top of page


Last updated February 2021

As a nonprofit organization engaged in the provision of services to our community, Community For Global Innovation Inc. (the “Nonprofit”), is committed to protecting the privacy of confidential and personal information, including personal data relating to individuals who may be clients, staff, agents, lawyers, students, job applicants, volunteers or others inside or outside the Nonprofit. The policy of the Nonprofit is to comply with any applicable rules of professional conduct which impose a duty to preserve and protect confidential client information upon associated personnel.

This Privacy Statement is intended to summarize the Nonprofit’s data protection practices generally, and to advise its clients, interested students, job applicants, website visitors, volunteers, and other third parties about the Nonprofit’s privacy policies that may be applicable to them.

​This Privacy Statement is specifically addressed to parties outside the Nonprofit who: (1) provide personal information, including but not limited to information that identifies you as an individual or relates to an identifiable person, such as name, postal address, telephone number, email address, etc. (“Personal Information”) to the Nonprofit; or (2) who visit or use the Nonprofit’s website at (“Website”).


Our Collection of Personal Information

The Nonprofit only collects Personal Information that is voluntarily provided.  Any Personal Information that we collect is provided to us by you, or by a third-party who you have authorized to provide us with your Personal Information.


Providing Personal Information about Others

If you provide the Nonprofit with Personal Information about third parties, you warrant to the Nonprofit that any Personal Information that you provide to the Nonprofit about any third parties was obtained by you with full consent, and that the individual has not communicated to you that they wish to opt out of receiving communication from the Nonprofit or having the Nonprofit collect information about him or her or them.


Website Hosting

The Website is hosted and operated in the United States (“U.S.”).  By using the Website, you acknowledge that any Personal Information about you, regardless of whether provided by you or obtained from a third party, is being provided to the Nonprofit in the U.S. and will be hosted in the U.S.


Use and Disclosure of Personal Information

If you do provide Personal Information to the Nonprofit, the Nonprofit may use that Personal Information to:

  • Provide you with services, if you are or become a client of the Nonprofit, and/or respond to any requests or inquiries you may have;

  • Invite you to seminars, panel events, conferences and other engagements;

  • Contact you (unless you tell us that you prefer us not to) regarding immigration developments that may be of interest to you;

  • Carry out, monitor and analyze our business or Website operations;

  • Collect anonymous traffic data and geographic location, derived from your IP address, and perform web analytics by using software and cookies;

  • Enter into or carry out contracts of various kinds; and

  • Comply with any applicable laws or regulations.


We do not disclose any Personal Information to unrelated parties outside of the Nonprofit, except to our agents or data processors or other contractors acting on our behalf and at our direction, subject to appropriate confidentiality, privacy and information security commitments provided by the receiving party; where we believe it necessary to provide a service which you have requested; as permitted or required by law; or as otherwise authorized or directed by you.

We reserve the right to disclose Personal Information that we believe to be necessary or appropriate in the following circumstances:

  • As required by law, such as to comply with a subpoena, or similar legal process;

  • When we believe in good faith that disclosure is necessary to protect the Nonprofit’s rights, protect your safety or the safety of others, investigate fraud, or respond to a government request;

  • To enforce the Nonprofit’s Terms of Service or other contract, to the extent any is applicable; and

  • To allow the Nonprofit to pursue available remedies or limit the damage it may sustain.


Confidentiality of Client Information

Consistent with its professional obligations, the Nonprofit’s policy is to exercise the utmost discretion regarding the information our clients entrust to us. The Nonprofit accepts and processes client information in a manner that is always subject to the client’s direction and control, and the Nonprofit maintains reasonable and appropriate, although not infallible, security precautions. It never purposefully trades, sells or shares your information with any unrelated parties except as necessary or appropriate to conduct the Nonprofit’s legal and business activities; subject to appropriate confidentiality, privacy and information security commitments provided by the receiving party; to further your interests; or as permitted or required by law, or as authorized or directed by you. Please feel free to raise any questions, concerns or specific directions you may have regarding the privacy and security of your information to to

Client Credit Card Information

If you are a client of the Nonprofit, you may pay for services or make a donation via wire, cash, check or credit card.  If you opt to transfer money to the Nonprofit via credit card, the Nonprofit may direct you to the website of our third party payment processor to process your payment.  By agreeing to process your payment vis a vis our third-party payment processor, you expressly agree to its privacy policy. You may contact any payment processor directly regarding any questions or concerns you have about your Personal Information submitted through their website.

Legitimate Business Interest under the GDPR

The processing of Personal Information shall always be in line with the General Data Protection Regulation (GDPR), and in accordance with the country-specific data protection regulations applicable to the Nonprofit.  European Union (EU) data subjects are informed, by means of this Privacy Policy, of the rights to which they are entitled.

