To help ensure your understanding of some particular key terms, here is a table of translations:
|When we say...||... we mean:|
|"the Wikimedia Foundation" / "the Foundation" / "we" / "us" / "our"||The Wikimedia Foundation, Inc., the non-profit organization that operates the Wikimedia Sites.|
|"Wikimedia Sites" / "our services"||Wikimedia websites and services (regardless of language), including our main projects, such as Wikipedia and Wikimedia Commons, as well as mobile applications, APIs, emails, and notifications.|
|“this site” / “the site” / “WMF annual report site”||The WMF annual report site (“this site,” “the site”) includes all pages under https://annual.wikimedia.org/.|
|"you" / "your" / "me"||You, regardless of whether you are an individual, group, or organization, and regardless of whether you are using the WMF annual report site or our services on behalf of yourself or someone else.|
|"personal information"||Information you provide us or information we collect from you that could be used to personally identify you. To be clear, while we do not necessarily collect all of the following types of information, we consider at least the following to be “personal information” if it is otherwise nonpublic and can be used to identify you:
|"third party" / "third parties"||Individuals, entities, websites, services, products, and applications that are not controlled, managed, or operated by the Wikimedia Foundation. This includes other Wikimedia users and independent organizations or groups who help promote the Wikimedia movement such as Wikimedia chapters, thematic organizations, and user groups as well as volunteers, employees, directors, officers, grant recipients, and contractors of those organizations or groups.|
Types of Information We Receive From You, How We Get It, & How We Use It
Information Related to Your Use of the WMF Annual Report Site
We want to make this site and other Wikimedia Sites better for you by learning more about how you use them. Examples of this might include how often you visit the site, what you like, what you find helpful, how you get to the site, and whether you would use a helpful feature more if we explained it differently. We also want this Policy and our practices to reflect our community's values. For this reason, we keep information related to your use of this site confidential, except as provided in this Policy.
Information We Receive Automatically
Because of how browsers work and similar to other major websites, we receive some information automatically when you visit this site. This information includes information about the device you are using, the type and version of your browser, your browser's language preference, the type and version of your device's operating system, in some cases the name of your internet service provider or mobile carrier, the website that referred you to the this site, which pages you request and visit, and the date and time of each request you make to this site.
Put simply, we use this information to enhance your experience with this site. For example, we use this information to administer the sites, provide greater security, and fight vandalism; optimize mobile applications, customize content and set language preferences, test features to see what works, and improve performance; understand how users interact with the this site, track and study use of various features, gain understanding about the demographics, and analyze trends.
Information We Collect
Depending on which technology we use, locally stored data can be anything from text, pictures, and whole articles (as we explain further below) to personal information (like your IP address) and information about your use of this site.
- Provide you with a personalized experience.
- Deliver more relevant content to you faster.
- Understand how you use the site, so that we know what works and what is useful.
- Understand how you use the site across different devices, so that we can make the site more efficient and effective for you.
We believe this data collection helps improve your user experience, but you may remove or disable some or all locally stored data through your browser settings, depending on your browser. While locally stored data may not be necessary to use the site, some features may not function properly if you disable locally stored data.
Please note that some information about your actions on the site may be made made publicly available through public logs alongside actions taken by other users.
When you visit this site, we automatically receive the IP address of the device (or your proxy server) you are using to access the Internet, which could be used to infer your geographical location. IP address data is anonymized after it is collected and may become publicly available in anonymized form. If you are visiting the sites with your mobile device, we may use your IP address to provide anonymized or aggregated information to service providers regarding the volume of usage in certain areas. We use IP addresses for research and analytics; to better personalize content, notices, and settings for you; to fight spam, identity theft, malware, and other kinds of abuse; and to provide better mobile and other applications.
Generally, we keep personal, nonpublic information about you confidential. We do not sell or rent your nonpublic information, nor do we give it to others to sell you anything. However, there are a few specific circumstances where we are permitted to share your information.
With Your Permission
We may share your information for a particular purpose, if you agree.
For Legal Reasons
We may access, preserve, or disclose your personal information if we reasonably believe it necessary to satisfy a valid and legally enforceable warrant, subpoena, court order, law or regulation, or other judicial or administrative order. However, if we believe that a particular request for disclosure of a user's information is legally invalid or an abuse of the legal system and the affected user does not intend to oppose the disclosure themselves, we will try our best to fight it. We are committed to notifying you via email at least ten (10) calendar days, when possible, before we disclose your personal information in response to a legal demand. However, we may only provide notice if we are not legally restrained from contacting you, there is no credible threat to life or limb that is created or increased by disclosing the request, and you have provided us with an email address.
