Member and Participant Privacy Policy

We are committed to safeguarding the privacy of our members and participants. Our business is built upon your trust in us. We have worked hard to earn that trust and will not squander it. As described below, our business involves collecting and using Personal Data (defined below) of people like you. This Member and Participant Privacy Policy (as defined below) describes how we use that data. It includes a number of provisions written in formal legal terms. They are important and you should read them carefully. That said, let us be very clear about the principles that guide our Member and Participant Privacy Policy.

• We will never sell your Personal Data.
• We will only share your Personal Data with third parties as described in this Member and Participant Privacy Policy or with your explicit consent.
• If you ask us to delete your Personal Data, we will.

2.1 This privacy policy (“Member and Participant Privacy Policy”) sets out how Tapestry Networks, Inc. (“Tapestry Networks,” “we,” “us” and/or “our”) will process the Personal Data (as described below) of (i) participants (as defined below) and (ii) past, present or prospective network members (in the case of each of (i) and (ii), “you” or “your”). For the purposes of this Member and Participant Privacy Policy, a “participant” is an individual who attends and participates in the meetings of a Tapestry network, without being a member (including for example guests attending from industry regulators, or relevant businesses). If you do decide to join us as a network member or participant, your Personal Data will be collected by us through your completion of our member and participant information sheet or by third parties who help us to build a more complete profile (your “Participant Profile”) of you as a network member or participant. Tapestry Networks acts as a data controller of your Personal Data.

2.2 Our goal is to bring together senior leaders from business and institutions to address critical challenges confronting them, and to anticipate and influence the economic and social forces that are reshaping today’s business world (our service is referred to as “Tapestry Networks Services” in this Member and Participant Privacy Policy).

2.3 This Member and Participant Privacy Policy sets out the basis on which all Personal Data we collect about you, or that you provide to us, will be stored, used, disclosed and otherwise processed by us. Please read this document carefully to understand our views and practices regarding your Personal Data and how we will treat it.

2.4 If you access our website at www.tapestrynetworks.com (“the Website”) or interact with Tapestry Networks in a general capacity other than as a network member or participant, our general Privacy Policy (a copy of which can be found here) will govern your use of the Website and your general interaction with Tapestry Networks. In the event of any conflict between this Member and Participant Privacy Policy and the general Privacy Policy, with respect to your role as a member or participant, the terms of this Member and Participant Privacy Policy shall govern.

2.5 As referred to in this Member and Participant Privacy Policy “Personal Data” means any information relating to an identified or identifiable natural person (a “data subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person and where referred to in this policy includes special categories of personal data.

2.6 Tapestry Networks respects your privacy and is committed to protecting your Personal Data.

We may collect Personal Data and other information about you from the following sources:

3.1 Information you give to us. This is information about you that you voluntarily provide to us as a network member or participant, which will include you completing our member information sheet, and corresponding with us via email, telephone, postal mail or otherwise. Such Personal Data may include your name, company, address, telephone number, transcriptions and audio recordings of video or conference calls in which you participate, email address, personal description, biography, employment history, ethnicity, gender, photograph, electronic payment instructions and other information gathered through such communications.

3.2 Information we receive from other sources. In addition to Personal Data collected directly from you we may also gather publicly available information from other sources, such as through BoardEx (a company we employ to provide information services), in order to build up your Participant Profile, benefiting both you and our other network members and participants.

3.3 Aggregated Personal Data. In an ongoing effort to better understand and serve our network members and participants when providing the Tapestry Networks Services, Tapestry Networks often conducts research on its network member and participant demographics, interests, and behavior based on the Personal Data and other information provided to us. This research may be compiled and analyzed on an aggregate basis, and Tapestry Networks may share this aggregate data with its affiliates, agents, and business partners. This aggregate information does not identify you personally. Tapestry Networks may also disclose aggregate statistics of network members and participants in order to describe our services to current and prospective business partners, and to other third parties for other lawful purposes.

4.1 Tapestry Networks uses the Personal Data you provide or that is collected about you in a manner that is consistent with this Member and Participant Privacy Policy. Generally, the purpose of our processing this Personal Data will be to provide our Tapestry Networks Services, including (but not limited to) allowing Participant Profiles and meeting materials to be produced, shared and updated, and for practical arrangements to be made for you to attend our events.

