Women in Big Data Global


Privacy Policy

1. Introduction

1.1 This is the privacy policy of Women in Big Data (the “Policy”), which are referred to as the “Women in Big Data”, “us” or “we” throughout this Policy. Any reference to “Women in Big Data”, “we” or “us” is a reference to the chapter in your jurisdiction (each a “Chapter”). This Policy provides details of the ways in which we process personal data in line with our obligations under data protection law including the General Data Protection Regulation (No 2016/679) (“GDPR”) and California Consumer Privacy Act of 2018(“CCPA”).

1.2 For the purposes of GDPR and CCPA, Women in Big Data is the ultimate controller of any personal data collected from you or otherwise for the purpose of conducting or developing our relationship with you. We are a non-profit for Women in Big Data headquartered in San Francisco, CA and located globally in various locations. We have a team for privacy policies, who can be contacted at: privacy@womeninbigdata.org

2. Background and Purpose

2.1 The purpose of this Policy is to explain what personal data we process and how and why we process it. For the purposes of this Policy, personal data means any information relating to an identified or identifiable person. Please read this Policy carefully as it provides important information about how we use personal data and explains your legal rights.
In addition, this Policy outlines our duties and responsibilities regarding the protection of such personal data. The manner in which we process data will evolve over time and we will update this Policy from time to time to reflect changing practices and law. We will notify you of any changes, either the next time you visit a website or to the contact details we hold for you.

2.2 In order to meet our transparency obligations under data protection law, we will incorporate this Policy by reference into various points of data capture used by us (e.g. application forms etc.) and may provide additional information where relevant.

3. Women in Big Data as a Data Controller

3.1 We will act as a data controller in respect of personal data provided to us by various individuals in connection with the operation and administration of Women in Big Data. Such individuals will generally include the following:

  1. members of the board;
  2. members of the advisory board and/or steering committee;
  3. volunteers and ambassadors;
  4. corporate sponsors and partners.

We sometimes use third party providers to collect this information on our behalf such as Eventbrite, Google, Mailchimp, Slack and Typeform.

3.2 The types of personal data are described in Annex I. In order for us to provide our services to you we require certain personal data from you.

4. Individual Data Subject Rights

4.1 Data protection law provides certain rights in favor of data subjects (the “Data Subject Rights”), including the right:

  1. of a data subject to receive detailed information on the processing (by virtue of the transparency obligations on the controller);
  2. of access to personal data;
  3. to rectify or erase personal data (right to be forgotten);
  4. to restrict processing;
  5. of data portability;
  6. to withdraw consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal; and
  7. to object to automated decision making, including profiling, and where we rely on its legitimate interests to process your personal data (for example, for marketing purposes).

4.2 You may make a request to us to exercise any of the Data Subject Rights by contacting privacy@womeninbigdata.org (at the contact details listed in Annex II). Your request will be dealt with in accordance with data protection law.

5. Data Security and Data Breach

5.1 We have technical and organizational measures in place to protect personal data from unlawful or unauthorized destruction, loss, change, disclosure, acquisition or access. Personal data are held securely using a range of security measures including, as appropriate, IT measures such as encryption, and restricted access through approvals and passwords.

5.2 The GDPR and CCPA obliges data controllers to notify the relevant data protection supervisory authority and affected data subjects in the case of certain types of personal data security breaches. Any data breaches identified in respect of personal data controlled by us will be dealt with in accordance with data protection law and our internal data breach procedure.

6. Women in Big Data and Data Processors

6.1 We will engage certain event, ticketing and surveying service providers (including Eventbrite, Mailchimp, Typeform) to perform certain services on our behalf which may involve the collection and processing of personal data. To the extent that such processing is undertaken based on the instructions of us and gives rise to a data controller and data processor relationship, we will ensure that such relationship is governed by a contract which includes the data protection provisions prescribed by data protection law.

7. Data Transfers outside the EEA

7.1 In the event that we are required to transfer personal data to countries outside the European Economic Area we will ensure that such processing of your personal data is in compliance with data protection law. If the country is not recognized as adequate by the European Commission, we will either rely on the Privacy Shield Framework (if the recipient is certified) or enter into Model Contractual Clauses (as published by the European Commission). If you require more information on the means of transfer of your data or would like a copy of the relevant safeguards, please contact us at the details provided below.

