ANTI-DISCRIMINATION
Maiden Labs does not discriminate on the basis of race, ethnicity, national origin, ancestry, religion or creed, legal status, gender identity, sexual orientation, gender expression, age, ability, physical appearance, veteran status, military obligations, or marital or family status. This policy applies to our hiring practices, Board development, opportunities for advancement, selection of vendors, provision of services, and relationships with research collaborators.
CONFLICT OF INTEREST
1. Purposes and Principles
The purpose of the conflict of interest policy (“the Policy”) is to protect Maiden Labs’ (“Maiden Labs” or “the Organization”) research independence and integrity and tax-exempt interest when it is considering entering into a research assignment, a transaction or any arrangement that might benefit the private interest of an officer or Director of the Organization, another person in a position of influence in the Organization or as a contractor, or someone or group closely related to an officer or Director (“Person with Interest“). This Policy is intended to supplement but not replace any applicable state and federal laws governing conflicts of interest applicable to nonprofit and tax-exempt organizations, or any additional grant-specific requirements, and is compliant with 42 CFR 50.601, 604.
Maiden Labs acknowledges that as the recipient and sub-recipient of influential research grants and sub-grants, it has a heightened responsibility to ensure the integrity of its work and its reputation for independence. Especially because of the scholarly and independent nature of our charitable and educational services, we believe even the appearance of conflict can be contrary to the Organization’s Section 501(c )(3) mission and its integrity as an independent research institute, even if there is in fact no conflict. We also recognize that conflicts occur because the people associated with the Organization are likely to have multiple interests and affiliations and various positions of responsibility that overlap. In these situations, a person sometimes will owe similar or identical duties of loyalty to two or more corporations and organizations.
2. Duty of Loyalty.
Our Policy begins with the duty of loyalty owed to Maiden Labs and its charitable and educational mission by each member of the Board of Directors and the staff and contractors of the Organization. The duty of loyalty generally requires a Director or staff/contractor to defer to the interests of the Organization over the Director’s or individual’s interest or the interests of other private parties. In addition, Directors and staff/contractors of Maiden Labs must avoid acts of self-dealing that may adversely affect the tax-exempt status of the Organization, or its independence as a research institute, give rise to any sanction or penalty by a governmental authority, or create doubt regarding Maiden Labs’s integrity and independence.
3. Duty to Disclose.
In connection with any actual or possible conflict of interest with respect to a transaction or payment, a Person with Interest must disclose to the Board of Directors or to the Co-Directors the existence of any financial interest in the transaction. The Person with Interest will be given the opportunity to explain the potential conflict, including their financial interest in the relevant transaction or relationship. This shall be done as quickly as possible once the potential conflict has been raised.
The Board of Directors or the Co-Directors, as appropriate, will then determine whether a conflict exists; and, if they determine a conflict exists, how to resolve the conflict in keeping with the Organization’s tax-exempt status, research independence, and integrity, and public benefit commitment. They may decide (1) that the potential conflict will not impact or influence the individual’s performance or compensation with the Organization or the Organization’s relationship with any 3rd party, and the individual may remain with the Organization; or, (2) the potential conflict reasonably could impact or influence a matter from which the individual may derive an inappropriate financial benefit or compromise the integrity of the Organization.
In the event the Organization is the sub-recipient of a grant award, it will notify the institutional top awardee of any financial conflict of interest found after its own review within 5 business days of that determination, in compliance with 42 C.F.R. 50-604(c), Subpart F. The Organization shall follow any additional protocols requested by the institutional awardee in any such review in keeping with its own conflict of interest policy.
4. Compensation.
In any compensation matter involving a Person with Interest, that person will abstain from consideration of and voting on their compensation. Any compensation for a Person with Interest will be in keeping with prevailing market rates for comparable work, as all compensation will be determined. The Board and/or staff will maintain records of comparable value adue diligence in any review subject to this Policy.
5. Affirmation.
Each member of the Board of Directors and officers, on assuming their positions, shall sign a statement which affirms such person:
-
Has received a copy of this Conflict of Interest policy,
-
Has read and understands the policy,
-
Has agreed to comply with the policy, and
-
to the public benefit which accomplish one or more of its tax-exempt purposes.Understands that the corporation is charitable and engages in research and other activities dedicated
Relevant officers of the Organization shall ensure that Board Directors and staff or contractors are provided with a copy of the Policy.
6. Violations of Conflict of Interest Policy.
If the Board or the Co-Directors has reasonable cause to believe a Person with Interest has failed to disclose actual or possible conflicts of interest, it shall inform the person of the basis for this belief and afford the person an opportunity to explain the alleged failure to disclose.
If, after hearing the person’s response and after making further investigation as warranted by the circumstances, the Board or the Co-Directors determines the person has failed to disclose an actual or possible conflict of interest, it shall take appropriate corrective action in compliance with Section 3(c), above.
