Close

Privacy Policy

Coral Restoration Foundation™ is a 501(c)(3) non-profit ocean conservation organization based in Key Largo, Florida. We are working to restore our coral reefs, educating others on the importance of our oceans, and using science to further research and monitoring techniques. This Privacy Policy describes the policies and procedures of Coral Restoration Foundation™ (collectively, “CRF”, “our”, “we”, or “us”) regarding the collection, use and disclosure of your information when you access or use our website (the “Site”) or our mobile application (“App”), and when you access or use any of our other websites, online platforms, electronic forms and surveys, online forums or interactive exhibits, any software that we may make available to you under license (“Software”), and any donation that you may make to us via the Site or App (collectively, our “Service”).

This Privacy Policy tells you about your privacy rights and how the law protects You. By accessing or using the Service, you agree to the collection and use of information in accordance with this Privacy Policy.

This notice may be supplemented by a supplemental privacy notice applicable to a particular interaction with us, which may be either embedded in this notice or made available to you separately. We will inform you when a supplemental privacy notice applies.

Quick Guide to Content

  1. Site and App Visitors
  2. Website Cookies
  3. Subscribers of our Software; Donors
  4. Social Media Services
  5. Analytics Services
  6. Use of Your Information
  7. Retention of Your Information
  8. Sharing of Your Information
  9. Your Choices
  10. Transfer of Your Information
  11. Security of Your Information
  12. Residents of U.S. States in which an Applicable Privacy Law is in Effect
  13. Residents of the European Union, UK and Switzerland
  14. Children’s Privacy
  15. Third Party Links
  16. Supplemental Privacy Notice for Event Participants and Scholars
  17. Contact Us
  18. Site and App Visitors

We collect information about your visits to our Site, and about your downloads and use of our App, including:

  • Automatically Collected Information: Information about the device and software you use to access our Site or App, such as browser or device type, operating system information, device identifier, IP address, general geographic location, date, and time of visit, whether you are a new or a return visitor, browser version, the pages or areas of our Service that you visit, the time spent on our Site pages or areas of our App, navigation and clickstream data, diagnostic data, and other such information as may be delivered or shared by the applicable browser or device.
  • Volunteered Information: Any information you may choose provide to us through our Website or App, including via our contact form, such as first name, last name, email address, company name, occupation, title, phone number, email address and/or address.

Collectively, “Visit Data”.

Where legally required, our collection of Visit Data on our Site is subject to the End User setting their preferences as further described below in the section entitled “Website Cookies”.

  1. Website Cookies

Our Site may collect the data described above, including personal information, using cookies, which are small text files stored on the visitor’s computer. Visitors can set their browser to reject cookies altogether, to reject CRF cookies in particular, or to delete cookies. We have also put in place a cookie consent tool on our site. Aside from strictly necessary cookies, we will only place cookies on your browser subject to your consent. Please note that if you delete or clear cookies or change devices or browsers, you will need to reset your cookie preferences using the tool. In addition, you may use your browser settings to delete and reject cookies. However, erasing or not consenting to some types of cookies, through the tool or your browser settings, may limit your experience on the Site and the services we are able to offer.

  1. Subscribers of our Software; Donors

When you sign up to use our Software (whether on a paid or trial basis), or when you make a donation to CRF, we may ask you to create an account with us and/or provide us with certain personal information over and above the Visit Data stated above. Such information may include:

  • Billing and payment Information.
  • In the case of Software users, other staff contact information as necessary for provision or use of the Software.
  • In the case of Software users, it is generally necessary for the user to provide such photos, images and/or other content that the user wishes to make available to the Software in order for the user to utilize the Software’s functionalities.
  • In the case of donations, in order to efficiently manage the donation process, we use third party services, Donorbox and Freewill. You can review Donorbox’s privacy policy here and Freewill’s privacy policy here.
  • We use Stripe’s services to process payments for use of our Software. You can review their privacy policy here.
  1. Social Media Services

In some areas of the Site or App, we may have links to our pages on social media platforms. When you interact with such areas of the Site or App or click on such links, the applicable social media platform may collect information about such interaction, which is then managed directly by such social media platform and is subject to the privacy policy of the social media platform.

  1. Analytics Services

We use third party analytics services to help us analyze Site and App usage. For example, we use Google Analytics, a service provided by Google, to help analyze how users use our Site. Google Analytics uses cookies to track the user’s activity (including information such as the user’s Site navigation flow, location by country, language, browser and OS, ISP, and devices) on the Site. We use this service with a view to analyze usage across devices and offer improvements for all users. To learn more about Google Analytics, please click here. To opt out of this feature by installing the Google Analytics Opt-out Browser Add-on, please click here. You may also opt-out by blocking cookies from the Site.

