Privacy Policy
Last Updated: 10/04/2020
Privacy Policy
Policy Statement
Grantey Inc. (“Grantey ,” “we,” “us,” or “our”) is committed to protecting the privacy of your information. Grantey provides this privacy policy (“Privacy Policy”) in support of our commitment to safeguarding your personal information. This Privacy Policy applies to information collected when you access or use our websites (“Sites”) or our products, software services, educational material, and applications (“Software”), collectively referred to as “Services.” Our Services include: Grant Management Software, Grant Editing Software, AI tools and features, Data Sharing & Software, Intelligence Solutions, Webinars, Grant Match, and Grant Writing, Business Services, Growth Services and more to be added with or without notice. By accessing or using our Services, you accept the terms of this Privacy Policy.
This Privacy Policy describes the information collected through the Services and how that information is used and shared. This Privacy Policy also explains your rights and choices regarding your personal information, how we communicate changes to this Privacy Policy, and how you may contact us regarding questions or issues with respect to anything contained in this Privacy Policy. Grantey and its service providers may collect or receive the types of information described below in connection with your access to and use of the Services (collectively, “Collected Information”). If you have any questions or concerns about our use of your personal information, please contact us using the contact information provided at the end of this Privacy Policy.
By accessing or using our Services you agree on behalf of yourself and any company or organization that you represent (together, “you”) that you have read and understand this Privacy Policy, including the collection, use, and disclosure of information described below. As may be required by applicable law, we may also seek your explicit consent to process certain data and information collected via the Services.
Changes to Privacy Policy
Grantey may, in its sole discretion, change this Privacy Policy from time to time. All changes will be effective immediately upon posting to the Services. Material changes to this Privacy Policy will be conspicuously posted on the Site or otherwise communicated to you. Please refer back to this Privacy Policy on a regular basis.
Authorized Users
Grantey clients who have entered into agreements with Grantey for our Services (“Clients”) may designate authorized users from among their employees, contractors, and agents (“Authorized Users”) with the right to access and use our Services. To access our Services you must be an Authorized User and at least eighteen (18) years old.
Information We Collect
The information that we may collect from or about you when you use our Services broadly falls into the following categories: information that you voluntarily provide to us, for example, your contact information and certain other personal information; information collected through your use of the Service, for example, account activity and data collected by the servers used to operate the Services; location information; data collected by tracking technologies; information collected when you connect with social media platforms using the Services; and data collected by embedded content.
Personal Information
You can visit and use our Sites without submitting personal information, but you will be required to submit personal information to use certain features of our Sites and other Services. We will collect any personal information from or about you that you choose to submit to us, which may include: your name, your email address, payment information, your home and business mailing addresses, mail codes, business title, department, employee type or status, hire date, employee ID, and manager/hierarchy information. For example, we collect personal information when you register with or use our Services, when you use our Services to communicate via internal messaging with other employees, contractors, or agents of your employer, when you make a charitable donation, when you submit a request for a matching program, when you volunteer for a project that requires submission of contact information, when you participate in a blog, when you post User Content (as defined below) on our Services, when you fill out a form to download a white-paper or request a demo, in receiving and fulfilling information requests, and when you respond to communications from us. Additionally, if you visit or register on a Grantey sponsored site through social media, we may also receive certain personal information from those social media sites, and/or post regarding your charitable activity.
Organization Portal Account Information
If you are an entity founded and operated for the benefit of others, typically a not-for-profit, nonprofit, charitable, or tax-exempt organization (“organization”), that has received funds from or on behalf of Grantey, you can register for an account on our disbursements portal by submitting your name, telephone number, email address, and the access code that accompanied those funds. You may populate your account profile with additional information you choose to submit.
Donor Portal Account & Donation Information
If you are an Authorized User, you may be required to submit certain information to register for that account, including your name and employee ID.
