the purposes for which we use your
personal information. RPA is required under EU and UK data
protection law to identify a legal basis for using your personal
information – we have highlighted these in brackets below:
-
To present our Website and its contents to you (to achieve our
legitimate interest in making this content available to you in
an effective way).
-
To provide you with information, products, or services that
you request from us (with your consent).
-
To carry out any other of our obligations and enforce our
rights arising from any contracts entered into between you and
us, including for billing and collection (to perform our
contract with you; to achieve our legitimate interests of
being able to manage our finances and operations and to comply
with our legal or statutory obligations in relation to keeping
financial and other business records).
-
To notify you about changes to our Website or any products or
services we offer or provide though it (to achieve our
legitimate interest in ensuring we provide our services to you
effectively).
-
To allow you to participate in interactive features on our
Website (to achieve our legitimate interest in ensuring we
provide our services to you effectively).
-
To contact you about events, convenings and information that
may be of interest to you (with your consent).
-
In the manner set out in the “Disclosure of Your Personal
Information” section below.
If you do not provide RPA with the personal information required
to perform our contract with you or comply with our legal or
statutory obligations (highlighted as such in the list above),
we may not be able to provide those relevant services to you. If
you consent to RPA’s use of your personal information and this
consent forms the legal basis of our processing of that personal
information, you are entitled to withdraw it at any time – see
the “Your Rights With Respect To Your Personal Information”
section below for more detail.
Disclosure of Your Personal Information
We may disclose personal information that we collect or that you
provide as described in this Policy:
-
To our subsidiaries and affiliates (the “RPA Group”) to provide you with requested services.
-
To contractors, service providers, and other third parties we
use to support our business and who are bound by contractual
obligations, to keep personal information confidential and use
it only for the purposes for which we disclose it to them and
in accordance with our instructions.
-
To a buyer or other successor in the event of a merger,
divestiture, restructuring, reorganization, dissolution, or
other sale or transfer of some or all of RPA’s assets, whether
as a going concern or as part of bankruptcy, liquidation, or
similar proceeding.
-
To comply with any court order, law, or legal process,
including to respond to any government or regulatory request.
-
To enforce or apply our terms of use and other agreements,
including for billing and collection purposes.
-
If we believe disclosure is necessary or appropriate to
protect the rights, property, or safety of RPA, our customers,
or others.
-
To other identified parties who we inform you about from time
to time.
Choices About How We Use and Disclose Your Personal
Information
We strive to provide you with choices regarding the personal
information you provide to us. We have created mechanisms to
provide you with the following control over your personal
information:
-
Tracking Technologies and Advertising. You can set your browser to refuse all or some browser
cookies, or to alert you when cookies are being sent. To learn
how you can manage your Flash cookie settings, visit the Flash
player settings page on Adobe’s website. If you disable or
refuse cookies, please note that some parts of this site may
then be inaccessible or not function properly.
-
Offers from RPA. If you do not wish to
have your email address/contact information used by RPA to
notify you of upcoming events or for our newsletter or other
services, you can opt-out by checking the relevant box located
on the form on which we collect your data or by sending us an
email stating your request to info@rockpa.org. If we
have sent you a promotional email, you may send us a return
email asking to be omitted from future email distributions.
This opt out does not apply to information provided to RPA as
a result of a service engagement or other transactions.
Your Rights With Respect To Your Personal Information
If our processing of your personal information is subject to EU
and UK data protection law, you have a number of rights.
These include, in certain circumstances:
-
To ask us not to process your personal information, including
where RPA is using it for direct marketing purposes.
-
To receive a copy of all your personal information held by
RPA, in order to check we are processing it lawfully.
-
To ask us to correct any errors in your personal information.
-
To ask us to delete your personal information, including when
exercising your right to object to processing (see above),
unless we have a compelling reason to continue with such
processing.
-
To ask us to restrict the processing of your personal
information in certain situations (such as where there is an
outstanding question you have raised regarding its accuracy).
-
To ask us to transfer your personal information to another
party, where we have collected it from you to perform a
contract or are processing it on the basis of your consent.
-
To withdraw your consent where you have provided it for RPA’s
collection or use of your personal information for a specific
purpose, subject to certain conditions.
You may exercise these rights at any time by contacting RPA
using the details in the “Contact Information” section of this
Policy.
We may not be able to accommodate a request relating to your
personal information in certain circumstances prescribed by law.
Please contact us using the details in the “Contact Information”
section of this Policy if you would like more information.
