Privacy Policy

We at Open Research Lab, Inc. (together with our subsidiaries, and affiliates, (collectively, “we”, “us”, “our”), respect your privacy and are strongly committed to keeping secure any information we obtain from you or about you. This Privacy Policy describes our practices with respect to Personal Information we collect from or about you when you access our websites or use our products and services, including application programming interfaces, associated software, tools, developer services, data and documentation, content, events, or activities (collectively, the “Services”). We also describe your privacy rights and choices; how we transfer, retain, and protect data; and other aspects of our privacy program. 

Personal Information We Collect

We collect information that alone or in combination with other information in our possession could be used to identify you (“Personal Information”) as follows:

Personal Information You Provide: We may collect Personal Information if you create an account to use our Services or communicate with us as follows:

  • User Content: When you use our Services, we may collect Personal Information that is included in the input, file uploads, or feedback that you provide to our Services (“Content”). 
  • Communication Information: If you communicate with us, we may collect your name, contact information, and the contents of any messages you send (“Communication Information”).
  • Social Media Information: We have pages on social media sites like LinkedIn. When you interact with our social media pages, we will collect Personal Information that you elect to provide to us, such as your contact details (collectively, “Social Information”). In addition, the companies that host our social media pages may provide us with aggregate information and analytics about our social media activity.

Personal Information We Receive Automatically From Your Use of the Services: When you visit, use, and interact with the Services, we may receive the following information about your visit, use, or interactions (“Technical Information”):

  • Log Data: Information that your browser automatically sends whenever you use our website(“log data”). Log data includes your Internet Protocol address, browser type and settings, the date and time of your request, and how you interacted with our website.
  • Usage Data: We may automatically collect information about your use of the Services, such as the types of content that you view or engage with, the features you use and the actions you take, as well as your time zone, country, the dates and times of access, user agent and version, type of computer or mobile device, computer connection, IP address, and the like.
  • Device Information: Includes name of the device, operating system, and browser you are using. Information collected may depend on the type of device you use and its settings.
  • Cookies: We use cookies to operate and administer our Services, and improve your experience on it. A “cookie” is a piece of information sent to your browser by a website you visit. You can set your browser to accept all cookies, to reject all cookies, or to notify you whenever a cookie is offered so that you can decide each time whether to accept it. However, refusing a cookie may in some cases preclude you from using, or negatively affect the display or function of, a website or certain areas or features of a website. For more details on cookies please visit All About Cookies.
  • Analytics: We may use a variety of online analytics products that use cookies to help us analyze how users use our Services and enhance your experience when you use the Services.

Other Personal Information: We may collect other Personal Information from a variety of sources:

  • Photos and videos:  We may collect photos and videos captured at events or shared on any interactive areas of the Services, such as a community or blog.
  • Information we derive or infer about you:  We may collect evaluations, observations and inferences we derive from the information we obtain about you.
  • Information from third parties:  This includes information provided to us by event participants, or your colleagues or contacts who submit information to us about their ideas or proposals, or others. 

Why We Use Personal Information

Certain laws, such as GDPR, describe various lawful reasons to “process” (i.e. collect, use, and share) personal information. Our reasons for processing are described below:


We ask for your consent to process your personal information for specified purposes at relevant times when you interact with the Services.


We process your information as necessary for the performance of a contract you have entered into with us, such as the Terms of Use or an event release.

Legal Obligations

We process information to comply with legal, tax, and compliance obligations or lawful requests for information from a court or government authority.

Protection from Harm

We process information where necessary to protect an individual from serious physical harm or injury.

Legitimate Interests

We process information for our and others’ (including your) legitimate interests, such as commercial interests, individual interests or broader societal benefits.

We rely on “legitimate interests” when we use data in ways people would reasonably expect based on the circumstances, and where the use would have a minimal privacy impact, or where there is a compelling justification for the use. Our legitimate interests are described in “How We Use Data” below.

How We Use Personal Information

We may use personal information for the following purposes:

Provide the Services: Legitimate interests

  • Identify you
  • Communicate with you about the Services and respond to your communications
  • Provide websites, newsletters, blogs, community spaces, or other interactive features
  • Review your submissions of ideas or proposals
  • Provide requested content and programming
  • Publish content (such as journal articles)
  • Obtain services to operate and manage the Services, such as web and database hosting, IT support, operations, communication services, research tools, and data analytics
  • Enable connections you request between the Services and third party tools or services
  • Build and develop the Services
  • Organize, host, and invite people to events (e.g. conferences)
  • Tailor the Services to local customs and industry standards
  • Maintain health and safety at in-person events
  • Provide reasonable accommodations
  • Provide relevant or personalized content
  • Improve the accuracy of the Services
  • Verify information provided to us
  • Enforce our policies and terms
  • Perform data analytics, accounting, auditing and other internal functions

