CEDAC Privacy Policy and Terms of Services
Effective Date: June 30, 2016.
Welcome! You have arrived at www.cedac.org, http://childrensinvestmentfundma.org or http://cwc-ma.org (the “Sites”), which are owned and operated by Community Economic Development Assistance Corporation (“CEDAC”, “we,” “our” or “us”). CEDAC is committed to following best practices for the privacy of our users, colleagues and partners.
This Privacy Policy governs your use of the Sites, but does not apply to data we receive from third parties unless we combine such data with Personal Information (defined below) that we have ourselves collected under this Privacy Policy. Unless otherwise stated below, this Privacy Policy does not apply to our data collection activities offline or otherwise outside of our Sites, and does not govern the data practices of third parties that may interact with our Sites.
It is important that you read and understand the entire Privacy Policy before using the Sites. By using these Sites, you signify your acceptance of this policy and our Terms of Service. If you do not agree to this Privacy Policy, do not use our Sites. Your continued use of the Sites following the posting of changes to this Privacy Policy will be deemed your acceptance of those changes.
- What Information Does the Sites Collect?
(a) Information You Provide to Us
Personal Information and Demographic Information. On the Sites, we may ask you to provide us with certain categories of information such as: (1) personally identifiable information, which is information that identifies you personally, such as your first and last name, e-mail address, phone number, mailing address and credit card information (“Personal Information”); and (2) demographic information, such as your title organization name and organization contact information (“Demographic Information”). We may collect this information through various forms and in various places on the Sites, including event registration forms, survey response forms, contact us forms, or when you otherwise interact with the Sites. To the extent we combine Demographic Information with your Personal Information we collect directly from you on the Sites, we will treat the combined data as Personal Information under this Privacy Policy.
(b) Information We Collect or Store As You Access and Use the Sites
In addition to any Personal Information or other information that you choose to submit to us via our Sites, we may use a variety of technologies that automatically (or passively) store or collect certain information whenever you visit or interact with the Sites (“Usage Information”). This Usage Information may be stored or accessed using a variety of technologies that may be downloaded to your personal computer, browser, laptop, tablet, mobile phone or other device (a “Device”) whenever you visit or interact with our Sites. To the extent we associate Usage Information with your Personal Information we collect directly from you on the Sites, we will treat it as Personal Information.
This Usage Information may include:
- your IP address, UDID or other unique identifier (“Device Identifier”). A Device Identifier is a number that is automatically assigned to your Device used to access the Sites, and our computers identify your Device by its Device Identifier;
- your Device functionality (including browser, operating system, hardware, mobile network information);
- the URL that referred you to our Sites;
- the areas within our Sites that you visit and your activities there, including remembering you and your preferences;
- your Device location;
- your Device characteristics; and
- certain other Device data, including the time of day, among other information.
We may use various methods and technologies to store or collect Usage Information (“Tracking Technologies”). Tracking Technologies may set, change, alter or modify settings or configurations on your Device. A few of the Tracking Technologies include, without limitation, the following (and subsequent technology and methods later developed):
Cookies. A cookie is a data file placed on a Device when it is used to visit the Sites. A Flash cookie (or locally shared object) is a data file placed on a Device via the Adobe Flash plug-in that may be built-in to or downloaded by you to your Device. HTML5 cookies can be programmed through HTML5 local storage. Unlike Flash cookies, HTML5 cookies do not require a plug-in. Regular cookies may generally be disabled or removed by tools that are available as part of most commercial browsers, and in some but not all instances can be blocked in the future by selecting certain settings. Each browser you use will need to be set separately and different browsers offer different functionality and options in this regard. Also, these tools may not be effective with regard to Flash cookies or HTML5 cookies. For information on disabling Flash cookies go to Adobe’s web site www.adobe.com. Please be aware that if you disable or remove cookies, Flash cookies, or HTML5 cookies on your Device, some parts of our Sites may not function properly, and that when you revisit our Sites your ability to limit cookies is subject to your browser settings and limitations.
