We Respect the Right to Privacy
Last revised: March 15, 2021
Welcome to Givio!
Legal questions should be directed to:
1900 Campus Commons Drive
Reston, VA 20191
Contact and Electronic Communications
Information We Collect About You
We collect two types of information from you when you visit our website(s) or use our products and other Services: (1) “personally identifiable information” (“PII”) (as defined below) and (2) non-personally identifiable information (“NPII”) (as defined below).
Here are some examples and explanations of the ways in which we may collect, store, transfer, share or otherwise make your PII available to Givio.es Here
• Registration Data. If you choose to create an account using Givio Services, we will ask for certain information enabling the creation of that account, such as a username and password. If you make a donation to an organization listed on a Givio app or web page, we will ask for certain information enabling us to process, receipt and disburse that donation.
• Survey Data. The gathering of this information may include analysis and sharing of online surveys for which you may choose to participate.
• Contribution and Payment Information. We collect information on the amount of contributions you have made using the Givio Services.
“NPII” can be technical information or it can be demographic information, such as your age, gender, or interests. Non-personally identifiable information may also mean aggregated, non-identifiable or anonymized information. Non-personally identifiable information does not identify you personally. If you do provide us with non-personally identifiable information, we may use it for the purposes described in this statement or where it is collected, or any other legal purpose.
Here are some examples of the ways in which we may collect and store your non-personally identifiable information through our services, and how we use such information:
• Log Information. When you use our services or view content provided by Givio, we automatically collect and store certain information in our server logs. This type of information includes details of how you used our service, IP address information described below, web pages which have been viewed by a visitor, data and time, domain type, device event information such as crashes, system activity, hardware, settings, browser type or version, browser language, the date and time of your request and referral URL.
• Internet Protocol (IP) address. Your “IP address” is a number that lets computers attached to the Internet know where to send you data, such as the screens and pages of our services that you view. We use this information to deliver our screens and pages to you upon request, to tailor our services to the interests of you and our other visitors, and to measure traffic to and within our services.
• Campaign Data. Information about a giving campaign in which you participate, such as a campaign title, recipient charitable organization(s), descriptions, goals.
• Demographic Information. “Demographic information” may be your gender, age, zip code, and interests. We may collect such information about you through our services and use it to provide you with personalized services and to analyze trends to ensure that our services and the information on them is targeted to meet your needs. Please note that we also consider aggregated information, which is not personally identifiable, to be non-personally identifiable information.
• Device Information. “Device Information” may include information we collect such as your hardware model, operating system version, unique device identifiers and mobile network information including phone number. We may associate your device identifiers or phone number with your account.
• Location Information. When you use our Services, we may collect and process information about your actual location. We use various technologies to determine location, including IP Address, Global Positioning Systems and other sensors that may provide Givio with information about nearby devices, Wi-Fi access points and cell towers.
If you choose to use a Givio referral service to tell a friend about our Services, we may ask you for your friend’s email address. We will automatically send your friend a one-time email inviting him or her to visit the website. Givio stores this information for the sole purpose of sending this one-time email and tracking the success of our referral program. Your friend may contact us to request that we remove this information from our database.
Log Data, Cookies and Activity Tracking Technologies
Givio collects certain information from visitors to our websites and apps and users of the Services, such as Internet addresses, browser types, referring domains, time stamps (time page accessed as well as time spent per web page), as well as the specific pages the visitor has requested. This information is logged for marketing purposes and to help diagnose technical problems and administer the Services in order to constantly improve the quality of the Services. We may also track and analyze non-identifying activity and aggregate usage-and-volume statistical information from visitors and users, and provide such information to third parties. We do not link this automatically collected data to other information we collect about you.
Givio, our partners, affiliates, or website analytics or service providers use technologies such as cookies, beacons, tags, and scripts, to analyze trends, administer the website, tracking users’ movements around the website, and to gather demographic information about our user base as a whole. We may receive reports based on the use of these technologies by these companies on an individual and aggregated basis.
We use Local Storage, also known as HTML5, to store content information and preferences in order to provide users a better experience on our sites. We do not use HTML5 to display advertising based upon your web browsing activity. Various browsers may offer their own management tools for removing Local Storage/HTML5.
