a
Alienum phaedrum torquatos nec eu, vis detraxit periculis ex, nihil expetendis in mei. Mei an pericula euripidis, hinc partem.
Skip to main content

PRIVACY POLICY

DATE LAST MODIFIED. July 11, 2024

The Oprah Winfrey Charitable Foundation (“OWCF,” “we,” or “us”) respects the sensitive nature of any personal information you provide to us. We have created this Privacy Policy in order to demonstrate our commitment to the privacy of those who visit our website www.oprahfoundation.org (the “Site”) and any other of our websites or applications or offline services when we collect your “Personal Information” (as defined below). This Privacy Policy describes our information collection, storage and disclosure practices and the choices you have regarding how your personal information is collected and used by us to provide charitable services (“Services”). By accessing and using the Site, you consent to the collection, use and disclosure of information through the Site as described in this Privacy Policy.

Residents of the European Economic Area (“EEA”), which includes the member states of the European Union (“EU”), residents of the United Kingdom (“UK”) and residents of Switzerland , should consult the sections below of this policy relating to “International Data Transfers” and “Rights of EEA, UK and Swiss Residents” for provisions that may apply to them.

Users in California and other states with comparable privacy laws should consult the section below titled “Your California and Other State Privacy Rights” for rights that apply to them.

We reserve the right to change this Privacy Policy at any time. In the event we make material changes to this Privacy Policy, such policy will be re-posted in the “Privacy” section of our Site with the date such modifications were made indicated on the top of the page or we may contact you to inform you about the revisions with a link to the revised Privacy Policy. All changes are effective on the date listed at the top of this page and will apply to all information that we have about you. Your continued use of the Site or the Services after any change is posted indicates your acceptance of the changes and your continued consent to our processing of your Personal Information. If at any point you do not agree to any portion of this Privacy Policy, then you should immediately stop using the Site. You may also unsubscribe from certain communications by following the procedures set forth in this Privacy Policy, including the section below on “Notifications and Communications from Our Site/Opt-Out Rights.” Because this Privacy Policy contains legal obligations, we encourage you to review this Privacy Policy carefully. If you have any questions concerning this Privacy Policy or our information collection, storage and disclosure practices, please contact us at OWCF_Inquiries@harpo.com, or Oprah Winfrey Charitable Foundation, PO Box 29610, Los Angeles, California 90029.

1. When this Policy applies
This Policy applies when you use the Site or when we otherwise gather Personal Information about you to provide Services.  Please note that this Policy does not apply to our current or former employees, job applicants or contractors.

2. Personal Information We Collect and How Your Personal Information is Collected.
You may enter our Site and browse their contents without submitting any Personal Information. “Personal Information” is information that may be used to directly or indirectly identify you (which some cases, may include certain device information). Such information includes your name, e-mail address, physical address, phone number or other information about you such as your birth date. Most of the Personal Information we collect is contact information about yourself, including an e-mail address, telephone numbers, physical address or other information you provide to us. You may provide such information online or through other communications with us. We may combine the Personal Information that we obtain about you from these sources. We collect Personal Information about you when you visit the Site, including device or network data. The majority of such Personal Information is collected when you provide it through the Site, use our Services, subscribe to updates, sign up for our mailing list or otherwise provide us with your contact information. Some of this Personal Information will be required if you wish to obtain the Services

In general, the type of Personal Information we collect includes, but is not limited to:

  • Personal Information to contact you regarding our Services or to alert you to matters of interest;
  • Personal Information necessary to use the Services that you have requested;
  • As further explained below, un-identifiable and aggregated Personal Information pertaining to your Site visits that we automatically collect that help us maintain the appropriate features, functionality and user experience

We and our service providers use that data to: (i) enable you to contact us; (ii) guard against potential fraud; or (iii) provide answers to your inquiries or questions.

3. Uses of Personal Information
We use your Personal Information where:

  • It is necessary for our legitimate interests and your interests and fundamental rights do not override those interests;
  • We need to comply with a legal or regulatory obligation;
  • For internal purposes and service improvements for our Site and its functions and for customer service obligations;
  • We have your consent.

If we contact you or provide any materials or information to you, you always will be given the opportunity to unsubscribe from further emails in any promotional messages we send you.

4. Disclosures to Third Parties and Service Providers.
We will not disclose, rent, sell or share any Personal Information to unaffiliated third parties for marketing or any other purpose.

We contract with companies or individuals to provide certain services including email and hosting services, software development, career or personnel services, reservation services, and delivery services. We call them our “Service Providers.”

