Privacy Policy

Center for Active Design, Inc. (“us”, “we”, “our”, “CfAD”) is committed to treating your personal information with care and respect. This document (the “Privacy Policy”) explains how we collect, process and store any personal data belonging to you, meaning information about you which is personally identifiable such as your name or email address. Such personal data is referred to throughout this policy as “Personal Information” or “data.”

Any data collected through the Services enables CfAD and its partners to fulfill its mission of transforming design and development practice, ensuring equitable access to vibrant public and private spaces that support healthy communities.

For questions and information about Privacy Policy and data subject’s rights, please contact us at info@centerforactivedesign.org or alternatively at 110 Wall Street, New York, NY 10005.

All CfAD Services are governed by this Privacy Policy and by using or accessing a Service you give consent to the processing, use and disclosure of your data. Please do not install or use the Services if you do not agree to this Privacy Policy.

CfAD reserves the right to modify this Privacy Policy. We will provide notification of the material changes to this Privacy Policy through our Website prior to the change taking effect.

1. PERSONAL INFORMATION

Personal Information means information that alone or in combination with other information may be used to readily identify, contact, or locate you or other members of your organization, such as: name, address, email address, or phone number. Personal Information, as used in this Privacy Policy, does not include information that has been aggregated or anonymized so that it does not allow a third party to identify a specific individual or applicant (“Anonymized Data”).

2. HOW WE COLLECT YOUR DATA

CfAD collects, stores, and uses your Personal Information as a data controller in connection with and in order to provide and develop CfAD products, mobile applications, services and websites (together “Services”) according to this Privacy Policy.

Likely situations when you make personal data available to CfAD include, but are not limited to: (i) by visiting our websites such, (ii) registering for Services, contests and special events; (iii) accessing Services using a third party ID, such as social networking sites or gaming services; (iv) subscribing to newsletters; (v) requesting technical support; and (vi) otherwise through use of CfAD Services where personal data is required for use and/or participation.

The data we process on you may include, but is not limited to: your name, email address, device ID, IP-address, and user names. CfAD may supplement your data with data received from third parties in connection with demographic, advertisement, market and other analytics surveys or services.

CfAD will not rent, share, or sell your data to any third party for marketing purposes and only shares your data with third parties as described in this Privacy Policy.

3. MARKETING

We may combine your information with information we collect from other companies and use it to improve our services, content, and advertising. If you do not wish to receive marketing communications from us or participate in our ad-customization programs, you may opt-out from receiving these communications by following the directions that may be provided within the communication or advertisement.

4. ANALYTICS AND ANONYMIZED DATA

CfAD may use Anonymized Data to perform its own analytics and to enable analytics provided by third parties. We may use Anonymized Data for supporting business analysis and operations, business intelligence, product development, improving products and services, personalizing content, providing advertising, and making recommendations. We reserve the right to provide Anonymized Data to third parties for the purpose of evaluating the Services, evaluating the performance of the Services, or for other purposes.

5. DATA RETENTION AND CORRECTNESS

CfAD retains the collected data for the period necessary to fulfill the purposes outlined in this Privacy Policy unless a longer retention period is required or permitted by law. Thereafter CfAD deletes all aforementioned data in its possession within a reasonable timeframe. CfAD does not verify the correctness of personal data.

Please note that some data may be further retained if necessary to resolve disputes, enforce CfAD user agreements, and comply with technical and legal requirements and constraints related to the security, integrity and operation of Services.

6. COOKIES, BEACONS AND TRACKING

The Services may use “cookies” and other technologies such as pixel tags, local shared objects, hardware-based device identifiers, Operating System-based identifiers, clear GIFs and web beacons. CfAD treats information collected by cookies and similar technologies as non-personal data.

Cookies: A “cookie” is a small file stored by your browser when told to do so by a website. Typically websites place a number of different cookies on an end-user’s machine. Some of the cookies are “1st Party,” from the website itself, and others are “3rd party,” belonging to advertising and analytics entities or social networks. CfAD’s cookies will not include personal data and are typically used to quickly identify your device and to “remember” your browser during subsequent visits for purposes of functionality, preferences, and website performance. You can disable cookies or set your browser to alert you when cookies are being sent to your device; however, disabling cookies may affect your ability to use the Services.

Flash cookies & HTML5: CfAD may also use Flash cookies (local shared objects) and HTML5 local storage. Flash cookies are small files similar to browser cookies, but which are not stored in the browser and can also be used to remember your settings, to personalize the look and feel of the Services, or for advertising and analytics. You may prevent Flash cookies from being stored by following the instructions provided by Adobe athttp://helpx.adobe.com/flash-player/kb/disable-local-shared-objects-flash.html.

Web Beacons and pixel tags: A “web beacon” or a “pixel tag” is an electronic image (often not visible to the end-user) that allows CfAD to count users who have visited certain pages or viewed certain advertisements. Additionally, e-mails and other electronic communications CfAD sends to you may contain pixel tags that enable CfAD to track your usage of the communication, including whether the communication was opened and/or what links were followed, if any.

7. THIRD PARTY TERMS AND CONDITIONS

Please note that your access to and use of the Services may be subject to certain third party terms and conditions and CfAD is not liable for any such third parties’ use of your personal data.

Certain Services that CfAD may offer, such as connection to social networking services, may use third party services to provide authentication for the Services. In connection with such use, certain personally identifiable user and/or membership data may be transferred automatically to and from CfAD.

