Privacy Policy

Last Updated: December 12, 2024

1. What is the purpose of this policy?

This privacy statement (“Privacy Statement”) is provided by Women in Financial Markets, a 501c3 non-profit organization (‘‘WIFM’’, ‘‘we’’, ‘‘our’’, ‘‘us’’), and explains the manner in which we collect, utilize, protect and process your personally identifiable information (as defined below) when you use our website available at  https://womeninfinancialmarkets.org/ (the “Site”), when you interact with us, when you sponsor or donate to us or when you participate in our campaigns, events, programs or other events (“WIFM Events”). In this context, WIFM will generally act as a controller in respect of your personally identifiable information which means that we are responsible for the processing of your personally identifiable information, and we decide why and how your personally identifiable information is processed.

In addition to this Privacy Statement, certain WIFM Events may be governed by additional and more specific privacy terms or policies. Where applicable, these additional terms or policies will be made available to you and we encourage you to read these additional terms or policies before participating in the relevant WIFM Events.

Your privacy rights are very important to us and we strive to process your personally identifiable information in a manner consistent with the laws of the countries in which we operate as applicable (which, in the EEA and the UK, includes the EU General Data Protection Regulation and the UK General Data Protection Regulation (collectively referred to herein as the “GDPR”)).

The purpose of this policy is to provide the information required under applicable data protection laws in a transparent manner including:

  • why and how we collect, process and store your personally identifiable information;
  • what our role as controller of your personally identifiable information involves; and
  • what your rights and our obligations are in relation to this processing.

We may amend this Privacy Statement from time to time to keep it up to date with current legal requirements and with the way we operate. Please regularly check our website for the latest version.

2. When does this policy apply?

This policy applies to any and all forms of processing of personally identifiable information in any format or medium, relating to (i) individuals who are members, prospective members, WIFM program applicants, sponsors, prospective sponsors, donors, suppliers or prospective suppliers, or who otherwise visit the Site or attend WIFM Events, and (ii) individuals who are representatives or contact persons of members, prospective members, program applicants, sponsors, prospective sponsors, donors, suppliers or prospective suppliers. 

This Privacy Statement does not apply to any information processed about legal entities as such. This Privacy Statement does not apply to information collected offline or through any website operated by any third party, even if accessible from the Site. Any links that we provide to third-party websites or services are provided for your convenience and information. We do not own, operate, control or endorse such third party websites or services nor content or links that appear on such third-party websites and this Privacy Statement does not apply to any such unaffiliated sites or services. If you visit any linked third party sites or services, please review any applicable privacy policies. We are not responsible for the content of such unaffiliated sites, any use of such sites or services nor the privacy practices of any third parties.

3. What do the terms in this policy mean?

The terms used in this policy have the following meaning:

controller” means the natural or legal person which, alone or jointly with others, determines the purposes and means of the processing of personally identifiable information. Therefore, this is the person who determines the ‘how’ and ‘why’ of the processing of personally identifiable information.  For data processed in accordance with this policy, the controller shall be WIFM.

European Economic Area” or “EEA” means the Member States of the European Union plus Iceland, Liechtenstein, Norway, and Switzerland.

GDPR” means the EU General Data Protection Regulation and the UK General Data Protection Regulation.

personally identifiable information” means (i) any information that identifies, relates to, describes, is reasonably capable of being associated with or could reasonably be linked, directly or indirectly, with a particular person, but does not include any information that is publicly available (unless otherwise required by applicable laws or regulations) or that is aggregated or de-identified; or (ii) with respect to the processing activities that are subject to the GDPR, personal data as such term is defined in the GDPR.

 “processing” means any operation or set of operations that is performed upon personally identifiable information or sets of personally identifiable information, whether or not by automatic means, such as collection, recording, organization, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, blocking, erasure or destruction and the verb “to process” shall be construed accordingly.

processor” means a natural or legal person which processes personally identifiable information on behalf of the controller. Processors may be subsidiaries, affiliates or third party suppliers and service providers.

4. How can I contact you?

Please contact us at [email protected] if you have any questions about the information included in this Privacy Statement or if you wish to exercise any of your rights set out below. 

5. What type of personally identifiable information do you collect?

We collect and use certain personally identifiable information about you including the following:

  • your name;
  • your contact details – such as your addresses, telephone numbers and email addresses;
  • information about your current and past employment or job titles, type of business, practice areas and years of experience;
  • certain financial information (such as payment method, payment card number, expiration date, authorized number or security code and billing address) when you donate to us or pay a registration fee to attend WIFM Events or conferences; and
  • information you provide voluntarily, for example, when you post a new job, sponsor us or provide additional information when you sign up to attend WIFM Events.


