Privacy Policy

In simple words:

• We will NEVER sell your Personal Data to Third Parties. 

• We will be educational, not annoying.

• We will make it easy to opt out of our communications.

This Privacy Policy applies to Personal Data processed by The Fountain Institute (“The Fountain Institute”, “We”, “Us” and “Our”) when You visit www.thefountaininstitute.com in addition to any sub-pages that are integrated within it (the “Site”); and/or make use of the Fountain Institute’s learning experiences.

This Privacy Policy explains what Personal Data We collect through Our Site and Software, how and why We collect it, how We use and disclose the Personal Data We collect, and information on how to exercise privacy rights over this Personal Data.

These Fountain Institute Program Terms of Use govern participation in courses, workshops, events, community interactions from The Fountain Institute or The Guild of Working Designers, and how we process students’ and subscribers' personal data.

The Fountain Institute collects the following types of personal information from users:

1. Contact information, such as name, email address, and telephone number.

2. Demographic information, such as age, gender, and location.

3. Information about your use of our services, such as the pages you visit and the actions you take.

4. Any other information you choose to provide to us, such as feedback or survey responses.

We may collect personal information through various means, including:

1. Directly from you, when you provide information through our website, services, or when you contact us directly.

2. Automatically, through the use of technologies such as cookies and web beacons, when you use our website or services.

Use of Personal Information

The Fountain Institute uses your personal information for the following purposes:

1. To provide and improve our services, including customizing your experience with our website and services.

2. Communicate with you, such as responding to your inquiries or sending updates on our services.

3. To perform research and analysis, such as tracking usage patterns and gathering demographic information.

4. To comply with legal obligations, such as responding to subpoenas or court orders.

Data Sharing and Disclosure

The Fountain Institute does not sell, rent, or share your personal information with third parties for their own marketing purposes. We may share your personal information with third parties for the following purposes:

1. To provide and improve our services, such as sharing information with service providers who assist us with website hosting, data analysis, and customer support.

2. To comply with legal obligations, such as disclosing information to law enforcement or other government agencies in response to a subpoena or court order.

Why we collect your data

• To process your application and conclude a Fountain Institute program agreement (see Terms & Conditions for paid programs)

• To send you a newsletter or educational email

• To inform you about offers that we reasonably believe may be relevant to you.

Protection of Personal Information

The Fountain Institute takes the protection of personal information very seriously and implements appropriate security measures to protect against unauthorized access, use, alteration, or destruction of your personal information. We use industry-standard encryption and secure storage to protect your data and regularly monitor our systems for security breaches.

Data Retention

The Fountain Institute retains personal information for as long as it is necessary to provide our services and for the purposes outlined in this Privacy Policy. We may retain certain data for longer periods if required by law or for our legitimate business purposes.

GDPR - General Data Protection Regulation

The GDPR is Europe’s new privacy regulation. It gives you control over the data organizations have about you and how they market to you.

Our team takes your privacy very seriously and has to make very few changes to comply. This page outlines our approaches, and we welcome your feedback at hello@thefountaininstitute.com

We will not rent or sell or share your email with any third party, and we never have. However, we use third-party analytics software from Google, Hotjar, Convertkit, and Hubspot. In some cases, we may place a cookie on your side to better understand who is visiting our sites and how they use them.

We use cookies to give you a better experience with our workshops and content. For example, we use those cookies to avoid showing you the same thing twice.

We don’t serve ads to our site visitors using any third-party tools.

At any time, you can opt out of hearing from us. You can always opt out of the collection and use of your information online.

Since we’re in the business of teaching, we try to stay connected with our students using various marketing platforms and events. Of course, our articles, podcast, and other content are free, and you’re welcome to interact with it without subscribing. You can, and always have been able to, use third-party tools, RSS, or even incognito browsers to interact with our free materials.

We are happy to provide value, even if you don’t stay connected with us. Some choose to join the meetups, download our educational assets, and unsubscribe immediately. We get it. You want to keep that inbox clean, and our weekly newsletter can be a lot. We make it easy to stop our emails with one-click unsubscribe links in all of our emails.

