Privacy Policy
EFFECTIVE DATE: November 28, 2022
1. PURPOSE OF POLICY
Welcome! DonaLeb is committed to protecting your privacy. We created this Privacy Policy (“Policy”) to give you confidence as you visit and use DonaLeb’s website and mobile application, and any other related services provided by us (collectively, the “Service”). This Policy covers how we collect, use, store, and share your information which on its own, or in combination with other information, may be used to identify you as an individual (“Personal Data”). This Policy has been updated to comply with the requirements of a new data privacy law known as the EU General Data Protection Regulation (“GDPR”). All references to “we”, “us”, “our”, or “DonaLeb” refer to DonaLeb Inc., a Delaware C Corp. All references to “you”, “your”, or “user” refers to the end-user of the Service, and where applicable, to persons who support a cause through the DonaLeb fundraising functionality provided on the Service (“CorporateGiving”). Do not hesitate to contact us at yasmine@donaleb.com if you have any questions or want to discuss this Policy.
Where we are acting as a controller of your Personal Data, by using the Service and agreeing to this Policy, you consent to the privacy practices described in this Policy. Additionally, you consent to the use of your Personal Data by the charities, mission-driven businesses, and the company donors who support and benefit from the DonaLeb’ challenge(s) that you participate in (“Partners”), as described in this Policy. Where we are acting as a processor of a Partner, we will process your Personal Data in accordance with the provisions of the Partner’s Privacy Policy and under the instructions of the Partner.
2. INFORMATION WE COLLECT AND HOW WE USE IT
Information You Voluntarily Provide Us.
When you sign up for an account through the Service, you will be required to provide us with various Personal Data. Specifically, when you sign up for the Service, we collect your name and email address, and you will be required to create a password. In addition, as you use the Service, you may choose to provide additional Personal Data, including weight, height and access to your camera or photos. Furthermore, the Service allows you to post content on the Service through functions such as chat and comments and we collect this information, which can be considered Personal Data. You may provide the foregoing Personal Data and information by entering it into the Service, or through a third party service. While the information described here is provided to us only with your permission, some aspects of the Service may not be available if you choose not to provide us with such information and Personal Data.
Donors are not required to create an account through the Service, but will be required to provide their name, and email address to process their payment via our payment processing integration partner. In some instances, additional information may be requested by DonaLeb to ensure that your contribution can be managed correctly by our partner, which may include your address e.g. to send you a donation confirmation as further described in this policy.
Information We Automatically Collect as You Use the Service.
In addition to the information you voluntarily provide us, when you sign up for the Service and use the Service, we automatically collect your geo-location while the application is running on your device. You may be able to limit such collection in the settings on your device. As with the voluntarily provided information described above, some aspects of the Service may not be available if you choose not to provide us with such information and Personal Data.
Cookies.
After you have created an account, we use cookies to remember you as a user of the Service and to streamline the functionality of the Service. These are first party cookies, not third party cookies, meaning that the cookies are only used to track your activity on the Service, and not on third party sites or services.
Other Anonymous Data We Collect.
When you use and visit the Service, we may also use third-party services, such as Google Analytics, which use cookies to collect generic, anonymous information that does not identify you. We use this information to better understand how users interact with the Service and to improve your user experience while using the Service. To opt out of Google Analytics’ cookies, please visit https://tools.google.com/dlpage/gaoptout?hl=None.
3.PURPOSES OF COLLECTION AND LEGAL BASIS FOR USE
In furtherance of these purposes, we use the Personal Data described above primarily for providing you with the core aspects of the Service. The legal bases for us to process your Personal Data to provide the core aspects of the Services, where we are acting as controller of your Personal Data, are as follows: (a) first and foremost, you provided your consent by agreeing to this Policy, which you may withdraw at any time by emailing us at yasmine@donaleb.com; (b) the processing is necessary for our contractual relationship with you (in other words, to provide the Service to you that we have agreed to provide, we need to process your Personal Data); (c) the processing is necessary for us to comply with our legal or regulatory obligations; and (d) the processing is in our legitimate interest as a provider of the Services (for example, to protect the security and integrity of our systems and to provide you with customer service and the core functionality of the Service).
However, we also use the Personal Data to send you information about DonaLeb and the Service. When creating your DonaLeb profile, you have the option to consent to us sending you the DonaLeb newsletter or to otherwise contact you about promotions, updates, and features of the Service.