We do not generally expect to process sensitive personally identifiable information, but to the extent you provide us with such information, or if we obtain it from a third party, we will process such sensitive information only as permitted under applicable laws and regulations.

Where the GDPR applies, sensitive personally identifiable information should be deemed to refer to special category data as defined in the GDPR, which are as follows: personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person’s sex life or sexual orientation.

Additionally, we may automatically collect certain information about you through online technologies when you visit our Site that may also constitute personally identifiable information; such information may include:

  • IP address or other device address or ID;
  • The type of browser, operating system or equipment used to access the Site;
  • Usage details, such as the date and time you visited the Site, the Internet address of the site from which you linked to the Site, the links you follow from the Site including to our Payment Processor (as defined above), and the reading history and other analytics related to how you use and view the content we have provided via the Site; and
  • General activity information as part of our and our service providers’ fraud-prevention programs.

6. How do you get my personally identifiable information?

A. Information you provide:

We collect your personally identifiable information when you provide details to us directly, including through your interactions with the Site, or through organizations we integrate with, including whenever:

  • you sign up to become a member;
  • you sign up to attend WIFM Events;
  • you sign up to receive our newsletter;
  • you sign up to become a sponsor;
  • you make donations to WIFM;
  • you tender to become a supplier;
  • you sign up to be part of a WIFM program, such as the Cohort Program, Wolfpack and Mentorship; or
  • you send an email or message us through the contact information provided on the Site.

 

B. Information we automatically collect

We may also obtain information in other ways through technology, some of which may be linked to you personally. When you visit the Site, or use a third-party website that interacts with our Site, including our Payment Processor, we may automatically receive and record certain information from your computer, web browser or mobile device that may constitute personally identifiable information.

For example, WIFM uses “cookies to enhance your experience while visiting the Site. “Cookies” are small pieces of data sent to your computer browser from our web server and stored on your computer’s hard drive. This data identifies you as a unique user and facilitates your ongoing access to and use of the Site.  

Please note that you may choose to set your web browser to refuse or delete cookies, or to alert you when cookies are being sent. If you choose to turn off cookies, however, some parts of the Site may not function properly. Even if you block or delete cookies, not all of the tracking that we have described in this Privacy Statement will stop.

Do Not Track Disclosure.  Third parties such as advertising networks, analytics providers and widget providers may collect information, including personally identifiable information, about your online activities over time and across different websites when you access or use our services.   Currently, various browsers offer a “Do Not Track” option, but there is no standard for how “Do Not Track” should work on commercial websites.  Due to the lack of such standards, the Site does not respond to “Do Not Track” consumer browser settings.

C. Other information we may collect via third-party sources:

We may collect information about you (i) when you interact with our page or account on social media, such as LinkedIn (e.g., click on our links and/or provide information to us via the relevant account), (ii) through other sources, including the legal entity you are part of (for example if you are designated by a legal entity with whom we have a relationship as its representative), and others who think you might be interested in our work or (iii) through third party service providers (including Payment Processors, discussed below) acting on our behalf.

In addition to the personally identifiable information collected from all Site visitors, we may collect additional personally identifiable information from donors who donate to us through the Site, which may include the name and address of the donor and types and amounts of the donation, and will use such information in addition to the uses set forth below in order to process donations, issue tax receipts and analyze giving patterns.

Online donations made through the Site are facilitated by third-party payment processors such as PayPal (“Payment Processors”).  If you choose to make a donation, you will be linked to the relevant Payment Processor’s website, which may be made available via “framing technology,” and therefore may appear to be a part of our Site.  Your financial information, such as payment method (credit or debit card number and expiration date), is used and stored by the relevant Payment Processor, and the use and storage of that information is governed by the relevant Payment Processor’s terms of service and privacy policy.  We urge you to familiarize yourself with such terms prior to submitting any personally identifiable information.  We are not responsible for the data collection, privacy and information sharing policies and procedures or the content of such websites.  We may from time to time request and receive some of your financial information from the relevant Payment Processor for purposes of completing transactions or protecting against or identifying possible fraudulent transactions.

