Effective Date: January 1, 2022
- Information that we receive from you when you interact with the PAnonprofitlaw.com website and any related apps and/or digital services (the “Services”);
- How we use and process the information that we receive;
- If and why Personal Data (defined below) may be disclosed to third parties; and
- Your choices regarding the collection and processing of your Personal Data.
Please note that this Policy does not apply to information collected through third-party websites or services that you may access through the Services or that you submit to us through e-mail, text message, other electronic message, or offline.
PLEASE REVIEW THIS PRIVACY CAREFULLY. When you submit information to or through the Services, you consent to the collection and processing of your information as described in this Policy.
The Effective Date of this Policy is set forth at the top of this Policy. Whenever possible, we will provide you with advance written notice by email of our changes to this Policy. We will not make retroactive changes that reduce your privacy rights unless we are legally required to do so. Your continued use of the Services after the Effective Date constitutes your acceptance of any amended version of this Policy. This Policy, and any amended versions of this Policy, supersede any and all previous versions.
INFORMATION WE COLLECT
Types of Information
We collect various kinds of information that you provide to us as well as information we obtain from your use of the Services. Some of the types of information that we collect include:
“Personal Data”—information associated with or used to identify or contact a specific person. Personal Data includes: (1) contact data (such as e-mail address, telephone number and employer); (2) demographic data (such as gender, date of birth and zip code); and (3) certain Usage Data (defined below), such as IP address.
“Usage Data”—information about an individual’s online activity that, by itself, does not identify the individual, such as:
- technical information, including your browser type, service provider, IP address, operating system and webpages visited; and
- information about what you’ve searched for and looked at while using the Services.
(Generally, we do not consider Usage Data as Personal Data because Usage Data by itself usually does not identify an individual. Personal Data and Usage Data may be linked together. Different types of Usage Information also may be linked together and, once linked, may identify an individual person. Some Usage Data may be Personal Data under applicable law.)
“Location Data” is a category of Personal Data collected about the location of a mobile device or computer, including:
- the location of the mobile device or computer used to access the Services derived from GPS or WiFi use;
- the IP address of the mobile device or computer or internet service used to access the Services,
- other information made available by a user or others that indicates the current or prior location of the user.
HOW WE COLLECT INFORMATION
From You. We collect information from you when you:
- Use the Services. We collect Personal Data from you when you create an account to use one of the Services, contact us for help or information or otherwise voluntarily provide your Personal Data. We collect the information and content that you submit to us, such as when you enter comments or submit a suggestion.
From Our Business Partners and Service Providers. Third parties that assist us with our business operations also collect information (including Personal Data and Usage Data) about you through the Services and share it with us. For example, our vendors collect and share information with us to help us detect and prevent fraud.
Usage Data. We also automatically collect Usage Data when you interact with the Services.
From cookies and other data collection tools. We, along with the service providers that help us provide the Services, use small text files called “cookies,” which are small computer files sent to or accessed from your web browser or your computer’s or tablet’s hard drive that contain information about your computer, such as a user ID, user settings, browsing history and activities conducted while using the Services. Cookies are not themselves personally identifiable, but may be linked to Personal Data that you provide to us through your interaction with the Services. A cookie typically contains the name of the domain (internet location) from which the cookie originated, the “lifetime” of the cookie (i.e., when it expires) and a randomly generated unique number or similar identifier.
Cookies help us improve the Services by such means as tracking users’ navigation habits and storing users’ password, customizing users’ experience with the Services; enabling us to analyze technical and navigational information about the Services; and helping to detect and prevent fraud.
We also use other cookies and other data collection tools (such as web beacons and server logs), which we collectively refer to as “data collection tools,” to help improve your experience with the Services.
The Services also may use data collection tools to collect information from the device used to access the Services, such as operating system type, browser type, domain and other system settings, as well as the operating system used and the country and time zone in which the computer or device is located.
Web browsers allow some control of most cookies through the browser settings. To find out more about cookies, including how to manage and delete cookies, visit www.allaboutcookies.org. Some web browsers (including some mobile web browsers) provide settings that allow a user to reject cookies or to alert a user when a cookie is placed on the user’s computer, tablet or mobile device. Most mobile devices also offer settings to reject mobile device identifiers. Although users are not required to accept cookies or mobile device identifiers, blocking or rejecting them may prevent access to some features available through the Services.
HOW WE USE YOUR INFORMATION
We may use the information we collect for any of the following purposes:
- to provide the Services to you;
- to operate, improve and personalize the products and services we offer, and to give each user a more consistent and personalized experience when interacting with us;
- for customer service, security, to detect fraud or illegal activities, or for archival and backup purposes in connection with the provision of the Services;
- to communicate with users;
- to better understand how users access and use the Services, for the purposes of trying to improve the Services and to respond to user preferences, including language and location customization, personalized help and instructions, or other responses to users’ usage of the Services;
- to help us develop our new products and services and improve our existing products and services;
- to provide users with advertising and direct marketing that is more relevant to you;
- to assess the effectiveness of and improve advertising and other marketing and promotional activities on or in connection with the Services.
