Last updated: September 28, 2023
Personal Fundraising Services LLC Privacy Policy
This Privacy Policy (the “Policy”) is issued by Personal Fundraising Services LLC (collectively, “PFS”, “we”, “us”, or “our”) in furtherance of our commitment to respecting data privacy rights. For purposes of this Policy, “you” or “your” means any visitor to our website, or any natural person or household whose "Personal Information" is collected by us in any way. This Policy describes how we collect, use, analyze and share Personal Information and how we ensure that your privacy rights always are honored. By using our website or services, you consent to the privacy practices described in this Policy.
I. CATEGORIES OF PERSONAL INFORMATION WE COLLECT
We are dedicated to respecting and protecting your privacy rights. Within this Policy, "Personal Information" means any information that identifies, relates to, describes, is capable of being associated with, or reasonably could be linked, directly or indirectly, to a particular individual or household. Such can include, but is not limited to, real name, postal address, Internet Protocol (commonly known as “IP”) address, email address, account names, or other similar identifiers, or information generated from electronic network activity, including browsing history, search history and any information concerning an individual’s interaction with an internet website. “Sensitive Personal Information” can include government identification numbers, financial account numbers, geolocation data, genetic, medical information or other similar identifiers. Personal Information does not include certain forms of publicly available information, deidentified information, or aggregated information that is not capable of being associated with, or could reasonably be linked, directly or indirectly, to a particular individual or household.
In providing services to our registered charitable organization clients or business partners, we may collect the following categories of Personal Information:
i. Transactional Data and Information.
This includes Personal Information related to consumers or households who make charitable donations (“Donors”) or enter charitable sweepstakes (“Entrants”) through our campaigns, each of which may encompass first and last name, gender, address, date of birth, postal address, billing address, contact information (such as phone number, phone type, and email address), details of a particular transaction (such as state and/or city of transaction, donation amount and frequency, and fundraising method), as well as information generated from a person's engagement with any of our clients; in some instances, this may include an audio recording of the transaction. This information can also result in us collecting aggregated data that identifies trends and facilitates ongoing analysis of the services we perform.
ii. Compliance and Operational Information.
This includes Personal Information related to our subcontractors (and their employees, commonly known as “Fundraisers”), which can encompass information such as first and last name, product and compliance training data generated from those individuals, information in what is commonly known as a "background check", as provided by a consumer reporting agency and as authorized pursuant to applicable law, and government-issued identification. Compliance and Operational Information shall also include facial photographs which are required on tablets used by our subcontractors (the “Technology”) to protect the integrity of the services we perform.
iii. Information Generated from Our Website.
This includes “Cookies”, web beacons, and other tracking technologies. “Cookies” are text files that websites store on a visitor’s device to identify the visitor’s browser or to store information or settings in the browser to track activity and patterns. Web beacons are pixel tags or clear GIVs demonstrate that a user has accessed or opened certain content or that the content was viewed or clicked. We only track cookies that are from Google Analytics and Google Tag Manager.
a. For more information about cookies, including how to see what cookies have been set on your browser and how to manage and delete cookies, please visit: www.allaboutcookies.org. Some browsers may be configured to send “do not track” signals to the online services that you visit. To find out more about “do not track” please visit: www.allaboutdnt.com.
b. You can learn more about Google Analytics cookies at: https://developers.google.com/analytics/devguides/collection/analyticsjs/cookie-usage, and how Google uses data at https://policies.google.com/technologies/partner-sites. You can prevent the use of Google Analytics relating to your use of our webpage by downloading and installing a browser plugin available at: https://tools.google.com/dlpage/gaoptout?hl=en.
iv. Information You Provided to Us.
Personal Information you submit to us, such as information submitted to us in any request or provided to us when you communicate with us or use our website.
II. HOW WE COLLECT AND USE YOUR PERSONAL INFORMATION
Personal Information is collected by us in a variety of ways and used to support our business operations. We will not retain or use any Personal Information for any purpose other than: (i) providing services to our business partners; and (ii) using the Personal Information internally to verify donations and sweepstakes entries secured by our subcontractors, maintain the quality of our services, comply with legal requirements, and improve the services for our business partners.
i. Transactional Data and Information.
This data is provided to us by our registered charitable organization clients through reoccurring reporting and is delivered electronically or accessed through secured portals. Third party vendors may also facilitate our collection of this data with the knowledge and consent of our clients. Certain categories of de-identified transactional data are shared with our subcontractors or other third party business partners to validate the services performed and otherwise oversee campaign performance. Transactional data also is used to ensure compliance through independent third-party verification tools and to protect against improper practices. We may use this data to (i) validate donations and sweepstakes entries, (ii) process payments to our subcontractors, (iii) facilitate and target donations, sweepstakes entries, and charitable donor acquisition services, and (iv) otherwise ensure we are performing in accordance with our clients' expectations.
ii. Compliance and Operational Information.
a. This Personal Information is collected from our subcontractors and is provided to ensure subcontractors and their employees are eligible to perform services on our campaigns. Sensitive Personal Information may be delivered to us in a consumer report (also known as a "background check") through a consumer reporting agency at the direction of a subcontractor. We access this information through a portal that is used to transmit the Personal Information in a secure and protected environment.