For more information, see our Subpoena FAQ.
If the Organization is Transferred (Really Unlikely!)
To Protect You, Ourselves & Others
Wikimedia Sites are collaborative, with users writing most of the policies and selecting from amongst themselves people to hold certain administrative rights. These rights may include access to limited amounts of otherwise nonpublic information about activity by other users. They may use this access to help protect against vandalism and abuse, fight harassment of other users, and generally try to minimize disruptive behavior on this site and the Wikimedia Sites. These various user-selected administrative groups have their own privacy and confidentiality guidelines, but all such groups are supposed to agree to follow our Access to Nonpublic Information Policy. These user-selected administrative groups are accountable to other users through checks and balances: users are selected through a community-driven process and overseen by their peers through a logged history of their actions. However, the legal names of these users are not known to the Wikimedia Foundation.
We hope that this never comes up, but we may disclose your personal information if we believe that it's reasonably necessary to prevent imminent and serious bodily harm or death to a person, or to protect our organization, employees, contractors, users, or the public. We may also disclose your personal information if we reasonably believe it necessary to detect, prevent, or otherwise assess and address potential spam, malware, fraud, abuse, unlawful activity, and security or technical concerns.
To Our Service Providers
As hard as we may try, we can't do it all. So sometimes we use third-party service providers or contractors who help run or improve this site or the Wikimedia Sites for you and other users. We may give access to your personal information to these providers or contractors as needed to perform their services for us or to use their tools and services. We put requirements, such as confidentiality agreements, in place to help ensure that these service providers treat your information consistently with, and no less protective of your privacy than, the principles of this Policy.
To Understand & Experiment
In order to better understand how people use the site, we may run analytics on the site using analytics platforms, such as Piwik. When information is collected through Piwik, Wikimedia Foundation staff and contractors may be able to access information about users, like IP addresses and user agent information, and how users interact with the site.
We may give some volunteer developers limited access to systems that contain your personal information, but only as reasonably necessary for them to develop and contribute to this site or the Wikimedia Sites. Similarly, we may share non-personal or aggregated information with researchers, scholars, academics, and other interested third parties who wish to study this site or the Wikimedia Sites. Sharing this information helps them understand usage, viewing, and demographics statistics and patterns. They then can share their findings with us and our users so that we can all better understand and improve this site and the Wikimedia Sites.
When we give access to personal information to third-party developers or researchers, we put requirements, such as reasonable technical and contractual protections, in place to help ensure that these service providers treat your information consistently with the principles of this Policy and in accordance with our instructions. If these developers or researchers later publish their work or findings, we ask that they not disclose your personal information. Please note that, despite the obligations we impose on developers and researchers, we cannot guarantee that they will abide by our agreement, nor do we guarantee that we will regularly screen or audit their projects.
Because You Made It Public
Any information you post publicly on this site, the Wikimedia Sites, or third-party sites is just that – public. Please think carefully about your desired level of anonymity before you disclose personal information on this site, the Wikimedia Sites, or sites linked from this site or the Wikimedia Sites.
How Do We Protect Your Data?
We strive to protect your information from unauthorized access, use, or disclosure. Unfortunately, there's no such thing as completely secure data transmission or storage, so we can't guarantee that our security will not be breached (by technical measures or through violation of our policies and procedures).
How Long Do We Keep Your Data?
Once we receive personal information from you, we keep it for the shortest possible time that is consistent with the maintenance, understanding, and improvement of this site and the Wikimedia Sites, and our obligations under applicable U.S. law. Non-personal information may be retained indefinitely.
Where is the Foundation & What Does That Mean for Me?
Our Response to Do Not Track (DNT) signals
We may use analytics platforms to better understand how users interact with and use this site. Those analytics platforms respect DNT signals and will not track information about you if you have DNT enabled. However, please note that the Wikimedia Foundation will still automatically receive certain information about you even if you have DNT enabled. Please see the "Information we receive automatically" section above. It is important to note that regardless of whether you have DNT enabled, we will never share your information with third parties for marketing purposes.
Effective Date: 1 February 2017