Capitalized terms are defined herein under the Definitions Appendix.
YOUR RIGHTS UNDER THIS POLICY
The following rights are intended to mirror those provided under the General Data Protection Regulation (“GDPR”). Accordingly, these rights are coterminous with those provided in GDPR, and Company does not grant any right in excess of those provided thereunder, or in excess of the jurisdiction of the GDPR. You may exercise any of the following rights by contacting us at support [@] CharityAuctionsToday.com (the “Customer Support”) and identifying any of the following rights.
1) The Right to Be Informed
2) The Right of Access and Portability
You have the right to access whatever data we collect from you. Accordingly, upon request, we will provide you with a full copy of all of the data we have collected about you in a structured, commonly used, and machine-readable format.
3) The Right to Rectification
You have the right to rectify any of the data that we have about you. If you believe any data that we have about you is incorrect, you can request rectification by contacting Customer Support and identifying what information you believe to be incorrect. We reserve the right to request supporting evidence, and the right to not rectify any information that we reasonably believe to be correct.
4) The Right to Erasure
You have the right to have your data erased if: (i) you delete any and all user accounts that you have with Company, and stop using Company services; (ii) you opt out of receiving marketing from us, in which case we will delete any data that we do not use for other purposes; (iii) if for any reason we have processed such data unlawfully.
5) The Right to Restrict Processing
You have the right to restrict our processing of your data in the following circumstances: (i) if we are in the process of verifying your request to rectification of your data, as described above; (ii) if the data has been unlawfully processed for whatever reason; and (iii) if you have objected to the processing of your data pursuant to Article 21(1) of the GDPR. We will respond to any request to restrict processing within one calendar month.
6) The Right to Object
You have the right to object to the processing of your data for directing marketing purposes, or when Company does not have a compelling reason for processing the data. You may object by contacting Customer Support, or calling +1-844-234-2335. We will respond to any request to restrict processing within one calendar month.
WHEN AND HOW DO WE COLLECT PERSONAL INFORMATION?
Personally identifying information is any information that can be used to identify and contact you, including your e-mail address, full name, or telephone number (what we call your “Personal Information”). When you register to use Company Services, we ask for your Personal Information. Our basis for processing this information under the General Data Protection Regulation (“GDPR”) is performance of contract. More particularly, we collect this data as a step to the performance of any purchase or sale that you may make using the Company services.
We may also ask for your date of birth, gender, carrier service provider and/or postal code (what we call your “General Information”). We use your General Information to manage your account and to provide you with the Company services. Our basis for processing this information under the GDPR is performance of contract. More particularly, we collect this data as a step to the performance of any purchase or sale that you may make using the Company services.
Therefore, when you register an account for a Company Service we ask for your honest responses to this information, and by continuing to use the Services, you represent and warrant that your responses are correct and accurate.
You are not required to provide us with a cell phone number and/or carrier service provider, unless you have provided consent for messages to be sent to your mobile phone. As with your other Personal Information, we use your cell phone number only in connection with the Services to which you have opted into.
If you are a member of one of our Community Services, we also may ask for optional General Information, including your hobbies and personal interests. Like other General Information, this information may be entered into your personal profile page and may be accessed by other Community members. You are not required to give us this information.
We use your Personal Information in order to manage your account and to deliver the Company Services. If you are a member of one of our Communities, we also use both your Personal Information and General Information in order to help us customize and enrich your Community experience by allowing us to send group and channel information, as well as announcements about new features and advertisements to you based upon your interests. Our bases for processing your Personal Information and General Information in this manner under the GDPR are our legitimate interests of marketing our Services, fraud prevention, and I.T. security.
If you are using the Site, in order to provide you with easy access, Company uses “cookies” solely to keep you logged into your account while navigating the Site and/or returning to the Site during a session. A cookie is a small piece of data that is sent to your browser from a web server and stored on your computer’s hard drive. Our basis for processing this information under the GDPR is our legitimate interest of streamlining access to the Site.
3) Links to Other Sites
Our Platform is not intended for use by children. We do not knowingly collect personal information from users deemed to be children under their respective national laws. Company encourages all parents or guardians to instruct their children in the safe and responsible use of their Personal Information while using the internet. Company does not knowingly allow individuals under the age of eighteen (18) to use the Platform. By accepting the Terms & Conditions for the Site, you are representing and warranting that you are at least eighteen (18) years of age.
WHEN DOES COMPANY SHARE MY PERSONAL INFORMATION?
1) Profile Page
Company publishes a profile page that is accessible to other Company Community members. Your user profile tells other members a little about you. You may, however, modify your profile to make anything but your age private. Please note that though date of birth is requested, it is your age, not your date of birth, that is displayed in your profile for others to see. Displaying ages in profiles is necessary to ensure the safety of all users.
2) New Subscribers From Our Linking Partner Sites
If you do not already have an account for the Services and were directed to the Services from a Partner page using a link on that Partner’s web site, we may share Personal Information and/or General Information with the linking Partner. If you would not like your Personal Information and/or General Information shared with the linking Partner, you can register a Charity Auctions Today account here [link].
