Last Updated: November 8, 2023
PRIVACY PRACTICES FOR CHILDREN UNDER 13
This Site is intended for families and users of all ages. Children under the age of 13 (“Children” or, individually, “Child”) can access many parts of the Site and its content and use many of its features without providing us with personal information. However, some content and features require us to collect certain personal information from them.
CHILDREN'S PARTICIPATION IN SITE ACTIVITIES
We encourage parents to educate their children about safe internet use and to monitor their children's internet use. While on the Site, Children can participate in "Activities” that require them to enter personal information. Children voluntarily wishing to participate in an Activity are required to provide certain personal information. The only Activity Children can currently engage in requiring the entry of personal information is Digital Postcards. To participate in the Digital Postcards Activity, we require the Child's first name and email address. See below for more information on the limited purposes we use this data.
Children participating in the Digital Postcard Activity will have their postcards posted in public areas of the Site. Children are NOT permitted to share personal information in the content of digital postcards. Once the Digital Postcard is posted in public areas of the Site, it will not be publicly associated with the personal information of any Child. Children will receive an email to notify them that their content is viewable.
COLLECTION OF CHILDREN'S INFORMATION
Information Children Provide to Us
Except for the Activities described above, Children can access the Site and its content and use many of its features without providing us with personal information. For Children wishing to voluntarily participate in the Digital Postcard Activity, Children must provide: the Child’s first name and email address.
Use of Children’s Information
When participating in the Digital Postcard Activity, Children’s information is used only to notify the Child that their content is viewable on the Site. A Child’s information will not be used to re-contact the Child, will not be disclosed, and will be deleted.
Accessing and Correcting Your Child's Personal Information
At any time, a parent, guardian, or the Child may review a Child's personal information maintained by us, require us to correct or delete the personal information, and/or refuse to permit us from further collecting or using the Child's information.
You can review, change, or delete your Child's personal information by sending us an email at firstname.lastname@example.org. To protect your privacy and security, we may require you to take certain steps or provide additional information to verify your identity before we provide any information or make corrections.
We store the information collected for the Digital Postcard Activity until such a time that we can notify the Child that their content is viewable on the Site. A Child’s information will not be used to re-contact the Child, will not be disclosed, and will be deleted.
COLLECTION OF INFORMATION
Information You Provide to Us
We collect information that you provide directly to us, such as when you sign up for our mailing list in order to receive our newsletter and other information, or when you otherwise contact us. This information includes your email, country of residence, and any other information you choose to share with us when you contact us.
Automatically Collected Information
When accessing or using our Site, we automatically collect information about you, including:
- Log Information: We collect log information about your use of the Site, including your IP address.
- Device Information: We collect information about the computer or mobile device you use to access our Services, including the hardware model, operating system and version, and unique device identifiers.
- Information Collected by Cookies and Other Tracking Technologies: We use different technologies to collect information, including cookies and web beacons. Cookies are small data files stored on your hard drive or in device memory that help us improve our Services and your experience, see which areas and features of our Services are popular, and count visits. Web beacons are electronic images that may be used in our Services or emails and help deliver cookies, count visits and understand usage and campaign effectiveness.
SHARING OF INFORMATION
Information we collect may be shared outside of CFTF in limited circumstances.
We do not sell personal information or provide personal information to advertisers. We do not share personal information with companies, organizations, and individuals outside of CFTF unless one of the following applies:
- With Blue Origin, LLC when required to facilitate participation in an Activity;
- With vendors, consultants and other service providers, who need access to such information to help us provide the Site and Activities;
- In response to a request for information if we believe disclosure is in accordance with, or required by, any applicable law or legal process, including lawful requests by public authorities to meet national security or law enforcement requirements;
- If we believe your actions are inconsistent with our user agreements or policies, or to protect the rights, property and safety of CFTF or others;
- In connection with, or during negotiations of, any merger, sale of company assets, financing or acquisition of all or a portion of our business by another company; and
- With your consent or at your direction.
