Privacy Policy

Effective Date: February 24th, 2020

Please click here for the prior version of our Privacy Policy

California Privacy Notice

Notice for Individuals Located In EU

Mansueto Ventures LLC (Mansueto Ventures or we) adopted this Privacy Policy to reflect our commitment to protecting the privacy of your personal information.Please carefully read this Privacy Policy and ourTerms of Servicebefore you provide any personal information to Mansueto Ventures.

If you have any question regarding the Services or our privacy practices that is not answered in this Privacy Policy, please contact us atprivacyofficer@mansueto.comor Mansueto Ventures, LLC, Attn: Privacy Officer, 7 World Trade Center, New York, NY 10007. For more information about how to exercise your privacy rights, please see YOUR CHOICES ABOUT YOUR PERSONAL INFORMATION below.

In this Privacy Policy, the following capitalized terms have the following meanings:

HOW THIS PRIVACY POLICY APPLIES

This Privacy Policy applies to the Services. But, if a particular Service refers or links to a different privacy policy, then that privacy policy -- not this Privacy Policy -- applies.

Our agreements with certain customers may contain provisions about the processing of personal information collected through the Services. If a provision of one of these customer agreements conflicts or otherwise is inconsistent with a provision of this Privacy Policy, then the provision of the customer agreement will prevail but solely to the extent of the conflict or inconsistency. If you have a question about whether your personal information is covered by a customer agreement, please contact us at privacyofficer@mansueto.com

The Services may include links to websites and services that are not operated by us. A link to a third-party website or service does not mean that we reviewed or endorsed its privacy practices. If you visit a third-party website or service, you are subject to its privacy practices and policies, not ours. This Privacy Policy does not apply to any personal information that you provide to these other websites and services.

CHANGES TO THIS PRIVACY POLICY

The Effective Date at the top of this page indicates when this Privacy Policy was last revised. Unless applicable law prevents or a revision is needed to protect the privacy or security of our Users, we will notify you about any material change that reduces your privacy right in advance so that you have time to review the changes before they are effective. The previous version of this Privacy Policywill apply until the Effective Date. Your use of the Services after the Effective Date means that you accept the Privacy Policy as revised.

PERSONAL INFORMATION THAT WE COLLECT

The personal information that Mansueto collects through the Services depends on how the Services are used:

When you use the Services, we automatically collect information about how you access the Services and which Service you use through cookies and other data collection tools. Depending on your privacy and operating system settings, automatically-collected information includes: Internet Protocol (IP) address; MAC address; the make, model and operating system version of the computer or mobile device (“Device”) you use to access the Services; browser type and language; country and time zone in which the Device is located; mobile network information; internet service provider; and metadata stored on the Device. Some of this automatically-collected information is personal information.

Mansueto may supplement the information you provide to us with information that we collect from our Suppliers and other sources as described below. All of this information is treated as personal information when it directly or indirectly identifies an individual natural person.

HOW WE USE PERSONAL INFORMATION

Generally, we use the personal information we collect from or about Users to provide more meaningful editorial and advertising content, to advertise products and services that we think may interest you, to maintain and improve the Services and for other lawful purposes. More specifically, we use personal information to:

Administer the Services

Market and operate our Awards Programs, promotions and Events

Advertise the Magazines and other products and services that we and our customers offer

Perform services for our customers

Improve the Services and develop new ones

Prevent, detect and fight illegal or unauthorized activities

For legal compliance

HOW WE SHARE INFORMATION

With our Suppliers

Our Suppliers help us to operate and improve the Services. Our Suppliers support technical processing operations, such as data hosting and maintenance, virtual event hosting, analytics, customer care, securing our data and systems, marketing and detecting and preventing spam and intellectual property infringement.

With sponsors and advertisers for Events and Awards Programs

We provide co-branded Events and promotions with certain customers and we also offer customers the opportunity to sponsor certain aspects of our Events and Awards Programs. As a part of these Events and Awards Programs, we request personal information for participation and/or registration and we may share this participation and registration information with the customer. For example, we may share your contact information and attendee lists with our Event sponsors and advertisers. We share information collected though our Awards Programs with providers of products and services that we believe will interest participants in the Awards Program.

With order fulfillment vendors

For the convenience of our Users, we may provide the opportunity to purchase certain goods and services through the Services. We partner with order fulfillment vendors for payment processing and order fulfillment. These vendors will request information from you and process it according to their own privacy policy and other terms. Some of the vendors also may share your information with us. We are not responsible for the processing of your personal information or the fulfillment of your order when a vendor’s own privacy policy and terms apply.