We may share both your Personal Information with Service Providers solely as appropriate for them to perform their functions. We may engage third parties to help us carry out certain other internal functions such as account processing, client services, or other data collection relevant to our business. Personal Information is shared with these third parties only to the extent necessary for us to process the transactions you initiate or perform other specific Services. Our partners are legally required to keep your Personal Information private and secure.
We may share your Personal Information with analytics providers, such as Google Analytics and other third parties, to tell us how the Website is performing, such as which parts interest visitors and how long they visit before leaving. Among other data, these providers may receive a User’s IP address.

Usage Data may be used in aggregate (anonymized) form for internal business purposes, such as generating statistics and developing marketing plans. We may share or transfer such aggregate, non-personally identifiable Usage Data with third parties for administrative, analytical, research, optimization, security and other purposes, but no such information will be linked with your Personal Information or be used to identify or contact you.

5. Other Disclosure of Personal Information
We may disclose your Information: (i) in response to subpoenas, court orders, or other legal process; to establish or exercise our legal rights; to defend against legal claims; or as otherwise required by law. In such cases we reserve the right to raise or waive any legal objection or right available to us; (ii) when we believe it is appropriate to investigate, prevent, or take action regarding illegal or suspected illegal activities; to protect and defend the rights, property, or safety of our company, our users, or others; and in connection with our Terms of Use and other agreements; or (iii) in connection with a corporate event, such as a divestiture, merger, consolidation, or asset sale, or in the unlikely event of bankruptcy. Please contact us if you need details about the specific legal ground we are relying on to process your Personal Information.

Notwithstanding any of the above, we will not share your Personal Information if such sharing is prohibited by applicable privacy and data protection law, including, without limitation, the EEA’s General Data Protection Regulation (“GDPR”) and the California Consumer Protection Act (“CCPA”).

6. Social Networks
If you choose to view information about us through a third-party social network such as Facebook (each, a “Social Network”), please be aware that such social networks are governed by their own privacy policies. Please check the privacy policy of each Social Network before using such features.

7. Non-Identifiable Data and Aggregated Personal Information
Regardless of whether you register for an account or submit information to us, OWCF may send one or more “cookies” to your computer. Cookies are small text files placed on your web browser when you visit our Site that store information on your computer, such as your Site preferences. We use cookies when you sign in to keep track of your personal session. We also use cookies to track your activity on the Site as a unique person. For security purposes, all of this information is stored in encrypted form. This data may be used to display information about our Services and Products on websites operated by third parties.

You can set your web browser to inform you when cookies are set, or to prevent cookies from being set altogether. Please note, however, that if you decline to use cookies, you may experience reduced functionality and slower site response times.

We may also collect aggregated information regarding users of the Platform that does not identify individual users. We may use third parties to assist in such collection as noted below. We may also collect technical information which includes information about your computer (for example your internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access the Website). We may also collect usage data which includes information about your use of the Website. We also collect aggregated data such as statistical or demographic data for legitimate business purposes not prohibited herein or by applicable data protection law. Aggregated data may be derived from an individual’s Personal Information but is not considered personal data under applicable data protection law as this data will not directly or indirectly reveal your identity. For example, we may aggregate your Usage Data to calculate the percentage of users accessing a specific website feature. We also use Google Analytics and other third party tools to access anonymized data to help us understand how our services are used. These tools are governed by the privacy policies of third parties.

8. Data Retention – How long will we use your Personal Information.
We will only retain your Personal Information for as long as reasonably necessary to fulfil the purposes we collected it for as specified in this Policy, including for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements.

To determine the appropriate retention period for Personal Information, we consider the amount, nature and sensitivity of the Personal Information, the potential risk of harm from unauthorized use or disclosure of your Personal Information, the purposes for which we process your Personal Information and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting or other requirements.

For example, we delete some activity as soon as you exit the Site, whereas we may retain traffic data for analytics purposes

9. Notifications and Communications from Our Website/Opt-Out Rights

Communications
We will send you email notifications from time to time. Some notifications are communications relating to us or our Services. You may always stop receiving marketing communications from us by following the “Unsubscribe” link provided on the bottom of an email or contacting us at OWCF_Inquiries@harpo.com.

Legal or Security Communications
We also send out notices that are required for legal or security purposes. For example, certain notifications are sent for your own protection. In other cases, these notifications involve changes to various legal agreements or Site policies. Generally, you may not opt out of such emails.

Other Communications
We may also send you responses to emails you send us, if appropriate.

If you have any questions regarding your opt-out rights, please contact us at OWCF_Inquiries@harpo.com.

10. Your Rights

Opting Out of Communications
As described above, we may use the Personal Information we collect from you to send you newsletters or other communications from us, including those promotional in nature. If you do not want to receive such communications, you can opt out by using the unsubscribe link at the bottom of our communications. You may also at any time opt out of receiving communications from us by sending an e-mail to OWCF_Inquiries@harpo.com with the subject line “Opt Out.”

As noted below, you may have rights under other jurisdictions in the United States (such as California) or outside the United States (such as the European Union).

