About the Trust over IP Foundation
The Trust over IP Foundation has been established as the Joint Development Foundation Projects, LLC, Trust over IP Foundation Series (the “Project”). The Joint Development Foundation is a non-profit organization that provides the corporate and legal infrastructure to enable groups to establish and operate standards and source code development collaborations. The Joint Development Foundation is an affiliate of the Linux Foundation.
The Materials are provided “as is”. The Project, its members and its contributors make no warranties, expressed or implied, and hereby disclaim and negate all other warranties, including without limitation, implied warranties or conditions of merchantability, fitness for a particular purpose, or non-infringement of intellectual property or other violation of rights. Further, the Project does not warrant or make any representations concerning the accuracy, likely results, or reliability of the use of the materials on its Internet web site or otherwise relating to such materials or on any sites linked to this site.
IN NO EVENT SHALL THE PROJECT, ITS MEMBERS, SUPPLIERS OR AFFILIATES BE LIABLE FOR ANY DAMAGES (INCLUDING, WITHOUT LIMITATION, DAMAGES FOR LOSS OF DATA OR PROFIT, OR DUE TO BUSINESS INTERRUPTION,) ARISING OUT OF THE USE OR INABILITY TO USE THE MATERIALS ON THE PROJECT’S INTERNET SITE, EVEN IF THE PROJECT OR A PROJECT AUTHORIZED REPRESENTATIVE HAS BEEN NOTIFIED ORALLY OR IN WRITING OF THE POSSIBILITY OF SUCH DAMAGE. BECAUSE SOME JURISDICTIONS DO NOT ALLOW LIMITATIONS ON IMPLIED WARRANTIES, OR LIMITATIONS OF LIABILITY FOR CONSEQUENTIAL OR INCIDENTAL DAMAGES, THESE LIMITATIONS MAY NOT APPLY TO YOU.
Revisions and Errata
The materials appearing on the Project’s web site could include technical, typographical, or photographic errors. The Project does not warrant that any of the materials on its web site are accurate, complete, or current. The Project may make changes to the materials contained on its web site at any time without notice. The Project does not, however, make any commitment to update the materials.
The Project has not reviewed all of the sites linked to its Internet web site and is not responsible for the contents of any such linked site. The inclusion of any link does not imply endorsement by The Project of the site. Use of any such linked web site is at the user’s own risk.
No Legal Advice
The Project is not a law firm, does not provide legal advice, and is not a substitute for a law firm.
Any claim relating to Project’s web site shall be governed by the laws of the State of Delaware without regard to its conflict of law provisions.
Effective Date: May 5, 2020
The purposes of JDF Projects are to:
- foster the development of standards, technical specifications, source code, certification, white papers, best practices, and related activities (individually and collectively, “Open Technology”); and
- provide organizational infrastructure and support to various projects pursuing the development of Open Technology (each such project, which itself may include any number of projects, a “Project”).
Personal Data That JDFP Collects
We collect information directly from individuals, from third parties, and automatically through the Sites. You do not have to provide us your personal information. However, if you choose not to disclose certain information, we will not be able to provide you with access to certain services or features, including participation in certain aspects of our open source projects.
Your Contributions to Open Source Projects.
Attribution, Provenance and Integrity. When you contribute source code, documentation or other content to one of our Projects (whether on your own behalf or through contributions made as part of your employment services to your employer), we collect and store the information and content that you contribute. This includes the contents of those contributions, as well as data required to confirm the provenance of intellectual property contained in those contributions, and personal information that you make publicly available in the record of the contribution pursuant to sign-offs under the Developer Certificate of Origin (https://developercertificate.org/). Some Projects require additional agreements or information pursuant to their intellectual property policies; in such cases we collect and store information related to your acceptance of those agreements. We may also collect information relating to your participation in technical, governance or other Project-related meetings.
Other Project-related Content. The content you provide in relation to Projects also includes materials that you make publicly available in connection with Project development, collaboration and communication, such as on mailing lists, blogs, Project wiki pages and issue trackers, and related services.
