Privacy Policy

KHRONOS PRIVACY POLICY

This privacy policy (the "Privacy Policy") describes how the Khronos™ Standards Group, Inc. and its affiliates ("Khronos", "we", "our" or "us") collect, process, use, and share information in connection with your ("user", "users”, "you" or "your") use of our websites, products and services (collectively, "Website" or "Websites"). Please read this Privacy Policy carefully. By accessing or using any part of the Websites, you acknowledge you have been informed of and consent to our practices with regard to your personal information and data ("Personal Information").

WHAT INFORMATION WE COLLECT

We collect Personal Information directly from individuals, from third parties, and automatically through our Websites. You do not have to provide us your Personal Information. However, if you choose not to disclose certain information, we will not be able to provide you with access to certain services or products, including account registration, mailing lists, forum registration, or participation in certain aspects of our standards.

Information from users with and without accounts

Automatically Collected Information: We collect information about all visitors to our website including the visitor's browser type, language preference, referring site, additional websites requested, and the date and time of each visitor request. We also collect the potentially personally-identifying Internet Protocol (IP) addresses.

Account and Profile Information: Users may use or register for one or more of our free services on our Websites including forums, wikis, development tools (e.g., Bugzilla, Subversion), job board, news and event submissions, training and course submissions and mailing lists. Personal Information collected on the Websites includes profiles, avatars, photographs, names, unique identifiers (e.g., social media handles or usernames), contact and billing information (e.g., email address, company name, job title, websites, postal address, telephone).

User Content: We collect and store the information and content that you post to the Websites, including your questions, answers, comments, forum, wiki, mailing list and various form content and responses to surveys. Please see the section 'Publicly Available Information' to learn how the information you post will be viewed on our websites.

Communications: When you communicate with us (via email, phone, through the forms on our Websites or otherwise), we may maintain a record of your communication. Personal Information we may collect from online forms (e.g.: Job board, Training courses, code of conduct help, meetup support request) includes name, email, address, telephone, company name, job title, website URLs, physical location, comments and unique identifiers (e.g., social media handles or usernames).

Information from Members, Adopters and Advisors

In addition to the information under 'Information from users with and without accounts', we may also collect the following Personal Information from Members, Adopters and Advisors:

Contact Information: When you join Khronos as a Member, Adopter or Advisor, or you purchase other services or wares from Khronos, the Personal Information that we collect and store includes: name, company name, physical address, email address and telephone numbers ("Contact Information").

Financial Information: When you join Khronos as a Member or an Adopter, or you purchase other services or wares from Khronos, you supply specific Personal Information that makes it possible for Us to receive money from you. We will collect and store Contact Information, details about payments to and from you (e.g.: transactional data) and other details related to the products or services purchased.

Agreements: When you wish to gain access to certain restricted services, completed and signed agreements will be required. We will collect and store Personal Information which is included in these agreements (e.g. Contact Information, signatory title, company address, telephone, fax, email, signature, signatory title, employee names and email addresses).

Services: When you use certain services, in addition to the Personal Information collected in the agreements, we may also collect and store the following Personal Information: Contact Information, username, password, unique identifiers (e.g., GitHub username, social media handles or usernames).

Certificates: Khronos Members and Adopters may file certificates (e.g.: IP Disclosure, WG Exclusion) which contain Contact Information.

Payment Information: To purchase Services (including registering for events, training), users may be asked to be directed to a third-party site, such as PayPal or Stripe, to pay for their purchases. If applicable, the third-party site may collect payment information directly to facilitate a transaction. Khronos generally only records the result of the transaction and any references to the transaction record provided by the third-party site.  

Event Registrations: When you register for one of our events (e.g., face-to- face meetings) to participate as an attendee, a speaker or a sponsor, we collect Personal Information that includes Contact Information, sessions attending, and other information. We may optionally collect Personal Information such as likes, interests, dietary restrictions, and other background information.  In addition, if you provide it, we may collect Personal Information about disabilities, medical conditions and allergies in order to provide appropriate accommodations for attendees.

PURPOSES AND LEGAL BASIS

Khronos processes users' Personal Information for the following legal bases:

Performance of a Contract: The use of your Personal Information may be necessary to perform the contract that you have with us. For example, if you use our Websites, contribute to a project, create a profile, post content or comment through our Websites, or request information through our Websites, we will use your Personal Information to carry out our obligation to complete and administer that contract or request.

Legitimate Business Interests: We use your Personal Information for our legitimate business interests, such as providing you with access to products and services on our Websites, communication with members, users and the public, to improve and promote our Websites, and for administrative, security, fraud prevention and legal purposes.

Comply with a legal obligation: The use of your Personal Information me be necessary to comply with legal obligations and requests (e.g. to comply with laws that compel us to disclose information to public authorities, courts, law enforcement or regulators, maintain records for a certain period, or maintain records demonstrating enforcement and sublicensing of our trademarks and those of our projects.), and as part of our general business and legal operations (e.g., accounting, record keeping, and for other business administration purposes), and as necessary to establish, exercise and defend (actual and potential) legal claims.