Service Providers That Collect or Maintain Information
The following categories of service providers may collect or maintain personal information, including personal information from Children, through the Site:
- Data storage
- Activity facilitation
If you previously signed up for our mailing list, you may opt-out of receiving emails from us by following the instructions at the bottom of those emails or by contacting us with your request at email@example.com.
We store the information we collect about you for as long as is necessary for the purpose(s) for which we originally collected it or for other legitimate business purposes, including to meet our legal, regulatory, or other compliance obligations.
USERS AROUND THE GLOBE
CFTF processes and stores information in the United States. As such, we and our service providers may transfer your information to, or store or access it in, jurisdictions that may not provide equivalent levels of data protection as your home jurisdiction. We will take steps to ensure that information about you receives an adequate level of protection in the jurisdictions in which we process it.
When we transfer personal data from the European Union, the United Kingdom, or Switzerland to the United States, we comply with the EU-U.S. Privacy Shield Framework and the Swiss - U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal data transferred from the European Union, the United Kingdom, and Switzerland to the United States, respectively. Blue Origin has certified to the Department of Commerce that it adheres to the Privacy Shield Principles. To learn more about the Privacy Shield program, and to view our certification, please visit https://www.privacyshield.gov.
In compliance with the Privacy Shield Principles, we are committed to resolving complaints about our processing of your personal data. EU, United Kingdom, and Swiss individuals with inquiries or complaints regarding our compliance with the Privacy Shield program should first contact us. We have further committed to refer unresolved Privacy Shield complaints to JAMS, an alternative dispute resolution provider located in the United States. If you do not receive timely acknowledgment of your complaint from us, or if we have not addressed your complaint to your satisfaction, please contact or visit https://www.jamsadr.com/eu-us-privacy-shield for more information or to file a complaint. The services of JAMS are provided at no cost to you.
Under certain conditions, you may be able to invoke binding arbitration to resolve your complaint. Blue Origin is subject to the investigatory and enforcement powers of the U.S. Department of Transportation. If we share personal data transferred to the U.S. under the Privacy Shield with a third-party service provider that processes such data on our behalf, then we will be liable for that third party’s processing in violation of the Privacy Shield Principles, unless we can prove that we are not responsible for the event giving rise to the damage.
RESIDENTS OF THE EUROPEAN ECONOMIC AREA AND SWITZERLAND
Legal Basis for Processing
If you are in the EEA, the United Kingdom, or Switzerland, when we process personal data about you we will only do so in the following situations:
- We have your consent to do so. For example, at your request, we will add you to our newsletter mailing list.
- We have a legitimate interest in processing personal data about you. For example, we may process personal data about you to provide, secure, and improve our Site.
- We need to process personal data about you in accordance with legal obligations we have. For example, we may need to retain some personal data about you to prove that we comply with applicable law such as the fact that we screened your age and certain emails your or your parent(s) may send us as evidence of our compliance with your requests, if applicable.
DATA SUBJECT REQUESTS
If you are in the EEA, the United Kingdom, or Switzerland, you have the right to access personal data we hold about you and to ask that your personal data be corrected, erased, or transferred. You may also have the right to object to, or request that we restrict, certain processing. If you would like to exercise any of these rights, you may contact us as indicated below.
If you have any questions, suggestions, or concerns about this Policy, please contact us at: firstname.lastname@example.org.
If you are in the EEA, United Kingdom, or Switzerland, and have a concern about our processing of personal data that we are not able to resolve, you have the right to lodge a complaint with the data privacy authority where you reside. For contact details of your local Data Protection Authority, please see the following links:
- For individuals in the EEA: https://edpb.europa.eu/about-edpb/board/members_en
- For individuals in the UK: https://ico.org.uk/global/contact-us/
- For individuals in Switzerland: https://www.edoeb.admin.ch/edoeb/en/home/the-fdpic/contact.html