We may ask you to provide additional information for identity verification purposes, or to verify that you are in possession of an applicable email account.

Please understand, however, that we reserve the right to retain an archive of such Personal Information for a commercially reasonable time to ensure that its deletion does not affect the integrity of our data; and we further reserve the right to retain an anonymous version of such Information.

11. Your California and other state privacy rights
This section applies to you only if you reside in California or another U.S. state where applicable law provides for some or all of these rights or substantially similar rights. Rights of California residents are specifically referred to as “rights under the CCPA” or “CCPA rights.”

Rights under the CCPA
As a charitable organization, OWCF is not subject to the California Consumer Privacy Act (“CCPA”). However, OWCF will adhere to and respect the rights conferred by the CCPA as appropriate for the nature of its charitable enterprise work and the information that it collects about individuals. Please note, however, that OWCF is not subject to enforcement measures provided under the CCPA.

The CCPA provides California consumers rights regarding their Personal Information (as defined in the CCPA). If you reside in a United States jurisdiction that has enacted a data privacy law, we extend the same rights to you that the CCPA grants to California consumers, except where we specify otherwise.

The categories of Personal Information we collect are generally described in the section above titled: Personal Information we collect and how your Personal Information is collected. These categories depend on how you use the Website.

Under the CCPA, qualifying California consumers may have the following rights:

Right to Know, Access, Correct and Delete
A California consumer has the CCPA rights to request that we disclose what Personal Information we collect, use, disclose, share or disclosed for a business purpose.

We may deny deletion requests, in whole or in part, with respect to information we reasonably need to:

  • Comply with a legal obligation
  • Allow you, other consumer, or us to exercise free-speech rights or other legal rights
  • Perform a contract with you or
  • If we use the information for solely internal purposes reasonably aligned with consumer expectations

Rights to Opt-Out of Sharing/Sale and Limit Use of Sensitive Information
You also have the CCPA rights to direct us (1) not to share or sell your Personal Information and (2) to limit our disclosure and your use of “sensitive personal information” necessary to provide the website to you.
Although California consumers have the right to opt-out of sharing or selling of Personal Information we do not sell or share Personal Information with any third party.

We do not collect “sensitive personal information” as it is defined in the CCPA and we therefore do not provide a mechanism to opt out of the use of such information.

As of the date of this Privacy Policy, we have no knowledge of any use of Personal Information that we collect from persons under the age of 16 for “sale” or “sharing” purposes.

No Retaliation
The CCPA prohibits us from discriminating against you if you exercise rights under the CCPA. You do not need to exercise this CCPA right. We never retaliate against anyone exercising their rights under the CCPA.

Preference Signals
Because we do not collect Sensitive Personal Information or sell or share any Personal Information, the Site is not presently configured to honor any global opt-out preference signal sent from California IP addresses to the Site through browser or device-level settings, provided the signal complies with CCPA’s requirements.

Submitting Requests
To submit a request to exercise a CCPA right, please submit a request as follows:

Oprah Winfrey Charitable Foundation
P.O. Box 29610
Los Angeles, California 90029
OWCF_Inquiries@harpo.com

with “Personal Information Request” in the subject line of your e-mail.

Verifying Requests
If we receive any request, a California consumer must provide sufficient information to identify the consumer, such as name, email address, home or work address, or other such information that is on record with us so that we can match such information to the Personal Information that we maintain. Do not provide social security numbers, driver’s license numbers, account numbers, credit or debit card numbers, medical information or health information with requests. If requests are unclear or submitted through means other than as outlined above, we will provide the California consumer with specific directions on how to submit the request or remedy any deficiencies. If the requests are unclear we may respond with direction on how to remedy the deficiencies.

If we cannot verify the identity of the consumer making the request, we may deny the request in full or in part.

Responding to Requests
We will respond to your request as quickly as we can, taking into account the nature of your request and the volume of pending requests. For California consumers, we will confirm receipt of your CCPA request within 10 days and will substantively respond within 45 days, unless we provide an explanation why an additional 45 days is necessary. California residents may submit rights requests through an authorized agent. We may request proof that the person who is the subject of the request authorized an agent to submit a privacy request on their behalf.

The content of our response will vary with the nature of your request, but we will always respond in accordance with any deadlines or requirements specified by the laws that apply to you.

Under certain circumstances, we may be unable to provide responsive Personal Information, such as when disclosure would create a substantial, articulable and unreasonable risk to the security of the information, users’ accounts with us, or the security or our systems and networks. We do not disclose account passwords or other non-personal information that enables users to access accounts. We also will not disclose California consumers’ social security numbers, driver’s license numbers or other government-issued identification numbers, financial account numbers, any health insurance or medication identification numbers.

We also will not disclose California consumers’ social security numbers, driver’s license numbers or other government-issued identification numbers, financial account numbers, any health insurance or medication identification numbers, or account passwords and security questions and answers.

