CyberGrants’ clients with fully executed agreements may designate authorized users (“Authorized Users”) from their employees, contractors, and agents with the right to access our Services and use the Services paid for by the Client. You hereby represent to CyberGrants that you are an Authorized User, and at least eighteen (18) years old.
By using our services you consent to the collection and use of the information described here. If we decide to make changes to the Privacy Statement, we will post the changes on this site to inform you of any updates on what information we collect and how we use it. As may be required by applicable law, we may also seek your explicit consent to process certain data and information collected on this website.
Information We Collect
We receive the following information from your employer or directly from you when you use our Services:
Personal Information means any information, or set of information, that identifies or could be used by or on behalf of CyberGrants to identify a natural person. Personal information does not include information regarding corporate entities or information that is encoded or anonymized, or publicly available information that has not been combined with non-public Personal Information. CyberGrants collects Personal Information when you register with or use our Services. For example, you may use our Services to communicate via internal messaging with other employees, contractors or agents of your employer, make a charitable donation, submit a request for a matching program, volunteer for a project that require submission of contact information, participate in a blog, or post content on our Services. Additionally, if you visit or register on a CyberGrants sponsored site through social media, we may also receive certain Personal Information from those social media sites, and/or post regarding your charitable activity. Personal information that CyberGrants may collect when you register with or use our services include: name, mailing address information for home and/or business, mail code, business title, department, employee type or status, hire date, employee ID, and manager/hierarchy information.
We may also collect information regarding your current location automatically (e.g., by IP address), or directly from you (e.g., zip code). In order to provide certain services while you are visiting our sites from a mobile device, we may automatically collect geolocational information from your mobile device, wireless carrier, or third party providers. Your mobile device permits you to turn off the location services. Please be sure to manage your mobile device and privacy preferences for the use of our Services.
CyberGrants adheres to the following guidelines to protect your right to privacy:
- We only use your personal information to help us manage your account, to improve our services to you, to provide you with products you have requested, and to inform you about additional products or services that may be of interest to you.
- We only use your information for customer contact, account maintenance, billing, and to inform you of new features, improvements and any other customer-affecting reason.
- CyberGrants never sells your personal information to anyone or any organization.
- Our websites collect limited technical information about your computer. Such information includes your TCP/IP address, your browser type and your domain. The information we collect is used only by our support staff to assist us in monitoring system performance and up-time.
- Your membership is protected via SSL (Secure Sockets Layer). This measure of protection is used by many electronic commerce sites and on-line banks to protect personal and financial information. SSL assures that your data, including personal information entered by an individual or transmitted to CyberGrants by a client, is protected using the highest level of data encryption available. Personal information is never stored on CyberGrants laptops or other portable devices.
- Licensed users access CyberGrants by inputting a username and personal password. These are unique in our database; your password should never be shared with anyone.
- Circumstances may arise where CyberGrants decides to sell, buy, merge or otherwise reorganize our company. Such a transaction may involve, in accordance with applicable law, the disclosure of personal information to prospective or actual purchasers, or the receipt of it from sellers. It is CyberGrants' practice to seek appropriate protection for information in these instances.
- CyberGrants will not retain your personal data longer than is necessary to fulfill the purposes for which it was collected or as required by applicable laws, regulations, or client specific data retention policies.
We may collect your TCP/ IP address, Internet Provider, browser type, and language, referring and exit pages, URLs, date and time, amount of time spent on particular pages, sections of the sites visited, number of links you click while on the sites, search terms, operating systems, website traffic, keywords, and other related statics.
Cookies and Other Tracking Technologies
CyberGrants will not retain your personal data longer than is necessary to fulfill the purposes for which it was collected or as required by applicable laws, regulations, or client specific data retention policies.
"Session" cookies are temporary cookies used for various reasons, such as managing page views and your shopping cart. Typically, your browser will erase session cookies once you exit the browser. "Persistent" cookies are more permanent cookies that are stored on your computer or mobile device after you exit the browser. Persistent cookies allow us to retrieve certain information that you have previously provided to us (e.g., your user ID if you asked for it to be remembered). Our sites may use both session and persistent cookies.
You may manage, block or delete cookies and other tracking technologies by adjusting your browser's security and privacy settings but, if you do so, you may not be able to use particular features of our sites or Services.
How We Use Your Information
Sharing Your Information
We do not share your Personal Information with third parties for marketing purposes. We may, however, share your Personal Information and Non-Personal Information with third parties without notice to you under the following certain circumstances:
- Providers- When we engage a Provider to perform certain business-related functions, we only provide them with the information that they need to perform their specific function. We may also share your information with any of our parent companies, subsidiaries, or other companies under common control with us.
