Terms written in human language
As you will hopefully notice, these Terms are both understandable to laymen like yourself and actually quite enjoyable to read. The previous versions of our Terms were shorter and more condensed but we decided to write them in a more verbose manner in order to make them easier to understand, to be able to include examples, and to be more precise. We hope you will appreciate our efforts.
Happy reading from the whole team behind the IDF.
These Site Terms and Conditions (the "Terms") is a legally binding agreement made by and between The Interaction Design Foundation (hereinafter, “IDF”) and you, personally and, if applicable, on behalf of the entity for whom you are using this web site or any of its services (collectively, "you"). These Terms govern your use of IDF's web site located at www.interaction-design.org (hereinafter the “Site”) and IDF's services so please read the following carefully.
By accessing or using any part of the Site, you agree that you have read, understand, and agree to be bound by these Terms. If you do not agree to be so bound, please do not access or use the Site.
These Terms address your legal rights and obligations and include important disclaimers.
1. Choice of Law and Forum Provisions (Governing Law)
The Site is run by IDF, a non-governmental, privately held organization. You agree that these Terms and your use of the Site and the materials and content produced by IDF shall be governed by the laws at the local jurisdiction of the IDF's operating address, which is defined as the physical address where the shareholders and directors of the business make their business decisions. You hereby consent to the exclusive jurisdiction and venue of the courts, tribunals, agencies and other dispute resolution organizations in aforementioned local jurisdiction in all disputes:
- Arising out of, relating to, or concerning the Site, IDF, and/or these Terms.
- Where the Site, IDF, and/or these Terms is an issue or a material fact.
- Where the Site, IDF, and/or these Terms are referenced in a paper filed in a court, tribunal, agency or other dispute resolution organization.
IDF has endeavored to comply with all legal requirements known to it in creating and maintaining the Site, but makes no representation that materials and/or content on the Site or produced by IDF are appropriate or available for use in any particular jurisdiction. You are responsible for compliance with applicable laws. Any use in contravention of this provision or any provision of these Terms is at your own risk and, if any part of these Terms is invalid or unenforceable under applicable law, the invalid or unenforceable provision will be deemed superseded by a valid, enforceable provision that most closely matches the intent of the original provision and the remainder of these Terms shall govern such use.
Your use of and browsing of the Site is at your own risk. IDF does not warrant that the software used for the Site, and the information, material, and content on it, or any other services and materials provided by means of the Site or by IDF are error-free, or that their use will be uninterrupted. IDF expressly disclaims all warranties related to the above-mentioned subject matter, including, without limitation, those of accuracy, condition, merchantability and fitness for particular purpose. Notwithstanding anything to the contrary on the Site, in no event shall IDF be liable for any loss of profits, revenues, indirect, special, incidental, consequential, or other similar damages arising out of or in connection with the Site or out of the use of any of the services proposed by means of the Site.
IDF make no representations or guarantees about any aspect of the content on the Site and does not endorse any opinions expressed by any users. ALL CONTENT IS POSTED "AS IS" AND YOUR USE OR RELIANCE ON ANY CONTENT IS AT YOUR OWN RISK. WE HAVE NO LIABILITY TO YOU FOR THE CONSEQUENCES OF USING OR RELYING ON ANY CONTENT, ADVICE OR OPINION DISPLAYED IN THE SITE.
4. Legal Disclaimer
IDF and its authors make no representations as to the accuracy, completeness, currentness, suitability, or validity of any information, material, or content on the Site.
THE MATERIAL AND CONTENT POSTED ON THE SITE AND ANY CONTENT PRODUCED BY OR PUBLISHED THROUGH IDF ARE PROVIDED "AS IS" WITHOUT ANY EXPRESS WARRANTY OR IMPLIED WARRANTY OF ANY KIND INCLUDING WARRANTIES OF MERCHANTABILITY, NON-INFRINGEMENT OF INTELLECTUAL PROPERTY, OR FITNESS FOR ANY PARTICULAR PURPOSE. IN NO EVENT SHALL IDF BE LIABLE FOR ANY DAMAGES WHATSOEVER (INCLUDING, WITHOUT LIMITATION, DAMAGES FOR LOSS OF PROFITS, BUSINESS INTERRUPTION, LOSS OF INFORMATION) ARISING OUT OF THE USE OF OR INABILITY TO USE THE MATERIALS, EVEN IF IDF HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
IDF, ITS AFFILIATES AND/OR PAYMENT PROCESSING VENDORS, SHALL NOT BE LIABLE FOR ANY INDIRECT, SPECIAL, INCIDENTAL, CONSEQUENTIAL, OR EXEMPLARY DAMAGES ARISING FROM YOUR USE OF THE SITE.
Because some jurisdictions prohibit the exclusion or limitation of liability for consequential and or incidental damages, the above limitation may not apply to you. Furthermore, IDF does not warrant the accuracy or completeness of information of links or other items contained within these materials that have been provided by third parties.
5. Provision regarding change in attribution of copyrighted materials
Please contact us at firstname.lastname@example.org if you, or your organization, wish to correct or change attribution or presentation of any image/material used on the Site, which you, or your organization, are the rightful copyright holder of. We will request that you submit proof of your ownership of the copyright on this material but will act immediately on any reasonable request.
