Data Protection Policy
Last Updated: May 22, 2018
Before you use or submit any information through or in connection with the Services, please carefully review this Policy. By using any part of the Services, regardless of how you access the Services, you consent to the collection, use, and disclosure of your information as further outlined in this Policy. IF YOU DO NOT AGREE TO THIS POLICY, PLEASE DO NOT USE THE SERVICES. We will continue to evaluate this Policy as we update and expand the Services and our offerings, and we may make changes to the Policy accordingly. Any changes will be posted here and you should check this page periodically for updates. If we make material changes to this Policy, we will provide you with notice as required by law. Your continued use of the Services will signify acceptance of the terms of the updated Policy.
1. Information We Collect
We collect information in multiple ways, including when you provide information directly to us, and when we passively collect information from you, such as from your browser or device.
a. Information You Provide Directly to Us
We may collect information from you in a variety of ways, such as when you:
- Contact us through our website;
- Become a client; or
- Otherwise communicate with us, such as via email.We will collect any information that you provide to us, which may include, but is not limited to: (i) name; (ii) email address; (iii) mailing address; (iv) phone number; (v) workplace information; and (vi) financial information to facilitate your donations and investments.
You do not have a statutory or contractual obligation to provide us with your information through our site; however, certain information may be required in order to enter into a contract with us.
b. User-Generated Content
You may be able to upload comments, photographs, or other content, and related information, such as your name or email address (collectively, “User Content”). User Content may be publicly available, and we cannot limit how others may use such User Content. By contributing User Consent, you agree that you are at least 18 years old; own, control, or otherwise have the rights to such User Content; and your User Content does not infringe or violate the rights of any third parties. You hereby grant us a non- exclusive, royalty-free, worldwide, perpetual, transferable, irrevocable, and fully sublicensable right to use, reproduce, modify, adapt, publish, sell, assign, translate, create derivative works from, distribute and display any User Content in whole or in part, as well as your name and other identifying information, including without limitation any social media identifier, handle, profile picture, image, likeness, posts, statements or other information available or provided by you, in any form, media, or technology, whether now known or hereafter developed in connection with the NVF marketing, advertising and promotional activities referred to above.
c. Information that Is Passively or Automatically Collected
i. Device/Usage Information
We may automatically collect certain information about the computer or devices (including mobile devices or tablets) you use to access the Services. As described further below, we may collect and analyze information such as (a) IP addresses, location information, unique device identifiers, IMEI and TCP/IP address, and other information about your computer or device(s), browser types, browser language, operating system, mobile device carrier information, the state or country from which you accessed the Services; and (b) information related to the ways in which you interact with the Services, such as: referring and exit web pages and URLs, platform type, the number of clicks, domain names, landing pages, pages and content viewed and the order of those pages, statistical information about the use of the Services, the amount of time spent on particular pages, the date and time you used the Services, the frequency of your use of the Services, error logs, and other similar information. As described further below, we may use third-party analytics providers and technologies, including cookies and similar tools, to assist in collecting this information.
ii. Cookies and Other Electronic Technologies
We may also collect data about your use of the Services through the use of Internet server logs, cookies and/or tracking pixels. A web server log is a file where website activity is stored. A cookie is a small text file that is placed on your computer when you visit a website, that enables us to: (a) recognize your computer; (b) store your preferences and settings; (c) understand the web pages of the Services you have visited; (d), enhance your user experience by delivering content and advertisements specific to your inferred interests; (e) perform searches and analytics; and (f) assist with security administrative functions. Some cookies are placed in your browser cache while those associated with Flash technologies are stored with your Adobe Flash Player files. Tracking pixels (sometimes referred to as web beacons or clear GIFs) are tiny electronic tags with a unique identifier embedded in websites, online ads and/or email, and that are designed to provide usage information like ad impressions or clicks, measure popularity of the Services and associated advertising, and to access user cookies. We also may include Web beacons in email messages, newsletters and other electronic communications to determine whether the message has been opened and for other analytics, personalization and advertising. As we adopt additional technologies, we may also gather additional information through other methods.
