Effective Date: June 30, 2016.
Welcome! You have arrived at www.cedac.org, http://childrensinvestmentfundma.org or http://cwc-ma.org (the “Sites”), which are owned and operated by Community Economic Development Assistance Corporation (“CEDAC”, “we,” “our” or “us”). CEDAC is committed to following best practices for the privacy of our users, colleagues and partners.
- What Information Does the Sites Collect?
(a) Information You Provide to Us
(b) Information We Collect or Store As You Access and Use the Sites
In addition to any Personal Information or other information that you choose to submit to us via our Sites, we may use a variety of technologies that automatically (or passively) store or collect certain information whenever you visit or interact with the Sites (“Usage Information”). This Usage Information may be stored or accessed using a variety of technologies that may be downloaded to your personal computer, browser, laptop, tablet, mobile phone or other device (a “Device”) whenever you visit or interact with our Sites. To the extent we associate Usage Information with your Personal Information we collect directly from you on the Sites, we will treat it as Personal Information.
This Usage Information may include:
- your IP address, UDID or other unique identifier (“Device Identifier”). A Device Identifier is a number that is automatically assigned to your Device used to access the Sites, and our computers identify your Device by its Device Identifier;
- your Device functionality (including browser, operating system, hardware, mobile network information);
- the URL that referred you to our Sites;
- the areas within our Sites that you visit and your activities there, including remembering you and your preferences;
- your Device location;
- your Device characteristics; and
- certain other Device data, including the time of day, among other information.
We may use various methods and technologies to store or collect Usage Information (“Tracking Technologies”). Tracking Technologies may set, change, alter or modify settings or configurations on your Device. A few of the Tracking Technologies include, without limitation, the following (and subsequent technology and methods later developed):
Cookies. A cookie is a data file placed on a Device when it is used to visit the Sites. A Flash cookie (or locally shared object) is a data file placed on a Device via the Adobe Flash plug-in that may be built-in to or downloaded by you to your Device. HTML5 cookies can be programmed through HTML5 local storage. Unlike Flash cookies, HTML5 cookies do not require a plug-in. Regular cookies may generally be disabled or removed by tools that are available as part of most commercial browsers, and in some but not all instances can be blocked in the future by selecting certain settings. Each browser you use will need to be set separately and different browsers offer different functionality and options in this regard. Also, these tools may not be effective with regard to Flash cookies or HTML5 cookies. For information on disabling Flash cookies go to Adobe’s web site www.adobe.com. Please be aware that if you disable or remove cookies, Flash cookies, or HTML5 cookies on your Device, some parts of our Sites may not function properly, and that when you revisit our Sites your ability to limit cookies is subject to your browser settings and limitations.
Videos that can be accessed through the Sites are hosted by third parties that might use “persistent cookies”, which are used by those third parties to preserve the integrity of video statistics. We are not responsible for the privacy policies or practices employed by such third parties.
Web Beacons. Small graphic images or other web programming code called web beacons (also known as “1×1 GIFs” or “clear GIFs”) may be included in our Sites’ pages and messages. Web beacons may be invisible to you, but any electronic image or other web programming code inserted into a page or e-mail can act as a web beacon. Web beacons or similar technologies may be used for a number of purposes, including, without limitation, to count visitors to the Sites, to monitor how users navigate the Sites, to count how many e-mails that were sent were actually opened or to count how many particular articles or links were actually viewed.
Embedded Scripts. An embedded script is programming code that is designed to collect information about your interactions with the Sites, such as the links you click on. The code is temporarily downloaded onto your Device from our web server or a third party service provider, is active only while you are connected to the Sites, and is deactivated or deleted thereafter.
ETag, or entity tag. A feature of the cache in browsers. It is an opaque identifier assigned by a web server to a specific version of a resource found at a URL. If the resource content at that URL ever changes, a new and different ETag is assigned. Used in this manner ETags are a form of Device Identifier. ETag tracking may generate unique tracking values even where the consumer blocks HTTP, Flash, and/or HTML5 cookies.
We may use Tracking Technologies for a variety of purposes, including:
Targeting Related. We may use Tracking Technologies to deliver content relevant to your interests on our Sites and third party sites based on how you interact with our content. This includes using Tracking Technologies to understand the usefulness to you of the content that has been delivered to or accessed by you.
(c) Information Third Parties Provide About You
- How Do We Use the Information Collected?
We also provide you with the opportunity to opt-out of having your Personal Information used or disclosed for certain purposes. Receiving promotional communications from CEDAC, including our affiliates, is optional. If you do not wish to receive promotional communications, log into our Member’s Portal (a link to which appears at each of the Sites) and adjust your subscription settings. There are also links at the bottom of our email correspondences that direct you to the Member’s Portal to unsubscribe. If, due to human or technological error, you continue to receive our communications, please contact us again and we will make every effort to correct the situation. Please note that we reserve the right to send you certain communications relating to your account or use of our Sites, such as administrative and service announcements and these transactional account messages may be unaffected if you choose to opt-out from receiving our marketing communications.
- How and When Do We Share Information with Third Parties?