In these instances, we will inform you, before you give us any Personal Information and/or General Information or complete the registration process, that we share this information with the linking Partner.
By completing the registration process, you acknowledge and agree that Company is not responsible, and shall not be liable, for the practices of any linking Partner site or any use such linking Partner may make of your Personal Information or General Information.
3) Newsletters, Contests and Other Information from Partners
When you sign up to receive alerts and other information from one of our Partners, the settings default to your having opted-in to receive newsletters, sign up for contests, or receive additional information directly from that Partner as well. If you do not choose to opt-out from receiving such additional content directly from the Partner, you grant us permission to share your Personal Information and General Information with them for that purpose.
Even if you elect not to receive such additional content directly from our Partners, it is generally necessary for us to share portions of your Personal Information and/or General Information with such Partner to the extent necessary to operate the Platform. Our basis for processing this information under the GDPR is our legitimate interest of using Partners to assist us in operating the Platform.
4) Business Transfers
With the exception of information we disclose to our Partners in accordance with the above, Company does not sell, rent or disclose any of your Personal Information or General Information with third parties without first asking your consent to do so. However, in the event that Company or substantially all of its assets are acquired, Company may transfer your Personal Information and General Information without your prior notification or consent as one of the transferred business assets.
5) When Required by Law
Company releases Personal Information and/or General Information when we believe release is appropriate to comply with laws or government authorities; enforce or apply our Terms and Conditions and other agreements; or protect the rights, property, or safety of Company, our users, or others.
6) Aggregate Data
When you access the Site, our server automatically collects certain information that is not personally identifiable, such as your IP address, pages viewed, and length of time spent on the web site. We collect and use this information, in the aggregate only, to diagnose problems with our server, to improve our sites, and to provide content of interest to you. We also give Partners access to aggregate data about our users and their use of the Company services during user sessions. The information we share will not include Personal Information, but may include aggregated, and not personally identifiable General Information. To the extent that this processing is governed by the GDPR, our basis for processing information in this manner is
7) Groups and Public Forums
Company Community services give you the opportunity to create and send messages to other Company members. Please remember that the messages you send out are publicly available.
We encourage you to be careful and not to publish any Personal Information in messages you send out. Always keep in mind that any information you disclose on the Internet or through the Company services (through e-mail, SMS or voice messages, message boards or chat groups) is public and can be read by others.
Also, whenever you send messages through the Internet or through the Company services, there is a risk that your personally identifying information can be collected by a third party, resulting in unsolicited e-mail messages or advertisements. Please note that any group containing unlawful material or activity will be disbanded. Group owners are encouraged to boot any members from their groups who post harmful or harassing messages to the group. However, group owners are not responsible for what occurs in the personal messages of its members, only messages posted to the group as a whole.
Company values your trust in providing us your information. Thus we are striving to use commercially acceptable means of protecting it. However, we caution that no method of transmission over the internet, or method of electronic storage, is 100% secure and reliable, and we cannot guarantee its absolute security.
In the event that we experience any security breach, we will notify you within seventy-two (72) hours and provide as much relevant information to you as possible. If appropriate, we will also notify the appropriate regulatory authority within seventy-two (72) hours.
Company encourages users to be proactive in not posting Personal Information in individual messages to other users or in groups, and recommends that all users choose a password of at least 8 characters in length and a mix of letters and numbers.
9) Opting Out / Turn Off Message Delivery
In the event that you elect to no longer receive Company Services, you may always opt out or turn off messaging for any of the Company Services from within your admin area or using any of the Company Applications. Additionally, with respect to text messaging, users on most major carriers can reply “STOP” to any Company text message about one of our Services to opt out of receiving messages about that particular Service. If users encounter difficulty, they can also write to support [@] charityauctionstoday.com
10) PCI Compliance
The Company maintains a formal security program in accordance with current best industry standards that is designed to: (i) ensure the security and integrity of the data of its customers and their end user, including cardholder data (collectively, Customer Data); (ii) protect against threats or hazards to the security or integrity of Customer Data; and (iii) prevent unauthorized access to Customer Data; such security program conforms to the Service Organizational Controls Report. The Company and the Customer Offerings have complied with, and are complying with, the Payment Card Industry Payment Application Data Security Standard (PA-DSS) and PCI Data Security Standard (PCI DSS) as applicable to the Company. The Customer Offerings implement industry best practices for protecting any personal or sensitive information processed by the Company and the Companys services and products, including the Customer Offerings.
“Application” means any software and/or web application that is owned and operated by Company.
“Partner” means third party services that assist with the operation of the Site.
“Platform” means the Site and all Services integrated with the Site.
“Services” means the provision, maintenance, and operation of the Site and the Applications, and all services attendant thereto that are under direct Company control.
“Site” means the domain of charityauctionstoday.com.