Please note that you can change your settings to notify you when a cookie is being set or updated, or to block cookies altogether. Please consult the “Help” section of your browser for more information (e.g., Internet Explorer; Microsoft Edge; Google Chrome; Mozilla Firefox; or Apple Safari). You can also manage the use of Flash technologies, including cookies and local storage objects with the Flash management tools available at Adobe’s website. Please note that by blocking any or all cookies, you may not have access to certain features or offerings of the Services.
iii. Information from Social Networking Sites and Other Third Parties
Social networking sites, such as Facebook, have their own policies for handling your information. For a description of how these sites may use and disclose your information, including any information you make public, please consult the sites’ privacy policies. We have no control over how any third-party site uses or discloses the personal information it collects about you.
We may also collect information about you or others through non-affiliated third parties. For example, to the extent permitted by law, we may, in our sole discretion, ask for and collect supplemental information from third parties, such as information about your organization’s history, information to verify your identity or trustworthiness, or for other fraud or safety protection purposes. We may combine information that we collect from you through the Services with information that we obtain from such third parties and information derived from any other products or services we provide.
2. How We Use Your Information
We may use the information we collect from and about you for the following purposes:
- For the purposes for which you provided it;
- To recognize and authenticate you on the Services;
- To initiate or to provide the features, services and products available through the Services;
- To send you information about your relationship or transactions with us, account alerts, or other communications, such as newsletters to which you have subscribed;
- To contact you with information or surveys that we believe may be of interest to you both regarding our products and Services and those of third parties;
- To process and respond to your inquiries or to request your feedback;
- For internal research and reporting;
- To improve the content and features of the Services or develop new Services;
- For internal recruiting purposes;
- With your consent, to call or send you SMS messages regarding your relationship with us or offers or services that may interest you;
- To enforce the legal terms that govern your use of the Services; and
- To administer and troubleshoot the Services.
Please note that we may combine information that we collect from you and about you (including automatically-collected information) with information we obtain about you from our affiliates and/or non-affiliated third parties, and use such combined information in accordance with this Policy.
We may aggregate and/or de-identify information collected through the Services. We may use de-identified and/or aggregated data for any purpose, including without limitation for research and marketing purposes, and may also share such data with any third parties, including advertisers, promotional partners, and/or others.
3. When We Disclose Your Information
We may disclose and/or share your information to or with any non-affiliated third parties under the following circumstances:
- Consent. We may disclose your information to any third parties based on your consent to do so.
- Service Providers. We may provide access to or share your information with select third parties who perform services on our behalf, including without limitation marketing, market research, customer support, data storage, analysis and processing, and legal services.
- Protection of NVF and Others. You acknowledge, consent, and agree that NVF may access, preserve, and disclose your information you submit or make available for inclusion on the Services, if required to do so by law or in a good faith belief that such access, preservation, or disclosure is permitted by this Policy or reasonably necessary or appropriate for any of the following reasons: (a) to comply with legal process; (b) to enforce this Policy or other contracts with you, including investigation of potential violations thereof; (c) to respond to claims that any content violates the rights of third parties; (d) to respond to your requests for customer service; and/or (e) to protect the rights, property, or personal safety of NVF, its agents and affiliates, its users, and the public. This includes exchanging information with other companies and organizations for fraud protection, and spam/malware prevention, and similar purposes.
- Organizational Transfers. As we continue to develop our organization, we may acquire, merge or partner with other organizations. In such transactions, (including in contemplation of such transactions, e.g., due diligence) user information may be among the transferred assets. If any of NVF’s assets are sold or transferred to a third party, customer information (including your email address) would likely be one of the transferred business assets.
- Other Nonprofits. We may share, rent, exchange, or sell our mailing list to other nonprofit organizations as a way of raising extra money to support NVF, including so that those other nonprofits may send you promotional emails. Where required by applicable law, we will obtain your consent prior to doing so. Please see Section 7 below for more information about how to opt out of this sharing.
4. Legal Basis for Processing Personal Data
The laws in some jurisdictions require companies to tell you about the legal ground they rely on to use or disclose your personal data. To the extent those laws apply, our legal grounds for processing your personal data are as follows:
- To Honor Our Contractual Commitments to You. Much of our processing of personal data is to meet our contractual obligations to our clients, or to take steps at clients’ request in anticipation of entering into a contract with them.