As a growing education startup, we appreciate any feedback you’re willing to provide about our interactions. Please don’t hesitate to drop us a line of feedback at hello@thefountaininstitute.com

What is GDPR?

GDPR stands for General Data Protection Regulation, a new privacy law that regulates the processing of personal data relating to individuals in the European Union.

GDPR strengthens individuals' rights regarding their personal data and seeks to unify data protection laws across Europe. We are firm believers in GDPR, and we seek absolute compliance.

What does GDPR mean for you?

What’s our policy in a nutshell?

We’re treating everyone as if they lived in the EU.

This means that if you’re reading this, you can:

• Ask for a copy of the personal data we’ve collected about you. Unless you have enrolled in a course or a workshop, the answer is your email address and name. We only keep data about your interactions, written responses, and engagement in the seminars for students. Any notes taken during coaching calls or ad-hoc calls are stored on your personal Notion dashboard, and you retain complete control of that information.

• Request that we stop sending you marketing messages. This is as easy as it has ever been. Click “Unsubscribe from everything” at the bottom of any email, and your subscription will be terminated automatically. Our goal is to keep our promise not to profit from your data.

We use Convertkit, Lu.ma, and Disco to carry our email messages, and we’ll work with them to remove your name (and there’s an unsubscribe button in every email). All credit card processing is done with Stripe and Disco. We never see your data.

Classroom recordings are shared with the cohort and instructors, and we may retain some for internal training. Meetup recordings will be shared on YouTube so others can enjoy the event asynchronously, and your questions may be called out on stage. If you have concerns, please reach out to us at hello@thefountaininstitute.com

We work with many of our students in software like Zoom, Disco, Google Drive, Notion, Miro, and Slack. In those cases, much identifiable data is created and collected as part of the learning process. You can delete your work from any community or live learning experience. We understand that you work on sensitive materials at large companies, and we do our best to limit exposure to your working situation in the live classroom. We do not retain any backups, so you retain complete control of the data you submit in our learning experiences via Slack, Butter, Notion, Miro, Zoom, or similar real-time collaborative class tools.

At any time, you can choose to stop participation in the community, but your work before that point becomes a permanent part of the work that’s created by the group. We strive for participatory education, and our community is decentralized by design. Please read our Code of Conduct to understand better the behavioral principles that guide the Guild of Working Designers and the Fountain Institute.

Your Rights

You can exercise the following rights at any time using the contact details of our data protection officer:

• Information on your data stored by us and the processing thereof (Art. 15 GDPR),

• Rectification of inaccurate personal data (Art. 16 GDPR),

• Deletion of your data stored by us (Art. 17 GDPR),

• Restriction of the data processing, provided that we may not delete your data due to legal obligations (Art. 18 GDPR),

• Objection to the processing of your data with us (Art. 21 GDPR) and

• Data portability provides that you have consented to the data processing or have entered into a contract with us (Art. 20 GDPR).

If you have given us consent, you may withdraw it at any time, which will remain in effect.

You can contact a supervisory authority with a complaint at any time, e.g., the supervisory authority of the state of your residence or the power that oversees us as the responsible party.

You’ll find a list of supervisory authorities (for the non-public area) with their respective addresses at: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.

Community Members & Students

• Name, address and contact information

• Company/Organisation

• LinkedIn profile

• Payment information (for paid members & students)

• Other personal information for application evaluation (reasons for applying to a program, etc.)

• Video of participant (participating in the video call lectures etc.)

We process your personal data as a participant on the legal basis of compliance with a legal obligation (parties to the agreement must be identified, issuing of invoice) and since collecting personal data is s necessary for the performance of a contract to which the participant is a party to. If the participant does not provide all the necessary personal data we cannot conclude an Agreement for Fountain Institute or Guild of Working Designers Program.

We retain your data for the duration of your participation in the Fountain Institute or Guild of Working Designers Program and for five years after the end of program (general limitation period) and as long as you want to be part of the alumni community. Personal data on the invoice (name and address, payment information) is retained for a period of 10 years after issuing.

Photos & GIFs of participants (screenshots of classes with participant's face)

We process your personal data as a participant on the legal basis of legitimate interest. The Fountain Institute, as an educational institution has a legitimate interest to share the participation of its students in marketing materials. If you do not want your picture to be included in the group photo or you want The Fountain Institute to delete your picture or interrupt the processing, you can let us know via email.

