PRIVACY POLICY

Privacy Policy

This privacy policy governs the use of all websites related to the online marketing, promotion, and user interactions of Softgiving, Inc., via its website https://softgiving.com/ and https://softgivinghero.com/.

We may be contacted by using the following information:
Softgiving, Inc., 260 Peachtree Street NW, Suite 2200, Atlanta, Georgia 30303

Contact form available at: https://softgiving.com/become-a-partner/

If you have any questions related to this privacy policy, we may be contacted via the information provided above.

If you have a disability and would like to access this policy in an alternative format, please contact us using the contact form above.

GDPR Compliance

Softgiving wants users to know that we care about your data privacy and data security. Our data collection methods comply with the standards of the European GDPR (the European “General Data Protection Rule”) of the European Union pursuant to the compliance checklist located at https://gdpr.eu/checklist/.

Data Security

We have revised and refined our internal security policies regarding data security. We further have refined our internal policies to ensure we have a process for data protection impact assessments as well as notifying the appropriate parties in the event of a data breach. Unfortunately, no method of transmission over the internet or method of electronic storage is 100% secure. Therefore, while we strive to protect your personal information, we cannot guarantee its absolute security.

Accountability

Mr. Dalton Cole has been appointed as Softgiving’s Data Protection Officer. He has overseen our data privacy audit process, and he will evaluate data protection policies and the implementation of those policies at Softgiving.

If you have any concerns about your privacy or data security, then you can contact our Data Protection Officer at info@softgiving.com.

At the email listed above, you may:
request and receive all information that Softgiving has about you;
correct or update inaccurate or incomplete information;
request to have your personal data deleted;
ask Softgiving to stop processing your data;
receive a copy of your personal data in a format that can be easily transferred to another company; and
object to Softgiving’s processing of your data.

During our data privacy audit, we contacted any and all third parties that may process personal data in connection with Softgiving’s Websites and services. The list of all existing third parties who may process your personal data may be found below.

Your Rights

Access & Portability

You can access certain personal information associated with your account by visiting your account privacy settings. You can request a copy of your personal information in an easily accessible format and information explaining how that information is used.

Correction

You have the right to request that we rectify inaccurate information about you. By visiting your account settings, you can correct and change certain personal information associated with your account.

Restrict Processing

In certain cases where we process your information, you may also have the right to restrict or limit the ways in which we use your personal information.

Deletion

In certain circumstances, you have the right to request the deletion of your personal information, except information we are required to retain by law, regulation, or to protect the safety, security, and integrity of Softgiving.

Objection

If we process your information based on our legitimate interests as explained above, or in the public interest, you can object to this processing in certain circumstances. In such cases, we will cease processing your information unless we have compelling legitimate grounds to continue processing or where it is needed for legal reasons. Where we use your personal data for direct marketing purposes, you can object using the unsubscribe link in such communications or changing your account email settings.

Withdrawal of Consent

Where we rely on consent, you can choose to withdraw your consent to our processing of your information using specific features provided to enable you to withdraw consent, like an email unsubscribe link or your account privacy preferences. If you have consented to share your precise device location details but would no longer like to continue sharing that information with us, you can revoke your consent to the sharing of that information through the settings on your mobile device. This is without prejudice to your right to generally permanently close your account and delete your personal information.

California & The CCPA

Certain Users may be residents of the State of California, and we are required to provide additional information, disclosures, and rights to those Users. The rights specified herein are additional rights offered solely to residents of the State of California, and they are rights in conjunction with any and all other rights as specified within this Privacy Policy, as specified throughout.

Your Additional Rights Under The CCPA

Right to Know

California residents may request disclosure of the specific pieces and/or categories of personal information that the business has collected about them, the categories of sources for that personal information, the business or commercial purposes for collecting the information, the categories of personal information that we have disclosed, and the categories of third parties with which the information was shared. To the extent the information is not already provided herein, such information may be requested via submitting a request via email at info@softgiving.com pursuant to GDPR section titled “Accountability” above. You may also use our contact form at the link listed above.

Right to Opt Out

To the extent that Softgiving “sells” personal information (as that term is defined under the CCPA), California residents are entitled to opt-out of the “sale” of data at any time (see below for more information).

For clarity, if you would like to exercise either of the above two rights or the other six rights listed under Your Rights for GDPR Compliance, then you can do so by submitting a request via email at info@softgiving.com. If you choose to do so, then please provide sufficient information to Softgiving to inform us which rights you would like to exercise and any information we may need to properly execute your request.

Limiting use of, or deleting, your personal information may impact features and uses that rely on that information. However, we will not discriminate against you for exercising any of your rights, including otherwise denying you goods or services, providing you with a different level or quality of services, or charging you different prices or rates for services. If you need further assistance, you can contact Softgiving through one of the channels listed below under “Contact”. We will respond to your request within a reasonable timeframe.