  1. Use of Your Information

We may use your information for the following purposes:

  • To provide and maintain our Service, including to monitor the usage of our Service.
  • To manage your Account: to manage your registration as a user of the Service, to manage your relationship with us and your use of the Service, to administer your account and perform authentication, to provide technical assistance and troubleshooting, and to verify and carry out financial transactions in relation to payments you make in connection with the Service or any donation that you choose to make.
  • For the performance of a contract: including the development, compliance and undertaking of the contract for the products or services you have purchased or for which you have received a license from us, to perform any other contract we have with you related to the Service, or in order to take steps at your request prior to entering into a contract.
  • To contact you: to make contact you by email, telephone calls, SMS, or other equivalent forms of electronic communication, such as the App’s push notifications, regarding updates or informative communications related to the functionalities, products or contracted services, including security updates, when it is necessary or reasonable to do so, and to solicit feedback regarding our products and services.
  • To provide you with news, special offers and general information: such as provision of information to you about other products, services and events which we offer that are similar to those that you have already engaged with us for, or inquired about, unless you have opted not to receive such information.
  • To manage your requests: To attend and manage your requests to us.
  • To analyze transactions and communications for fraud and crime prevention: such as to take steps to authenticate your engagements with us and to protect our staff, property, site visitors and third parties.
  • For compliance and audit purposes: such as meeting our reporting obligations in relevant jurisdictions.
  • For other purposes: We may use your information for other purposes, such as data analysis, identifying usage trends, determining the effectiveness of our promotional campaigns and to evaluate and improve our Service and your experience.
  1. Retention of your information

We will retain your information only for as long as is necessary for the purposes set out in this Privacy Policy, including to the extent necessary to comply with our legal obligations (for example, if we are required to retain your data to comply with applicable laws), resolve disputes, and enforce our legal agreements and policies.

We may also retain aggregated data for internal analysis and improvement purposes.

  1. Sharing of your information

We may share your information in the following situations:

  • With Service Providers: We may share your information with our vendors and service providers who assist us to monitor and analyze the use of our Service.
  • For business transfers: We may share or transfer your personal information in connection with, or during negotiations of, any merger or consolidation of ours with another company.
  • With Affiliates: We may share your information with our affiliates, in which case we will require those affiliates to honor this Privacy Policy. Affiliates may include subsidiaries or other companies that we control or that are under common control with us.
  • To protect our rights or those of others, or to comply with the law: under certain circumstances, we may be required to disclose your information if required to do so by law or in response to valid requests by public authorities (e.g. a court or a government agency).
  • Other legal requirements. We may disclose your information in the good faith belief that such action is necessary to comply with a legal obligation, protect and defend our rights or property or those of a third party, prevent or investigate possible wrongdoing in connection with our Service, protect the personal safety of other users of our Service or the public, and protect against legal liability.
  • With other users when you post in public areas of the Site or App: our Site or App may offer the opportunity for users to submit comments for display in public areas of the Site or App (e.g. comments on blog posts). if you share personal information with, or otherwise interact in the public areas with, other users, such information may be viewed by all users and or the public.
  • With Your consent: We may disclose your information for any other purpose with your consent.
  • Promotional purposes. We, our service providers, and our third-party partners may collect and use the information described in this Privacy Policy for promotional purposes, including the following: Information about news and opportunities at CRF. We may send you information about news and opportunities at CRF, by email or otherwise, where and to the extent permitted by law. See “Your Choices” in Section 9 below for information on how to stop receiving these types communications.
  • Targeted advertising. We may engage advertising partners, including third party advertising companies and social media companies, to display ads across the Internet in order to promote CRF’s activities. These companies may use cookies and similar
  •  
    • automatically collected information described above) about your interactions online over time across various online services, and use that information to serve online ads that they believe may be of interest to you. This is referred to as targeted advertising. For more information and to exercise your choices with regards to targeted advertising, please see “Your Choices” in Section 9 below. If you no longer wish to receive marketing emails from us, please email us as directed in Section 9 below.
    •  
  • Your Choices.

