Open Loop – Privacy Policy

We’re updating this Privacy Policy. The updates go into effect on 12 May 2023.

icon_data-policy
Welcome to Open Loop! Open Loop is a global strategic initiative and consortium supported by Meta that connects policymakers and technology companies, and proposes evidence-based policy recommendations to ongoing regulatory debates.
This Privacy Policy describes Open Loop’s practices for handling your information collected in connection with the Open Loop website.

 

Collection of Information

When you interact with us through our Website, we may collect or receive the following types of information:

Information you provide directly to us.
For certain activities, we may collect the following types of information:

  • Contact information, such as your name (first and last name) and email address;
  • Feedback that you provide to us on the policy prototyping efforts;
  • Other information you choose to provide to us, such as when you send us correspondence or provide feedback to us.

Information we collect automatically.
Depending on your device and your interaction with us, we may also collect certain information automatically when you use our Website, such as:

  • Device attributes, including information such as the operating system, hardware and software versions.
  • Identifiers, including information such as unique identifiers, device IDs, and other identifiers, and Family Device IDs associated with the same device or account.
  • Data from device settings, information you allow us to receive through device settings you turn on.
  • Network and connections, information such as the name of your mobile operator or ISP, language, time zone, mobile phone number, IP address, and connection speed.

How We Use Information
We will use the information described above for the purpose of operating and providing the Website. Specifically, we will use the information for the following purposes:

  • Evaluation of feedback: If you submit to us any feedback on policy prototyping efforts, we may review such commentary and may respond to you or seek further information from you.
  • Publications. We may publish articles, blogs or similar posts regarding policy prototyping efforts and feedback that we have received. Such publications may contain the names of feedback provider and details of the feedback.
  • Communicate with you. We use your email address to communicate with you about the Website and let you know about our Terms and Policies. We also use your information to respond to you when you contact us.
  • Promote safety, integrity and security. We may use the information that we have to verify activity, combat harmful conduct, maintain the integrity of our Website, and promote safety and security on our Website.
  • For any other purposes disclosed to you at the time we collect your information or pursuant to your consent.

How We Share Information
There are certain circumstances in which we may share your information with certain third parties without further notice to you, as set forth below:

  • Academic, research and other relevant institutions. We may share information with academic institutions, non-profit organizations, governmental parties, and industry partners for the purposes of improving the Open Loop program, its design, methodologies, external communications, and publications.
  • Service providers and third-party vendors. We share your information with third-party vendors and service providers that support the Website, for example technical infrastructure service. These services providers are restricted from using your information for any purpose other than to perform services for us.
  • Legal purposes. We may disclose information for legal purposes, such as to respond to subpoenas, court orders, legal process, law enforcement requests, legal claims or government inquiries, detect fraud, and to protect and defend the rights, interests, safety, and security of Facebook, our affiliates, owner, users, or the public.
  • Business transfers. We may share your information in connection with a substantial corporate transaction, such as the sale of a website, a merger, consolidation, asset sale, or in the unlikely event of bankruptcy.
  • With your consent. We may share information for any other purposes disclosed to you at the time we collect the information or pursuant to your consent. We are not responsible for the information you choose to submit.

How We Protect Information
We take measures to help protect information from loss, theft, misuse and unauthorized access, disclosure, alteration, and destruction. However, no data storage system or transmission of data over the Internet or any other public network can be guaranteed to be 100 percent secure. Please note that information collected by third parties may not have the same security protections as information you submit to us, and we are not responsible for protecting the security of such information.

Children’s Information
We do not knowingly collect or store information from children under the age of 13, unless permitted by law. We will delete any information we may have inadvertently received from a child under 13 upon notice. If you have reason to believe that a child under the age of 13 has provided personal information on our Website, please contact us and we will endeavor to delete that information from our databases.

 

Third Party Links

Our Website may contain links to other sites that we do not own or operate (e.g. https://www.cminds.co or https://bidlab.org/en ). Except as provided in this Privacy Policy, we do not provide your information to these third parties without your consent. The linked websites have separate and independent privacy statements, notices and terms of use, which we recommend you carefully review. We do not have any control over such websites, and therefore have no liability or responsibility for the linked websites’ personal information practices.

Data Retention
We retain information relating to the Website until it is no longer necessary to serve the purposes for which it was collected. Reasons we may retain some data for longer periods include security, fraud & abuse prevention, record keeping, complying with legal or regulatory requirements and ensuring the continuity of our Website.

Brazilian residents
Under the Brazilian General Data Protection Law (the LGPD), you have the right to access, rectify, port, erase, and confirm that we process your data. In certain circumstances, you also have the right to object to and to restrict the processing of your personal data or you may withdraw your consent when we process data you provide to us based on your consent. If you would like to exercise any of these rights, please contact us using the details provided below.

Privacy notice for United States residents

You can learn more about the consumer privacy rights that may be available to you by reviewing the United States Regional Privacy Notice.

Additional Information for Individuals in the European Union, Switzerland and the United Kingdom

If you are a user in the European Union, Switzerland or the United Kingdom the following information also applies to you and supplements the information contained above in the Privacy Policy in relation to your use of our Website. The data controller responsible for the personal data of individuals in the European Union and Switzerland is Meta Platforms, Ireland Limited. The data controller responsible for the personal data of individuals in the United Kingdom is Meta Platforms, Inc.