8. Cookies

8.1 Cookies are small text files that may be placed on your browser when you visit our website (the “Site”). Cookies are used primarily for administrative purposes, to improve your experience with our Site. For instance, when you return to the Site after logging in, cookies provide information to the Site, including personal data, so that the Site will remember who you are. Our Site uses cookies primarily to capture anonymous analytics used to improve our Site experience and performance. This includes compiling statistical information concerning, among other things, the frequency of use of our Site, the pages visited, and the length of each visit, as well as information about your computer, operating system, browser, language and country. We do not use cookies to store any personal data that could be read or understood by others.

8.2 Using the settings of your Internet browser, you can choose to have your computer warn you each time a cookie is being sent, or you can choose to turn off all cookies.

8.3 Consult your browser Help menu to learn the correct way to modify your cookies. If you choose to turn off cookies, you may not have access to certain features of our Site. You may at any time delete any cookies set by using the relevant option of your Internet browser or by deleting the cookies on your hard drive.

9. Further Information/Complaints Procedure

9.1 For further information about this Policy and/or the processing of your personal data by or on behalf of the Women in Big Data, please contact privacy@womeninbigdata.org.

9.2 While you may make a complaint in respect of our compliance with data protection law to the relevant data protection supervisory authority in your jurisdiction, we request that you contact the relevant chapter (at the contact details listed below) in the first instance to give us the opportunity to address any concerns that you may have. A list of data protection supervisory authorities is available here.

Date: 01 February 2021


Types of Personal Data

When taking part to one of our promotion campaign (“Campaign”), you may share your personal data with Women in Big Data, acting as data controller on behalf of the WiBD Non-Profit.

1. What personal data do we collect from you?

The data you necessarily provide when filling in our promotion campaign form: your email, your first name and last name, your job title and roles, elements of biography, a photograph, video, personal quote.

The data you do not necessarily provide: your workplace, your website or webpage, your LinkedIn profile, your social media handle (LinkedIn, Twitter, Facebook), your Medium account, a personal quote, Technology interests etc.

2. Your data are used for the following purposes:

2.1 Campaign purposes

To put forward your profile on the Women in Big Data Website, Newsletters, Medium account and Social Media channels of WiBD.

2.2 Communication purpose

To send you emails about upcoming programs, conferences, trainings, etc

Providing the personal data is optional. If you choose to not provide us with your personal data necessary for the program, Women In Big Data won’t be able to confirm your participation in any program.

3. What is the legal basis for the processing of your personal data?

To process your personal data as described above, Women In Big Data relies on:

Your consent when you associate with Women In Big Data through various channels such as membership, donations, mentor program and any other program that might be launched for members and participants of WiBD sponsored activities, conferences, trainings, etc. Your consent can be removed at any time, without affecting the data processing lawfulness before the removal.

4. Who are the recipients of your personal data?

In the context of such processing, the recipients of all or part of your personal data will be the personnel of Women In Big Data in charge of administration, supervision, communication, information systems management and hosting as well as some personnel of third parties in charge of the Campaign form, the Communication, the Newsletter at WiBD.

5. Is your personal data transferred out of the European Economic Area?

The sharing of your personal data with certain recipients may imply transfers of your data out of the European Economic Area (EEA) in the United-States. Women In Big Data pays particular attention to the protection of your personal data. Thus, where such transfers out of the EEA shall take place, Women In Big Data first implements appropriate safeguards by signing the standard contractual clauses of the European Commission with the entity out of the EEA which processes your personal data. You can obtain a copy of such clauses by addressing your request through one of the emails referred to below.

6. What are your rights related to your personal data?

Please note that you have the right to access your personal data and to request that your personal data be rectified or deleted. You are also entitled to object to the processing of your personal data or to request restriction thereof. In addition, you have the right to ask for receiving your personal data in a structured and standard format.

In case of any such request or complaint, please send an email to privacy@womeninbigdata.org.

In any case, you also have the right to lodge a complaint with the competent data protection authority.