This Policy describes the types of information we may collect from you or that you may provide when you visit the Website and our practices for collecting, using, maintaining, protecting, and disclosing that information. This Policy applies to information we collect: (i) on the Website, and (ii) via email and other electronic messages between you and the Website.
If you have any questions about this Policy or about how we use your personal information, please contact us at firstname.lastname@example.org or via our contact details below.
If you do not agree to this Policy for any reason, please do not use the Website.
We may make changes to this Policy from time to time. We will post any changes to this page along with a notice at the end of the Policy of the last date that any changes were made. Your continued use of the Website following the posting of any changes will mean you accept the Policy as modified.
WHAT INFORMATION WE COLLECT
You may visit our Website without being required to provide your name, email address, or similar personal information. However, we may collect several types of information from and about users of the Website, which may be personally identifiable, including information:
- that is about you but individually does not identify you (“anonymous data“); and/or
- about your internet connection, the equipment you use to access the Website, and usage details.
Such information may include usage details, IP addresses, geolocation information, the browser and type of machine you are using, the websites that you visit immediately before and after the Website, the pages of the Website you visit, time and date of access, software crash reports, search terms and search results, and information collected through browser cookies and other electronic tracking methods.
How We Collect Information. We collect this information in the following ways:
Directly from you when you provide it to us. You may give us your personal data by corresponding with us through the Website, by email, or otherwise.
A cookie is a small file placed on the hard drive of your computer. You may refuse to accept browser cookies by activating the appropriate setting on your browser. Each browser is different; the site en.wikipedia.org/wiki/HTTP_cookie includes instructions for managing cookies on many commonly used browsers. However, if you disable cookies, you may be unable to access certain parts of the Website. We have provided this 3rd party link as a recommended resource only and we are not responsible for the content on the site.
We may also use web beacons or flash cookies. A web beacon or flash cookie (also known as an “action tag” “tracer tag,” or “single-pixel GIF”) is an invisible graphic on a web page or e-mail newsletter that is programmed to collect non-personally identifiable information about your use of a given website or newsletter, e.g., whether you opened the e-mail. Like cookies, web beacons allow Wellspring and its service providers to summarize overall usage patterns for our analysis and provide personalized services to you. We do not share or provide personally identifiable information we may collect through such web beacons, such as names or e-mail addresses, without your express permission.
Indirectly from third parties, such as our grantee organizations. We may receive personal data about you from third parties and other sources, including your organization/company, publicly available sources, and third-party analytics providers. For example, we use a third party provider to assist us in processing grant applications.
HOW WE USE YOUR INFORMATION
We may use the information we collect to:
- communicate with you, including to respond to your inquiries and provide information you request from us;
- provide, maintain, and improve the Website, including research and analytics regarding users of the Website and usage patterns;
- notify you about changes to the Website or the Policy;
- comply with applicable law and any legal obligations to which we are subject; or
- administer and protect the Website, including to detect, investigate, and prevent activities that may violate our policies or be illegal.
If we use such data at all, it will be on an aggregate basis, and we will not disclose to third parties any information that could be used to identify you personally.We process personal data on the following legal bases: (1) where you have given us your consent; (2) as necessary to perform our agreements; (3) as necessary to comply with legal obligations to which we are subject; and/or (4) as necessary for our legitimate interests in providing services where those interests do not override your fundamental rights and freedom related to data privacy.
We will only use your personal data for the purposes for which we collected it, unless we reasonably determine that we need to use it for another reason that is compatible with the original purpose(s) and/or as required or permitted by law. If we need to use your personal data for an unrelated purpose, we will notify you and explain the legal basis which allows us to do so.
We do not track visitors of the Website over time and across third party websites to provide targeted advertising and therefore do not respond to Do Not Track (“DNT”) signals. However, some third party sites do keep track of your browsing activities when they serve you content, which enables them to tailor what they present to you. If you are visiting such sites, your browser allows you to set the DNT signal so that third parties (particularly advertisers) know you do not want to be tracked. You should consult the help pages of your browser to learn how to set your preferences so that websites do not track you.
HOW WE COMBINE YOUR INFORMATION
We may combine information gathered from the Website and information that we have received, gathered, acquired, or stored from other sources, both information collected offline by Wellspring and information received from third parties—including information that currently exists in our files—into a single record. We also use and/or combine information that we collect offline or receive from third-party sources (e.g., contact information from government funders or grantor information) to edit, enhance, and/or check the accuracy of your record.
HOW WE SHARE YOUR INFORMATION
Wellspring does not sell, rent, or otherwise disclose your personal data to any third parties, except as described below.
We may disclose your personal data to third-party service providers who use the information to perform services on our behalf, such as website hosting, information technology services, and data management. Our contracts with third-party service providers require them to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third party service providers to use your personal data for any independent purpose and permit them to process your personal data only in accordance with our instructions.
We may use or disclose your personal data as we deem necessary or appropriate under applicable laws; to respond to requests from public, governmental, and regulatory authorities; to comply with court orders, litigation procedures, and other legal processes; to obtain legal remedies or limit our damages; and to protect the rights, safety, or property of Wellspring, our employees, you, or others.