- Legal Requirements- We may disclose your information if required to do so by law, or in the good faith belief that such action or disclosure is necessary or appropriate (i) to operate our sites and Services, (ii) comply with any legal obligation, report unlawful activity, cooperate with law enforcement, or protect against legal liability, (iii) protect and defend our rights, property, personnel, suppliers, sponsors, agents or licensors, or (iv) protect the personal safety of users of our sites or the public.
- Business Transfers- Personal Information and Non-Personal Information may be transferred in the event of a corporate sale, merger, reorganization, dissolution, or similar event, or if assets sold include our Client Agreements.
- Aggregate Information- We may aggregate (i.e. anonymize) Personal Information and provide it in response to a government request, or to other third parties for lawful purposes.
Third Party Websites, Social Media, and Outside Services
We are not responsible for protecting any Personal Information (including the content of emails or similar communications) or User Content you post on our sites or on social media web pages associated with CyberGrants. Any Personal Information or User Content you post on our sites or associated social media pages is unprotected and may be viewed by anyone with access to the specific website including, but not limited to, the Client(s) and any other Authorized Users of our sites.
You acknowledge and agree that CyberGrants is not liable for the information published in search results or by any third party website that carries any User Content or Personal Information published on our sites or associated social media sites. CyberGrants expressly disclaims any and all liability for the actions of third parties, including without limitations to actions relating to the use and/or disclosure of Personal Information by third parties. We strongly discourage posting any Personal Information or User Content that you do not want others to see or use. If you visit a third party website linked from our sites, you do so at your own risk.
CyberGrants reserves the right, but has no obligation, to monitor your activity, User Content and Personal Information posted on our sites. You acknowledge that by providing you with the ability to post, view and distribute User Content and Personal Information on our sites, CyberGrants is merely acting as a passive conduit for such distribution and is not undertaking any obligation or liability relating thereto. We reserve the right, but have no obligation, to block or remove communications, User Content, Personal Information or other submissions to our sites, for any reason or no reason, in our sole and absolute discretion.
We communicate with users (donors), whose employer subscribes to our services, on a periodic basis via email or phone to resolve or investigate customer service issues. We may also use your e-mail address to confirm your philanthropic activity, and to send notices and other disclosures as required by law. Generally, users cannot opt out of these communications. A user can, however, remove himself or herself as a qualified donor by contacting their company's Human Resources department.
By virtue of applying for a grant with a CyberGrants subscribing company, grantseekers or non-profit organizations are consenting (opting-in) to CyberGrants use of the organizational information they provide. We communicate with non-profit organizations on a periodic basis via email or phone to resolve or investigate customer service issues. We may also use your email address to notify you of updates to philanthropic activity, and to send notices and other disclosures as required by law.
CyberGrants offers you control over your privacy preferences regarding promotional e-mail. You may update these preferences at any time. Please allow sufficient time for your preferences to be processed.
You may opt-out of receiving promotional e-mails from us when registering for an account by unchecking the box that asks whether you would like to receive e-mail updates about new features, products, and services.
You may unsubscribe from receiving promotional e-mails of certain types (or a companywide unsubscribe) at any time by using the Unsubscribe page on our sites. Click here to unsubscribe now. When you receive a promotional e-mail from CyberGrants, it will contain a link that allows you to unsubscribe, however, you will continue to receive non-promotional e-mails from us, such as communications regarding the Services.
Correcting Personal Information
CyberGrants is a data processor and not authorized by your employer (the data controller) to correct or modify your Personal Information. Please first contact your company’s Human Resource department to request to correct, modify, or remove your Personal Information from the CyberGrants Services. If your Human Resource department is unable to help with your request, please contact us at email@example.com or firstname.lastname@example.org.
Our sites and Services are not intended for use by children under the age of 13. CyberGrants does not knowingly collect Personal Data from children under the age of 13. If we learn that we have collected Personal Data from a child under the age of 13, we will immediately assess whether it is appropriate to retain this information in our system. A number of CyberGrants clients sponsor scholarship programs that may award grant dollars to children of any age.
California Privacy Rights
Pursuant to Section 1798.83 of the California Civil Code, residents of California have the right to obtain certain information about the types of Personal Information that companies with whom they have an established business relationship (and that are not otherwise exempt) have shared with third parties for direct marketing purposes during the preceding calendar year, including the names and addresses of those third parties, and examples of the types of services or products marketed by those third parties. To submit a request pursuant to Section 1798.83, please contact CyberGrants via e-mail at email@example.com
Important Notices to Non-U.S. Residents/EU-US Privacy Shield Certification/US-Swiss Safe Harbor Certification
To adhere and comply with EU-US Privacy Shield principles and requirements, CyberGrants is providing the following information and notice:
- The types of personal data collected are described above under section entitled “Information We Collect.”