Your Content. We collect and store the information and content that you post to the Sites, including your questions, answers, comments, forum postings, and responses to surveys. Please see the section on Publicly Available Information for how the information you post will be viewed on our Sites.
Communications. When you communicate with us (via email, phone, through the Sites or otherwise), we may maintain a record of your communication.
De-identified Data. We may de-identify and aggregate certain data we collect such that the data no longer identifies or can be linked to a particular User or an individual data subject (“De-identified Data”), subject to the terms of any applicable User agreements. We may use this data to improve our Services, analyze trends, publish market research, and for other marketing, research or statistical purposes, and may disclose such data to third parties for these specific purposes.
Purposes and Legal Bases for Our Using of Your Information
Purposes and Legitimate Interests
JDFP uses the information we collect for our legitimate business interests, which include the following purposes:
- Providing our Sites and Services. To provide the Services and our Sites (including Project Sites), to communicate with you about your use of our Sites and Services, to respond to your inquiries, provide troubleshooting of the Sites and for other purposes to support Users and the community.
- Operating our Open Source Projects. To enable communication between and among open source developers in the community; to facilitate and document Project governance and technical decision making; to maintain, and make publicly available on a perpetual basis, records regarding intellectual property provenance and license compliance for Project contributions; and for related activities to further JDFP’s purposes, including fostering an ecosystem that supports the collaborative and public development of free and open source software projects. See the “Attribution, Provenance and Integrity” section above for more information.
- Personalization. To tailor the content and information that we may send or display to you on our Sites and in our Services, to offer location customization and personalized help and instructions and to otherwise personalize your experiences.
- Advertising. For targeting advertising to you on our Sites and third-party sites and measuring the effectiveness and reach of ads and services (through third-party ad networks and services).
- Analytics. To gather metrics to better understand how Users access and use our Sites and Services and participate in our Projects; to evaluate and improve the Sites, including personalization, to develop new services; and to understand metrics regarding the community health of our Projects.
- Compliance. To comply with legal obligations and requests. For example, to comply with laws that compel us to disclose information to public authorities, courts, law enforcement or regulators, maintain records for a certain period, or maintain records demonstrating enforcement and sublicensing of our trademarks and those of our Projects.
- Business and Legal Operations. As part of our general business and legal operations (e.g., accounting, record keeping, and for other business administration purposes), and as necessary to establish, exercise and defend (actual and potential) legal claims.
|Purposes of Processing|
|Legal Bases of Processing (EU Users)|
|Providing our Sites and Services||● Our Legitimate Business Interests ● Necessary to the Performance of a Contract with You (upon your request, or as necessary to make the Services available) ● Compliance with Law|
|Operating our Open Source Projects||● Our Legitimate Business Interests ● Where Necessary to the Performance of a Contract with You (upon your request, or as necessary to enable your participation in the Projects or to make the Services available) ● Compliance with Law ● As necessary to establish, exercise and defend legal claims|
|Personalization||● Our Legitimate Business Interests|
|Advertising||● Our Legitimate Business Interests ● With Your Consent|
|Analytics||● Our Legitimate Business Interests|
|Compliance||● Our Legitimate Business Interests ● Compliance with Law ● As necessary to establish, exercise and defend legal claims|
|Business and Legal Operations||● Our Legitimate Business Interests ● Compliance with Law ● As necessary to establish, exercise and defend legal claims|
|Prevent Misuse||● Our Legitimate Business Interests ● Compliance with Law ● As necessary to establish, exercise and defend legal claims|
Sharing of Information
We disclose information as set forth below, and where individuals have otherwise consented:
- Publicly Available Information, including Your Contributions to Open Source Projects. User names, other user ids, email addresses and other attribution information related to the information and contributions that a User posts in conjunction with or subject to an Open Source license are publicly available in the relevant Project source code repositories. Your contributions to Open Source Projects, and certain of your other Content such as comments and messages posted to public forums, are available to other participants and users of our Projects and of our Services, and may be viewed publicly. In some cases you may be able to provide Project or contribution-related information directly to third-party sites and services; these third parties are independent data controllers and their use of your personal information is subject to their own policies.
