CyberGrants has recently updated our Privacy Policy. Learn More.

Skip to main content

Privacy Policy

Policy Statement

CyberGrants, LLC (“CyberGrants,” “we,” “us,” or “our”) is committed to protecting the privacy of your information. CyberGrants provides this privacy policy (“Privacy Policy”) in support of our commitment to safeguarding your personal information. This Privacy Policy applies to information collected when you access or use our websites (“Sites”) or our products, software services, and applications (“Software”), collectively referred to as “Services.” Our Services include: Grant Management Software, Employee Engagement Software, Disbursement Solutions, Apply OnLine, EasyMatch, and Consiva. By accessing or using our Services, you accept the terms of this Privacy Policy.

This Privacy Policy describes the information collected through the Services and how that information is used and shared. This Privacy Policy also explains your rights and choices regarding your personal information, how we communicate changes to this Privacy Policy, and how you may contact us regarding questions or issues with respect to anything contained in this Privacy Policy. CyberGrants and its service providers may collect or receive the types of information described below in connection with your access to and use of the Services (collectively, “Collected Information”). If you have any questions or concerns about our use of your personal information, please contact us using the contact information provided at the end of this Privacy Policy.

By accessing or using our Services you agree on behalf of yourself and any company or organization that you represent (together, “you”) that you have read and understand this Privacy Policy, including the collection, use, and disclosure of information described below. As may be required by applicable law, we may also seek your explicit consent to process certain data and information collected via the Services.

Changes to Privacy Policy

CyberGrants may, in its sole discretion, change this Privacy Policy from time to time. All changes will be effective immediately upon posting to the Services. Material changes to this Privacy Policy will be conspicuously posted on the Site or otherwise communicated to you. Please refer back to this Privacy Policy on a regular basis.

Authorized Users

CyberGrants’ clients who have entered into agreements with CyberGrants for our Services (“Clients”) may designate authorized users from among their employees, contractors, and agents (“Authorized Users”) with the right to access and use our Services. To access our Services you must be an Authorized User and at least eighteen (18) years old.

Information We Collect

The information that we may collect from or about you when you use our Services broadly falls into the following categories: information that you voluntarily provide to us, for example, your contact information and certain other personal information; information collected through your use of the Service, for example, account activity and data collected by the servers used to operate the Services; location information; data collected by tracking technologies; information collected when you connect with social media platforms using the Services; and data collected by embedded content.

Personal Information

You can visit and use our Sites without submitting personal information, but you will be required to submit personal information to use certain features of our Sites and other Services. We will collect any personal information from or about you that you choose to submit to us, which may include: your name, your email address, payment information, your home and business mailing addresses, mail codes, business title, department, employee type or status, hire date, employee ID, and manager/hierarchy information. For example, we collect personal information when you register with or use our Services, when you use our Services to communicate via internal messaging with other employees, contractors, or agents of your employer, when you make a charitable donation, when you submit a request for a matching program, when you volunteer for a project that requires submission of contact information, when you participate in a blog, when you post User Content (as defined below) on our Services, when you fill out a form to download a whitepaper or request a demo, in receiving and fulfilling information requests, and when you respond to communications from us. Additionally, if you visit or register on a CyberGrants sponsored site through social media, we may also receive certain personal information from those social media sites, and/or post regarding your charitable activity.

Organization Portal Account Information

If you are an entity founded and operated for the benefit of others, typically a not-for-profit, nonprofit, charitable, or tax-exempt organization (“organization”), that has received funds from or on behalf of CyberGrants, you can register for an account on our disbursements portal by submitting your name, telephone number, email address, and the access code that accompanied those funds. You may populate your account profile with additional information you choose to submit.

Donor Portal Account & Donation Information

If you are an Authorized User, you may be required to submit certain information to register for that account, including your name and employee ID.

We will collect all information you choose to provide when logged into your CyberGrants account, including, for example, your organization searches, matching gift and payroll contribution requests and activity, volunteer hours logged, and donation activity.