4.2 We will usually only contact you about the network of which you are a member. However, we may also contact you about other Tapestry Networks Services which we think may be of interest to you, and to provide you with information and updates about our business and services. You may opt out of receiving these emails at any time, by contacting us using the contact details in paragraph 11.3 below or following such other instructions we may provide, including in any communication from us.

4.3 If Tapestry Networks intends to use any of your Personal Data in any manner that is not consistent with this Member and Participant Privacy Policy, you will be informed of such anticipated use prior to or at the time at which the Personal Data is collected.

4.4 Personal Data and other information you provide to Tapestry Networks will be kept by Tapestry Networks for no longer than is necessary for the purposes for which your Personal Data is processed, or otherwise as is required by applicable law. To determine the appropriate retention period for Personal Data, we consider the amount, nature, and sensitivity of the Personal Data, the potential risk of harm from unauthorized use or disclosure of that Personal Data, the purposes for which we process your Personal Data and whether we can achieve those purposes through other means, and the applicable legal requirements.

4.5 We may anonymize your Personal Data (so that it can no longer be associated with you) for research or statistical purposes, in which case we may use this information indefinitely without further notice to you.

5.1 To build community and trust in our meetings, events, and activities, we often share biographies and photographs with other meeting participants. We sometimes use elements of a biography, including a photograph, on our website or in other materials as described in this Network and Member Privacy Policy, including to demonstrate to others the type of people that participate in Tapestry Networks’ Services. By agreeing to the terms of this Member and Participant Privacy Policy, you agree that you grant to Tapestry Networks a non-exclusive, worldwide, royalty-free and perpetual (unless otherwise revoked) license to use your biography and photograph in connection with the Tapestry Networks Services (the “License”), including to copy, excerpt, adapt, distribute and publicly display your photograph and biography in network meeting materials, on our Website, in our network membership directory and for all purposes and in all forms and media related thereto. You agree that we are permitted to grant to third parties at our sole discretion a sub-license in the same terms as the License. As described in Section 4.2, you can revoke your permission for us to use your biography and photograph at any time.

5.2 You may revoke the License at any time. In order to do so, please contact us using the contact details in paragraph 11.3, below. Please note that, if you choose to revoke the License, you may not be able to benefit from some or all of the Tapestry Networks Services and we may be unable to remove the Licensed information from materials circulated prior to your revocation.

As stated in our Guiding Principles, we are committed to safeguarding your privacy. In order to provide the Tapestry Networks Services as well as to perform our other business purposes, sometimes we may make limited disclosures of Personal Data without advance notice, such as when we send an agenda naming the expected attendees at one of our meetings or when we create a membership directory or fact sheet that lists members of a given network. This section describes the circumstances where we may share some of your Personal Data.:

6.1 Network Members Participants, Sponsors and Guests: We encourage our network members and participants to build relationships inside and outside of the network meetings. We also want attendees at our events to know who else is expected to attend a forthcoming meeting or who attended past events. To that end, we may share some Personal Data with other network members, participants, sponsors, and guests without additional consent. However, we will not intentionally share your contact information – including your email address and phone number – without your explicit consent, except as otherwise provided in this Network Member and Participant Privacy Policy.

6.2 Tapestry Networks Publications: Some of your Personal Data – but not your email address or phone number – may be added to our publications, such as when we list network members or participants in a meeting in a ViewPoints or Summary of Themes or list network members in a Membership Directory or Fact Sheet.

6.3 The Website: A small area of the Website allows visitors to view information about the people who make our networks possible – members and participants like you. This entails the ability to view your biography and photo.

6.4 Business Transfers: We are not in the business of selling your Personal Data, but your data may be part of a few potential business transfers as explained below. We reserve the right to transfer your Personal Data to a third party in the event of a sale, merger or other transfer of all or substantially all of the assets of Tapestry Networks or any of its Corporate Affiliates (as defined below), or that portion of Tapestry Networks or any of its Corporate Affiliates to which the Tapestry Networks Services relate, or in the event that we discontinue our business or file a petition or have filed against us a petition in bankruptcy, reorganization or similar proceeding, provided that the third party agrees to adhere to the terms of this Member and Participant Privacy Policy.

