Privacy Policy

1. Introduction

The Berkeley Institute for Free Speech Online is an organization registered in the United States with its principal address at 2322 Parker St, Berkeley, California 94704-2818. We operate the website https://www.berkeleyspeech.lat under the developer name Berkeley Speech and are engaged in the field of computer systems design and related services, including computer integrated systems design, within the professional, scientific, and technical services sector.

This Privacy Policy outlines our practices regarding the collection, use, disclosure, and protection of personal data. It applies to all visitors, users, and others who access our website or engage our services. By accessing our website, you acknowledge that you have read and understood this policy and consent to the data practices described herein. We encourage you to read this document carefully and to contact us if you have any questions about how we handle your information.

2. Information We Collect

We collect information from you in several ways to enable us to provide and improve our services. The categories of information we collect include the following:

Information You Voluntarily Provide

When you interact with our website, submit inquiries, or engage our services, we may collect personal information that you choose to share with us, including:

• Contact information such as your full name, email address, telephone number, and postal address
• Professional information including your job title, organization name, and industry sector
• Project-related information such as technical requirements, system specifications, and descriptions of your infrastructure or consulting needs
• Records of communications, including emails, messages, meeting notes, and correspondence related to our services
• Any other personal information you choose to submit through our website contact forms, email, or direct communications

Information Collected Automatically

As you navigate through our website, we may automatically collect certain technical information about your device and browsing behavior using cookies and similar tracking technologies:

• Device identifiers such as your internet protocol (IP) address, browser type and version, operating system, and device type
• Usage data including the pages you visit, the time and date of your visits, the duration of your sessions, and the referring website or search engine that led you to our site
• Information collected through cookies and similar technologies as further described in Section 6 of this policy

3. How We Use Your Information

We use the information we collect for the following legitimate business purposes:

• To provide, deliver, and improve our computer systems design and integration services based on your specific needs and requirements
• To respond to your inquiries, service requests, and communications in a timely and professional manner
• To communicate with you regarding project updates, technical documentation, service modifications, and other matters relevant to our engagement
• To enhance and personalize your experience on our website by understanding your preferences and usage patterns
• To analyze website traffic and usage trends to improve the functionality, performance, and content of our online platforms
• To comply with applicable legal obligations, regulatory requirements, and industry standards
• To detect, prevent, and address security incidents, unauthorized access, fraud, and technical issues affecting our systems
• To maintain accurate records for business administration, accounting, auditing, and reporting purposes

We will not process your personal information for purposes that are incompatible with those described in this policy without first notifying you and, where required by applicable law, obtaining your consent.

4. Legal Basis for Processing Under GDPR

If you are located in the European Economic Area (EEA) or the United Kingdom, our processing of your personal data is subject to the General Data Protection Regulation (GDPR). We rely on the following legal bases for processing your data:

• Consent: Where you have provided explicit consent for us to process your personal data for a specific purpose, such as receiving marketing communications or accepting non-essential cookies. You may withdraw your consent at any time, and the withdrawal will not affect the lawfulness of processing based on consent before its withdrawal.
• Contractual Necessity: Where processing is necessary for the performance of a contract with you or to take steps at your request before entering into a contract, such as responding to a service inquiry or preparing a proposal for services.
• Legitimate Interests: Where processing is necessary for our legitimate business interests, including improving our services, maintaining the security and integrity of our systems, and managing our operations effectively. We carefully assess our interests against your privacy rights and will not process your data where your interests override ours.
• Legal Obligation: Where processing is necessary to comply with applicable laws, regulations, legal processes, or government requests.

5. Data Sharing and Disclosure

We respect the confidentiality of your personal information and do not sell, trade, or otherwise transfer your data to third parties for their own marketing or commercial purposes. We may share your personal information in the following limited circumstances:

• Service Providers: We may engage trusted third-party service providers to assist us in operating our website, managing communications, analyzing data, and delivering services. These providers are contractually obligated to process your data only on our instructions and to implement appropriate security measures to protect your information.
• Legal Requirements: We may disclose your personal information when required by law, regulation, legal process, or governmental request, including to comply with subpoenas, court orders, or other legal obligations.
• Protection of Rights: We may disclose your information when we believe in good faith that disclosure is necessary to protect our legal rights, property, or safety, or the rights, property, or safety of others, including to enforce our Terms of Service or investigate potential violations.
• Business Transactions: In the event of a merger, acquisition, reorganization, sale of assets, or bankruptcy, your personal information may be transferred as part of that transaction. We will provide notice before your data becomes subject to a different privacy policy.