6. Notice and procedure for claims of copyright infringement
Every effort has been made by the Site's individual contributing authors as well as IDF to discover and contact copyright holders of artwork/illustrations/content used on the Site. To the extent that a copyright holder could not be found or an inadvertent permission or copyright error was made, IDF stands ready to remove content upon notice and request by a copyright holder. In the case that you believe that any content or other material provided through the Site allegedly infringes your copyright, you should notify IDF of your infringement claim in accordance with the procedure set forth below.
We will process each notice of alleged infringement which IDF receives and take appropriate action in accordance with applicable intellectual property laws. A notification of claimed copyright infringement should be emailed to email@example.com (subject: "Takedown Request").
The notification must contain at least the following information:
- An electronic or physical signature of the copyright owner or the person authorized to act on behalf of the owner of the copyright interest.
- A description of the copyrighted work that you allegedly claim has been infringed.
- A description of where the material that you claim is infringing is located on the Site that is reasonably sufficient to enable us to identify and locate the material.
- Means for IDF to contact you, such as your address, telephone number, and email address
- A written statement by you that you have a good faith belief that the disputed use is not authorized by the copyright owner, its agent, or the law.
- If you represent a publisher, a written statement by you that you have a good faith belief that the material has not been placed in the public domain, or licenced under another licence, before you acquired the copyright as this would possibly invalidate your copyright.
- A statement by you indicating that the above information in your notice is accurate and that you are the copyright owner or authorized to act on the copyright owner's behalf.
7. Trademarks and other rights
All trademarks, logos, service marks, collective marks, design rights, personality rights or similar rights that are mentioned, used or cited by IDF and its authors are the property of their respective owners. The use of any trademark in our materials does not vest in the author or IDF any trademark ownership rights in such trademarks, nor does the use of such trademarks imply any affiliation with or endorsement of IDF and its authors by such owners. As such, IDF cannot grant any rights to use any otherwise protected materials. Your use of any such or similar incorporeal property is at your own risk. Content which in IDF's reasonable opinion are believed to constitute trademarks may or may not have been labeled as such. However, neither the presence nor absence of such labels should be regarded as affecting the legal status of any trademarks. If you, or your organization/company, sign up for a company membership with the IDF we will use your logo - for example - on your company-specific sign-up page or on public pages where we list examples of companies that have taken up company memberships with us. By agreeing to these Terms, You allow the IDF to use your logo on the Site. Some companies are very particular about the usage of their logo and it you would like the IDF to NOT use your logo, simply tell us by writing an email to firstname.lastname@example.org (subject: "Takedown Request") and we will remove your logo on the next Site update.
Screenshots of copyrighted computer software, for which the copyright is held by the author(s) or the company that created the software, is believed to fall under the legal doctrine known as “Fair Use” in the USA (and similar laws in other jurisdictions). It is believed that reproduction for purposes such as criticism, comment, news reporting, teaching, or research does not constitute copyright infringement. If you reuse screenshots, as well as any other information provided by IDF, you do so at your own risk and under the applicable copyright laws of your country.
9. Copyright of Abstracts
Abstracts in the Wiki Bibliography (/literature/) are submitted by their authors who use the wiki to make their research as accessible as possible to IDF's user community. When a webpage on the Site references, cites or lists a work from the bibliography, its abstract is included. Abstracts entail varying copyrights, depending on which publisher the work is published through. You should assume that abstracts in the Site fall under the copyright - with all rights reserved - of its publisher and/or author and therefore must always use/cite abstracts according to the Fair Use doctrine. You may visit the publisher's website to learn about the specific copyright terms (e.g. ACM, IEEE, or Springer) or contact the author directly. You must cite/use abstracts according to the principles of Fair Use as it may otherwise be construed as a copyright infringement and subject to legal action.
10. User Submissions / User Content
You hereby understand and acknowledge that additions to the Wiki Bibliography (including article abstracts), additions the Conference Calendar (including conference descriptions), user-contributed notes on each page (including text, photographs, graphics), or other materials posted by users on the Site (hereinafter referred to as the "Content") are the sole responsibility of the person from whom such Content originated. This means that you, and not IDF, are entirely responsible for all Content that you upload, post or otherwise make available to other users of the Site.
When submitting content to the Site, you agree to not:
- Impersonate any person or entity or falsely state or otherwise misrepresent your affiliation with a person or entity.
- Upload, post or otherwise make available any content that you do not have a right to make available under any law or under contractual or fiduciary relationships (such as inside information, proprietary and confidential information learned or disclosed as part of employment relationships or under nondisclosure agreements).
- Upload, post or otherwise make available any Content that infringes any patent, trademark, trade secret, copyright or other proprietary rights (the "Rights") of any party.
- Upload, post or otherwise make available any Content that is unlawful, harmful, threatening, abusive, harassing, tortious, defamatory, vulgar, obscene, libelous, invasive of another's privacy, hateful, or racially, ethnically or otherwise objectionable.