6.5 Related Companies: We may disclose your Personal Data to our Corporate Affiliates. For purposes of this Member and Participant Privacy Policy: “Corporate Affiliate” means any person or entity which directly or indirectly controls, is controlled by or is under common control with Tapestry Networks, whether by ownership or otherwise; and “control” means possessing, directly or indirectly, the power to direct or cause the direction of the management, policies or operations of an entity, whether through ownership of fifty percent (50%) or more of the voting securities, by contract or otherwise. Any information relating to you that we provide to our Corporate Affiliates will be treated by those Corporate Affiliates in accordance with the terms of this Member and Participant Privacy Policy.

6.6 Agents, Consultants and Related Third Parties: Tapestry Networks, like many businesses, sometimes hires other companies (“Outside Contractors”) to perform certain business-related functions. Examples of such functions include collecting information, as referred to in paragraph 3, sending information, maintaining databases, and processing payments. We use reasonable efforts to ensure that these Outside Contractors are capable of (1) protecting the privacy of your Personal Data consistent with this Member and Participant Privacy Policy, and (2) not using or disclosing your Personal Data for any purpose other than providing us with the products or services for which we contracted or as required by law.

6.7 Legal Requirements: Tapestry Networks may disclose your Personal Data if required to do so by applicable law or in the good faith belief that such action is necessary to (i) comply with a legal obligation, including without limitation in order to comply with an applicable statute, regulation, rule or law, a subpoena, a search warrant, a court or regulatory order, lawful requests by public authorities, including to meet national security or law enforcement requirements, or other valid legal process, (ii) protect and defend the rights or property of Tapestry Networks, (iii) act in urgent circumstances to protect the personal safety of our network members, participants or the general public, or (iv) protect against legal liability. We may disclose Personal Data in special circumstances when we have reason to believe that disclosing such Personal Data is necessary to identify, contact or bring legal action against someone who may be violating a contract with us, to detect fraud, for assistance with a delinquent account, or to protect the safety and/or security of our users, the Tapestry Networks Services or the general public.

If you choose not to provide any Personal Data, you will not be able to use or benefit from the Tapestry Networks Services.

Tapestry Networks takes reasonable steps to protect the Personal Data it holds about its network members and participants from loss, misuse, and unauthorized access, disclosure, alteration, or destruction. Please bear in mind that no communication via the Internet or e-mail transmission is ever fully secure or error free. Therefore, you should take special care in deciding what information you send to us via e-mail. Please keep this in mind when disclosing any Personal Data to Tapestry Networks via the Internet.

The Tapestry Networks Services and our business may change from time to time. As a result, at times it may be necessary for Tapestry Networks to make changes to this Member and Participant Privacy Policy. Tapestry Networks reserves the right to update or modify this Member and Participant Privacy Policy at any time. We will provide you with a copy of the updated or modified policy. This Member and Participant Privacy Policy was last updated on the date indicated at the end of this document. Unless your specific consent is required, which we will seek from you, your continued use of the Tapestry Networks Services after any changes or revisions to this Member and Participant Privacy Policy shall indicate your agreement with the terms of such revised Member and Participant Privacy Policy.

The following provisions shall apply to any and all Personal Data which you provide to us or we collect about you from other sources if you are a data subject in the European Economic Area (the “EEA”):

10.1 We will only use your Personal Data to the extent that the law allows us to do so. Under the General Data Protection Regulation (the “GDPR”) we will rely on the following legal bases for processing your Personal Data:

(a) where it is necessary to perform a contract we have entered into or are about to enter into with you; (b) where it is necessary for the purposes of our legitimate interests (or those of a third party) and your interests or fundamental rights and freedoms do not override those interests. Our legitimate interest means our interest in conducting and managing our business, including enabling us to provide you and our other network members and participants with the best services we can and the best and most secure experience when dealing with us. In assessing our legitimate interests, we make sure we consider and balance any potential impact (both positive and negative) on you and others and your rights; and (c) where you have given us your consent.

