We may be contacted by using the following information:
Softgiving, Inc., 260 Peachtree Street NW, Suite 2200, Atlanta, Georgia 30303
Contact form available at: https://softgiving.com/become-a-partner/
If you have a disability and would like to access this policy in an alternative format, please contact us using the contact form above.
Softgiving wants users to know that we care about your data privacy and data security. Our data collection methods comply with the standards of the European GDPR (the European “General Data Protection Rule”) of the European Union pursuant to the compliance checklist located at https://gdpr.eu/checklist/.
We have revised and refined our internal security policies regarding data security. We further have refined our internal policies to ensure we have a process for data protection impact assessments as well as notifying the appropriate parties in the event of a data breach. Unfortunately, no method of transmission over the internet or method of electronic storage is 100% secure. Therefore, while we strive to protect your personal information, we cannot guarantee its absolute security.
Mr. Dalton Cole has been appointed as Softgiving’s Data Protection Officer. He has overseen our data privacy audit process, and he will evaluate data protection policies and the implementation of those policies at Softgiving.
If you have any concerns about your privacy or data security, then you can contact our Data Protection Officer at firstname.lastname@example.org.
At the email listed above, you may:
request and receive all information that Softgiving has about you;
correct or update inaccurate or incomplete information;
request to have your personal data deleted;
ask Softgiving to stop processing your data;
receive a copy of your personal data in a format that can be easily transferred to another company; and
object to Softgiving’s processing of your data.
During our data privacy audit, we contacted any and all third parties that may process personal data in connection with Softgiving’s Websites and services. The list of all existing third parties who may process your personal data may be found below.
Access & Portability
You can access certain personal information associated with your account by visiting your account privacy settings. You can request a copy of your personal information in an easily accessible format and information explaining how that information is used.
You have the right to request that we rectify inaccurate information about you. By visiting your account settings, you can correct and change certain personal information associated with your account.
In certain cases where we process your information, you may also have the right to restrict or limit the ways in which we use your personal information.
In certain circumstances, you have the right to request the deletion of your personal information, except information we are required to retain by law, regulation, or to protect the safety, security, and integrity of Softgiving.
If we process your information based on our legitimate interests as explained above, or in the public interest, you can object to this processing in certain circumstances. In such cases, we will cease processing your information unless we have compelling legitimate grounds to continue processing or where it is needed for legal reasons. Where we use your personal data for direct marketing purposes, you can object using the unsubscribe link in such communications or changing your account email settings.
Withdrawal of Consent
Where we rely on consent, you can choose to withdraw your consent to our processing of your information using specific features provided to enable you to withdraw consent, like an email unsubscribe link or your account privacy preferences. If you have consented to share your precise device location details but would no longer like to continue sharing that information with us, you can revoke your consent to the sharing of that information through the settings on your mobile device. This is without prejudice to your right to generally permanently close your account and delete your personal information.
California & The CCPA
Your Additional Rights Under The CCPA
Right to Know
California residents may request disclosure of the specific pieces and/or categories of personal information that the business has collected about them, the categories of sources for that personal information, the business or commercial purposes for collecting the information, the categories of personal information that we have disclosed, and the categories of third parties with which the information was shared. To the extent the information is not already provided herein, such information may be requested via submitting a request via email at email@example.com pursuant to GDPR section titled “Accountability” above. You may also use our contact form at the link listed above.
Right to Opt Out
To the extent that Softgiving “sells” personal information (as that term is defined under the CCPA), California residents are entitled to opt-out of the “sale” of data at any time (see below for more information).
For clarity, if you would like to exercise either of the above two rights or the other six rights listed under Your Rights for GDPR Compliance, then you can do so by submitting a request via email at firstname.lastname@example.org. If you choose to do so, then please provide sufficient information to Softgiving to inform us which rights you would like to exercise and any information we may need to properly execute your request.
Limiting use of, or deleting, your personal information may impact features and uses that rely on that information. However, we will not discriminate against you for exercising any of your rights, including otherwise denying you goods or services, providing you with a different level or quality of services, or charging you different prices or rates for services. If you need further assistance, you can contact Softgiving through one of the channels listed below under “Contact”. We will respond to your request within a reasonable timeframe.