- Not post content that contains explicit or graphic descriptions or accounts of sexual acts or is threatening, abusive, harassing, defamatory, libelous, deceptive, fraudulent, invasive of another's privacy, or tortuous.
- Not engage in an activity that is harmful to us IDF's users, customers, advertisers, affiliates, vendors, or anyone else.
- Not use any device, software, platform or any other process to damage, disable, impair, or otherwise attack our Site or the networks connected to our Site.
And you agree to:
- Immediately notify IDF if you learn of a security breach or other illegal activity on the Site.
- Protect your username and password and not lease, transfer pledge or sell it.
You acknowledge that IDF shall have the right to immediately remove any Content that violates these Terms or is otherwise objectionable, at IDF's discretion.
You are responsible for obtaining, at your own expense, all equipment and services needed to access the Site. If you are accessing the Site through a mobile device, your wireless carrier may charge you fees for data, text messaging, and other wireless access or communications services. We do not guarantee that the Site can be accessed through all wireless devices or service plans or are available in all geographical locations.
11. Third Party Websites
IDF is not responsible for the content or practices of any other website. By using the Site, you acknowledge and agree that IDF is not responsible or liable to you for any content or other materials hosted and served from any third party website.
12. Email communication: Confidential and proprietary information notice
Email messages sent from members of IDF, including emails generated from the use of the Site website, are proprietary to IDF, and are intended solely for the use of the individual to whom they are addressed. Such messages may contain privileged or confidential information and should not be circulated or used for any purpose other than for what they are intended. If you receive a message from a member of IDF in error, please notify the sender immediately. If you are not the intended recipient, you are hereby notified that you are strictly prohibited from using, copying, altering, or disclosing the contents of the message. IDF accepts no responsibility for loss or damage arising from the use of the information transmitted by email message including damage from virus.
You may not use or allow others to use your username and IDF email address to e-mail, instant message, voice mail, fax, chat, send 'spam' (e-mail) and 'spim' (instant messages), or send any other unsolicited bulk communication to users of the Site or anyone else. You may not access the Site to harvest or collect any information about our users for any purpose without our express written authorization. You may not create multiple usernames for sending unsolicited bulk communications or posting advertising or other notice on the Site. Any violation of these provisions may result in immediate suspension or termination of your membership.
13. Usage conditions
Please make sure that you understand that some or all of the information provided by IDF is being provided freely, and that no kind of agreement or contract is created between you and the owners, partners, users, or authors of this site, the owners of the servers upon which it is housed, the individual contributors of the IDF, any project administrators, sysops or anyone else who is in any way connected with this project. If you choose to use or copy anything from this site it does not create or imply any contractual or extra-contractual liability on the part of IDF or any of its members, partners, sponsors, affiliates, contributors or other users. Your use of any such or similar incorporeal property is at your own risk.
If a court of law finds that any provision of these Terms is invalid or unenforceable, the remaining provisions will continue to be valid and enforceable.
IDF currently offers three categories of paid membership to users: Student, Professional and IDF Design League. Such options are available when a user registers into the Site. Users cannot sell, transfer, lease or otherwise allow unauthorized third parties to use access/use their account. Company memberships and institutional memberships are subject to these Terms, including all further authorized individual accounts.
Your IDF membership will begin on the day you finish your registration process and payment is processed through one of our payment gateways, whichever comes later, and will continue on a year-to-year basis (in the case of the Student Membership and the Professional Membership, which are paid yearly) and a month-to-month basis (in the case of the IDF Design League membership, which is paid monthly) unless you cancel your membership or we terminate it according to these Terms.
IDF will bill your monthly or yearly membership fee to your current payment method. You must cancel your membership before it renews each year (for Student Memberships and Professional Memberships) or each month (for IDF Design League Memberships) in order to avoid billing of the next month's or year's membership fees to your payment method.
Any materially different or additional terms from those described in these Terms (including company and institutional memberships) will be disclosed when you create your account and sign-up into your membership or in other communications made available to you, including e-mail. IDF hereby reserves the right to modify, terminate or otherwise amend its offered membership plans.
IDF will have the right to terminate your access to the Site if it reasonably believes you have breached any of the terms and conditions of these Terms. Following termination, you will not be permitted to use the Site. If your access to the Site is terminated, IDF reserves the right to exercise whatever means it deems necessary to prevent unauthorized access to the Site, including, but not limited to, technological barriers, IP mapping, and direct contact with your Internet Service Provider. These Terms will survive indefinitely unless and until IDF chooses to terminate them, regardless of whether any account you open is terminated by you or IDF or if you have the right to access or use the Site.
16. Force Majeure, website downtime, and service outages
IDF will not be liable for failing to perform under these Terms because of any event beyond its reasonable control, including, without limitation, a labor disturbance, an Internet outage or interruption of service, a communications outage, failure by a service provider to IDF to perform, fire, terrorism, natural disaster, or war.
17. Limitation of Actions
You acknowledge and agree that, regardless of any statute or law to the contrary, any claim or cause of action you may have arising out of, relating to, or connected with your use of the Site, must be filed within one calendar year after such claim or cause of action arises, or forever be barred.
