Privacy Policy

This privacy notice is for people and organizations who use the DonorSee platform, and associated products and services.

DonorSee (“We”) provides its platform to individual users, and to fundraising organizations.

The DonorSee platform consists of our website www.donorsee.com our “Website”, our web and mobile apps (our “Apps”), products, including Rise www.actionrise.com , cloud services, and any other services offered via the Website, Apps or Cloud Services.

In this notice, we will tell you how we process your personal data on behalf of you and on behalf of a customer (that is, the nonprofit or fundraising organization that has provided you a service on DonorSee or its products).

For individuals that use the DonorSee platform directly (DonorSee Community Donors who sign up and donate directly on the DonorSee platform), DonorSee acts as both the Data Controller and Data processor, which means DonorSee decides how the data should be processed and is responsible for processing it.

For individuals that have been invited by, donate directly to, or are part of a community of, a customer (nonprofit or fundraising organization providing a service using DonorSee or its products), the customer is the ‘data controller’, and DonorSee is the ‘data processor’. Your service provider (our customer) may have a privacy notice that is relevant to you.

DonorSee also uses some of your data to understand how the DonorSee platform is used and could be improved.

This data privacy policy describes the types of information we collect, how we use that information, the circumstances in which we delete the information, and your rights in relation to the personal data you provide to us, or that you provide to customers using our products and services.

Contact details for DonorSee are listed at the bottom of this notice.

How we collect personal data

Data is collected in a few ways:

• Data that you give directly when you use the platform:

• • fill in forms on our Website or Apps, or correspond with us by phone, email or otherwise;
  • register to use our Services, subscribe to our newsletter, promotional emails or other marketing materials;
  • use the Services;
  • report a problem with our Services; or
  • complete any surveys we ask a user to fill in that we use for research purposes (although you do not have to respond to these if you do not want to).

• Data given about you (by a nonprofit, or fundraising org)
• Data we collect when you use DonorSee, or its products and services

Legal Basis

Use of personal information under EU data protection laws must be justified under one of a number of legal “grounds” and we are required to set out the ground in respect of each use of personal data in this policy notice. These are the principal grounds that justify our use of information:

• Consent:where a user has consented to our use of their information (they are providing explicit, informed, freely given consent, in relation to any such use and may withdraw consent in the circumstance detailed below by notifying us);
• Contract performance:where information is necessary to enter into or perform our contract with the user;
• Legal obligation:where we need to use a user's information to comply with our legal obligations;
• Legitimate interests:where we use a user's information to achieve a legitimate interest and our reasons for using it outweigh any prejudice to the user's data protection rights; and
• Legal claims:where a user's information is necessary for us to defend, prosecute or make a claim against you or a third party.

We use information held about a user(and information about others that you have provided us with) in the following ways:

Information we may collect and use

Some of these are optional or depend on DonorSee’s obligations to its customers (service providers like nonprofits or fundraising organizations), including data about you or your service that has been recorded on the DonorSee platform, or its products or services.

Contact and personal information (some optional personal information),

Including profile picture, name, gender, date of birth, email address.

Uses of that Information:

• To provide the user with access to our Website, Apps and any other information which the user requests from us, and to use our Services.
• For marketing products and services that we believe will be of interest to the user. (Email address, Name).
• To administer our Services and for internal operations, including research, data analysis and data statistics, and to create derived, anonymised and aggregated data to improve our Services.

Use Justification:

• Contract performance
• Legitimate interest (for marketing our own similar products and services and any re-engagement campaigns) (Email address, Name).
• Legitimate interest (to administer and improve our Services).
• Consent (for marketing unrelated products or services or products or services of third parties) (Email address, Name).

Account Access Information

Including Name, Email, Date of Birth, Password

Uses of that Information:

• To provide the user with access to our Website, Apps and any other information which the user requests from us, and to use our Services.

Use Justification:

• Contract performance
• Legitimate interest (to administer and improve our Services).

Your passwords are stored on DonorSee’s servers in encrypted form. We do not disclose your account details. It is your responsibility to keep your password secure.