Specifically for EU data subjects visiting our Website, we collect your Personal Information in furtherance of our legitimate interest to carry out our business in favor of the well-being of the Nonprofit.  ​Our use of your Personal Information is based on the legitimate grounds that:

  • The use is necessary in order to fulfill our commitments to you under our Terms of Service or applicable client fee agreements;

  • The use is necessary in order to protect your vital interests or those of another person or entity;

  • We have a legitimate interest in using your information – for example, to provide and update our Website or Services, to improve our Website or Services so that we can offer you an even better user experience, to safeguard our Website or Services, to communicate with you, to measure, gauge, and improve the effectiveness of our advertising, and better understand user retention and attrition, to monitor and prevent any problems with our Services, and to personalize your experience; and/or

  • You have given us your consent.


Your Privacy Rights under the GDPR

The GDPR includes the following rights for EU data subjects who provide their information to the Nonprofit in connection with our provision of legal services or when visiting our Website:

  • The right to be informed about how we store, use, or share your data;

  • The right to access your data;

  • The right to rectify your data;

  • The right to have us erase your data;

  • The right to prevent us from processing your data;

  • The right to request copies of your data from us in a commonly-used and machine-readable format, free of charge, for the purposes of transfer to a third party, where technically feasible;

  • The right to object to use or sharing of your data; and

  • The right not to be subject to automated decision-making, including profiling.


If you have any questions about these rights, you may contact us at


Data Controller

With the exception of processing payments, for which third party payment processors are the Payments Data Controllers; the Nonprofit is the “data controller,” as defined under the GDPR, or the legal entity which determines the purposes and means of the processing of personal data of the clients of the Nonprofit and visitors to its Website.  The Nonprofit is responsible for collecting your consent, managing consent-revoking, enabling right to access, etc. If you wish to revoke consent for us to store, use, or share your personal data, you may contact us at

Data Processor. The Nonprofit is the “data processor,” as defined under the GDPR, or the legal entity which processes your personal data.  The Nonprofit maintains records of any processing activities it performs, and is able to show how the Nonprofit complies with data protection principles under the GDPR. It has effective policies and procedures in place.


A cookie is a text file sent by a web server and placed on your computer by your web browser. The Nonprofit’s extranet sites use cookies to track logins and to filter data that a logged-in user has access to. This cookie also identifies users that have changed their initially-assigned default password. The Nonprofit uses this information to help customize the user’s experience on the site, to provide security, and for the other purposes specified herein.

You may reset your browser to refuse all cookies or to allow your browser to alert you when a cookie is set. However, if you select these settings you may be unable to access certain parts of the Website. Unless you have adjusted your browser settings so that it will refuse cookies, our system will issue cookies when you log on to the Website. For more information about how to manage your cookies preferences, you should use the ‘help’ menu of your web browser or explore the customer support sections of your web browser.

To opt-out of certain advertising cookies, you may wish to visit the Network Advertising Initiative (NAI) website by clicking here.

Social Media Features and Widgets

The Website includes social media features such as the Facebook “Like” button, and widgets, such as the Twitter “Share This” button that run on our Website.  These features may collect your IP address, which page you are visiting on our Website, and may set a cookie to enable the feature to function properly. Social media features and widgets are either hosted by a third party or hosted directly on our Website.  Your interactions with these features are governed by the privacy policy of the company providing it. More information about Facebook and Twitter integration on our Nonprofit’s Website is below.

Links to Other Websites

This Privacy Policy applies only to this Website and not to any third-party sites.  However, we may include links to other websites on this Website. This Privacy Policy does not address, and we are not responsible for, the privacy, information or other practices of any third parties or their websites.  The inclusion of a link on this Website does not imply endorsement of the linked site or its services by the Nonprofit.

Do Not Track Signals

“Do Not Track” signals are options available on your browser to tell operators of websites that you do not wish to have your online activity tracked.  The Nonprofit’s Website may not respond to “Do Not Track” signals or other mechanisms from a visitor’s browser. If, in the future, the Nonprofit creates a program or protocol to respond to a web browser’s “Do Not Track” signals, the Nonprofit will inform you of the details of that protocol in this Privacy Policy.  You can find out more about “Do Not Track” here.



