Last updated: 08/25/2020
The World Economic Forum (hereafter the “Forum“) is committed to complying with data protection laws and to the protection and confidentiality of the personal data of users of the 1t.org Website (hereinafter also referred to as “User“, “you” or “your“). In this Privacy Policy (the “Policy“), we explain how we collect, share and use personal data we obtain from you when you access or use 1t.org Website (https://www.1t.org/) as well as Us.1t.org (https://us.1t.org) which is the United States subdomain of 1t.org website (“hereinafter referred to as “1t.org” and “Us.1t.org” and collectively as the “Websites”) and how you can exercise your data privacy rights.
The Forum wants you to be well informed of the gathering and use of your personal data through the Websites. Please read this Policy carefully prior to entering your personal data and using the Websites.
If you have any questions or concerns about our use of your personal data, then please contact us using the contact details provided at the bottom of this Policy.
Identification of the controller
The World Economic Forum, with registered offices at 91-93 route de la Capite, CH-1223 Cologny/Geneva, Switzerland, processes your personal data as a controller in accordance with applicable legislation with regard to the processing of personal data, namely Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (hereinafter “GDPR“) and any applicable national data protection acts, including the Swiss Federal Act on Data Protection of 19 June 1992 (Status as of 1 January 2014) (together referred to as “Data Protection Law“).
What types of personal data do we collect from the Websites?
The Forum may collect and process the following types of personal data about you:
- Information that you provide voluntarily
1t.org (only if submitted in the “Sign Up” section)
- Name and surname
- Email address
Us.1t.org (only if submitted in the mandatory sections in the “Make a Pledge” section)
- Identification details (Name, surname, entity name, entity type, headquarters location, website URL)
- Contact details (email address)
- Pledge and reporting form details (Name/title of pledge, Summary, Partner Entities Names, Location and timeline of pledge activities, type of pledge activities)
- Information that we collect automatically
When you visit the Websites, we may collect certain information automatically from your device. In some countries, including countries in the European Economic Area, this information may be considered personal data under applicable Data Protection Law.
Specifically, the information we collect automatically may include information like your IP address, device type, unique device identification numbers, browser-type, preferences, broad geographic location (e.g. country or city-level location) and other technical information. We may also collect information about how your device has interacted with the Websites, including the pages accessed and links clicked.
For further information about the types of cookies and other tracking technology we use on Uplink, please see our Cookie Notice.
How do we use your data and for what purposes?
The Forum processes your personal data for the following purposes:
- To analyse and monitor general trends and patterns in the use of the Websites.
- To improve the content, performance and organization of the Websites.
- To internal data analytics;
- To subscribe to 1t.org newsletters and send newsletters to subscribers
- To respond to your questions or requests after you provide your details in the “Sign up” section;
- Only applicable to us.1t.org: To enable you to initiate your pledge or donation towards achieving 1 trillion trees. For our staff to review the details of your pledge or donation and contact you in the case that your pledge is selected for submission to support the U.S. Chapter ambition.
We will use the personal data we collect from you only for the purposes described in this Policy or for purposes that we explain to you at the time we collect your personal data.
However, we may also use your personal data for other purposes that are not incompatible with the purposes we have disclosed to you (such as archiving purposes in the public interest, scientific or historical research purposes, or statistical purposes) in accordance with Data Protection Law.
On what legal grounds do we process your personal data?
In general, we will process your personal data in order to execute the Terms of Use of the Websites. We may also be required to process your personal data in order to comply with local laws and regulations.
Otherwise, we will process your personal data in order to carry out our business legitimate interests, where such interests do not override your fundamental rights and liberties. Where required, we will ask you to provide your consent for certain processing activities.
Who do we share your data with?
The Forum may share your personal data with the following parties:
- Forum Entities
The Forum may share your personal data with its Forum Entities (as defined below) in other locations around the world, for example, to answer your questions adequately.
- Third Parties
The Forum shares your personal data with third party service providers, in particular Be Heard Group, a creative agency based in the United Kingdom responsible for communications and 1t.org website management, and American Forests, based in the United States responsible for the development of the us.1t.org website as well as support the Forum in handling requests and pledges. The Forum will ensure that third parties accessing the personal data of Users shall comply with the same data protection requirements as the Forum and that the personal data will be used exclusively for the purposes set out in this Policy.
- Public authorities
The Forum may share your personal data with local authorities to the extent deemed necessary by the Forum for the purposes set forth in this Policy, in particular for security reasons or as required by mandatory laws and regulations.
How we protect your privacy
We will process personal data in accordance with this Policy, as follows:
- Fairness: We will process your personal data fairly. This means that we are transparent about how we process personal data and that we will process it in accordance with Data Protection Law.
- Purpose limitation: We will process your personal data for specified and lawful purposes, and will not process it in a manner that is incompatible with those purposes.
- Proportionality: We will process your personal data in a way that is proportionate to the purposes which the processing is intended to achieve.