18. Billing, Payments, Refunds, Cancellation
Billing. By starting your IDF membership and providing your
payment method (e.g. Credit Card, PayPal account, or other payment
methods introduced in the future), you hereby authorize IDF to
charge and process a monthly or yearly membership fee depending on
the membership type at the then-indicated current rate, and any
other charges you may incur in connection with your use of IDF's
services. In other words, you authorize the IDF to initiate payment collection
for your membership without further consent from you until you cancel (see below
for information on cancellation).
IDF hereby reserves the right to adjust pricing for its services or any components thereof in any manner and at any time, as determined in IDF's sole and final decision. Except as otherwise expressly provided for in these Terms, any price changes to your membership will enter into force following e-mail notice to you.
The fee for your membership service will be billed at the beginning of the paying term of your membership and each month or year thereafter (depending on whether the given membership is paid monthly or yearly). IDF reserves the right to modify or otherwise change billing dates. In the event your membership begins on a day not contained in a given month, IDF may bill your payment method on a day in the applicable month or such other day as IDF deems appropriate.
Payments. Online payments for services offered through the Site are done by Paypal and Stripe, collectively referred to as “Payment Gateways”. All Payment Gateways are external, third party payment processing vendors and their payment services and other services are subject to their respective Terms and Conditions. IDF hereby reserves the right to offer further Payment Gateways, which will be governed and subject to the respective terms and conditions of such third party payment processing vendors. IDF does NOT directly or indirectly, receive, retain, store or use your credit card information - in fact it never touches the IDF servers. Your credit card data constitutes sensible personal information which will be processed by third parties not directly related to IDF.
If a payment is not successfully charged, due to credit card expiration, insufficient funds, or otherwise, and you do not edit your payment method information or cancel your account, you shall remain responsible for any uncollected amounts and authorize us to continue billing the payment method, as it may be available and/or updated. For certain payment methods, the issuer of your credit card or other payment method may charge you transaction fees or other charges. IDF is not responsible for such fees or charges. Please revise your payment method service provider for details.
Refunds. IDF currently offers a 30 day money-back guarantee for first-time payments of its memberships - unless of course there is a material and documented issue (like fraudulent or mischievous behaviour by you). Such material and documented issue shall be jointly considered between you and IDF, and you accept that IDF decision will be final, at its sole and absolute discretion. All other payments made to IDF are, as a general rule, not refundable. However, IDF may provide you a refund or other consideration, with the amount and form - and the decision to provide it - at its sole and absolute discretion. Any effectuated refund does not entitle you to further refunds or other considerations in the future for similar instances, nor does it obligate IDF to provide them in the future, under any circumstance.
Cancellation. You may cancel your IDF membership at any time.
That can be done in two ways:
1) You can delete your payment method and simply let your membership run out without adding a new payment method. We will send you a series of emails urging you to renew but if you do not respond, we will cancel your account. If you choose to cancel this way, you will continue to access your account service through the end of your monthly or yearly billing period.
2) The second method is to go to your account page and cancel your account immediately. If you manually cancel your membership, your account will close immediately - as opposed to at the end of your current billing period - and therefore your membership credit will be forfeited.
19. Taxes and VAT
For the sake of simplicity for IDF's members/clients and the online user experience, our prices always include taxes like VAT, Sales Tax, Credit Card processing fees, administrative fees and related expenses when applicable.
20. Changes to the Site
IDF may, in its sole discretion, change, modify, suspend, make improvements to, or discontinue any aspect, functionality, content or service of the Site, temporarily or permanently, at any time without notice to you, and IDF will not be liable for doing so.
21. Additional Terms
These Terms contain the entire understanding between you and IDF regarding the use of the Site and the services of IDF, and supersedes all prior and contemporaneous agreements and understandings between you and IDF relating thereto. These Terms will be binding upon each party hereto and its successors and permitted assigns. These Terms and all of your rights and obligations under them may not be assignable or transferable by you without the prior written consent of IDF. No failure or delay by a party in exercising any right, power, or privilege under these Terms will operate as a waiver thereof, nor will any single or partial exercise of any right, power or privilege preclude any other or further exercise thereof or the exercise of any other right, power, or privilege under these Terms. You and IDF are independent contractors, and no agency, partnership, joint venture, employee-employer relationship is intended or created by these Terms. The invalidity or unenforceability of any provision of these Terms will not affect the validity or enforceability of any other provision of these Terms, all of which will remain in full force and effect.
1. Summary, scope, purpose
The first question is who this document is relevant to, i.e. the parties of this agreement. That’s fairly straight-forward to answer and the parties are:
- IDF (“The Interaction Design Foundation”), a non-governmental, privately held organization.
- our website visitors (i.e. a “Visitor”). That could be you, unless you fall into the next category called “Members” who - unlike “Visitors” - have a membership of The Interaction Design Foundation.
- our members (i.e. a “Member”) who have taken up a membership with The Interaction Design Foundation. This could be a membership as an individual Member of The Interaction Design Foundation, a company membership (for example, when a company signs up 10 or 1000 of its employees as members of The Interaction Design Foundation), or a membership as an individual through a free trial membership offered by The Interaction Design Foundation.