All third parties who receive your data are contractually bound to use it solely for the specified purposes and to maintain confidentiality and security consistent with this policy and applicable data protection laws.

6. Cookies and Tracking Technologies

Our website uses cookies and similar tracking technologies to enhance your browsing experience, analyze website traffic, and understand user behavior. Cookies are small text files stored on your device by your web browser when you visit a website. We use the following categories of cookies:

• Essential Cookies: These cookies are necessary for the basic operation of our website. They enable core functionality such as page navigation, session management, and security features. Because these cookies are essential for the website to function properly, they cannot be disabled through our website settings. However, you can configure your browser to block or alert you about these cookies.
• Analytics and Performance Cookies: These cookies collect aggregated, anonymous information about how visitors use our website. They help us understand which pages are most frequently visited, how users navigate between pages, and whether users encounter errors. The data collected by these cookies does not identify individual users and is used solely to improve the performance and usability of our website.
• Functionality and Preference Cookies: These cookies remember choices you make on our website, such as your preferred language, region, or text size settings. They provide a more personalized experience and ensure that you do not have to re-enter your preferences on each visit.

You have the right to control cookies through your browser settings. Most web browsers allow you to manage your cookie preferences, including blocking or deleting cookies. Please note that if you choose to disable certain cookies, some features of our website may not function as intended. For more detailed guidance on managing cookies, we recommend visiting aboutcookies.org.

7. Data Security

We are committed to protecting the security of your personal information and have implemented appropriate technical and organizational measures to safeguard it against unauthorized access, alteration, disclosure, or destruction. Our security practices include:

• Encryption of data transmitted between your browser and our servers using Transport Layer Security (TLS) protocols, ensuring that information exchanged over the internet remains confidential and tamper-proof
• Secure server infrastructure protected by firewalls, intrusion detection systems, and multi-factor authentication mechanisms that restrict access to authorized personnel only
• Regular security audits, vulnerability assessments, and penetration testing to identify, evaluate, and address potential security weaknesses in our systems and processes
• Strict access controls and role-based permissions that limit internal access to personal data to employees and contractors who need it to perform their duties
• Ongoing privacy and security training for our staff, ensuring that all team members understand their obligations regarding data protection and information security
• Incident response and breach notification procedures designed to detect, investigate, contain, and report security incidents in a timely manner

While we strive to protect your personal information, no method of transmission over the internet or electronic storage is completely secure. We cannot guarantee absolute security, but we will promptly notify you and relevant regulatory authorities if a data breach occurs that may affect your personal information, in accordance with applicable data protection laws.

8. Your Rights and Choices

Depending on your jurisdiction, you may have the following rights regarding your personal information:

Rights Under the GDPR (EEA and UK Residents)

• Right of Access: You have the right to request confirmation of whether we process your personal data and to obtain a copy of that data, along with information about how we process it, including the purposes of processing, categories of data processed, and recipients to whom the data has been disclosed.
• Right to Rectification: You have the right to request the correction of inaccurate or incomplete personal data we hold about you without undue delay.
• Right to Erasure: You have the right to request the deletion of your personal data in certain circumstances, including when the data is no longer necessary for the purposes for which it was collected, when you withdraw consent, or when you object to processing and there are no overriding legitimate grounds.
• Right to Restrict Processing: You have the right to request the restriction of processing of your personal data in certain circumstances, such as when you contest the accuracy of the data, when processing is unlawful, or when you have objected to processing pending verification of our legitimate grounds.
• Right to Data Portability: You have the right to receive your personal data in a structured, commonly used, and machine-readable format and to transmit that data to another data controller without hindrance from us, where technically feasible.
• Right to Object: You have the right to object to the processing of your personal data based on legitimate interests, including profiling, or for direct marketing purposes. We will comply with your objection unless we can demonstrate compelling legitimate grounds for processing that override your interests.
• Right to Withdraw Consent: Where processing is based on your consent, you have the right to withdraw that consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal.

