How We Use Information
Personally Identifiable Information. If you do provide us with personally identifiable information, we will only use it for the purposes described in this statement or where it is collected.
We use PII to provide the Services, for troubleshooting and maintenance of the Services, and to communicate with Customers, Charitable Organizations, and Authorized Users. We also use PII to:
• help us create and publish content most relevant to you;
• control access to certain areas of our Services;
• register Authorized Users and develop their profiles and enable them to take advantage of the personalized features of our Services;
• process transactions requested by our Customers, Charitable Organizations, and Authorized Users; and
• communicate in response to request forms such as “Contact Us”.
We periodically prepare analyses and reports reflecting visitor and member use of the Services. In preparing these reports, we may combine and analyze the personal information you provide to us with information from other sources. However, these reports will only include aggregate information about visitors and Authorized Users. The information in these reports will not identify individuals. Any business partner with whom such reports may be shared will also not be able to contact you from the information contained in the reports.
Sharing by Customers and Charitable Organizations
Givio Customers or Charitable Organizations may choose to share PII data related to its employees in order to support charitable giving program management. For example, a Customer may choose to upload employee emails into Givio in order to create individual giving accounts for employees or to send communications to employees using Givio Services. It is the responsibility of each Customer or Charitable Organization to notify its employees that PII data is shared with Givio. Givio will cooperate with its Customers and Charitable Organizations, however, to help them provide notice to their users concerning the purpose for which personal information is collected. Neither Givio nor the Givio Services solicit the users on behalf of unrelated, third-party marketers.
Givio will retain personal data we collect, as well as personal data we collect and process on behalf of our Partners, for as long as needed to provide our Services. Givio will retain and use this personal information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
Givio uses the information that we collect to set up the Services for all user types and to improve the Services. We may also use the information to contact users and visitors to further discuss their interest in and use of the Services. Whenever visitors or users submit requests for more information or services from us, they may opt out of entering certain fields. Users wishing to stop receiving information from the Services may opt out of receiving notices by logging into their Givio account and using the account tools to manage settings, or may cancel their account, or may contact their employer for assistance, if the employer is a Customer of Givio.
We may also e-mail to Authorized Users information regarding updates to the Services.
Sharing of Information by Givio
Personally identifiable information. Primarily, we may share or disclose your personally identifiable information in the following instances:
• To identify you to a Charitable Organization to which you have made a donation and have requested to share your information. Users wishing to remain anonymous to their selected charity may remain anonymous.
• The Givio Services and technology platform transfers PII data to certain third-party donor-advised fund(s) (“DAF’s”) such Givio Charitable Foundation for purposes of managing individual donor DAF accounts and funds disbursements. Givio may transfer personal information to companies that help us provide our service. All such transfers to subsequent third parties are covered by confidentiality agreements with the third parties.
• To unaffiliated third-party service providers, agents, or independent contractors who help us maintain our services and with other administrative services (including, but not limited to, order processing and fulfillment, providing customer service, maintaining and analyzing data, sending customer communications on our behalf, and entry collection, winner selection and prize fulfillment for contests, sweepstakes, and other promotions). We seek to ensure that such unaffiliated third-parties will not use your personally identifiable information for any purpose other than that for which they are responsible. However, we cannot guarantee that they will not use it for any other purpose.
• If you choose to make a donation or receive disbursements on or through our Services, we may ask you for your credit card number, billing address, and other information in connection with completing such purchase, and we may use such information to fulfill your purchase. We may also provide such information, or other personally identifiable information provided by you, to third-parties (such as ApplePay, Stripe, or a similar payment processor) (a “Payment Processor”) to complete your transaction (for example, to process your credit card). The Payment Processor is acting solely as a billing and processing provider for and on behalf of Givio and shall not be construed to be providing the applicable Service. In addition, the Payment Processor is an entity completely independent of Givio, Givio exercises no control over the operations of the Payment Processor, makes no warranties or representations on behalf of such Payment Processor, and accepts no liability in respect of the acts or omissions of the Payment Processor (including expressly with respect to any Security Breach). The Payment Processor’s use of your PII and NPII is subject to the terms, conditions, and privacy policies published by such Payment Processor.