Okay, so that should be fairly straightforward: When we say “you” in the following text, we assume that you fall into the one of the two aforementioned categories, either a Member or a Visitor. When we say “we”, we mean The Interaction Design Foundation. That way, we don’t have to write legalese sentences like “The Interaction Design Foundation collects and handles information about its Visitors and/or Members” but can instead write an understandable sentence like “We collect and handle information about you”. Hey.. that’s what we promised you - that we would write these terms so that actual humans like yourself can understand them.
Okay, now, let’s get a bit more specific. Why do we then need this document/agreement?
- The personal data and any information you provide us with - or that we collect about you - will be used, among other purposes, to:
- maintain a register of Members and Visitors
- send transactional email, e.g. send you an email when you have successfully earned a Course Certificate with a copy of your Certificate
- supply you with any goods and services you may request from us from time to time via our Site, e.g. send you a copy of the book you bought
- create browsing and consumption preference profiles of you in order to make recommendations and a better user experience (UX). For example, we may serve you recommendations on which course to take on our Site or we may serve you ads on a third-party website (what’s known as remarketing) based on the courses you have visited
- create databases to be used to send Visitors and Members emails with newsletters, promotions, advertising and information about our Site in accordance with your wishes and permissions. We of course never send you anything without your explicit consents and conscious opt-in and we make unsubscription from the given service/mailling/newsletter/etc as easy as possible (usually as a one-click action). No hassles or sneaky methods employed!
Edits, comments, commentaries and other contributions to our Site made or provided by you will be publicly distributed, and except in certain, very limited circumstances, will remain a permanent part of this site. If you decide to contribute to our Site, you must keep this in mind. Your contributions will be subject to our Site's Terms and Conditions and The Interaction Design Foundation's Site IP/Copyright Policy.
2. The Act On Processing Of Personal Data
Under "The Act on Processing of Personal Data", incorporated under Danish law, you may request a copy of the information we hold on you for free, by writing to our address first shown above or by emailing our Data Protection Officer Mads Soegaard on email@example.com. This requirement has been repeated by the introduction of the GDPR and we have been compliant long before this law took effect on 25th of May 2018.
3. General Data Protection Regulation (GDPR)
We comply with the General Data Protection Regulation (GDRP), which is a European Union (EU) regulation on data protection and privacy for all individuals within the EU. The GDPR aims primarily to give control to citizens and residents over their personal data and to simplify the regulatory environment for business by unifying the regulation within the EU. The regulation enters into effect on the 25th of May 2018 and we are fully compliant. We have made the decision to be compliant and thus collect and handle your data in accordance with the GDPR regardless of whether you are from the EU or not. So if you’re from outside the EU, you can consider it as an added bonus :-)
4. Data Protection Officer
In order to meet the requirements of the GDPR we have appointed Mads Soegaard as a Data Protection Officer and he can be reached at firstname.lastname@example.org if you have any issues or questions relating to data protection and privacy matters.
5. What Information Is Being Collected
The general operation of our services requires us to collect certain personal information that can be divided into two groups, as per the GDPR. These groups are “personal data” and “sensitive personal data”. The The Interaction Design Foundation will ONLY collect personal data such as names, addresses, email addresses, phone numbers, IP addresses, etc. The The Interaction Design Foundation will NEVER collect sensitive personal data, such as religious beliefs, genetic data, ethnic origin, biometric data, credit card data, etc.
For example, we never store your credit card infomation and it never touches our server even for a few milliseconds. The way we ensure this is that we submit the data in the payment form directly to our payment gateway so that our payment gateway stores it for us. We only hold what’s called a “token” and then the last 4 digits in your credit card number. That way, we don’t have to worry about storing extremely sensitive information about you, which would admittedly make us very, very nervous.
Another example is your password, which we would consider sensitive personal data. We don't store passwords at all but use the Bcrypt cryptographic algorithm to one-way encrypt passwords instead. That way, we only store the so-called "hash" of your password, which allows us to know if you are entering the correct or incorrect password - but without storing the actual password on our servers. Pretty smart and secure, huh?
6. Where is information stored?
So, where do we store your information? We store information in the following locations:
- in our database
- in cookies on your device
- at third parties listed in the “Who is collecting data?” section
7. Who Is Collecting Data
Next question: Who is collecting your data? Good question! The following entities are collecting data through our Site:
- The The Interaction Design Foundation (that’s us and we do it for the general operation of our services)
- Google (for statistical, analytical, marketing and conversion tracking purposes)
- Stripe.com (for payment purposes)
- PayPal (for payment purposes)
- Facebook (for marketing and conversion tracking purposes)
- Amazon Cloudfront (for hosting purposes)
- Cloudflare (for hosting purposes)
8. Why Is Data Being Collected
To deliver our services to you, we must collect personal and non-personal information from you. This information is essential for the provision and quality of our services. For example, it would be pretty impossible for us to send you a newsletter if we did not have your email address. Similarly, it would be pretty impossible for us to create a Course Certificate for you if we did not know your name. To sum up, we collect data for the following purposes:
- for the general operation of our services including the ability to log in, to take courses, to generate certificates, to receive emails, to receive grading comments, to post in our forum, etc.
