Last updated June 2022
The Fair Labor Association (also referred to here as “FLA”, “we” or “us”) is a nonprofit organization headquartered at 2033 K Street NW, Suite 400, Washington, D.C. 20006, U.S.A. that combines the efforts of industry, civil society organizations, and colleges and universities to protect workers’ rights and improve working conditions worldwide by promoting adherence to international labor standards.
We may update this Policy at any time. Any changes to the Policy will become effective upon the date of our posting of the revised Policy on the Site. If the changes being made are material, we may notify you of the changes in a more prominent way, such as through an email. If you visit or use the Site following the effective date of the revised Policy, you will be deemed to have accepted the Policy’s updated terms.
I. What Information Does FLA Collect from You as a User?
The information we collect about you when you visit the Site includes any information you actively provide, such as when you give us your contact information, as well as information you authorize another to provide about you or that you provide passively simply by accessing the Site.
COMMUNICATING WITH US. If you subscribe to our newsletter or contact us through the “Contact Us” page, you will be asked to provide your name and email address. If you wish to file a complaint regarding any noncompliance with the FLA Workplace Code of Conduct or Principles of Monitoring with respect to your workplace or the production facilities of any company, you will be asked to provide certain information in a Third Party Complaint Form, which may include your name, home address, email address, and phone number.
INFORMATION WE AUTOMATICALLY COLLECT. The information we collect that you provide passively by visiting our Site may include your internet protocol (IP) address, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access the Site.
Cookies are small data files that a website stores on the hard drive of the device through which a website user connects to the website and can recognize the user’s visits by identification of the computer or device used to access the Site. We use only first party cookies, namely cookies that are installed by the Site, and not third-party cookies that are installed by a different domain than the one the User visits.
II. How Does FLA Use the Information It Collects from You?
A. PII. We may use the PII that we collect about you for any or all of the following purposes:
1. To provide you with resources and services. We offer various resources and services that may be useful to you, and we may use your PII to provide you access to those resources and services, which may include webinars and training sessions.
2. To respond to your inquiries. If you pose questions to us or request information from us, whether by email, the “Contact Us” page, the Third Party Complaint Form or otherwise, we will use your PII to respond to you.
3. To offer you additional information. Once you have engaged with us, we want to provide you with information regarding our resources that may be of interest to you. We may use your PII to do that, such as, for example, by using your email address to email to you notices of additional services, only if you have subscribed to our newsletter or otherwise provided your email address or other contact information to us. Our email messages that encourage you to use our services will provide you with the opportunity to opt out of receiving additional marketing emails.
4. For our general business purposes. We use PII about you for our legitimate business purposes, such as to help us expand, refine and improve the Site and to tailor the Site more to your interests and needs, including by requesting feedback from you, and for related internal purposes such as data analysis and internal audits.
B. Other Information. We use the information that is collected automatically about your use of the Site to help us improve the Site, such as by revising the Site based on Site visitor trends, including usage of certain pages or functions on the Site.
III. On Which Legal Basis We Collect and Use Your PII?
This Section refers to the Users located in the European Union (”EU”). For the purposes of EU data protection law, the General Data Protection Regulation (“GDPR”), we are the controller and responsible for the processing of your PII.
When we collect and use your PII for the purposes described in the previous Section, the legal basis for the processing is as follows:
A. Except as otherwise set out below, the legal basis we rely on to process any PII is Article 6(1)(f) of the GDPR, which allows us to process personal data when it is necessary for the purposes of our legitimate interests. We believe we have a legitimate interest in conducting the activities necessary to supporting our mission as a nonprofit organization. In doing so, we considered your rights and expectations and have assessed that your interest, fundamental rights, and freedoms are not put at risk. When we collect and process your PII based on legitimate interest, you have specific rights outlined under the Section X below.
B. We also process your PII relying on the legal basis of Article 6(1)(b) of the GDPR, which allows us to process personal data when it is necessary for the performance of a contract to which an individual is party.
C. If we process PII for the purpose of complying with laws and regulations, the legal basis we rely on to process your PII is Article 6(1)(c) of the GDPR, which allows us to process personal data when it is necessary for compliance with a legal obligation to which we are subject.
D. If we ask for, and you provide, your consent before we process any PII for a specified purpose, this legal basis we rely on to process your PII is Article 6(1)(a) of the GDPR, which allows us to process personal data when an individual has consented to the processing for a specific purpose. This is the case when you opt-in to receiving our emails.