We will collect all information you choose to provide when logged into your Grantey account, including, for example, your organization searches, matching gift and payroll contribution requests and activity, volunteer hours logged, and donation activity.
Donations made by Authorized Users may be made by credit or debit card. All credit and debit card information is provided directly to our PCI-compliant third-party payment processor. Grantey does not directly access, handle, or store your credit or debit card information. To make a donation using the Services, you will need to submit your name and your credit or debit card type, number, expiration date, security code, and billing address. Payment by credit or debit card is subject to the approval of the card issuer. We will not be liable in any way if a card issuer refuses to accept a credit or debit card for any reason. We will maintain a record of the donations and other gifts that you make using the Services and we will also collect all other information you and the Client choose to provide when making a donation or otherwise completing a transaction using the Services.
If you choose to make a donation through the Services, your contact information may be shared with the organization(s) which are receiving the donation. This information may include your full name, email address, telephone, and mailing address (including street, city, state, country, and ZIP/postal code). You may be given the ability to select, change, or anonymize this information before it is shared with the applicable organization(s) if your employer elects to activate that capability.
User-Generated Content
You are responsible for any comments, data, text, images, video, audio, and other content and material that you create, post, transmit, upload, publish, distribute, broadcast, submit, or otherwise provide using the Services (collectively, “User-Generated Content”). User-Generated Content that you provide is posted on or otherwise made available through the Services at your own risk. We cannot guarantee that User-Generated Content you provide will not be viewed by unauthorized persons or entities. You understand that, even after removal, copies of User Content that you have provide may remain viewable in cached and archived pages and may have been copied or stored by Internet archives and other users of the Services.
IP Addresses and Related Information
The servers used to operate and provide the Services may collect data pertaining to you and the equipment, software, and communication methods you use to access the Internet and the Services, including TCP/IP addresses assigned to the computers and other devices from where you access the Internet, your Internet Service Provider (ISP), your device ID, your approximate geographic location, your browser type, language preferences, referring and exit pages, URLs, date and time stamps, amount of time spent on particular pages, sections of the sites visited, clickstream data, search terms, operating systems, website traffic, and keywords. Grantey may use this information to administer the Services, the site and its servers, to generate statistical information, to monitor and analyze site traffic and usage patterns, to monitor and prevent fraud, to investigate complaints and violations of our policies, and to improve the site’s content and the products, services, materials, and other content that we describe or make available through the site and Services. We may combine this information with personal information, and information obtained from third parties for the purposes discussed herein. The service providers that we use to provide the site may collect information about your visits to the site and other websites.
Location Information, Cookies, and Other Tracking Technologies
When you visit or use our Services, cookies or other tracking technologies may be automatically used to facilitate and enhance the user experience on the Services and for other purposes as described below. A cookie is a small piece of information that your browser stores on your device’s hard drive and stores information about your Grantey account (if applicable), preferences, and use of our Services. We use cookies to track how you access and use the Services, to learn how popular Service pages are and are not, to learn which search terms are used to find the Services, to learn which websites direct you to the Services, to recognize you when you return to our Services, and to track and target your interests in order to provide a customized experience (e.g., by remembering and displaying your contact and other information). They also help us to detect certain kinds of fraud. We use cookies to store preferences, record session information, record user-specific information on what pages are accessed or visited, alert you to new areas of our sites, or customize web page content.
"Session" cookies are temporary cookies used for various reasons, such as managing page views. Typically, your browser will erase session cookies once you exit the browser.
"Persistent" cookies are more permanent cookies that are stored on your computer or mobile device after you exit the browser. Persistent cookies allow us to retrieve certain information that you have previously provided to us (e.g., your user ID if you asked for it to be remembered). Our Services may use both session and persistent cookies.
Our Services may also use "tracer tags," which are tiny graphic images placed on Service pages or in our e-mails that allow us to determine whether you have performed certain actions. When you access these pages or open e-mail messages, the tags generate a notice of that action to us or our service providers. These tools allow us to measure responsiveness to our communications and improve our Services and promotions. Our use of cookies for tracer tags is restricted to session cookies and therefore does not leave artifacts on user workstations.