- Organizational Events. We may disclose or transfer information, including personal information, as part of any merger, sale, and transfer of our assets, or restructuring of all or part of our business operations, bankruptcy, or similar event.
- Legally Required. We may disclose your information if we are required to do so by law (including to law enforcement in the U.S. and other jurisdictions).
- Protection of Rights. We may disclose information where we believe it necessary to respond to claims asserted against us or, comply with legal process (e.g., subpoenas or warrants), enforce or administer our agreements and terms, for fraud prevention, risk assessment, investigation, and protect the rights, property or safety of JDFP, its Users, participants in its Projects, or others.
- Anonymized and Aggregated Data. We may share aggregate or de-identified information with third parties for research, marketing, analytics and other purposes, provided such information does not identify a particular individual.
Cookies, Tracking, and Interest-Based Ads
- Cookies. These are small files with a unique identifier that are transferred to your browser through our websites. They allow us to remember Users who are logged in, to understand how Users navigate through and use the Sites, and to display personalized content and targeted ads (including on third party sites and applications).
- Pixels, web beacons, clear GIFs. These are tiny graphics with a unique identifier, similar in function to cookies, which we track browsing activities. We use these as part of our Training Affiliate Program. We also use these in our emails to let us know when they have been opened or forwarded, so we can gauge the effectiveness of our communications.
- Analytics Tools. We may use internal and third-party analytics tools, including Google Analytics. The third-party analytics companies we work with may combine the information collected with other information they have independently collected from other websites and/or other online products and services. Their collection and use of information is subject to their own privacy policies.
Please note that JDFP does not respond to “do not track” signals or other similar mechanisms intended to allow California residents to opt-out of Internet tracking under California Online Privacy Protection Action (“CalOPPA”).
We have implemented commercially reasonable precautions to protect the information we collect from loss, misuse, and unauthorized access, disclosure, alteration, and destruction. Please be aware that despite our best efforts, no data security measures can guarantee 100% security.
You should take steps to protect against unauthorized access to your passwords, phone, and computer by, among other things, signing off after using a shared computer, choosing robust passwords that nobody else knows or can easily guess, not using a password for more than one site or service, and keeping your log-ins and passwords private. We are not responsible for any lost, stolen, or compromised passwords or for any activity on your account via unauthorized password activity. You must promptly notify us if you become aware that any information provided by or submitted to our Sites or through our Services is lost, stolen, or used without permission at email@example.com.
You may opt out or revoke your consent to receive marketing emails from us by using unsubscribe or opt out mechanisms included in our marketing emails or by emailing firstname.lastname@example.org. You may unsubscribe from mailing lists via the applicable mailing list’s subscription website or, in some cases, by using the unsubscribe mechanisms included in such emails.
Retention of Your Personal Data
We apply a general rule of keeping personal data only for as long as required to fulfil the purposes for which it was collected. However, in some circumstances, we may retain personal data for other periods of time, for instance where we are required to do so in accordance with legal, tax and accounting requirements, or if required to do so by a legal process, legal authority, or other governmental entity having authority to make the request, for so long as required. In specific circumstances, we may also retain your personal data for longer periods of time corresponding to a statute of limitation, so that we have an accurate record of your dealings with us in the event of any complaints or challenges.
If you are located within the European Union (EU), you should note that your information will be transferred to the United States where JDFP is located. The U.S. is deemed by the European Union to have inadequate data protection. However, we have put in place European Commission approved Standard Contractual Clauses which protect personal data transferred between JDFP and affiliated entities as well as The Linux Foundation, its managed service provider. In addition, if personal data is transferred to third party service providers located outside the European Union, we will take steps to ensure that your personal data receives the same level of protection as if it remained within the EU, including by entering into data transfer agreements, or using the European Commission approved Standard Contractual Clauses. You have a right to obtain details of the mechanism under which your personal data is transferred outside of the EU by contacting email@example.com.
