Effective Date: July 26, 2022
The Pew Charitable Trusts (“Pew,” “we,” “us,” or “our”) values your private information and understands the need for security and trust surrounding such information. We are committed to protecting your Personal Data, which refers to any data that is used or could be used to identify you (such as your name, email address, street address, or job title).
This privacy policy (“Policy”) is intended to describe what we are doing with your Personal Data, how we protect it, and what privacy rights you may have under applicable data protection laws, such as the European Union General Data Protection Regulation (“GDPR”).
This Policy addresses data subjects whose personal data we:
This Policy does not address applicants applying for employment, which is covered in our Applicant Data Privacy Notice.
Please review the entire Policy and feel free to contact us using the contact information below if you have any questions.
Within the scope of this Policy, we act as a data controller for the Personal Data we process. This means that we decide how and why Personal Data is collected and further processed.
We must have a valid reason to use your Personal Data. This is called the “lawful basis for processing.”
We may process your Personal Data on the basis of:
To the extent our legitimate interests serve as lawful basis for processing, those legitimate interests include:
When we process your Personal Data based on your consent, you may withdraw it at any time. However, this will not affect the lawfulness of the processing we may have completed prior to your consent withdrawal. The withdrawal of your consent will also not affect the validity of our Personal Data processing performed on other lawful grounds.
We may collect the following kinds of Personal Data when you use the Sites:
Personal Data you provide directly to us
For certain activities, such as when you subscribe to our updates or newsletters or contact us directly, we may collect some or all of the following types of Personal Data:
We may combine such information with information we may already have about you.
Information we collect automatically
We and third parties that provide content or functionality on our Sites may use cookies, pixel tags, Local Shared Objects, and similar technologies to automatically collect certain types of Personal Data. For more information about cookies, pixel tags, Local Shared Objects, and similar technologies, please see our Cookies Policy. For more information about the third parties we collect Personal Data from, please see the section below on Information we collect from other sources.
Types of Personal Data we collect automatically include:
Information we collect from other sources
We may collect the following categories of Personal Data about you from other sources, including through the third-party services and organizations listed below:
We collect the above categories of Personal Data through the following types of third-party services and organizations:
We may process your Personal Data for the following purposes:
We will retain your Personal Data for as long as is necessary to fulfill the purpose for which we collected your Personal Data and any other permitted linked purpose and in compliance with our data retention policies. For example, we will retain and use your Personal Data to the extent necessary to comply with our legal obligations (for example, if we are required to retain your data to comply with applicable laws), resolve disputes, and enforce our legal agreements and policies.
Generally, we retain usage data for a shorter period, except when this data is used to strengthen the security or to improve the functionality of our Sites and services, or we are legally obligated to retain this data for longer time periods.
If your Personal Data is used for more than one purpose, we will retain it until the purpose with the longest retention period expires, but we will stop using it for the purpose with a shorter retention period once that period expires. Our retention periods are also based on our organization’s needs and good practice.
We are committed to maintaining your trust, and we want you to understand when and with whom we may share the Personal Data we collect.
Authorized third-party vendors and service providers. We may share your Personal Data with third-party vendors and service providers that help us with specialized services, including billing, payment processing, email deployment, business analytics, marketing, advertising, performance monitoring, hosting, and data processing. We take steps to prevent these third parties from using your information for any purpose other than the services they are providing.
Corporate affiliates. We may share your Personal Data with our corporate affiliates that are subject to this Policy.
Business transfers. We may share your Personal Data in connection with a substantial corporate transaction, such as the sale of a website, a merger, consolidation, asset sale, or in the unlikely event of bankruptcy.
Legal purposes. We may disclose Personal Information to respond to subpoenas, court orders, legal process, law enforcement requests, legal claims, or government inquiries and to protect and defend the rights, interests, health, safety, and security of The Pew Charitable Trusts, our affiliates, users, or the public.
With your consent or at your direction. We may share Personal Data for any other purposes disclosed to you at the time we collect the Personal Data or pursuant to your consent or direction.
If you access third-party services such as Facebook, Google, LinkedIn, or Twitter from the Sites or share information about your experience on the Sites with others, these third-party services may be able to collect information about you, including information about your activity on the Sites, and they may notify your connections on the third-party services about your use of the Sites, in accordance with their own privacy policies.
We use reasonable measures to help protect your Personal Data from loss, theft, misuse and unauthorized access, disclosure, alteration, and destruction. Examples of reasonable measures we use include restricting access to our sites and system based on roles, encrypting personal data at rest and in transit, and other commercially appropriate policies, procedures, and technologies for data we store or process. We make all required and reasonable efforts to ensure that all our third-party processors and vendors protect any of your Personal Data that we have shared with them.
You may opt out of our email newsletters by clicking “unsubscribe” at the bottom of each newsletter and following the subsequent instructions. You may also opt out of all communications from Pew by contacting us using the contact information provided below. Where you have provided us with your consent to use your likeness, image, name, and/or voice on Pew’s website, social media channels, multimedia materials, print materials, podcasts, and any other works made by Pew, you can later withdraw your consent, although given the nature of the internet, it may not be possible to ensure the complete removal of your information from the internet.