We will not share personally identifying information (unless explicitly approved by you), and you can revoke your data (see contact information for the data officer at the bottom) if you would like to remove all record of your participation in a Guild of Working Designers or Fountain Institute program.

Sub-providers

For performance of the Fountain Institute or Guild of Working Designers Program we use the following sub-providers:

• Slack for communicating and discussion

• Zoom for course calls & webinars

• Disco for the learning dashboard

• Butter for workshops

• Google Drive/ Google Docs as administrative tools and for all program documentation

• Zapier for processing the application

• ConvertKit for email communication

• Miro as a workshop and research tool

• Notion as an administrative tool and for providing templates for students

• Calendly for scheduling video calls

• Jotform as an administrative tool

• Stripe as a payment service provider

Due to invalidation of Privacy Shield as legal basis for processing and transfer of personal data in USA, our service providers (as processors and sub processors) have adopted alternative adequate legal basis for compliant processing of personal data in USA such as Standard Contractual Clauses (SCC) as approved by the European Commission in the concluded business agreement or Binding Corporate Rules (BCR) approved by competent supervisory authority.

Slack Technologies, Inc. (USA) as a publisher of Slack has incorporated SCC into its Data Processing Addendum.

Zoom Video Communications, Inc. (USA) as a publisher of Zoom has incorporated SCC into its Privacy Policy.

Disco Inc. (USA) as a publisher of Disco has incorporated CCPA in its Privacy Policy.

Meetbutter APS (Denmark) as a publisher of Butter has incorporated SCC into its Privacy Policy

Google Ireland Limited (Ireland) is a publisher of Google Drive/ Google Docs and thus there is no transfer of personal data outside EU/EEA.

Zapier Inc. (USA) as a publisher of Zapier has incorporated SCC into its Data Processing Addendum which is an integral part of Zapier's User terms of service.

ConvertKit LLC (USA) as a publisher of ConvertKit has incorporated Data Processing Addendum in its Privacy Policy.

RealtimeBoard, Inc. dba Miro (USA) as a publisher of Miro has incorporated SCC into its Data Processing Addendum which is an integral part of its Privacy Policy.

Notion Labs, Inc. (USA) as a publisher of Notion has incorporated Data Processing Addendum in its Privacy Policy.

Calendly LLC (USA) as a publisher of Calendy has incorporated a Data Processing Addendum into its Terms of Use.

JotForm Inc. (USA) as a publisher of JotForm has Data Processing Addendum  with Fountain Institute or Guild of Working Designers

Stripe, Inc. (USA) as a provider of payment services does not act as d.MBA processor of personal data. d.MBA does not process any other payment information and associated personal data except for data on its income.

Please note that your email as a participant may be visible to other participants during the d.MBA Program (e.g. on Slack and Google Drive).

Cookies

Type and purpose of the processing

Like many other websites, we use so-called ‘cookies.’ When you visit our website, cookies are small text files stored on your device (laptop, tablet, smartphone, etc.).

With cookies, we receive certain information such as IP address, type of browser, and operating system used.

Cookies cannot be used to start programs or to transmit viruses to a computer. Based on the information contained in cookies, we can facilitate your navigation of our site and correctly display our web pages for you.

The data collected by us will not be shared with third parties under any circumstances, nor will a link to personal data be created without your consent.

Of course, you can view our website without cookies. Internet browsers are regularly configured to accept cookies. You can generally disable cookies via your browser settings at any time. Please use your Internet browser’s help function to learn how to change these settings, and keep in mind that individual features of our website may not work if you have disabled the use of cookies.

Retention period and cookies used

If you allow us to use cookies via your browser settings or consent, the following cookies may be utilized on our web pages:

In the following sections, we provide information concerning how these cookies can (also) pertain to personal data.

