DANDELION PRIVACY POLICY

INFORMATION WE COLLECT

Information You Provide

We collect information you provide directly to us. For example, you share information directly with us when you fill out a form, submit or post content through our Services, share information in a Council session, communicate with us via third-party platforms, request customer support, or otherwise communicate with us. The types of personal information we may collect include your full name, email address, phone number, the organization you work for, time zone, and any other information you choose to provide.

Information We Get When You Use Our Services

When you access or use our Services, we automatically collect certain information, including:

• Activity Information: We collect information about your activity on our Services, such as which Council sessions you sign up for and how many sessions you attend.
• Device and Usage Information: We collect information about how you access our Services, including data about the device and network you use, such as your hardware model, operating system version, mobile network, IP address, unique device identifiers, and browser type. We also collect information about your activity on our Services, such as access times, pages viewed, links clicked, and the page you visited before navigating to our Services.
• Location Information: In accordance with your browser settings, we may collect information about the location of your device. You may stop the collection of location information at any time (see the Control Over Your Information section below for details).
• Information Collected by Cookies and Similar Tracking Technologies: We (and our service providers) use tracking technologies, such as cookies and web beacons, to collect information about you. Cookies are small data files stored on your hard drive or in device memory that help us improve our Services and your experience, see which areas and features of our Services are popular, and count visits. Web beacons (also known as “pixel tags” or “clear GIFs”) are electronic images that we use on our Services and in our emails to help deliver cookies, count visits, and understand usage and campaign effectiveness. For more information about cookies and how to disable them, see the Control Over Your Information section below.

Information We Collect from Third Parties

We obtain information from third-party sources. For example, we may collect information about you from advertising networks and data analytics providers.

Information We Derive

We may derive information or draw inferences about you based on the information we collect. For example, we may make inferences about your location based on your IP address or infer that you may be interested in a category of Council sessions based on your browsing behavior and past sessions attended

HOW WE USE INFORMATION

We use the information we collect to deliver the services you request and customize your experience with us. We also use the information we collect to:

• Provide, maintain, and improve our products and services;
• Process bookings for Council sessions and send you related information, including confirmations and customer experience surveys
• Personalize and improve your experience on our Services;
• Send you technical notices, security alerts, and support and administrative messages;
• Respond to your comments and questions and provide customer service;
• Communicate with you about products, services, and events offered by Dandelion and others and provide news and information that we think will interest you (see the Control Over Your Information section below for information about how to opt out of these communications at any time);
• Monitor and analyze trends, usage, and activities in connection with our Services;
• Facilitate promotions and process and deliver entries and rewards;
• Detect, investigate, and prevent security incidents and other malicious, deceptive, fraudulent, or illegal activity and protect the rights and property of Dandelion and others;
• Debug to identify and repair errors in our Services;
• Comply with our legal and financial obligations; and
• Carry out any other purpose described to you at the time the information was collected.

HOW WE SHARE INFORMATION

We share personal information in the following circumstances or as otherwise described in this policy:

• We share personal information with vendors, service providers, and consultants that need access to personal information in order to perform services for us, such as companies that assist us with web hosting, fraud prevention, customer service, and marketing and advertising.
• If you post content during a virtual Council session, such as when using the video call’s chat function, that information will be shared with other users in the Council session.
• We may disclose personal information if we believe that disclosure is in accordance with, or required by, any applicable law or legal process, including lawful requests by public authorities to meet national security or law enforcement requirements.
• We may share personal information if we believe that your actions are inconsistent with our user agreements or policies, if we believe that you have violated the law, or if we believe it is necessary to protect the rights, property, and safety of Dandelion, our users, the public, or others.
• We share personal information with our lawyers and other professional advisors where necessary to obtain advice or otherwise protect and manage our business interests.
• We may share personal information in connection with, or during negotiations concerning, any merger, sale of company assets, financing, or acquisition of all or a portion of our business by another company.
• Personal information is shared between and among Dandelion and our current and future parents, affiliates, and subsidiaries and other companies under common control and ownership.
• We share personal information with your consent or at your direction.

We also share aggregated or de-identified information that cannot reasonably be used to identify you.

ANALYTICS

We allow others to provide analytics services on our behalf across the web and in mobile apps. These entities may use cookies, web beacons, device identifiers, and other technologies to collect information about your use of our Services and other websites and applications, including your IP address, web browser, mobile network information, pages viewed, time spent on pages or in mobile apps, links clicked, and conversion information. This information may be used by Dandelion and others to, among other things, analyze and track data, determine the popularity of certain content, and better understand your online activity.

