Your Privacy Rights
Last updated: July 10, 2023
Regardless of where our servers are located, your personal data may be processed by us in the United States, where data protection and privacy regulations may or may not be to the same level of protection as in other parts of the world. BY VISITING THE SITE AND USING THE SERVICE, YOU UNEQUIVOCALLY AND UNAMBIGUOUSLY CONSENT TO THE COLLECTION AND PROCESSING IN THE UNITED STATES OF ANY INFORMATION COLLECTED OR OBTAINED BY US THROUGH VOLUNTARY SUBMISSIONS, AND THAT U.S. LAW GOVERNS ANY SUCH COLLECTION AND PROCESSING.
What Information Do We Collect?
We collect two types of information about persons who use the Service: Personal Information and Non-Personal Information.
PII, also referred to as “Personal Information” in this policy, is information that may personally identify you, such as your name, address, email address or phone number, as well as other non-public information that is associated with the foregoing. Anything you publicly post or that is available publicly will not be considered Personal Information and will be outside the restrictions of this policy.
“Non-Personal Information” means information that is not associated with or linked to your Personal Information. We may create Non-Personal Information from (i) automatically gathered information or (ii) Personal Information by excluding information (such as name) that may make the information personally identifiable to you.
Personal Information Collected
We collect certain Personal Information about you, which may be supplied when you sign-up for the Service, when you complete a survey, when you use the Service, when you request services, otherwise when you submit such information, and from third parties. The information that may be collected includes:
Credit card information;
Health Information (as described below);
employment information; and
technical information collected in our logs, such information may include standard web log entries that contain your IP address, browser history, first-party cookies (session and persistent), third-party cookies, notifications of when you have read an email that we sent you, web beacons, page URL, and timestamp.
You may provide us information when you interact with us through email or otherwise. We may retain such information in order to provide you with services, and you agree that we may share this information as needed with other users in order to resolve any issues that may arise between you and another user of the Service.
Non-Personal Information is collected about you when you use the Service, including but not limited to the type of device you used and its browser and operating system information, the pages accessed most frequently, how pages are used, previous page and referring page URLs, and similar non-personal data. If you can be identified from this information, for example by combination with other pieces of information, then we will treat this information as Personal Information.
Automatically tracking Internet Protocol (IP) addresses is one method of automatically collecting information about your activities online and information volunteered by you. An IP address is a number that is automatically assigned to your device whenever you surf the internet. Further, the Service may utilize user agent strings, web beacons, pixel tags, cookies, embedded links, and other commonly used information-gathering tools. If non-personal information is paired to any of your Personal Information, we will treat the non-personal information as if it was Personal Information too.
Although it may appear that we collect financial information from you on the Service, it is actually collected and processed through a third-party service provider (“Payment Processor”) to process payments for, and donations to, the Service. The Payment Processor may collect financial information such as banking information or credit card number, name, CVV code or date of expiration, from you on the Service. We do not hold your financial information.
We may also collect anonymous, non-identifying and aggregate information, the date and time of any request you make, your language preference, pages you visit, the referring website, the website you go to immediately after visiting our Site, which page is most popular on our Site, the domain name of your Internet service provider, and whether you are a unique visitor to our Site.
As part of the functionality of the Service, certain users may provide AIC with health information related to such user’s mental and/or physical health (“Health Information”). You may not upload Health Information concerning another individual unless you are that person’s parent or legal guardian. Our practices with respect to Health Information, including any such Health Information that consists of or includes protected health information under the Health Insurance Portability and Accountability Act of 1996, as amended by the Health Information Technology for Economic and Clinical Health Act, enacted as part of the American Recovery and Reinvestment Act of 2009 (collectively, “HIPAA”), are governed by and described in our HIPAA Privacy Notice, available here. Please review our HIPAA Notice for more information on how your Health Information is being processed.
2. Why Is My Information Being Collected?
We accept and gather information in an effort to provide the Service to you. We need to collect your personal information so that we can respond to your requests for information or to be added to our email lists, enforce our Terms of Service, and otherwise provide the Service. We also collect aggregate information to help us better design the Service. We collect log information for monitoring purposes to help us to diagnose problems with our servers, administer the Service, calculate usage levels, and otherwise provide services to you.