Please note that we may verify your identity before we are able to process any of the requests described in this Section, and in our discretion, deny your request if we are unable to verify your identity. As a part of this process, government or other identification may be required. You may designate an authorized agent to make a request on your behalf. In order to designate an authorized agent to make a request on your behalf, you must provide a valid power of attorney, the requester’s valid government issued identification, and the authorized agent’s valid government issued identification, and we may verify the authenticity of the request directly with you.

Notice of Collection

In combination with the specific rights listed above, the CCPA requires disclosure of the categories of personal information collected over the past 12 months. While this information is provided in greater detail in the “What Personal Data We Collect and Why We Collect It” below, the categories of personal information that we have collected – as described by the CCPA – are:

Identifiers, including name, email address, IP address, and an ID assigned to your account including a “handle.”
Information used for payment processing such as phone number, billing address, credit or debit card information. This category includes personal information protected under pre-existing California law (Cal. Civ. Code 1798.80(e)), and overlaps with other categories listed here.
Demographics, such as age or gender, or where you have provided such information to Softgiving voluntarily, demographic information about your race, ethnicity, sexual orientation, or gender identity, provided in relation to specific marketing projects and campaigns. This category includes data that may qualify as protected classifications under other California or federal laws.
Internet activity, including your interactions with our Services and what led you to our Services.
Geolocation data provided through location enabled services such as WiFi and GPS.

What Personal Data We Collect and Why We Collect It

We collect the type of data that websites routinely collect to interact with their visitors via online forms and comment forms, as well as via technical processes such as cookies, analytics, and interactions with software provided by third party websites.

However, as an online company that facilitates fundraising, we may also collect personally identifying information related to non-profits, fundraisers, donors, or other site visitors. Based on the interactions involved, the potentially personally identifying information that is collected could vary. We foresee two primary uses of our platform—fundraising and donating.

These two user interactions are further divided into three classes of users: (1) Influencers/Fundraisers, (2) Donors, (3) Intended Charity or Nonprofits. The data collected as well as the explanation of this process is further explained within Softgiving’s Terms of Service.

You can also choose to provide information to a third party via Softgiving’s API. While users of Softgiving’s API are required to follow Softgiving’s API Terms of Use, including having appropriate privacy and security controls, Softgiving does not have a direct partner relationship with these third parties and their processing of information is subject to their own privacy policies. You should understand the privacy and security practices of any third party before you share information with them.

Contact & Email Forms

Our sites use a variety of contact and other forms to allow visitors to interact with our site. If you provide information to us via our online forms, that information, such as your name, email address, message, and other information you provide via the form, including technical information required to process your interaction, such as your IP address, is collected and retained indefinitely.

To power contact form and email form interactions on our websites, we use the WordPress web application. WordPress web application is owned by Automattic and subject to their terms and policies: https://automattic.com/privacy/.

We may use email addresses collected by any means on our website to send email marketing campaigns or other notices via the WordPress web application.

If you no longer wish to use the Services or receive service-related messages (except for legally required notices), then you may close your account.

Any and all data that is collected through the contact forms and email forms while using WordPress will be subject to the privacy policy of WordPress.

Cookies

Softgiving receives information from our advertising and marketing partners about you. This information can include attribution information via cookies to determine where a visit to Softgiving comes from and which pages of our Website receive traffic. Cookies are small data files sent from a server to your web browser.

We use traffic log cookies to identify which pages are being used. This helps us analyze data about web page traffic and improve our website in order to tailor it to customer needs. We only use this information for statistical analysis purposes and then the data is removed from the system.

Embedded Content from Other Websites

Pages or tools on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.

Softgiving does not have control over the embedded content or the websites from where the content originates, and the external websites may have their own privacy policies and data security policies. Users who engage with embedded content by clicking on the content or otherwise do so at their own risk and choice. Should you wish to remove, delete, erase, or otherwise disallow the data tracked, stored, cached, or otherwise kept by third party websites or third party applications, then you must make such a request directly to the third party website or third party application.

Third Party Marketing and Advertising and Your Rights (Opt-Out of “Sale”)

Softgiving does not sell personal information to third parties for monetary value. However, the term “sale” is defined broadly under the California Consumer Privacy Act. To the extent that “sale” under the CCPA is interpreted to include interest based advertising or other data uses described in the “What Personal Data We Collect and Why We Collect It” Section above, we will comply with applicable law as to those activities.

To opt-out of receiving interest based advertising, you can exercise this option by submitting a request via email info@softgiving.com. The right to opt-out of interest-based advertising is available to all Softgiving users, regardless of location or domicile. You can contact us by using the contact form link above.

Do Not Track

Your browser settings may allow you to automatically transmit a “Do Not Track” signal to online services you visit. Note, however, there is no industry consensus as to what site and app operators should do with regard to these signals. Accordingly, unless and until the law is interpreted to require us to do so, we do not monitor or take action with respect to “Do Not Track” signals. For more information on “Do Not Track,” visit http://www.allaboutdnt.com.

Shine the Light

California law entitles residents to ask for a notice describing what categories of personal information we share with third parties for their own direct marketing purposes. Softgiving does not share any personal information to third parties for their own direct marketing purposes beyond any information or methods that are described within this Privacy Policy. If you have questions about these practices, then you can contact us through infor@softgiving.com via email.

