IDEO Privacy Policy

Information we collect and how we use it

Browsing the Website does not require you to register for an account or provide any personal information to us.

In general, IDEO will gather some generic information automatically. This generic information may include the internet address assigned to your computer, the number and frequency of visitors and the IDEO.com sites visited. IDEO gathers this information using Google Analytics for the purpose of determining customer service and Website needs. Generic information does not reveal the identity of the visitor.

IDEO cookies
When you visit IDEO, we may send one or more cookies - a small file containing a string of characters - to your computer that uniquely identifies your browser. Any use of cookies by us will be solely for the purposes of improving the quality of access to the Website by storing user preferences, and tracking user trends, such as how people use the Website. Most browsers are initially set up to accept cookies, but you can reset your browser to refuse all cookies or to indicate when a cookie is being sent.

User communications
You may input your contact information into the Website so that IDEO may contact you. When you enter your contact information or send an email or other communication to IDEO, we may retain those communications in order to process your inquiries and respond to your requests. You may also input the email address of other parties to whom you would like a particular Website page forwarded to. We do not use your email address or contact information or any third parties’ email address that you enter to send commercial or marketing messages nor do we give or sell this information to any third parties.

Other sites
This Privacy Policy applies to this Website only. We do not exercise control over any sites that you may visit from a link on our Website. These other sites may place their own cookies or other files on your computer, collect data or solicit personal information from you.

Changes to this policy

Please note that this Privacy Policy may change from time to time. We will not reduce your rights under this Policy without your explicit consent, and we expect most such changes will be minor. Regardless, we will post any Policy changes on this page. Each version of this Policy will be identified at the top of the page by its effective date. If you have any additional questions or concerns about this Policy, please feel free to contact us any time through this web site or at IDEO LP, 715 Alma Street, Palo Alto, California, 94301, USA.


--

India Privacy Practices

IDEO LP (“IDEO”) respects the privacy of observation participants and the confidence of our clients and business partners. Accordingly, we collect, process and disclose personal information in a manner consistent with the laws of the countries in which we do business. The following India Privacy Practices (the “Privacy Practices”) sets forth the privacy principles established by IDEO with respect to transfers of personal information from India.

Scope
These Privacy Practices apply to all personal information received by observation participants from India including electronic, paper or verbal information.

Definitions

    For purposes of these Privacy Practices, the following definitions shall apply:
  • IDEO means IDEO LP and each of its predecessors, successors, affiliates, employees, representatives and branch offices.
  • “Personal information” means any information that relates to a natural person that, either directly or indirectly, either alone or in combination with other information available or likely to be available, is capable of identifying such person. For the purposes of these Privacy Practices, unless otherwise stated, “personal information” includes “sensitive personal information”, as defined below.
  • “Sensitive personal information” consists of (i) data relating to passwords, (ii) financial information including but not limited to bank account details, (iii) credit card and debit card details, (iv) physical, physiological and mental health condition, (v) medical records and history, (vi) sexual orientation, and (vii) biometric information of employees and family members, provided that any information that is freely available or accessible in the public domain or furnished under the Right to Information Act, 2005 or any other law in effect shall not be regarded as personal or sensitive personal information for the purposes of these Privacy Practices.

Privacy Principles
The privacy principles in these Privacy Practices have been developed based on Indian law.

Purposes of Processing
IDEO collects and uses personal information in order to select and administer its workforce; run its operations; ensure the safety and protection of its workforce and resources; and conduct design research in order to understand user needs to inform its design and innovation consulting services for its clients. In collecting sensitive personal data, IDEO obtains consent from the relevant individual for such collection and use of his/her sensitive personal data.

Notice
Where IDEO collects personal information directly from individuals in India, it will inform them about the purposes for which it collects and uses personal information about them, the types of third parties to which IDEO discloses that information, the choices and means, if any, IDEO offers individuals for limiting the use and disclosure of personal information about them, and how to contact IDEO. Notice will be provided in clear and conspicuous language when individuals are first asked to provide personal information to IDEO, or as soon as practicable thereafter, as well as any time IDEO proposes to use information for a purpose other than the purpose for which it was originally collected.

Choice
To the fullest extent required by applicable law, IDEO will offer individuals the opportunity not to provide personal information and to withdraw their earlier consent.

Data Integrity
IDEO will use personal information only in ways that are compatible with the purposes for which it was collected or subsequently authorized by the individual. IDEO will take reasonable steps to ensure that personal information is relevant to its intended use, accurate, complete, and current.

Disclosure / Transfers
IDEO will disclose or transfer personal information only with the consent of the data subject or where such disclosure is necessary for the performance of a contract between the data subject and IDEO or for compliance with a legal obligation. Such transfers include intercompany transfers from India to IDEO offices in the United States and Europe (and may include transfers to IDEO offices in Asia and Southeast Asia). Such transfers shall be made only to jurisdictions that implement and maintain security practices and procedures not lower than the standards of IS/ISO/IEC 27001. IDEO will obtain assurances from third parties to whom personal information is transferred that they will safeguard such information consistently with these Privacy Practices. Where IDEO has knowledge that a third party to whom personal information was transferred is using or disclosing such information in a manner contrary to these Privacy Practices, IDEO will take reasonable steps to prevent or stop the use or disclosure.

Access and Correction
Upon a reasonable request, IDEO may grant individuals reasonable access to correct, amend, or delete personal information that it holds about them.

Security
IDEO will implement reasonable practices and procedures, not lower than the standards of IS/ISO/IEC 27001, to protect personal information in its possession from loss, misuse and unauthorized access, disclosure, alteration and destruction. IDEO is committed to taking appropriate technical, physical and organizational measures to protect personal information (including sensitive personal information) against: unauthorized or accidental destruction, alteration or disclosure; accidental loss; unauthorized access; misuse; unlawful processing; or damage. These measures include equipment, application and information security; access security; and training of IDEO employees about these Privacy Practices and the appropriate processing of personal information.

Enforcement
IDEO will conduct compliance audits of its relevant privacy practices to verify adherence to these Privacy Practices. Any employee that IDEO determines is in violation of this policy will be subject to disciplinary action up to and including termination of employment.

Dispute Resolution
Any questions or concerns regarding the use or disclosure of personal information should be directed to Ka Yun Cheng, Privacy Officer, at the address below. IDEO will investigate and attempt to resolve complaints and disputes regarding use and disclosure of personal information by reference to the principles contained in these Privacy Practices.

Limitation on Application of Principles
Adherence by IDEO to the principles set forth in these Privacy Practices may be limited (a) to the extent required to respond to a legal or ethical obligation; (b) to the extent necessary to meet national security, public interest or law enforcement obligations; and (c) to the extent expressly permitted by an applicable law, rule or regulation.

Contact Information
Questions or comments regarding these Privacy Practices should be submitted to the IDEO Privacy Officer:
Ka Yun Cheng IDEO LP 715 Alma Street Palo Alto, CA 94301 kcheng@ideo.com
with a copy to: IDEO Legal Group IDEO LP 715 Alma Street Palo Alto, CA 94301 legalnotice@ideo.com
Changes to these Privacy Practices: These Privacy Practices may be amended from time to time, consistent with the requirements of the Indian law.

Updated as of August 1, 2013

This Privacy Policy applies to the IDEO.com website located at www.ideo.com.