Accountability for our compliance with this Policy rests with our Privacy Officer, even though other individuals within FrontStream may also have responsibility for some day-to-day collection and processing of User Data. Other individuals within FrontStream may be delegated to act on behalf of the Privacy Officer.
- Information We Collect. When you visit our Services, we will not collect User Data about you unless you provide us that information voluntarily. We may ask you for some or all of the following types of User Data when you register with, access or use our Services, respond to any surveys or polls, or directly contact us with questions or feedback:
- Contact information, such as first and last name, e-mail address, postal address, and telephone number;
- User name and password;
- Demographic information, such as age information and gender;
- Payment information, such as credit card number and expiration date;
- Geolocation information;
- Communications preferences;
- Correspondence and other information that you send to us; and
- Additional information as otherwise described to you at the point of collection or pursuant to your consent.
We also may collect certain information automatically when you visit the Services, including:
- Your browser type and operating system;
- Your Internet Protocol (IP) address, which is the number automatically assigned to your computer whenever you access the Internet and that can sometimes be used to derive your general geographic area;
- Other unique identifiers, including mobile device identification numbers;
- Sites you visited before and after visiting the Services;
- Pages you view and links you click on within the Services;
- Information collected through cookies, web beacons, and other technologies;
- Information about your interactions with e-mail messages, such as the links clicked on and whether the messages were opened or forwarded; and
- Standard Server Log Information.
Some web browsers may transmit “do-not-track” signals to the websites with which the user communicates. Because of differences in how web browsers incorporate and activate this feature, it is not always clear whether users intend for these signals to be transmitted, or whether they even are aware of them. Because there currently is no industry standard concerning what, if anything, websites should do when they receive such signals, FrontStream currently does not take action in response to these signals. If and when a final standard is established and accepted, we will reassess how to respond to these signals.
- Use of Information. FrontStream may use information that we collect through the Services for a variety of purposes, including:
- For the delivery of the Service;
- For its own internal purposes, analytics, benchmarking and analysis, or use that enables targeting of communication, engagement tools and fundraising efforts to optimize results of the Service and individual engagement;
- Provide you with the products, promotions, services, newsletters, and information you request and respond to correspondence that we receive from you;
- Customize and personalize your use of the Services;
- Contact you via e-mail and otherwise about promotions, products, services, surveys and events that we think might be of interest to you, including with respect to our Services in which you have participated,
- Contact you with surveys, legal notices, and other information that may be relevant to your use of the Services;
- Maintain or administer the Services, perform business analyses, or for other internal purposes to improve the quality of our business, the Services, and other products and services we offer; and
- As otherwise described to you at the point of collection or pursuant to your consent, and as required or permitted by applicable law.
- Sharing of Information. We are committed to maintaining your trust, and we want you to understand when and with whom we may share the information we collect.
- Corporate Parents, Affiliates, and Subsidiaries, or Associated Entities (for Canadian Clients). We may share your information with our corporate parents, subsidiaries, and other affiliated entities for the purposes referred to in this Policy.
- Associated Entities (for Australian Clients). We may share your information with associated entities for the purposes referred to in this
- Service Providers. We may share your information with service providers that perform certain functions or services on our behalf, such as to host or assisting with the Services, manage databases, host a store or other e-commerce platform, perform analyses, or send communications for us.
- Select Business Partners. We may share your information with certain business partners that assist in the delivery of the Services (i.e. merchant service providers, organizations holding fundraising events, vendors who have provided bidding items.)
- In Connection With a Transfer of Assets. If we sell all or part of our business, or make a sale or transfer of assets, or are otherwise involved in a merger, acquisition or business transfer, or in the event of bankruptcy, we may transfer your information to one or more third parties as part of that transaction.
- Other Parties With Your Consent or as Authorized by Law. We may share information about you with third parties when you consent to such sharing (including when you post information to a public area of the Services, such as a chat room, discussion board, forum, blog, or other community tool) and otherwise as required or permitted by applicable law.
- Aggregate Information. We may disclose to third parties information that does not describe or identify individual users, such as aggregate website usage data or demographic reports.
We may allow third parties to place and read their own cookies, web beacons, Local Shared Objects, and similar technologies to collect information through the Services. For example, our third-party service providers may use these technologies to collect information that helps us with traffic measurement, research, and analytics.
- User Data Security. We use a variety of security technologies and procedures to help you protect against loss, misuse, unauthorized access, disclosure, alteration or destruction of the information you submit to us. We protect User Data with organizational, physical, mechanical and electronic safeguards appropriate to the sensitivity of the information, including encryption and secure server technology where appropriate. Please note that no data transmission or storage can be guaranteed to be 100% secure. As a result, while we strive to protect your information and privacy, we cannot guarantee or warrant the security of any information you disclose or transmit to us online and cannot be responsible for the theft, destruction, or inadvertent disclosure of your information.
FrontStream acknowledges that you have the right to access your User Data. You are responsible for maintaining the confidentiality of your account password and for any access to or use of the Services using your password, whether or not authorized by you. Please notify us immediately of any unauthorized use of your password or account or any other breach of security.
User Data will be retained only as long as necessary for the fulfilment of the purposes referred to in this Policy.
- Children’s Privacy. The Services do not knowingly collect, use, or disclose User Data from children under the age of 13 without prior parental consent, except as permitted by the Children’s Online Privacy Protection Act (“COPPA”) or other applicable law. If we learn that we inadvertently have collected identifying User Data from an individual under the age of 13, we will promptly delete that information from our system.