IV. With Whom Do We Share the Information We Collect About You?
FLA shares the PII it collects from or about its Users in very limited circumstances, as follows:
A. Third-Party Service Providers. We share PII with unaffiliated third parties who provide us with services, such as Fair Factories Clearinghouse and others who assist us with technology, data analysis, factory assessments, or similar services. We do not share PII with unaffiliated third parties for their own marketing purposes.
B. Acquirers or Assignees. In the event of a reorganization, merger, sale, joint venture, assignment, transfer or other disposition of all or any portion of FLA or its assets, we may transfer any and all information that we collect from Site Users to the proposed or actual acquiring party or assignee.
C. Entities Entitled Under Law. We may disclose PII as we believe to be appropriate in the following circumstances: (i) when required by applicable law, including laws outside your country of residence; (ii) to comply with legal process (iii) to respond to requests from public and government authorities; (iv) to enforce the terms and conditions for use of the Site, including this Policy; (v) to protect and defend our rights and property; (vi) to protect the interests of FLA or others; and (vii) to permit us to pursue available remedies or limit the damages that we may sustain. We have no obligation to notify you of such disclosures, except as required by applicable law.
We may share information related to your usage of the Site, but does not identify you personally, for any legitimate purpose.
V. How Do We Protect the PII We Collect?
We are committed to maintaining the security of your PII. We use reasonable organizational, technical, and administrative measures to help protect against the unauthorized access, disclosure, loss, theft, misuse, destruction, and alteration of the PII under our control. This includes, but is not limited to, Secure Socket Layer (SSL) certificates. However, no data transmission over the Internet or data storage system can be guaranteed to be 100 percent secure. In particular, email transmissions may not be secure, and you should therefore take special care in deciding what information you send to us via email.
FLA will notify affected Users of any suspected or confirmed unauthorized access, disclosure, loss, theft, misuse, destruction, or alteration of their PII to the extent required by and in accordance with applicable state and federal laws. We may attempt to notify affected Users so that they can take appropriate protective steps, or we may post a notice on the website if a security breach occurs.
VI. How Long Do We Retain Your PII?
We will retain your PII for as long as is reasonably necessary to fulfil the purpose(s) for which it was collected and to comply with applicable laws that impose us legal, regulatory, tax, accounting or reporting requirements. We review the PII we hold at regular intervals and delete permanently any PII which is no longer necessary.
VII. Collection of PII by Others.
VIII. Use of the Site by Children.
Our Site is not targeted toward or intended for use by minors and we do not knowingly collect PII from children under age thirteen (13). If we were to discover that we had collected any PII from a child under age 13, we would promptly delete it.
IX. International Transfers of Information.
Our servers are located in the United States, and by visiting the Site, you are deemed to understand and unambiguously consent to the collection and processing of your PII in the United States, with the awareness that the laws of the United States may not provide as much protection for PII as the laws of certain other countries or territories.
X. Your Additional Rights with Respect to Your PII.
If you are located in the EU, you may have the following rights under the EU data protection laws with respect to the PII that we process within the scope of this Policy:
A. To request access to the PII we hold about you, including why we are holding it and who it could be disclosed to. There are some exceptions to the right of access, which means you may not always receive access to all of the PII that we process;
B. To have your PII rectified. You can ask us to rectify your PII that we have in our records via email or submitting a request through the “Contact Us” form on the Site;
C. To have your PII erased from our records if it is no longer necessary for the purposes for which it was processed, you have withdrawn your consent to, or object to, its processing and there are no other legitimate grounds for processing it or you consider it has been unlawfully processed. You can ask us to erase your PII that we have in our records via email or submitting a request through the “Contact Us” form on the Site;
D. To object to the processing of your PII;
E. To have the processing of your PII restricted if you contest its accuracy, its processing is unlawful, we no longer need it but you need it for a legal claim, or you have objected to its processing and await verification of our legitimate grounds for processing it; and
F. To withdraw any consents you have given us to the processing of your PII. Such a withdrawal will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain services to you.
You can exercise these rights at any time by contacting us by the email provided in Section XI below. We will inform you about your request within two business days. You also have the right to complain to your national data protection regulator if you feel that your PII has been unlawfully processed. We would, however, appreciate the chance to deal with your concerns before you approach the national data protection regulator, so please contact us in the first instance by the same email.
XI. Contacting Us.
If you wish to exercise your rights above, or if you have any questions or concerns related to this Policy or FLA’s information practices, send us an email at firstname.lastname@example.org.