Please note that we may verify your identity before we are able to process any of the requests described in this Section, and in our discretion, deny your request if we are unable to verify your identity. As a part of this process, government or other identification may be required. You may designate an authorized agent to make a request on your behalf. In order to designate an authorized agent to make a request on your behalf, you must provide a valid power of attorney, the requester’s valid government issued identification, and the authorized agent’s valid government issued identification, and we may verify the authenticity of the request directly with you.
Notice of Collection
In combination with the specific rights listed above, the CCPA requires disclosure of the categories of personal information collected over the past 12 months. While this information is provided in greater detail in the “What Personal Data We Collect and Why We Collect It” below, the categories of personal information that we have collected – as described by the CCPA – are:
Identifiers, including name, email address, IP address, and an ID assigned to your account including a “handle.”
Information used for payment processing such as phone number, billing address, credit or debit card information. This category includes personal information protected under pre-existing California law (Cal. Civ. Code 1798.80(e)), and overlaps with other categories listed here.
Demographics, such as age or gender, or where you have provided such information to Softgiving voluntarily, demographic information about your race, ethnicity, sexual orientation, or gender identity, provided in relation to specific marketing projects and campaigns. This category includes data that may qualify as protected classifications under other California or federal laws.
Internet activity, including your interactions with our Services and what led you to our Services.
Geolocation data provided through location enabled services such as WiFi and GPS.
What Personal Data We Collect and Why We Collect It
We collect the type of data that websites routinely collect to interact with their visitors via online forms and comment forms, as well as via technical processes such as cookies, analytics, and interactions with software provided by third party websites.
However, as an online company that facilitates fundraising, we may also collect personally identifying information related to non-profits, fundraisers, donors, or other site visitors. Based on the interactions involved, the potentially personally identifying information that is collected could vary. We foresee two primary uses of our platform—fundraising and donating.
These two user interactions are further divided into three classes of users: (1) Influencers/Fundraisers, (2) Donors, (3) Intended Charity or Nonprofits. The data collected as well as the explanation of this process is further explained within Softgiving’s Terms of Service.
Contact & Email Forms
Our sites use a variety of contact and other forms to allow visitors to interact with our site. If you provide information to us via our online forms, that information, such as your name, email address, message, and other information you provide via the form, including technical information required to process your interaction, such as your IP address, is collected and retained indefinitely.
To power contact form and email form interactions on our websites, we use the WordPress web application. WordPress web application is owned by Automattic and subject to their terms and policies: https://automattic.com/privacy/.
We may use email addresses collected by any means on our website to send email marketing campaigns or other notices via the WordPress web application.
If you no longer wish to use the Services or receive service-related messages (except for legally required notices), then you may close your account.
Softgiving receives information from our advertising and marketing partners about you. This information can include attribution information via cookies to determine where a visit to Softgiving comes from and which pages of our Website receive traffic. Cookies are small data files sent from a server to your web browser.
We use traffic log cookies to identify which pages are being used. This helps us analyze data about web page traffic and improve our website in order to tailor it to customer needs. We only use this information for statistical analysis purposes and then the data is removed from the system.
Embedded Content from Other Websites
Pages or tools on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
Softgiving does not have control over the embedded content or the websites from where the content originates, and the external websites may have their own privacy policies and data security policies. Users who engage with embedded content by clicking on the content or otherwise do so at their own risk and choice. Should you wish to remove, delete, erase, or otherwise disallow the data tracked, stored, cached, or otherwise kept by third party websites or third party applications, then you must make such a request directly to the third party website or third party application.
Third Party Marketing and Advertising and Your Rights (Opt-Out of “Sale”)
Softgiving does not sell personal information to third parties for monetary value. However, the term “sale” is defined broadly under the California Consumer Privacy Act. To the extent that “sale” under the CCPA is interpreted to include interest based advertising or other data uses described in the “What Personal Data We Collect and Why We Collect It” Section above, we will comply with applicable law as to those activities.
To opt-out of receiving interest based advertising, you can exercise this option by submitting a request via email email@example.com. The right to opt-out of interest-based advertising is available to all Softgiving users, regardless of location or domicile. You can contact us by using the contact form link above.