b. Compliance and Operational Information in the form of facial photographs will be obtained from individuals processing transactions on our campaigns while in possession of a tablet. Such facial photographs will be used to confirm whether the person processing transactions while possessing a tablet on our campaigns also is an individual who is a duly authorized subcontractor employee on a particular campaign (“Authorized Fundraiser”). A tablet can only be used to process transactions when it is unlocked by a valid access code that corresponds to an Authorized Fundraiser (“Access Code”). While in use, the Technology will prompt the individual possessing the tablet to consent to the use of the Technology and submit a facial photograph, with said photograph being transmitted through the Technology to us. Our employees will then manually compare the submitted photographs to the facial photograph corresponding to the Access Code used on the subject tablet. Facial photographs of Authorized Fundraisers will be used to confirm the identities of individuals possessing the tablets, including instances where Authorized Fundraisers’ Access Codes are used by unauthorized individuals.
iii. Information Generated from Our Website.
Cookies, web beacons, and tracking technologies may be used for various purposes, such as fraud prevention, monitoring our websites, and assessing performance of our donor acquisition and charitable sweepstakes campaigns. This information is gathered by and through a visitor to our website and interactions generated from that visit. Some of these tracking tools may detect characteristics or settings of the specific device you use to access our online services.
iv. Information provided to us.
This Personal Information is provided to us by you and is used to provide services to you or to verify, process or respond to any request to submit to us.
III. SHARING OF PERSONAL INFORMATION
We never sell your Personal Information. We share information provided to us with various trusted business partners, subcontractors, and other third parties for the purpose of facilitating our business objectives.
i. Our Subcontractors.
We share Personal Information with our subcontractors to process payments and otherwise oversee campaign operations. This data often is de-identified and does not contain information that would be capable of being associated with, or could reasonably be linked, directly or indirectly, to a particular individual or household. We also may share information in lead lists for the purpose of targeting donor acquisition services and charitable sweepstakes solicitation efforts.
ii. Our Clients.
We share Personal Information with our clients for the purpose of overseeing our performance on campaigns, as well as to improve the quality and integrity of services delivered, and to otherwise ensure we effectively perform.
iii. Third Party Service Providers.
We share Personal Information with third party service providers that provide essential services on our behalf or on behalf of our clients to operate and support our business objectives. These third parties may use your Personal Information only to help us operate and deliver services on our business as authorized in our contracts with our clients. These may include third parties providing transactional support, software to process or verify transactions, third party verification services, call center transaction processing, software development and other forms of support services necessary to operate our business.
iv. Affiliates and Related Companies.
We also may disclose Personal Information: to our subsidiaries, affiliates, and other third parties we use to support our business; to fulfill the purpose for which you provide it; to comply with any court order, law, regulation, or legal process, including responding to any government or regulatory request; to carry out our obligations and enforce our rights arising from any contracts entered into between you and our business partners; if we believe disclosure is necessary or appropriate to protect the rights, property or safety of us, our business partners or others; or to any other party with your consent.
IV. DATA RESIDENCY AND RETENTION
Any data we collect will reside within North America in our secure server and network. In limited circumstances, we may have a third-party service provider that resides and retains data overseas, in which case our practice is to disclose that to any data subject whose data would be subject to this arrangement.
Transactional Data containing Personal Information will be retained for eighteen (18) months from the date of last interaction with PFS. We may retain other de-identified information for seven (7) years; however, this information will not be information that is capable of being associated with, nor reasonably could be linked, directly or indirectly, to a particular individual or household.
Compliance and Operational Data will be retained for as long as a subcontractor and its respective employees work on our campaigns, and three (3) years thereafter. In the event we receive Sensitive Personal Information pertaining to an employee of one of our subcontractors, such a information contained in a background check or government-issued identification, that information is retained for fourteen (14) days. Compliance and Operational Data in the form of facial photographs will be retained for no longer than ninety (90) days from the date of submission. At no point will any biometric identifiers, biometric geometry, or other biometric data be generated or accessed from any photograph. At no time will we access, possess, transfer or sell, lease, trade or otherwise distribute any biometric information of any sort.
Information generated from the use of our website is retained for no longer than thirteen (13) months.
V. YOUR DATA RIGHTS
This portion of our Policy details your rights and how we strive to respect the data privacy rights that may apply in our business. Within this Policy, we also provide you information on how you may exercise these rights. Assuming we are able to verify your identity and the request you submit to us, you have the following rights:
i. Right to know.
You have a right to know what Personal Information we may have collected and retained pertaining to you in the twelve (12) months prior to the date of your requests. If requested and if verified (as discussed below), we will provide you the categories, specific pieces and sources of your Personal Information we have collected, the business purpose for which we gathered the information, and the categories of any third parties with whom we have shared the Personal Information.
ii. Access and Correction.
You can request a copy of the categories and specific pieces of your Personal Information collected by us in the twelve (12) months prior to the date of your requests, and to correct inaccuracies therein, if any.
iii. Deletion.
