monday.com Foundation Privacy Notice

This Privacy Notice describes (a) what personal data we, monday.com Foundation Ltd., and our affiliated companies (“the monday.com Foundation”, “we”, “our” or “us”), collect and process regarding individuals (“Visitors” or “you”) who: (i) visit or otherwise interact with our website available at www.monday-foundation.org/terms, or any other website, webpage, e-mail, text message or digital ad related to the monday.com Foundation (collectively – “Sites”); (ii) are interested to apply and/or learn more about the monday.com Foundation initiatives, and (b) why we collect your data and how we use it. It also describes how Visitors may exercise their rights to such data held with us.

Please read this Privacy Notice carefully and make sure that you fully understand and agree to it. If you do not wish to provide us with your personal data, or to have it processed by us or any of our Service Providers (defined below), please avoid any interaction with us.

You are not legally required to provide us with any personal data and may do so (or avoid doing so) at your own free will. Your visit or interaction with the Sites will be deemed as your consent to the processing of your personal data for the purposes detailed in this Privacy Notice. 

What data do we collect, how do we collect it, and how do we use it? 

We collect data regarding the Visitors. Such data is typically collected and generated through your interaction with our Sites, through automatic means, directly from you, or from other third parties. Specifically, we collect the following categories of data (which, to the extent it relates to an identified or identifiable individual, will be deemed “personal data”):

  • Visitor personal data – throughout the “contact us” form (or similar reach-out forms), and throughout your participation in the monday.com Foundation initiatives, if applicable, you may provide us (or we may otherwise have access to) personal data about you, such as your identifying data (e.g., full name), contact details (e.g., email address, home address, phone number), and other information you choose to provide to use to identify yourself. We may collect this data directly from you, as you provide it voluntarily through the Sites, and throughout participation in the monday.com Foundation initiatives.
  • Data automatically collected and generated - such data mainly consists of connectivity, technical, and aggregated usage data, such as IP addresses, data regarding the device, operating system, browser version, and locale settings used when interacting with the Sites, the cookies and pixels installed on such device and your activity (clicks and other interactions) in connection with the Sites.  
  • Data received from other third parties - We may receive your personal data from other sources. For example, if you participate in an event or webinar that we sponsor or participate in, we may receive your personal data from the event organizers. We may also receive your contact details (e.g., your name, company, position, email address) from our business partners or service providers, and from your social media profiles and activity.

We may use such data to support our legitimate interests in maintaining and improving our Sites and/or the monday.com Foundation initiatives, to communicate with you about the monday.com Foundation, we may also use it to manage risk and enhance our security and anti-fraud measures, and to create aggregated statistical or inferred data regarding Visitors, for further development and improvement of our offering, or for our future use.

In addition, we may use it to act as permitted by and to comply with any legal or regulatory requirements. If we wish to conduct any additional activities that may require the use of your data, we will request your specific consent in advance.

If you reside in a territory governed by privacy laws that determine that "Consent" is the only, or most appropriate legal basis for processing your personal data (e.g. Israel), then your acceptance of our Terms of Use and of this Privacy Notice will be deemed as your consent to the processing of your personal data for all purposes. If you wish to revoke such consent, please contact us via this FORM

We will never sell your personal data, regardless of their place of residence. 

Data Controller/Processor

Certain data protection laws and regulations, such as the European Data Protection Regulation (GDPR), typically distinguish between two main roles for parties processing personal data: the “Data Controller”, who determines the purposes and means of processing; and the “Data Processor”, who processes the data on behalf of the Data Controller.

The monday.com Foundation is typically the “Data Controller” of personal data with respect to Visitors’ data and assumes the responsibilities of Data Controller under applicable law and as set forth in this Privacy Notice. In such instances, our Service Providers (as discussed below) will assume the role of “Data Processor”.

Where do we store Visitors’ data? 

Your personal data will be maintained, processed, and stored by the monday.com Foundation and our service providers in Israel, the United States and additional locations in which we operate.