- for the ability to send out newsletters and other mailings
- for hosting, e.g. figuring out which country you are from so we can serve you faster through one of our thousands of servers in our CDN, Content Delivery Network. A CDN is a fancy word for us having a server placed geographically near you to serve our video content to you MUCH faster and avoid choppy videos.
- for collecting and processing your payment (if you’ve decided to sign up for a paid membership)
- for marketing thorough what’s called retargeting/remarketing, so that we can remind you of our great courses through ads even after you have left our website
- for conversion tracking, so that we can learn exactly how our Members have become our Members. It also allows us to pay commission to our partners since we can attribute certain conversions to a given partner.
- for statistical and analytical purposes, e.g. for purposes of user research and to make our Site easier to use
9. Data Portability
You can request a copy of your personal data in order to reuse it across different IT environments. We will do a export of the data in CSV format so we hope you think commas are pretty :-) Our Data Protection Officer Mads Soegaard can be contacted at email@example.com with requests of this nature
10. Written Procedures For Handling Data Related Issues
We and Data Protection Officer, Mads Soegaard, have written procedures in place for handling the following events:
- right to access requests
- right to be forgotten requests
- right to rectification requests
- revocation of consent requests
- data portability requests
- data breaches
We made these documents for the purposes of GDPR compliance. Yes, they were very boring to create but now they’re done :-) Rest assured that we applied attention to detail in all of them.
11. Security Measures For Keeping Data Safe
We have set up physical, technical and administrative security measures for the protection of your personal data. We undertake actions, measures and provisions in order to safeguard your data and your right to protect your personal data. As an example, we use or implement the following measures, among others:
- We don't store passwords at all but use the Bcrypt cryptographic algorithm to one-way encrypt passwords so that we only store the so-called "hashes" of password. That allows us to know if you are entering the correct or incorrect password - but without storing the actual password on our servers
- Security measures around the actual physical servers holding The Interaction Design Foundation data include 32 diesel-powered emergency generators with 2,250 kW capacity for N+2 redundancy, 200,000 gallons of fuel on-site, redundant fire suppression and detection systems, armed security around-the-clock. We have 24/7/365 onsite management and surveillance
- To ensure extreme uptimes and uninterrupted service, we have 24/7/365 continuous server health monitoring. Encrypted and incremental off-server backups for complete data security
- SSL-encrypted traffic between your browser and the The Interaction Design Foundation platform. This encryption makes it impossible for an ISP, government, or hacker to make sense of the data being transmitted
- Redundant fire suppression and detection systems
- The The Interaction Design Foundation is PCI Compliant. The Payment Card Industry Data Security Standard (PCI DSS) is a proprietary information security standard for organizations that handle branded credit cards from the major card schemes including Visa, MasterCard, American Express, Discover, and JCB
- Rigorous permission system for The Interaction Design Foundation staff. Even our own staff cannot access certain data unless given explicit permission
- Security precautions on the devices that The Interaction Design Foundation employees use in their day-to-day responsibilities, such as password protection of devices, encryption of data, firewalls and password procedures
- Server replication and redundant geographically dispersed data centers across two geo-politically stable continents in case of terror attacks, nuclear explosions, wars or force majeure
- Versioned codebase and staging servers for rigorous testing before deployment of new features.
12. Breach Notification
In the extremely unlikely event of a data breach, our Data Protection Officer will notify you, the authorities and relevant third parties of any risk within a 72-hour period.
13. No Transfer Of Information Or Data
We will not share any email addresses of our Members and Visitors, nor will we disclose any identifying personal data, to any third party, without your clear and unambiguous consent. Data collected by us through logging visits to our Site (e.g. originating IP, referral data, browser and platform type, traffic flows, geographical area of request) is only used in an aggregated, anonymous form, which means we will not make any further effort to personally identify our Visitors (as opposed to Members). We only use such data for server administration, fault finding, site improvement and other legitimate purposes.
Aggregate (and thus non-identifying) statistics generated from our Site may be reported as part of research results or may be published on our Site.
14. Data Collection For Visitors, i.e. Non Registered Website Visitors
For non-registered website Visitors – as opposed to fully registered Members – we collect data similar to most websites e.g. through Google Analytics or other products for website analytics.
Any time you visit a page on the internet, you send information to a remote server. The servers that host our Site maintain access logs with the information that you send. This information is used to provide and generate statistics and analytics and to provide us with marketing and traffic data regarding our Site and other websites that link back to our Site.
The data we log and store may also be used by us to solve technical problems with our Site and, in cases of abuse, and to conduct any investigate therefrom.
We may also use web analytics services to understand the type of traffic received by our Site and other of our websites, in order to provide better services and to set benchmarks for our goals. For example, through Google Analytics, we record things like IP address, browsing time, length and date, sections visited, websites you accessed prior to our Site and type of browser.
We do not intend to use such data to identify actual website Visitors, as mentioned in the previous section. If you are concerned about attempts to match your IP address to your identity anywhere else on the Internet, you may wish to use an anonymous browsing service or attempt other means to obfuscate your real IP address. Browsing our Site does not reveal your identity publicly.