CfAD may disclose your Personal Data to third parties in connection with a merger, consolidation, restructuring, the sale of substantially all of CfAD’s stock and/or assets or other corporate change, including, without limitation, during the course of any due diligence process provided, however, that this Privacy Policy shall continue to govern such personal data.

8. LEGAL GROUNDS OF DATA PROCESSING

The processing of your personal data is based on the following legal grounds, if you are a citizen of the European Economic Area (EEA):

  • Performance of a contract. When we need to process your personal data to enter into a contract with you or your employer or to perform a contract that you or your employer may have with us, the processing is based on Article 6, section 1 (b) GDPR. For example, when you use our services, we will use your personal data to respond to your requests and provide you with such services.
  • Consent. When we process personal data based on your consent, the legal grounds for processing is Article 6 section 1 (a) GDPR.
  • Legal obligation. When the processing of personal data is necessary for compliance with a legal obligation to which we are subject, the processing is based on Article 6 section 1 (c) GDPR.
  • Legitimate interests. We may process your personal data for our legitimate interests, e.g. to improve our products and services and to provide you with relevant information including information for marketing purposes. When we process your personal data based on our legitimate interests, the legal grounds for such processing is Article 6, section 1 (f) GDPR.

If you are not a citizen of the EEA, please contact us for details on the legal grounds of data processing. You find our contact details above.

9. SAFEGUARDS

CfAD follows generally accepted industry standards and maintains reasonable safeguards to attempt to ensure the security, integrity and privacy of the information in CfAD’s possession. CfAD uses robust security measures to protect your personal data. Taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons, we have implemented appropriate technical and organizational measures to ensure an appropriate level of security.

10. TRANSFER OF PERSONAL DATA

CfAD may store and/or transfer your personal data to its affiliates and partners in and outside of the United States in accordance with mandatory legislation and this Privacy Policy. Where the laws of your country allow us to do so, you authorize us to transfer, disclose, store and use your Personal Data in the United States and any other country where we operate or engage service providers to assist us with the Service consistent with this Notice.

For citizens of the EEA: Please be aware that the laws of the USA and other countries outside of the EEA may not protect your Personal Data to the same level as the laws of the EEA or give you the same rights that you would have in the EEA (including right relating to access to personal data by law enforcement or national security/intelligence agencies). But when we transfer your Personal Data outside of the EEA, if the receiving country’s data protection laws do not offer the same level of protection as the laws of the EEA, we place contractual obligations (e.g. the EU Model Clauses) on the recipients of your personal data to ensure that your personal data is adequately protected.

11. YOUR RIGHTS IN THE EEA

As a data subject based in the EEA, you have the following rights:

  • The right to information (Art. 13 GDPR). This is your right to be informed whether and to what extent we process your personal data.
  • The right of access (Art. 15 GDPR). This is your right to get a confirmation as to whether or not we process your personal data, and only if we (still) do, request access to your data.
  • The right to rectification (Art. 16 GDPR). This is your right to request correction of your personal data, or completion, in case that the data we process is incorrect or incomplete.
  • The right to deletion (Art. 17 GDPR). This is your right to request deletion of your personal data. Yet, an immediate deletion may not be possible, if the retention of your personal data is still required to meet legal or regulatory obligations.
  • The right to restrict the processing (Art. 18 GDPR). This is your right to request a restriction of the processing of your personal data under certain conditions: a) If you have reasons to doubt the accuracy of your personal data, you may request that its processing is restricted while we verify its accuracy, b) If the processing of your personal data is considered unlawful, but you do not request the deletion of your personal data, c) If we no longer need the data for the purposes of its processing, but you need it for the establishment, exercise or defense of legal claims, d) If you object to the processing of your personal data based on our legitimate interests under Art. 6(1) (f) GDPR, or where the processing is based on Art. 6(1) (e) GDPR.
  • The right to data portability (Art. 20 GDPR). Where the processing takes place on the basis of your consent or contract, and is carried out by automated means, you have the right to request that we provide your personal data to you in a machine-readable format.
  • The right to object to the processing (Art. 21 GDPR). You have the right to object to the processing of your personal data in certain situations.
  • Rights in relation to automated decision making and profiling (Art. 22 GDPR). You have the right to object to decisions based exclusively on the automated processing of your personal data.
  • The right to withdraw your consent. If your personal data is processed on the basis of your consent (Art. 6 (1) (a) or Art. 9 (2) (a) GDPR), you have the right to withdraw your consent at any time. The withdrawal of your consent does not affect the lawfulness of processing based on consent before its withdrawal.
  • You also have the right to file a complaint with a competent supervisory authority. For more information, please contact your local data protection authority. Contact details for data protection authorities in the European Union are available at europa.eu.

12. SPECIAL NOTE ABOUT CHILDREN'S PRIVACY

Use of CfAD Services by individuals under the age of 18 is prohibited and we do not knowingly collect any Personal Information from children.

If we change this privacy statement in a way that expands the collection, use or disclosure of children’s Personal Information to which a parent has previously consented, the parent will be notified and we will be required to obtain the parent’s additional consent.

13. FURTHER INFORMATION

This Privacy Policy is governed by the law of the State of New York excluding its choice of law provisions.

For citizens of the European Economic Area (EEA) the rules of the General Data Protection Regulation (GDPR) apply to this Privacy Policy.

CfAD makes good faith efforts to enable you to review, update or correct your personal data in CfAD’s possession. CfAD will need sufficient information from you to establish your identity and to verify your request, and also to assist us in handling your request.