The Services may use both cookies that we implement and cookies implemented by our service providers and other third parties. Our service providers may use cookies and other tracking technologies, such as pixel tags, to track visitors across the Internet to understand how you get to the Services. Most browsers automatically accept cookies. You may manage, block or delete cookies and other tracking technologies by adjusting your browser's security and privacy settings but, if you do so, you may not be able to use particular features of our Services and your enjoyment of the Services may be impacted. Due to this automatic collection of data using cookies, we do not honor “do not track” requests.
Social Media
The Services may allow you to connect to and share information with various social media platforms, for example, Facebook, Twitter, LinkedIn, and Instagram. These features may require us to implement cookies, plug-ins, and application protocol interfaces (APIs) provided by those social media platforms to facilitate those communications and features. We may share information that you provide us or that we may collect about your use of the Services with those platforms and that information will be subject to their privacy policies. We encourage you to review those platforms’ privacy policies: Facebook’s Data Policy; Twitter’s Privacy Policy; LinkedIn’s Privacy Policy; and Google’s Privacy Policy. In addition, by choosing to use any third-party social media platform or choosing to share content or communications with any social media platform, you allow us to share information with the designated social media platform. We cannot control any policies or terms of such third party platform. As a result, we cannot be responsible for any use of your information or content by a third party platform, which you use at your own risk.
Embedded Content
The Services may incorporate content, including feeds scripts embedded in the Services’ code and visible content (for example, videos), provided by third parties. In some cases, those third parties collect data about how you interact with their content. For example, Vimeo may collect or otherwise have access to usage data on videos embedded on the site as described in Vimeo’s Privacy Policy.
How We Use and Disclose Collected Information
In addition to the uses described above, Grantey and its service providers may use and disclose Collected Information as described below. We do not use, sell, rent, or disclose Collected Information except as stated in this Privacy Policy or as permitted by applicable law.
We will use Collected Information in connection with the reason for which it was collected. For instance, to provide the Services; administer, to improve and provide access to our Services; to manage and maintain Grantey accounts; to process donations; to respond to inquiries; to upload User-Generated Content; and to communicate with you regarding our products and services, your Grantey account, or other matters that may be of interest to you (subject to applicable laws and the terms of this Privacy Policy). If you provide us with your phone number in connection with your account, we may call you at that telephone number regarding your account or your requests for support.
If you submit a resume or other job application materials to us, we may use those materials to evaluate your qualifications and to otherwise consider or respond to your application for employment. Your submission of a resume or other job application materials does not in any way require Grantey to review that application or consider you for employment.
By virtue of applying for a grant with a Grantey client, grant-seekers, or organizations, as applicable, are consenting (opting-in) to Grantey use of the organizational information they provide in connection with that grant application. We communicate with organizations on a periodic basis via email or phone to resolve or investigate customer service issues. We may also use grant-seeker and organization email addresses to notify you of updates to philanthropic activity and to send notices and other disclosures as required by law.
We will make User-Generated Content available to other users of the Services as applicable. For example, if you are an Authorized User and you create a volunteer event through the Services, other Authorized Users at the applicable Client will be able to view, copy, and use that information.
We may use Collected Information to analyze, develop, and improve our products and services to inform fundraising, marketing, and communication plans and strategies, and to provide you with information about additional products or services that you request or that we believe are relevant or may be of interest to you, subject to applicable laws and the terms of this Privacy Policy.
We may aggregate and anonymize personal information and other Collected Information to create anonymous aggregate data on Service users, which describes users as a group but does not reveal the identity of individual users. We may provide that data in response to a government request or to other third parties for lawful purposes and we may use that data to understand Service users’ needs, to determine Service user demographics and usage patterns, to determine what kinds of products and services we can provide, and to improve and enrich our products and services.