- Data accuracy: We take appropriate measures to ensure that personal data that we hold about you is accurate, complete and, where necessary, kept up to date. However, it is also your responsibility to ensure that your personal data is kept as accurate, complete and current as possible by informing the Forum promptly of any changes or errors. You should notify us of any changes to the personal data that we hold about you (e.g. a change of email address).
- Data security: We use appropriate technical and organisational measures to protect the personal data that we collect and process about you. The measures we use are designed to provide a level of security appropriate to the risk of processing your personal data. In particular, any personal data provided to the Forum by Users of Uplink is handled with due care and security, and will not be used in ways other than as set forth in this Policy, or in any site/area-specific policies, or in ways that are not compliant with Data Protection Law. Furthermore, the Forum employs a range of technologies and security measures to protect the personal data maintained on Forum systems from loss, misuse, unauthorized access or disclosure, alteration or destruction. Finally, all Forum employees who have access to and are associated with the processing of personal data are obliged to respect the confidentiality of all such personal data.
International data transfers
The Forum operates at a global level and, as a result, your personal data may be transferred to, and processed in, countries other than the country in which you are resident In some cases, these countries may be located outside the European Union (“EU”) or EEA and therefore may have data protection laws that are different from the laws of your country of residence.
Specifically, the personal data that you upload into the 1t.org is stored and processed by the Forum in Switzerland. If applicable, your personal data may be transferred to the United States where it may be processed by the World Economic Forum LLC (USA) and to other countries outside the EU/EEA where the Forum has its offices (“Forum Entities”) are established. The Forum may also share your personal data with third party service providers located outside the EU/EEA who are acting on behalf of the Forum. In such case, we make sure that your personal data is either transferred to third countries outside the EU/EEA that are deemed “adequate” by the European Commission (a list of adequate countries is available on the European Commission’s website), or alternatively, where your personal data is not sent to a country that provides adequate protection, we will put in place appropriate safeguards with the entity receiving your personal data (e.g. the EU standard contractual clauses) to ensure that it remains protected while it is being processed outside the EU/EEA in accordance with Data Protection Law.
The Forum takes steps to ensure that the data collected with regards to your sign-up is processed according to the provisions of Data Protection Law wherever the personal data is located. When the Forum transfers personal data from the European Economic Area to other countries, we use a variety of legal mechanisms in accordance with Data protection law, including contracts, to help ensure your rights and protections travel with your data.
If you want to obtain more information in this respect, please contact us in writing at the following address: Mydata@weforum.org.
How long do we keep your personal data?
The Forum will retain your personal information for the period necessary to fulfil the purposes outlined in this Policy.
For example, we may retain personal data we obtain from you where we have an ongoing legitimate business need to do so (for example, to provide you with a service you have requested or to comply with applicable legal, tax or accounting requirements).
Your data protection rights
You have the following data protection rights:
- You may request access to and obtain a copy of your personal data.
- You may also request that any personal data that is inaccurate or incomplete be rectified or completed.
- You may request that your personal data be erased under certain legal conditions (for example, where the personal data is no longer needed to achieve the purposes for which the information was initially collected).
- In addition, you may object to the processing of your personal data, ask us to restrict processing of your personal data or request portability of your personal data under certain legal conditions.
- You have the right to opt-out of electronic marketing communications we send you at any time and free of charge. You can exercise this right by clicking on the “unsubscribe” or “opt-out” link in the marketing e-mails we send you. To opt-out of other forms of marketing (such as postal marketing or telemarketing), then please contact us using the contact details provided under the “How to contact us” heading below.
- Similarly, if we have collected and process your personal data with your consent, then you can withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect processing of your personal data conducted in reliance on lawful processing grounds other than consent.
- You have the right to complain to a data protection authority about our collection and use of your personal data. For more information, please contact your local data protection authority. Contact details for data protection authorities in the European Economic Area, Switzerland and certain non-European countries (including the US and Canada) are available here.
You may exercise any of the rights above at any time by contacting us as described under the “How to contact us” section below. We will respond to your request in accordance with applicable Data Protection Law.
Minors
The services we provide on the Uplink platform are not intended for individuals below the age of 18. If you are under 18, please do not attempt to register or to provide your personal data on Uplink.
Linking to other websites
The 1t.org and us1t.org may include links to other websites that are not operated or maintained by the Forum and are not covered by this Policy. The processing of personal data on these third party websites including by use of cookies, is subject to these third party’s notices and terms and conditions. Please review the notices and terms and conditions of each website you visit.
We do not accept any responsibility or liability for the privacy practices of such third party websites and your use of such websites is at your own risk.
Updates to this Policy
We may update this Policy from time to time in response to changing legal, technical or business developments. When we update our Policy, we will take appropriate measures to inform you, consistent with the significance of the changes we make. We will obtain your consent to any material Policy changes if and where this is required by applicable data protection laws.
You can see when this Policy was last updated by checking the “last updated” date displayed at the top of this Policy.
How to contact us
If you have any questions or concerns concerning this Policy or the way we process your personal data, or if you wish to exercise your data privacy rights as described above, please contact us by email at: Mydata@weforum.org