This Privacy Policy applies to www.surfider.org, www.beachapedia.org (the “Sites”), the Surfrider mobile application (the “App”) and to other websites, applications, services and mobile applications on or in which this Privacy Policy is linked or referenced (collectively with the Site and the App, the “Services”). The Services are owned and/or operated by Surfrider Foundation (sometimes referred to in this Policy as “we” or “us”). We hope that this Privacy Policy helps clarify how we collect and process your information.
This Privacy Policy describes:
The information we collect on or through the Services and how we collect it.
How we use and process the information we collect.
Please review this Privacy POLICY CAREFULLY BEFORE ACCESSING AND USING THE SERVICES. When you submit information to or through the Services, you consent to the collection and processing of information as described in this Privacy Policy.
If you have not done so already, please also review our Terms of Service (“Terms”). The Terms contain provisions that limit our liability to you and require you to resolve any dispute with us through final and binding arbitration on an individual basis and not as part of any class or representative action.
IF YOU DO NOT AGREE TO THE TERMS OF THIS PRIVACY POLICY, THEN PLEASE DO NOT USE THE SERVICES.
1. Changes To This Privacy Policy
The Effective Date of this Privacy Policy is set forth at the top of this webpage. As we add new features, we may need to modify this Privacy Policy. Whenever possible, we will provide you with advance written notice of our changes. Your continued use of the Services after the Effective Date constitutes your acceptance of the amended Privacy Policy. The amended Privacy Policy supersedes all previous versions. We will not, however, make retroactive changes that reduce your privacy rights unless you affirmatively agree to those changes.
2. Information We Collect
“Personal Information” means information associated with or used to identify a specific person. Your Personal Information includes: (1) contact data (such as your e-mail address, mailing address, telephone number, school name and school grade); and (2) Location Data (as defined below) and (3) certain Usage Data, such as the IP address from which you access the Services (as further discussed in Section 3b. below)
“Location Data” is a category of Personal Information collected about the location of a mobile device or computer, including: (1) the location of the mobile device of computer used to access the Services derived from GPS or WiFi use; (2) the IP address of the mobile device, computer, or internet service used to access the Services; or (3) other information made available by a user or others that indicate location, such as geotag information in photographs. You can change your preferences on your mobile device and/or browser to deny us access to your Location Data. Please note that if you disable location tracking, certain features of the Services may not be available to you.
“General Information” is information about an individual’s online activity that, by itself, cannot be used to identify him or her, such as browser type, operating system and the dates/times of Services access.
Personal Information and General Information may be linked together. Different types of General Information also may be linked together and, once linked, may identify an individual person.
3. How We Collect Information
We collect information that you provide to us and from your use of the Services. The information that we collect and how we process it depends on how you use and access the Services. Some information is collected through use of cookies and similar data collection tools (as further discussed in Section 5 below).
a. Information that You Provide to Surfrider Foundation: You may provide us with your Personal Information when you contact us for help or information, create an account to use one of the Services; make a donation to one of our campaigns, post your biographical information on the Sites or otherwise voluntarily supply your Personal Information to us. We may collect information, some of which may be Personal Information, as otherwise described to you at the point of collection or pursuant to your consent.
b. Information that We Collect When You Use the Services: When you use the Services, we may automatically collect Information about how you interact with the Services, such as (i) IP address; (ii) domain server; (iii) type of device(s) used to access the Services; (iv) web browser(s) used to access the Services; (v) statistics and information associated with the interaction between your browser or device and the Services; and (vi) referring webpage or other source through which you accessed the Services (collectively, “Usage Data”). Depending on applicable law, some Usage Data is Personal Information and some is General Information.
c. Information Collected from Other Sources: Third parties that assist us with our business operations also collect information (including Personal Information and Usage Data) from you and share it with us. For example, we may purchase mailing lists and use email service providers that help us to more effectively administer our communications and programs.
