Last updated: January 2021
Application and Scope
1. Type of Personal Information We Collect About You
We collect information about you directly from you and from third parties, as well as automatically through your use of the WFA Group Services. Read More Information We Collect Directly from You. When you use the WFA Group Services, we may collect from you the following information:
2. If you are an End -User:
WFA Group may collect the following personal information from you (which we refer generally to as “End-User Data”):
- First Name
- Last Name
- Phone (mobile) Number
- Email Address
- State / Province
- Zip / Postal Code
- Phone & Email Notification Preferences
- Credit Card Token
- Last 4 Digits of Credit Card
Further, when you place a bid, we may collect the following additional information about you (which we refer to as “End-User Bid Data”):
- End User Identification ID
- Auction Item Identification ID
- Desired Bid Amount
- Desired Maximum Bid Amount
- Time Bid was Placed
We also collect the following information in relation to winning bids, donations and purchases from an auction (which we refer to as “End-User Invoice Data”):
- Winning Bid Amount
- End User Identification ID
- Payment Type ID
- Payment Date
3. If you are a Customer:
WFA Group may collect the following personal information from you (which we refer to generally as “Customer Data”):
- Customer Name
- Contact First Name
- Contact Last Name
- Event Name
- Event Keyword
- Signup Date
- State / Province
- Zip / Postal Code
- Customer Phone
- Customer Email
- Event ID
- Software Purchase Record(s)
- Software Add-on Record(s)
- Checking Account Routing Number
- Checking Account Number
Information We Collect Automatically.
We may automatically collect the following information when you use the WFA Group Services: your browser type and operating system; the pages you view; links you click; your IP address; the length of time you spend on the WFA Group Services; the content you serve us (including media files and XML files). We also aggregate data about End-Users’ and Customers’ use of the WFA Group Services, such as page views over time and general geographic regions of website activity. We may combine this information with other information that we have collected about you, including, where applicable, your user name, name and other personal information.
Information We Collect from Third Parties. We do not collect information about you from third parties such as social media sites.
4. How Do We Use Your Personal Information?
We generally use your personal information to provide the WFA Group Services, for our own internal purposes as well as for marketing and advertising purposes, although in this last case, subject to your right to withdraw consent provided by this Policy. We may also anonymize and/or aggregate personal information so that it no longer identifies you, and use it for any legal purpose. Read More WFA Group may use your personal information for the following purposes:
- to provide the WFA Group Services to you, to communicate with you about your use of our WFA Group Services, to respond to your inquiries, to fulfill your orders, and for other customer service purposes;
- to tailor the content and information that we may send or display to you, to offer personalized help and instructions, and to otherwise personalize your experiences while using the WFA Group Services. For example, we may customize the language of the WFA Group Services.
- to better understand how End Users and Customers access and use the WFA Group Services, both on an aggregated and individualized basis, in order to improve our Website, the WFA Group App, the WFA Group Platform and more generally, the WFA Group Services and respond to your desires and preferences and for other research and analytical purposes. For example, we may use this information to modify the navigation on the WFA Group Website in order to make certain pages more easily accessible;
- to administer surveys and questionnaires;
- to comply with applicable legal or regulatory obligations, including as part of a judicial proceeding; to respond to a subpoena, warrant, court order, or other legal process; or as part of an investigation or request, whether formal or informal, from law enforcement or a governmental authority; and
- to protect the safety, rights, property, or security of WFA Group, the WFA Group Services, any third party or the general public; to detect, prevent, or otherwise address fraud, security or technical issues; to prevent or stop activity that WFA Group, in its sole discretion, may consider to be, or to pose a risk of being, an illegal, unethical, or legally actionable activity; to use as evidence in litigation; to conduct audits and to enforce this Policy, our Terms of Service, our Website Terms and Conditions and any other agreement we have entered into with you.
In addition WFA Group may use personal information as follows:
- End User Data: WFA Group uses this data to assist Customers in keeping accurate data on their donors. This data also allows an End User to receive important software updates via automated alerts and alerts from the Customer.
- End User Bid Data: WFA Group uses this data to manage bid histories and current bids on silent auction items created by a Customer. These histories allow WFA Group to determine winners, and items necessary for payment.
- End User Invoice Data: WFA Group uses End User Invoice Data to show the End User that they have yet to pay or have paid for their auction totals. This data is a list of auction items, donations and purchases that the End User has made during the auction.
