The Moral Firewall

Privacy NoticeĀ 

Last Updated: May 12, 2025

1. Our Commitment to Your Privacy and Ethical AI

Welcome to The Moral Firewall (the “Website,” “we,” “us,” or “our”). This Privacy Policy outlines our unwavering commitment to protecting your personal data and ensuring the ethical and transparent operation of our services, particularly in relation to our Artificial Intelligence (AI) Governance Framework.

We understand the importance of privacy in the digital age, especially with the increasing use of AI. Our AI Governance Framework is designed to ensure that our AI systems are developed and operated responsibly, aligning with core ethical principles including fairness, accountability, transparency, privacy, and security. This Privacy Notice is a critical component of that framework, detailing how we collect, use, share, and protect your information in this context.

This policy is intended to be comprehensive and to comply with applicable global privacy laws, including but not limited to the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA), the Data Privacy Act of 2012 of the Philippines, and other relevant data protection legislations.

2. Scope of This Privacy Policy

This Privacy Policy applies to all personal data collected through our Website, including any data processed by or in connection with our AI systems and our AI Governance Framework. This includes information you provide directly, information collected automatically during your visit, and information we may receive from third parties in connection with our AI services.

It does not apply to third-party websites, services, or applications that may be linked from our Website. We encourage you to review the privacy policies of those third parties before providing them with your information.

3. Definitions

To ensure clarity, here are some key terms used in this policy:

  • AI (Artificial Intelligence): Technology that enables computer systems to perform tasks that typically require human intelligence, such as learning, problem-solving, decision-making, and understanding human language.
  • AI Governance Framework: The comprehensive set of rules, practices, processes, and tools we have implemented to ensure our AI systems are developed and used ethically, responsibly, in compliance with legal requirements, and align with our values. This includes oversight mechanisms, bias detection and mitigation strategies, transparency initiatives, and data protection measures specific to our AI.
  • Personal Data (or Personal Information): Any information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular individual or household.
  • Processing: Any operation or set of operations performed on personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure, or destruction.
  • Data Subject (or “User”): The identified or identifiable natural person to whom the personal data relates.
  • Automated Decision-Making: The process of making decisions through automated means (e.g., AI algorithms) without significant human involvement.
  • Profiling: Any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behavior, location, or movements.

4. Information We Collect

We collect various types of personal data to provide and improve our services, operate our Website effectively, and ensure the responsible functioning of our AI Governance Framework. The types of data we collect include:

  • 4.1. Information You Provide Directly:
  • Account Information: When you create an account, we may collect your name, email address, password, and other relevant details.
  • Contact Information: If you contact us for support, inquiries, or feedback, we will collect your name, email address, phone number (if provided), and the content of your communication.
  • User Content: Information you submit or upload to our Website, such as comments, forum posts, or data provided for analysis by our AI tools (where applicable and with explicit consent for specific AI functionalities).
  • Survey and Feedback Data: Responses you provide to surveys, questionnaires, or feedback requests.
  • 4.2. Information Collected Automatically:
  • Log Data: When you access our Website, our servers automatically record information, including your IP address, browser type and settings, device information, operating system, referring URLs, pages visited, links clicked, and timestamps.
  • Cookies and Similar Technologies: We use cookies, web beacons, and other tracking technologies to collect information about your Browse activities and preferences. This helps us personalize your experience, analyze trends, administer the Website, and gather demographic information. Please refer to our Cookie Policy (Section 12) for more details.
  • 4.3. Information from Third Parties:
  • We may occasionally receive information about you from third-party sources, such as data enrichment services or publicly available sources, where permitted by law. We will only use such information in accordance with this Privacy Notice and applicable legal requirements.

5. How We Use Your Information and Our AI Governance Framework’s Role

We use your personal data for the following purposes, with our AI Governance Framework providing safeguards and ethical oversight for AI-related processing:

  • 5.1. To Provide and Maintain Our Services:
  • Operating and managing your account.
  • Providing you with access to our Website and its features, including AI-powered tools.
  • Responding to your inquiries and providing customer support.
  • Personalizing your experience on our Website.
  • 5.2. To Improve Our Services and AI Systems:
  • Analyzing usage patterns to understand how our Website and AI tools are used, and to identify areas for improvement.
  • Conducting research and development for new products and features, including innovative and ethical AI solutions, and improving The Moral Framework in succeeding versions.
  • 5.3. For Security and Integrity:
  • Protecting the security and integrity of our Website, our users, and our AI systems.
  • Detecting and preventing fraud, abuse, and other harmful activities.
  • Enforcing our terms of service and other policies.
  • 5.4. For Communication:
  • Sending you administrative information, such as updates to our terms, conditions, and policies.
  • Providing you with information about our services, new features, and promotional offers, where you have consented to receive such communications or where permitted by applicable law. You can opt-out of marketing communications at any time.
  • 5.5. For Legal Compliance and Ethical Obligations:
  • Complying with applicable laws, regulations, legal processes, and governmental requests.
  • Meeting our ethical obligations as outlined in our AI Governance Framework, including commitments to fairness, transparency, and accountability in AI.
  • Conducting audits to ensure compliance with our internal policies and regulatory requirements.

6. Legal Basis for Processing Your Personal Data (for GDPR and similar jurisdictions)

We will only process your personal data when we have a valid legal basis to do so. The legal bases we rely on include:

  • Consent: Where you have given us explicit consent to process your personal data for a specific purpose (e.g., for using specific features that require personal data input, or for marketing communications). You have the right to withdraw your consent at any time.
  • Contractual Necessity: Where the processing is necessary for the performance of a contract with you (e.g., to provide you with access to your account and our services as per our Terms of Service).
  • Legal Obligation: Where the processing is necessary for us to comply with a legal obligation (e.g., responding to lawful requests from authorities).
  • Legitimate Interests: Where the processing is necessary for our legitimate interests or the legitimate interests of a third party, provided that these interests are not overridden by your fundamental rights and freedoms. Our legitimate interests include improving our services, ensuring the security of our Website and preventing fraud, and conducting responsible AI development under our AI Governance Framework. We will always balance our legitimate interests against your data protection rights.

7. Data Sharing and Disclosure

We do not sell your personal data. We may share your personal data in the following limited circumstances, always in accordance with this Privacy Policy and our AI Governance Framework:

  • 7.1. Service Providers: We may share your personal data with trusted third-party service providers who perform services on our behalf, such as website hosting, data analysis, payment processing, IT services, customer support, email delivery, and providers. These providers are contractually obligated to protect your data and are only permitted to use it for the specific purposes for which we engage them. 
  • 7.2. Business Transfers: If we are involved in a merger, acquisition, financing due diligence, reorganization, bankruptcy, receivership, sale of company assets, or transition of service to another provider, your personal data may be sold or transferred as part of such a transaction, as permitted by law and/or contract. We will notify you of any such deal and outline your choices in that event.
  • 7.3. Legal Requirements: We may disclose your personal data if required to do so by law or in the good faith belief that such action is necessary to:
  • Comply with a legal obligation or a request from public and government authorities.
  • Protect and defend our rights or property.
  • Prevent or investigate possible wrongdoing in connection with the Website.
  • Protect the personal safety of users of the Website or the public.
  • Protect against legal liability.
  • 7.4. Aggregated or De-identified Data: We may share aggregated or de-identified information, which cannot reasonably be used to identify you, for various purposes, including research, analytics. 
  • 7.5. With Your Consent: We may share your personal data with other third parties with your explicit consent.

8. International Data Transfers

Your personal data may be transferred to, stored, and processed in countries other than your own, where our servers or our service providers are located. These countries may have data protection laws that are different from the laws of your country.

When we transfer your personal data to other countries, we will take appropriate safeguards to ensure that your information is protected in accordanceance with this Privacy Policy and applicable data protection laws. This may include relying on adequacy decisions by the European Commission, using Standard Contractual Clauses (SCCs), or other legally recognized transfer mechanisms. Our AI Governance Framework considers the implications of international data transfers for AI data.

9. Data Retention

We will retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements, and for the ongoing operation and improvement of our AI systems as ethically managed under our AI Governance Framework.

To determine the appropriate retention period for personal data, we consider:

  • The amount, nature, and sensitivity of the personal data.
  • The potential risk of harm from unauthorized use or disclosure of your personal data.
  • The purposes for which we process your personal data and whether we can achieve those purposes through other means.
  • The applicable legal, regulatory, tax, accounting, or other requirements.

When we no longer need your personal data, we will securely delete or anonymize it. If this is not possible (for example, because your personal data has been stored in backup archives), then we will securely store your personal data and isolate it from any further processing until deletion is possible.

10. Data Security

We are committed to protecting the security of your personal data. We implement a range of technical, administrative, and physical security measures designed to protect your personal data from unauthorized access, use, disclosure, alteration, or destruction. These measures are consistent with industry best practices and are regularly reviewed and updated. 