15. Data Collection For Registered Members
Data collection for registered Members is – by necessity – more extensive in order to allow our Site to function. As an example, we record, including but not limited to, the following items:
- full name (required)
- email address (required)
- phone number (optional)
- address, city, zip code and country (optional)
- credit card information (required, but not stored on our servers)
- link to LinkedIn profile (optional)
- link to Facebook profile (optional)
- link to Twitter profile (optional)
- skype username (optional)
- job title (optional)
- name of company or organization (required for companies or organizations)
- VAT ID of company (optional for companies or organizations)
- photo (optional)
- name of school (optional, except for student Members)
- courses that the Member is enrolled in (optional)
- answers to questions in courses (optional)
- posts in The Interaction Design Foundation forum (optional)
- local Groups the person has registered for (optional)
- IP address and country of each session (for security purposes and for server session management)
Please be advised that part of this information will be shown on your “Public Profile page” as a means of identification by other Members and in order to generate engagement and participation by our community. We only publicly disclose data which is commonly and publicly available for most people through the Internet, such as name, profile picture, country and city of residence and links to personal social media pages and the website of each Member. The disclosure of this information on your public profile page can be controlled by you at any moment. If you do not want to disclose it, please do not add it and select the necessary privacy settings in our Site and/or your social media pages. If you elect to delete part or all of your information by selecting the appropriate settings in our Site, such information will not be publicly shown through our Site
If you choose to cancel your membership, or if we terminate it, we will employ what is commonly referred to as a “soft delete” in our database, which means that data will still be stored physically in our database but marked as “deleted”. We do so for the technical requirements of our relational databases and for dependent functionality such as the Local Group Rank and publications on “The Interaction Design Foundation Daily” to continue to work. These functionalities depend on this data being available. For example, if you have published an article in our articles section, we want to keep showing your name as the author - regardless if you cancel your membership.
If you forget to renew your membership, and hence it is auto-cancelled, the data marked as previously deleted (i.e. “soft deleted”) will be used to restore your course answers, local group affiliations, course certificates and other data if you elect to renew your membership at a later point. This will prevent a permanent loss of data for you
Company memberships (i.e. group memberships) also require the aforementioned data collection by us, so that it can be displayed to the pertinent company administrator (i.e. for evaluating employee compliance)
16. Right To Be Forgotten
We will, of course, fulfill any request to permanently delete your data. We will erase all data (i.e. hard-delete), with the exception of financial transactions and data related to financial transactions (like your name, address, invoice data, etc), since we are required by law to keep records of payment information in the case of an audit. Please contact our Data Protection Officer Mads Soegaard using the email address firstname.lastname@example.org if you wish to make us of your right to be forgotten. Such requests may take up to 3 weeks to process since it is a manual, time-consuming and expensive process.
17. Cookies And Other Web Beacons
With the purpose of providing a better experience for you, we may use “cookies” or other kind of web beacons. We do this to make it convenient for you to user certain of our Site's features. For example, if you have made a choice in a drop-down menu, we may place a cookie on your computer so that we can auto-select that menu item in the drop-down menu for you in the future. If we did not do that, the user-friendliness of our Site would be poor.
The Site may allow advertising or third-party functions that place "cookies" on your computer. For example, when we use Google Analytics on our website, that service also places a cookie on your computer.
You may change your options through your computer equipment and/or browsers to stop accepting "cookies" and / or "web beacons" or confirm whether or not to accept them. Modern browsers make this very easy since privacy has become an issue that many people take an active interest in.
You may also wish to clear these cookies and the browser cache if you want to refrain from revealing any identifying information, especially if you are using a public or shared computer. You may also prevent your browser from accepting cookies by disabling such functionality as mentioned above.
18. Advertising Opt Out
We use the Google AdWords remarketing service to advertise on third party websites (including www.google.com) to previous Visitors to our Site. If you do not wish to receive this type of advertising from us now or in the future, you may opt-out by using the DoubleClick opt-out page or the Network Advertising Initiative opt-out page. For Google-specific advertisement, you can set preferences for how Google advertises to you using the Google Ad Preferences page, and if you want to you can opt out of interest-based advertising entirely by cookie settings or permanently using a browser plugin.
In other words, our ads do not collect any sensitive personal data about you. For purposes of these Terms, “sensitive personal data” shall mean your racial or ethnic origin, political opinions, religious or philosophical beliefs, trade-union membership, data concerning health or sex life and financial data like credit card or bank information.
19. Email Communication Opt Out
We use email as the preferred way of communicating with you. Without collecting email addresses and using them to communicate, it would not be possible to alert Members and Visitors:
- when requesting a new password
- when new courses become available
- when new lessons become available
- when receiving grading comments
- when earning course certificates
- when sending newsletters
- when membership is about to expire
- when joining our Design Leauge
- when becoming part of a Local Group
- when a potential Member drops out of the sign-up process
- when requesting templates and template bundles
- when using the refer-a-friend functionality
- when earning course distinctions or awards
- when membership has been auto-renewed
- when the Member is a part of a company membership
On the “Manage notification preferences” page our Members can choose to opt in or out of the different kind of emails that the we send.