You may be able to refuse or disable cookies by adjusting your web browser settings. Because each web browser is different, please consult the instructions provided by your web browser (typically in the “help” section). If you choose to refuse, disable, or delete certain technologies, some of the functionality of the Sites may no longer be available to you.
For more information about cookies generally, see our Cookies Policy. For more information about the third parties we collect Personal Data from, please see the section below on Information we collect from other sources.
Rights Of European Economic Area (Eea) Residents Under The GDPR
EEA residents have specific rights with regard to their Personal Data, as described further below. For information on how to exercise these rights, please see How to Exercise Your Rights Under the GDPR.
Your rights as an EEA resident include:
How to Exercise Your Rights Under the GDPR
EEA residents may exercise their rights by contacting privacy@pewtrusts.org. Before processing your request, we will verify your identity by having you provide information we already know that is not publicly available or likely to be known by an unauthorized individual, such as your email address, phone number, or mailing address. We may also verify your identity by sending a one-time use access code to the email address or phone number we have for you. If necessary, we may request additional information from you in order to verify your identity.
We will respond to your request within one month of receipt. If we need more time (up to three months total), we will inform you of the reason and the extension period in writing.
We will not charge a fee for processing or responding to your requests. However, we may charge a fee if we determine that your request is excessive, repetitive, or manifestly unfounded. In those cases, we will tell you why we made that determination and provide you with a cost estimate before completing your request.
Under certain circumstances defined by the GDPR, we may deny your request to exercise the above rights. This limitation does not apply, however, to your right to withdraw consent to the processing of your Personal Data, which you have the right to do at any time.
If we deny your request to exercise your rights, we will inform you of our reason.
Some of the Sites may contain links to content maintained by third parties that we do not control. We allow third parties, including business partners, advertising networks, and other advertising service providers, to collect Personal Data concerning your online activities through cookies, pixels, local storage, and other technologies. These third parties may use this information to display advertisements on our Sites and elsewhere online tailored to your interests, preferences, and characteristics. We are not responsible for the privacy practices of these third parties, and the information practices of these third parties are not covered by this Policy.
Some third parties collect information about users of our Sites to provide interest-based advertising on our Sites and elsewhere, including across browsers and devices. These third parties may use the information they collect on our Sites to make predictions about your interests in order to provide you ads (from us and other companies) across the internet. Some of these third parties may participate in an industry organization that gives users the opportunity to opt out of receiving ads that are tailored based on your online activities. Because of differences between using apps and websites on mobile devices, you may need to take additional steps to disable targeted ad technologies in mobile apps. Many mobile devices allow you to opt out of targeted advertising for mobile apps using the settings within the mobile app or on your mobile device. For more information, please check your mobile settings.
To opt out of interest-based advertising across browsers and devices from companies that participate in the Digital Advertising Alliance or Network Advertising Initiative opt-out programs, please visit their respective websites. You may also be able to opt out of interest-based advertising through the settings within the mobile app or on your mobile device, but your opt-out choice may apply only to the browser or device you are using when you opt out, so you should opt out on each of your browsers and devices if you want to disable all cross-device linking for interest-based advertising. If you opt out, you will still receive ads, but they may not be as relevant to you and your interests, and your experience on our Sites may be degraded.
Do-Not-Track Signals and Similar Mechanisms. Some web browsers transmit “do-not-track” signals to websites. Because of differences in how web browsers incorporate and activate this feature, it is not always clear whether users intend for these signals to be transmitted, or whether they even are aware of them. We currently do not take action in response to these signals.
When we share your Personal Data with third parties, some of the third parties may be located outside of the European Union or the European Economic Area. In some cases, the European Commission may have determined that in some countries, their data protection laws provide a level of protection equivalent to European Union law. You can see here the list of countries that the European Commission has recognized as providing an adequate level of protection to Personal Data.
We will transfer your Personal Data to third parties in countries not recognized as providing an adequate level of protection to Personal Data only when there are appropriate safeguards in place. These may include the European Commission-approved standard contractual data protection clauses under Article 46.2 of the GDPR or Binding Corporate Rules under Article 47 of the GDPR.
We do not knowingly collect any Personal Data from children under the age of 13 without parental consent, unless permitted by law. If we learn that a child under the age of 13 has provided us with Personal Data, we will delete it in accordance with applicable law.
We may update this Policy from time to time. When we update the Policy, we will revise the “Effective Date” date above and post the new Privacy Policy. We recommend that you review the Privacy Policy each time you visit the Sites to stay informed of our privacy practices.
If you have any questions about this Policy or our practices, please contact us at privacy@pewtrusts.org.
You may also reach out directly to our Data Protection Officer, VeraSafe:
VeraSafe LLC
100 M Street S.E., Suite 600
Washington, D.C. 20003
Email: experts@verasafe.com
Web: https://www.verasafe.com/about-verasafe/contact-us/