Marketing communications and use of non-essential cookies and other technologies: Consent

  • Send emails promoting goods and services other than the Services you’ve requested

Safety and security: Legitimate interests

  • Maintain and enhance the safety and security of the Services, protect against and prevent fraud, misuse, unauthorized transactions, claims, and other liabilities

Research: Legitimate interests

  • Support research, analysis, and publication on topics relevant to the Services

Improve the Services and develop new services: Legitimate interests

  • Evaluate and improve the Services
  • Perform debugging to identify, prevent, and repair errors that impair or may impair the Services
  • Verify or maintain the quality of the Services
  • Develop new programs and services

Legal compliance and claims: Legal obligations

  • Comply with applicable laws and regulations
  • Maintain or defend legal claims
  • Respond to valid requests for information from courts, litigants, and governmental or official agencies and organizations

Other uses

  • We also may use information in other ways for which we will provide information when and if such uses arise

Aggregated or De-Identified Information. We may aggregate or de-identify Personal Information and use the aggregated information to analyze the effectiveness of our Services, to improve and add features to our Services, to conduct research  and for other similar purposes. In addition, from time to time, we may analyze the general behavior and characteristics of users of our Services and share aggregated information like general user statistics with third parties, publish such aggregated information or make such aggregated information generally available. We may collect aggregated information through the Services, through cookies, and through other means described in this Privacy Policy. We will maintain and use de-identified information in anonymous or de-identified form and we will not attempt to reidentify the information.

Information Sharing

In certain circumstances, we may provide your Personal Information to third parties without further notice to you, unless required by the law:


We may disclose Personal Information to our affiliates, meaning an entity that controls, is controlled by, or is under common control with Open Research Lab, Inc. Our affiliates may use the Personal Information we share in a manner consistent with this Privacy Policy.

Other participants

Information you share in public-facing areas of the Services, community features, or at events will be visible to anyone with access to those public spaces (virtual or physical)

Professional connections

We may disclose Personal Information to individuals in our constituents’ professional networks. 

Vendors and service providers

To assist us in meeting business operations needs and to perform certain services and functions, we may provide Personal Information to vendors and service providers, including providers of hosting services, cloud services, and other information technology services providers, event management services, email communication software and email newsletter services, and web analytics services. Pursuant to our instructions, these parties will access, process, or store Personal Information only in the course of performing their duties to us.

  • Most of our service providers are located in the United States.
  • We do not authorize service providers to use or disclose information except as necessary to perform services on our behalf or comply with legal requirements.

Business Transfers

If we are involved in strategic transactions, reorganization, bankruptcy, receivership, or transition of service to another provider (collectively a “Transaction”), your Personal Information and other information may be disclosed in the diligence process with counterparties and others assisting with the Transaction and transferred to a successor or affiliate as part of that Transaction along with other assets.


If required to do so by law or in the good faith belief that such action is necessary to (i) comply with a legal obligation, including to meet national security or law enforcement requirements, (ii) protect and defend our rights or property, (iii) prevent fraud, (iv) act in urgent circumstances to protect the personal safety of users of the Services, or the public, or (v) protect against legal liability.

Please contact us as specified in the “How To Contact Us” section of this Privacy Policy if you would like to obtain more information about the affiliates, subsidiaries and other third parties with whom we may share personal information.

Your Rights and Choices

We offer you certain choices in connection with the personal information we collect from you. To update your preferences, limit the communications you receive from us, or submit a request, please contact us as indicated in the “How To Contact Us” section of this Privacy Policy. You can unsubscribe from our marketing mailing lists by following the “Unsubscribe” link in our emails or contacting us as specified in the “How To Contact Us” section below. We will apply your preferences going forward.

Depending on the laws that apply to you, including GDPR, you may have the rights provided below, some of which may apply generally, and some of which apply only in certain circumstances, described below:


Access personal information we process about you and obtain information about our processing


Correct inaccurate information or supplement incomplete information


Erase personal information, when, for instance, it is no longer needed or where you have withdrawn your consent and there is no other legal basis for the processing

Restrict Processing

Limit our processing of your information, for instance, where we no longer need it but you do not want it to be erased because it is needed in connection with a legal claim


Object to processing for direct marketing purposes, or to processing based on “legitimate interests” (explained above) unless we have compelling reasons to continue processing or where it is needed in connection with a legal claim

Withdraw consent

Withdraw consent you’ve previously given, without penalty, but we will have to cease carrying out the purposes for which you consented to processing, which may affect our ability to provide certain aspects of the Services to you


Request that we provide you a copy of personal information you have provided us, where the processing is based on consent or is carried out by automated means

To exercise any of these rights, please contact us as indicated in the “How To Contact Us” section below. If you are located in the European Economic Area (EEA), you also may lodge a complaint with the data protection authority in your country of residence.