Do Not Track
Your browser settings may allow you to automatically transmit a “Do Not Track” signal to online services you visit. Note, however, there is no industry consensus as to what site and app operators should do with regard to these signals. Accordingly, unless and until the law is interpreted to require us to do so, we do not monitor or take action with respect to “Do Not Track” signals. For more information on “Do Not Track,” visit http://www.allaboutdnt.com.
Shine the Light
We use the following services to collect site visitor information, in the aggregate, and make adjustments to our website performance in order to improve website interactions, provide meaningful content, and provide superior legal services. We may use analytics services to remarket and retarget website visitors.
Demographic and geographic data of individual users may be collected by Google Analytics in connection with a Campaign’s donation page, and the collection, storage, and sharing of data is kept in accordance with their privacy practices and individual policies:
Google Analytics: https://www.google.com/analytics/terms/us.html
Who We Share Your Data With
We do not share personally identifying information with any provider, except for in the following circumstances.
We provide information in the aggregate to analytics service providers as mentioned above.
We may provide information collected via our website to courts and other third parties insofar as it is legally required, or necessary to perform our stated function of facilitating online fundraising.
We use a variety of third party software, namely website plug-in to provide our services and facilitate fundraising transactions through our Website. Any personal information or data that is collected by Softgiving may be deleted, erased, or otherwise removed from the servers, databases, and systems of which Softgiving has control. However, some information may be required to be collected by Softgiving for us to provide our services, so you may be disallowed from using our services if you request your data to be deleted, removed, or otherwise erased. For more information on your rights, see GDPR Compliance above.
For example, Donor payment information may be collected for the limited purposes of payment processing via Braintree. When Donor’s fill out the donation forms on our Website, some information must be shared with Braintree to ensure efficient payment processing and all data privacy is subject to their terms and policies. During this process, Softgiving may retain some data to confirm a transaction was created, however, Softgiving does not retain individual information submitted, and Braintree would retain any payment information of the donor so long as it is required to process the payment.
How Long We Retain Your Data
For users that register on our website, we store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.
What Rights You Have Over Your Data
If you have an account on this site, you can request, in writing, to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request, in writing, that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
See GDPR Compliance above to learn where to send your request and learn more about your rights.
Where We Send Your Data
The Softgiving website is hosted on servers provided via Amazon Web Services (“AWS”). (https://aws.amazon.com/).
Site visitor and user information is hosted on their hardware. Visitor information may be passed through or processed via the providers mentioned below in order to provide a high-quality website experience to site visitors.
Relevant Disclosures: Donor-Advised Fund
Any and all data that may be collected in relation to the Donor-Advised Fund is limited to data collected from donors and the Intended Charity or Nonprofit partners of Softgiving in a Campaign and only for the purposes of payment processing. For more information, see the data Braintree, our payment processor, may collect and how it’s collected below. For further information, you should review Braintree’s privacy policies and contact Braintree to request for your information to be removed from their database.
Braintree then sends the recorded donations to the Givinga Foundation which ultimately processes the payment and provides them to the Intended Nonprofit or Charity for the specific Campaign. Braintree passes only the relevant information to Givinga to ensure are routed to the proper Nonprofit or Charity. For example, Braintree creates specific transaction IDs to Givinga to make it possible to trace a donation to its origin. For more information about the donation and payment processing flow see our Terms of Service.
Third Party Software: Braintree, A Paypal Service
We use Braintree to process payments online. Braintree may store, collect, or share personal data in accordance with their privacy practices in order to allow you to donate in accordance with Softgiving’s mission. Softgiving receives a token in exchange for the payment method data, which may include name and zip code as well as payment method information. The token is only maintained by Softgiving for recording the history of the transaction and is inva once the payment is processed based on Braintree’s policies. (https://www.braintreepayments.com/legal/braintree-privacy-policy).
While we currently only use Braintree to process payments online, we may use other point of sale products or payment processors in our office, or online in the future. We will only share the information necessary to process payment with those third parties.
Third Party Software: WordPress
We use the WordPress web application solely for contact and email forms pursuant to the terms listed above in the section Contact & Email Forms. Any and all data such as email addresses, user’s handles, names, and other information supplied by the user into the forms may be collected, stored, or otherwise shared in accordance with their privacy practices. (https://automattic.com/privacy/)
Last Updated: 11/11/2020