- Social Networking Services. FrontStream has worked with certain third-party social media providers to offer you their social networking services through our Services. For example, you can use third-party social networking services, including but not limited to Facebook, Twitter, LinkedIn and others to share information about your experience on our Services with your friends and followers on those social networking services. These social networking services may be able to collect information about you, including your activity on our Services. These third-party social networking services also may notify your friends, both on our Services and on the social networking services themselves, that you are a user of our Services or about your use of our Services, in accordance with applicable law and their own privacy policies. If you choose to access or make use of third-party social networking services, we may receive information about you that you have made available to those social networking services, including information about your contacts on those social networking services.
- Links to Third Party Sites and Services. The Services may contain links to other websites or online services that are operated and maintained by third parties and that are not under the control of or maintained by FrontStream. Such links do not constitute an endorsement by FrontStream of those other websites, the content displayed therein, or the persons or entities associated therewith. This Policy does not apply to this third-party content. We encourage you to review the privacy policies of these third-party websites or services. In the case of Auction Services, if you place a bid through the FrontStream bidder community, we will pass your bid and related bidder and payment information on to the seller for the purposes of participation in the seller’s auction.
- International Users. For Disaster Recovery purposes, User Data will reside with a service provider outside Canada. By using the Services, you consent to the collection, storage, processing, and transfer of your information in and to the United States. Please note that privacy laws in such jurisdictions may differ from those of your jurisdiction, and that User Data may be accessed by courts, law enforcement and national security authorities in such jurisdictions. You may obtain information and address questions about the privacy policies and practices relating to handling of User Data outside of your jurisdiction by contacting our Privacy Officer using the contact information below.
For Australian Clients. In this case, FrontStream will comply with the requirements of the Privacy Act that apply to cross border disclosures of User Data.
- Your California Privacy Rights. California residents are entitled once a year, free of charge, to request and obtain certain information regarding our disclosure, if any, of certain categories of User Data to third parties for their direct marketing purposes in the preceding calendar year. To obtain such information, please e-mail your request to webmaster@FrontStream.com.
- Updating Communications Preferences (Opt out) and Unsubscribing. You may choose to receive promotional offers, newsletters, and similar communications from us regarding products and services of FrontStream and our affiliated organizations. You may opt out of receiving such communications from us by communicating your preference to us using the contact information provided at the end of this Policy, or in the case of e-mails, by clicking on the opt-out or “unsubscribe” link included at the bottom of the e-mails you receive. If you provide us with your User Data, you have the following rights with respect to that information:
- To review the user information that you have supplied to us
- To request that we correct any errors, outdated information, or omissions in user information that you have supplied to us
- To request that your user information not be used to contact you
- To request that your user information be removed from any solicitation list that we use
- To request that your user information be deleted from our records
- To opt out of being solicited by FrontStream or third parties
To exercise any of these rights, please contact us at privacy@FrontStream.com. We will respond to your request to change, correct, or delete your information within a reasonable timeframe and notify you of the action we have taken.
- Withdrawal of Consent. You can withdraw consent at any time to collection, use or disclosure of User Data, subject to legal or contractual restrictions and reasonable notice. You may do so by using the contact information provided at the end of this Policy. We will inform you of any implications of such withdrawal. We may be unable to remove information to the extent that it is permitted or required to be retained by applicable law or document retention and data backup or disaster-recovery policies, or if removal is not practicable due to technological reasons.
- Privacy Complaints for Australian Clients. If you have a complaint about how we collected or handled User Data, please contact us (see details below). We will endeavor in the first instance to deal with your complaint and take action to resolve the matter. If your complaint cannot be resolved at the first instance, we will ask you to lodge a formal complaint in writing, explaining the circumstances of the matter that you are complaining about, how you believe your privacy has been interfered with and how you believe your complaint should be resolved. We will acknowledge receipt of your formal complaint and indicate the timeframe that you can expect a response. We will endeavor to resolve the complaint as quickly as possible, but if the matter is complex and our investigation may take longer, we will let you know when we expect to provide our response.
If you are unhappy with our response, you may refer your complaint to the Office of the Australian Information Commissioner or, in some instances, other regulatory bodies, such as the Victorian Health Services Commissioner or the Australian Communications and Media Authority or the entity identified in Section 14 below.
FrontStream is responsible for the processing of personal data it receives under the Privacy Shield Framework and subsequently transfers to a third party acting as an agent on its behalf. FrontStream complies with the Privacy Shield Principles for all onward transfers of personal data from the EU, including the onward transfer liability provisions.
With respect to User Data received or transferred pursuant to the Privacy Shield Framework, FrontStream is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. In certain situations, FrontStream may be required to disclose User Data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
In compliance with the Privacy Shield Principles, FrontStream commits to resolve complaints about FrontStream’s collection or use of your User Data (personal information). EU individuals with inquiries or complaints regarding our Privacy Shield policy should first contact FrontStream at: privacy@FrontStream.com
FrontStream has further committed to refer unresolved Privacy Shield complaints to Privacy Trust, an alternative dispute resolution provider located in the United States. If you do not receive timely acknowledgment of your complaint from FrontStream, or if FrontStream has not addressed your complaint to your satisfaction, please contact or visit Privacy Trust at https://www.privacytrust.com/cert/411716.html for more information or to file a complaint. The services of Privacy Trust are provided at no cost to you.
Under certain conditions, more fully described on Annex I of the EU-US Privacy Shield Framework Privacy Shield website (How to Submit a Complaint) you may be entitled to invoke binding arbitration when other dispute resolution procedures have been exhausted.
- Contact Us. You may submit a written request to access or update User Data, or if you have questions or concerns about the collection, use, disclosure, amendment, deletion or storage of User Data. All correspondence should be sent to the following address:
e-mail to privacy@FrontStream.com
Last Update: 07/20/2017