3. How Do We Use Information We Collect?
We use the personal information you provide for the purposes for which you have submitted it, including:
Internal Uses. We may use your PII to respond to your inquiries, to fulfill your requests for information, track usage trends, conduct usage experiments, develop and improve the Service and other offerings, and perform research and analytics.
Registering You for the Service and Maintaining Your Records. We may use your PII to create and maintain an account for you to allow use the Service.
Paying For the Service. Our Payment Processor will use your PII to process your payment for the Service, to verify that your device is recording a sale, and to confirm your identity when a sale is placed.
We may use anonymous information that we collect to improve the design and content of our Service, and to enable us to personalize your internet experience. We also may use this information in the aggregate to analyze how our Site is used, as well as to offer you programs or services. We may use any anonymous, aggregate information, which may include or be based on your information, without restriction.
4. Sharing Information Collected with Third Parties, Consultants, and Affiliates
We may disclose collected information as you permit or request, to the extent we believe it necessary to comply with the law, such as in response to a subpoena or court order, to defend a legal claim or otherwise as permitted by applicable law. We may disclose any information in our possession in the event that we believe it necessary or appropriate to prevent criminal or illegal activity, personal injury, property damage or bodily harm.
Additionally, we may transfer your information to a third party and/or a successor in interest in relation to, or as the result of, a merger, acquisition, sale of all or substantially all of its assets, recapitalization, reorganization, bankruptcy, or other change of control involving our company.
Other than as described herein, we shall only use or disclose information with your consent, or as permitted/requested by you.
To enhance your online experience with us, our web pages may presently or in the future use "cookies." Cookies are text files that our web server may place on your computer or mobile device to store your preferences. Cookies, by themselves, do not tell us your e-mail address or other PII unless you choose to provide this information to us. Once you choose to provide PII, however, this information may be linked to the data stored in the cookie. Although it may be possible to turn off the collection of cookies through your device or browser, certain features of the Services may not function properly without the aid of cookies.
AIC or its service providers may also use "pixel tags," "web beacons," "clear GIFs" or similar means (collectively, "Pixel Tags") in connection with some of our Site pages and HTML-formatted email messages for purposes of, among other things, compiling aggregate statistics about website usage and response rates. A Pixel Tag is an electronic image, often a single pixel (1x1), that is ordinarily not visible to website visitors and may be associated with cookies on visitors’ hard drives. Pixel Tags allow us and our service providers to count users who have visited certain pages of our Site, to deliver customized services, and to help determine the effectiveness of promotional or advertising campaigns. When used in HTML-formatted email messages, Pixel Tags can inform the sender of the email whether and when the email has been opened.
7. Storing and Securing Your PII
If you are visiting the Site or otherwise using the Service from outside of the USA, you understand that your connection will be through and to servers located in the USA, and the information you provide will be securely stored in our servers and internal systems located within the USA.
We will store and use your personal information until the earlier of your request that we delete it, or the completion of the purpose for which it was collected, unless we have to keep it in order to comply with applicable law(s) or regulation(s). To the extent possible, we will delete the information within thirty (30) days of the triggering event. Any information which has been automatically logged, backed-up, or archived shall be segregated without use/access until it can be deleted in line with our document retention procedures.
We employ procedural and technical safeguards to secure your personal information against loss, theft, alteration, and unauthorized access, use and disclosure, including but not limited to encryption (at rest and in transit via https protocol, passwords, and a firewall). We also employ security procedures to protect your information from unauthorized access by users inside and outside the company.
Regardless of the precautions we take, no transmission of data over the internet is guaranteed to be completely secure. It may be possible for third parties not under our control to intercept or access transmissions or private communications unlawfully. While we strive to protect personal information, we cannot ensure or warrant the security of any information you transmit to us.
8. Access and Control
To view, retrieve, delete, or revise your information, follow the instructions on the Service, or email us email@example.com and request such information or change. For instructions on how you can further access your personal information that we have collected, or how to correct errors in such information, please send an e-mail to firstname.lastname@example.org. We will also promptly stop using your information and remove it from our servers and database at any time upon your e-mail request to do so. To protect your privacy and security, we will take reasonable steps to help verify your identity before granting access, making corrections, or removing your information. You may opt-out of: our use of your information other than for the primary purpose for which you provided it; and promotional emails (including via the unsubscribe link in any such promotional email from us).
