CHAI Privacy Policy

Note: This Privacy Policy does not apply to CHAI employees or job applicants. References to “you” apply to anyone using our Services, including individuals acting on behalf of organizations.

Personal Information We Collect

We gather information in three primary ways: (1) information you choose to share, (2) data collected automatically when you use our Services, and (3) information received from other sources.

Information You Provide to Us

• Contact details: such as name, email address, phone number, organization or company name, and professional title.
• Account and profile details: including username, password (if you create an account), and additional profile information.
• Public contributions: such as registry submissions and other content provided for publication or display (e.g., organization details, documentation links, attestations, technical details, comments, and related materials).Because the Registry is public, this information is visible to all.
• Communications: including messages, support requests, feedback, and other information shared with us directly or via social media.
• Event or program information: submitted when registering for or participating in CHAI events, working groups, or initiatives.
• Any other data: you choose to provide. If collected, it will be used as described in this Policy or as explained at the time of collection.

Third-Party Sources

• Public sources: such as records or publicly accessible websites.
• Partners: including event co-sponsors or organizations you authorize to share information with us.
• Service providers: who assist in operating our Services (e.g., hosting, analytics, security, error monitoring).
• Business transaction partners: involved in mergers, acquisitions, financing, reorganization, or similar transactions.
• Third-party services: connected to CHAI (such as single sign-on and social media), depending on your settings.

Automatic Data Collection

• Device and connection data: including browser type, device type, operating system, language, IP address, and general location (city or region).
• Usage data: such as pages visited, navigation patterns, clicked links, and time spent on specific pages.
• Log, security, and diagnostic data: including timestamps, error logs, and other information for reliability and security.
• Communication interaction data: such as whether emails from CHAI are opened or links clicked.

Tracking Technologies

We utilize cookies and similar technologies to operate our Services, maintain security, and improve functionality. These include:

• Cookies: Small text files stored on your device that help us remember your preferences and session data.
• Local storage: Similar browser storage (e.g., localStorage and sessionStorage) used to store information directly on your device for performance and persistence.
• Web beacons: Also known as pixel tags or clear GIFs, these are used to measure interactions with our Services and emails.
• SDKs and scripts: Used for analytics, abuse prevention, and error monitoring to ensure the Services remain stable and secure.

How We Use Your Personal Information

Personal information is used to operate CHAI, provide and enhance Services, and maintain safety. Uses include:

Service Delivery and Operations

• Operating the Services (including Registry, websites, tools, and programs).
• Managing accounts, profiles, and access.
• Responding to queries, requests, and support messages.
• Sending service-related communications such as confirmations, updates, security alerts, and notices.
• Maintaining reliability and integrity, including troubleshooting and bug fixes.

Service Personalization

Personalizing user experience, such as remembering preferences and session continuity.

Service Improvement and Analytics

• Understanding Service usage to improve content, features, and user experience.
• Measuring and diagnosing performance, reliability, and security issues.
• Developing new programs, resources, and Services.

Compliance and Protection

• Complying with laws, lawful requests, and legal processes.
• Protecting the rights, privacy, safety, and property of CHAI and others.
• Enforcing Service terms and policies.
• Preventing, investigating, and deterring fraud, abuse, security incidents, and unlawful activity.

Data Sharing in Corporate Events

If involved in business transactions (e.g., mergers, acquisitions, financing, reorganization, bankruptcy, dissolution), personal information may be used and shared as part of those processes in accordance with the law.

Creating Aggregated, De-identified, or Anonymized Data

Aggregated or de-identified data (e.g., usage statistics) may be created for trend analysis and Service improvement; reidentification of such data is only performed if permitted by law.

Further Uses

If information is to be used for a new purpose not compatible with the original, and legal consent is required, we will request your consent.

How We Share Your Personal Information

Personal information may be shared in specific circumstances as needed for Service operation, security, or legal compliance.

• Service Providers: Third-party vendors assisting with CHAI operations may access personal information as needed for their services.

• Registry Users and the Public: Information made public via the Registry is visible to other users and can be copied, saved, indexed, or shared outside of CHAI.

• Professional Advisors: Information may be shared with advisors such as lawyers, auditors, bankers, and insurers as necessary.

• Authorities and Others: Information may be shared with law enforcement, government, or other parties as required for legal compliance or security investigations.

• Business Transferees: In business transactions, information may be shared with involved parties and transferred as permitted by law.

• With Your Direction or Consent: Information may be shared at your request or with your consent.

Your Choices

You have options regarding your information:

• Access or Update Information: Account holders may review and modify information by logging in or contacting CHAI.

• Opt-Out of Communications: Non-essential emails can be unsubscribed from via provided instructions or by contacting CHAI. Essential service-related messages will still be sent.

• Cookies and Technologies: Cookies can be managed via browser settings, but disabling them may affect Service functionality. More details are available at allaboutcookies.org.

• Google Analytics Opt-Out: Opt out by installing the Google Analytics Opt-out Browser Add-on.

• Do Not Track: CHAI does not currently respond to “Do Not Track” signals; further information is available at allaboutdnt.com.

• Declining to Provide Information: Some Services require certain information; declining may limit access.

Other Sites and Services

Our Services may contain links to third-party websites, tools, or services. CHAI does not control these parties and is not responsible for their privacy practices. We recommend reviewing the privacy policies of any third-party services you use.

Security

We implement reasonable technical, organizational, and physical safeguards to protect personal information. However, no system is completely secure and we cannot guarantee absolute security.

International Data Transfer

CHAI is based in the United States and may use service providers from other countries, which means your information could be processed internationally. Privacy laws may differ by location.

Children

Our Services are not intended for users under 16 years of age. We do not knowingly collect personal information from children under 16. If you believe a child has provided prohibited personal information, please contact us and we will take appropriate action consistent with legal requirements.

Changes to this Privacy Policy

This Privacy Policy may be updated periodically. Updates will be reflected at the top of the document and posted on our Services. Material changes will be accompanied by additional notice as required by law.