7. Why do you collect my personally identifiable information?

We process your personally identifiable information for the following reasons:

  • to provide operate, improve and enhance our Site;
  • to provide you with any services that you have signed up for;
  • to register you for our WIFM Events;
  • to send you emails you have opted into receiving, including email updates on our upcoming WIFM Events, programs, announcements and newsletters;
  • to receive any payments you make to us and provide you with a receipt;
  • to contact you regarding scholarship or employment opportunities or applications;
  • to improve our services, facilities, events and other programmatic operations;
  • to communicate with you about a donation or processing a transaction;
  • to keep in touch, communicate and engage with you, including in response to specific inquiries and requests;
  • when required to do so by law, or in the good faith belief that such action is necessary to comply with applicable laws, or to respond to a court order, subpoena, legal process or search warrant;
  • if we reasonably and in good faith believe it is necessary to protect the rights, property, and safety of you, us or others, including our service providers or other visitors to our Site; and
  • in connection with a merger, acquisition, bankruptcy, or other transaction in which a third party assumes control of all or part of our business.


Several of the above purposes for processing may overlap and there may be several purposes which justify our use of your personally identifiable information. Where required by applicable laws or regulations, we will only use your personally identifiable information for the purposes for which we collect it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose for such collection.

Your personally identifiable information will only be used for marketing purposes if you consent (and you can change your mind at any time).

We may disclose aggregated or anonymous information not linked to any personally identifiable information regarding visitors to our Site with third parties without restriction, including in connection with maintaining, improving, and fixing any operational errors on the Site.

8. On what grounds do you collect my personally identifiable information?

Where our processing of your personal data is subject to the GDPR, we process your personally identifiable information for at least one of the following legal bases:

  • where you have given consent for the processing of your personally identifiable information for one or more specific purposes, for example where you have applied for one of our WIFM Events or signed up to our newsletter;
  • where processing is necessary for the performance of a contract or as necessary prior to entering into a contract;
  • to comply with legal obligations to which we are subject, to meet responsibilities we have to regulators, tax officials, law enforcement or otherwise meet our legal responsibilities; or
  • to pursue our legitimate interests, balanced against your interests or fundamental rights and freedoms which are not overridden, which include (i) operating WIFM Events and to keep you informed about any upcoming WIFM Events, or (ii) any other purposes we identify as relevant to further our interests.

Where the legal basis relied on is your consent, you have the right to withdraw your consent, or to object to the processing of your personally identifiable information for that purpose, at any time, including processing relating to the marketing purposes.  In certain circumstances, we may not be able to delete your personally identifiable information in its entirety, for example where we must keep track of certain information to comply with legal obligations.  You can exercise these rights by contacting us using the contact details detailed in the ‘How can I contact you’ section above.

9. Will you share my personally identifiable information with anyone else?

We will disclose your personally identifiable information only for limited and specified purposes, namely, those described in this Privacy Statement, and we will not sell your personally identifiable information to any third party for any purpose. 

We may disclose your personally identifiable information to our affiliates and non-affiliated service providers, but we only do so in compliance with applicable laws and regulations.  In addition, we, or any other third party recipient to whom we transferred your personally identifiable information, may also transfer your personally identifiable information to third party processors to complete the purposes listed above, where necessary.

Third party recipients of your personally identifiable information may include:

  • IT service providers, cloud service providers, customer relationship management system providers, payment service providers (including our Payment Processors), fraud screening providers and hosting and database providers, who will generally act as processors on our behalf;
  • consultants, suppliers and other service providers who assist in: promoting, marketing, analyzing or running any of our WIFM Events or other services; conducting reviews and surveys; communicating with you on our behalf; processing and fulfilling transactions such sponsorships and donations; and as otherwise necessary to provide promotional communications or services to customers. These third party recipients will also generally act as processors on our behalf;
  • law enforcement agencies, regulatory or tax authorities and other governmental or public agencies or authorities; and
  • other third parties for purposes you have allowed or to which you have consented.

10. Will you transfer my data to other countries?

As we are based in the United States of America, all information we collect and process is stored and processed in the United States of America for the purposes described in this Privacy Statement. We may further transfer your personally identifiable information to other third parties that may process your personally identifiable information in a country outside of the EEA and the UK.  The data protection laws in the recipient’s jurisdiction may sometimes provide a lower level of protection than those in the EEA or the UK.  When we transfer your personally identifiable information to a jurisdiction with a data protection regime that is not deemed ‘adequate’ under the GDPR, we will take appropriate steps to ensure it is adequately protected in compliance with the GDPR. Please contact us as detailed in the ‘How can I contact you?’ section for further information regarding these transfers.

11. What happens if I do not provide my personally identifiable information?

You are not legally required to provide us with your personally identifiable information. However, we sometimes need your personally identifiable information to provide you with our services. For example, we will not be able to register your account or send you our newsletter without your contact details and you may not be able to participate in our WIFM Events without providing the specific information required for participation.