We may permit third parties to use cookies and other tracking technologies (such as web beacons and pixels) with the aim of collecting certain information to analyze behavior on the Site or App, as well as to provide you with advertisements tailored to you across the Web. This type of ad-customization is sometimes referred to as targeted advertising. For more information about this type of advertising, visit https://thenai.org/about-online-advertising/faq/. The use of cookies and other tracking technologies by third parties on, or through, our Site and App is subject to the third parties’ privacy policies. If you would like more information about your choices concerning targeted advertising, including how you may opt-out of targeted advertising by companies who participate in the Network Advertising Initiative or the Digital Advertising Alliance, visit http://optout.networkadvertising.org/?c=1 or https://optout.aboutads.info/?c=2&lang=EN. Following an opt-out using the options offered by the Network Advertising Initiative or the Digital Advertising Alliance, you may still be shown advertisements by companies who participate in these programs, but such advertisements will be less relevant to your interests. In addition, if you have consented to third party cookies at our Websites using our Cookie Preference Tool, you can withdraw your consent using the tool. Please note that if your browser causes an opt-out mechanism to expire, or if you delete your cookies or change computers or devices after opting out, you will need to opt out again by clicking the links in this Section.

Some browsers have a “do not track” feature that lets you tell websites that you do not want to have your online activities tracked. These features and our ability to process them are not yet uniform, and we do not currently respond to such signals.

If you subscribe to our newsletter, or sign up to receive other forms of marketing information from us, we collect and store this data to provide you relevant information about our events and opportunities, and other communication that may be of interest to you. You can change your subscription status with regards to our email newsletters at any time. To unsubscribe, you can follow the instructions on the bottom of each newsletter, or by contacting us via the contact form at the bottom of www.coralrestoration.org.

  1. Transfer of your information

The information that we collect from you and about you may be transferred to and stored in a country other than your country of residence, which may not offer the same level of protection of personal information as your country of residence. Your use of the Service (together with any agreement you have executed with us separately, if applicable) represents your agreement to that transfer. We will take contractual and/or other measures as required by applicable law, that are designed to ensure your personal information is protected.

  1. Security of your information

The security of your information is important to us, and we use commercially reasonable measures to protect it. However, no method of transmission over the Internet, or method of electronic storage is 100% secure, and therefore absolute security cannot be guaranteed.

  1. Residents of U.S. States in which an Applicable Privacy Law is in Effect Introduction. In this section, we provide information for residents of U.S. states in which an applicable privacy law is in effect as may be required under applicable privacy laws of such states from time to time (“State Privacy Laws”). Because certain State Privacy Laws require that we disclose specific information about how we handle certain personal information collected about residents of their states, the scope of this section may be different than the scope of the rest of our privacy policy.
  2. Definitions of key terms. Under State Privacy Laws, subject to certain exceptions, “personal information” is generally any information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular resident or household in the applicable state.
  3.  

A “Sale” of personal information under State Privacy Laws may occur any time a business sells or makes available any personal information to a third party for monetary or other valuable consideration. We do not sell personal information to third parties for monetary or other valuable consideration.

Sensitive information” under State Privacy Laws is generally defined as personal information that reveals sensitive information about a consumer, such as social security, driver’s license, state identification card or passport numbers, account log-in, financial account, debit card or credit card numbers in combination with any required security or access code, password or credentials allowing access to an account, precise geolocation, data revealing racial or ethnic origin, religious beliefs, physical or mental health diagnosis, sexual orientation, or citizen or immigrant status, as well as processing of genetic or biometric data for identification, and personal information collected from a known child.

12.3 Rights under State Privacy Laws. Depending on where you reside, you may have additional legal rights with respect to your information under State Privacy Laws, beyond those described in the preceding sections of this Privacy Policy. These rights are described below. While some of these rights apply generally, certain rights apply in limited cases. Consistent with State Privacy Laws, this Supplemental Notice provides a way to exercise such rights for residents of the above states. This section does not apply to any matters exempted from State Privacy Laws during the period of exemption, nor to matters covered by an applicable law prior to the relevant portion of the applicable State Privacy Laws going into effect.

A. Right to Know. You may have the right, depending on your jurisdiction, to request the following about the personal information we have collected about you during the past 12 months or other required time period*:

• The categories and specific pieces of personal information we have collected about you;

• The categories of sources from which we collected the personal information;

• The business or commercial purpose for which we collected the personal information;

• The categories of personal information about you that we disclosed for a business purpose, and the categories of third parties to whom we disclosed that information for a business purpose;

• The specific pieces of personal information about you that we collected and disclosed to third parties;

• The right to receive requested information in a readily-usable format if provided electronically; and

• The right to update or correct any personal information which is out of date or incorrect.

*Note: Under some State Privacy Laws, the above right to know is limited to events that occurred in the preceding 12 months, while other State Privacy Laws may have a different time limitation or no time limitation.