Videos that can be accessed through the Sites are hosted by third parties that might use “persistent cookies”, which are used by those third parties to preserve the integrity of video statistics. We are not responsible for the privacy policies or practices employed by such third parties.
Web Beacons. Small graphic images or other web programming code called web beacons (also known as “1×1 GIFs” or “clear GIFs”) may be included in our Sites’ pages and messages. Web beacons may be invisible to you, but any electronic image or other web programming code inserted into a page or e-mail can act as a web beacon. Web beacons or similar technologies may be used for a number of purposes, including, without limitation, to count visitors to the Sites, to monitor how users navigate the Sites, to count how many e-mails that were sent were actually opened or to count how many particular articles or links were actually viewed.
Embedded Scripts. An embedded script is programming code that is designed to collect information about your interactions with the Sites, such as the links you click on. The code is temporarily downloaded onto your Device from our web server or a third party service provider, is active only while you are connected to the Sites, and is deactivated or deleted thereafter.
ETag, or entity tag. A feature of the cache in browsers. It is an opaque identifier assigned by a web server to a specific version of a resource found at a URL. If the resource content at that URL ever changes, a new and different ETag is assigned. Used in this manner ETags are a form of Device Identifier. ETag tracking may generate unique tracking values even where the consumer blocks HTTP, Flash, and/or HTML5 cookies.
We may use Tracking Technologies for a variety of purposes, including:
Strictly Necessary. We may use cookies or other Tracking Technologies that we consider are strictly necessary to allow you to use and access our Sites, including cookies required to prevent fraudulent activity, improve security or allow you to make use of the Sites’ functionality.
Performance Related. We may use cookies or other Tracking Technologies that are useful in order to assess the performance of the Sites, including as part of our analytic practices or otherwise to improve the content, products or services offered through the Sites.
Functionality Related. We may use cookies or other Tracking Technologies that are required to offer you enhanced functionality when accessing the Sites, including identifying you when you sign in to our Sites or keeping track of our specified preferences, including in terms of the presentation of content on our Sites.
Targeting Related. We may use Tracking Technologies to deliver content relevant to your interests on our Sites and third party sites based on how you interact with our content. This includes using Tracking Technologies to understand the usefulness to you of the content that has been delivered to or accessed by you.
There may be other Tracking Technologies now and later devised and used by us in connection with the Sites. Further, third parties may use Tracking Technologies with our Sites. We may not control those Tracking Technologies and we are not responsible for them. However, you consent to potentially encountering third party Tracking Technologies in connection with use of our Sites and accept that our statements under this Privacy Policy do not apply to the Tracking Technologies or practices of such third parties.
(c) Information Third Parties Provide About You
We may, from time to time, supplement the information we collect directly from you on our Sites with outside records from third parties for various purposes, including to enhance our ability to serve you, to tailor our content to you and to offer you opportunities that may be of interest to you. To the extent we combine information we receive from those sources with your Personal Information we collect on the Sites, it will be treated as Personal Information and we will apply this Privacy Policy to such combined information, unless we have disclosed otherwise. In no other circumstances do our statements under this Privacy Policy apply to information we receive about you from third parties.
- How Do We Use the Information Collected?
Use of Information by Us. We may also use your Personal Information, Demographic Information or Usage Information that is subject to this Privacy Policy: (1) to provide you with information or services or process transactions that you have agreed to receive including to send you electronic newsletters, or to provide you with special offers or promotional materials on behalf of us or third parties; (2) to enable you to participate in a variety of the Sites’ features; (3) to process your Site registration and event registration, including verifying your information is active and valid; (4) to improve the Sites or our services, to customize your experience on the Sites, or to serve you specific content that is relevant to you; (5) to contact you with regard to your use of the Sites and, in our discretion, changes to the Sites and/or Sites’ policies; (6) for internal business purposes; and (7) for purposes disclosed at the time you provide your information or as otherwise set forth in this Privacy Policy.