TRANSFER OF INFORMATION TO THE UNITED STATES AND OTHER COUNTRIES

Dandelion is headquartered in the United States, and we have operations and service providers in the United States and other countries. We may collect your personal information from, transfer it to, and store and process it in the United States and other countries outside of where you live. Whenever we share information outside of where you live, when we are legally required to do so, we make sure an adequate transfer mechanism is in place. We also make sure any third parties we share information with have an adequate transfer mechanism in place, as well.

CONTROL OVER YOUR INFORMATION

Location Information

The location data we collect may depend on your browser settings. You can typically turn your location on or off through your browser settings. If you stop collection of this location information, some features of our Services may no longer function properly.

Cookies

Most web browsers are set to accept cookies by default. If you prefer, you can usually adjust your browser settings to remove or reject browser cookies. Please note that removing or rejecting cookies could affect the availability and functionality of our Services.

Communications Preferences

You may opt out of receiving promotional emails from Dandelion by following the instructions in those communications or by contacting us. If you opt out, we may still send you non-promotional emails, such as those about our ongoing business relations.

YOUR CALIFORNIA PRIVACY RIGHTS

The California Consumer Privacy Act or “CCPA” (Cal. Civ. Code § 1798.100 et seq.) affords consumers residing in California certain rights with respect to their personal information. If you are a California resident, this section applies to you.

California Consumer Privacy Act

For details about the precise data points we collect and the categories of sources of such collection, please see the Information We Collect section above. We collect personal information for the business and commercial purposes described in the How We Use Information section above.

In the last 12 months, we have collected the following categories of personal information:

• Identifiers such as a real name, alias, postal address, unique personal identifier, online identifier, internet protocol address, email address, or other similar identifiers.
• Personal information categories listed in the California Customer Records provisions, such as your name, telephone number, or employer.
• Commercial information, including records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.
• Internet or other electronic network activity information, including, but not limited to, browsing history, search history, and information regarding a consumer’s interaction with an internet website, application, or advertisement.
• Professional or employment-related information.
• Inferences drawn from other personal information. We may use this information to create a profile about a consumer reflecting the consumer’s preferences.

In the last 12 months, we have disclosed the above categories of personal information for business purposes or at your direction with our affiliates, service providers, and third parties. For more details on third parties we share data with, see the How We Share Information section above.

Dandelion does not sell your personal information. We do not knowingly sell personal information about consumers under the age of 16.

Subject to certain limitations, you have the right to (1) request to know more about the categories and specific pieces of personal information we collect, use, and disclose, (2) request deletion of your personal information, (3) opt out of any “sales” of your personal information that may be occurring, and (4) not be discriminated against for exercising these rights. You may make these requests by contacting us. We will verify your request by asking you to provide information related to your recent interactions with us, such as information about a recent Council session you attended. We will not discriminate against you if you exercise your rights under the CCPA.

If we receive your request from an authorized agent, we may ask for evidence that you have provided such agent with a power of attorney or that the agent otherwise has valid written authority to submit requests to exercise rights on your behalf. If you are an authorized agent seeking to make a request, please contact us.

USERS IN THE EUROPEAN UNION

If you are located in the European Economic Area (EEA), the United Kingdom, or Switzerland, you have certain rights and protections under the law regarding the processing of your personal data, and this section applies to you.

Legal Basis for Processing

When we process your personal data, we will do so in reliance on the following lawful bases:

• To perform our responsibilities under our contract with you (e.g., providing the products and services you requested).
• When we have a legitimate interest in processing your personal data to operate our business or protect our interests (e.g., to provide, maintain, and improve our products and services, conduct data analytics, and communicate with you).
• When we have your consent to do so (e.g., when you opt in to receive marketing communications from us). When consent is the legal basis for our processing of your personal data, you may withdraw such consent at any time.
• To comply with our legal obligations (e.g., to maintain a record of your consents and track those who have opted out of marketing communications).

Data Retention

We store personal data for as long as necessary to carry out the purposes for which we originally collected it and for other legitimate business purposes, including to meet our legal, regulatory, or other compliance obligations.

Data Subject Requests

Subject to certain limitations, you have the right to request access to the personal data we hold about you and to receive your data in a portable format, the right to ask that your personal data be corrected or erased, and the right to object to, or request that we restrict, certain processing. If you would like to exercise any of these rights, please contact us .

EU Representative

Dandelion has appointed Snap B.V. as its EU representative. You can contact the EU representative at:

Questions or Complaints

If you have a concern about our processing of personal data that we are not able to resolve, you have the right to lodge a complaint with the Data Protection Authority where you reside. Contact details for your Data Protection Authority can be found using the links below:

For individuals in the EEA:
https://edpb.europa.eu/about-edpb/board/members_en

For individuals in the UK:
https://ico.org.uk/global/contact-us/

For individuals in Switzerland:
https://www.edoeb.admin.ch/edoeb/en/home/the-fdpic/contact.html