Last updated: May 20, 2023
This Policy describes what information OpenAQ collects, how we use that information, and how we protect it. OpenAQ collects and processes personal data in order to run our organization and offer our services to Users. We do not share User information with third parties except for the limited purposes described in this Policy.
By using our services, Users understand that we will collect and use their information as described in this Policy. We recommend that Users read this Policy in full to ensure they are fully informed.
If you have any questions about this Policy or how we handle personal data, please contact us at firstname.lastname@example.org or use the contact information set out at the end of this Policy.
What Personal Data OpenAQ Collects and Why
The information that OpenAQ gathers from Users allows us to deliver and improve our services. For example, it allows us to provide trusted access to our API and data tools, communicate with Users, and provide support.
A. Information Our Users Provide
From time to time we ask Users to take part in questionnaires or surveys to Users for such purposes as understanding how our community members are using the OpenAQ platform and engaging with each other, as well as to help us to improve our services. The purpose and intended use of the information being collected will be explained in the survey itself. Any such questionnaires or surveys will be entirely voluntary. Our annual OpenAQ Community Survey asks demographic questions (Users’ country of residence, age, gender, and sector) so that the results of the survey can be filtered demographically. This information is reported outside of our organization only in the aggregate and not in a way that identifies any individual respondent. Respondents may optionally provide their name, institution, mailing address, and email address. This information is never published but is only used internally only to better understand survey results and to communicate with individual respondents.
Users may sign up for our electronic newsletter to receive information about OpenAQ’s activities. To receive the newsletter, Users must provide their email address, which will be used solely to deliver the newsletter to them.
B. Information Automatically Collected from Users
We collect certain information automatically, including:
Information you provide automatically
We collect and analyze information provided automatically when you access our services (“Log Data”), including the Internet Protocol (IP) address used to connect your computer to the Internet, computer and connection information such as browser type, version, language, and time zone setting, browser plug-in type and version, screen resolution, and operating system and platform. This information is stored in log files. We collect this technical information automatically to better understand User needs and provide Users with an optimal online experience.
Our legal bases for processing personal information
For personal data under OpenAQ’s control, we rely on the following bases to lawfully obtain and process personal information: Where Users have given us valid consent to use their data in certain ways, we rely on that consent. Where Users provide information in order to access our services, we rely on contractual necessity to process that information as necessary to perform those services. As described below, in certain cases we may process information necessary to meet legal obligations, such as compliance with law enforcement subpoenas or warrants. In limited cases, for example to ensure the security of our services and the reliability of our data, we may process your information to further our legitimate interests, so long as any such legitimate interests are not overridden by your rights or interests.
How and When We Share Information
OpenAQ does not sell your information. As set out below, we only share information on a limited basis in order to enable us to offer our services. We do not otherwise make User data available to third parties.
We employ other organizations and service providers to perform certain functions on our behalf. These third parties have only limited access to your information, may use your information only to perform these tasks on our behalf, and are obligated to OpenAQ not to disclose or use your information for other purposes.
Our use of third party service providers includes:
- Amazon Web Services S3 and Web Application Firewall (see the AWS Privacy Notice ): to host the OpenAQ data platform (using the AWS US East - N. Virginia datacenter) and protect the security of our API. The personal data we collect (as described above) is stored on AWS servers. AWS also collects Log Data when you connect to our API. Users may also choose to use other AWS services, such as Athena, to query the full archive of data. To access these services, Users must create an AWS account and provide certain personal information to AWS, including name, contact information, and payment information.
If you have any questions about the specific service providers we currently use, please contact us at email@example.com or by using the contact information set out at the end of this Policy.
Legal Compliance / Protection of the Public and Our Business / Legitimate Interests
We will release personal and account information: to comply with a subpoena, court order, legal process, or other legal requirement when we believe in good faith that such disclosure is necessary to comply with the law; to protect, establish, or exercise our legal rights or defend against legal claims; when we believe doing so is reasonably necessary to prevent harm to an individual; and/or to take action regarding illegal activities, suspected fraud, threats to our property, or violations of our legal terms.
We may also share your information during an organizational transaction like a merger or distribution of our assets to a successor organization. If such a transaction occurs, we will provide notification of any changes to control of your information, as well as choices you may have.
We do not knowingly collect personal information from anyone under the age of sixteen. If you are under the age of sixteen, your parent or guardian must provide their consent for you to use the services.
OpenAQ is based in the United States, processes and stores data in the United States, and makes its services available around the world. The United States, Member States of the European Economic Area (“EEA”), and other countries are governed by different laws.
OpenAQ provides a voluntary service and Users can choose whether or not they wish to use it. Because we offer our services to people in different countries and use technical infrastructure based in the United States, we may need to transfer your personal information across borders in order to deliver our services.
When your data is moved from its home country to another country, the laws and rules that protect your personal information in the country to which your information is transferred may be different from those in the country where you reside. For example, the legal requirements for law enforcement to gain access to personal information may vary between countries. If your personal data is in the United States, it may be accessed by government authorities in accordance with United States law.
How Secure Is Your Information?
We maintain administrative, technical, and physical safeguards designed to protect the privacy and security of the information we maintain about you. The connection between your computer and our website server is encrypted using Secure Sockets Layer (SSL) software. We use a Digital Certificate and secure pages will be identified by a padlock sign and “https://” in the address bar.
However, no method of transmission or storage is 100% secure. As a result, while we strive to protect your personal information, you acknowledge that: (a) there are security and privacy limitations inherent to the Internet which are beyond our control; and (b) security, integrity, and privacy of any and all information and data exchanged between you and us through this Site cannot be guaranteed.
Upon request, OpenAQ will provide Users with information about whether we hold any of their personal information. In certain cases, subject to relevant legal rights, Users have the right to object to the processing of their personal information, to request changes, corrections, or the deletion of their personal information, and to obtain a copy of their personal information in an easily accessible format. In order to do this, Users can contact us using the contact information set out at the bottom of this Policy. We will respond to every request within a reasonable timeframe and may need to take reasonable steps to confirm identity before proceeding.
You can also withdraw your consent to our processing of your information and the use of our services, and/or delete your User account at any time, by using the contact information below to request that your personal information be deleted. If you are an EU resident and believe that our processing of your personal data is contrary to the EU General Data Protection Regulation, you have the right to lodge a complaint with the appropriate supervisory authority.
If you withdraw your consent to the use or sharing of your personal information for the purposes set out in this policy, we may not be able to provide you with our services. Please note that in certain cases we may continue to process your information after you have withdrawn consent and requested that we delete your information if we have a legal basis/need to do so.
For personal data under its control, OpenAQ will retain such data only for as long as is necessary for the purposes set out in this policy, or as needed to provide Users with our services.
If a User no longer wishes to use our services, it may request deletion of its data at any time.
Notwithstanding the above, OpenAQ will retain and use User information to the extent necessary to comply with our legal obligations (for example, if we are required to retain your information to comply with applicable tax/revenue laws), resolve disputes, and enforce our agreements. We may also retain log files for the purpose of internal analysis, for site safety, security and fraud prevention, to improve site functionality, or where we are legally required to retain them for longer time periods.
If you have any questions, comments or suggestions about how we handle personal information you can contact OpenAQ at firstname.lastname@example.org (preferred) or at OpenAQ Inc. 4301 50th Street NW Suite 300 PMB 1046 Washington, DC 20016-4364.