(a) When You Request Information From or Provide Information to Third Parties. You may be presented with an option on our Sites to receive certain information and/or marketing offers directly from third parties or to have us send certain information to third parties or give them access to it. If you choose to do so, your Personal Information and other information may be disclosed to such third parties and all information you disclose will be subject to the third-party privacy policies and practices of such third parties. In addition, third parties may store, collect or otherwise have access to your information when you interact with their Tracking Technologies, content, tools apps or ads on our Sites or link to them from our Sites. This may include using third-party tools such as Facebook, Twitter, Pinterest or other third-party posting or content sharing tools. We are not responsible for the privacy policies and practices of such third parties and, therefore, you should review such third-party privacy policies and practices of such third parties prior to requesting information from or otherwise interacting with them.
(b) Third Parties Providing Sites on Our Behalf. We may use third-party vendors to perform certain services on behalf of us or the Sites, such as hosting the Sites, designing and/or operating the Sites’ features, tracking the Sites’ activities and analytics, and enabling us to send you special offers or perform other administrative services. We may provide these vendors with access to user information, including Device Identifiers and Personal Information, to carry out the services they are performing for you or for us. Third-party analytics and other service providers may set and access their own Tracking Technologies on your Device and they may otherwise collect or have access to information about you, potentially including Personal Information, about you. We are not responsible for those third party technologies or activities arising out of them. We are not responsible for the effectiveness of or compliance with any third parties’ opt-out options.
(c) To Protect the Rights of CEDAC and our Users. To the fullest extent permitted by applicable law, we may also disclose your information if we believe in good faith that doing so is necessary or appropriate to: (i) protect or defend the rights, safety or property of CEDAC or third parties (including through the enforcement of this Policy, our Terms of Service, and other applicable agreements and policies); or (ii) comply with legal and regulatory obligations (e.g., pursuant to law enforcement inquiries, subpoenas or court orders). To the fullest extent permitted by applicable law, we have complete discretion in electing to make or not make such disclosures, and to contest or not contest requests for such disclosures, all without notice to you.
(d) Affiliates and Business Transfer. We may share your information, including your Device Identifiers and Personal Information, Demographic Information and Usage Information with our parent, subsidiaries and affiliates (“Affiliates”). We also reserve the right to disclose and transfer all such information: (i) to a subsequent owner, co-owner or operator of the Sites or applicable database; or (ii) in connection with a merger, consolidation, restructuring, the sale of substantially all of our interests and/or assets or other corporate change, including, during the course of any due diligence process.
- Credit Card Information
CEDAC will collect and use information obtained from credit card transactions solely for the payment of event registration fees.
Upon logging into the Members Portal, the session is encrypted (https) and the server is authenticated to the client. The browser also validates that the domain name and certificate details match the name of the site, as well as checks to ensure that the certificate is not expired. All these factors ensure all data, including credit card data, is fully encrypted over a secure 256-bit encryption channel via our GlobalSign SSL Certificate.
The credit card information provided by you to CEDAC will be stored in a confidential manner, and a manner under which CEDAC personnel can only view the last four digits of any given credit card. Only authorized employees may access such information only when there is an appropriate business reason to do so, such as when a refund must be issued to the credit card. (See our refund policy for more information about the circumstances under which we might authorize a refund.)
- Do Third-Party Content and/or Links To Third-Party Sites Appear on the Sites?
When you are on the Sites you might be directed to other websites that are operated and controlled by third parties that we do not control. We are not responsible for the data collection and privacy practices employed by any of these third parties or their services and they may be tracking you across multiple sites and may be sharing the results of that tracking with us and/or others. For example, if you “click” on a link, the “click” may take you off the Sites onto a different site. These other sites may associate their Tracking Technologies with you, independently collect data about you, including Personal Information, and may or may not have their own published privacy policies. We encourage you to note when you leave our Sites and to review the third-party privacy policies of all third-party websites and exercise caution in connection with them.
- How Do I Change My Information and Communications Preferences?
- What About Transfer of Information to the United States?
- What Should Parents Know About Children?
We understand the importance of protecting children’s privacy in the interactive world. We do not use the Sites to knowingly collect Personal Information from children under the age of thirteen (13) without parental consent. If you are a child under 13 years of age, you are not permitted to use the Sites and should not send any information about yourself to us through the Sites.
In the event that we become aware that we have collected Personal Information from any child, we will dispose of that information in accordance with the Children’s Online Privacy Protection Act and other applicable laws and regulations. If you are a parent or guardian and you believe that your child under the age of 13 has provided us with information without your consent, please contact Stephan Weynicz at firstname.lastname@example.org, and we will take reasonable steps to ensure that such information is deleted from our files.
- What About Security?
We incorporate commercially reasonable safeguards to help protect and secure your Personal Information. However, no data transmission over the Internet, mobile networks, wireless transmission or electronic storage of information can be guaranteed to be 100% secure. Please note that we cannot ensure the security of any information you transmit to us, and you use our Sites and provide us with your information at your own risk.
Your own efforts to protect against unauthorized access play an important role in protecting the security of your Personal Information. You should be sure to sign off when finished using a shared computer, and always log out of any site when viewing Personal Information.