Document information and change log

Document Information

Change log

Gender And Entity Neutrality

The masculine form is used solely for the sake of better readability. It always refers to persons of any gender identity (m/f/diverse). This document uses the abbreviation “Give” for all legal entities and subsidiaries.

Give Corporation Privacy Policy - United States

This Privacy policy reflects how GiveCorporation Inc., and all its subsidiaries ("Give" or "we") provide its payment services (the "Services") through third party websites ("Platforms"), such as marketplaces, business tools providers, and crowdfunding sites. As used in this Agreement, "Service" refers to GiveCorporation's payment processing services, as well as our website, any software, programs, documentation, tools, hardware, internet-based services, components, and any updates (including software maintenance, service information, help content, bug fixes or maintenance releases) thereto provided to you by Give Corporation, directly or indirectly. Platforms provide Give's Services to their end users ("Users" or "you") by integrating with Give's application programming interface ("API"), which also enables the Platform to provide User information to Give and receive information from Give. This Privacy Policy addresses how Give handles all User information, including User information provided by you, User information provided by the Platform, and User information obtained by Give from third parties. Give's Privacy Policy describes the ways we collect, use, and share User information. We may amend this Privacy Policy at any time by posting a revised version at this link. The revised version will be effective at the time we post it, unless we provide additional notice or an opportunity to "opt-in" because changes are material or retroactive.

By using the Services, you are accepting the practices described in this Privacy Policy. By using a Platform that has integrated with Give's API, you are also accepting the practices described in the Platform's Privacy Policy, which you should review carefully. Any information you enter on the Platform's website or application, or on Give pages, fields, or resources that are integrated with the Platform's website or application, may be shared with the owner of the Platform website or application, subject to the requirements of the Payment Card Industry Data Security Standard (PCI-DSS) and applicable law. Give is not responsible for the content or information practices of Platforms.

Information Collected

Give collects three types of information: information that Users intentionally provide to Give or the Platform, information about Users that third parties provide to Give or the Platform to augment or verify that information, and information automatically provided by Users as they interact with the Give or Platform website. Information that can be used to identify, contact, or locate a User is "personally identifiable information." Automatically provided information that uniquely identifies a device or browser is not personally identifiable information, unless it is linked to a particular User.

California Consumer Privacy Act (“CCPA”)

The California Consumer Privacy Act (“CCPA”) allows Users to know how their information is being collected, when and if sold. Users are able to opt-out. If you are a consumer located in California, we process your personal information in accordance with the California Consumer Privacy Act of 2018 (CCPA). This act empowers consumers who are California residents with the right to inquire about personal information collected by businesses covered under the CCPA. As such, you have the right to request access to your personal data, submit requests for deletion, and, if applicable, opt-out of the sale of your personal information. However, it's important to note that these provisions do not extend to personal information that is collected, processed, shared, or disclosed by financial institutions under federal law, such as the Gramm-Leach-Bliley Act.

General Data Protection Regulation (“GDPR”)

GiveCorporation only processes minimal personal information for European Union (“EU”) residents.  GiveCorporation is compliant with the General Data Protection Regulation (“GDPR”).  GDPR allows Users to know how their information is being collected, when and if sold. EU residents users agree and clearly consent before having their personal data processed.

User Provided Information

Users either accept payments as "Merchants" or make payments as "Payers." A Merchant must provide the Merchant's name, identification document, selfie to confirm your ID, email address, a self-selected password, street address, telephone number, tax identification number, merchant category code, date of birth (if a natural person), and bank account information. A Merchant may provide additional information, such as a link to its website or social media account, in order to accelerate account activation and qualify for faster disbursement of funds.

A Payer who is paying with a credit or debit card must provide the Payer's name, card number, expiration date, CVV code, country, and zip code. A Payer who is paying by ACH or EFT must provide the Payer's name and bank account information.

Merchants or Payers may voluntarily provide additional information to Give or the Platform, for example, when seeking customer support or in response to surveys or other inquiries.

Third-Party Provided Information

Give or the Platform may obtain information about Users from third parties, such as identity verification services, credit reporting services, and social networks such as Facebook, LinkedIn, Instagram, etc.. The Platform may provide Give with additional information, such as the User's transactional history on the Platform.

Automatically Provided Information

Give or the Platform may automatically record certain information about or related to your use of the Services and the Platform that is made available through your computer. Three such technologies are described below.

Log Files - Give or the Platform may collect internet protocol (IP) address, browser type, device ID, internet service provider (ISP), information about your computer and software, links, materials you request, your approximate location, referring/exit pages, date/time stamp, and other metadata. Platforms may embed Javascript code into page loads, which instructs Users' web browsers to make web requests back to our servers to collect information about User page views and other activities.