9. Do Not Track
At this time, the Service does not specifically respond to browser do-not-track signals.
10.‘EEA’ Privacy Rights.
If you currently reside in the EEA, the GDPR applies to your PII and you are a Data Subject. The GDPR requires that we, in our capacity as a Controller, have a legal basis to process your PII.
We process your PII under one or more of the following legal bases:
Processing is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests;
To perform the contract that we are about to enter with you (e.g., our Terms of Service);
To comply with a legal obligation; and/or
If we have your consent to do so, such consent capable of being revoked at any time.
Under the GDPR, as a Data Subject you have certain rights. They are:
The right to be informed. This is your right to be informed about what we are processing, why, and who else the data may be passed to.
The right of access. This is your right to see what data about you is held by us.
The right to rectification. This is the right to have your data corrected or amended if what is held is incorrect in some way.
The right to be forgotten. This is the right to have your personal data to be deleted in the event that such data is no longer required for the purposes it was collected for, your consent for the processing of the data is withdrawn, or the data is being unlawfully processed.
The right to restrict processing. This is the right to ask for a temporary halt to processing of your personal data, such as in the case where a dispute or legal case has to be concluded, or the data is being corrected.
The right to data portability. This is the right to ask for your personal data to be provided to you in a structured, commonly used, and machine-readable format.
The right to object. This is the right to object to further processing your personal data if such processing is inconsistent with the primary purposes for which it was collected.
Rights in relation to automated decision making and profiling. You have the right to not be subject to a decision based solely on automated processing. The Service does not engage in automated decision making and profiling.
11. Children and Privacy
As a non-profit, our Service is not subject to the Children's Online Privacy Protection Act (“COPPA”), or the associated Federal Trade Commission (“FTC”) rules for collecting personal information of/from minors. Nevertheless, we endeavor to not collect, use, or disclose the Personal Information of a child under the age of 13 without the verified consent of their parent.
Upon signing up for the Service, we will verify the parent or guardian’s consent by either of the following: (i) having the parent or guardian sign a consent form in person; or (ii) sending the parent or guardian a consent form, having them sign it, and return it to use via the same method.
Notwithstanding anything to the contrary herein, we shall not retain the Personal Information of any child under the age of 13 longer than is reasonably necessary to fulfill the Service requested, to allow the child to participate in the Service, to ensure the security of our users and our Services, or as otherwise required by applicable law.
A parent may review, edit, object to additional processing, or request the deletion of their child’s Personal Information by emailing us at email@example.com. To protect the child’s privacy and security, we shall take reasonable steps to verify the identity of the parent before giving them access to such PII. We shall also delete a child’s personal information in the event that we find it is collected, used, or disclosed in a manner that is inconsistent of COPPA’s requirements, or immediately seek the parent’s consent for the same. If you believe that your child under 13 has gained access to our Service without your permission, please contact us at firstname.lastname@example.org.
AIC shall apply the same practices described in this section to children residing in the United Kingdom who are under 13, and to children under the age of 16 who reside in Switzerland and the European Economic Area unless their specific country specifies a different minimum age threshold for parental/guardian consent to be required, in which case AIC will use such age to guide its practices.
Please see the FTC’s website (www.ftc.gov) for more information on COPPA.
California Privacy Rights
California law allows California residents to request information regarding our disclosures in the prior calendar year, if any, of their personally identifiable information to third parties. To make such a request, please contact us at email@example.com with "Request for Privacy Information" in the subject line. Please include enough detail for us to locate your file; at a minimum, your name, email, and username, if any. We will attempt to provide you with the requested information within thirty (30) days of receipt. We reserve our right not to respond to requests sent more than once in a calendar year, or requests submitted to an address other than the one posted in this notice. Please note that this law does not cover all information sharing. Our disclosure only includes information covered by the law.
Copyright © Allies in Caring, Inc. All rights reserved. The Service is the property of AIC, and is protected by United States and international copyright, trademark, and other applicable laws. This includes the content, appearance, and design of the Service, as well as the trademarks, product names, graphics, logos, service names, slogans, colors, and designs.