Claude Worthington Benedum Foundation
Privacy Policy
Effective Date: January 21, 2019
This Privacy Policy describes how Claude Worthington Benedum Foundation (“Benedum”, “we,” “our”, or “us”) collects and uses your data in connection with your (“User” or “you”) use of our website www.Benedum.org (the “Site”) and the services provided therein (the “Services”). Benedum takes seriously its responsibility to protect the safety and security of its Site and your data.
This Privacy Policy is part of the Terms of Use which govern your access to and use of our Services and Site. We will refer to access, use, transmission, storing, and sharing of information, availability or utilization of features, functions or activities, simply as “use” in this Privacy Policy.
1. ACCEPTANCE OF PRIVACY POLICY
By using Benedum’s Services and Site, you agree to accept this Privacy Policy. If you do not agree to this Privacy Policy, please do not use our Site or Services.
2. INFORMATION WE COLLECT
Depending on how you use our Services, the information we collect includes, but is not limited to, the following categories of information about you and your organization:
(1) Institution Information
When you submit an application to our Grants Program, we collect information about the organization which the grant application purports to benefit such as the following to help us to assess whether or not to approve your grant application: name of the organization; legal name, unit, and AKA of the organization if applicable, address of the organization; tax ID, contact phone number, Fax number, website address of the organization; current annual operating budget of the organization; information relevant to the compliance with the Patriot Act (such as whether or not your organization has transferred funds outside of the United States); and the ABA/account number of the organization’s bank (“Institution Information”).
(2) Personal Data
When you submit an application to our Grants Program, we also collect personal information of the organization’s contact person such as name, job title, email address, mailing address, and telephone number (“Personal Data”) to communicate grant related information.
(3) User Content
When you submit an application to our Grants Program, we may also collect documents such as your organization’s financial statement, letter of determination, and current members of governance structure (“User Documents”) to help us to access whether or not to approve your grant application. When you submit an inquiry and comments about our Site and Services, you may provide us with inputs and insights online or through emails and phone calls (“User Inputs”).
(4) Other Information
You understand and agree that as part of our obligation to exercise due diligence with respect to any grant and to comply with other legal requirements, Benedum may seek information about your organization and people involved with your organization from a variety of sources.
(5) Information We Do Not Intend to Collect
We do not intend to collect or retain records of any sensitive personal data, data regarding minority status, or unauthorized third party data.
3. AUTOMATICALLY COLLECTED INFORMATION
Each time you visit Benedum’s website, Benedum, its partners, and/or vendors automatically collect the following anonymous information to improve the overall quality of your online experience.
(1) Aggregated Data
Benedum collects data for internal reporting and counts, tracks, and aggregates the visitor’s activity for the purpose of analysis of general traffic flow and feature usage related to the Site. Information we collect to observe site traffic includes, but is not limited to, your browser based information and general location. We may remove personal identifiers from Personal Data or may use pseudonymization to disassociate the individual from the Personal Data, allowing statistically accurate analysis of data without exposing any individual’s identity. We compile traffic-based statistics that show the numbers and frequency of visitors to our Site and its individual pages. These are an aggregated statistical report that we use internally to better understand our Site traffic, manage our Site, and help diagnose any problems. The statistics contain no personally identifiable information and cannot be used to gather such information. To these ends, Benedum may include information about you in aggregated group data. Such anonymous data may be shared with our affiliates, business partners, service providers and/or vendors; if it does so, Benedum will not disclose your individual identity.
(2) IP Addresses
An IP address is a number that automatically identifies the computer or device you use to access the Internet. The IP address enables our server to send you the web pages that you want to visit, and it may disclose the server owned by your Internet Service Provider. Benedum may use IP addresses to conduct analyses and performance reviews and to administer the Site, and also may use other information provided by you or your browser for purposes such as enabling support for applications and services being used.
(3) Cookies
Cookies and similar technologies within a web browser allow persistent storage of data as you navigate a website. This functionality does not personally identify users, although it does allow the web server to differentiate one user from another. Many websites use cookies and similar technologies to provide website and application features when a user visits the website, and most web browsers are set up to accept cookies. Benedum uses cookies to allow our Site to function and improve delivery of your online experience. You can set your browser to refuse cookies, but most functionality of your experience with Benedum may not work properly and you may be required to re-enter certain information each time you use our Site. Some features allow data to remain only for the time that your browser is open, for example a session cookie. A persistent cookie is an example of functionality that your browser provides that allows the data to persist on your device/computer even after the browser is closed. Like many other organizations with websites, Benedum may use both types of functionality your browser provides.
(4) Google Analytics
We use Google Analytics to better understand and personalize your use of the Services. Google Analytics collects information such as: browser, operating system, gender, age, device category, mobile device information, country, user type, service provider, what website the user used prior to coming to our Site, number of users, new users, sessions, average session duration, average pages accessed per session and user bounce rate. To process analytics data when you visit our Site, Google Analytics may use various technologies including cookies to identify your browser and computer device. Google does not receive your user account information, email address, or other personally identifiable information from us through the use of Google Analytics.