No data transmission over the internet can be 100 percent secure; therefore, Wellspring cannot ensure or warrant the security of any information submitted on or to the Website.
Nevertheless, we have put in place security measures that are intended to prevent your personal data from being accidentally lost, used, accessed in an unauthorized way, altered, or disclosed. In addition, we limit access to your personal data to those employees, agents, and third-party service providers who need to know that information in order to provide services to us and yourself. We maintain physical, electronic, and procedural safeguards to protect your personal data, however there is no guarantee that information may not be accessed, disclosed, altered or destroyed by breach of any of such safeguards.
We have put in place procedures to address any personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
We retain your personal data only for as long as is necessary for our legitimate interests, in accordance with our retention policies, and in accordance with applicable laws.
Users from Outside the United States and the European Economic Area (“EEA”)
The Website is operated and controlled by Wellspring in the United States. By using the Website, you:
- acknowledge that your information will be processed as described in the Policy; and
- consent to having your information transferred to Wellspring and/or our third party service providers, in the United States or elsewhere, as described in the Policy.
Wellspring will not be liable under any circumstances for damages resulting from use of information collected from visitors to the Website.
Users Resident in the EEA
As the United States has not been deemed by the Commission of the European Union (“EU”) to ensure an adequate level of data protection to comply with the requirements of the General Data Protection Regulation (“GDPR”) (including the protection of data subject rights under GDPR), and Wellspring does not have ‘appropriate safeguards’ such as EU-approved standard contractual clauses in place to govern transfers of EU data subject personal data, any transfer of your personal data into the United States via the Website or other means to Wellspring is done on the basis of
- your explicit consent provided in the ‘click-through’ access to the Website; and/or
- the transfer is necessary for the performance of a contract between your and Wellspring as the Data Controller or the implementation of pre-contractual measures taken at your request, such as an application for funding.
Individual Rights. If you reside in the EU, you may have the following rights under data protection laws with respect to the personal data you provide to us:
- To request access to or correct your personal data.
- To request your personal data be erased if it is no longer necessary for the purposes for which it was processed; you have withdrawn your consent to, or object to, its processing and there is no other legitimate grounds for processing it; or you consider it has been unlawfully processed.
- To request that processing of your personal data be restricted if you contest the data’s accuracy, its processing is unlawful, or you have objected to its processing and await verification of our legitimate grounds for processing it.
- To request transfer of your personal data to another company under certain circumstances.
- To lodge a complaint with your national data protection regulator if you feel that your personal data has been unlawfully processed.
If you wish to exercise any of the rights set out above, please Contact Us at email@example.com.
Controller. If you reside in the EU, the data controller (as defined under EU data protection law) will be Wellspring Philanthropic Fund.
This Website is directed solely at adults. If you are under the age of sixteen (or if being a ‘minor’ is defined as a younger age in your relevant jurisdiction, that relevant age), please do not provide us with any of your personal data, including your email address. If you believe that your child has provided us with such information without your consent, please contact us at firstname.lastname@example.org or as indicated below.
CALIFORNIA “SHINE THE LIGHT” LAW
California Civil Code Section 1798.83, known as the “Shine The Light” law, permits our users who are California residents to request and obtain from us a list of what personal information (if any) we disclosed to third parties for direct marketing purposes in the preceding calendar year and the names and addresses of those third parties. Requests may be made only once a year and are free of charge. Under Section 1798.83, we currently do not share any personal information with third parties for their direct marketing purposes.
LIMITATIONS OF LIABILITY
In no event shall Wellspring, its affiliates or their respective officers, directors, employees, donors, grantees, representatives or agents be liable to any party for any claims, liabilities, losses, costs or damages under any theory, including but not limited to any direct, indirect, punitive, special, incidental, or consequential damages arising out of or in connection with any access, use (or inability to use), or distribution of the Website. Wellspring will not be liable under any circumstances for damages resulting from use of information collected from visitors to the Website.
If you are a California resident, you have the right to request that we disclose to you or delete certain information about our collection and use of your personal information. Once we receive your request and verify your identity, we will disclose such information to you or delete the same, unless a legal exception applies. For example, we may deny your deletion request if retaining the information is necessary for us or our providers to complete the transaction for which we collected the personal information, provide a service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform our contract with you.
To exercise the rights described above, please submit a request to us by email at email@example.com.
Your request must:
- Provide sufficient information for us to reasonably verify that you are the person about whom we collected personal information or an authorized representative of such person; and
- Describe your request with sufficient detail for us to properly understand, evaluate, and respond to it.
We cannot respond to your request or provide you with non-public personal information if we cannot verify your identity or authority to make the request and confirm that the requested personal information relates to you. We will use the information provided in a request solely to verify your identity or authority to make the request.
Any questions or comment about this Policy and/or our privacy practices should be sent to Wellspring at: firstname.lastname@example.org or at the address listed below.
Wellspring Philanthropic Fund
10 Times Square
New York, New York 10018
Attn: General Counsel