Privacy Policy

LEI is committed to protecting your privacy. This LEI Privacy Policy applies to data collection and usage on lean.org. Please read the LEI Privacy Policy below.

  1. INFORMATION WE COLLECT
  2. HOW WE USE INFORMATION WE COLLECT
  3. SHARING AND DISCLOSURE
  4. SECURITY
  5. YOUR RIGHTS
  6. LEI INTELLECTUAL PROPERTYTHIRD PARTY PARTNERS AND INTEGRATIONS
  7. CHANGES TO THIS PRIVACY POLICY
  8. CONTACT US

1. INFORMATION WE COLLECT

There are two general categories of information we collect.

1.1 Information You Give to Us

LEI stores information that you provide when submitting a member profile through our site. LEI does not distribute, sell, or lease member lists to third parties. LEI may, from time to time, contact you about a particular offering, to update your member profile, or about LEI services that may be of interest to you.

1.1.1 Information that is necessary for the use of the Site (required; provided as necessity).

We require and collect the following personal information about you when you use the Site. The following information is required becuase without it, we may not be able to provide you will all the requested services.

  • Account Information. When you sign up for a lean.org Account, we require certain information such as your first name, last name, email address, the business name, industry, title, geographic location, and password you choose.
  • Payment Information To use certain features of the Site (such as ordering products or Services), we may require you to provide to our third party payment processor, certain financial information (like credit card information) in order to facilitate the processing of payments. All financial information will be collected directly by third party payment processors according to their privacy policies.
  • Communications with lean.org and other users and customers. When you communicate with lean.org or use the Site to communicate with other users and customers, we collect information about your communication and any information you choose to provide.

If you wish to use the Site, we require the aforementioned information; if you do not want to provide this information, you should not use the Site.

1.1.2 Information you choose to give us (optional; provided with consent).

While not required, you may choose to provide us with additional personal information to obtain a better user experience when using Site. This optional, additional information will be processed based on your consent and includes:

  • Other Information. You may choose to provide us information when you fill in a form, conduct a search, update or add information to your lean.org account, respond to surveys, post to community forums (where your name will be visible to others), participate in promotions, or use other features of the Site. In these situations, lean.org will collect the requisite consent.

1.2 Information We Automatically Collect from Your Use of the Site

When you use the Site, we automatically collect information, including personal information, about the services you use and how you use them. This information is necessary for the performance of a contract in which the data subject is a party and to allow us to comply with our legal obligations under the contract and more generally. Also, this information is necessary given our legitimate interest in being able to provide and improve the functionalities of the Site.

  • Geo-location Information. When you use certain features of the Site, we may collect information about your precise or approximate location as determined through data such as your IP address or mobile device’s GPS to offer you an improved user experience. Most mobile devices allow you to control or disable the use of location services for applications in the device’s settings menu.
  • Usage Information. We collect information about interactions with the Site such as the pages or content viewed, searches for Products or Services, none of which is traced back to a specific person.
  • Log Data and Device Information. We automatically collect log data and device information when you access and use the Site, even if you have not created a lean.org account or logged in. That information includes, among other things: details about how you’ve used the Site, IP address, access dates and times, hardware and software information, device information, device event information, unique identifiers, crash data, cookie data, and the pages you’ve viewed or engaged with before or after using the Site.
  • Cookies and Similar Technologies. We use cookies and other similar technologies, such as web beacons, pixels, and mobile identifiers. We may also allow our business partners to use these tracking technologies on the Site, or engage others to track your behavior on our behalf. You may disable the usage of cookies through your browser settings.

2. HOW WE USE INFORMATION WE COLLECT

We use, store, and process information, including personal information, about you to provide and improve the Site and comply with our legal obligations.

2.1 Provide and Improve the Site

  • Enable you to access and use the Site.
  • Enable you to communicate with other users.
  • Operate, protect, improve, and optimize the Site and experience, such as by performing analytics and conducting research.
  • Provide customer service.
  • Send you service or support messages, updates, security alerts, and account notifications.
  • Send you promotional messages and other information that may be of interest to you based on your preferences (including information about LEI.

We process this information given our legitimate interest in improving the Site and our users’ and customers’ experience with it, and where it is necessary for the performance of the contract with you and/or a legal obligation. You can opt-out of receiving communications from us by following the unsubscribe instructions included in our marketing communications or changing your notification settings within your lean.org account.

2.2 Comply With Our Legal Obligations

  • Detect and prevent fraud, spam, abuse, security incidents, and other harmful activity.
  • Conduct security investigations and risk assessments.
  • Conduct checks against databases and other information sources, to the extent permitted by applicable laws.
  • Resolve any disputes with any of our users.