B. Right of Deletion. You may have the right to ask us to delete the personal information we have collected from you, subject to exceptions the law provides. For example, to the extent permitted by State Privacy Laws, we may deny a deletion request if retaining the information is necessary for us or our service provider(s) to: (a) complete the transaction for which we collected the Personal Information, provide a service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform our contract with you; (b) detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities; (c) debug products to identify and repair errors that impair existing intended functionality; (d) protect our legal interests, to defend our rights in a case of potential, threatened, or actual litigation, and to enforce our rights; (e) comply with a legal obligation and/or (f) fulfill internal and lawful uses that are compatible with the context in which you provided the information.

C. Right of Non-Discrimination. You may have the right to not be discriminated against if you exercise these privacy rights. We will not discriminate against you, deny, charge different prices for, or provide a different quality of goods or services if you choose to exercise these rights.

D. Right to Limit Use & Disclosure of Sensitive Personal Information. You may have the right to request that we limit use and disclosure of your Sensitive information. We do not collect, use, or disclose information we believe to be sensitive under State Privacy Laws, except solely to the extent necessary information about minors who register to participate in certain events that we may offer. In such cases, we process such information only to the extent necessary to provide and administer such events, and as otherwise described in a supplemental notice that we provide to you, including the supplemental notice provided below.

E. Notice at Collection. At or before the point of collection, notice must be provided to the individual of the categories of personal information collected and the purposes for which such information is used.

F. Exceptions to These Rights. The law provides for certain exceptions to the rights described above. We reserve the right to avail ourselves of these exceptions where applicable.

12.4 How to Exercise Your Rights. If you live in a relevant jurisdiction and would like to send us a request to exercise one of your above rights, you may do so by contacting us via the contact form at the bottom of www.coralrestoration.org.

You may designate an authorized agent to make a request on your behalf as permitted under law, though before we process that request, we will require that you provide the authorized agent written permission to do so and verify your identity directly with us.

To help protect your privacy and maintain security, we may take steps where required to verify your identity before granting you access to your personal information or complying with your request. We may not be able to respond to your request if we cannot verify your identity or authority to make the request and confirm the Personal Information relates to you.

We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.

  1. Residents of the European Union, UK and Switzerland

13.1 Individual Rights. If you are located in the European Economic Area (EEA), the General Data Protection Regulation (GDPR) applies to our processing of your Personal Data. If you are located in Switzerland, The Swiss Federal Data Protection Act applies to our processing of personal data. If you are located in the United Kingdom, then the Data Protection Act 2018 applies to our processing of personal data (the foregoing laws in this sub-section, collectively, “EU Data Protection Laws”). To the extent information we collect is associated with an identified or identifiable natural person and is protected as personal data under EU Data Protection Laws, it is referred to in this Privacy Notice as “Personal Data”. These laws each grant those located respectively in the EEA, Switzerland, and the UK a set of privacy rights and imposes responsibilities on us as we process the Personal Data of data subjects located in those places (“EEA Data Subjects”). This section is designed to provide more information on how we adhere to the above EU Data Protection Laws and your rights as an EEA Data Subject.

13.2 Legal Bases for Processing Personal Data. We may process your Personal Data under applicable EU Data Protection Law on the following legal grounds:

• Contractual Necessity: we may process your Personal Data to enter into or perform a contract with you.

• Consent: where you have provided consent to process your Personal Data. You may withdraw your consent at any time.

• Legitimate interest: we process your Personal Data to provide our Service to you, such as to provide our online user experience, communicate with you, provide customer service, market, analyze, operate and improve our business, and to protect our Service.

• Where processing is necessary to comply with our legal obligations.

13.3 Data Subject Requests. Subject to any exemptions provided by law, EEA Data Subjects have the right to request:

• The right to be informed about the types of Personal Data being processed and the legal basis for processing;

• the right to access and see the Personal Data being processed;

• the right of rectification and to make corrections to Personal Data;

• the right to erase Personal Data;

• the right to restrict processing of Personal Data;

• the right of data portability of Personal Data;

• the right to object to the processing of personal Data and

• the right not to be subject to automated decision-making.

Some of these rights apply only in certain circumstances and depend on the legal basis relied upon to process the data. As an example, the right to object applies to processing which is carried out on the basis of our legitimate interests and only if we cannot demonstrate compelling legitimate grounds which outweigh your rights, interests and freedoms. The same right does not apply to processing which is necessary for us to comply with our legal obligations or to perform a contract with you. These rights may extend to the Personal Data we collect through cookies or similar tracking technologies. Where processing is based on your consent, you may withdraw that consent at any time, although any processing previously carried out will still be legal.