Donations made by Authorized Users may be made by credit or debit card. All credit and debit card information is provided directly to our PCI-compliant third-party payment processor. CyberGrants does not directly access, handle, or store your credit or debit card information. To make a donation using the Services, you will need to submit your name and your credit or debit card type, number, expiration date, security code, and billing address. Payment by credit or debit card is subject to the approval of the card issuer. We will not be liable in any way if a card issuer refuses to accept a credit or debit card for any reason. We will maintain a record of the donations and other gifts that you make using the Services and we will also collect all other information you and the Client choose to provide when making a donation or otherwise completing a transaction using the Services.

If you choose to make a donation through the Services, your contact information may be shared with the organization(s) which are receiving the donation. This information may include your full name, email address, telephone, and mailing address (including street, city, state, country, and ZIP/postal code). You may be given the ability to select, change, or anonymize this information before it is shared with the applicable organization(s) if your employer elects to activate that capability.

User-Generated Content

You are responsible for any comments, data, text, images, video, audio, and other content and material that you create, post, transmit, upload, publish, distribute, broadcast, submit, or otherwise provide using the Services (collectively, “User-Generated Content”). User-Generated Content that you provide is posted on or otherwise made available through the Services at your own risk. We cannot guarantee that User-Generated Content you provide will not be viewed by unauthorized persons or entities. You understand that, even after removal, copies of User Content that you have provide may remain viewable in cached and archived pages and may have been copied or stored by Internet archives and other users of the Services.

IP Addresses and Related Information

The servers used to operate and provide the Services may collect data pertaining to you and the equipment, software, and communication methods you use to access the Internet and the Services, including TCP/IP addresses assigned to the computers and other devices from where you access the Internet, your Internet Service Provider (ISP), your device ID, your approximate geographic location, your browser type, language preferences, referring and exit pages, URLs, date and time stamps, amount of time spent on particular pages, sections of the sites visited, clickstream data, search terms, operating systems, website traffic, and keywords. CyberGrants may use this information to administer the Services, the site and its servers, to generate statistical information, to monitor and analyze site traffic and usage patterns, to monitor and prevent fraud, to investigate complaints and violations of our policies, and to improve the site’s content and the products, services, materials, and other content that we describe or make available through the site and Services. We may combine this information with personal information, and information obtained from third parties for the purposes discussed herein. The service providers that we use to provide the site may collect information about your visits to the site and other websites.

Location Information, Cookies, and Other Tracking Technologies

When you visit or use our Services, cookies or other tracking technologies may be automatically used to facilitate and enhance the user experience on the Services and for other purposes as described below. A cookie is a small piece of information that your browser stores on your device’s hard drive and stores information about your CyberGrants account (if applicable), preferences, and use of our Services. We use cookies to track how you access and use the Services, to learn how popular Service pages are and are not, to learn which search terms are used to find the Services, to learn which websites direct you to the Services, to recognize you when you return to our Services, and to track and target your interests in order to provide a customized experience (e.g., by remembering and displaying your contact and other information). They also help us to detect certain kinds of fraud. We use cookies to store preferences, record session information, record user-specific information on what pages are accessed or visited, alert you to new areas of our sites, or customize web page content.

"Session" cookies are temporary cookies used for various reasons, such as managing page views. Typically, your browser will erase session cookies once you exit the browser.
"Persistent" cookies are more permanent cookies that are stored on your computer or mobile device after you exit the browser. Persistent cookies allow us to retrieve certain information that you have previously provided to us (e.g., your user ID if you asked for it to be remembered). Our Services may use both session and persistent cookies.

Our Services may also use "tracer tags," which are tiny graphic images placed on Service pages or in our e-mails that allow us to determine whether you have performed certain actions. When you access these pages or open e-mail messages, the tags generate a notice of that action to us or our service providers. These tools allow us to measure responsiveness to our communications and improve our Services and promotions. Our use of cookies for tracer tags is restricted to session cookies and therefore does not leave artifacts on user workstations.