In your browser settings, you can delete individual or entire set of cookies. You will also find information and instructions on how to delete these cookies or prevent them from being saved in advance. The following links provide the information you’ll need for the respective browser providers:

• Mozilla Firefox: https://support.mozilla.org/en-US/kb/delete-cookies-remove-info-websites-stored

• Internet Explorer: https://support.microsoft.com/en-gb/help/17442/windows-internet-explorer-delete-manage-cookies

• Google Chrome: https://support.google.com/accounts/answer/61416?hl=en

• Opera: https://www.opera.com/o/ie-simple

• Safari: https://support.apple.com/kb/PH17191?locale=de_DE&viewlocale=en_US

Commentary function

Type and purpose of the processing

When users leave comments on our website, the time of their creation and the username selected by the website visitor are saved. This is for our security, as we may be prosecuted for any illegal content on our website, even if it was created by users.

Legal basis

The data entered as a comment is processed based on a legitimate interest (Art. 6 Para. 1 (a) GDPR).

With the commentary feature, we aim to provide you with an uncomplicated way to interact. The information you enter will be stored to process the request as well as possible follow-up inquiries.

Recipients

Recipients of the data may be processors.

Retention period

The data will be deleted as soon as they are no longer required for the reason they were collected. This is generally the case, when the communication with the user has ended and the company can see from the circumstances that the respective issue has been clarified.

Mandatory or required provision

The provision of your personal data is voluntary. Without the provision of your personal data, we cannot guarantee you access to our commentary function.

Newsletter

Type and purpose of the processing

Your data will be used exclusively to send you the newsletter you subscribed for via e-mail. We request your name so that we can address you personally in the newsletter and identify you as needed should you want to exercise your rights as a data subject.

To receive the newsletter, providing your e-mail address is sufficient. When you subscribe to our newsletter, your data will be used exclusively. Subscribers can also be notified by e-mail about circumstances relevant to the service or registration (such as changes to the newsletter offer or technical matters).

We need a valid e-mail address to complete your registration. We utilize the double opt-in' procedure to verify that a registration is made by the owner of an e-mail address. To this end, we log the newsletter subscription request when a confirmation e-mail is sent and the requested reply is received. Additional data is not collected. The data will be used exclusively for sending the newsletter and will not be shared with third parties.

Legal basis

Based on your express consent (Article 6 (1) a DSGVO), we will send you our newsletter regularly or comparable information via e-mail to your specified e-mail address.

The consent to save and use your personal data for the newsletter may be withdrawn at any time and remain in effect in the future. Every email contains a corresponding link. You can also unsubscribe from this website at any time or inform us of your cancellation via the contact option indicated at the end of this privacy policy.

Recipients

Recipients of the data may be processors.

Retention period

Data are only processed in this context, provided the corresponding consent has been given. The data will be deleted after that.

Mandatory or required provision

The provision of your personal data is voluntary, based solely on your consent. Unfortunately, we cannot send you our newsletter without your consent.

Contact form

Type and purpose of the processing

The data you enter is used for individual communication with you. A valid e-mail address and your name are required for this communication to organize your inquiry and the subsequent reply. Providing additional information is optional.

Legal basis

The data entered in the contact form is processed based on a legitimate interest (Art. 6 Para. 1 (f) GDPR).

By providing the contact form, we aim to facilitate an uncomplicated means for you to contact us. The information you enter will be used to process the inquiry and saved for possible follow-up questions.

If you contact us to request an offer, processing the information provided in the contact form will occur to implement pre-contractual measures (Art. 6 Para. 1 (b) GDPR).

Recipients

Recipients of the data may be processors.

Retention period

The data will be deleted no later than six months after processing the inquiry.

Provided that we enter into a contract together, we will use the statutory retention periods in the German Commercial Code (Handelsgesetzbuch) and delete your data according to the respective stipulated deadlines.

Mandatory or required provision

The provision of your personal data is voluntary. However, we can only process your inquiry if you provide us with your name, e-mail address, and the reason for your inquiry.