• To comply with law, or in the good faith belief that such action is necessary to conform to the requirements of law, or comply with legal process served on us, and to protect and defend our rights or property, including our rights and property and our services, or act in urgent circumstances to protect the personal safety of you and our other visitors.
• To track and analyze non-identifying, aggregate usage and volume statistical information from our visitors and customers and provide such information to third parties.
• To protect against fraud and potential fraud. We may verify the information you provide using our Services through third parties. In the course of such verification, we may receive additional personally identifiable information about you from such Services. In particular, if you use a credit card or debit card to purchase services with us, we may use card authorization and fraud screening services to verify that your card information and address match the information you supplied to us, and that the card has not been reported as lost or stolen.
Non-personally identifiable information. We may share and disclose your non-personally identifiable information for the purposes described in this statement or where it is collected, or any other legal purpose, including, when and where applicable, sharing and disclosing non-personally identifiable information combined with personally identifiable information.
Legal Disclosure. We may disclose information about you and your use of the services if we believe that such disclosure is reasonably necessary to:
(i) Comply with the law and/or legal process where a formal request has been made (e.g. request from an administrative oversight agency, civil suit, subpoena, court order or judicial or administrative proceeding);
(ii) Protect or defend our rights and/or property or the rights and property of others;
(iv) Respond to claims that the content(s) of a communication violates the rights of another.
Links to Other Sites
Givio uses generally accepted industry practices to help prevent unauthorized use of, access to or alteration of visitor and user information and hosted data. These practices include the use of firewalls, SSL encryption, system redundancies, and co-location at a 24/7 monitored, access-controlled environment.
The Givio website and the backend API services use TLS v1.2 and TLS v1.3 level encryption to ensure state-of-the-art security for all communications. As an additional factor of security, we use specially designed keys for REST API communications. Database-level encryption is employed to securely store the user details and the user’s access tokens.
The Givio mobile apps utilize the native secure storage mechanism to store data including the transactions of a guest user, and other user data like the user’s authorization tokens. For the Android app, we make use of the Android Keystore system, while we use the Keychain in the iOS app. All transaction data are secured over a REST API that’s protected using the latest TLS v1.3 encryption. For third-party tools like Stripe and Google Pay, we use their recommended, latest native SDKs to ensure that everything is up to date. For crypto transactions, we use Coinbase, where the actual payment happens directly on the Coinbase website, which is protected by Coinbase.
Updating Personal Information
We encourage our visitors and users to update and edit their personal information and keep it current. Users can easily correct, delete or update their contact information at any time through the Site by logging into your account and using accounts settings, features and tools. We will retain your information for as long as your account is active or as needed to provide you services. If you wish to cancel your account or request that we no longer use your information to provide you services, you may do so in your user account settings, or you may contact us. We will respond to your request within a reasonable timeframe. We will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
California Residents’ Rights
(As provided by the California Consumer Privacy Act)
A California resident who has provided personal information to a business with whom he/she has established a business relationship for personal, family, or household purposes (“California customer”) is entitled to request information about whether the business has disclosed personal information to any third parties for the third parties’ direct marketing purposes. In general, if the business has made such a disclosure of personal information, upon receipt of a request by a California customer, the business is required to provide a list of all third parties to whom personal information was disclosed in the preceding calendar year, as well as a list of the categories of personal information that were disclosed.
We do not share information with third parties for their direct marketing purposes unless you affirmatively agree to such disclosure — typically by opting-in to receive information from a third party. To prevent disclosure of your personal information for use in direct marketing by a third party, do not opt-in to such use when you provide personal information on our website. Please note that whenever you opt-in to receive future communications from a third party, your information will be subject to the third-party’s privacy policies and practices. If you later decide that you do not want that third party to use your information, you will need to contact the third party directly, as we have no control over how third parties use information. You should always review the privacy policies and practices of any party that collects your information to determine how that entity will handle your information.
California Do Not Track Notice
Some browsers have a “Do Not Track” feature that lets you tell websites and online services that you do not want to have your online activities tracked. Such browser features and industry standards are not uniform, so our websites and online services do not respond to those signals.
International Transfer of Information