We also provide you with the opportunity to opt-out of having your Personal Information used or disclosed for certain purposes. Receiving promotional communications from CEDAC, including our affiliates, is optional. If you do not wish to receive promotional communications, log into our Member’s Portal (a link to which appears at each of the Sites) and adjust your subscription settings. There are also links at the bottom of our email correspondences that direct you to the Member’s Portal to unsubscribe. If, due to human or technological error, you continue to receive our communications, please contact us again and we will make every effort to correct the situation. Please note that we reserve the right to send you certain communications relating to your account or use of our Sites, such as administrative and service announcements and these transactional account messages may be unaffected if you choose to opt-out from receiving our marketing communications.
- How and When Do We Share Information with Third Parties?
We do not sell, rent or disclose your Personal Information to others except as described within this Privacy Policy. We may share non-Personal Information, such as aggregated user statistics, with third parties. We may share your Device Identifiers with third parties along with data related to you and your activities. We do not share your Personal Information that we have collected directly from you on our Sites with third parties for those third parties’ direct marketing purposes unless you consent to such sharing at the time you provide your Personal Information. In addition, we may share the information we have collected about you, including Personal Information, as disclosed at the time you provide your information and as described below or otherwise in this Privacy Policy.
(a) When You Request Information From or Provide Information to Third Parties. You may be presented with an option on our Sites to receive certain information and/or marketing offers directly from third parties or to have us send certain information to third parties or give them access to it. If you choose to do so, your Personal Information and other information may be disclosed to such third parties and all information you disclose will be subject to the third-party privacy policies and practices of such third parties. In addition, third parties may store, collect or otherwise have access to your information when you interact with their Tracking Technologies, content, tools apps or ads on our Sites or link to them from our Sites. This may include using third-party tools such as Facebook, Twitter, Pinterest or other third-party posting or content sharing tools. We are not responsible for the privacy policies and practices of such third parties and, therefore, you should review such third-party privacy policies and practices of such third parties prior to requesting information from or otherwise interacting with them.
(b) Third Parties Providing Sites on Our Behalf. We may use third-party vendors to perform certain services on behalf of us or the Sites, such as hosting the Sites, designing and/or operating the Sites’ features, tracking the Sites’ activities and analytics, and enabling us to send you special offers or perform other administrative services. We may provide these vendors with access to user information, including Device Identifiers and Personal Information, to carry out the services they are performing for you or for us. Third-party analytics and other service providers may set and access their own Tracking Technologies on your Device and they may otherwise collect or have access to information about you, potentially including Personal Information, about you. We are not responsible for those third party technologies or activities arising out of them. We are not responsible for the effectiveness of or compliance with any third parties’ opt-out options.
(c) To Protect the Rights of CEDAC and our Users. To the fullest extent permitted by applicable law, we may also disclose your information if we believe in good faith that doing so is necessary or appropriate to: (i) protect or defend the rights, safety or property of CEDAC or third parties (including through the enforcement of this Policy, our Terms of Service, and other applicable agreements and policies); or (ii) comply with legal and regulatory obligations (e.g., pursuant to law enforcement inquiries, subpoenas or court orders). To the fullest extent permitted by applicable law, we have complete discretion in electing to make or not make such disclosures, and to contest or not contest requests for such disclosures, all without notice to you.
(d) Affiliates and Business Transfer. We may share your information, including your Device Identifiers and Personal Information, Demographic Information and Usage Information with our parent, subsidiaries and affiliates (“Affiliates”). We also reserve the right to disclose and transfer all such information: (i) to a subsequent owner, co-owner or operator of the Sites or applicable database; or (ii) in connection with a merger, consolidation, restructuring, the sale of substantially all of our interests and/or assets or other corporate change, including, during the course of any due diligence process.
- Credit Card Information
CEDAC will collect and use information obtained from credit card transactions solely for the payment of event registration fees.
Upon logging into the Members Portal, the session is encrypted (https) and the server is authenticated to the client. The browser also validates that the domain name and certificate details match the name of the site, as well as checks to ensure that the certificate is not expired. All these factors ensure all data, including credit card data, is fully encrypted over a secure 256-bit encryption channel via our GlobalSign SSL Certificate.