Please note that, in order to provide you with a better experience and to improve the Services, information collected through the Services may be used in an aggregated or individualized manner.
For example, Personal Data collected during use of one of the Services may be used to suggest particular content that can be made available to the user on another of the Services or be used to try to present more relevant advertising in another of the Services.
HOW WE SHARE AND DISCLOSE YOUR INFORMATION
We may share and disclose information as described at the time information is collected or as follows:
When you consent. We may share Personal Data with third parties if you have given us your consent to do so. We will only share Sensitive Personal Data when you have given us your opt-in consent.
To perform services. We may disclose Personal Data to third parties in order to perform services requested or functions initiated by users. In addition, we may disclose Personal Data in order to identify a user in connection with communications sent through the Services. We also may offer users the opportunity to share information with colleagues and other users through the Services.
With third party service providers performing services on our behalf. We share information, including Personal Data, with our service providers to perform the functions for which we engage them (such as hosting and data analyses). We may share information as needed to operate other related services.
For legal purposes. We also may share information that we collect from users, as needed, to enforce our rights, protect our property or protect the rights, property or safety of others, or as needed to support external auditing, compliance and corporate governance functions. We will disclose Personal Data as we deem necessary to respond to a subpoena, regulation, binding order of a data protection agency, legal process, governmental request or other legal or regulatory process. We may also share Personal Data as required to pursue available remedies or limit damages we may sustain.
In aggregated form. We may share Personal Data about you in an aggregated form—that is, in a statistical or summary form that does not include any personal identifiers—with third parties in order to discover and reveal trends about how users like you interact with our services.
INFORMATION STORAGE AND SECURITY
We employ industry-standard security measures designed to protect the security of all information submitted through the Services. However, the security of information transmitted through the internet can never be guaranteed. We are not responsible for any interception or interruption of any communications through the internet or for changes to or losses of data. Users of the Services are responsible for maintaining the security of any password, user ID or other form of authentication involved in obtaining access to password protected or secure areas of any of our digital services. In order to protect you and your data, we may suspend your use of any of the Services, without notice, pending an investigation, if any breach of security is suspected. Access to and use of password protected and/or secure areas of any of the Services are restricted to authorized users only. Unauthorized access to such areas is prohibited and may lead to criminal prosecution.
It is important to us that you are able to access and review the Personal Data we have about you and make corrections to it or delete it, as necessary. You can contact us to manage and correct the information we have on file about you at info@PAnonprofitlaw.com. Our team will review your request and respond to you as quickly as possible.
LINKS TO THIRD-PARTY SERVICES
DISCLAIMER: NOT CHILD-DIRECTED
The Services are not intended for use by children. If you are under the age of majority in your place of residence, you may use the Services only with the consent of, or under the supervision of, your parent or legal guardian.
Consistent with the requirements of the Children’s Online Privacy Protection Act (“COPPA”), if we learn that we have received any information directly from a child under age 13 without first receiving verified consent o the child’s parent or legal guardian, we will use that information only to respond directly to that child (or the child’s parent or legal guardian) to inform the child that thei child cannot use the Services and subsequently we will delete that information.
TRANSFER OF PERSONAL DATA OUTSIDE OF THE EUROPEAN ECONOMIC AREA AND INTERNATIONAL USERS
We will not transfer Personal Data relating to individuals within the European Economic Area (“EEA”) to third parties (i.e., those outside of our group of affiliates and service providers) located outside of the EEA without ensuring adequate protection under the applicable European law. Where a third party is located in a country not recognized by the European Commission as ensuring an adequate level of protection, we (or our affiliates or service providers) will take appropriate steps, such as implementing standard contractual clauses recognized by the European Commission, to safeguard your Personal Data.
PAnonprofitlaw.com is headquartered in the United States and the Services are hosted in the United States. If you are located outside the United States, your information is collected in your country and then transferred to the United States or to another country in which we (or our affiliates or service providers) operate. Any Personal Data collected through the Services about visitors located outside of the United States is processed in the United States by us or by a party acting on our behalf.
WHEN YOU PROVIDE PERSONAL DATA TO US THROUGH THE SERVICES, YOU CONSENT TO THE PROCESSING OF YOUR PERSONAL DATA IN THE UNITED STATES.
DATA PROTECTION PRIVACY UNDER THE EUROPEAN UNION’S GENERAL DATA PROTECTION REGULATION
The European Union’s General Data Protection Regulation (“GDPR”) and other privacy laws protect Personal Data collected from citizens of European Union Member States. The GDPR is a comprehensive data protection law that strengthened the protection of Personal Data in light of rapid technological developments, the increasingly global nature of business, and more complex international flows of Personal Data. The GDPR replaces a patchwork of national data protection laws with a single set of rules, directly enforceable in each European Union Member State.
If the GDPR applies to you, then you may request information about:
- The general purpose of the Personal Data processing;
- The categories of Personal Data concerned;
- Who else outside of us and our affiliates may have received Personal Data from us;
- What the source of the Personal Data was (if you did not provide it directly to us;
- How long the Personal Data will be stored.