The Nonprofit does not knowingly collect, maintain or process Personal Information submitted online by anyone under the age of 18.  If you are under 18, please do not attempt to send any Personal Data about yourself to us.  If we learn that we have collected Personal Data from a child under age 18, we will delete that information as quickly as possible.  If you believe that a child under 18 may have provided us with Personal Data, please contact us at


The Nonprofit maintains reasonable and appropriate physical, electronic and procedural safeguards intended to maintain the confidentiality of Personal Information provided by a visitor to this Website. The Nonprofit does not guarantee that these safeguards will always work or that its security measures are infallible.


The Nonprofit has internal policies and procedures in place to effectively detect, report, and investigate a data breach.  The GDPR defines a personal data breach as “a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data.”  The Nonprofit will notify you of a personal data breach where the personal data breaches are likely to present a risk to data subjects to data protection authorities (“DPAs”) without undue delay, and within 72 hours if feasible, after becoming aware of the breach; and communicate high-risk breaches to affected data subjects without undue delay. The Nonprofit will provide you with: (i) contact details of the Data Protection Officer (DPO) or other contact person, (ii) a description of the nature of the breach, (iii) likely consequences of the breach, (iv) measures the organization has taken or proposes to take to address the breach, and (v) advice on steps that EU data subjects can take to protect themselves.


Data Protection Officer

The Nonprofit is not formally required to designate a Data Protection Officer (“DPO”) because it is not: (1) a public authority; (2) an organization that carries out regular and systematic monitoring of individuals on a large scale; or (3) an organization that carries out large scale processing of special categories of data, such as health information or information about criminal convictions.  Nonetheless, the Nonprofit voluntarily elects to appoint Sophie M. Alcorn as the DPO for this Nonprofit. Ms. Alcorn is responsible for data protection compliance and can answer any questions you may have about your Personal Information. She may be reached at

Data Retention/Erasure

We will retain your Personal Information for the period of time indicated in your client fee agreement, or if you are not a client, for a period of four (4) years.  If, at any time after agreeing to this Privacy Policy, you: (1) change your mind about receiving information from us; (2) wish to revoke permission for us to retain and use your Personal Information; (3) wish to object to processing of your Personal Information; or (4)  wish for us to erase a copy of your data, please make a request to the Nonprofit at  If you request erasure of your data, we may retain some of your Personal Information only for legitimate business interests, such as fraud detection, prevention, and enhancing the safety of our Website; and to comply with our legal obligations, specifically our tax, legal reporting, and auditing obligations.

Our Response to Your Requests

If you make any requests regarding your Personal Information, we will not charge you for compliance with the request.  The Nonprofit will respond and comply within one month. The Nonprofit reserves the right to refuse or charge for requests that are manifestly unfounded or excessive.  If we refuse your request, we will tell you why we are refusing your request.  You have the right to complain to the relevant supervisory authority and to a judicial remedy, but you must do so within one month of our refusal.

Complaints. Without prejudice to any other administrative or judicial remedy, every EU data subject shall have the right to lodge a complaint with a supervisory authority, in particular in the Member State of his or her habitual residence, place of work or place of the alleged infringement of the data subject considers that the processing of personal data relating to him or her infringes this Regulation.


Data Protection Impact Assessment (DPIA)

Please Note: The Nonprofit is not required to undergo a DPIA because data processing is not likely to result in a high risk to data subjects, such as in cases where: (1) new technology is being deployed; (2) profiling operations may significantly affect individuals; or (3) processing is on a large scale and involves special categories of data.

Your California Privacy Rights

Under California Civil Code Section 1798.83, California clients and Website visitors are entitled to request information relating to whether a business has disclosed personal information to any third parties for the third parties’ direct marketing purposes.  Section 1798.83 is not applicable to the Nonprofit, as the Nonprofit has less than 20 employees. Nevertheless, if you have any questions or concerns, please let us know by emailing us at

Consultants, Suppliers and Vendors

In order to support its provision of legal services to its clients, from time to time, the Nonprofit may maintain business information about prospective or ongoing consultants, suppliers, and vendors.  The Nonprofit uses this information for internal purposes and does not share this data with unrelated third parties.  The Nonprofit requires consultants, suppliers, and vendors to maintain data protections consistent with reasonable and appropriate obligations of data processors.  Any prospective consultants, suppliers, or vendors with questions about our policies and expectations should contact


The Nonprofit reserves the right to change this Privacy Statement at any time without advance notice. Should any new policy go into effect, the Nonprofit will post it on this Website.  The Nonprofit encourages visitors to frequently check this page for any changes to its Privacy Policy.


Contact Us

If you change your mind about receiving information from us or have any questions or concerns about the use of information volunteered by you, please send us a request specifying your new choice.  Please contact us at

​Additionally, you may reach us by postal mail at:

Community For Global Innovation Inc.
PO Box 391600, Mountain View, CA 94039

bottom of page