Cookies - Give or the Platform collects certain information from the User's browser using small data files called "cookies." For example, Give or the Platform may use session cookies to help recognize a User who visits multiple website pages during the same session, so that the User does not have to enter a password to access each page. Session cookies terminate once the User closes the browser. By default, Give or the Platform also uses persistent cookies to collect, store, and track information. For example, Give or the Platform uses persistent cookies to store the User's login ID (but not the User's password) to make it easier for the User to login when the User returns to the website. We encode our cookies so that only we can interpret the information stored in them. You can remove or block persistent cookies using the settings in your browser, but this may limit your ability to use our Services.

Clear GIFs and Web Beacons - Give or the Platform may employ a software technology, called clear gifs or web beacons, that helps us better manage content on the Give or Platform website, and in Give or Platform emails, by informing us what content is effective. Clear gifs are tiny graphics with a unique identifier, similar in function to cookies, and are used to track the online movements of Web users. In contrast to cookies, which are stored on a User's computer hard drive, clear gifs are embedded invisibly on Web pages and are about the size of the period at the end of this sentence.

Use of Google reCAPTCHA

To ensure the security of our services and to protect against automated abuse (such as bots or spam), Give Corporation utilizes Google reCAPTCHA on certain parts of our website and services. The use of reCAPTCHA helps us verify that interactions with our services are performed by humans, not automated systems.

By using our services, you acknowledge and agree that:

1. Google Privacy Policy and Terms of Service Apply: The implementation of reCAPTCHA is governed by the Google Privacy Policy and the Google Terms of Service. These policies detail how Google collects, uses, and protects the data it processes through reCAPTCHA.

2. Data Collection by reCAPTCHA: reCAPTCHA may collect certain information about your interaction with our website, such as:

• Your IP address.
• Browser and device information.
• The time and duration of your interaction.
• Other behavioral patterns to determine whether activity is human or automated.

3. Purpose of Use: The information collected via reCAPTCHA is solely used to secure our platform and prevent malicious activity. It is not used for advertising purposes by Give Corporation or shared with third parties beyond Google for the specific purpose of bot prevention.

By continuing to use our website and services, you agree to the processing of your data by Google as described in its Privacy Policy and Terms of Service.

"Do Not Track" Disclosure

Give does not currently respond to web browser "Do Not Track" signals or other mechanisms that provide a method to opt out of the collection of personally identifiable information across the networks of websites and online services in which we participate. If we do so in the future, we will describe how we do so in this Privacy policy. Platforms may collect personally identifiable information about a User's online activities from you or from the Give Services. Please refer to the Platform's Privacy policy for information regarding its own "Do Not Track" policy.

The Gist,

We collect and store certain information about you. This information may be provided directly by you, a platform partner, or Give may collect it based on your use of the website.

Use of Information Obtained by Give

Give collects only the personal information that is necessary for the business purpose. and uses personal data only for the purposes stated at the time of collection. Explicit consent will be obtained from you if data will be used for additional purposes. Your personal data is stored securely, using encryption and other security measures. The information is limited to authorized personnel only. Personal data is shared with third parties only when necessary and with proper safeguards in place. Third parties must comply with privacy laws. Personal information is stored only as long as necessary for the purpose it was collected, or as required by law.

Give uses User information primarily in order to develop, operate, support, maintain, enhance and provide the Services. Give uses User information to process payment transactions; to provide receipts and reports; to resolve disputes, collect fees, and troubleshoot problems; to customize, measure, and improve the Services; and to enforce our agreements with Platforms and our Terms of Service and Merchant Agreement with Users.

Give also uses User information to detect and prevent fraud and other potentially illegal activities. Give may combine User information with information from other sources using proprietary algorithms to calculate a measure of the risk that a particular User or transaction is fraudulent ("Risk Score").

Give uses User information for our administrative and operational purposes. Give or the Platform may notify you of changes in the Services, or may solicit your feedback, or may conduct market research, or may send you promotional materials. To unsubscribe from promotional emails, click the "unsubscribe" link in the email.

The Gist,

Give uses information collected about you in order to meet legal obligations and provide a better service.

Sharing of Information with Third Parties

Give may share User information with third-party service providers who help with certain parts of our business operations including settlement, security, validation of user credentials, secure data storage, marketing, customer service, and other services. Give requires that these service providers use personally identifiable User information only in connection with the services they perform for Give. In particular, the Services integrate ACH authorization services.

Give also may share non-personally identifiable User information with third parties that help us better understand how Users use our Service or help us detect and prevent fraud and other unauthorized or suspicious activity. These third parties may use cookies and other technologies to collect non-personally identifiable information about Users and combine it with similar information collected from others. They may use this information to help Give to better understand our Users, and to help their other customers better understand their users.