Except as specifically indicated within a Site, we do not knowingly collect or solicit personal information from anyone under the age of 13 (or under the age of 14 for anyone living in Spain or South Korea), or knowingly allow such persons to register. If we become aware that we have collected personal information from a child under the relevant age without parental consent, we take steps to delete that information.
Links to Third Party Sites and Services
Access and Amendment. You may contact our privacy coordinator, as set forth below, to access or amend your personal information.
Additional Rights. Individuals in the European Economic Area (and other jurisdictions where applicable) have additional rights under applicable law:
- to obtain a copy of your personal data together with information about how and on what basis that personal data is processed;
- to rectify inaccurate personal data (including to have incomplete personal data completed);
- to erase your personal data (in limited circumstances, such as where it is no longer necessary in relation to the purposes for which it was collected or processed);
- to restrict processing of your personal data under certain circumstances;
- to export certain personal data in machine-readable format to a third party (or to you) when we justify our processing on the basis of your consent or the performance of a contract with you;
- to withdraw your consent to our processing of your personal data (where that processing is based on your consent);
- to obtain, or see a copy of the appropriate safeguards under which your personal data is transferred to a third country or international organization; and
- to object to our use and processing of your personal information that is conducted on the basis of a legitimate interest or to perform a contract with you. You also have the right to object at any time to any processing of your personal data for direct marketing purposes, including profiling for marketing purposes.
Lodging a Complaint. You also have the right to lodge a complaint with your local supervisory authority for data protection, or privacy regulator.
Submitting a Request. To exercise the above rights or contact us with questions or complaints regarding our treatment of your personal data, contact us at firstname.lastname@example.org.Please note that we may request proof of identity, and we reserve the right to charge a fee where permitted by law, especially if your request is manifestly unfounded or excessive. We will endeavor to respond to your request within all applicable timeframes.
California Privacy Rights
California law permits users who are California residents to request and obtain from us once a year, free of charge, a list of the third parties to whom we have disclosed their personal information (if any) for their direct marketing purposes in the prior calendar year, as well as the types of personal information disclosed to those parties. If you are a California resident and would like to request this information, please submit your request in an email to email@example.com.
You can also reach our EU representative, Linux Labs Limited, whose registered office is 10 London Mews, London, W2 1HY, United Kingdom, at firstname.lastname@example.org.
Effective date: May 5, 2020
Withdraw Your Consent at Any Time
If you do not wish to accept cookies in connection with your use of the Sites, you will need to delete, and block or disable cookies via your browser settings; see below for more information on how to do this. Please note that disabling cookies will affect the functionality of the Sites, and may prevent you from being able to access certain features on the Sites.
What Is a Cookie?
First and third-party cookies: whether a cookie is ‘first’ or ‘third’ party refers to the domain placing the cookie.
- First-party cookies are those set by a website that is being visited by the user at the time (e.g., cookies placed by org).
- Third-party cookies are cookies that are set by a domain other than that of the website being visited by the user. If a user visits a website and another entity sets a cookie through that website, this would be a third-party cookie.
Persistent cookies: these cookies remain on a user’s device for the period of time specified in the cookie. They are activated each time that the user visits the website that created that particular cookie.
Session cookies: these cookies allow website operators to link the actions of a user during a browser session. A browser session starts when a user opens the browser window and finishes when they close the browser window. Session cookies are created temporarily. Once you close the browser, all session cookies are deleted.
How to Delete and Block our Cookies
Changing your Cookie Settings. The browser settings for changing your cookies settings are usually found in the ‘options’ or ‘preferences’ menu of your internet browser. In order to understand these settings, the following links may be helpful. Otherwise you should use the ‘Help’ option in your internet browser for more details.
- Cookie settings in Firefox
- Cookie settings in Chrome
- Cookie settings in Safari
- Cookie settings in Microsoft Edge
- Cookie settings in Internet Explorer
More information. To find out more about cookies, including how to see what cookies have been set and how to manage and delete them, visit https://www.aboutcookies.org/ or http://www.allaboutcookies.org/.
What Cookies Do We Use and Why?
The cookies we may use on the Sites may be categorized as follows:
- Strictly necessary
Some cookies may fulfill more than one of these purposes.