Sensitive information between your browser and our Website is transferred in encrypted form using Secure Socket Layer (“SSL”). When transmitting sensitive information, you should always make sure that your browser can validate the DonorSee certificate.

Donation information

Including: Campaign/customer supported, Donation amount, Donation frequency, Project categories & interests supported.

Uses of that Information:

• To provide you with access to our Website, Apps and any other information which you request from us, and to use our Services.
• For marketing products and services that we believe will be of interest to you. (Email address, Name).
• To administer our Services and for internal operations, including research, data analysis and data statistics, and to create derived, anonymised and aggregated data to improve our Services.

 Use Justification:

• Contract performance
• Legitimate interest (for marketing our own similar products and services and any re-engagement campaigns) (Email address, Name).
• Legitimate interest (to administer and improve our Services).
• Legitimate interest (to administer and improve our Services).
• Consent (for marketing unrelated products or services or products or services of third parties) (Email address, Name).

Community posts and information (optional)

Includes any posts, comments, likes/dislikes, information, links, photos, etc that you post on your project pages, customer profile, or the community/profile pages of others.

Uses of that Information:

• To provide users with Community available on the DonorSee Platform.
• For our customer (your service provider i.e. nonprofit or fundraising organization) to be able to provide you services.

Use Justification:

• Contract performance
• Legitimate interest (to administer and improve our Services).

You are responsible for all content that you post on the DonorSee platform or its associated products. You must not post offensive content or content from third parties for which you do not have the rights, licenses, consents, or releases or content that will infringe, misappropriate, or violate a third party’s patent, copyright, trademark, trade secret, moral rights, or other intellectual property rights, or rights of publicity or privacy, or result in the violation of any applicable law or regulation.

Other information (Analytics)

With regards to user visits to our Website or Apps, we may automatically collect the following information; however, this information cannot be used to identify a user:

• device-specific information, such as user hardware model, operating system version, unique device identifiers, and mobile network information;
• technical information about the user's computer, including where available, the user's IP address, operating system and browser type, for system administration and analytical purposes;
• details of user visits to our Website and App, including the full Uniform Resource Locators (URL) clickstream to, through and from our Website and App (including date and time), length of visits to certain pages, and page interaction information (such as scrolling, clicks, and mouse-overs); and
• information showing us from which app store the user downloaded our App.

Using the DonorSee platform or services on behalf of a third party.

If you are using the DonorSee platform, products or services on behalf of a third party, you must have obtained clear permission from the individuals whose data you provide us with before sharing that data with us. For the avoidance of any doubt, any reference in this data privacy policy to your data shall include data about other individuals that you have provided us with.

Links to third-party websites

Our Website or Apps may contain links to third-party websites. For example, someone may post a link to a third-party website on a customer profile or fundraising page on the DonorSee platform. If you follow a link to any third-party websites, please note that they have their own privacy policies and that we do not accept any responsibility or liability for their policies or their processing of any personal information you submit to them. Accordingly, DonorSee cannot guarantee that the controller of that website will respect your privacy in the same manner as DonorSee. Please check these policies before you submit any personal information to such third-party websites.

How we use Cookies

Cookies allow web applications to respond to a user as an individual. The web application can tailor its operations to a user's needs, likes and dislikes by gathering and remembering information about user preferences.

Cookies are small, usually randomly encoded, text files that help you navigate through a website. They are generated on the sites that you visit, as well as by third-parties that websites work with, to manage key elements of their business-user functionality. In most cases, they do not involve or use personal information in any way.

Cookies are used extensively online and have become part of the fabric and make-up of what has made the internet work effectively for consumers and businesses. Without cookies, many areas of functionality (for example, user logins, shopping baskets and other customization features) would not work as expected.

Cookie types

Session cookies

Session cookies are temporary cookies that are not stored on a user's computer or mobile device. They are used as part of the login, authentication and session management flows. Certain session cookies are also used to understand, for example, if a user interacting with our website is a new visitor or a visitor returning as part of the same browsing session. These session cookies are erased when a user closes their browser, or after extended inactivity.