You can request that we delete your Personal Information, provided that no exemption to the deletion exists (discussed below).
iv. Opt-Out of the Selling or Sharing.
You can request to opt out of our ability to sell or share your Personal Information.
v. Non-Discrimination.
You are entitled to exercise the rights in this Policy free from discrimination as prohibited under applicable privacy laws.
VI. EXERCISING YOUR DATA RIGHTS
If you have a question as to how you can exercise your data rights under this policy, please contact us through our website, by calling our toll free number at 1-888-995-0265, or by emailing us at privacy.pfs@pfs-usa.com. The requests herein are subject to certain exemptions and limitations that may limit our ability to process or grant the request. For example, we reserve the right to deny a request if the information is necessary to comply with a legal requirement or to provide you services, or if we have a legal obligation that requires us to maintain the requested information.
i. Submitting a Data Request.
You may submit a request to us to identify the categories and specific pieces of your Personal Information we have gathered in the twelve (12) months prior to your request. You may submit a data request to us by contacting our Data Manager, through any of the following methods:
Phone: 1 888 995 0265
Email: privacy.pfs@pfs-usa.com
ii. Do Not Sell or Share Personal Information.
While it is not our practice to sell any Personal Information, you may request that we not sell or share your Personal Information by contacting our Data Manager, through any of the following methods:
Phone: 1 888 995 0265
Email: privacy.pfs@pfs-usa.com
iii. Limit the Use of Sensitive Personal Information.
Certain data privacy laws provide you the right to request that we limit the use of any of your Sensitive Personal Information we may hold (if any). You may request that we limit the use of your Sensitive Personal Information by contacting our Data Manager through any of the following methods:
Phone: 1 888 995 0265
Email: privacy.pfs@pfs-usa.com
IV. Processing Requests.
a. Agents. Only you, or a person that you authorize to act on your behalf, may submit a request related to your Personal Information. If an agent submits a request on your behalf, we will require that you: (i) provide the authorized agent written permission to do so; and (ii) verify your own identity directly with us. We may deny a request from an agent that does not submit proof that they have been authorized by you to act on their behalf. If the agent demonstrates authorization through power of attorney, we will not require written permission to make a request on your behalf.
b. Timing and Process. We will acknowledge receipt of your request within ten (10) days of its receipt. We endeavor to respond to a verifiable request within forty-five (45) days of its receipt. If we require more time (up to ninety (90) days), we will inform you of the reason and extension period in writing. We will deliver our written response by mail or electronically, at your option. Any disclosures we provide will only cover the twelve (12) month period preceding our receipt of your verifiable request. If applicable, the response we provide will also explain the reasons we cannot comply with a request.
c. Cost. We do not charge a fee to process or respond to your verifiable request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.
V. Exemptions.
We may not process a request if a legal exemption applies or if we have a legal reason to not process the request. We specifically reserve the right to not process a request if: (i) your Personal Information is necessary to exercise or defend any actual or potential legal claims; (ii) your Personal Information is necessary to comply with any court order, law, or legal process, including responding to any government or regulatory request; (iii) your Personal Information is necessary to complete the transaction for which the Personal Information was collected; (iv) you previously made two (2) requests within a twelve (12) month time period; and (v) we are permitted to do so for any other reason under applicable laws.
Vi. Verification.
We can only process those requests that have sufficient information for us to verify the identity of the person submitting the request in relation to the information that we possess. A requestor’s failure to provide us complete or accurate information may prevent or delay our ability to verify a request. To verify a request, we reserve the right to request government identification, personal identifiers that allow us to match information and a declaration from the requestor under penalty of perjury. To properly verify a request, we must be provided sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative, and describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.
VII. SECURITY
We use technical, physical and organizational security measures designed to protect your Personal Information from accidental loss and from unauthorized access and disclosure. The use of, and access to, your Personal Information by us is restricted to employees, subcontractors, clients, and authorized third party service providers who need to know that information to provide services to our business partners. We maintain physical, electronic and procedural safeguards to limit access to your Personal Information. Notwithstanding, security risk is inherent in all internet and information technology platforms and no part of this Policy should be interpreted as a guarantee or other legal obligation in relation to preventing all threats to networks, systems or other repositories of information.
ViII. CHILDREN
Our services and this website are not intended for children or anyone under the age of eighteen (18). In the event we learn that we inadvertently collect any Personal Information of a minor, without the required consent by law, we will delete said information immediately. If you believe that we have collected information of a minor, please contact our Data Manager through any of the following methods:
Phone (toll free): 1 888 995 0265
Email: privacy.pfs@pfs-usa.com
Or: contact us through our website.
IX. CHANGES TO OUR PRIVACY POLICY
We reserve the right to amend this Policy at our discretion and at any time. When we make changes to this Policy, we will post the updated notice on our website and update the effective date. Your use of our website following the posting of changes constitutes your acceptance of such changes.
X. CONTACT US
If you have any questions or comments about this notice, the ways in which PFS collects and uses your information, your choices and rights regarding such use, or wish to exercise your rights please do not hesitate to contact us at:
Phone (toll free): 1 888 995 0265
Email: privacy.pfs@pfs-usa.com