4. HOW WE USE YOUR DATA
Benedum processes your data in order to comply with legal and regulatory obligations, contractual obligations, requests by you or on your behalf to provide our Services to you, and for other purposes for which Benedum has a legitimate interest or other lawful basis including but not limited to: (i) keeping our records up to date; (ii) providing Benedum Services to you; (iii) maintaining or administering the Services, performing business analyses, or for other internal purposes to improve the quality of our Grants Program and Services; (iv) preventing fraud and financial crime to protect the public; (v) communicating with you concerning the Services consistent with Benedum’s obligations to provide those Services or otherwise; (vi) participating in litigation, investigations, regulatory or governmental inquiries, or for other legal or regulatory purposes involving Benedum applicants who use or have used Benedum Services and programs or other third parties; (vii) disclose your data to comply with any legal or regulatory obligation, to enforce our Terms of Use, or to protect the rights, property or safety of Benedum; and (viii) satisfying other legitimate business interests.
5. SHARING YOUR DATA WITH THIRD PARTIES
We share some of your data with, or obtain data from, the following categories of third parties:
(1) In General
Benedum may share your data with (a) any U.S. or international governmental department or agency, including regulatory authorities with a legitimate interest in the data; (b) any third party with your consent; (c) any other third party where Benedum has a legitimate interest in doing so including but not limited to when Benedum must verify information relating to Grants Program applicants; and (d) any other entity or individual if Benedum is satisfied that the third party has a legitimate interest in such information including but not limited to when there is a need for those third parties to update and maintain their databases, to provide services to or for applicants; and for other purposes in support of Benedum’s mission.
(2) Disclosures to Third Parties Vendors
We may share your data under confidentiality agreements and any required data processing agreements with other third parties that work with or on behalf of Benedum to provide products and services such as, but not limited to, those who provide (i) email or mail services; (ii) cloud hosting services; (iii) analysis of usage of the Benedum Site; (iv) support and maintenance of the Services; (v) services to assist us in processing grant applications; and (vi) surveys. We also may share your data with our legal, regulatory, audit, and other professional advisors. Those companies may use your data to assist us in our operations consistent with our legitimate business interests.
(3) Disclosures to Other Organizations
Some of your data will be shared with any other organizations with your approval or where Benedum has a legitimate interest in doing so, including but not limited to: (i) when Benedum must verify information relating to applicants; (ii) where Benedum is satisfied that the third party has a legitimate interest in such information, including but not limited to where there is a need for those third parties to update and maintain their databases, to provide services to or for applicants; and (iii) for other purposes in support of Benedum’s mission.
(4) Disclosures under Special Circumstances
We may disclose your data to respond to subpoenas, court orders, legal processes, regulatory authority investigations, or governmental regulations or inquires, or to establish or exercise our legal rights or defend against legal claims, or when we believe it is necessary to share such information in order to investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, or as otherwise required by law or to protect the public.
Where applicable and mandated by privacy laws, Benedum may share your data with those parties under restrictions such as the requirement to keep your data confidential, destroy data once it no longer is needed for the intended purpose, and/or to prevent unauthorized release of such data. Benedum conducts such exchanges in a secure manner designed to protect against unauthorized access.
Other than for the specific purposes noted in this Privacy Policy or in any terms and conditions that otherwise apply to you, we do not share your Personal Data and we will never use or share your Personal Data for advertising or marketing purposes.
6. HOW LONG WE KEEP YOUR DATA
We keep your data only for as long as is reasonably necessary to achieve the purposes for which it was collected, whether that is to provide services to you, for our own legitimate interests (described above), or so that we can comply with the law. We reserve the right to retain it to the full extent not prohibited by law. We may delete data in our discretion, so you should retain your own records, and not rely upon our storage of any data, content, or other data.
We will actively review the information we hold and when there no longer is a user, legal, or business need for us to hold it, we will either delete it securely or in some cases irreversibly anonymize it. When we delete any information, it will be deleted from our active databases but may remain in our archives.
7. HOW WE PROTECT YOUR DATA
To prevent unauthorized access, maintain data accuracy, and facilitate the correct use of your data obtained through our Site, we have put in place appropriate physical, technical, and operational measures to safeguard and secure your data we collect online against unauthorized access, unlawful use, accidental loss, corruption, or destruction.
We use technical measures such as encryption and password protection to protect your data and the systems where they are stored. However, messages you send to us through the Internet or otherwise electronically may not be secure. We recommend that you do not send any confidential information to us by email. If you choose to send confidential information to us, you accept the risk that a third party may intercept this information.
Although Benedum takes measures designed to protect your data in its systems, you also must be vigilant in protecting access to your information online and assume responsibility for protecting your Personal Data. Treat your usernames and passwords with care. Do not share them or enter them into fraudulent sites. Benedum is not liable for any consequences resulting from any compromise to your username and password.