4. How We Use, Share and Disclose Information
a. How We Use Information
We use the information that we collect or that you provide to us to operate, maintain and enhance the Services, including:
To present the Services to you and to customize, improve and develop content and functionality that helps us better serve your needs;
To troubleshoot problems with the Services;
To facilitate communication between Surfrider Foundation and you;
To connect you to local events, chapters and volunteers in your area;
To prevent, detect and investigate prohibited or illegal activities, such as claims of copyright infringement and security breaches;
To send emails and other communications that display content that we think will interest you, such as news about our campaigns, programs, services, products and promotions;
To generate statistical information about how users interact with the Services and conduct analyses to support, improve and enhance the Services;
To carry out our obligations and protect our rights arising from any contracts entered into between you and us, including our Terms of Service;
To protect the safety, security and legal rights of other users of the Services;
To send you important administrative information regarding the Services, such as changes to this Privacy Policy or our other policies; and
To fulfill any other purpose for which you provide information to us or to which you consent.
We and our business partners also may combine different types of information collected from or about you through various sources, including Personal Information, and use the combined information for the purposes described in this Privacy Policy.
b. How We Share and Disclose Information
We may share and disclose information:
With third party service providers that we retain to perform functions on our behalf, such as web hosting, data analyses and promotion services providers, communication services providers, e-commerce vendors, and technology and data service providers, that have access to Personal Information needed to perform their functions;
With affiliated non-profit organizations and our business partners;
To enforce our agreements with other users or third parties, including in connection with claims of copyright infringement;
To protect the safety and security of users;
With companies with which we plan to merge or an acquirer of all or substantially all of Surfrider Foundation’s assets (we will continue to process information consistent with this Privacy Policy and, when possible, will provide you with notice before Personal Information is transferred or becomes subject to a different privacy policy);
To comply with a subpoena, regulation, binding order of a data protection agency, legal process, governmental request or other legal or regulatory process; and
If we believe you have or are violating our Terms of Service or in order to protect or defend Surfrider Foundation’s rights or property, even without a subpoena, warrant or other court order.
5. Online Advertising, Data Collection And “Do Not Track”
a. Cookies & Other Data Collection Tools. “Data Collection Tools” means technology that that collects information about your use of the Services and potentially about your activities when you leave the Services and visit other sites on the Internet, such as cookies and web beacons.
b. Online Advertising. The Services use Data Collection Tools to help manage our online advertising program. These Data Collection Technologies are provided by us as well as our ad management partners and other third parties.
In addition, we and our ad management partners may use these Data Collection Tools to track the actions of users of the Services, to measure statistics of our marketing efforts, to deliver advertisements on the Services that may be more relevant to you and that will improve your experience on the Services, and to deliver advertisements to you when you visit other third party sites.
c. How We Respond to Browser “Do Not Track” Signals: Some web browsers (including Safari, Internet Explorer, Firefox and Chrome) incorporate a “Do Not Track” (DNT) or similar feature that signals to websites that a visitor does not want to have his/her online activity and behavior tracked. If a website that responds to a particular DNT signal receives the DNT signal, the browser can block that website from collecting certain Personal Information about the browser’s user. Not all browsers offer a DNT option and DNT signals are not yet uniform. For this reason, we and many website operators do not respond to DNT signals. For more information about DNT signals, visit http://allaboutdnt.com.
6. Credit Card Information
Surfrider Foundation does not process your credit card information. Instead, Surfrider Foundation has entered into an agreement with TrustCommerce, a third party payment processing service, to collect, store, process and transmit your credit card data when you make a donation to us. TrustCommerce certifies as adhering to the Payment Card Industry Data Security Standards. Surfrider Foundation may transfer Personal Information to TrustCommerce for the purpose of facilitating the transaction.
7. Information Protection
Surfrider Foundation has implemented policies, procedures, and safeguards, including secured online connections, designed to protect all information submitted through the Services. We also strive to obligate our agents, contractors and business partners to protect the information that they use or access in connection with providing services to Surfrider Foundation. While we do work hard to protect your information, we cannot guarantee the privacy or security of information that you transmit over the Internet. DISCLOSURE OF INFORMATION TO SURFRIDER FOUNDATION IS AT YOUR OWN RISK. We urge you to take every precaution to protect your information when you use the Internet or store information on your computer, tablet, or mobile device.