The monday.com Foundation is headquartered in Israel, which is considered by the European Commission to be offering an adequate level of protection for the personal data of EU Member State residents. 

While data protection laws in certain jurisdictions may be different than the laws of your residence or location, please know that the monday.com Foundation, its affiliates, and Service Providers (as discussed below) that store or process your personal data on our behalf are each committed to keep it protected and secured, in accordance with this Privacy Notice and industry standards, regardless of any lesser legal requirements that may apply in any jurisdiction.  

For how long may we keep your data? 

We may retain your data for as long as it is reasonably needed to maintain and expand our relationship and provide you with our services and offerings, as applicable, in order to comply with our legal and contractual obligations, to resolve disputes, prevent fraud and abuse, enforce our agreements or otherwise protect our legitimate interests.

How will we secure your data?

The monday.com Foundation has implemented physical, procedural, and technical security measures designed to protect the personal data of our Visitors. We also regularly seek new ways and tools for further enhancing the security of our system and the integrity of the personal data that we hold. Please note, however, that regardless of the measures we take and the efforts we make, we cannot and do not guarantee the absolute protection and security of any personal data stored with us. 

Who will have access to your data?

The monday.com Foundation will share your personal data with a number of selected service providers, whose services and solutions complement, facilitate, and enhance our own (collectively, "Service Providers"). Such Service Providers may receive or otherwise have limited access to your personal data, depending on their respective roles and purposes in facilitating and enhancing our recruitment process, and may only use it for such purposes. 

Additionally, we may disclose or otherwise allow access to any Visitor’s personal data pursuant to a legal request, such as a subpoena, search warrant, or court order, or in compliance with applicable laws, with or without notice to you if we have a good faith belief that we are legally required to do so, or that disclosure is appropriate in connection with efforts to investigate, prevent, or take action regarding actual or suspected illegal activity, fraud or other wrongdoing. We may also share your personal data with others, with or without notice to you, if we believe in good faith that this will help protect the rights, property, or personal safety of the monday.com Foundation, any of our customers or employees, or any member of the general public.

Furthermore, we may share personal data internally within our group of companies, for the purposes described above. In addition, should the monday.com Foundation undergo any change in control or ownership, including by means of merger, acquisition, or purchase of any or all of its assets, your personal data may be shared with the parties involved in such event.

Which tracking technologies do we use?

The monday.com Foundation may use certain monitoring and tracking technologies, such as cookies and other downloaded data files, including ones offered by our Service Providers. These technologies are used in order to maintain, provide, and improve our processes and operations on an ongoing basis, and in order to provide a better experience to our website visitors and Visitors. For example, these technologies enable us to better secure our website and services detect abnormal behaviors, identify technical issues, and monitor and improve the overall performance of our services and processes.

In order to delete or block any cookies, please refer to the "Help" area on your internet browser for further instructions, or look for optional third-party add-ons offering cookie management assistance. For example, you can instruct your browser, by changing its options, to stop accepting cookies or to prompt you before accepting a cookie from the website you visit. 

Please note that we do not change our practices in response to a "Do Not Track" signal in the HTTP header from a browser or mobile application. 

How can you access your data or request to delete it?

If you wish to exercise your right (to the extent available to you under applicable law) to request access to your data, to correct it, to delete it or to port it, or to restrict or object to its processing, please contact us via this FORM, and we will respond within a reasonable timeframe and in accordance with applicable laws. 

Please note that we may require additional information, including certain personal data, in order to authenticate and process your request.

Will this Privacy Notice be updated?

We may update this Privacy Notice to reflect changes in our privacy practices. If we make any changes that we deem as "material", we will notify you (via this page or any of the communication means you provided us with) prior to the change becoming effective. We encourage you to periodically review this page for the latest data on our privacy practices. 

What if you have any questions?

If you have any questions regarding this Privacy Notice, our data practices, or the security of our services, please feel free to contact us via this FORM.

Effective Date: May 7, 2024