8. LOCATION OF YOUR PERSONAL DATA /DATA TRANSFER
Benedum is located in the United States and is subject to the applicable laws of the United States. We will store and process information we receive about you, as described in this Privacy Policy, in the United States.
You agree that Benedum and those with whom we share your Personal Data (“Recipients”) may disclose, transfer, process, and store your Personal Data outside of your country of origin to our affiliates, sponsors and partners, and any other third party service providers for the purposes described in this Privacy Policy. Some of the Recipients may be located in countries that do not provide a level of data protection equivalent to that set forth by the European Union and some other jurisdictions.
If you choose to access or use the Services offered by Benedum, you consent to the worldwide transfer and processing of your information, even in jurisdictions that may have less restrictive privacy practices than your own.
If we do transfer Personal Data outside the United States, we will make sure that it is protected in the same way as if it were being used in the United States. When required by law, we will use one of the following safeguards to ensure your Personal Data is protected:
• Transfer the data to a non-European Economic Area (EEA) country that has privacy laws at least as protective as those within the EEA, or
• Put in place a contract with the recipient of the data, which means the recipient must protect the data to the same standards as required within the EEA, or
• Transfer it to organizations that are part of the Privacy Shield. The Privacy Shield is a framework that sets out the standards for data to be sent between the United States and European countries. The Privacy Shield ensures that data are protected to the same standards as used within the EEA.
By submitting any Personal Data or by using our Site and without limitation to any other rights or obligations we have, you consent to such transfer to and processing in the United States and these other countries and you acknowledge that your information may be subject to access by law enforcement and other government entities including courts and tribunals, in accordance with laws applicable in those jurisdictions.
9. CONSENT TO ELECTRONIC NOTICE UPON SECURITY BREACH
We will safeguard your Personal Data and prevent such information from unauthorized access, disclosure, or use. If we or a Recipient is required by law to provide notice of unauthorized access to or other compromise to your Personal Data, you agree that we (or they) may do so when required (or voluntarily) by posting notice on our Site or sending notice to any email address we have for you, in our (or their) good faith discretion. You agree that notice to you will count as notice to others for whom you are acting, and agree to pass the notice on to them.
10. YOUR RIGHTS OVER YOUR PERSONAL DATA
Where provided by applicable data privacy laws, you may have the right to review, verify, correct, and request erasure of the Personal Data that we hold about you under certain circumstances. You may also have the right to limit, restrict, or object to the processing of your Personal Data, and to request that we transfer your Personal Data to another party under certain circumstances.
Access to your Personal Data is available through your Benedum login credentials (username and password). When you apply for a Benedum Grant, you have an opportunity to correct or update most information you have provided to our Grants Program. If you are an existing Benedum user, you can log in to your Benedum account to update your Personal Data held there.
Where applicable data privacy laws provide you with the rights such as: (i) to review, verify, correct, or request erasure of your Personal Data; (ii) to limit, restrict, or object to the processing of your Personal Data; (iii) to request a transfer of your Personal Data to another party; or (iv) to file a complaint concerning Benedum’s processing of your Personal Data, you may contact us at info@Benedum.org or write to us at Benedum Foundation, ATTN: Data Protection, 1400 Benedum-Trees Building, 223 Fourth Avenue, Pittsburgh, Pennsylvania 15222. To protect your privacy and security, we may take reasonable steps to verify your identity before fulfilling your request.
11. SCOPE OF PRIVACY POLICY
This Privacy Policy does not apply to third party websites (if any) that may be accessed through our Site. We may provide links to other websites that contain information that we believe may be useful to you or that you will find valuable. However, we have not investigated the security of those linked websites and you should not assume those sites have a privacy policy equivalent to ours. If you access such a third party website through a link we provide, you will be subject to the privacy policy of the new site. Benedum is not responsible for the contents of any linked Web pages referenced from our Site. If you have any questions regarding the privacy, security, or content of those sites, you should contact the appropriate contact(s) at those sites directly.
12. CHANGES TO THIS PRIVACY POLICY
Benedum has the right, at any time and from time to time, to make changes to this Privacy Policy. If the changes are material, we will provide at least 30 days’ notice , by email or by any other means. Any changes to this Privacy Policy will be posted on this website and will be effective when posted unless another date is referenced in the notice. We recommend you check the Privacy Policy on a regular basis so that you know the current terms and conditions that apply to you. If you use our Site after any changes are effective, you are agreeing to comply with and be bound by them.
13. CONTACT US
If you have any questions, comments, requests, or concerns related to this Privacy Policy, please contact us at info@Benedum.org or write to us at Benedum Foundation, ATTN: Data Protection, 1400 Benedum-Trees Building, 223 Fourth Avenue, Pittsburgh, Pennsylvania 15222.