All personally identifiable information (PII) is transmitted to Surfrider via SSL-secured connections. Insecure connections to systems that receive this information are not allowed. All information is stored in an encrypted format by the vendors which provide Surfrider with the services we use to process PII, and access to the information is restricted to those personnel and contractors with a business need for such access. All vendors who handle PII on Surfrider's behalf are certified as adhering to the current Payment Card Industry (PCI) Data Security Standard (DSS). Additionally, Surfrider's internal data handling policies and procedures are reviewed twice per year by Surfrider Information Technology personnel to ensure compliance with the current PCI DSS.
8. Links To Other Services
This Privacy Policy applies solely to information collected by or through the Services. As noted in the Terms, the Services may contain plug ins from and links to third-party websites and services, including our social media services such as Facebook and Twitter (collectively, “Linked Services”). Linked Services are not under the control of Surfrider Foundation and Surfrider Foundation is not responsible for Linked Services. The inclusion of a plug in or a link does not imply endorsement by Surfrider Foundation of the Linked Services or any association with the operators of the Linked Services. Surfrider Foundation does not investigate, verify or monitor the Linked Services. We provide links to Linked Sites for your convenience only. You access Linked Services at your own risk. We encourage you to read about the privacy practices of any Linked Service that you access.
9. Student Club Network
We administer our Student Club Network through the Services. While we are a nonprofit entity not subject to the Children’s Online Privacy Protection Act (COPPA), we do not direct the Services to children under the age of 13, and we do not knowingly collect, store or use personal information about children under the age of 13
If we learn that a child under the age of 13 has submitted information about himself/herself to us, we delete it as soon as possible. If you believe that we have collected Personal Information from a child under the age of 13, please contact us at membership@surfrider.org.
10. California Consumer Rights Information
California Civil Code section 1798.83 law permits residents of California to opt-out of disclosure of Personal Information to third parties for their direct marketing purposes. You may choose to opt-out of the sharing of your personal information with third parties for marketing purposes at any time by submitting a request in writing to our contact address below or by e-mailing us at membership@surfrider.org. We honor all such opt-out requests and it is our policy not to share personal information with third parties for direct marketing purposes where you have submitted such a request. Please note that this opt-out does not prohibit disclosure made for non-marketing purposes.
Under California Civil Code Section 1789.3, we are required to provide California residents with the following specific consumer rights information:
The Services are owned and/or operated by Surfrider Foundation, P.O. Box 73550, San Clemente, CA 92673.
Unless otherwise expressly stated, the Services are provided without charge.
To file a complaint regarding any of the Services or to receive further information regarding use of the Services, please send a letter to Surfrider Foundation P.O. Box 73550, San Clemente, CA 92673 or contact us via email at membership@surfrider.org (with “California Resident Request” as the Subject Line). You also may contact the Complaint Assistance Unit of the Division of Consumer Services of California’s Department of Consumer Affairs in writing at 400 R Street, Suite 1080, Sacramento, California 95814 or by telephone at 916.445.1254 or 800.952.5210.
11. Information Transmission
The Services are based in the United States and provided for access and use only by persons located in the United States and Canada. The Services are hosted in the United States. If you are visiting the Services from outside the United States and Canada, your information may be transferred to, stored and processed in the United States and Canada. The data privacy and protection and other laws of the United States may not be as comprehensive as those in your country. By using the Services, you consent to transfer of your information to our facilities as described in this Privacy Policy.
12. How To Contact Us
If you have questions about this Privacy Policy or to request corrections, amendments or deletions to any Personal Information that you have provided through the Services, please contact us at membership@surfrider.org or call us at 949.492.8170. Surfrider Foundation will use reasonable efforts to supply you with requested Personal Information and correct any factual inaccuracy or delete your Personal Information from our databases. To honor your request, we will need the exact information you wish to correct, amend or delete.