We reserve the right to retain an archive of any information about you to the extent permitted by law. We also retain de-identified or aggregate data derived from information about you.

California Do Not Track Disclosures
Although some browsers currently offer a “do not track (‘DNT’) option,” no common industry standard for DNT exists. We therefore do not currently commit to responding to browsers’ DNT signals.

Civil Code 1798.83
Under certain circumstances, California Civil C ode Section 1798.83 states that, upon receipt of a request by a California consumer, a business may be required to provide detailed information regarding how that business has shared that customer’s Personal Information with third parties for direct marketing purposes. However, the foregoing does not apply to businesses like ours that do not disclose Personal Information to third parties for direct marketing purposes without prior approval or give customers a free mechanism to opt out of having their Personal Information disclosed to third parties for their direct marketing purposes.

12. Children Under 16
The Site are restricted to the use of adults over the age of majority in their place of residence. No portion of the Site is directed to children under the age of 16. Consequently, we do not knowingly collect personal identifying information from any person we know is a child under the age of 16. If we learn that we have collected personal information from a child under age 16 we will delete that information as quickly as possible. If you are a parent or guardian of a child under 16 years of age and you believe your child has provided us with Personal Information, please contact us at OWCF_Inquiries@harpo.com.

13. Rights of EEA Residents
This section of this Privacy Policy is applicable to residents of the European Economic Area (“EEA”). The EEA consists of the member states of the European Union, i.e., Austria, Belgium, Bulgaria, Croatia, Republic of Cyprus, Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, Sweden and Iceland, Liechtenstein, and Norway. This section also applies to residents of the United Kingdom (“UK”) and Switzerland.

The OWCF Site is accessible by viewers world-wide. Under the GDPR and similar laws, OWCF is both the controller and a co-processor of the Personal Information of EEA Residents. OWCF’s purpose for collecting and processing Personal Information from EEA Residents is to authenticate subscription to our mailing lists and to provide marketing information about our Services, including gift cards. The legal basis for collecting Personal Information for subscribing to our email lists is your consent. You may withdraw consent for obtaining such communications by following the “Unsubscribe” instructions on any communication or by contacting us at OWCF_Inquiries@harpo.com.

Please note that if you are a resident of the EEA, UK or Switzerland that you have certain rights under applicable privacy laws in regard to your Personal Information. These rights may include the Right of Access, Right to Rectification, Right to Erasure, Right to Restrict, Right to Object, Right to Data Portability, and Right to not be Subject to Automated Decision Making.

If you are a resident of the EEA, UK or Switzerland and believe that we have Personal Information about you, and you wish to access, correct, object to processing, request restriction of processing, withdraw consent, or request the transfer to a third party of the Personal Information that we have about you or exercise any other rights that you may have or have any questions relating to the processing of your Personal Information, please contact us at OWCF_Inquiries@harpo.com.

14. International Data Transfers
If you are resident outside the United States, including in the EEA, we transfer Personal Information provided by you for processing in the United States. Under the GDPR, we are considered a “controller” and a “co-processor” of the Personal Information of EEA Residents. By providing Personal Information to us for the purpose of obtaining information about us and our Services, you consent to the processing of such data in the United States. The transfer of your Personal Information to the United States is necessary for the performance of a contract between you and us. Please note that you may always remove yourself from our mailing list by contacting us at OWCF_Inquiries@harpo.com.

Please note that the United States does not have data protection laws equivalent to those in the EEA and other jurisdictions.

15. Links to Other Site
Our Site or communications may contain links to third party websites. Except as set forth in this Policy, we do not share your Personal Information with those third parties and are not responsible for the privacy policies of any third parties or their management of your Personal Information. Because they may treat your information differently than we do, we suggest you read the privacy policies on those third-party websites prior to submitting any Personal Information to such Site.

16. Security Policy
We limit access to the Personal Information we have about you to those employees who have a legitimate business need to access such information. We take commercially reasonable steps to protect our customers’ Personal Information against unauthorized disclosure or loss. However, no data transmission over the Internet can be guaranteed to be 100% secure. Therefore, while we strive to protect user information we cannot ensure or warrant the security of any information you transmit to us or from the Site. You engage in such transmissions at your risk.

If you believe your Personal Information is being improperly used by us or any third party, please immediately notify us via email at OWCF_Inquiries@harpo.com

17. Your Responsibilities
We ask that you keep the Personal Information that you provide to us current and that you correct any information you have provided us by contacting us at OWCF_Inquiries@harpo.com. You represent and warrant that all Personal Information you provide us is true and correct and relates to you and not to any other person.

If you use the Site, you are responsible for maintaining the confidentiality of your account and for restricting access to your computer or device, and you agree to accept responsibility for all activities that occur under your account.