These measures include:

  • Encryption of data in transit and at rest, where appropriate.
  • Access controls to limit access to personal data to authorized personnel.
  • Regular security assessments and vulnerability testing.
  • Data backup and disaster recovery plans.
  • Employee training on data protection and security.

However, please note that no method of transmission over the Internet or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your personal data, we cannot guarantee its absolute security.

11. Your Data Protection Rights

Depending on your location and applicable data protection laws, you may have the following rights regarding your personal data:

  • Right to Access: You have the right to request access to the personal data we hold about you and to receive a copy of it.
  • Right to Rectification (Correction): You have the right to request that we correct any inaccurate or incomplete personal data we hold about you.
  • Right to Erasure (Deletion or “Right to be Forgotten”): You have the right to request that we delete your personal data under certain conditions (e.g., if the data is no longer necessary for the purposes for which it was collected, or if you withdraw consent). This right may be limited in certain circumstances, for example, where retention is required by law or is necessary for the functioning of the Website.
  • Right to Restrict Processing: You have the right to request that we restrict the processing of your personal data under certain conditions (e.g., if you contest the accuracy of the data).
  • Right to Data Portability: You have the right to request that we provide you with your personal data in a structured, commonly used, and machine-readable format, and to transmit that data to another controller, where technically feasible.
  • Right to Object to Processing: You have the right to object to the processing of your personal data under certain conditions, including processing based on our legitimate interests or for direct marketing purposes.
  • Right to Opt-Out of Sale or Sharing (for CCPA/CPRA): We do not “sell” personal information in the traditional sense. However, under CCPA/CPRA, certain sharing for cross-context behavioral advertising may be considered a “sale” or “sharing.” You have the right to opt-out of such activities.
  • Right to Non-Discrimination: We will not discriminate against you for exercising any of your data protection rights.
  • Rights Related to Automated Decision-Making and Profiling: You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you, except under certain conditions (e.g., with your explicit consent or if necessary for a contract). Our AI Governance Framework emphasizes human oversight in such scenarios. Where automated decisions are made, you generally have the right to obtain human intervention, express your point of view, and contest the decision.
  • Right to Withdraw Consent: Where we rely on your consent to process your personal data, you have the right to withdraw your consent at any time. This will not affect the lawfulness of processing based on consent before its withdrawal.

How to Exercise Your Rights: To exercise any of these rights, please contact us using the details provided in Section 16 (“Contact Us”). We will respond to your request in accordance with applicable data protection laws. We may need to verify your identity before processing your request.

12. Cookie Policy and Tracking Technologies

We use cookies and similar tracking technologies to collect and use personal data about you, including to serve interest-based advertising. For further information about the types of cookies and tracking technologies we use, why, and how you can control them, please see our separate Cookie Policy.

13. Children’s Privacy

Our Website and services are not directed to individuals under the age of 16 (or a higher age threshold as required by applicable law in your jurisdiction). We do not knowingly collect personal data from children. If we become aware that we have inadvertently collected personal data from a child without verification of parental consent, we will take steps to delete that information as soon as possible. If you believe that we might have any information from or about a child, please contact us.

14. Updates to This Privacy Policy

We may update this Privacy Notice from time to time to reflect changes in our practices, technologies, legal requirements, or our AI Governance Framework. When we make material changes, we will notify you by posting the updated policy on our Website and updating the “Last Updated” date at the top of this policy. For significant changes, we may also provide a more prominent notice (such as by adding a statement to our homepage or sending you a notification).

We encourage you to review this Privacy Notice periodically to stay informed about how we are protecting your information. Your continued use of our Website or services after any changes to this Privacy Notice will constitute your acceptance of such changes (subject to applicable laws regarding consent for material changes).

16. Contact Us

If you have any questions, concerns, or complaints about this Privacy Policy, our data handling practices, our AI Governance Framework, or if you wish to exercise any of your data protection rights, please contact us:

  • By Email: privacy [@] moralfirewall.org

We are committed to working with you to obtain a fair resolution of any complaint or concern about privacy. If, however, you believe that we have not been able to assist with your complaint or concern, you may have the right to make a complaint to the data protection authority in your jurisdiction.

17. Governing Law and Jurisdiction

This Privacy Notice shall be governed by and construed in accordance with the laws of The Republic of Philippines, without regard to its conflict of law principles. Any disputes arising under or in connection with this Privacy Notice shall be subject to the exclusive jurisdiction of the competent courts in Philippines.

Other Posts