With advertising technology providers

Third-party advertising technology (“Ad Tech”) providers (some of which are Suppliers) helps us to serve and track digital advertisements through the Services and on third-party digital services. Ad Tech providers use cookies and other data collection tools to collect information about your interaction with the Services and digital advertisements and combine this information from other sources in order to deliver digital advertisements about goods and services that are targeted to your interests (as inferred from your online activity). To learn more, please read “OUR USE OF COOKIES AND TRACKING TOOLS” below.

For corporate transactions

We may transfer your personal information if we are involved, whether in whole or in part, in a merger, sale, acquisition, divestiture, restructuring, reorganization, dissolution, bankruptcy or other change of ownership or control.

When required by law

Applicable law may require Mansueto Ventures and Suppliers to disclose your personal information when we believe necessary to (i) comply with a legal process, such as a court order, subpoena or search warrant, government investigation or other legal requirement, (ii) help prevent or detect crime and (iii) respond to lawful requests from law enforcement and government regulators.

To enforce legal rights

We also share information: (i) if we believe that disclosure would mitigate our liability in an actual or threatened lawsuit; (ii) as necessary to protect our legal rights and legal rights of our Users or other interested parties; (iii) to enforce our agreements with you; and (iv) to investigate, prevent, or take other action regarding illegal activity, suspected fraud or other wrongdoing.

With your consent or at your request

We may ask for your consent to share your personal information with third parties. When we do, we will make clear why we want to share the personal information.

We use cookies and other data tracking technology to collect and use personal information about you. We also may allow others to use cookies and similar technologies (e.g., pixels) to recognize you and/or your device(s) when you use the Websites.

With your consent or at your request

We may ask for your consent to share your personal information with third parties. When we do, we will make clear why we want to share the personal information.

OUR USE OF COOKIES AND TRACKING TOOLS

We use cookies and other data tracking technology to collect and use personal information about you. We also may allow others to use cookies and similar technologies (e.g., pixels) to recognize you and/or your device(s) when you use the Websites.

What are cookies?

Cookies are small text files that are sent to or accessed from your web browser or your computer's hard drive. A cookie typically contains the name of the domain (internet location) from which the cookie originated, the lifetime of the cookie (i.e., when it expires) and a randomly generated unique number or similar identifier. A cookie also may contain information about your computer, such as User settings, browsing history and activities conducted while using the Websites and certain Services.

Mansueto Ventures also uses “pixels” (also known as web beacons). Pixels are transparent images that are used in collecting information about website usage across websites and over time.

Cookies that Mansueto Ventures sets on the Websites are called first-party cookies. Cookies set by any other party are called third-party cookies. Third-party cookies enable third-party features or functionality on or through the Websites, such as analytics, marketing automation and customer support. The parties that set third-party cookies can recognize your computer both when it visits the Websites and also when it visits certain other websites.

Most browsers accept cookies automatically but allow you to disable them. You also can opt-out of certain cookies using the following link:http://optout.networkadvertising.org/?c=1. You can reset your browser to refuse all cookies or to indicate when a cookie is being sent. Some features of the Websites may not work properly without cookies. To learn more about cookies generally, visit www.allaboutcookies.org and http://optout.aboutads.info/?c=2&lang=EN.

Some web browsers (including Safari, Internet Explorer, Firefox and Chrome) incorporate a “Do Not Track” (“ DNT”) or similar feature that signals to websites that a User does not want to have his or her online activity and behavior tracked. If a website that responds to a particular DNT signal receives the DNT signal, the browser can block that website from collecting certain information about the browser’s User. Not all browsers offer a DNT option and DNT signals are not yet uniform. For this reason, many website operators, including Mansueto Ventures, do not respond to DNT signals.

Why does Mansueto Ventures use cookies and other tracking technology?

Some cookies are required for the Websites to operate. Other cookies enable us to track the interests of Users, to enhance the experience of the Websites and to target advertising.

The types of cookies used on the Websites and why they are used is as follows:

Pixels and similar data collection technology enable Mansueto Ventures to monitor the traffic patterns of visitors from one page of the Website to another, to deliver or communicate with cookies, to understand whether you visit the Websites after seeing our online advertisement displayed on a third-party website, to improve performance of the Websites and to measure the success of our email marketing campaigns.