The Services may use both cookies that we implement and cookies implemented by our service providers and other third parties. Our service providers may use cookies and other tracking technologies, such as pixel tags, to track visitors across the Internet to understand how you get to the Services. Most browsers automatically accept cookies. You may manage, block or delete cookies and other tracking technologies by adjusting your browser's security and privacy settings but, if you do so, you may not be able to use particular features of our Services and your enjoyment of the Services may be impacted. Due to this automatic collection of data using cookies, we do not honor “do not track” requests.

Social Media

The Services may allow you to connect to and share information with various social media platforms, for example, Facebook, Twitter, LinkedIn, and Google+. These features may require us to implement cookies, plug-ins, and application protocol interfaces (APIs) provided by those social media platforms to facilitate those communications and features. We may share information that you provide us or that we may collect about your use of the Services with those platforms and that information will be subject to their privacy policies. We encourage you to review those platforms’ privacy policies: Facebook’s Data Policy; Twitter’s Privacy Policy; LinkedIn’s Privacy Policy; and Google’s Privacy Policy. In addition, by choosing to use any third-party social media platform or choosing to share content or communications with any social media platform, you allow us to share information with the designated social media platform. We cannot control any policies or terms of such third party platform. As a result, we cannot be responsible for any use of your information or content by a third party platform, which you use at your own risk.

Embedded Content

The Services may incorporate content, including feeds scripts embedded in the Services’ code and visible content (for example, videos), provided by third parties. In some cases, those third parties collect data about how you interact with their content. For example, Vimeo may collect or otherwise have access to usage data on videos embedded on the site as described in Vimeo’s Privacy Policy.

How We Use and Disclose Collected Information

In addition to the uses described above, CyberGrants and its service providers may use and disclose Collected Information as described below. We do not use, sell, rent, or disclose Collected Information except as stated in this Privacy Policy or as permitted by applicable law.

We will use Collected Information in connection with the reason for which it was collected. For instance, to provide the Services; administer, to improve and provide access to our Services; to manage and maintain CyberGrants accounts; to process donations; to respond to inquiries; to upload User-Generated Content; and to communicate with you regarding our products and services, your CyberGrants account, or other matters that may be of interest to you (subject to applicable laws and the terms of this Privacy Policy). If you provide us with your phone number in connection with your account, we may call you at that telephone number regarding your account or your requests for support.

If you submit a resume or other job application materials to us, we may use those materials to evaluate your qualifications and to otherwise consider or respond to your application for employment. Your submission of a resume or other job application materials does not in any way require CyberGrants to review that application or consider you for employment.

By virtue of applying for a grant with a CyberGrants’ client, grantseekers or organizations, as applicable, are consenting (opting-in) to CyberGrants’ use of the organizational information they provide in connection with that grant application. We communicate with organizations on a periodic basis via email or phone to resolve or investigate customer service issues. We may also use grantseeker and organization email addresses to notify you of updates to philanthropic activity and to send notices and other disclosures as required by law.

We will make User-Generated Content available to other users of the Services as applicable. For example, if you are an Authorized User and you create a volunteer event through the Services, other Authorized Users at the applicable Client will be able to view, copy, and use that information.

We may use Collected Information to analyze, develop, and improve our products and services to inform fundraising, marketing, and communication plans and strategies, and to provide you with information about additional products or services that you request or that we believe are relevant or may be of interest to you, subject to applicable laws and the terms of this Privacy Policy.

We may aggregate and anonymize personal information and other Collected Information to create anonymous aggregate data on Service users, which describes users as a group but does not reveal the identity of individual users. We may provide that data in response to a government request or to other third parties for lawful purposes and we may use that data to understand Service users’ needs, to determine Service user demographics and usage patterns, to determine what kinds of products and services we can provide, and to improve and enrich our products and services.

