Policies
Privacy Policy for Data Collected by Convio's Clients
Convio, Inc. (“Convio” or “we”) provides various services to nonprofits and business entities (“Clients”), including constituent relationship management (“CRM”) software, email marketing, fundraising software, content management systems (“CMS”), online marketing services and other related professional services. Convio does not provide or market its services directly to consumers or individuals.
Convio acts as a data processor on behalf of its nonprofit Clients. In this capacity, Convio does not own or have independent rights to control the use of the Personal Data it processes on behalf of its Clients; it acts solely on their instructions. As an agent processing Personal Data under the direction of its Clients, Convio has no direct relationship with the individuals whose Personal Data it receives. For purposes of this Policy, we call such data “Constituent/Donor Data.”
Convio works with its Clients who are responsible for providing notice of data processing to their constituents/donors, including information concerning (1) the purposes for which Constituent/Donor Data is collected and used; (2) a contact person to whom inquiries or complaints may be directed; (3) the types of third parties to whom Constituent/Donor Data is disclosed; and (4) the choices and means that such individuals are offered for limiting use and disclosure of their Personal Data.
Terms Used in This Policy
“Constituent/Donor Data” means Personal Data or other data collected directly by Convio’s Clients from individuals who: 1) make donations or who may be interested in making donations to Clients or 2) provide their Personal Data to our Clients either through the use of the Convio software or by other means and the Client subsequently stores such Personal Data in the Convio software.
“Financial Data” means data containing credit card numbers, bank account information or account information for online payment systems such as Paypal or Amazon.
“Personal Data” means any information relating to an identified or identifiable natural person ("Data Subject"); an identifiable person is one who can be identified, directly or indirectly, in particular by reference to an identification number or to one or more factors specific to his physical, physiological, mental, economic, cultural or social identity.
“Sensitive Personal Data” means personal data that reveals racial or ethnic origin, political opinions, religious or philosophical beliefs, trade-union membership, and/or concerning health or sex life.
Please click on one of the links below to be directed to any of the following topics:
- The treatment of Personal Data Received from the European Union (EU)/European Economic Area (EEA)
- How we use Constituent/Donor Data collected by our Clients
- Choices about Disclosures of Personal Data
- Use of “Cookies” and Other Automated Tools
- How to Access or Modify Personal Data Stored in our Database(s)
- What kind of security procedures are in place to protect the loss, misuse or alteration of Personal Data under our control
Personal Data Received from the EU/EEA
Convio handles Personal Data transferred from the European Economic Area (EEA) in accordance with the U.S.-EU Safe Harbor Principles (collectively, the “Principles”). Some of this data is collected via the Client websites created using the Convio software and some of it is received by Convio as a result of its provision of services to its Clients. When acting as an agent processing Personal Data under the direction of its Clients, Convio enters into agreements with its Clients specifying the conditions under which Personal Data received from the EEA can be processed and kept secure.
For information about how we handle data we collect ourselves via our Convio corporate websites or otherwise, please see “Convio Privacy Policy for Data Collected By Convio.”
Convio complies with the U.S. – E.U. Safe Harbor Framework as set forth by the U.S. Department of Commerce regarding the collection, use and retention of personal data from the European Union. Information regarding the E.U. Safe Harbor Framework can be found at: http://export.gov/safeharbor.
Data Not Covered by this Policy
Please note that certain information, such as human resources/employee information and information collected from visitors to our websites, is subject to different Convio policies and agreements. For more information about how we handle data we collect ourselves via our Convio corporate websites or otherwise, please see “Convio Privacy Policy for Data Collected By Convio.”
How We Use Constituent/Donor Data Collected by Our Clients
As an agent acting under the direction of its Clients, in most cases Convio has no direct relationship with the individuals whose Constituent/Donor Data it may receive. Instead, Convio relies on its Clients to provide notice of data processing to individuals, including information concerning (1) the purposes for which Constituent/Donor Data is collected and used; (2) a contact person to whom inquiries or complaints may be directed; (3) the types of third parties to whom Constituent/Donor Data is disclosed; and (4) the choices and means that individuals are offered for limiting use and disclosure of their Constituent/Donor Data.
In addition, Convio follows its Clients’ instructions with respect to disclosure, processing, transfer and use (if any) of Constituent/Donor Data. Thus, the ways in which we process, share or otherwise handle Constituent/Donor Data, as well as the purposes for which we process such data, will depend on our agreements with our Clients.
Choices about Disclosures of Personal Data
When we act as an agent for our Clients, we rely on them to inform their constituents and donors about the possibility of disclosures of Constituent/Donor Data to third parties or the processing of Constituent/Donor Data. Our Clients are legally required to offer individuals the choices of opting out of such disclosures and opting in to the processing of Sensitive Personal Data.
Use of "Cookies" and Other Automated Tools
Our Clients’ websites may use cookies to enhance your experience while using their websites. Cookies are pieces of information that can be transferred by a website to computers browsing that website. Cookies are generally used for record-keeping and analytical purposes. Cookies can make Web surfing easier by performing certain functions such as saving passwords, personal preferences regarding use of a particular website and to make sure the same advertisement does not appear repeatedly. Many people consider the use of cookies to be an industry standard.