Using Google Analytics

Type and purpose of the processing

This website uses Google Analytics, a web analytics service of Google LLC, 1600 Amphitheater Parkway, Mountain View, CA 94043 USA (hereinafter: ‘Google’). Google Analytics uses so-called ‘cookies’, i.e. text files that are stored on your computer and allow an analysis of your use of the website. The information generated by the cookie about your use of this website is typically transmitted to a Google server in the U.S. and stored there. However, due to the activation of IP anonymisation on these websites, your IP address will be truncated beforehand by Google within the member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be sent to a Google server in the U.S. and truncated there. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, summarise reports on website activities and provide other services related to website and Internet usage to the website operator. The IP address transferred from your browser as part of Google Analytics will not be combined with other data from Google.

The data processing purposes are the website-use analysis and the summary of reports on activities on the website. Based on the use of the website and the Internet, other related services will be provided.

Legal basis

The processing of the data occurs on the basis of the user’s consent (Art. 6 Para. 1 (a) GDPR).

Recipients

The recipient of the data is Google as the processor. For this, we have entered into the corresponding data-processing contract with Google.

Retention period

The deletion of the data occurs as soon as they are no longer necessary for our recording-keeping purposes.

Third country transfers

Google processes your data in the United States of America and is subject to the EU-U.S. Privacy Shield: https://www.privacyshield.gov/EU-US-Framework.

Mandatory or required provision

The provision of your personal data is voluntary, based solely on your consent. If you prevent access, this can lead to functional limitations on the website.

Revocation of consent

You can prevent the storage of cookies by a corresponding setting in your browser software; however, please note that in this case you may not be able to use all the functions of this website in their entirety. Furthermore, you can prevent the collected data generated by the cookie and the data related to your use of the website (including your IP address) being transmitted to Google, as well as the processing of this data by Google, by downloading and installing the browser plug-in available at the following link: browser add-on to deactivate Google Analytics.

In addition, or as an alternative to the browser add-on, you can prevent tracking by Google Analytics on our web pages by clicking this link, which will install an opt-out cookie on your device. This will prevent data collection by Google Analytics for this website and for this browser in the future, as long as the cookie remains installed in your browser.

Profiling

With the assistance of the tracking tool Google Analytics, the browsing behaviour of the website visitors can be evaluated and their respective interests can be analysed. For this analysis, we create a pseudonymous user profile.

Using script libraries (Google Webfonts)

Type and purpose of the processing

In order to present our content correctly and graphically appealing across all browsers, we use ‘Google Webfonts’ from Google LLC (1600 Amphitheater Parkway, Mountain View, CA 94043, USA, hereinafter ‘Google’) to display fonts on this website.

You’ll find the data protection guidelines of the library operator Google here: https://www.google.com/policies/privacy/

Legal basis

Your consent is the legal basis for the integration of Google Webfonts and the associated data transfer to Google (Art. 6 Para. 1 (a) GDPR).

Recipients

The use of script libraries or font libraries automatically triggers a connection to the operator of the library. It is theoretically possible – but currently also unclear whether and to what end – that the operator, in this case Google, will collect data.

Retention period

We do not collect any personal data via the integration of Google Webfonts.

You’ll find additional information on Google Webfonts at https://developers.google.com/fonts/faq and in Google’s privacy policy: https://www.google.com/policies/privacy/.

Third country transfers

Google processes your data in the United States of America and is subject to the EU-U.S. Privacy Shield: https://www.privacyshield.gov/EU-US-Framework.

Mandatory or required provision

The provision of your personal data is neither legally nor contractually required. However, the correct presentation of standard-fonts content is not possible without this provision.

Revocation of consent

The programming language JavaScript is regularly used to display content. Thus, you can opt out of the data processing by disabling JavaScript execution in your browser or by installing a JavaScript blocker. Please note that this may result in functional limitations on the website.

Embedded YouTube videos

Type and purpose of the processing

We embed YouTube videos on several of our websites. The operator of the respective plugins is YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA (hereinafter ‘YouTube’). YouTube, LLC is a subsidiary of Google LLC, 1600 Amphitheater Pkwy, Mountain View, CA 94043, USA (hereinafter ‘Google’). When you visit a page with the YouTube plug-in, a connection to YouTube’s servers will be created, which tells YouTube which pages you visit. When you are logged into your YouTube account, YouTube can associate your browsing behaviour with you personally. You can prevent this by logging out of your YouTube account beforehand.

If a YouTube video is started, the provider uses cookies that collect information about user behaviour.