10.2 We may share your Personal Data with third parties, as referred to in paragraph 6 above, and including our Corporate Affiliates and other members who receive our Tapestry Network Services. If this involves transferring your Personal Data outside the EEA, unless the transfer is necessary for the performance of a contract between you and us (or to implement pre-contract measures at your request), we will ask you to provide your consent on the member information sheet we require that you complete. Protection will be afforded to your Personal Data by ensuring at least one of the following safeguards or derogations is implemented:

(a) We may transfer your Personal Data to countries that have been deemed to provide an adequate level of protection for Personal Data by the European Commission; (b) We may use model contracts and/or clauses approved by the European Commission which give Personal Data the same protection it has in the EEA; (c) Where we transfer Personal Data to third parties in the US, we may transfer data to them if they are part of the Privacy Shield which requires them to provide similar protection to Personal Data shared between Europe and the US; or (d) Where you have specifically consented to the proposed transfer; you hereby expressly grant consent to us to: (a) process and disclose your Personal Data (including special categories of Personal Data, including without limitation Personal Data regarding your ethnicity) in accordance with this Member and Participant Privacy Policy; (b) transfer such Personal Data (including special categories of Personal Data, including without limitation Personal Data regarding your ethnicity) throughout the world, including to the United States or other countries that do not ensure adequate protection for personal data (as determined by the European Commission); and (c) disclose such Personal Data (including special categories of Personal Data, including without limitation Personal Data regarding your ethnicity) to comply with lawful requests by public authorities, including to meet national security or law enforcement requirements.

Please contact us as indicated in paragraph 11 below if you want further information on the specific mechanism used by us when transferring your Personal Data out of the EEA.

10.3 Under certain circumstances, you have the right to:

(a) Request access to your Personal Data (commonly known as a “subject access request”). This enables you to receive a copy of the Personal Data we hold about you and to check that we are lawfully processing it. (b) Request correction of the Personal Data that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected, though we may need to verify the accuracy of the new data you provide to us. (c) Request erasure of your Personal Data. This enables you to ask us to delete or remove Personal Data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your Personal Data in certain other circumstances, namely where you have successfully exercised your right to object to processing (see paragraph 10.3 (d) below), where we may have processed your information unlawfully or where we are required to erase your Personal Data to comply with local law. Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request. (d) Object to processing of your Personal Data where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedoms. You also have the right to object where we are processing your Personal Data for direct marketing purposes. In some cases, we may demonstrate that we have compelling legitimate grounds to process your information which override your rights and freedoms. (e) Request the restriction of processing of your Personal Data. This enables you to ask us to suspend the processing of Personal Data about you, for example, if you want us to establish its accuracy or the reason for processing it. (f) Request the transfer of your Personal Data to you or to another person or entity. In that case we will provide to you, or to the person or entity to whom you wish us to transfer your Personal Data, your Personal Data in a structured, commonly used, machine-readable format. (g) Withdraw consent at any time where we are relying on consent to process your Personal Data. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide our services to you. We will advise you if this is the case at the time you withdraw your consent. (h) Lodge a complaint with the applicable supervisory authority (as defined in the GDPR). If you have any complaints about the way in which we process your Personal Data please do contact us, as set out in paragraph 11 below, as we would appreciate the opportunity to resolve your complaint.

10.4 If you want to review, verify, correct or request erasure of your Personal Data, object to the processing of your Personal Data, or request that we transfer a copy of your Personal Data to another person, please contact us using the contact details provided in paragraph 11 below.

13.1 To keep your Personal Data accurate, current, and complete, please contact us as set out in paragraph 11.3 below. If required to do so we will take reasonable steps to update or correct your Personal Data.

13.2 Please also feel free to contact us if you have any questions about this Member and Participant Privacy Policy.

13.3 You may contact us as follows:
Email: info@TapestryNetworks.com
Phone: +1 781 290 2270
Fax: +1 781 290 2271
Address: 303 Wyman Street, Suite 300, Waltham, MA 02451, USA

This Privacy Policy was last updated on, and is effective as of, May 26, 2021.