- Legitimate Interests. In many cases, we handle personal data on the ground that it furthers our legitimate interests in commercial activities such as the following in ways that are not overridden by the interests or fundamental rights and freedoms of the affected individuals:
- Customer service
- Protecting our customers, personnel and property o Analyzing and improving our business
- Managing legal issues
We may also process personal data for the same legitimate interests of our clients and business partners.
- Legal Compliance. We need to use and disclose personal data in certain ways to comply with our legal obligations.
- Consent. Where required by law, and in some other cases, we handle personal data on the basis of consent. Where we handle your personal data on the basis of consent, you have the right to withdraw your consent.
5. Online Analytics
We may use third-party web analytics services (such as those of Google Analytics) on our Services to collect and analyze the information discussed above, and to engage in auditing, research or reporting. The information (including your IP address) collected by various analytics technologies described in the “Cookies and Other Tracking Technologies” section will be disclosed to or collected directly by these service providers, who use the information to evaluate your use of the Services, including by noting the third-party website from which you arrive, analyzing usage trends, assisting with fraud prevention, and providing certain features to you. To prevent Google Analytics from using your information for analytics, you may install the Google Analytics Opt-out Browser Add-on by clicking here.
If you receive email from us, we may use certain analytics tools, such as clear GIFs, to capture data such as when you open our message or click on any links or banners our email contains. This data allows us to gauge the effectiveness of our communications and marketing campaigns.
6. Notice Concerning Do-Not-Track Signals
Do Not Track (“DNT”) is a privacy preference that users can set in certain web browsers. We do not recognize or respond to browser-initiated DNT signals, as the Internet industry is currently still working toward defining exactly what DNT means, what it means to comply with DNT, and a common approach to responding to DNT. You can learn more about Do Not Track here.
7. Your Choices and Rights
All users can review and update certain user information by emailing us at email@example.com. You can unsubscribe from marketing emails by clicking the “unsubscribe” link they contain. You can also opt out of our sharing of your mailing information with other nonprofits by emailing us at firstname.lastname@example.org and describing your request.
Individuals in the European Economic Area and many other jurisdictions have certain legal rights to obtain confirmation of whether we hold personal data about them, to access personal data we hold about them, and to obtain its correction, update, amendment, or deletion in appropriate circumstances. You may also have rights to object to our handling of your personal data, restrict our processing of your personal data, and to withdraw any consent you have provided. To exercise these rights, you please email us at email@example.com with the nature of your request. While we strongly encourage you to first raise any questions or concerns about your personal data with us, you also have a right to contact the relevant supervisory authority.
Many of the rights described here are subject to significant limitations and exceptions under applicable law (e.g., objections to the processing of personal data, and withdrawals of consent, typically will not have retroactive effect).
Our computer systems are currently based in the United States, and your personal data will be processed in the United States, which may not offer the same level of protection as the privacy laws of your jurisdiction.
9. Children’s Privacy
The Services are intended for general audiences and not for children under the age of 13. If we become aware that we have collected personal information (as defined by the Children’s Online Privacy Protection Act) from children under the age of 13, we will take reasonable steps to delete it as soon as practicable.
We have implemented administrative, technical, and physical security measures to protect against the loss, misuse, and/or alteration of your information. These safeguards vary based on the sensitivity of the information that we collect and store. However, we cannot and do not guarantee that these measures will prevent every unauthorized attempt to access, use, or disclose your information since despite our efforts, no Internet and/or other electronic transmissions can be completely secure.
11. Data Retention
We will hold your information for as long as necessary to fulfill the purposes set forth in this Policy or as long as we are legally required or permitted to do so. Information may persist in copies made for backup and business continuity purposes for additional time.
12. Third-Party Links and Services
The Services may contain links to or “frame” third-party websites, applications, and other services. Please be aware that we are not responsible for the privacy practices of such other sites and services. We encourage our users to be aware when they leave our Services and to read the privacy statements of each and every site they visit that collects their information.
13. Your California Privacy Rights
California Law permits visitors who are California residents to request certain information once per year regarding our disclosure of “personal information” (as that term is defined under applicable California law) to third parties for such third parties’ direct marketing purposes. To make such a request, please send an email to firstname.lastname@example.org with “Shine the Light” in the subject line or write to us at NVF Advisors, 1201 Connecticut Ave. NW, Suite 300, Washington, DC 20036.
14. Questions About this Policy
If you have any questions about our Policy, you can contact us by emailing us at email@example.com.