Statement Concerning Personal Data

 

Scope - This statement relates to the Internet Engineering Task Force (“IETF”), the Internet Architecture Board (“IAB”) and the Internet Research Task Force (“IRTF”).  Herein referred to as “the Parties”.

 

General – Most Personal Data Submitted to the Parties Will Become Public

The parties operate in an open and transparent fashion.   As a part of this transparency, any contributions, submissions, statements or communications made to us, including postings or other contributions you make to the Party’s websites, most mailing lists operated by the Parties, jabber chat rooms, all Internet-Drafts or other contributions that you submit, comments you send to the parties regarding the Parties or the Party’s documents, intellectual property disclosures and updates, requests for document authentication, subpoenas, registrations for meetings of the Parties or mailing list registrations, and most other information that you send, submit or post to the Parties, and any information that we collect about you through your use of any IETF web site, mailing list or other resource, as well as your signing the Blue Sheet for an in-person or electronic meeting run by the Parties (collectively, your “Personal Data”), other than as expressly excepted in this Statement, will be made public through electronic and other means. Personal Data includes, for example,  (a) first and last name  (b) home address (c) e-mail address (d) any other identifier that permits the physical or online contacting of a specific individual.  You should be aware of our transparent operation when communicating with us.

 

By providing us with your Personal Data, you are consenting to our disclosure and use of it for the purposes as described in this Statement. By subscribing to a mailing list managed by the Parties or submitting a contribution to the Parties, you consent to our using your Personal Data to communicate with you about your participation in activities of the Parties. 

The Parties also collect information, including through audio, pictorial and video recording, during and in connection with its events, meetings, mailing lists and conferences, and automatically through its web sites.  All such information may be made public and used by the Parties in connection with the activities of the Parties.

 

Certain visitor characteristics may be reflected in our web server logs (such as, operating system, browser version, and Internet Protocol (IP) address). We do not make such information available to the public.  When you interact with our web sites we may use cookies to uniquely identify you during a session to allow us to process your online transactions and requests and to verify your identity, after you have logged in to a web site and to track user activity between sessions.  We do not use flash cookies, local storage or other browser storage. Web site visitors who disable their web browser’s ability to accept cookies or alter user tracking will be able to browse the site; however some web site features may not function well if you disable cookies.  

 

The Parties do not engage in tracking behavior, as that term is defined by the Do Not Track (DNT) specification. Consequently, IETF web sites do not alter their behavior according to the value of browsers' DNT requests.

 

You Consent to International Transmission of Your Data

Due to the nature of the Internet and our international operations, your communications and submissions may result in the transfer of your information across national boundaries and outside of your country of residence. By communicating with the Parties and submitting information to us, you consent to these transfers and to the use of your information as described in this Statement. If you provide Personal Data to the Parties, you acknowledge and agree that such Personal Data may be transferred from your current location to others in any country in the world.

 

Exceptions – Information That We Do Not Release to the Public

As an exception to the Party’s general policy of releasing information to the public, there are certain limited types of Personal Data that we do not release to the public in the ordinary course of our operations (“Non-Public Information”). The categories of Non-Public Information that we currently recognize are described below. 

 

  Payment Information

  Payment information is not collected or stored on any servers operated by the Parties.  If you conduct transactions using our web sites (e.g., meeting registration), payment and payment card information will be entered directly into a third party processor’s systems and is not transmitted through or stored by our web sites. 

 

  Non-Public Mailing Lists and direct mail to individuals at the Parties

  A small number of mailing lists operated by the Parties, including the NomCom, IAB, IAOC and IESG mailing lists, are not open to the public. These mailing lists are clearly indicated as non-public in their registration materials.  We do not make the contents of these mailing lists available to the public.  In addition, email sent directly to individuals at the Parties will not generally be made available to the public.

 

  Passwords

  Some areas of the web sites and some mailing lists operated by the Parties require you to create and enter a password.  The Parties store these passwords and do not make them available to the public.

 

 Information for letters of invitation.

  We delete the personal information that we collect to generate letters of invitation in a timely fashion after each meeting. We request that local organizations with whom we share this data to generate the letters also delete it in a timely fashion

 

 

Security

We believe that we have implemented commercially reasonable precautions to prevent the unauthorized use, disclosure and alteration of Non-Public Information. However, no data security measures can guarantee complete data security, and Parties do not guaranty the confidentiality of anything that you submit to the Parties. Please contact us at privacy@ietf.org if you believe that the security or integrity of any non-public information that you have submitted to the Parties has been compromised. Additionally, we may at times be required by law to release Non-Public Information, and we reserve the right to do so if we believe in good faith that such release is required by applicable law, regulation or judicial order.

 

Children

Our websites are not intended for use by children under 13 years old.  We do not knowingly collect personally identifiable information from, or target our websites to, children under the age of 13.  In accordance with the United States Children’s Online Privacy Protection Act of 1998, if we discover that a child under 13 has provided us with personally identifiable information, without the consent and participation of a parent or guardian, we will remove it from our systems.

 

Inquiries

The Parties do not share Personal Data with third parties for marketing purposes with the exception that the Internet Society, in its role of ensuring financial support for the Parties, may use some Personal Data to explore sponsorship or hosting possibilities.  If you would like to request information regarding our disclosure of your Personal Data to the Internet Society, please email your request to privacy@ietf.org.  We will provide information of whether your Personal Data was shared with the Internet Society free of charge. If your Personal Data was shared with the Internet Society, this information includes a list of the categories of Personal Data that were shared with the Internet Society in the immediately preceding calendar year.

 

Compliance

If you have any questions regarding this Statement or believe that the Parties are not following the procedures described in this Statement, please contact privacy@ietf.org.  You also may contact us if you have any concerns about the accuracy of, or wish to correct, your Personal Data.  We reserve the right to decline any request to remove or alter information on the web sites operated by the Parties or in our records except to the extent that we are legally required to do so.

 

If the law or a lawful order requires us to disclose information about your activities, we will (unless prohibited by law from doing so) attempt to contact you prior to such disclosure, and disclose to you the fact that we have been requested to submit information to legal authorities or civil litigants (including disclosing which information we have requested to submit).   If such a contact is unsuccessful or prohibited we shall disclose the information to you as soon as we can do so.

 

 

Other Organizations

For the avoidance of doubt, this Statement relates solely to the activities of the Parties, and does not cover any non-Party activities of the Internet Society or any other organization that may be affiliated with the Parties.

 

Links to other sites.

Occasionally, the Parties will link to websites or services operated by third parties, for example, to conferencing services.  The Parties make no representation about the privacy policies of such sites.

 

Consent

Subject to the above provisions, by communicating information (including Personal Data), you consent to the collection, public disclosure and use of information by us in accordance with this Statement.