- CyberGrants does not disclose personal data information to subsidiaries or third parties, however, personal data information is backed-up and stored at an offsite location with a third-party vendor, Access, located in Peabody, MA, who lawfully cannot access the data, as the data is stored in an obfuscated manner with encryptions and other protections. The third-party vendor has agreed with CyberGrants not to transfer any data to another party, vendor, or organization.
- You have a right to access your personal data. Please first contact your employer’s Human Resource Department to inquire about access to your personal data provided by your employer to CyberGrants.
- You have the right to opt-out of having your personal data information collected by CyberGrants. Please follow the instructions under the Correcting Personal Information section above.
- You have the right to be notified if the information you disclosed is to be disclosed to a new third party or to be used in a materially different purpose other than originally collected. You will be notified by CyberGrants through your employer or through the Terms and Conditions on the CyberGrants website.
- CyberGrants is subject to the enforcement powers of the Federal Trade Commission, the Department of Transportation, or any other US authorized statutory body.
- CyberGrants is required to disclose personal information in response to lawful requests by public authorities, including, but not limited, to meeting national security or law enforcement requirements.
- CyberGrants is liable in cases of onward transfer to third parties, except for cases of unlawful misconduct by unauthorized users or intentional violation of CyberGrants contractual agreements.
- CyberGrants does not collect sensitive information, which includes: medical, health conditions, race, ethnic origin, political opinion, religious or philosophical beliefs, trade union membership, or sex life. If such sensitive information is ever collected, you must express affirmative consent to opt in for use of that sensitive information if that information is to be disclosed to third parties or used for purposes other than those originally collected.
- CyberGrants takes reasonable and appropriate measures to protect personal data from loss, misuse and unauthorized access, disclosure, alteration, and destruction by taking into due account the risks involved in the processing and the nature of the personal data.
- CyberGrants only processes personal data that is compatible for CyberGrants’ general purpose for processing.
- CyberGrants only retains personal data for as long as it serves its purpose for processing.
- You have the right to access your personal information and be able to correct, amend, or delete the information when it is inaccurate or processed in violation of the Principles, except where the burden or expense of providing such access would be disproportionate to the risks of the individual’s privacy or the other person’s rights would be violated. CyberGrants will expeditiously respond to your complaints. First contact your employers’ Human Resources Department to access, amend, or remove your personal information data or any other complaint regarding your personal information data. If your employer does not respond within an expedient timeframe, then CyberGrants will respond and attempt to resolve your complaint.
We will investigate your question, respond to your inquiry, and attempt to resolve any concerns regarding your privacy question. Cyber Grants has further committed to refer unresolved privacy complaints under the EU-US Privacy Shield Principles to BBB EU PRIVACY SHIELD, a non-profit alternative dispute resolution provider located in the United States and operated by the Council of Better Business Bureaus. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit http://www.bbb.org/EU-privacy-shield/for-eu-consumers for more information and to file a complaint.
For residual complaints not resolved through these channels, under certain conditions, to invoke binding arbitration before a Privacy Shield Panel, pursuant to Annex I of the Framework
We will investigate your question, respond to your inquiry, and attempt to resolve any concerns regarding your privacy question. CyberGrants has further committed to refer unresolved privacy complaints under the US-Swiss Safe Harbor to an independent dispute resolution mechanism operated by the Council of Better Business Bureaus. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit www.bbb.org/us/safe-harbor-complaints for more information and to file a complaint.
CyberGrants will expeditiously respond to your complaints regarding human resources data. First contact your employers’ Human Resources Department to access, amend, or remove your personal information data or any other complaint regarding your personal information data. If your employer does not respond within an expedient timeframe, then CyberGrants will respond and attempt to resolve your complaint. With respect to complaints involving human resources data collected in the context of the employment relationship, CyberGrants commits to cooperate with the panel established by the EU data protection authorities (DPAs) and the Swiss FDPIC and to comply with their advice.
To view our security requirements please see our Security Statement through the link provided below on this site.
Contact Us: Inquiries, Access, and Updating Your Personal Data
CyberGrants needs your help in keeping the personal data you have shared with us accurate and up to date. If you are a registered user, you may make these updates yourself online by logging into your account.
Questions regarding this Privacy Statement or the information practices of the Company's Web site should be directed to the CyberGrants Privacy Officer at firstname.lastname@example.org or by mailing CyberGrants ISO, 300 Brickstone Square, Suite 601, Andover MA 01810.
Revised and posted as of September 28, 2016