We do not share Collected Information with third parties for marketing purposes and we never sell your personal information to anyone or any organization. We may, however, share Collected Information with third parties without notice to you under the following certain circumstances:

Third-Party Websites, Social Media, and Outside Services

Our Services may contain links to or be linked to websites, products, and services, including social media sites such as Facebook and Twitter, not maintained or controlled by CyberGrants. Those third-party websites may place cookies or other tracking technologies on your computer or personal device. Information collected by third-party websites is governed by their privacy practices, not this Privacy Policy. You should read the privacy policy for each website that you visit. We are not responsible for the privacy policies or practices of any third parties or third-party websites, including how they collect, use, disclose, distribute, or maintain information.

We are not responsible for protecting any User-Generated Content you post on our Services or on social media web pages associated with CyberGrants. Any User-Generated Content you post on our Services or associated social media pages is unprotected and may be viewed by anyone with access to the applicable website or service, including, but not limited to, Client(s), Authorized Users, and other users of our Services.

User-Generated Content published on our Services or associated social media sites may also appear in search engine results (such as Yahoo!, MSN, Google, and other search engines) and in the cache of those search engines, feeds, and third-party websites pursuant to cobranding agreements. We have no control over updating and/or removal of User-Generated Content that appears on websites not controlled by CyberGrants, which is solely the responsibility of the search engines, third-party websites, and RSS web feed resources.

You acknowledge and agree that CyberGrants is not liable for the information published in search results or by any third party website that carries any User-Generated Content or personal information published on our sites or associated social media sites.

Choice/Opt-Out

We communicate with Authorized Users on a periodic basis via email or phone to resolve or investigate customer service issues. We may also use Authorized User email addresses to confirm your philanthropic activity and to send notices and other disclosures as required by law. Authorized Users can remove himself or herself as a qualified donor by contacting the applicable Client's Human Resources department.

If you subscribe to our blog or otherwise opt in to receive promotions or communications from us, you will need to submit your email address. We will use this information to send you blog posts and other electronic communications. We may use third-party email providers to deliver these communications to you. CyberGrants offers you control over your privacy preferences regarding promotional e-mail. You may update these preferences at any time. Please allow sufficient time for your preferences to be processed.

You may opt out of receiving promotional e-mails from us when registering for an account by unchecking the box that asks whether you would like to receive e-mail updates about new features, products, and services.

You may unsubscribe from receiving promotional e-mails of certain types (or a companywide unsubscribe) at any time by following the unsubscribe instructions contained in the applicable email. When you receive a promotional e-mail from CyberGrants, it will contain a link that allows you to unsubscribe, however, you will continue to receive non-promotional e-mails from us, such as communications regarding the Services.

Accessing and Correcting Personal Information

CyberGrants needs your help in keeping the personal information you have shared with us accurate and up to date. If you have a CyberGrants account, you may, depending on the type of account, be able to make these updates yourself online by logging into your CyberGrants account.

CyberGrants is primarily a data processor and not authorized by our clients (the data controller) to correct, modify, or remove your Personal Information without a client’s consent. If you are an Authorized User, please first contact the applicable Client’s Human Resource department to request to correct, modify, or remove your personal information from the CyberGrants Services. If your Human Resource department is unable to help with your request, please contact us at cgsupport@cybergrants.com or privacy@cybergrants.com.

If you do not have a CyberGrants account and wish to access or update your personal information as it exists in our records, please contact us at cgsupport@cybergrants.com or privacy@cybergrants.com.

Children’s Privacy

Our Sites and other Services are not directed at children under the age of 13. CyberGrants does not knowingly collect or use information from children under the age of 13 through the Services.

Access from Outside the United States

If you are accessing or using our Services from outside the United States, please be aware that Collected Information may be transferred to, stored in, and processed in the United States (where our and our service providers’ servers and databases are located and operated). The data protection and related laws and regulations of the United States might not be as comprehensive as those in the country from which you are accessing the Services.