Social Media Widgets
Givio Services may include Social Media features, such as the Facebook ‘Like’ button, and widgets, such as the ‘Share This’ button or interactive mini-programs that run on our website. These features may collect your Internet protocol address, which page you are visiting on our website, and may set a cookie to enable the feature to function properly. Social Media features and widgets are either hosted by a third party or hosted directly on our website. Your interactions with these features are governed by the privacy statement of the company providing them.
How We Use Information
Personally Identifiable Information. If you do provide us with personally identifiable information, we will only use it for the purposes described in this statement or where it is collected.
We use PII to provide the Services, for troubleshooting and maintenance of the Services, and to communicate with Customers, Charitable Organizations, and Authorized Users. We also use PII to:
• help us create and publish content most relevant to you;
• control access to certain areas of our Services;
• register Authorized Users and develop their profiles and enable them to take advantage of the personalized features of our Services;
• process transactions requested by our Customers, Charitable Organizations, and Authorized Users; and
• communicate in response to request forms such as “Contact Us”.
We periodically prepare analyses and reports reflecting visitor and member use of the Services. In preparing these reports, we may combine and analyze the personal information you provide to us with information from other sources. However, these reports will only include aggregate information about visitors and Authorized Users. The information in these reports will not identify individuals. Any business partner with whom such reports may be shared will also not be able to contact you from the information contained in the reports.
Sharing by Customers and Charitable Organizations
Givio Customers or Charitable Organizations may choose to share PII data related to its employees in order to support charitable giving program management. For example, a Customer may choose to upload employee emails into Givio in order to create individual giving accounts for employees or to send communications to employees using Givio Services. It is the responsibility of each Customer or Charitable Organization to notify its employees that PII data is shared with Givio. Givio will cooperate with its Customers and Charitable Organizations, however, to help them provide notice to their users concerning the purpose for which personal information is collected. Neither Givio nor the Givio Services solicit the users on behalf of unrelated, third-party marketers.
Givio will retain personal data we collect, as well as personal data we collect and process on behalf of our Partners, for as long as needed to provide our Services. Givio will retain and use this personal information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
Givio uses the information that we collect to set up the Services for all user types and to improve the Services. We may also use the information to contact users and visitors to further discuss their interest in and use of the Services. Whenever visitors or users submit requests for more information or services from us, they may opt out of entering certain fields. Users wishing to stop receiving information from the Services may opt out of receiving notices by logging into their Givio account and using the account tools to manage settings, or may cancel their account, or may contact their employer for assistance, if the employer is a Customer of Givio.
We may also e-mail to Authorized Users information regarding updates to the Services.
Sharing of Information by Givio
Personally identifiable information. Primarily, we may share or disclose your personally identifiable information in the following instances:
• To identify you to a Charitable Organization to which you have made a donation and have requested to share your information. Users wishing to remain anonymous to their selected charity may remain anonymous.
• The Givio Services and technology platform transfers PII data to certain third-party donor-advised fund(s) (“DAF’s”) such Givio Charitable Foundation for purposes of managing individual donor DAF accounts and funds disbursements. Givio may transfer personal information to companies that help us provide our service. All such transfers to subsequent third parties are covered by confidentiality agreements with the third parties.
• To unaffiliated third-party service providers, agents, or independent contractors who help us maintain our services and with other administrative services (including, but not limited to, order processing and fulfillment, providing customer service, maintaining and analyzing data, sending customer communications on our behalf, and entry collection, winner selection and prize fulfillment for contests, sweepstakes, and other promotions). We seek to ensure that such unaffiliated third-parties will not use your personally identifiable information for any purpose other than that for which they are responsible. However, we cannot guarantee that they will not use it for any other purpose.
• If you choose to make a donation or receive disbursements on or through our Services, we may ask you for your credit card number, billing address, and other information in connection with completing such purchase, and we may use such information to fulfill your purchase. We may also provide such information, or other personally identifiable information provided by you, to third-parties (such as ApplePay, Stripe, or a similar payment processor) (a “Payment Processor”) to complete your transaction (for example, to process your credit card). The Payment Processor is acting solely as a billing and processing provider for and on behalf of Givio and shall not be construed to be providing the applicable Service. In addition, the Payment Processor is an entity completely independent of Givio, Givio exercises no control over the operations of the Payment Processor, makes no warranties or representations on behalf of such Payment Processor, and accepts no liability in respect of the acts or omissions of the Payment Processor (including expressly with respect to any Security Breach). The Payment Processor’s use of your PII and NPII is subject to the terms, conditions, and privacy policies published by such Payment Processor.