​
PRIVACY & DATA PROTECTION
Maiden Labs is committed to protecting the privacy and confidentiality of all information shared with us. This policy explains how we collect, use, store, and protect your personal and business information.
​
Information We Collect
We collect information you provide directly to us, including:
-
Contact Information: Name, email address, phone number, organization name, and role
-
Business Information: Details about your organization, AI challenges, strategic goals, and project needs
-
Engagement Information: Service inquiries, consultation notes, meeting recordings, and project deliverables
-
Communication Records: Email correspondence, call transcripts, and other communications
How We Use Your Information
We use the information we collect to:
-
Assess your needs and provide appropriate service recommendations
-
Deliver consulting, research, and advisory services
-
Communicate about ongoing engagements and potential projects
-
Improve our services and develop new offerings
-
Maintain records required for business operations and legal compliance
​
We do not use your information for marketing purposes without explicit consent, and we never sell your data to third parties.
​
Data Security
We implement industry-standard technical and organizational security measures to protect your information from unauthorized access, disclosure, alteration, or destruction. These measures include:
-
Encrypted data transmission and storage
-
Access controls limiting data access to authorized personnel only
-
Regular security assessments and updates
-
Secure cloud storage with reputable providers
-
Staff training on data protection practices
​
Data Retention
We retain client information only as long as necessary to:
-
Fulfill the purposes outlined in this policy
-
Maintain business records for operational and legal requirements
-
Comply with applicable laws and regulations
​
Typically, we retain active client data for the duration of our engagement plus 5 year for business records. You may request earlier deletion of your information at any time.
​
Data Sharing
We do not sell, rent, or share your personal or business information with third parties for their marketing purposes. We may share information only in the following limited circumstances:
-
Service Providers: With trusted third-party service providers (e.g., cloud storage, communication platforms) under strict confidentiality agreements
-
Legal Requirements: When required by law, subpoena, court order, or government investigation
-
Business Transfers: In the event of a merger, acquisition, or sale of assets (with advance notice to affected parties)
-
With Your Consent: When you explicitly authorize us to share specific information
​
Client Confidentiality
All strategic, proprietary, and sensitive business information shared during engagements is treated as strictly confidential. We do not disclose client-specific information publicly or to other clients without explicit written permission.
We may reference anonymized case studies or aggregate insights in our public work, but only in ways that cannot identify specific clients or proprietary information.
​
Your Rights
You have the right to:
-
Access: Request a copy of the personal information we hold about you
-
Correction: Request corrections to inaccurate or incomplete information
-
Deletion: Request deletion of your personal information (subject to legal retention requirements)
-
Portability: Request your data in a structured, commonly used format
-
Objection: Object to certain uses of your information
-
Withdraw Consent: Withdraw previously given consent for data processing
​
To exercise any of these rights, contact us at hello@maidenlabs.org.
​
International Data Transfers
If you are located outside the United States, please note that information we collect may be transferred to and processed in the United States. By using our services, you consent to such transfers. We ensure appropriate safeguards are in place for international data transfers in compliance with applicable laws.
Children's Privacy
Our services are not directed to individuals under 18 years of age. We do not knowingly collect personal information from children. If we learn we have collected information from a child, we will delete it promptly.
​
Changes to This Policy
We may update this Privacy Policy periodically to reflect changes in our practices or legal requirements. We will post the updated policy on our website with a revised effective date. For material changes, we will provide additional notice to affected clients.
​
CONFIDENTIALITY & NON-DISCLOSURE
Maiden Labs treats all client information as strictly confidential. This includes:
-
Strategic plans and business information shared during consultations
-
Proprietary data, internal documents, and operational details
-
Research findings and deliverables created for specific clients
-
All communications during and after engagements
​
Our Obligations
We commit to:
-
Limit access to client information to staff and contractors directly involved in the engagement
-
Implement appropriate security measures to protect confidential information
-
Never disclose client-specific information without explicit written permission
-
Maintain confidentiality after engagement completion
​
Anonymized Insights
To advance the field and inform our broader research, we may reference:
-
Aggregated, anonymized trends across multiple clients
-
General industry insights that cannot identify specific organizations
-
Hypothetical case studies based on composite scenarios
​
We will never attribute specific strategies, challenges, or decisions to identifiable clients without prior written consent.
​
Exceptions
We may disclose confidential information only when:
-
Required by law, regulation, or court order
-
Necessary to protect against imminent harm or illegal activity
-
Explicitly authorized by the client in writing
​
Mutual Confidentiality
Clients are similarly expected to treat Maiden Labs' proprietary methodologies, research frameworks, and unpublished findings as confidential.
​
Questions
For confidentiality concerns or requests, contact hello@maidenlabs.org.​​​​