Consent: We may rely on your consent to use your Personal Information for certain direct marketing purposes, such as sending you newsletter updates about Khronos products. You may withdraw your consent at any time through the unsubscribe method provided with each platform or by contacting our information privacy manager.

HOW WE COLLECT YOUR INFORMATION

We use different methods to collect Personal Information from and about you, including: 

Direct interactions: You may give us your Personal Information by filling in forms or by corresponding with us. This includes Personal Information you provide when you enter into agreements, register on our Websites, subscribe to our mailing lists or newsletter, register for or participate in our events, on rosters, submission documents, records of meeting attendance, and participation lists, request marketing to be sent to you, fill out other forms, provide us with feedback or questions, participate in development tools, participate on our forums or otherwise engage in networking activities.

Through automated technologies or interactions: As you interact with our Websites, we may automatically collect technical and usage data that may be considered personal in nature.

Third parties or publicly available sources. We may receive information about you from various third parties and public sources, including from analytics providers, search information providers, third-party forums, administrative, technical, payment and delivery service providers, third-party websites and repositories, technological systems to help detect and address anomalous activity and to screen content to prevent abuse, and certain data aggregators for spam protection and other purposes.

HOW WE USE YOUR INFORMATION

We will only use your Personal Information as permitted by law. Most commonly, we will use your Personal Information where we need to perform a contract we have with you or where necessary to provide services you requested, where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests and where we need to comply with a legal or regulatory obligation. 

We do not share, sell, rent, or trade Personal Information with third parties for their commercial purposes, except where you have specifically told us to (such as by purchasing from the Khronos online store, or registering for an event).

We do not host advertising on Khronos. We may occasionally embed content from third-party sites, such as YouTube, and that content may include ads. While we try to minimize the number of ads our embedded content contains, we can't always control what third parties show.

We do not disclose Personal Information outside Khronos, except in the situations listed in the section ‘Comply with a legal obligation' or otherwise expressly described in this Privacy Policy.

We do share Personal Information with a limited number of third-party vendors who process it on our behalf to provide or improve our service, and who have agreed to privacy restrictions similar to our own Privacy Policy. Our vendors perform services such as accounting, data backups, hosting services, analytics, and marketing communications.

We do share Personal Information with Khronos members and support staff in order to fulfill legitimate business purposes such as communications between users, Members, Adopters and Advisors, technical support, mailing list communications, and organizing events and tradeshows.

THIRD-PARTY SITES AND SERVICES

We use various third-party services to allow us to improve user, member and adopter experience on our Websites and as part of our legitimate business interests.

PUBLIC INFORMATION ON KHRONOS

Areas of our Websites are public-facing. If your Personal Information is public-facing, third parties may access and use it, such as by viewing your profile, repositories, forum content or mailing lists. We do not sell that information. However, we do allow third parties, such as research organizations or archives, to compile public-facing information. Other third parties, such as data brokers, have been known to scrape our Websites and compile data as well.

Your Personal Information, associated with your content, could be gathered by third parties in these compilations of Khronos data. If you do not want your Personal Information to appear in third-parties' compilations of Khronos data, please do not use the products or services on our Websites which are publicly available and be sure to configure your email address to be private in your user profile where permissible and in your git commit settings.

INFORMATION WE DO NOT COLLECT

Khronos does not intentionally collect sensitive Personal Information, such as social security numbers, genetic data, health information, or religious information. Although Khronos does not request or intentionally collect any sensitive Personal Information, we realize that users might store this kind of information in a forum, mailing list, issue tracker or repository. If you store any sensitive Personal Information on Khronos' servers, you are consenting to our storage of that information on our servers, which are located in the United States.

Khronos does not knowingly collect or solicit Personal Information from or about children under 13. If it is discovered that any information from a child under 13 is collected in violation of this policy, such information will be removed immediately. If you believe our Websites have information from or about anyone under 13, please contact our information privacy manager.

COOKIES AND TRACKING TECHNOLOGIES

Cookies

Khronos uses cookies to make interactions with our service easy and meaningful. We use cookies to keep you logged in, remember your preferences, and provide information for future development of our Websites. We also use cookies to identify a device, for security reasons. By using our Websites, you agree that we can place these types of cookies on your computer or device. If you disable your browser or device's ability to accept cookies, you will not be able to log in or use Khronos Websites.

Tracking and analytics

We use a few third-party analytics and service providers to help us evaluate our users' use of our Websites; compile statistical reports on activity; and improve our content and website performance. We only use these third-party analytics providers on certain areas of our website, and all of them have signed data protection agreements with us that limit the type of Personal Information they can collect and the purpose for which they can process the information. In addition, we use our own internal analytics software to provide features and improve our content and performance.

We do not currently respond to your browser's Do Not Track signal, and we do not permit third parties other than our analytics and service providers to track Khronos users' activity over time on Khronos. We do not track your online browsing activity on other online services over time.