Mansueto Ventures serves targeted advertisements on the Websites. Mansueto Ventures may use information about your visits to the Websites to provide relevant advertisements on other websites about goods and services that may interest you. Mansueto Ventures and Ad Tech providers also may deploy technology that the effectiveness of advertisements by using cookies or web beacons to collect information about your visits to the Websites and other websites to provide relevant advertisements on other websites about goods and services that may interest you. The information collected through this process does not enable us or the third parties to identify your name, contact details or similar directly-identifying details unless you choose to provide them.

Please see our Vendors' Privacy Policies page for a complete list of Ad Tech vendors:www.mansueto.com/vendor-policies.html

HOW WE PROTECT AND RETAIN INFORMATION

We use physical, technical and organizational measures designed to protect your personal information against unauthorized access, theft and loss. We restrict access to your personal information to those employees who need access to service your account or perform their job functions. We have procedures to manage personal data breaches and will notify you and any applicable regulator when we are required to do so.

Although we take precautions intended to help protect the personal information that we process, no system or electronic data transmission is completely secure. Any transmission of your personal information is at your own risk and we expect that you will use appropriate security measures to protect your personal information.

We may suspend your use of all or part of the Services without notice if we suspect or detect any breach of security. You understand and agree that we may deliver electronic notifications about breaches of security to the email address that you provided to us.

If you create an account, you are responsible for maintaining the security of and the information in your account.

If you believe that your account or personal information is no longer secure, please notify us immediately at privacyofficer@mansueto.com.

We will retain your personal information for the period necessary to fulfill the purposes for which it was collected and as outlined in this Privacy Policy unless a longer retention period is required or permitted by law.

The criteria used to determine our personal information retention periods include:

The criteria used to determine our personal information retention periods include:

CROSS BORDER DATA TRANSFERS

Sharing of personal information sometimes involves transfers to or from the United States of America and other jurisdictions. For example, certain Services are available to Users in the European Economic Area ("EEA") and we transfer personal information to the United States for processing. We use the EU-US and Swiss-US Privacy Shield and standard contractual clauses approved by the European Commission to validate transfers of personal information from the EEA to other countries. (Standard contractual clauses are commitments between companies transferring personal information of EEA residents to protect the privacy and security of the transferred personal information.)

For more information about our Privacy Shield certification, please read the PRIVACY SHIELD POLICY section below.

CHILDREN'S PRIVACY

Mansueto Ventures respects the privacy of your child and we want to share with you our policies regarding children under the age of thirteen (13). Although Users of all ages may navigate through the Services, we do not knowingly collect personal information from anyone under age thirteen (13). If we learn that a child under age thirteen (13) has improperly provided us with information, we will notify the child's parent or legal guardian and thereafter delete the child's personal information from our records.

YOUR CHOICES ABOUT YOUR PERSONAL INFORMATION

California Privacy Notice

This California Privacy Notice applies to the processing of Personal Information of residents of the State of California (California Consumers) as required by the California Consumer Privacy Act of 2018 ( CCPA).

If you are a California Consumer, this California Privacy Notice explains your privacy rights and is intended to inform you at or before the time that you provide us with your Personal Information how and why we process your Personal Information. In this California Privacy Notice, Personal Information means information that identifies, relates to, describes, is capable of being associated with or could reasonably be linked, directly or indirectly, with a particular California Consumer or household.

If this California Privacy Notice and any provision in the rest of our Privacy Policy conflict, then this California Privacy Notice controls for the processing of Personal Information of California Consumers.

Please note:

California Privacy Rights

California consumers have the following rights:

The following tables lists categories of Personal Information that generally match the categories in the definition of Personal Information in CCPA. We indicate for each listed category the specific types of Personal Information in the category that we collected within the last 12 months. We use all of this Personal Information for the purposes described in this Privacy Policy.

Category of Personal Information in CCPA

Specific Personal Information We Collect from Users

A. Identifiers

Name, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name and other similar identifiers.

B. Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e))

Name, signature, address, telephone number, education history and employment history.

C. Protected classification characteristics under California or federal law

Age (40 years or older), race, color, national origin, citizenship, marital status, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status.

D. Commercial information

Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.

E. Biometric information

Not collected from or about Users.

F. Internet or other similar network activity

Browsing history and search history on the Websites and information on a consumer’s interaction with the Websites, Events and our mobile applications and digital advertisements.

G. Geolocation data

General location information collected through IP address and WiFi.

H. Sensory data

Not collected from or about Users.

I. Professional or employment-related information

Current or past job history.

J. Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. § 1232g, 34 C.F.R. Part 99))

Not collected from or about Users.