Persistent cookies

Persistent cookies are those placed on a user's computer or mobile device for a pre-determined length of time when a user visits this site. They are used on both the platform and our websites, including, for example, to understand (through Google Analytics) what areas of our websites and platform are most popular, and how customers and users engage with them.

Cookie management

Users have the ability to accept or decline the use of cookies. Most web browsers automatically accept cookies, but a user can usually modify your browser setting to decline all cookies if preferred. Alternatively, many web browsers can be configured to notify the user each time a cookie is tendered, and permit the user to accept or decline them on an individual basis or on a site-by-site basis. If the user chooses to decline cookies from SureMission’s website or Apps, the User may experience some unexpected behaviours or impact to the use of the hosted software

Data

User Data: relating to DonorSee community donors and users

DonorSee claims no intellectual property rights over the data and material you provide via DonorSee’s products and services. All materials uploaded remain yours.

"Data" means any data and content you upload, post, transmit or otherwise made available via the DonorSee’s products and services including includes messages you send, files you upload, comments you make on files, profile information and anything else you enter or upload into the DonorSee’s products and services. DonorSee will not share, disclose, sell, lease, modify, or delete any data provided by you in any manner.

DonorSee may use the data to:

• Fulfill our obligations with respect to the reason you volunteered the data (e.g., to respond to an inquiry, etc.);
• Allow you to participate in certain features of the Site;
• Improve the Site or our products, events, and services;
• Optimize your experience on the Site (e.g., troubleshooting technical programs, storing your preferences, etc.);
• Notify you about changes to the Site (including this Data Privacy Policy);
• Carry out our obligations and enforce our rights arising from arrangements between you and us; and
• For any other purpose with your consent or as permitted by law.

Additionally, we may use the data for marketing purposes to:

• Provide you with additional information regarding products and services from DonorSee, or from its affiliated organizations that may be of interest to you via email, text message, or through advertising on various social media platforms or websites (both desktop and mobile) that you may visit; and
• Develop, improve, and target our promotional messaging to you and others via retargeting, online behavioral advertising, and use of social media platform tools for advertising (such as creation of Facebook Lookalike Audiences).

Customer Data: Relating to DonorSee Customers (nonprofits and fundraising organizations using DonorSee’s products and services)

DonorSee maintains only information needed to provide its products and services.

The Customer will remain the sole and exclusive owner of all right, title, and interest in and to all Customer Data. Customer Data includes any data, content, or material the Customer uploads to the DonorSee platform, its associate products and services.

DonorSee’s use and possession of Customer Data is solely to provide the customer and its community of donors and users access to DonorSee’s products and services. In some cases it can be used in de-identified and aggregated form to inform analysis to improve DonorSee’s products and services.

As a customer of DonorSee, the Customer grants all such rights and permissions in or relating to Customer Data to DonorSee and its authorized personnel and subcontractors solely as necessary to provide DonorSee products, and perform the contracted services.

Access and Use of Information

The Customer has visibility over donor transactions and donor Information, from the Customer’s community on DonorSee (or its associated products). Additionally, the Customer may access and copy any Customer Data provided to DonorSee for use in the services at any time and DonorSee will use commercially reasonable efforts to facilitate such access and copying promptly after Customer’s request.

The Customer is responsible for all Customer Data, including the legality, accuracy, integrity, and completeness of its content and use, including all information, instructions, and materials provided by, to, or on behalf of the Customer by a User in connection with the Customer’s use and provision of DonorSee products and services.

DonorSee assumes no risk and liability related to any claim arising from the accuracy, quality, integrity, and completeness of such Customer Data, information, and materials.

DonorSee is not responsible for Customer’s compliance with its data security practices or privacy policies.

The Customer shall ensure that its Customer Data are being utilized and shared in accordance with all applicable federal and state statutes.

Unless it receives Customer’s prior written consent, DonorSee:

(i) will not access or use Customer Data other than as necessary to provide its products and to facilitate the applicable Services; and

(ii) will not give any third-party access to Customer Data.