If you access one or more of our Clients’ websites from the EU, please familiarize yourself with their websites and privacy notices to learn more about their use of cookies.
Data Integrity
As explained above, Convio only processes Constituent/Donor Data in a way that is compatible with and relevant to the purposes for which it was collected or authorized. In most cases, Convio’s Clients are responsible and best suited for implementing data integrity measures. Convio nevertheless takes reasonable steps to ensure that Constituent/Donor Data in its possession is accurate, complete, current and reliable for its intended use.
How to Access or Modify Personal Data Stored in our Database(s)
Convio usually has no direct relationship with the individuals who provide Constituent/Donor Data to its Clients. Thus, if you seek access, or is you wish to correct, amend, or delete your Personal Data, you should direct your request to the entity to which you originally provided it.
Nevertheless, if you believe that your Personal Data is stored in our database(s) or otherwise handled by us, and you wish to make corrections or deletions, send an email to privacy@convio.com. We will make efforts to honor such requests, except where there is a significant burden or expense associated with doing so or where others’ rights would be violated. We will respond to your access request within 30 days.
Security
Financial Data transmitted through Convio’s software is transmitted using SSL (Secure Socket Layer) encryption. SSL is a proven coding system that lets your browser automatically encrypt, or scramble, data before you send it to us. Unfortunately, however, no data transmission over the Internet or data storage is 100% secure. Since no data security measures are 100% foolproof, Convio cannot guarantee the security of data transmitted or stored via our software and systems.
When acting as an agent processing Constituent/Donor Data under the direction of its Clients, Convio may be subject to agreements with such Clients specifying the conditions under which Personal Data received from the EEA should be processed and kept secure.
Tell-A-Friend & Email this Page Services
If a Convio Client elects to use certain functionality in the Convio software which permits the Client’s donors or constituents to inform their friends about the Convio Client website, the Convio software is programmed to ask for the friend's name and email address. For any email address collected in this manner, Convio will automatically send the friend a one-time email inviting them to visit the Convio Client website. The Convio software stores this information for the sole purpose of sending this one-time email. Convio Clients that utilize the aforementioned software functionality are responsible for ensuring that the privacy policies they publish on the website pages which enable such functionality adequately address the aforementioned use.
Limitations
As set out in the Principles, our adherence to the Principles may be limited to the extent necessary to meet national security, public interest, or law enforcement requirements.
Enforcement
Convio uses a self-assessment approach to assure compliance with this Policy and periodically verifies that the policy is accurate, prominently displayed, completely implemented and accessible. We encourage interested persons to raise any concerns by contacting us (see contact information below). We will attempt to resolve any complaints and disputes regarding our uses and disclosures of Personal Data. If a complaint or dispute regarding our handling of Personal Data cannot be resolved through our internal processes, we agree to dispute resolution using TRUSTe.
Convio participates in the EU Safe Harbor Privacy Framework as set forth by the United States Department of Commerce. As part of our participation in the Safe Harbor Framework, we have agreed to the TRUSTe Dispute Resolution Requirements for disputes relating to our compliance with such Framework. If you have complaints regarding our compliance with the Safe Harbor you should first contact us at privacy@convio.com. If contacting us does not resolve your complaint, you may raise your complaint by contacting TRUSTe by fax at 415-520-3420, or mail at Watchdog Complaints, TRUSTe, 55 2nd Street, 2nd Floor, San Francisco, CA, USA 94105.
If you are faxing or mailing TRUSTe to lodge a complaint, you must include the following information: the name of the company related to your complaint, the alleged privacy violation, your contact information, and whether you would like the particulars of your complaint shared with the company. For information about TRUSTe or the operation of TRUSTe’s dispute resolution process, please visit TRUSTe or request this information from TRUSTe at the address listed above. The TRUSTe dispute resolution process shall be conducted in English.
For human resources data, we have agreed to cooperate with European Data Protection Authorities.
Any questions, comments or complaints about the data practices (including without limitation compliance with data privacy principles of notice, choice, onward transfer, access, security, data integrity, or enforcement) of a hosted online OnBoarding software customer, or partner for whom Convio processes data, should be addressed to that customer or partner.
Changes to this Policy
This Policy may be amended from time to time, consistent with the requirements of the Safe Harbor Principles. We will post any revised policy on this website and your use of these sites following notice of such change will be deemed acceptance of the revised Privacy Policy, which may include application of the new policy to information provided prior to the date of such change.
Contacting Us
If you have any questions about this Policy, our information collection practices, or your dealings with Convio, you can contact:
Chief Security Officer
11501 Domain Drive
Suite 200
Austin, TX 78758
888-528-9501 Toll-free Phone
privacy@convio.com
Questions regarding this statement should be directed to privacy@convio.com. Please reference this Privacy Policy in your subject line.