13.4 Cross-border transfers of EEA, Swiss and UK Personal Data: We generally process data in the United States. In cases in which we transfer Personal Data outside the EEA, Switzerland or UK, unless the recipient or location to which the data is transferred has been approved by the appropriate authorities as providing an adequate level of protection for Personal Data, we put in place measures to ensure that the transfer complies with the applicable EU Data Protection Law and that the Personal Data which is transferred is appropriately safeguarded.

13.5 Exercising your rights. In order to exercise your data subjects’ rights or if you have any questions about these rights, you can write to us via the contact form at the bottom of www.coralrestoration.org. We will endeavor to respond to any requests to exercise your rights within one month from when they are made, although this period may be extended in some cases in which case we will inform you before the expiration of the one-month period. You also have the right to submit complaints to the supervisory authority in your jurisdiction. A list of supervisory authorities in the EEA can be found here: https://edpb.europa.eu/about-edpb/board/members_en.

  1. Children’s Privacy

Except as stated in a supplemental notice that we provide to you (including the supplemental notice below), our Service is not intended for individuals under the age of 18 and we do not knowingly collect personally identifiable information from anyone under the age of 18. If You are a parent or guardian and you are aware that your child has provided us with personally identifiable information outside the scope of such supplemental notice, please contact us via the contact form at the bottom of www.coralrestoration.org. If we become aware that we have collected personally identifiable information from anyone under the age of 18 without verified parental consent, we will take steps to remove that information from our databases.

  1. Third Party Links

Our Service may contain links to other websites that are not operated by us. If You click on a third party link, you will be directed to that third party’s site. We strongly advise You to review the Privacy Policy of every site You visit. We have no control over and assume no responsibility for the content, privacy policies or practices of any third party sites or services.

  1. Supplemental Privacy Notice for Event Participants and Scholars 16.2 How we use this additional data
  2.  

This notice supplements our Privacy Policy and describes how we collect, use, and share additional personal information when you participate in or apply to one of our events, classes, scholarships or grant opportunities, or entertainment options (whether as an attendee, guest, applicant, instructor or entertainer), and how to access and control this additional data. Please let us know if you have any questions about this supplemental notice.

16.1 What additional data we collect about you

When you register to participate in one of our events, we may ask you to provide your name, company/organization, professional title, email address, phone number, emergency contact name and phone number, and any dietary or disability-based accommodation needs. If you are a minor, we collect your information with parental consent, and will keep such parental consent information on file (including name and contact information of parent(s)). Where required or permitted by law, entered information will also be viewable by the parent(s).

In addition, we may collect your photograph and, if you are an instructor or entertainer, we may collect your presentation or show materials. We may also collect feedback and evaluations about you as an instructor, presenter, facilitator or entertainer. We may also collect other optional information you may choose to provide, or information required to apply for the relevant event, scholarship or grant. We will indicate on the event registration materials which data is required. Please contact us if you have any questions about why certain data is required.

We frequently take photos and record audio and/or video in public areas of our events. If so, we may make and store photographs containing your likeness and recordings of your voice and likeness. We may associate your image and the sound of your voice with your name if you are identified during the recording or identify yourself by name.

In addition to the uses specified under the main Privacy Policy, we may use this additional data to:

  1. register you to attend the event or process your application
  2. send communications to you or your team member(s) whose information has been provided
  3. confirm your registration and provide you with updates regarding the event
  4. print your physical badge, name tag or other materials needed for the event
  5. track and administer parent consent where needed
  6. track and administer dietary and physical accommodation requests
  7. review and potentially share your photo, materials, and other information with other event participants or the public, as authorized by you
  8. send you reports, materials and updates, contact you about future events, review and respond to feedback, comments, photos, videos, or other information you submit via registration forms or post-event surveys, and administer, safeguard, and improve our event operations.
  9. We may use, edit, copy, exhibit, publish, or distribute event photos and audio or video recording that we or our staff or service providers have taken, or that you have submitted to us, for our charitable purpose relating to the event itself or our events in general.

16.3 How we share this additional data

We share your information with third party event service providers and third party partners who assist us to provide, administer and manage our events, classes, scholarships or grant opportunities, and/or entertainment options.

  1. Changes to this Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this Site. You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this Site.

  1. Contact Us

If you have any questions about this Privacy Policy, You can contact us:

  • By email: info@coralrestoration.org
  • By mail: Coral Restoration Foundation, 89111 Overseas Hwy, Tavernier, Florida 33070