K. Inferences drawn from other Personal Information

Preferences, characteristics and online behavior used to create a User profile.

We provide information about how we use and disclose personal information above in this Privacy Policy. Since we share most of this Personal Information with other businesses and this sharing enables Mansueto Ventures to generate valuable consideration (such as Event sponsorships and advertising), it is likely that each of these categories was sold in the past twelve months.

How to Submit Your Request to Exercise Your California Privacy Rights

If you are a California resident and would like to exercise one or more of your privacy rights, please:

  1. Fill out our online form
  2. Call us at 1-800-248-0308. Please tell our customer service team that you are a California resident and would like to exercise your privacy rights.
  3. Send an email to californiaprivacy@mansueto.com. Please include California Privacy Rights in the subject line.

A different California law permits California residents to request a notice disclosing the categories of personal information about you that we have shared with third parties for their direct marketing purposes during the preceding calendar year. To request this notice, please submit your request by mail to Mansueto Ventures LLC, Attn: Privacy Officer, 7 World Trade Center, New York, NY 10007 or by email to CaliforniaPrivacy@mansueto.com. Please include "California Privacy Rights" in the subject line.

Notice for Individuals Located In EU

The data controller for the information you provide or that we collect pursuant to this Privacy Policy is: Mansueto Ventures LLC, 7 World Trade Center, New York, NY 10007.

To process your personal data as described in this Privacy Policy, we rely on the following legal bases:

If you would like to review, correct, update, suppress, restrict or delete personal data (as defined in the PRIVACY SHIELD POLICY section below) that you have previously provided to us or if you would like to receive an electronic copy of your personal data for purposes of transmitting it to another company (where this right to portability is provided to you by law), please submit your request to us at privacyofficer@mansueto.com or by mail to Mansueto Ventures LLC, 7 World Trade Center, New York NY 10007 USA.

In your request, please make clear what personal data you would like to have changed, whether you would like to have your personal data suppressed from our database or other limitations you would like to put on our use of your personal data. For your protection, we only fulfill requests for the personal data associated with the particular email address that you use to send us your request, and we may need to verify your identity before fulfilling your request. We will try to comply with your request as soon as reasonably practicable and within the time periods required by applicable law.

Please note that we often need to retain certain personal data for recordkeeping purposes and/or to complete any transaction that you began prior to requesting a change or deletion (e.g., when you make a purchase or enter a promotion, you may not be able to change or delete the personal data provided until after the completion of such purchase or promotion). Our databases and other records may have residual personal data which will not be removed. We also may not allow you to review certain personal data for legal, security or other reasons.

EEA residents have the right to lodge a complaint with a data protection authority about how we process your personal information. Please seehttps://ec.europa.eu/info/law/law-topic/data-protection/reform/what-are-data-protection-authorities-dpas_enfor more information. Please also read our Privacy Shield Policy immediately below to learn more about how to resolve complaints about your personal data processed by or on behalf of Mansueto Ventures.

PRIVACY SHIELD POLICY

Mansueto Ventures complies with the EU-U.S. Privacy Shield Framework and Swiss-U.S. Privacy Shield Framework (together “Privacy Shield Frameworks”) as set forth by the U.S. Department of Commerce regarding the collection, use and retention of Personal Data (as defined below) transferred from European Union member countries and Switzerland to the United States. Mansueto Ventures has certified that it adheres to the Privacy Shield Principles with respect to such Personal Data. If the policies in this Privacy Shield Policy and the data subject rights under the Privacy Shield Principles conflict, the Privacy Shield Principles shall govern.

To learn more about the Privacy Shield program and to view our certification page, please visithttp://www.privacyshield.gov.

With respect to Personal Data received or transferred pursuant to the Privacy Shield Frameworks, Mansueto Ventures is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission.

Definitions

In this Privacy Shield Policy:

Privacy Shield Principles

Mansueto Ventures commits to processing Personal Data in accordance with the Privacy Shield Principles as follows:

    1. Notice

Prior to collecting Personal Data, Mansueto Ventures notifies EU Users about the categories of Personal Data that Mansueto Ventures collects and the purposes for collection and use of their Personal Data. Mansueto Ventures will only process Personal Data in ways that are compatible with the purpose for which Mansueto Ventures collected it or for purposes later authorized.

We use the Personal Data that we collect from EU Users of the Services as described in this Privacy Policy. Before Mansueto Ventures uses Personal Data for a purpose that is materially different from the purpose for which Mansueto Ventures collected it or that was later authorized, Mansueto Ventures will provide EU Users with the opportunity to opt out.