- Customer Data: WFA Group uses this data to assist in overall communication with the Customer using WFA Group. The data is used to send emails, invoices, ACH payments (where applicable) and link to external services like payment processors. This data is also used to organize auction items, bids and other data relevant to the Customer.
5. Sharing Your Personal Information
WFA Group is not in the business of selling your personal information. We consider this information to be a vital part of our relationship with you. There are, however, certain circumstances in which we may share your personal information with certain third parties without further notice to you, as set forth below for the purposes detailed in this Policy. Read More We may share personal information as follows:
We share End User Data about End Users interacting with a Customer Event with the Customer conducting such event. This may include both personal information, such as End Users’ names and email addresses, and aggregate information, such as the number of End Users who used the WFA Group Services or the most popular content visited by End Users. We share End User Invoice Data with the Customer in charge of the related Customer Event, who can also use this data to check on the status of an End User in the payment process as well as pull statistics on the entire event to see where there was success and potential improvements for future events.
- Third Party Applications and Services: If you utilize or elect to use one or more third party applications that interoperate with WFA Group Services, those applications may upon your use be given access to data (which may include your personal information) on WFA Group’s systems generated in connection with your use of WFA Group Services. For example, integrating WFA Group with Salesforce or other CRM tools.
- We may disclose your personal information to our affiliates or subsidiaries for the purposes described in this Policy; however, if we do so, their use and disclosure of your personal information will be subject to this Policy.
- Service Providers. We may share the information we collect about you to third party vendors, service providers, contractors, processors or agents who provide services on our behalf such as mailing information, maintaining databases and processing payments. When we employ another company to perform a function of this nature, we only provide them with the information that they need to perform their specific function. Our service providers include: i) Amazon Web Services (AWS): we store and secure your personal information in our Virtual Private Cloud (VPC) service provided by AWS.
SendGrid: WFA Group will provide SendGrid email addresses and email content to this service to send emails through a reliable service. In some of the cases the content of the email will contain names, End User numbers, address information, etc.
Twilio: WFA Group will provide Twilio phone numbers to send you text messages through a reliable service. In some of the cases the content of the message will contain names, End User numbers, address information, etc.
Third Party Payment Processors (Bambora, Authorize.net, Stripe, Braintree, Priority Payments, Clear Payments): WFA Group may provide these service providers with your name, email and phone number to process your payment store in their respective vault.
ii) Braintree Payments (PayPal): WFA Group will provide Braintree Payments End User name, phone, and email data in addition to organizational name, phone, and email data to process payments. This data is then stored on Braintree vaults.
A note on credit card numbers: In an effort to maintain the highest level of security, WFA Group leverages hosted fields or iFrames whenever possible. This means that credit card data is never transmitted through WFA Group’s network. Data is sent directly to the third party payment processor and token data is sent back to WFA Group for storage. Therefore, an End User or Customer entering credit card data on any WFA Group site is transmitting it directly to the card processor and bypassing any WFA Group Service.
- Business Transfers. If we are or may be acquired by or merged with another company, if any of our assets are transferred to another company or as part of a bankruptcy proceeding, we may transfer the information we have collected about you to the other company.
In Response to Legal Processes. We may also disclose the information we collect about you in order to comply with the law, a judicial proceeding, a court order, or another legal process, such as in response to a subpoena.
To Protect Us and Others. We may also disclose the information we collect about you where we believe it is necessary to investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the safety of any person, violations of our Terms of Service, our Website Terms and Conditions or this Policy, or as evidence in litigation involving WFA Group.
Aggregate and De-Identified Information. We may share aggregate or de-identified information about End Users and Customers with third parties for marketing, advertising, research or similar purposes.
- Cookies are small text files that are saved on your device’s hard drive through your web browser for record-keeping purposes.
Web beacons are small image files that have information about you, such as your IP address, that can be downloaded when you visit a website or open an e-mail.
Single pixel gifs, are small image files similar to web beacons that allow our third-party tracking tools to gather information, such as your IP address, and provide this back to us in an anonymized aggregate form (i.e. in a manner where we cannot identify you). Aggregate information refers to personal information compiled and expressed in a summary form where no personal identifiers are included.