We do not share Collected Information with third parties for marketing purposes and we never sell your personal information to anyone or any organization. We may, however, share Collected Information with third parties without notice to you under the following certain circumstances:
Service Providers - When we engage a service provider to perform certain business-related functions or provide services to us in connection with the Services, we only provide them with the information that they need to perform their specific function and as may be otherwise permitted by applicable law. These service providers include our Services management and hosting suppliers, payment processors, and public relations service providers. Our suppliers are authorized to and may use and disclose Collected Information as necessary for them to provide the applicable services to us. We may also share your information with any of our parent companies, subsidiaries, or other companies under common control with us.
Legal Requirements - We may use and disclose Collected Information if required to do so by law or in the good faith belief that such action or disclosure is necessary or appropriate to (i) comply with any legal obligation, report unlawful activity, cooperate with law enforcement, protect against legal liability, or bring legal action in the event of a violation of our contracts, terms, or policies, (iii) protect and defend our rights, property, personnel, suppliers, sponsors, agents or licensors, or (iv) protect the personal safety or rights of users of our Services or the public. We may use and share personal and other Collected Information in order to investigate, prevent, and take action regarding illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, violations of Grantey ' terms, and as otherwise required by law.
Business Transfers - Circumstances may arise where Grantey decides to sell, buy, merge, or otherwise reorganize our company. Collected Information may be transferred, sold, or otherwise disclosed to the successor of the transaction in the event of a corporate sale, merger, reorganization, dissolution, change of control, or similar event, or if assets sold include our agreements with our customers.
Third-Party Websites, Social Media, and Outside Services
Our Services may contain links to or be linked to websites, products, and services, including social media sites such as Facebook and Twitter, not maintained or controlled by Grantey . Those third-party websites may place cookies or other tracking technologies on your computer or personal device. Information collected by third-party websites is governed by their privacy practices, not this Privacy Policy. You should read the privacy policy for each website that you visit. We are not responsible for the privacy policies or practices of any third parties or third-party websites, including how they collect, use, disclose, distribute, or maintain information.
We are not responsible for protecting any User-Generated Content you post on our Services or on social media web pages associated with Grantey . Any User-Generated Content you post on our Services or associated social media pages is unprotected and may be viewed by anyone with access to the applicable website or service, including, but not limited to, Client(s), Authorized Users, and other users of our Services.
User-Generated Content published on our Services or associated social media sites may also appear in search engine results (such as Yahoo!, MSN, Google, and other search engines) and in the cache of those search engines, feeds, and third-party websites pursuant to cobranding agreements. We have no control over updating and/or removal of User-Generated Content that appears on websites not controlled by Grantey , which is solely the responsibility of the search engines, third-party websites, and RSS web feed resources.
You acknowledge and agree that Grantey is not liable for the information published in search results or by any third party website that carries any User-Generated Content or personal information published on our sites or associated social media sites.
Choice/Opt-Out
We communicate with Authorized Users on a periodic basis via email or phone to resolve or investigate customer service issues. We may also use Authorized User email addresses to confirm your philanthropic activity and to send notices and other disclosures as required by law. Authorized Users can remove himself or herself as a qualified donor by contacting the applicable Client's Human Resources department.
If you subscribe to our blog or otherwise opt in to receive promotions or communications from us, you will need to submit your email address. We will use this information to send you blog posts and other electronic communications. We may use third-party email providers to deliver these communications to you. Grantey offers you control over your privacy preferences regarding promotional e-mail. You may update these preferences at any time. Please allow sufficient time for your preferences to be processed.
You may opt out of receiving promotional e-mails from us when registering for an account by unchecking the box that asks whether you would like to receive e-mail updates about new features, products, and services.