We process this information given our legitimate interest and legal obligation to protect the Site, to measure the adequate performance of our contract with you, and to comply with applicable laws. Lean.org may process your information if it is necessary for legitimate interests, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data.

3. SHARING AND DISCLOSURE

Processing is lawful only if and to the extent one of the following applies:

3.1 Your data is never shared with third parties

3.2 Other Siturations

3.2.1 Profiles and other Public Information

The Site lets you publish information, including personal information, that is visible to the general public. For example:

  • If you submit content in a community or discussion forum, blog or social media post, or use a similar feature on the Site, that content is publicly visible.

Information you share publicly on the Site may be indexed through third party search engines. If you change your public-facing content, these search engines may not update their databases. We do not control the practices of third party search engines, and they may use caches containing your outdated information.

3.2.2 Compliance with Law, Responding to Legal Requests, Preventing Harm and Protection of our Rights

Lean.org may disclose your information, including personal information, to courts, law enforcement or governmental authorities, or authorized third parties, if and to the extent we are required or permitted to do so by law or if such disclosure is reasonably necessary: (i) comply with our legal obligations, (ii) to comply with legal process and to respond to claims asserted against lean.org, (iii) to respond to verified requests relating to a criminal investigation or alleged or suspected illegal activity or any other activity that may expose us, you, or any other of our users to legal liability, (iv) to enforce and administer our Terms of Service or other agreements with our users and customers, or (v) to protect the rights, property or personal safety of lean.org, its employees, its users, customers or members of the public.

Where appropriate, we may notify users and customers about legal requests unless: (i) providing notice is prohibited by the legal process itself, by court order we receive, or by applicable law, or (ii) we believe that providing notice would be futile, ineffective, create a risk of injury or bodily harm to an individual or group, or create or increase a risk of fraud upon LEI’s property, its users and customers and the Site. In instances where we comply with legal requests without notice for these reasons, we will attempt to notify that user or customer about the request after the fact where appropriate and where we determine in good faith that we are no longer prevented from doing so.

3.2.3 Service Providers

Since lean.org is a global network, it conducts activities globally. In doing so, lean.org uses a variety of third parties to help us provide services related to the Site. Service providers may be located inside or outside of the European Economic Area (“EEA“). The EEA unites the EU Member States and the three EEA EFTA States (Iceland, Liechtenstein, and Norway) into a market governed by the same basic rules (such as GDPR).

For example, service providers may help us: (i) verify your identity or authenticate your identification documents, (ii) check information against public databases, (iii) conduct background or police checks, fraud prevention, and risk assessment, (iv) perform product development, maintenance and debugging.

If lean.org needs to share your information, including personal information, with a service provider, in order to ensure the adequate performance of our contract with you, we are permitted to do so.

3.2.4 Business Transfers

If LEI undertakes or is involved in any merger, acquisition, reorganization, sale of assets, bankruptcy, or insolvency event, then we may transfer some or all of our assets, including your information in connection with such transaction or in contemplation of such transaction (e.g., due diligence). In this event, LEI will notify you before your personal information is transferred and becomes subject to a different privacy policy.

3.2.6 Aggregated Data

We may also share aggregated information (information about our users that we combine together so that it no longer identifies or references an individual user) and other anonymized information for regulatory compliance, industry and market analysis, insights about the sector, demographic profiling, marketing and advertising, and other business purposes. We may share this aggregated data with the public.

4. SECURITY

We are continuously implementing and updating administrative, technical, and physical security measures to help protect your information against unauthorized access, loss, destruction, or alteration. Some of the safeguards we use to protect your information are firewalls and data encryption, and information access controls. If you know or have reason to believe that your lean.org Account credentials have been lost, stolen, misappropriated, or otherwise compromised or in case of any actual or suspected unauthorized use of your lean.org Account, please contact us following the instructions in the Contact Us section below.

5. YOUR RIGHTS

You may exercise any of the rights described in this section by sending an email to webmaster@lean.org. Please note that we may ask you to verify your identity before taking further action on your request.

5.1 Managing Your Information

You may access and update some of your information through your Profile settings. You are responsible for keeping your personal information up-to-date.

5.2 Rectification of Inaccurate or Incomplete Information

You have the right to ask us to correct inaccurate or incomplete personal information concerning you (and which you cannot update yourself within your lean.org account).

5.3 Data Access and Portability

In some jurisdictions, applicable law may entitle you to request copies of your personal information held by us. You may also be entitled to request copies of personal information that you have provided to us in a structured, commonly used, and machine-readable format and/or request us to transmit this information to another service provider (where technically feasible).