Customer Data Retention and Deletion

At the customer’s written request, DonorSee will erase all copies of Customer Data promptly.

In addition, DonorSee will erase all copies of Customer Data and Customer donor information (excluding any DonorSee Community donors who have signed up independently of the Customer’s network to give directly on DonorSee ) no sooner than 60 days and no longer than 120 days after termination of any applicable subscription for services by the Customer, unless otherwise required by law.

Upon Customer’s request, DonorSee will certify this erasure in writing to Customer.

Security and Breach Notification

We are committed to ensuring that your data and information is secure. DonorSee implements commercially reasonable and appropriate safeguards to protect User and Customer Data in accordance with applicable laws and regulations. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures and security policies to safeguard and secure the information we collect online.

All DonorSee employees are contractually and ethically bound to respect the confidentiality of any data held by DonorSee.

DonorSee maintains strict security policies, and restricts access to sensitive information and data. DonorSee will not permit its employees to access Customer or User Data, except the extent necessary to provide the Services.

DonorSee will promptly notify a User or Customer of any unauthorized disclosure of Data following discovery by DonorSee. We will coordinate with the Customer and User(s) in the event of any exposure or break-in of the Services or DonorSee’ security protocols or networks in the event personally identifiable information (PII) is disclosed, and a notification to the affected Users shall be agreed upon by DonorSee and Customer.

Third parties

We use third-party sub-processors to host the DonorSee platform, capture analytics, and communicate with you.

The aim of this privacy notice is to give you this information.We use US-based service providers for Customer Data storage. Service providers use either Privacy Shield or have executed Standard Contractual Clauses (as approved by the European Commission). When processed in the United States, the personal data of EU citizens processed by DonorSee has an adequate level of protection within the meaning of Article 46 of Regulation (EU) 2016/679 (General Data Protection Regulation).strong>Right to access your personal data

You have the right to know if your personal data is being held, what categories of data are held, and to receive a copy of all data about you.

List of sub-processors:

Amazon Web Services

We use Amazon Web Services (AWS) to host the DonorSee databases. Location of hosting and processing: USA.

AWS: privacy notice

Heroku

We use Heroku to host our web applications, API servers, and to manage our deployment pipelines.

Heroku: privacy notice

Sendgrid

We use Sendgrid as an email engine, and to manage email campaigns.

Sendgrid: privacy notice

Mailchimp

We use Mailchimp to capture sign-ups to the DonorSee Newsletter.

Mailchimp: privacy notice

Crazy Egg

We use Crazy Egg to produce heatmaps of user’s usage of our sales website (sales landing page) in order to improve the websites’ design and usability.

Crazy Egg: privacy notice

Google Analytics

We use Google Analytics to generate visitor analytics to our website and provide us with anonymised data regarding website visitor numbers and behaviour.

Google Analytics: privacy notice

Your Rights

As a user of DonorSee, or a user of a service provided to you by a DonorSee customer through DonorSee’s products and services, you have rights regarding your personal data.

If you have any questions please contact your service provider or DonorSee.

Right to information about the processing of your personal details

The aim of this privacy notice is to give you this information.

Right to access your personal data

You have the right to know if your personal data is being held, what categories of data are held, and to receive a copy of all data about you.

Right to change or remove your details

You have the right to correct any inaccurate data or remove data if it is not necessary for us to hold it.

Right to object to processing

You can object to processing if it could affect your rights, freedoms or interests.

Right to data portability

We will provide your data in a portable format.

Right to lodge a complaint

You also have the right to lodge a complaint with a supervisory authority, although we encourage you to contact us or your service provider (Nonprofit, or fundraising organization) first.

Contact details for DonorSee can be found at the end of this page.

Changes to this policy

Any changes we make to our data privacy policy in the future will be posted on this page, and where appropriate, notified to you by email or notifications via the App. We, therefore, encourage you to review it from time to time to stay informed of how we are processing your information.

Contact

Questions, comments and requests regarding this data privacy policy are welcome and should be addressed to [email protected]