Rights Under the CCPA (California Residents)

• Right to Know: You have the right to request that we disclose the categories and specific pieces of personal information we have collected about you, the business purposes for collecting it, the sources from which it was collected, and the categories of third parties with whom we share it.
• Right to Delete: You have the right to request the deletion of personal information we have collected from you, subject to certain exceptions such as when the information is necessary to complete a transaction, detect security incidents, or comply with a legal obligation.
• Right to Opt Out of Sale: You have the right to opt out of the sale of your personal information to third parties. We do not sell personal information and have not sold any personal information in the preceding twelve months.
• Right to Non-Discrimination: You have the right not to receive discriminatory treatment for exercising any of your CCPA rights. We will not deny goods or services, charge different prices, or provide a different level of service to you based on your exercise of these rights.

To exercise any of these rights, please contact us using the information provided in Section 14. We will acknowledge receipt of your request within five business days and provide a substantive response within the time frame required by applicable law. We may need to verify your identity before processing certain requests and will inform you if additional information is required.

9. Children's Privacy

Our services are not directed toward individuals under the age of 16, and we do not knowingly collect personal information from children. If we become aware that a child under 16 has provided us with personal information without verifiable parental consent, we will take steps to delete that information from our systems as quickly as possible. Parents or guardians who believe that their child has submitted personal data to us should contact us immediately using the information in Section 14, and we will investigate and address the matter promptly.

10. International Data Transfers

Your personal information may be transferred to and processed in countries other than your country of residence, including the United States where the Berkeley Institute for Free Speech Online is established. The data protection laws in these countries may differ from those in your home jurisdiction.

When we transfer personal data across international borders, we implement appropriate safeguards to ensure that your data receives an adequate level of protection. For transfers from the European Economic Area or the United Kingdom, we rely on standard contractual clauses approved by the European Commission and the UK Information Commissioners Office, which impose contractual obligations on the data recipient to protect your data in accordance with European data protection standards. If you have questions about the specific safeguards we use for international transfers, please contact us.

By submitting your personal information to us, you acknowledge that your data may be processed in the United States. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy.

11. Third-Party Links

Our website may contain links to third-party websites, plugins, services, or resources that are not owned or controlled by the Berkeley Institute for Free Speech Online. These links are provided for your information and convenience and do not constitute our endorsement of the third-party content, products, or services.

We have no control over and assume no responsibility for the content, privacy policies, or practices of any third-party websites or services. We strongly encourage you to review the privacy policies of every website you visit before providing them with any personal information. The inclusion of a link to a third-party website on our site does not imply that we endorse, authorize, or sponsor that website or its privacy practices.

12. Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements. To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the data, the potential risk of harm from unauthorized use or disclosure, the purposes for which we process the data, and applicable legal requirements.

In certain circumstances, we may aggregate and anonymize your personal information so that it can no longer be associated with you. We may use such anonymized data for research, statistical analysis, and business planning purposes without further notice to you. When personal data is no longer needed for the purposes for which it was collected, we will securely delete or destroy it in accordance with our data retention and destruction policies.

13. Changes to This Privacy Policy

We reserve the right to update or modify this Privacy Policy at any time to reflect changes in our practices, legal requirements, or business operations. When we make material changes to this policy, we will update the Last Updated date at the top of this page and may notify you through a notice on our website or through other communication channels as appropriate.

We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information. Your continued use of our website after any changes to this policy constitutes your acceptance of the updated terms. If we make changes that materially affect how we handle previously collected personal information, we will notify you and obtain your consent where required by applicable law.

14. Contact Information

If you have any questions, concerns, complaints, or requests regarding this Privacy Policy or our data handling practices, please do not hesitate to contact us using the following information:

• Organization: Berkeley Institute for Free Speech Online
• Address: 2322 Parker St, Berkeley, California 94704-2818, United States
• Email: wengming@berkeleyspeech.lat
• Telephone: +1 331 867 9488
• Website: https://www.berkeleyspeech.lat

We acknowledge receipt of privacy inquiries within five business days and will provide a substantive response within 30 days. If you are unsatisfied with our response, you may have the right to lodge a complaint with your local data protection authority or, in the United States, with the Federal Trade Commission or the California Attorney General.