The credit card information provided by you to CEDAC will be stored in a confidential manner, and a manner under which CEDAC personnel can only view the last four digits of any given credit card. Only authorized employees may access such information only when there is an appropriate business reason to do so, such as when a refund must be issued to the credit card. (See our refund policy for more information about the circumstances under which we might authorize a refund.)
- Do Third-Party Content and/or Links To Third-Party Sites Appear on the Sites?
When you are on the Sites you might be directed to other websites that are operated and controlled by third parties that we do not control. We are not responsible for the data collection and privacy practices employed by any of these third parties or their services and they may be tracking you across multiple sites and may be sharing the results of that tracking with us and/or others. For example, if you “click” on a link, the “click” may take you off the Sites onto a different site. These other sites may associate their Tracking Technologies with you, independently collect data about you, including Personal Information, and may or may not have their own published privacy policies. We encourage you to note when you leave our Sites and to review the third-party privacy policies of all third-party websites and exercise caution in connection with them.
- How Do I Change My Information and Communications Preferences?
You are responsible for maintaining the accuracy of the information you submit to us, such as your contact information provided as part of registration. The Sites may allow you to review, correct or update Personal Information you have provided through the Sites’ registration forms or otherwise, and you may provide registration updates and changes by contacting Dilia Ramirez at dramirez@cedac.org. If so, we will make good faith efforts to make requested changes in our then active databases as soon as reasonably practicable. Please note that it is not always possible to completely remove or delete all of your information from our databases and that residual data may remain on backup media or for other reasons. When you edit your Personal Information or change your preferences on the Sites, information that you remove may persist internally for CEDAC’s administrative purposes. If you have any questions about the Privacy Policy or practices described in it, you should contact Stephan Weynicz by e-mail: sweynicz@cedac.org.
- What About Transfer of Information to the United States?
Our Sites are operated in the United States and intended for users located in the United States. If you are located outside of the United States, please be aware that information we collect, including Personal Information, will be transferred to, and processed, stored and used in the United States. The data protection laws in the United States may differ from those of the country in which you are located, and your Personal Information may be subject to access requests from governments, courts, or law enforcement in the United States according to laws of the United States. By using the Sites or providing us with any information, you consent to the transfer to, and processing, usage, sharing and storage of your information, including Personal Information, in the United States as set forth in this Privacy Policy.
- What Should Parents Know About Children?
We understand the importance of protecting children’s privacy in the interactive world. We do not use the Sites to knowingly collect Personal Information from children under the age of thirteen (13) without parental consent. If you are a child under 13 years of age, you are not permitted to use the Sites and should not send any information about yourself to us through the Sites.
In the event that we become aware that we have collected Personal Information from any child, we will dispose of that information in accordance with the Children’s Online Privacy Protection Act and other applicable laws and regulations. If you are a parent or guardian and you believe that your child under the age of 13 has provided us with information without your consent, please contact Stephan Weynicz at sweynicz@cedac.org, and we will take reasonable steps to ensure that such information is deleted from our files.
- What About Security?
We incorporate commercially reasonable safeguards to help protect and secure your Personal Information. However, no data transmission over the Internet, mobile networks, wireless transmission or electronic storage of information can be guaranteed to be 100% secure. Please note that we cannot ensure the security of any information you transmit to us, and you use our Sites and provide us with your information at your own risk.
Your own efforts to protect against unauthorized access play an important role in protecting the security of your Personal Information. You should be sure to sign off when finished using a shared computer, and always log out of any site when viewing Personal Information.
- What About Changes to the Privacy Policy?
We reserve the right to change this Privacy Policy at any time. Any changes will be effective immediately upon the posting of the revised Privacy Policy and your use of our Sites indicates your consent to the privacy policy posted at the time of use. However, we will not use your previously collected Personal Information in a manner materially different than represented at the time it was collected without your consent. To the extent any provision of this Privacy Policy is found by a competent tribunal to be invalid or unenforceable, such provision shall be severed to the extent necessary for the remainder to be valid and enforceable.