• To comply with law, or in the good faith belief that such action is necessary to conform to the requirements of law, or comply with legal process served on us, and to protect and defend our rights or property, including our rights and property and our services, or act in urgent circumstances to protect the personal safety of you and our other visitors.
• To track and analyze non-identifying, aggregate usage and volume statistical information from our visitors and customers and provide such information to third parties.
• To protect against fraud and potential fraud. We may verify the information you provide using our Services through third parties. In the course of such verification, we may receive additional personally identifiable information about you from such Services. In particular, if you use a credit card or debit card to purchase services with us, we may use card authorization and fraud screening services to verify that your card information and address match the information you supplied to us, and that the card has not been reported as lost or stolen.
Non-personally identifiable information. We may share and disclose your non-personally identifiable information for the purposes described in this statement or where it is collected, or any other legal purpose, including, when and where applicable, sharing and disclosing non-personally identifiable information combined with personally identifiable information.
Legal Disclosure. We may disclose information about you and your use of the services if we believe that such disclosure is reasonably necessary to:
(i) Comply with the law and/or legal process where a formal request has been made (e.g. request from an administrative oversight agency, civil suit, subpoena, court order or judicial or administrative proceeding);
(ii) Protect or defend our rights and/or property or the rights and property of others;
(iv) Respond to claims that the content(s) of a communication violates the rights of another.
Links to Other Sites
Givio uses generally accepted industry practices to help prevent unauthorized use of, access to or alteration of visitor and user information and hosted data. These practices include the use of firewalls, SSL encryption, system redundancies, and co-location at a 24/7 monitored, access-controlled environment.
The Givio website and the backend API services use TLS v1.2 and TLS v1.3 level encryption to ensure state-of-the-art security for all communications. As an additional factor of security, we use specially designed keys for REST API communications. Database-level encryption is employed to securely store the user details and the user’s access tokens.
The Givio mobile apps utilize the native secure storage mechanism to store data including the transactions of a guest user, and other user data like the user’s authorization tokens. For the Android app, we make use of the Android Keystore system, while we use the Keychain in the iOS app. All transaction data are secured over a REST API that’s protected using the latest TLS v1.3 encryption. For third-party tools like Stripe and Google Pay, we use their recommended, latest native SDKs to ensure that everything is up to date. For crypto transactions, we use Coinbase, where the actual payment happens directly on the Coinbase website, which is protected by Coinbase.
Updating Personal Information
We encourage our visitors and users to update and edit their personal information and keep it current. Users can easily correct, delete or update their contact information at any time through the Site by logging into your account and using accounts settings, features and tools. We will retain your information for as long as your account is active or as needed to provide you services. If you wish to cancel your account or request that we no longer use your information to provide you services, you may do so in your user account settings, or you may contact us. We will respond to your request within a reasonable timeframe. We will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
California Residents’ Rights
(As provided by the California Consumer Privacy Act)
A California resident who has provided personal information to a business with whom he/she has established a business relationship for personal, family, or household purposes (“California customer”) is entitled to request information about whether the business has disclosed personal information to any third parties for the third parties’ direct marketing purposes. In general, if the business has made such a disclosure of personal information, upon receipt of a request by a California customer, the business is required to provide a list of all third parties to whom personal information was disclosed in the preceding calendar year, as well as a list of the categories of personal information that were disclosed.
We do not share information with third parties for their direct marketing purposes unless you affirmatively agree to such disclosure — typically by opting-in to receive information from a third party. To prevent disclosure of your personal information for use in direct marketing by a third party, do not opt-in to such use when you provide personal information on our website. Please note that whenever you opt-in to receive future communications from a third party, your information will be subject to the third-party’s privacy policies and practices. If you later decide that you do not want that third party to use your information, you will need to contact the third party directly, as we have no control over how third parties use information. You should always review the privacy policies and practices of any party that collects your information to determine how that entity will handle your information.
California Do Not Track Notice
Some browsers have a “Do Not Track” feature that lets you tell websites and online services that you do not want to have your online activities tracked. Such browser features and industry standards are not uniform, so our websites and online services do not respond to those signals.
International Transfer of Information