You may unsubscribe from receiving promotional e-mails of certain types (or a companywide unsubscribe) at any time by following the unsubscribe instructions contained in the applicable email. When you receive a promotional e-mail from Grantey , it will contain a link that allows you to unsubscribe, however, you will continue to receive non-promotional e-mails from us, such as communications regarding the Services.
Accessing and Correcting Personal Information
Grantey needs your help in keeping the personal information you have shared with us accurate and up to date. If you have a Grantey account, you may, depending on the type of account, be able to make these updates yourself online by logging into your Grantey account.
Grantey is primarily a data processor and not authorized by our clients (the data controller) to correct, modify, or remove your Personal Information without a client’s consent. If you are an Authorized User, please first contact the applicable Client’s Human Resource department to request to correct, modify, or remove your personal information from the Grantey Services. If your Human Resource department is unable to help with your request, please contact us at info@Grantey.com
If you do not have a Grantey account and wish to access or update your personal information as it exists in our records, please contact us at info@Grantey.com
Children’s Privacy
Our Sites and other Services are not directed at children under the age of 13. Grantey does not knowingly collect or use information from children under the age of 13 through the Services.
Access from Outside the United States
If you are accessing or using our Services from outside the United States, please be aware that Collected Information may be transferred to, stored in, and processed in the United States (where our and our service providers’ servers and databases are located and operated). The data protection and related laws and regulations of the United States might not be as comprehensive as those in the country from which you are accessing the Services.
Important Notices to Non-U.S. Residents/EU-U.S. Privacy Shield Certification/ Swiss-U.S. Privacy Shield Certification
Grantey complies with the EU-U.S. and Swiss-U.S. Privacy Shield Frameworks as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information from European Union member countries and Switzerland to the United States, respectively. Grantey has certified to the Department of Commerce that it adheres to the Privacy Shield Principles of Notice, Choice, Accountability for Onward Transfer, Security, Data Integrity and Purpose Limitation, Access, and Recourse, Enforcement and Liability. If there is any conflict between the policies in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification page, please visit https://www.privacyshield.gov.
To adhere and comply with EU-U.S. and Swiss-U.S. Privacy Shield principles and requirements, Grantey is providing the following information and notice:
The types of personal information collected are described above under the section entitled, “Information We Collect.”
Grantey does not disclose personal information to subsidiaries or third parties; however, personal information is backed up and stored at an offsite location with third-party vendors, Wix Inc., located in Andover, MA, Access, located in Peabody, MA, and Amazon S3, located in northern Virginia, who lawfully cannot access the data, as the data is stored in an obfuscated manner with encryptions and other protections. The third-party vendor has agreed with Grantey not to transfer any data to another party, vendor, or organization.
You have a right to access your personal information. Please first contact your employer’s Human Resource Department to inquire about access to your personal information provided by your employer to Grantey .
You have the right to opt out of having your personal information collected by Grantey . Please follow the instructions under the Accessing and Correcting Personal Information section above.
You have the right to be notified if the information you disclosed is to be disclosed to a new third party or to be used in a materially different purpose other than originally collected. You will be notified by Grantey through your employer or through the Terms and Conditions on the Grantey website.
Grantey is subject to the enforcement powers of the Federal Trade Commission.
Grantey is required to disclose personal information in response to lawful requests by public authorities, including, but not limited, to meeting national security or law enforcement requirements.
Grantey is liable in cases of onward transfer to third parties, except for cases of unlawful misconduct by unauthorized users or intentional violation of Grantey contractual agreements.
Grantey does not collect sensitive information, which includes: medical, health conditions, race, ethnic origin, political opinion, religious or philosophical beliefs, trade union membership, or sex life. If such sensitive information is ever collected, you must express affirmative consent to opt in for use of that sensitive information if that information is to be disclosed to third parties or used for purposes other than those originally collected.
Grantey takes reasonable and appropriate measures to protect personal information from loss, misuse and unauthorized access, disclosure, alteration, and destruction by taking into due account the risks involved in the processing and the nature of the personal information.