12. How long will you keep my personally identifiable information?

We will not retain your personally identifiable information for longer than is necessary to fulfil the purposes explained above.  We may retain your personally identifiable information for longer if it is considered necessary, for example, in light of actual or potential legal action and to enforce our contractual agreements.

To determine the appropriate retention period for personally identifiable information, we consider the amount, nature and sensitivity of the personally identifiable information, the potential risk of harm from unauthorized use or disclosure, the purposes for which we process your personally identifiable information and whether we can achieve those purposes through other means, and any applicable legal requirements.

13. What are my rights?

  • As noted above, you may, of course, decline to share certain information with us, in which case we may not be able to provide to you some of the features and functionality of the Site or certain of our services.
  • If you do not wish to receive newsletters from us, you can opt out of receiving email information from us (except for emails related to your donations and other communications essential to your transactions through the Site) by using the unsubscribe process at the bottom of the email, or by contacting us directly at [email protected]. Should you opt out, we will promptly honor your request, though we may retain certain information you submit (including in backups or archives) for a variety of purposes, including analytics, the prevention of fraud or abuse and compliance with our legal or regulatory obligations.


Where our processing of your personal data is subject to the GDPR, you have the following additional rights in relation to your personal data (as such term is defined under the GDPR):

  • request access – to request confirmation of whether we process personal data relating to you and, if so, to request a copy of that personal data;
  • request correction – to request that we rectify or update your personal data that is inaccurate, incomplete or outdated;
  • request erasure – to request that we and our service providers erase your personal data in certain circumstances, such as where we collected personal data on the basis of your consent and you withdraw your consent;
  • request the restriction of processing – to request that we restrict the use of your personal data in certain circumstances, such as while we consider another request that you have submitted, for example a request that we update your personal data;
  • withdraw consent – in the circumstances where our processing of your personal data is based on your consent, to withdraw your consent, although withdrawal of consent (i) does not invalidate the consent-based processing that occurred prior to such withdrawal or processing that is not based on consent and (ii) means that we will no longer be able to perform such consent-based processing activities, and may result in us being unable to provide certain services to you;
  • request portability – under the GDPR, if applicable in your circumstances, to request that we provide a copy of your personal data to you (or to another controller designated by you) in a structured, commonly used and machine-readable format in certain circumstances; and
  • object to processing – to object to certain of our data processing, such as for direct marketing purposes or where we are relying on legitimate interests (or those of a third party) to which you object based on your particular circumstances.

If you wish to exercise any of your data protection rights or if you consider that we have processed your personal data in violation of applicable law, please contact us as detailed in the ‘How can I contact you’ section above.

If you consider that we have processed your personal data in violation of applicable law or that we have failed to remedy such violation to your reasonable satisfaction, you may also lodge a complaint with the data protection supervisory authority in your country.

14. What steps will you take to protect children’s privacy?

Protecting the privacy of young children and minors is especially important.  For that reason, we do not allow children under 13 years of age to use the Site, we do not knowingly collect or maintain information from persons under 13 years of age and no part of the Site is directed to persons under 13 years of age.  If you are under 13 years of age, then please do not use or access the Site at any time or in any manner. 

If you discover that a child under 13 years of age has provided us with information, please alert us at [email protected].

15. What steps will you take to ensure the security of my personally identifiable information?

We are committed to keeping your personally identifiable information safe and secure. Therefore, we use certain physical, managerial, and technical safeguards– e.g., data collection, storage and processing practices and security measures that are designed to protect the integrity and security of your personally identifiable information. Even so, despite our reasonable efforts, no security measure is ever perfect or impenetrable. You are also responsible for keeping your personally identifiable information secure; for example, you should make sure you only use trusted wireless connections in transmitting any personally identifiable information or other sensitive information. You are encouraged not to share sensitive information with us unless it is absolutely necessary.

We cannot guarantee that your information may not be accessed, disclosed, altered, or destroyed by breach of any of our physical, technical, or managerial safeguards. We are not responsible for circumvention of any privacy settings or security measures contained on the Site.

If you provide credit card information to make a donation, your credit card information is not stored, held or accessible by us. Instead, such information is collected by a third-party Payment Processor (as discssed above), which specializes in the secure processing of credit or debit card transactions. To the extent a Payment Processor is used to process any donations, your information will only be used by the relevant Payment Processor in connection with processing related to the donation, including for reporting purposes.

In addition, we have taken appropriate steps designed to ensure compliance with all Internal Revenue Service, state and local regulations and WIFM’s internal policies governing the retention, management, and destruction of donor information collected and maintained by WIFM.