‘Strictly Necessary’ cookies let you move around the Sites and use essential features like secure areas. Without these cookies, we cannot provide the requested services.
We use these Strictly Necessary cookies to:
- Identify you as being logged in to the Sites and to authenticate you
- Make sure you connect to the right service on our Sites when we make any changes to the way it works
- For security purposes
Accepting these cookies is a condition of using certain functionality of the Sites, so if you prevent these cookies we can’t guarantee how the Sites or the security on the Sites will perform during your visit.
‘Performance’ cookies collect information about how you use the Sites, e.g. which pages you visit, and if you experience any errors. These cookies do not collect any information that could identify you and are only used to help us improve how the Sites work, understand what interests our users and measure the effectiveness of our advertising.
We use performance cookies to:
- Carry out web analytics: Provide statistics on how the Sites are used
- Perform partner and affiliate program tracking: Provide feedback to partners and affiliate program third parties that one of our visitors also visited their site
- Obtain data on the number of users of the Sites that have viewed a part of the Sites
- Help us improve the Sites by measuring any errors that occur
- Test different designs for the Sites
Some of our performance cookies are managed for us by third parties.
‘Functionality’ cookies are used to provide services or to remember settings to improve your visit.
We use ‘Functionality’ cookies for such purposes as:
- Remember settings you’ve applied such as layout, text size, preferences and colors
- Remember if we’ve already asked you if you want to fill in a survey
- Remember if you have engaged with a particular component or list on the Sites so that it won’t repeat
- Show you when you’re logged in to the Sites
- To provide and show embedded video content
Some of our functionality cookies are managed for us by third parties.
‘Targeting’ cookies are used to track your visit to the Sites, as well other websites, apps and online services, including the pages you have visited and the links you have followed, which allows us to display targeted ads to you on the Sites.
We may use targeting cookies to:
- Display targeted ads within the Sites, including those displaying our training, certification and event opportunities.
- To improve how we deliver personalized ads and content, and to measure the success of ad campaigns on the Sites.
Additional Information About Third Party Analytics in use on the Sites
Facebook Connect. For more information about what Facebook collects when you use Facebook buttons on the Sites or visit pages on the Sites that include these buttons, please see: https://www.facebook.com/about/privacy/.
Twitter. For more information about what Twitter collects when you use Twitter buttons on the Sites or visit pages on the Sites that include these buttons, please see: https://twitter.com/en/privacy.
LinkedIn. For more information about what LinkedIn collects when you use LinkedIn buttons on the Sites or visit pages on the Sites that include these buttons, please see: https://www.linkedin.com/legal/privacy-policy.
YouTube. For more information about what YouTube collects when you use YouTube buttons on the Sites or visit pages on the Sites that include these buttons, please see: https://www.youtube.com/static?template=privacy_guidelines.
Google+. For more information about what Google collects when you use Google+ buttons on the Sites or visit pages on the Sites that include these buttons, please see: https://policies.google.com/privacy.
Pardot. For more information about what Salesforce collects when you visit certain of the Sites, please see: https://help.salesforce.com/articleView?id=pardot_basics_cookies.htm.
New Relic. For more information about what New Relic collects to assist with performance monitoring for certain of the Sites, please see: https://docs.newrelic.com/docs/browser/new-relic-browser/page-load-timing-resources/new-relic-cookies-used-browser.
Google has developed the Google Analytics opt-out browser add-on; if you want to opt out of Google Analytics, you can download and install the add-on for your web browser here.
Please note that on the Sites, Google Analytics code is supplemented by “gat._anonymizeIp();” to ensure an anonymized collection of IP addresses (so called IP-masking).
More Information About Cookies
Internet Advertising Bureau
A guide to behavioral advertising and online privacy that has been produced by the internet advertising industry can be found at http://www.youronlinechoices.eu/.
International Chamber of Commerce United Kingdom
Information on the ICC (UK) UK cookie guide can be found on the ICC website section at http://www.international-chamber.co.uk/our-expertise/digitaleconomy.