Privacy Policy

This Privacy Policy describes how Rockefeller Family Fund (“RFF”) collects, uses, and discloses information with respect to your use of the website located at https://www.rffund.org/, as well as other websites and applications owned and/or operated by RFF that link to this Privacy Policy (collectively, the “Website”). We refer to the Website and any services we provide or interactions you have with us in connection with the Website as the “Services.”

Before you use or submit any information in connection with the Services, carefully review this Privacy Policy. By using the Services, you agree to this Privacy Policy and that we may process, transfer, and store your information in the United States as outlined below. The terms “you” or “user” refer to all individuals accessing the Services for any reason. The terms “us” or “we” refer to RFF.

Information We Collect
The information we collect from you and about you depends on how you use the Services and the information you provide to RFF. We collect information in three main ways: (1) information you choose to provide to us; (2) information we collect automatically through technology when you use the Services; and (3) information we collect from others.

Information You Provide To Us
We collect information about our users when users choose to provide that information to us. For example, we collect information from users when a user subscribes to our newsletter, or otherwise communicates and interacts with us. The kinds of information we may collect include your first and last name, your email address, your organization/affiliation, and title/role, and any other information you provide to us in connection with your use of the Services. Sometimes you may provide the information to a trusted third party on our behalf instead of directly to us. In such circumstances, the third party’s privacy policy and terms apply as to how it collects and processes the information you provide. 

Information that Is Passively and Automatically Collected
When you visit the Services, we may automatically receive and record information from your computer or mobile device. This information allows us to recognize you when you return to the Services, and helps us understand how people are navigating and using our Services so that can improve your experience. The types of information we may collect include, by way of example only, your IP address, browser type, browser language, operating system, state or country from which you accessed the Services, software and hardware attributes (including device ID), referring and exit pages and URLs, platform type, the number of clicks, files you download, pages viewed, the amount of time spent on particular pages, the date and time you used the Services, error logs, and other similar information. From your IP address, we may be able to infer your general location (e.g., city and state or postal code).

We may use third-party analytics providers and technologies, such as cookies, web beacons, tracking pixels, or scripts, to help us collect the data described above. We use the term “cookie” in the broad sense to include all similar techniques and technologies. A cookie is a small text file that is placed on your computer or device when you visit a website that stores certain information about your website usage. For example, cookies enable us to recognize your computer; store your preferences and settings; enhance your user experience by delivering content specific to your interests; perform searches and analytics; and assist with security administrative functions. 

You can change your settings to notify you when a cookie is being set or updated, or to block cookies altogether. If you disable cookies, some functionality of the Services may be impaired. 

Information We Collect from Others
We may receive additional information about you from third parties and other sources, such as from public records, marketers, researchers, analysts, social media networks, data aggregators, and other organizations. We may combine this information with information we collect directly from you to derive your possible interests and to provide a more relevant experience for you and to improve the Services.

How We Use Your Information
We may use the information we collect for the following purposes:

• For the purposes for which you provided the information, including to sign you up to receive our electronic newsletter.
• To maintain and improve the Services, including:
  • To provide the features and services available through the Services;
  • To improve the content and features of the Services or to develop new services;
  • To administer and troubleshoot the Services.
• To communicate with you, including:
  • To send you information about your relationship with us;
  • To contact you with information that we believe may be of interest to you;
  • To process and respond to your inquiries or to request your feedback.
• For internal research and reporting.
• For our business operations, including for security, fraud prevention, and legal compliance.
• To comply with laws and regulations for our legitimate interests or the legitimate interests of others. 
• For other purposes for which we seek your consent in accordance with applicable legal requirements.

If you provide us with your email address, we may add you to our email distribution list. If you wish to stop receiving emails from us, please email us at info@rffund.org or click the unsubscribe link in the footer of an email from us. Please note that opting out or unsubscribing will not prevent you from receiving communications that are not marketing in nature, such as important notices about changes to our terms and policies. 

If you provide us with your mobile number, you consent to receiving calls and messages, including autodialed and automated calls and texts, from RFF. Message and data rates may apply. Frequency varies. If you wish to stop receiving calls and messages from us, please text STOP in response to any text message you receive from us.

We may also aggregate or de-identify information we collect from you so that it cannot reasonably identify you or your computer or device, or we may collect information that is already in de-identified form. Our use and disclosure of aggregated or de-identified information is not subject to any restrictions under this Privacy Policy, and we may, in our sole discretion, use and disclose such information for any lawful purpose.