    2. Choice

If Mansueto Ventures collects Sensitive Personal Data, we will obtain explicit opt-in consent whenever Privacy Shield requires. Mansueto Ventures will obtain opt-in consent before Personal Data is disclosed to third parties other than those described in this Privacy Policy, before Personal Data is used for a different purpose than that purpose for which it was collected or later authorized and whenever Privacy Shield requires.

Please see theNotice for Individuals Located In EUabove for more information about how to exercise your choices.

    3. Accountability for Onward Transfer

Mansueto Ventures shares Personal Data collected through the Services as described above.

If Mansueto Ventures transfers Personal Data to a third party, Mansueto Ventures takes reasonable and appropriate steps to ensure that each third party transferee processes Personal Data transferred in a manner consistent with Mansueto Venture's obligations under the Privacy Shield Principles. Mansueto Ventures will ensure that each transfer is consistent with any notice provided to EU Users and any consent they have given. Mansueto Ventures requires a written contract with any third party receiving Personal Data that ensures that the third party (i) processes the Personal Data for limited and specified purposes consistent with any consent provided by EU Users, (ii) provides at least the same level of protection as is required by the Privacy Shield Principles, and (iii) notifies Mansueto Ventures if it cannot comply with Privacy Shield and ceases processing Personal Data or takes other reasonable and appropriate steps to remediate.

As noted above, under certain circumstances, Mansueto Ventures may be required to disclose Personal Data in response to valid requests by public authorities, including for national security or law enforcement requirements.

Mansueto Ventures remains liable under the Privacy Shield Principles if an agent processes Personal Data in a manner inconsistent with the Principles unless Mansueto Ventures is not responsible for the event giving rise to the damage.

    4. Security

Mansueto Ventures takes appropriate measures to protect Personal Data from loss, misuse and unauthorized access, disclosure, alteration, unavailability and destruction. In determining these measures, Mansueto Ventures takes into account the risks involved in the processing and the nature of the Personal Data.

    5. Data Integrity and Purpose Limitation

Mansueto Ventures takes reasonable steps to ensure that such Personal Data is reliable for its intended use, accurate, complete and current. Mansueto Ventures adheres to the Privacy Shield Principles for as long as it retains Personal Data in identifiable form. Mansueto Ventures takes reasonable and appropriate measures to comply with the requirement under the Privacy Shield Principles to retain Personal Data in identifiable form only for as long as it serves a purpose of processing.

Mansueto Ventures limits the collection of Personal Data to information that is relevant for processing. Mansueto Ventures does not process Personal Data in a way that is incompatible with the purpose for which it was collected or subsequently authorized by an EU User.

    6. Access

An EU User has the right to access his or her Personal Data and to correct, amend, limit use of or delete the Personal Data if the Personal Data is inaccurate or processed in violation of the Privacy Shield Principles. Mansueto Ventures is not required to grant the rights to access, correct, amend and delete Personal Data if the burden or expense of providing access, correction, amendment or deletion is disproportionate to the risks to the EU User’s privacy or if the rights of persons other than the EU User are or could be violated.

Please see the YOUR CHOICES ABOUT YOUR PERSONAL INFORMATION section above for more information about how to exercise your choices.

    7. Recourse, Enforcement, and Liability

In compliance with the Privacy Shield Principles, Mansueto Ventures commits to resolve complaints about your privacy and our collection or use of your Personal Data transferred to the United States pursuant to Privacy Shield. European Union and Swiss individuals with Privacy Shield inquiries or complaints should first contact Mansueto Ventures at PrivacyOfficer@mansueto.com .

Mansueto Ventures has further committed to refer unresolved privacy complaints under the Privacy Shield Principles to an independent dispute resolution mechanism, the BBB EU PRIVACY SHIELD, operated by the Council of Better Business Bureaus. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit http://www.bbb.org/EU-privacy-shield/for-eu-consumersa for more information and to file a complaint. This service is provided free of charge to you. If your Privacy Shield complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms. See Privacy Shield Annex 1 at www.privacyshield.gov/article?id=ANNEX-I-introduction

Mansueto Ventures commits to periodically review and verify its compliance with the Privacy Shield Principles and to remedy any issues arising out of failure to comply with the Privacy Shield Principles. Mansueto Ventures acknowledges that its failure to provide an annual self-certification to the U.S. Department of Commerce will remove it from the Department’s list of Privacy Shield participants.