We will store your Personal Data for as long as necessary to fulfill the purpose for which the Personal Data was collected and processed, including for the purposes of satisfying any legal, regulatory, accounting, or reporting requirements. To determine the appropriate retention period for your Personal Data, we will consider the amount, nature, and sensitivity of the Personal Data, the potential risk of harm from unauthorized use of disclosure of your Personal Data, the purposes for which we process your Personal Data and whether we can achieve these purposes through other means, and the applicable legal requirements. Upon expiration of this time frame, we will securely erase and destroy all of your collected Personal Data, in accordance with applicable laws and regulations.
Personal Data does not include data from which you can no longer be identified due to encryption or anonymity. In some circumstances, we may completely anonymize your Personal Data so that it is no longer attributable to you. In this case, the information will no longer be considered Personal Data for GDPR purposes.
RIGHTS TO YOUR PERSONAL DATA UNDER THE GDPR
If the GDPR applies to you, then you have particular rights as an individual under this regulation, including the right to:
- Request access to your Personal Data stored by NCH and request certain information in relation to its processing;
- Request a change and/or update be made to your Personal Data stored by NCH;
- Request restriction of processing of your Personal Data;
- Request erasure of your Personal Data stored by NCH; and
- Object to the processing of your Personal Data.
Reasonable access to your Personal Data will be provided at no cost to you upon request made to us at info@PAnonprofitlaw.com. If access cannot be provided within a reasonable time frame, we will provide you with a date when the information will be provided. If for some reason access is denied, we will provide an explanation as to why access has been denied.
WITHDRAWAL OF CONSENT
We acknowledge that even though you may initially consent to the processing of your Personal Data, you may want to withdraw your consent from time to time. You may withdraw your consent from the processing of Personal Data either entirely or in part. To withdraw your consent, please contact us at info@PAnonprofitlaw.com.
QUESTIONS OR CONCERNS
If you have any questions or concerns regarding the rights established under the GDPR, please contact us at info@PAnonprofitlaw.com.
CALIFORNIA CONSUMER PRIVACY RIGHTS
If you are a California resident, you may have the rights described below with respect to the Personal Data we have collected about you as a user of the Services.
Right to Know and Right to Request Information
Under the CCPA, California residents have certain rights regarding their Personal Data, including:
- The right to know the categories of Personal Data that we have collected and the categories of sources from which we got the information;
- The right to know the business purposes for sharing Personal Data;
- The right to know the categories of third parties with whom we have shared Personal Data;
- The right to access the specific pieces of Personal Data we have collected and the right to delete your information;
- The right to not be discriminated against if they choose to exercise their privacy rights; and
- Notice at collection of categories of Personal Data collected under the CCPA.
To review, request access to, or exercise your rights under the CCPA, please contact us at info@PAnonprofitlaw.com.
Right to Request Deletion
You have the right to request that we delete your Personal Data. “Deleting” Personal Data means:
- Permanently and completely erasing the Personal Data on existing systems with the exception of archived or back-up systems;
- De-identifying the Personal Data; or
- Aggregating the Personal Data.
If Personal Data is stored, archived, or listed in a backup system, we reserve the right to delay compliance with the consumer’s request to delete, with respect to data stored on the archived or backup system, until the archived or backup system is next accessed or used. We will inform the person(s) of this in the event is it applicable to their request.
We must maintain a record of the individual requesting deletion pursuant to the Civil Code section 1798. 105(d).
We are not required to comply with a consumer’s request to delete the consumer’s Personal Data if it is necessary for us or a service provider to maintain the consumer’s Personal Data in order to:
- Complete the transaction for which the Personal Data was collected, provide a good or service requested by the consumer, or reasonably anticipated within the context of an organization’s ongoing business relationship with the consumer, or otherwise perform a contract between the organization and the consumer;
- Detect security, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for that activity;
- Debug to identify and repair errors that impair existing intended functionality;
- Exercise free speech, ensure the right of another consumer to exercise his or her right of free speech, or exercise another right provided for by law;
- Comply with the California Electronic Communications Privacy Act pursuant to Chapter 3.6 (commencing with Section 1546) of Title 12 of Part 2 of the Penal Code;
- Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the deletion of the information is likely to render impossible or seriously impair the achievement of such research, if the consumer has provided informed consent;
- To enable solely internal uses that are reasonably aligned with the expectations of the consumer based on the consumer’s relationship with the organization;
- Comply with a legal obligation; and/or
- Otherwise use the consumer’s Personal Data, internally, in a lawful manner that is compatible with the context in which the consumer provided the information.
To submit a request to delete your Personal Data and exercise your rights under the CCPA, please contact us at info@PAnonprofitlaw.com.
Right to Opt Out
Right to Non-Discrimination
Submitting a Data Subject or California Consumer Request
All requests received will be reviewed and verified prior to the request being processed by our privacy team. You may designate an authorized agent to make a request to know or a request to delete your Personal Data by providing the authorized agent written permission to do so; and by verifying your own identity with us directly. We will deny any requests from agents that do not submit proof of authorization. To submit your questions and inquiries related to your rights, please contact us at info@PAnonprofitlaw.com.
Third-Party Payment Service
5275 Germantown Avenue
Philadelphia, PA 19144