A Give Risk Score is not personally identifiable information, and Give may share it (and other similar information generated by Give) with Platforms or other third parties. Give claims ownership of Risk Scores and similar analytical results that we generate using User information, whether alone or in combination with other information. Give may use, disclose, or sell Risk Scores in Give's sole discretion.

Give may share User information in the event of a merger, acquisition, debt financing, sale of all or a portion of our assets, or similar transaction, or in the event of insolvency, bankruptcy or receivership in which User information is transferred to one or more third parties as one of our business assets. Should such an event occur, Give will endeavor to assure that the acquirer, successor, or assignee (as the case may be) follows this Privacy policy with respect to User information. If User information could be used contrary to this Privacy policy, Users will receive prior notice as well as the opportunity to opt out.

Give may share User information with law enforcement, government officials, or other third parties in the event of a subpoena, court order or similar legal procedure, or when Give believes in good faith that the disclosure of User information is necessary or advisable to report suspected illegal activity, or to protect Give's property or legal rights (including, but not limited to, enforcement of Give's Terms of Service, Merchant Agreement, and other agreements) or the property or rights of others, or otherwise to help protect the safety or security of the Services.

Except as expressly disclosed in this Privacy policy, Give will not sell or disclose User information to third parties. Give will not sell, rent, share, or trade personally identifiable information to third parties (other than the Platform through which Give collected such information) for their promotional purposes. Give may disclose aggregated or other types of non-personally identifiable information to third parties for various purposes.

The Gist,

We will share personally identifiable information with third parties only to best provide Give's services and in special situations, such as legal investigations and merger. We may also share non-identifiable information with third parties that help us prevent fraud and analyze website activity.

Security

Give has implemented physical, technical, and procedural safeguards to protect User information from unauthorized access, disclosure, alteration, or destruction. Give uses computer safeguards such as firewalls and data encryption, and authorizes access to personally identifiable information only for those employees, contractors, and agents who require it to fulfill their job responsibilities.

Give takes additional care to protect User information, such as credit card or bank account numbers, if disclosure of the particular type of User information could cause direct financial loss. Give encrypts such information and transmits it under Secure Socket Layer (SSL). Furthermore, Give complies with PCI-DSS requirements which ensures that sensitive information is securely stored and transmitted securely using only compliant methods.

The Gist,

Give has taken a number of steps in order to become an extremely secure service.

Location

Give stores and processes User information on dedicated servers located in secure data centers that may be located within the United States or in other jurisdictions. If you use the Services from the European Economic Area or other regions of the world with laws governing data collection and use that differ from laws of the United States, then you understand and consent to the transfer of your User information to the United States or other jurisdictions for the uses identified above in accordance with this Privacy policy. You acknowledge and agree that the privacy and data security laws in place in the United States or other jurisdictions may be different from the privacy and data security laws in force in the country in which you reside. By voluntarily providing User information, you hereby agree that you are consenting to our collection, use, storage, and disclosure of such User information in accordance with this Privacy policy. Give has put in place measures, including standard model clauses, to ensure an adequate level of protection for the rights and freedoms of individuals in relation to the processing of their personal data, as required by European data protection laws.

The Gist,

It's easy to change your user information.

Children

The Services are not intended for children. We ask that minors (persons under the age of 18) do not submit any personal information to us or use the Services.

The Gist,

You may only use Give if you are 18 years old or older.

Data Breach Response

GiveCorporation has established a Data Breach Response Plan to address any potential data breaches promptly. Employees are required to report any suspected data breaches immediately to the Incident Response team or the IRT team. Please see our contact information below.

Privacy Choice and Consent Policy

The purpose of this Privacy Choice and Consent Policy is to inform you the consumer about how GiveCorporation collects, uses, and shares their personal information, and to explain your rights regarding consent. This policy ensures transparency and compliance with applicable data protection laws. This policy applies to all personal information collected, processed, and stored by GiveCorporation including information obtained through websites, mobile applications, offline interactions, and other services.

Giving Consent

GiveCorporation is committed to obtaining explicit, informed, and freely given consent from individuals before collecting their personal information. This includes:

• Clear Language: So the consumer understands what information they are consenting to by providing information in simple and clear language.
• Purpose Specification: Explaining why personal information is being collected and how it will be used.
• Voluntary Consent: Ensuring that consent is given voluntarily, without any form of coercion or undue pressure.

Types of Consent

• Explicit Consent: Required for sensitive personal information, such as financial information. Explicit consent means the consumer has clearly agreed.
• Implied Consent: May be used in situations where consent can be reasonably inferred from the individual’s actions (e.g., providing information during a service request). However, explicit consent is preferred whenever possible.