When We Disclose Your Information
We may disclose your information to or with third parties under the following circumstances:

• With Consent. We may disclose your information with your consent or at your direction, consistent with applicable legal requirements.
• To Affiliated Entities. We may disclose your information to our affiliated entities.
• To Service Providers. We may provide access to or disclose your information with select third parties that perform services for us to help us run our organization. These may include, for example, entities that provide data storage, web hosting, security, fraud prevention, research, marketing, and legal services. 
• With Collaborators and Other Select Entities. We may disclose your information (except for text messaging opt-in data and consent information) to other entities with whom we may collaborate. 
• Protection of RFF and Others. RFF may disclose your information if required to do so by law or in a good faith belief that disclosure is permitted by this Privacy Policy or reasonably necessary or appropriate for any of the following reasons: 
  • to comply with legal process; 
  • to enforce this Policy, including investigation of potential violations thereof; 
  • to respond to claims that any content violates the rights of third parties; and/or 
  • to protect the rights, property, or personal safety of RFF, its agents and affiliates, users, and the public. This includes exchanging information with other companies and organizations for fraud protection, spam/malware prevention, and similar purposes.
• Organizational Transfers. If we participate in a merger, acquisition, bankruptcy, or other transfer or reorganization of assets (including in contemplation thereof, e.g., due diligence), we may disclose your information because user information collected through the Services may be among the transferred assets. 
• Aggregated Data. We may disclose aggregated and de-identified information.

How We Protect Your Information
We use a variety of administrative, technical, and physical security measures designed to protect your information against unauthorized access, alteration, disclosure, or destruction. These safeguards vary based on the sensitivity of the information that we collect and store. However, we cannot and do not guarantee that these measures will prevent every unauthorized attempt to access, use, or disclose your information because, despite our efforts, no Internet and/or other electronic transmissions can be completely secure.

Retention of Your information
We retain information for different periods of time depending on the purposes for which we collect and use it, as described in this Privacy Policy. We will delete or de-identify information when it is no longer needed to fulfill these purposes, unless a longer retention period is required to comply with applicable laws. There may be technical or other operational reasons where we are unable to fully delete or de-identify your information. Where this is the case, we will take reasonable measures to prevent further processing your information.

Legal Basis for Processing Personal Data
The laws in some jurisdictions require that website operators tell you about the legal grounds they rely on to use or disclose your information. To the extent those laws apply, our legal grounds for processing your information are as follows:

• Where use of your information is necessary to perform our obligations to you under a contract or commitment to you (for example, to provide the services you’ve requested from us, or to comply with our relevant legal terms);
• Where use of your information furthers our legitimate interests or the legitimate interests of others (for example, to provide security for our Services; to operate our organization and our Services; to defend our legal rights; to analyze the use of our Services; to improve our services; and to prevent fraud);
• Where we have a reason to process the information in accordance with applicable law (for example, reporting security incidents);
• Where we have your consent to engage in a particular type of processing activity. 

For the purposes discussed in this Privacy Policy, we may combine the information that we collect through the Services with information that we receive from other sources, both online and offline, and use such combined information in accordance with this Privacy Policy.

Online Analytics
We may use third-party web analytics services (such as those of Google Analytics) in connection with the Services to collect and analyze the information discussed above, and to engage in auditing, research, or reporting. The information (including your IP address) collected by various analytics technologies described in the “Information that Is Passively and Automatically Collected” section will be disclosed to or collected directly by these service providers, who use the information to evaluate your use of the Services, including by noting the third-party website from which you arrive, analyzing usage trends, assisting with fraud prevention, and providing certain features to you. Information about how Google uses information collected from sites that use its services is located at https://policies.google.com/technologies/partner-sites. To prevent Google Analytics from using your information for analytics, you may install the Google Analytics Opt-out Browser Add-on here: https://tools.google.com/dlpage/gaoptout.

Children’s Privacy
The Services are intended for general audiences and are not directed at children. If we become aware that we have collected information without legally valid parental consent from children under an age where such consent is required under applicable law, we will take reasonable steps to delete it as soon as possible. 

Third-Party Links and Websites
The Services may contain links to third-party websites. Please be aware that we are not responsible for the content or privacy practices of such other sites. The collection, use and disclosure of your information will be subject to the privacy policies of those third-party websites, not this Privacy Policy. Therefore, we encourage our users to be aware when they leave our Services and to read the privacy policies of every website they visit that collects their information.

Do Not Track
Do Not Track (“DNT”) is a privacy preference that users can set in certain web browsers. Because standards around DNT are not yet determined, we do not currently recognize or respond to browser-initiated DNT signals.

Revisions to Privacy Policy
We will continue to review this Privacy Policy and we may make changes to the Policy from time to time. The date at the bottom of this page indicates the last time changes were made. You should check this page periodically for updates. If we make material changes to this Policy, we will provide you with notice as required by law. Your continued use of the Services will signify that you have read, understood, and accepted the terms of the updated Privacy Policy.

Contact Us
If you have any questions about this Privacy Policy, you can contact us by emailing us at info@rffund.org. 

Last Updated: January _, 2025