Grantey only processes personal information that is compatible for Grantey ’ general purpose for processing.
Grantey retains personal information only for as long as it serves its purpose for processing as outlined in this Privacy Policy. For personal information that we process on behalf of our clients, we will retain that personal information in accordance with the terms of our agreement with each client, subject to applicable law.
You have the right to access your personal information and be able to correct, amend, or delete the information when it is inaccurate or processed in violation of the Principles, except where the burden or expense of providing such access would be disproportionate to the risks of the individual’s privacy or the other person’s rights would be violated. Grantey will expeditiously respond to your complaints. First, contact your employers’ Human Resources Department to access, amend, or remove your personal information or any other complaint regarding your personal information. If your employer does not respond within an expedient timeframe, then Grantey will respond and attempt to resolve your complaint.
It is important to note that the Grantey sites and our servers are operated in the United States. If you are located outside of the United States, please be aware that any personal information you provide to us will be transferred to the United States. Your employer is the data controller and Grantey is the data processor. Your employer as the data controller determines the purpose and means of processing the personal data. Grantey then collects, records, organizes, stores, and adapts the personal data to interact with Grantey Software and Services. By using the Grantey ’ Services and by providing us personal information in any manner, you consent to this transfer and our use of the information and data provided by you in accordance with this Privacy Policy except in the case of data transfers from the EEA and Switzerland, which are covered under the EU-U.S. and Swiss-U.S. Privacy Shield Frameworks.
In compliance with the EU-U.S. and Swiss-U.S. Privacy Shield Principles, Grantey commits to resolve complaints about your privacy and our collection or use of your personal information. European Union or Swiss individuals with inquiries or complaints regarding this privacy policy should first contact us at: privacy@Grantey.com.
We will investigate your question, respond to your inquiry, and attempt to resolve any concerns regarding your privacy question. Cyber Grants has further committed to refer unresolved privacy complaints under the Privacy Shield Principles to BBB EU PRIVACY SHIELD, a non-profit alternative dispute resolution provider located in the United States and operated by the Council of Better Business Bureaus. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit http://www.bbb.org/EU-privacy-shield/for-eu-consumers for more information and to file a complaint.
For residual complaints not resolved through these channels, under certain conditions, to invoke binding arbitration before a Privacy Shield Panel, pursuant to Annex I of the Framework.
Grantey will expeditiously respond to your complaints regarding human resources data. First contact your employers’ Human Resources Department to access, amend, or remove your personal information or any other complaint regarding your personal information. If your employer does not respond within an expedient timeframe, then Grantey will respond and attempt to resolve your complaint. With respect to complaints involving human resources data collected in the context of the employment relationship, Grantey commits to cooperate with the panel established by the EU data protection authorities (DPAs) and the Swiss FDPIC and to comply with their advice.
Important Notices for EU General Data Protection Regulation (GDPR)
Grantey has updated internal policies to align with EU General Data Protection Regulation (GDPR). Please visit our policy statement located here EU General Data Protection Regulation (GDPR).
Security
To view our security measures please see our below, which is incorporated into this Privacy Policy.
We use SSL (Secure Sockets Layer). This measure of protection is used by many electronic commerce sites and on-line banks to protect personal and financial information.
Grantey will not retain your personal data longer than is necessary to fulfill the purposes for which it was collected or as required or permitted by applicable laws or regulations. For personal information that we process on behalf of our clients, we will retain that personal information in accordance with the terms of our agreement with each client, subject to applicable law.
If you become aware of any breach of Service security or this Privacy Policy, please notify us at info@Grantey.com immediately. If our security system is breached, we will notify you of the breach only if and to the extent required under applicable law.
Contact Us:
Inquiries, Access, and Updating Your Personal Data
Questions regarding this Privacy Policy or Grantey information practices should be directed to the Grantey Privacy Officer at privacy@Grantey.com or by mailing Grantey Inc at the address provided after contacting us.