DATA SECURITY  

Khronos takes all measures reasonably necessary to protect users' information from unauthorized access, alteration, or destruction; maintain data accuracy; and help ensure the appropriate use of user information.

Transmission of data on Khronos websites is encrypted using SSH, HTTPS, and SSL/TLS. While our data is not encrypted at rest, when data is stored for backups with a third-party storage provider, it is encrypted.

We have put in place procedures to deal with any suspected data breach and we will act promptly to mitigate the impact of a breach, and we will notify any affected users without undue delay. No method of transmission, or method of electronic storage, is 100% secure. Therefore, we cannot guarantee its absolute security.

DATA RETENTION AND DELETION

We will only retain your Personal Information where we have an ongoing legitimate business need to do so, including to provide you with a service you have requested or to comply with applicable legal, tax, or accounting requirements.

When there is no longer an ongoing legitimate business need to process your Personal Information, we will either delete or anonymize it. If this is not possible (for example, because your Personal Information has been stored in backup archives), we will securely store your Personal Information and isolate it from any further processing until deletion is possible.

After an account has been deleted, certain data, such as contributions to others' repositories and comments in others' issues and in mailing lists, will remain. The email address you have supplied via your Git, Gitlab, Subversion and Bugzilla (“developer tools”) commit settings will always be associated with your contributions. If you chose to make your email address private, you should also update your Developer Tools settings. We are unable to change or delete data in the Developer Tools history but we do enable you to control what information you contribute.

MANAGING YOUR PERSONAL INFORMATION

When you are signed in to one of our websites, you are able to review and update your information for that Website. For example, Member, Adopter or Advisor  profile, forums and wikis are all designed to help you manage the content you've posted on our websites. If you need assistance in updating your information on any of our Websites, please contact our information privacy manager.

YOUR DATA PROTECTION RIGHTS  

Under certain circumstances, you have rights under data protection laws in relation to your Personal Information.

  • Request access to your Personal Information, which allows you to receive a copy of the Personal Information we hold about you and to confirm that we are lawfully processing it. 
  • Request correction of any incomplete or inaccurate Personal Information that we hold about you. We may need to verify the accuracy of the new information you provide to us.
  • Request erasure of your Personal Information where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your Personal Information where you have successfully exercised your right to object to processing (see below), where we may have processed your information unlawfully or where we are required to erase your Personal Information to comply with local law. Note, however, that if there are specific legal reasons that prevent us from being able to comply with your request, we will provide those to you at the time of your request.
  • Object to processing of your Personal Information where we are relying on a legitimate interest (or those of a third party) if you feel that you have specific reasons to object to processing for that interest as you feel it impacts on your fundamental rights and freedoms. You also have the right to object where we are processing your Personal Information for direct marketing purposes. In some cases, we may show that we have compelling legitimate grounds to process your information which override your rights and freedoms.
  • Request restriction of processing of your Personal Information. This enables you to ask us to suspend the processing of your Personal Information in the following scenarios: (a) if you want us to establish the data's accuracy; (b) where our use of the data is unlawful but you do not want us to erase it; (c) where you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims; or (d) you have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it.
  • Request the transfer of your Personal Information to you or to a third party. We will provide to you, or a third party you have chosen, your Personal Information in a structured, commonly used, machine-readable format. Note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.
  • Withdraw consent at any time where we are relying on consent to process your Personal Information. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain products or services to you.
  • California privacy rights Under California Civil Code Section 1798.83 (also known as S.B. 27), if you are a California resident and your business relationship with Khronos is primarily for personal, family, or household purposes, you may request, up to once a year, certain data regarding Khronos' disclosure, if any, of Personal Information to third parties for the third-parties' direct marketing purposes.

RESOLVING COMPLAINTS

If you have concerns about the way Khronos is handling your Personal Information, please let us know immediately. We want to help. You may contact our information privacy manager. We will respond promptly, within 45 days at the latest. You also have the right to lodge a complaint with a data protection authority about our collection and use of your Personal Information.

INTERNATIONAL INFORMATION TRANSFERS  

Information Khronos collects will be stored and processed in the United States in accordance with this Privacy Policy. By submitting your information on our websites, or in connection with your interactions with Khronos, you consent to your information being transferred and processed in this country. You have a right to obtain details of the mechanism under which your Personal Information is transferred outside of the EU by contacting our information privacy manager.

CONTACT US

For the purposes of GDPR, The Khronos Group is the controller of your Personal Information. If you have any questions about our practices or this Privacy Policy, please contact the information privacy manager at privacy@khronos.org or write to us at:

The Khronos Group, Inc.
9450 SW Gemini Drive #45043
Beaverton, OR 97008-6018 USA

CHANGES TO THIS PRIVACY POLICY

Although most changes are likely to be minor, Khronos may change its privacy policy from time to time, and at the sole discretion of Khronos. We will provide notification of material changes to this Privacy Policy through our websites or by sending email to the email address you specify in your account. Khronos encourages visitors to frequently check this page for any minor changes to its Privacy Policy.

This version of the privacy policy was last updated on July 25, 2018.