Another purpose for which we collect and use your Personal Data is to provide a service to our Partners. Where we are acting as a processor for such Partners, we will process your Personal Data (including sharing your Personal Data with them), as set out in Partner’s Privacy Policy or otherwise as directed by Partner. In some cases, we may collect consent to such processing on behalf of the data controller where our Partner requests that we do so and your consent to this Policy serves as such consent.
We may provide Partners with metrics and analytics associated with a challenge that Partners are supporting, such as participation in a challenge, success of a challenge, and other related information and to provide Partners with your Personal Data to contact you about their products, services, and calls to action.
Your Personal Data will only be shared with the Partners who are involved with the challenge that you are participating in. If you are involved in more than one challenge, your Personal Data will be shared with those Partners who are involved in the subsequent challenges you participate in.
Personal Data of Donors is collected for the purpose of providing the peer to peer functionality, which enables Corporate Giving Donors (who may not be users of the Service) to contribute money in the name of a user such that the user can raise additional funds as part of the challenge in which the user is participating.
4. HOW WE SHARE YOUR PERSONAL DATA
Information Shared By You Through The Service.
You may, now or in the future, be able to choose to voluntarily share Personal Data collected through the Service, to public forums on the Service, through email, or through third party social media platforms.
In particular, you may also choose to voluntarily share photos or other similar materials through the Service. We or the Partners who are involved with the challenge(s) that you are participating in may use, copy, modify, share, publish, or redistribute, such materials for promotional or for other similar purposes.
Our Personnel.
To be able to effectively provide you with the Service, and to improve the functionality of the Service, we may disclose your Personal Data to our personnel, including our employees, contractors, and agents, to the extent that such persons or entities have a need-to-know such information in furtherance of the Service.
Our Vendors.
We work with third party service providers to provide website, application development, hosting, maintenance, data processing, customer service, payment processing, and other services for us in furtherance of the Service. These third parties (who are data sub processors for the purposes of GDPR) may have access to or process your Personal Data as part of providing those services for us. However, we limit the information provided to these service providers to that which is reasonably necessary for them to perform their functions and we have contracts in place with such vendors in line with the Article 28 requirements of GDPR, pursuant to which they are required, amongst other things, to maintain the confidentiality of the Personal Data to the extent required by GDPR.
Charities, Mission-Driven Businesses, and Company Donors (Our Partners).
A core aspect of the Service is that our Partners may have access to Personal Data for the purposes described above. Namely, our Partners may have access to your Personal Data for the purposes of (1) receiving metrics and analytics associated with a challenge that a Partner is supporting, (2) for providing Partners with your Personal Data to contact you about their products, services, and calls to action, and (3) for our Partners to use your Personal Data for their own marketing and promotional purposes. As such, we may share your Personal Data with our Partners who support campaigns on the Service or who benefit from campaigns on the Service.
Sale of Company or Assets.
In the event that we sell all or substantially all of our company or its assets, including the Personal Data collected through our Service, we may transfer your information to the acquiring company. However, we will notify you before we do so.
Other Third Parties.
In addition to our practices described above, we may share your Personal Data if we have a good-faith belief that such action is necessary to (1) comply with the law (see the section below on “Government Requests”), (2) protect and defend the rights or property of DonaLeb, or (3) prevent an emergency involving danger of death or serious physical injury to any person. We will only share your Personal Data for the foregoing reasons to the extent permitted by GDPR.
5. STORING YOUR PERSONAL DATA
Duration of Storage of Your Personal Data.
We will store your Personal Data for as long as it is needed to provide the Service, however, we may not know if you have stopped using the Service so we encourage you to contact us if you are no longer using the Service. However, if required by applicable law, we may retain your Personal Data for such period as may be required by such law. To continue to provide an effective service, we may store non-Personal Data perpetually and may anonymize your Personal Data and store that anonymized information perpetually.
Additionally, as described in this Policy, we use third parties to provide the Service. We will ensure that such third parties to delete or modify your Personal Data to the extent required by GDPR and the European Commission’s model contracts for the transfer of personal data to third countries (i.e., the standard contractual clauses pursuant to Decision 2010/87/EU) (the “SCCs”).
Security.