Important Notices to Non-U.S. Residents/EU-U.S. Privacy Shield Certification/ Swiss-U.S. Privacy Shield Certification

CyberGrants complies with the EU-U.S. and Swiss-U.S. Privacy Shield Frameworks as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information from European Union member countries and Switzerland to the United States, respectively. CyberGrants has certified to the Department of Commerce that it adheres to the Privacy Shield Principles of Notice, Choice, Accountability for Onward Transfer, Security, Data Integrity and Purpose Limitation, Access, and Recourse, Enforcement and Liability. If there is any conflict between the policies in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification page, please visit https://www.privacyshield.gov.

To adhere and comply with EU-U.S. and Swiss-U.S. Privacy Shield principles and requirements, CyberGrants is providing the following information and notice:

It is important to note that the CyberGrants sites and our servers are operated in the United States. If you are located outside of the United States, please be aware that any personal information you provide to us will be transferred to the United States. Your employer is the data controller and CyberGrants is the data processor. Your employer as the data controller determines the purpose and means of processing the personal data. CyberGrants then collects, records, organizes, stores, and adapts the personal data to interact with CyberGrants Software and Services. By using the CyberGrants’ Services and by providing us personal information in any manner, you consent to this transfer and our use of the information and data provided by you in accordance with this Privacy Policy except in the case of data transfers from the EEA and Switzerland, which are covered under the EU-U.S. and Swiss-U.S. Privacy Shield Frameworks.

In compliance with the EU-U.S. and Swiss-U.S. Privacy Shield Principles, CyberGrants commits to resolve complaints about your privacy and our collection or use of your personal information. European Union or Swiss individuals with inquiries or complaints regarding this privacy policy should first contact us at: Privacy@cybergrants.com.

We will investigate your question, respond to your inquiry, and attempt to resolve any concerns regarding your privacy question. Cyber Grants has further committed to refer unresolved privacy complaints under the Privacy Shield Principles to BBB EU PRIVACY SHIELD, a non-profit alternative dispute resolution provider located in the United States and operated by the Council of Better Business Bureaus. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit http://www.bbb.org/EU-privacy-shield/for-eu-consumers for more information and to file a complaint.

For residual complaints not resolved through these channels, under certain conditions, to invoke binding arbitration before a Privacy Shield Panel, pursuant to Annex I of the Framework.

CyberGrants will expeditiously respond to your complaints regarding human resources data. First contact your employers’ Human Resources Department to access, amend, or remove your personal information or any other complaint regarding your personal information. If your employer does not respond within an expedient timeframe, then CyberGrants will respond and attempt to resolve your complaint. With respect to complaints involving human resources data collected in the context of the employment relationship, CyberGrants commits to cooperate with the panel established by the EU data protection authorities (DPAs) and the Swiss FDPIC and to comply with their advice.

Important Notices for EU General Data Protection Regulation (GDPR)

CyberGrants has updated internal policies to align with EU General Data Protection Regulation (GDPR). Please visit our policy statement located here EU General Data Protection Regulation (GDPR).

Security

To view our security measures please see our Security Statement , which is incorporated into this Privacy Policy.

We use SSL (Secure Sockets Layer). This measure of protection is used by many electronic commerce sites and on-line banks to protect personal and financial information.

CyberGrants will not retain your personal data longer than is necessary to fulfill the purposes for which it was collected or as required or permitted by applicable laws or regulations. For personal information that we process on behalf of our clients, we will retain that personal information in accordance with the terms of our agreement with each client, subject to applicable law.

If you become aware of any breach of Service security or this Privacy Policy, please notify us at privacy@cybergrants.com immediately. If our security system is breached, we will notify you of the breach only if and to the extent required under applicable law.

Contact Us: Inquiries, Access, and Updating Your Personal Data

Questions regarding this Privacy Policy or CyberGrants’ information practices should be directed to the CyberGrants Privacy Officer at privacy@cybergrants.com, by calling 978-824-0300, or by mailing CyberGrants LLC, 300 Brickstone Square, Suite 601, Andover, MA 01810.