Data Retention
We will only retain your personal information for as long as
reasonably necessary to fulfil the purposes for which we use it,
including for the purposes of satisfying any legal, regulatory,
tax, accounting or reporting requirements. We may retain your
personal information for a longer period in the event of a
complaint or if we reasonably believe there is a prospect of
litigation in respect to our relationship with you.
To determine the appropriate retention period for personal
information, we consider the amount, nature and sensitivity of
the personal information, the potential risk of harm from
unauthorized use or disclosure of your personal information, the
purposes for which we process your personal information and
whether we can achieve those purposes through other means, and
the applicable legal, regulatory, tax, accounting or other
requirements.
EU located individuals: International Transfers
We share your personal information within the RPA Group. For our
clients and individuals with whom we deal who are located in
Europe and the UK, this may involve transferring your personal
information outside of the European Economic Area
(“EEA”) and UK to countries whose laws are not
deemed to provide a level of protection for personal information
that is of the same standard as enjoyed under data protection
law in Europe and the UK.
We ensure your personal information is protected by requiring
all of our group companies to follow the same rules when
processing your personal information. We may also share your
personal information with contractors, service providers and
other third parties supporting our business when needed.
Many of these third parties are based outside of the EEA and the
UK, so their processing of your personal information will
involve a transfer of data outside of the EEA and UK.
Whenever we transfer your personal information out of the EEA or
UK whether internally within our group or externally to other
parties, we ensure proper protection is afforded to it by
ensuring at least one of the following safeguards is
implemented:
-
We will only transfer your personal information to countries
that have been deemed to provide an adequate level of
protection for personal information by the European
Commission.
-
We may use specific standard contract clauses approved by the
European Commission or UK Information Commissioner’s Office
(also conducting any required transfer impact assessment and,
if necessary, implementing supplementary measures) to make
sure that the transferred personal information is given an
appropriate level of protection in accordance with applicable
data protection law when being processed outside the EEA or
UK.
Alternatively, in certain circumstances we may transfer personal
information outside the EEA or UK relying on specific
derogations under applicable EU and UK data protection law,
including where you (or the relevant individual) have provided
your (or their) explicit, informed consent to the transfer; the
transfer is necessary for the purposes of being able to enter
into or perform a contract with you (or another individual) at
your (or their) request; or, the transfer is needed in
connection with a legal claim (or possible legal claim).
Please contact us if you want further information on the
specific mechanisms used by us when transferring your personal
information out of the EEA or UK.
Data Security
We have implemented measures designed to secure your personal
information from accidental loss and from unauthorized access,
use, alteration, and disclosure. For example, all information
you provide to us is stored on our secure servers behind
firewalls. In addition, we limit access to your personal
information to those employees, agents, contractors and other
third parties who have a business need to know. They will
only process your personal information on our instructions and
they are subject to a duty of confidentiality.
The safety and security of your information also depends on you.
Where we have given you (or where you have chosen) a password
for access to certain parts of our Website, you are responsible
for keeping this password confidential. We ask you not to share
your password with anyone. We urge you to be careful about
giving out information in public areas of the Website like
message boards. The information you share in public areas may be
viewed by any user of the Website.
Unfortunately, the transmission of information via the internet
is not completely secure. Although we do our best to protect
your personal information, we cannot guarantee the security of
your personal information transmitted to our Website. Any
transmission of personal information is at your own risk. To the
fullest extent legally permitted, we are not responsible for
circumvention of any privacy settings or security measures
contained on the Website.
Changes to Our Policy
We may revise and update this Policy from time to time in our
sole discretion. All changes are effective immediately when we
post them, and apply to all access to and use of the Website and
handling of your personal information thereafter. It is
our policy to post any changes we make to our Policy on this
page. If we make material changes to how we treat our users’
personal information, we will notify you through a notice on the
Website home page. The date the Policy was last revised is
identified at the top of the page.
Contact Information
To ask questions or comment about this Policy and our privacy
practices or if you are based in Europe or the UK and wish to
exercise your rights under data protection law as described
above, please contact us at:
Address:
Rockefeller Philanthropy Advisors
6 West 48th St.
New York, NY 10036
Email:
info@rockpa.org
Before we can respond, we may need to ask you to verify your
identity and/or clarify the nature and scope of your request.
Complaints
If you are concerned about how RPA uses your personal
information and we are unable to resolve your issue, you have
the right to make a complaint to the supervisory authority in
your place of work or residence or the place in which the
relevant infringement has taken place.