Other technologies, such as Data Management Platform (DMP) services and analytics engines such as Google Analytics, which pull usage data from multiple sources and help manage and collect this data to use for personalization, customizing content and other methods to gain insights into our customers’ needs and preferences.You may delete or disable certain of these technologies at any time via your browser. However, if you do so, you may not be able to use some of the features on the WFA Group Services. Read Less
7. Withdrawing your consent
Your Consent to our collection, use or disclosure of your personal information may be withdrawn at any time, subject to legal or contractual restrictions and reasonable notice. If you withdraw your consent to the collection, use and disclosure of personal information for purposes that are necessary to provide the WFA Group Services, we may limit the services that we are able to provide to you.
8. Retention of Your Personal Information
We store your personal information for only as long as necessary to fulfill the purposes for which it was collected, except where otherwise required or permitted by law. Once no longer required, your personal information will be securely destroyed or anonymized (so the information no longer identifies you). Please note that if your personal information is collected by a third party, it will be retained in accordance with the privacy policies and records retention requirements of that third party.
9. Third-Party Links
WFA Group Services may contain links to third-party websites, [such as the website of a Customer in charge of a given Customer Event]. Any access to and use of such linked websites is not governed by this Policy, but instead is governed by the privacy policies of those third party websites. We are not responsible for the information practices of such third party websites.
10. Security of Your Personal Information
We have implemented technical and organizational measures to protect the information we collect from loss, misuse, and unauthorized access, disclosure, alteration, and destruction. These measures include physical, administrative and electronic (technological) security measures that are reasonable given the sensitivity of the personal information collected, the amount, distribution and format of the personal information, and the methods of storage. Read More For instance, WFA Group encrypts your password information. To protect all data at WFA Group, we leverage Virtual Private Cloud (VPC) services from Amazon Web Services. In addition, all our data is organized using indexes to avoid data corruption or data duplication. We also employ data filtering methods on our web layer to avoid malicious data from being executed on our database and potentially compromising our information. Regarding payment data, we automatically remove credit card tokens after a specific number of days to avoid maintaining any lingering information. We only retain Customer tokens (a way to know which card to charge) for the purposes of renewal of the Customer’s license for the following year. However, there is always a certain level of risk involved when personal information is collected, processed and stored and we are unable to guarantee the security of your personal information. You should take steps to protect against unauthorized access to your password, phone, and computer by, among other things, signing off after using a shared computer, choosing a robust password that nobody else knows or can easily guess, and keeping your log-in and password private. We are not responsible for any lost, stolen, or compromised passwords or for any activity on your account via unauthorized password activity. Read Less
11. Access to Your Personal Information
You may modify personal information that you have submitted to us by emailing email@example.com and providing the updates to your information. Please note that copies of information that you have updated, modified or deleted may remain viewable in cached and archived pages of the WFA Group Services for a period of time. At any time, End Users can request to have their personal information removed from our system and we will comply without undue delay in accordance with applicable law. We will remove the End-User data from our system and it will no longer be available within the WFA Group Platform.
12. Cross-border Transfer of Information
WFA Group maintains servers and systems in the United States hosted by third party service providers. We also may subcontract the processing of your personal information to, or otherwise share your personal information with, other third parties in the United States or jurisdictions other than your country or Province of residence. As a result, your personal information may be accessed by the courts, law enforcement and national security authorities of these jurisdictions. Where the personal information that we collect through or in connection with the WFA Group Services is transferred to and processed in the United States or anywhere else outside or your country or Province of residence for the purposes described in this Policy, we will take steps to ensure that the information receives an adequate level of protection.
13. Forums and Comments
If you use a forum or post comments on the WFA Group website, you should be aware that any personal information you submit there can be read, collected, or used by other users of these forums, and could be used to send unsolicited messages. WFA Group is not responsible for any personally information you choose to submit in that context or anything arising from such submissions. To learn more, please review our Acceptable Use Policy.
14. Changes to This Policy
This Policy is current as of the Effective Date set forth above. We may change this Policy from time to time, so please be sure to check back periodically. We will post any changes to this Policy on the WFA Group website and WFA Group App. If we make any changes to this Policy that materially affect our practices with regard to the personal information we have previously collected from you, we will endeavor to provide you with notice in advance of such change by highlighting the change.
15. Legal Disclaimer
WFA Group operates “AS-IS” and “AS AVAILABLE,” without liability of any kind. WFA Group is not responsible for events beyond our direct control.
16. Contacting WFA Group
If you have any questions about how we handle your personal information or about this Policy, please contact us by email at firstname.lastname@example.org or by postal mail at WFA Group LLC., #427, 4411 Bee Ridge Road, Sarasota, FL 34238.