Privacy Policy

The Susan Wojcicki Foundation (“the “Foundation,” “we,” “our,” or “us”) respects your privacy and is committed to handling personal information collected through our website, susanwfoundation.org (the “Site”), and in connection with our charitable and donor-related activities responsibly. This Privacy Policy explains how we collect, use, disclose, and protect personal information through any related webpages, forms, donation pages, newsletters, event registrations, and other online services that link to this Privacy Policy (collectively, the “Site”).

This Privacy Policy does not apply to third-party websites, platforms, payment processors, social media services, or other services that we do not own or control. Those services are governed by their own privacy policies.

1. Personal Information We Collect

“Personal Information” means information that identifies, relates to, describes, can reasonably be associated with, or could reasonably be linked to an individual or household. The categories of personal information we may collect include:

a. Information You Provide Directly

We may collect personal information you provide when you donate, subscribe to updates, contact us, register for an event, participate in Foundation activities, or otherwise communicate with us. This may include:

• Contact information: name, email address, mailing address, phone number, and similar identifiers.
• Donation and transaction information: donation amount, donation date, donation frequency, billing address, payment method, transaction confirmations, tax acknowledgment information, and related donor records. Full payment card numbers and similar payment credentials are typically collected and processed directly by our third-party payment processors, not stored by the Foundation.
• Communications and preferences: messages you send us, newsletter or mailing preferences, donor communication preferences, event participation details, and any other information you choose to provide.
• Affiliation information: organization, title, role, or similar affiliation information if you choose to provide it or if it is relevant to a Foundation activity.
• Device and network information: IP address, browser type, device type, operating system, pages viewed, referring and exit pages, date and time of visit, and similar log data.
• Usage information: information about how visitors use the Site, such as interactions with pages, links, forms, and emails.

b. Automatically Collected Information

When you visit the Site, we may automatically collect:

• Internet or network activity information (e.g., IP address, browser type, pages viewed, date and time of visit)
• Approximate location: general location inferred from an IP address, such as city, state, or country
• Cookies and similar technologies: information collected through cookies, pixels, tags, scripts, and similar technologies, as described in the “Cookies and Similar Technologies” section
• Information from third parties
  
  • We may receive personal information from third parties, such as donation platforms, payment processors, donor-advised funds, employer matching-gift programs, event partners, email and website service providers, publicly available sources, and individuals or organizations that refer, nominate, or introduce you to the Foundation.
• Sensitive personal information
  
  • We do not seek to collect sensitive personal information unless it is necessary for a specific Foundation activity or you choose to provide it. Payment-related information is handled primarily by payment processors. Please do not submit sensitive personal information through the Site unless we request it for a specific purpose or you determine it is necessary for your communication with us.

2. How We Use Personal Information

We use personal information for the following purposes:

• To process and acknowledge donations and maintain donor records
• To communicate with donors about contributions, tax acknowledgments, and Foundation activities
• To respond to inquiries and requests
• To operate, maintain, and improve the Site
• To comply with legal, accounting, tax, and regulatory obligations
• To detect, prevent and respond to fraud and protect the security of our systems

We do not use personal information for commercial advertising purposes unrelated to our charitable mission.

3. Sharing and Disclosure of Personal Information

To comply with legal, tax, accounting, recordkeeping, regulatory, and governance obligations, we may disclose personal information to:

• Service providers that perform services on our behalf (such as donation processing, website hosting, email distribution, accounting, or IT services), subject to contractual obligations consistent with the CCPA/CPRA
• Legal or regulatory authorities when required by law or legal process
• Professional advisors, such as attorneys or auditors, as necessary

We do not sell or share personal information as those terms are defined under the CCPA/CPRA, including for cross-context behavioral advertising.

4. Cookies and Similar Technologies

The Site may use cookies or similar technologies to support functionality, security, and basic analytics. You can control cookies through your browser settings. Disabling cookies may limit certain features of the Site.

5. Data Retention

We retain personal information only for as long as reasonably necessary to fulfill the purposes described in this Privacy Policy, including maintaining donor records, complying with legal and tax obligations, and resolving disputes.