You will find additional information on the purpose and scope of the data collection and its processing by YouTube in the provider’s privacy policy, as well as additional information on your rights and setting options for protecting your privacy (https://policies.google.com/privacy). Google processes your data in the United States of America and is subject to the EU-U.S. Privacy Shield: https://www.privacyshield.gov/EU-US-Framework.

Legal basis

Your consent is the legal basis for the integration of YouTube and the associated data transfer to Google (Art. 6 Para. 1 (a GDPR).

Recipients

Visiting YouTube automatically triggers a connection to Google. .

Retention period and revocation of consent

Everyone who has disabled the storage of cookies for the Google ad programme will not have to expect any cookies when watching YouTube videos. However, YouTube also stores non-personal usage information in other cookies. If you would like to prevent this, you must block the storage of cookies in the browser.

You’ll find additional information on data protection at ‘YouTube’ in the provider’s privacy policy at: https://policies.google.com/privacy.

Third country transfers

Google processes your data in the United States of America and is subject to the EU-U.S. Privacy Shield: https://www.privacyshield.gov/EU-US-Framework.

Mandatory or required provision

The provision of your personal data is voluntary, based solely on your consent. If you prevent access, this can lead to functional limitations on the website.

Google AdWords

Type and purpose of the processing

Our website uses Google Conversion Tracking. The operating company of the Google AdWords services is Google LLC, 1600 Amphitheater Parkway, Mountain View, CA 94043, USA. If you have reached our website via a Google advertisement, Google Adwords will place a cookie on your computer. The conversion tracking cookie is used when a user clicks on an ad from Google.

If the user visits certain pages on our website, and the cookie has not expired, we and Google can recognise that the user clicked on the ad and was redirected to this page. Every Google AdWords customer receives a different cookie. Thus, cookies cannot be tracked by the websites of AdWords customers. The information gathered by the conversion cookie is used to generate conversion statistics for AdWords customers who have opted for conversion tracking. The customers see the total number of users who clicked on their advertisement and were redirected to a conversion tracking tag page. However, they do not receive information that personally identifies users.

Legal basis

Your consent is the legal basis for the integration of Google AdWords and the associated data transfer to Google (Art. 6 Para. 1 (a) GDPR).

Recipients

Whenever you visit our website, your personal information, including your IP address, is transferred to Google in the U.S. This personal information is saved by Google. Google may transfer such personal data collected through the technical process to third parties.

We do not receive information from Google that could identify the data subject.

Retention period

These cookies lose their validity after 30 days and are not used for personal identification.

Third country transfers

Google processes your data in the United States of America and is subject to the EU-U.S. Privacy Shield: https://www.privacyshield.gov/EU-US-Framework.

Revocation of consent

Suppose you do not want to participate in the tracking. In that case, you can reject the required cookie use – for example via a general browser setting that disables the automatic use of cookies or configures your browser to block cookies from the domain ‘googleleadservices.com’.

Please note that you should not delete the opt-out cookies as long as you do not want to save measurement data. If you have deleted all your cookies in the browser, you must use the respective opt-out cookie again.

Mandatory or required provision

The provision of your personal data is voluntary, based solely on your consent. If you prevent access, this can lead to functional limitations on the website.

Contact

Revision of our privacy policy

We reserve the right to amend this privacy policy so that it always complies with current legal requirements or to implement changes to our services in the privacy policy, e.g. when introducing new services. Your next visit will be subject to the new privacy policy.

Questions for the data protection officer

If you have any questions pertaining to data protection, please send us an e-mail or contact the person responsible for data protection in our organization: hello@thefountaininstitute.com

We’ll continue to educate, inform and work with our readers and students the best we can, and will update this page from time to time.

Thanks for engaging with us.

-The Fountain Institute Team

Contact Us

Responsible party pursuant to data protection laws, in particular the EU General Data Protection Regulation (GDPR), is
Jeffrey Humble
Graefestr. 41,
10967 Berlin,
Deutschland
VAT number: DE334424725
Telephone: +49 17674696661
Email: hello@thefountaininstitute.com
Web: https://www.thefountaininstitute.com

Last updated: February 7, 2023