5.4 Data Retention and Erasure

We generally retain your personal information for as long as is necessary for the performance of the contract between you and us and to comply with our legal obligations. If you no longer want us to use your information to provide the site to you, you can request that we erase your personal information and close your lean.org account. Please note that if you request the erasure of your personal information:

  • We may retain some of your personal information as necessary for our legitimate business interests, such as fraud detection and prevention and enhancing safety. For example, if we suspend a lean.org account for fraud or safety reasons, we may retain certain information from that lean.org account to prevent that user or customer from opening a new lean.org account in the future.
  • We may retain and use your personal information to the extent necessary to comply with our legal obligations. For example, lean.org may keep some of your information for tax, legal reporting and auditing obligations
  • Information you have shared with others (e.g., forum postings) may continue to be publicly visible on the site, even after your lean.org account is cancelled. Additionally, some copies of your information (e.g., log records) may remain in our database.
  • Because we maintain the site to protect from accidental or malicious loss and destruction, residual copies of your personal information may not be removed from our backup systems for a limited period of time.

5.5 Withdrawing Consent and Restriction of Processing

Where you have expressly provided your consent to the processing of your personal information by lean.org you may withdraw your consent at any time by changing your Account settings or by sending a communication to lean.org specifying which consent you are withdrawing. Please note that the withdrawal of your consent does not affect the lawfulness of any processing activities based on such consent before its withdrawal. Additionally, in some jurisdictions, applicable law may give you the right to limit the ways in which we use your personal information, in particular where (i) you contest the accuracy of your personal information; (ii) the processing is unlawful and you oppose the erasure of your personal information; (iii) we no longer need your personal information for the purposes of the processing, but you require the information for the establishment, exercise or defense of legal claims; or (iv) you have objected to the processing pursuant to Section 5.6 and pending the verification whether the legitimate grounds of lean.org override your own

5.6 Objection to Processing

In some jurisdictions, applicable law may permit you to legally object to lean.org’s processing. In these instances, you may require lean.org not to process your personal information for specific purposes (including profiling) where such processing is based on legitimate interest. If you object to such processing lean.org will no longer process your personal information for these purposes unless we can demonstrate a legal basis for doing so or such processing is required for the establishment, exercise or defense of legal claims.

At any time, regardless of applicable law, you may object to us processing your personal information for direct marketing purposes. You may, at any time, ask lean.org to cease processing your data for these direct marketing purposes by sending an e-mail to webmaster@lean.org.

5.7 Lodging Complaints

With respect to GDPR, you have the right to submit complaints about the data processing activities carried out by lean.org before the Information Commissioner’s Office in the UK or your national data protection authority; for complaints unrelated to GDPR, nothing in this Privacy Policy is intended to limit your right to file a complaint in the appropriate jurisdiction.

6. LEI INTELLECTUAL PROPERTY

LEI maintains all copyrights and other intellectual property rights in the text and graphic images contained on this website, but we encourage proper use and dissemination of our material. Excerpted material of more than a line or two must be credited to us with the statement: “Source: Lean Enterprise Institute lean.org”

The information here is intended primarily for the personal viewing of our readers. It can’t be duplicated, distributed, modified, publicly displayed, or used for commercial purposes in whole or in part without the prior expressed written permission of LEI. If you would like to request permission to use an article, to republish material from any of LEI publications or to acquire other information from LEI, please send a permission request to webmaster@lean.org.

7. THIRD PARTY PARTNERS AND INTEGRATIONS

The Site may contain links to third party websites or services, such as third party integrations, co-branded services, or third party-branded services (“Third Party Partners“). Lean.org doesn’t own or control these Third Party Partners and when you interact with them, you may be providing information directly to the Third Party Partner, lean.org, or both. These Third Party Partners will have their own rules about the collection, use, and disclosure of information. We encourage you to review the privacy policies of the other websites you visit.

8. CHANGES TO THIS PRIVACY POLICY

Lean.org reserves the right to modify this Privacy Policy at any time in accordance with this provision. If we make changes to this Privacy Policy, we will post the revised Privacy Policy on the Site and update the “Last Updated” date at the top of this Privacy Policy. We will also provide you with notice of the modification by email at least thirty (30) days before the date the changes become effective. If you disagree with the revised Privacy Policy, you may cancel your Account. If you do not cancel your Account before the date the revised Privacy Policy becomes effective, your continued access to or use of the Site will be subject to the revised Privacy Policy.

9. CONTACT US

If you have any feedback about this Privacy Policy or lean.org’s information handling practices, you may email us at: webmaster@lean.org or contact us at:
Lean Enterprise Institute, Inc.
Legal Department
867 Boylston St. 5th Floor 
Boston, MA 02116 

We welcome your feedback!