We use reasonable efforts to secure your Personal Data and to prevent the loss, misuse, and alteration of the information that we obtain from you. For example, we require our personnel and third party vendors to sign confidentiality agreements that extend to your Personal Data, and we review the privacy practices of new products and services that we integrate into our Service. In addition, we use reasonable technical safeguards such as encryption and secure hosting provided by industry leading third party vendors, to secure your Personal Data. However, loss, misuse, and alteration may occur despite our efforts to protect your Personal Data. We are not responsible to our users or to any third party due to any such loss, misuse, or alteration, except to the extent required by GDPR, the SCCs, or other applicable law.
6. YOUR CHOICES
You can change some of your Personal Data through the account settings provided on the Service. In addition, if you wish to access, receive a copy of, change or delete the Personal Data we hold about you, you may contact us as described at the end of this Policy. In addition, we encourage you to contact our Partners to access, receive a copy of, change or delete the Personal Data and we agree to work with our Partners in good faith to assist with your request.
You may withdraw the consent granted in this Policy for us or our Partners to use the Personal Data described in this Policy by contacting us as described at the end of this Policy. Please note that if you do so, it will not affect the lawfulness of the use of your Personal Data based on your prior consent.
If you receive commercial email from us, you may unsubscribe at any time by following the instructions contained within the email. You may also opt-out from receiving commercial email from us, and any other promotional communications that we may send to you from time to time, by contacting us as described at the end of this Policy. Please be aware that if you opt-out of receiving commercial email from us or otherwise modify the nature or frequency of promotional communications you receive from us, even after you opt-out from receiving commercial messages from us, you may continue to receive administrative messages from us regarding the Service.
Upon receipt of any of the above request(s), we will reflect any changes you request in our databases to the full extent required by GDPR, the SCCs, or other applicable law and we will confirm the changes to you.
If you are not happy with how we have attempted to resolve your complaint, you may contact the relevant data protection authority.
7. GOVERNMENT REQUESTS
From time to time, we may receive requests from government agencies to obtain information about our users. In handling such government requests, we greatly value the privacy of your Personal Data, however, we may turn over your information in accordance with such requests if we believe such action is warranted. In responding to any government request, we will (1) use commercially reasonable efforts to limit the scope of any government data request, (2) only provide any such data to the government if we reasonably determine, in consultation with our attorney, that we are required to do so by law, and (3) notify users in advance of disclosing their data to the extent we reasonably determine that we are permitted by law to provide such notice.
8. THIRD PARTY SERVICES AND PRACTICES ARE BEYOND OUR CONTROL
Our Service utilizes numerous third party services as part of the functionality of the Service. We may share your Personal Data with third parties as explained in this Policy. We have no control over such third parties, except to the extent required by GDPR and the SCCs. We encourage you to review the privacy practices of such third parties. We make no guarantees about, and assume no responsibility for, the information, services, or data/privacy practices of third parties, except to the extent required by GDPR and the SCCs.
9. INTERNATIONAL DATA TRANSFERS
Information collected in the European Economic Area (“EEA”) may be transferred, stored and processed by us or third parties (as provided in this Policy) in the United States and other countries whose data protection laws may be different than the laws of your country. Whenever we transfer your Personal Data out of the EEA, we ensure a similar degree of protection is afforded to it by entering into SCCs with the relevant third party.
Please contact us at yasmine@donaleb.com if you want further information on the specific mechanism used by us when transferring your Personal Data out of the EEA.
As described in this Policy, we may share Personal Data with third parties and may be required to disclose information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
10. CHANGES TO THIS POLICY
DonaLeb reserves the right to change this Policy from time to time, with or without notice to you, except to the extent required by GDPR. If you continue to use the Service, you consent to the new Policy. We will always have the latest Policy posted on the Service.
11. PLEASE REACH OUT TO US WITH ANY QUESTIONS OR FEEDBACK
If you have any questions or comments about this Policy or our Service or if you wish to access, receive a copy of, change or delete your Personal Data, please feel free to contact us by email at yasmine@donaleb.com, or by mailing us at the following address:
9450 SW Gemini Dr PMB 33284 Beaverton, Oregon 97008-7105
Beaverton OR 97008
United States
12. DATA PROTECTION OFFICER
Finally, we have appointed a Data Protection Officer (“DPO”). Our DPO can be contacted directly by email at yasmine@donaleb.com or by mail at:
9450 SW Gemini Dr PMB 33284 Beaverton, Oregon 97008-7105
Beaverton OR 97008
United States
We hope you enjoy using DonaLeb!
NonProfits
Copyright © 2024. DonaLeb, Inc. All rights reserved. | Privacy Policy | T&Cs
All DonaLeb products are 100% built with 💙