California Privacy Rights

The following provides additional information about how we disclose Personal Information. You can read more about the Personal Information we collect in “Personal information we collect” above, how we use Personal information in “How we use personal information” above, and how we retain personal information in “Retention of Personal Information” below.

Identifiers, such as your contact details

We disclose this information to our affiliates, vendors and service providers, law enforcement, and parties involved in Transactions.

Commercial Information, such as your transaction history

We disclose this information to our affiliates, vendors and service providers, law enforcement, and parties involved in Transactions.

Network Activity Information, such as Content and how you interact with our Services

We disclose this information to our affiliates, vendors and service providers, law enforcement, and parties involved in Transactions.

Geolocation Data

We disclose this information to our affiliates, vendors and service providers, law enforcement, and parties involved in Transactions.

Your account login credentials (Sensitive Personal Information)

We disclose this information to our affiliates, vendors and service providers, law enforcement, and parties involved in Transactions.

To the extent provided for by law and subject to applicable exceptions, California residents have the following privacy rights in relation to their Personal Information:

  • The right to know information about our processing of your Personal Information, including the specific pieces of Personal Information that we have collected from you;
  • The right to request deletion of your Personal Information;
  • The right to correct your Personal Information; and
  • The right to be free from discrimination relating to the exercise of any of your privacy rights.

We don’t sell or share Personal Information as defined by the California Consumer Privacy Act, as amended by the California Privacy Rights Act. We also don’t process sensitive personal information for the purposes of inferring characteristics about a consumer.

Exercising Your Rights. California residents can exercise their CCPA privacy rights by sending their request to

Verification. In order to protect your Personal Information from unauthorized access, change, or deletion, we may require you to verify your credentials before you can submit a request to know, correct, or delete Personal Information. If you do not have an account with us, or if we suspect fraudulent or malicious activity, we may ask you to provide additional Personal Information and proof of residency for verification. If we cannot verify your identity, we will not provide, correct, or delete your Personal Information.

Authorized Agents. you may submit a rights request through an authorized agent. If you do so, the agent must present signed written permission to act on your behalf and you may also be required to independently verify your identity and submit proof of your residency with us. Authorized agent requests can be submitted to

Data Transfers

We may transfer your personal information to recipients in other countries that have different data protection laws. When we do so, we will protect that information as described in this Privacy Policy and will comply with applicable legal requirements, providing adequate protection for the transfer.

If we transfer personal information from the EEA, UK or Switzerland to a country that has not been recognized by the European Commission as providing an adequate level of data protection, we will use appropriate contractual terms with the recipients to safeguard the information. Further information about our data transfer safeguards may be obtained by contacting us as indicated in the “How To Contact Us” section below.

Retention of Personal Information

We will retain your personal information for the duration of our relationship, plus a reasonable period to comply with the applicable statute of limitation periods and records retention requirements under applicable laws, or during the pendency of any legal claims or lawful requests or investigations.

We may also anonymize or de-identify your Personal Information (so that it can no longer be associated with you) for research or statistical purposes, as described above, in which case we may use this information indefinitely without further notice to you.

How We Protect Personal Information

We implement commercially reasonable technical, administrative, and organizational measures to protect Personal Information both online and offline from loss, misuse, and unauthorized access, disclosure, alteration, or destruction. However, no Internet or email transmission is ever fully secure or error free. In particular, email sent to or from us may not be secure. Therefore, you should take special care in deciding what information you send to us via the Service or email. In addition, we are not responsible for circumvention of any privacy settings or security measures contained on the Service, or third party websites.

Children's Privacy

The Services are intended for individuals at least 18 years of age. We do not knowingly collect personal information online from children under the age of 13.

Other Online Services and Third-Party Features

For your convenience and information, we may provide links to other online services, and may include third-party features such as apps, tools, communication platforms or communities, widgets and plugins. The privacy practices of the relevant third parties, including details on the information they may collect about you, is subject to the privacy statements of these parties, which we strongly suggest you review. These third-party services or features are not owned or controlled by us and we are not responsible for their information practices.

How to Contact Us

Open Research Lab, Inc. is responsible for processing personal information as described in this Privacy Policy.

If you have any questions, requests or comments about this Privacy Policy or to exercise your rights, please email us at You also may write to: 1960 Bryant Street, San Francisco, CA 94110, ATTN: Open Research Lab, Inc.