Analytics

We use the following services to collect site visitor information, in the aggregate, and make adjustments to our website performance in order to improve website interactions, provide meaningful content, and provide superior legal services. We may use analytics services to remarket and retarget website visitors.

Demographic and geographic data of individual users may be collected by Google Analytics in connection with a Campaign’s donation page, and the collection, storage, and sharing of data is kept in accordance with their privacy practices and individual policies:

Google Analytics: https://www.google.com/analytics/terms/us.html

Who We Share Your Data With

We do not share personally identifying information with any provider, except for in the following circumstances.

We provide information in the aggregate to analytics service providers as mentioned above.

We may provide information collected via our website to courts and other third parties insofar as it is legally required, or necessary to perform our stated function of facilitating online fundraising.

We use a variety of third party software, namely website plug-in to provide our services and facilitate fundraising transactions through our Website. Any personal information or data that is collected by Softgiving may be deleted, erased, or otherwise removed from the servers, databases, and systems of which Softgiving has control. However, some information may be required to be collected by Softgiving for us to provide our services, so you may be disallowed from using our services if you request your data to be deleted, removed, or otherwise erased. For more information on your rights, see GDPR Compliance above.

For example, Donor payment information may be collected for the limited purposes of payment processing via Braintree. When Donor’s fill out the donation forms on our Website, some information must be shared with Braintree to ensure efficient payment processing and all data privacy is subject to their terms and policies. During this process, Softgiving may retain some data to confirm a transaction was created, however, Softgiving does not retain individual information submitted, and Braintree would retain any payment information of the donor so long as it is required to process the payment.

How Long We Retain Your Data

For users that register on our website, we store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.

Softgiving will retain your information only for as long as is necessary for the purposes set out in this Privacy Policy, for as long as your account is active, or as needed to provide the Services to you. You may, at any time, close your account, if you have one. Softgiving will retain and use your information to the extent necessary to comply with or legal obligations (for example, if we are required to retain your information to comply with applicable tax/revenue laws), resolve disputes, enforce our agreements, and as otherwise described in this Privacy Policy. We also retain log files for internal analysis purposes. These log files are generally retained for a brief period of time, except in cases where they are used for site safety and security, to improve site functionality, or we are legally obligated to retain them for longer time periods.

What Rights You Have Over Your Data

If you have an account on this site, you can request, in writing, to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request, in writing, that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.

See GDPR Compliance above to learn where to send your request and learn more about your rights.

Where We Send Your Data

The Softgiving website is hosted on servers provided via Amazon Web Services (“AWS”). (https://aws.amazon.com/).

Site visitor and user information is hosted on their hardware. Visitor information may be passed through or processed via the providers mentioned below in order to provide a high-quality website experience to site visitors.

Relevant Disclosures: Donor-Advised Fund

Softgiving’s fundraising system relies on the implementation of a Donor-Advised Fund. For an explanation on how this system works, please check out our Terms of Use.

Any and all data that may be collected in relation to the Donor-Advised Fund is limited to data collected from donors and the Intended Charity or Nonprofit partners of Softgiving in a Campaign and only for the purposes of payment processing. For more information, see the data Braintree, our payment processor, may collect and how it’s collected below. For further information, you should review Braintree’s privacy policies and contact Braintree to request for your information to be removed from their database.

Braintree then sends the recorded donations to the Givinga Foundation which ultimately processes the payment and provides them to the Intended Nonprofit or Charity for the specific Campaign. Braintree passes only the relevant information to Givinga to ensure are routed to the proper Nonprofit or Charity. For example, Braintree creates specific transaction IDs to Givinga to make it possible to trace a donation to its origin. For more information about the donation and payment processing flow see our Terms of Service.

For more information about data security and privacy policy practices of Givinga, see their data privacy policy: https://givingafoundation.org/privacy-policy/.

Third Party Software: Braintree, A Paypal Service

We use Braintree to process payments online. Braintree may store, collect, or share personal data in accordance with their privacy practices in order to allow you to donate in accordance with Softgiving’s mission. Softgiving receives a token in exchange for the payment method data, which may include name and zip code as well as payment method information. The token is only maintained by Softgiving for recording the history of the transaction and is inva once the payment is processed based on Braintree’s policies. (https://www.braintreepayments.com/legal/braintree-privacy-policy).

While we currently only use Braintree to process payments online, we may use other point of sale products or payment processors in our office, or online in the future. We will only share the information necessary to process payment with those third parties.

Third Party Software: WordPress

We use the WordPress web application solely for contact and email forms pursuant to the terms listed above in the section Contact & Email Forms. Any and all data such as email addresses, user’s handles, names, and other information supplied by the user into the forms may be collected, stored, or otherwise shared in accordance with their privacy practices. (https://automattic.com/privacy/)

Changes to Our Privacy Policy

We may update this Privacy Policy at any time without notice. The information collected, stored, or shared by us may change as the needs of our clients change and our websites adapt to provide superior legal services.

Last Updated: 11/11/2020