Consent Management

GiveCorporation provides individuals with the ability to:

• Opt-In: Consent to the collection and use of your personal information. An opt-in mechanism requires an individual to take a positive action to agree.
• Opt-Out: Decline or withdraw consent for certain uses of your personal information. Opt-out mechanisms are easily accessible and understandable.
• Withdraw Consent: At any time, consumers can withdraw their consent for the collection, use, or sharing of their personal information by contacting GiveCorporation.

The opting in and opting out processes are automated. The User can do so on our website or by logging into their portal to choose the desired request. However, our contact information is listed below should you need additional information.

Data Sharing and Third Parties

When personal information is shared with third parties, GiveCorporation will:

• Obtain explicit consent from the individual, specifying who the data will be shared with and for what purpose.
• Ensure third parties comply with privacy laws and handle personal information in line with this policy.

Right to Access and Modify Consent

Individuals have the right to:

• Access Personal Information: Request details about what personal information has been collected.
• Modify Consent Preferences: Update or change their consent preferences at any time.
• Delete Personal Information: Request the deletion of their personal information, subject to certain legal exceptions.

The request process is automated. The User can do so on our website or by logging into their portal to choose the desired request. However, our contact information is listed below should you need additional information.

Accuracy and Completeness of Information

GiveCorporation is committed to ensuring that the personal information it holds is accurate, complete, and up-to-date. Individuals have the right to request corrections or updates to their personal information if they believe it is inaccurate or incomplete by doing so on our website or by logging into their portal.

Right to Update or Correct Personal Information

Individuals can request updates or corrections to their personal information at any time. GiveCorporation will take appropriate steps to verify the identity of the individual making the request before proceeding with any changes. Requests can include, but are not limited to:

• Correcting inaccurate or outdated information (e.g., name, address, contact details).
• Updating preferences or account settings.
• Adding missing details that were previously omitted.

The request process is automated. The User can do so on our website or by logging into their portal to choose the desired request. However, our contact information is listed below should you need additional information.

Procedure for Updating Personal Information

• Request Submission: Individuals can submit a request to update or correct their personal information by doing so on our website or by logging into their portal. However, our contact information is listed below should you need additional information. Please see the contact information below.
• Verification: GiveCorporation may require individuals to verify their identity to ensure that changes are being made by the rightful owner of the personal information.
• Processing Timeline: All requests for updates that have to be manually processed will be processed within 30 days. In cases where updates cannot be made within this timeframe, the individual will be informed of the delay and the reasons for it.
• Confirmation: Once the update has been processed, GiveCorporation will confirm the changes to the individual and provide information on how the updated data will be used. Denial: If the request to update the personal information, GiveCorporation will notify the user with reason for the denial.

Request Response

The request process is automated. The User can do so on our website or by logging into their portal to choose the desired request. However, our contact information is listed below should you need additional information.

Requests for updates that have to be manually processed will receive a receipt of the request, Give will confirm receipt of the request. Usually Give will send a response within 45 days for CCPA and one month for the GDPR. However, depending on varying factors and the complexity of the request (for example multiple requests) the response will be extended. Give will send a notification within the initial month indicating that the response will take longer than usual and the reason for the extension. Requests are escalated internally, ensure that all requests and responses are documented for audit and compliance purposes

Acknowledgment: I, [Individual Name], have read and understand the Privacy Choice and Consent Policy. I consent to the collection, use, and sharing of my personal information as described in this policy.

Signature: ______________________

Date: ___________________________

Contacting Give

If you have questions or concerns regarding this policy, you may email us at legal@givecorporation.com.

You can also write to us at:

Give Corporation

Privacy Policy

3200 E Camelback Rd., STE 275,

Phoenix, AZ 85018

The Gist,

You can reach us through email or postal mail regarding the Privacy policy.

The information contained herein is intended to provide a general overview of the Company’s policies and procedures relating to compliance with this Policy and does not constitute legal advice or a complete description of the laws and regulations relating to this Policy. The Company has made every effort to ensure the accuracy and completeness of this Policy.  This document is intended to provide guidance to employees of Company on how to comply with applicable laws and regulations related to this Policy. Employees should consult with the Legal or Compliance Department if they have any questions about the Policy or how to comply with it. Company reserves the right to modify or update this Policy at any time without notice. Employees are responsible for reviewing the Policy on a regular basis to ensure that they are aware of any changes. This Policy applies to all employees of Company, regardless of their position or location unless stated otherwise in the Policy. Employees are responsible for complying with the Policy and for reporting any suspected violations to their respective supervisor, the Legal Department, AMLCO or respective recipient of such violation as outlined in this Policy.