For example, we may retain donation, tax acknowledgment, and accounting records for the period required by tax, accounting, and nonprofit governance requirements. We may retain email subscription information until you unsubscribe and for a reasonable period afterward to maintain suppression records. We may retain Site logs and analytics information for shorter periods unless needed for security, fraud prevention, or legal compliance.

6. Data Security

We implement reasonable administrative, technical, and physical safeguards designed to protect personal information from unauthorized access, disclosure, or misuse. However, no data transmission or storage system can be guaranteed to be 100% secure. You are responsible for using secure networks and devices when you interact with us online.

7. US State Privacy Notice and California Privacy Rights

Some U.S. state privacy laws apply only to organizations that meet specified thresholds or conduct specified activities. To the extent a state privacy law applies to us, residents of that state may have the rights described below, subject to legal exceptions and verification requirements. Depending on your state of residence, you may have the right to:

• Confirm whether we process your personal information and request access to that information.
• Request correction of inaccurate personal information.
• Request deletion of personal information.
• Request a copy of personal information in a portable format where required by law.

If you are a California resident, you have the following rights under the CCPA/CPRA, subject to certain exceptions:

• Right to Know: You may request information about the categories and specific pieces of personal information we have collected about you, the purposes for which we use it, and the categories of third parties with whom we share it.
• Right to Delete: You may request deletion of personal information we have collected about you.
• Right to Correct: You may request correction of inaccurate personal information.
• Right to Limit Use of Sensitive Personal Information: To the extent applicable, you may request limitations on certain uses of sensitive personal information.
• Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights.

To exercise your rights, please contact us using the information in the “Contact Us” section below. We may need to verify your identity before fulfilling your request.

8. International Data Transfers (European Area)

The Foundation's website and services are operated primarily in the United States. If you access the Site or provide personal information from outside the United States, your information will be transferred to, stored, and processed in the United States.

‍A. European Area Law

If your personal information is subject to the European Area Law, which includes the General Data Protection Regulation (GDPR), UK GDPR, and Swiss DPA, the Foundation processes your data based on the following lawful bases:

• Performance of Contract: To process donations and fulfill related contractual and legal obligations.
• Legitimate Interests: To communicate with donors, improve the Site, and manage our charitable operations.
• Legal Compliance: To comply with accounting, tax, and regulatory obligations.

‍B. Data Transfers

When transferring personal data from the European Area (EU, EEA, UK, Switzerland) to the United States (a Third Country), we rely on appropriate safeguards. For transfers of European Area Personal Data, this includes the use of Standard Contractual Clauses (SCCs) to ensure the data receives an adequate level of protection consistent with European Area Law.

‍C. European Area Rights

If you are a Data Subject under European Area Law, you have the right to request access to, rectification, erasure, restriction of processing, or to object to the processing of your personal data. You also have the right to lodge a complaint with a competent supervisory authority. 

Subject to applicable law, you may have the right to request access to, rectification of, erasure of, restriction of processing of, or portability of your personal data; to object to processing based on legitimate interests or direct marketing; to withdraw consent where processing is based on consent; and to lodge a complaint with a competent supervisory authority. To exercise these rights, contact us at info@susanwfoundation.org.

To exercise your rights, please contact us using the information in the “Contact Us” section below. We may need to verify your identity before fulfilling your request.

9. Children’s Privacy

The Site is not directed to children under 13 years of age, and we do not knowingly collect personal information from children. If you believe a child under 13 has provided personal information to us, contact us at info@susanwfoundation.org, and we will take appropriate steps to delete the information or obtain any legally required parental consent.

‍10. Third-Party Links

The Site may include links to third-party websites, including payment processors or external resources. We are not responsible for the privacy practices or content of those third-party sites. Review their privacy policies before providing information to them.

‍11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Any changes will be posted on this page with a revised effective date.

‍12. Contact Us

If you have questions about this Privacy Policy or wish to exercise your privacy rights, please contact us at info@susanwfoundation.org.