Furthermore, emails that the we send contain an unsubscribe link at the bottom, enabling both Members and Visitors to opt out at any time.
20. Social Media Communication Opt Out
We engage in active communications through major social media such as Facebook, Twitter, Pinterest, LinkedIn and Instagram. If you have previously chosen to follow or like us on a particular social media, you can log into your social media account and unfollow or remove your like of us in order to stop receiving communications on that particular social media.
21. Personal Data Release
We may only release collected personal data under the following circumstances:
- as required by applicable law (e.g. in response to a valid request from a law enforcement agency)
- to designated third parties, in order to resolve or investigate abuse complaints
- when the information is related to spiders, bots, and other technical issues
- when attempting to block abusive users or to complain to such Internet Service Provider
- to defend ourselves or our affiliates from legal claims by third parties
- when deemed necessary to protect the rights of our user community or our Site
- when requested under the Right to Access and Right to Portability provision of the GDPR, in which case Data Protection Officer Mads Soegaard can be contacted at email@example.com
22. Data Owners Rights And Revocation Of Consent
You can make a request to us in order exercise your rights to:
- access your personal data
- rectify your personal data when inaccurate or incomplete
- delete your personal data
- object with legitimate reason the process of your personal data.
- revoke your consent for the process of your personal data at any moment, in order to stop the use of the same
The exercise of rights to access, rectify or delete personal data and/or object or revoke consent can be done by the following means:
- by Members logging into their accounts and accessing the “Edit profile” page as well as the page on “Notification preferences”
- by Members clicking the “Manage notification preferences” link in our emails (we ALWAYS provide a means for super-fast management of how we email you)
- by Visitors clicking the “unsubscribe” link in the footer of a given email (we ALWAYS provide a link for one-click unsubscription)
Information and procedures not covered by the abovementioned pages and method should be requested in writing by Members through our Data Protection Officer, Mads Soegaard, with the email address firstname.lastname@example.org and must include at least the following:
- he data owner's name, address, and email address to notify him of the response to his request
- documents establishing the identity or, where appropriate, legal representation of the data owner. We need to know that we’re dealing with you, and not someone pretending to be you, so we need documents to verify your identity.
- a clear and precise description of the personal data with regard to which the data owner seeks to exercise any of the abovementioned rights (when rectification is requested, modifications that should be made should be specified and provide documentation to back up its request)
For the exercise of the previous rights, we hereby provide you with the option of contacting our Data Protection Officer Mads Soegaard using the e-mail address email@example.com.
23. Author Identification
When making contributions to our Site (e.g. posting a comment, commentaries, editing a page in the wiki), the minimum amount of information required is a name and email address. You do not have to use your real name, instead opting to use a pseudonym. You may also to get a free email account or attempt to use a remailing service when using our Site. That’s just a piece of advice of you’re concerned about privacy but still want to publicly contribute to our community.
Your activity on our Site may be identified by your IP address. These numbers could potentially be traceable to identifying information about you, whether it is your home ISP or the university or work account where the IP address is registered.
As mentioned above, if you are concerned about attempts to match your IP address to your identity, you may wish to use an anonymous browsing service or attempt some means to obfuscate your real IP address. If so, you may try to use anonymous proxies or Tor, an anonymous browsing service.
24. Facebook Application
In certain parts of our website, we use Facebook as sharing platform to share articles on your Facebook wall on your behalf. We always do this with your conscious consent and in a way where the you have to explicitly confirm the sharing of an article. We never auto-post anything on your behalf. We also do not store any personal information from your Facebook account.
In addition, you may also find that we use social media functionalities and other services within our Site from third parties that may collect your personal data (hereinafter the “Third Parties' Sites”). Any information related to your personal data provided through the Third Parties' Sites will be subject to the corresponding privacy notices contained in each one of them, unless we indicate otherwise. For example, if we embed a functionality or service made by Facebook and if you choose to use that functionality or service, it means that you then need to understand Facebook’s privacy terms.
Then there is the question of liability. We are not liable for the use, publication, or disclosures made from personal data collected, handled, used, published, disclosed and/or revealed through the the means outlined in this document.
In addition, the content provided on our Site, including content posted by you, is for general information, discussion and entertainment purposes only. We make no representations or guarantees about any aspect of any content on our Site and do not endorse any opinions expressed by anyone. All content on our Site is posted "as is" and your use or reliance on any content is at your own risk. We hereby disclaim all liability to you for the consequences of using or relying on any content in or within the sites. For example, this means that you cannot base a business decision on content you find on our Site and then blame us if that business decision turned out to be wrong. We do not warrant or guarantee that any information available using the site or other services is accurate or reliable or your use of the site will be uninterrupted, secure, or free from error. we, our vendors and affiliates give no express warranties or guarantees nor implied warranties of merchantability, fitness for a particular purpose, workmanlike effort, and non-infringement.
We recommend that you to be careful and responsible on the personal information you provide through such means.
Date of last revision is September 18th, 2019.