Our legal basis for processing data.

We collect, use and share data in the ways described above on the basis of the following:

  • Contractual necessity. The majority of the processing of personal data described in this Privacy Policy is justified on the basis that it is necessary for the performance of a contract and specifically, for the purposes of our Terms of Use. For example, we rely on this legal basis to grant you access to our Website and to communicate with you regarding the Website.
  • Legitimate interests. We rely on this legal basis to further understanding who is accessing and using the Website; prevent and address fraud, unauthorized use of the Website, breaches of our terms and policies, or other harmful or illegal activity.
  • Compliance with a legal obligation. We rely on this legal basis for processing data when the law requires it, including, for example, if there is a valid legal request for certain data.

When we process your data as necessary for the purposes of legitimate interests, you have the right to object to, and seek restriction of, our processing. To exercise your rights, you can email admin@openloop.org. In evaluating an objection, we will evaluate several factors, including: reasonable user expectations; the benefits and risks to you and third parties; and other available means to achieve the same purpose that may be less invasive and do not require disproportional effort. Your objection will be upheld and we will cease processing your information, unless the processing is based on compelling legitimate grounds or is needed for legal reasons.

Data transfers
Information may be transferred or transmitted to, or stored and processed in, the United States or other countries for the purposes described in this policy. These data transfers are necessary to provide the services set forth in our Terms of Use. For transfers from the European Economic Area (EEA) to countries outside the EEA, Meta Platforms Ireland Limited put in place adequate measures, such as standard contractual clauses adopted by the European Commission to protect your Personal Information. Meta Platforms Ireland Limited uses standard contract clauses approved by the European Commission and relies on the European Commission’s adequacy decisions in relation to certain countries, as applicable, for data transfers from the EEA to the United States and other countries. No data subject to this Privacy Policy is transferred under Facebook’s Privacy Shield certification. For transfers to countries outside the UK, Meta Platforms, Inc. relies on approved standard contractual transfer mechanisms and relevant UK adequacy regulations, as applicable.

Your rights
You have the right to access, rectify and erase your data under certain circumstances. You also have the right to object to and restrict certain processing of your data. Please note that to protect your information, we may need to verify your identity before processing your request. In some cases, we may need to collect additional information to verify your identity, such as a government issued ID. To exercise your rights under the applicable data protection law, you can email admin@openloop.org or contact us by mail at the address provided below.

Contact information
If you live in a country or territory listed below (the “European Region” which includes countries in the European Union), the data controller responsible for your information when you use the Website is Meta Platforms Ireland Limited:

  • Andorra, Austria, Azores, Belgium, Bulgaria, Canary Islands, Channel Islands, Croatia, Czech Republic, Denmark, Estonia, Finland, France, French Guiana, Germany, Greece, Guadeloupe, Hungary, Iceland, Ireland, Isle of Man, Italy, Latvia, Liechtenstein, Lithuania, Luxembourg, Madeira, Malta, Martinique, Mayotte, Monaco, Netherlands, Norway, Poland, Portugal, Republic of Cyprus, Réunion, Romania, San Marino, Saint Barthélemy, Saint-Martin, Slovakia, Slovenia, Spain, Sweden, Switzerland, Vatican City, and the UK sovereign bases in Cyprus (Akrotiri and Dhekelia).

You can contact Meta Platforms Ireland Limited online or by post at:

Open Loop
c/o Meta Platforms Ireland Limited
Merrion Road
Dublin 4, D04 X2K5, Ireland

You may also contact the Data Protection Officer for Meta Platforms Ireland Limited. In addition, you have the right to lodge a complaint with our lead supervisory authority, the Irish Data Protection Commissioner, or with your local supervisory authority.

If you do not live in one of the countries or territories listed above, the data controller responsible for your information when you use the Website is Meta Platforms, Inc.

If you live in the United Kingdom, the data controller responsible for your information is Meta Platforms, Inc., which you can contact online, or by writing to:

Open Loop
c/o Meta Platforms Ireland Limited
Merrion Road
Dublin 4, D04 X2K5, Ireland

Contact the Data Protection Officer for Meta Platforms, Inc. You also have the right to lodge a complaint with the UK’s Information Commissioner’s Office.

If you are in Brazilian territory, the data controller responsible for your information is Meta Platforms, Inc. Contact the DPO for Meta Platforms, Inc. You also have the right to petition the Brazilian Data Protection Authority by contacting the DPA directly.

 

Changes to this Policy
We may update or modify this Privacy Policy at any time without prior notice. When we update the Privacy Policy, we will revise the “Last Updated” date above and post the new Privacy Policy. We recommend that you review the Privacy Policy each time you visit the Website to stay informed of our privacy practices. Any changes will be effective when we post the revised policy.

Questions
If you have any questions about this Privacy Policy or our practices, please contact us at admin@openloop.org or by mail at:

Open Loop
c/o Meta Platforms, Inc. 1601 Willow Road Menlo Park, CA 94025