This Privacy Policy (“Policy”) describes and governs the information collection, use, and sharing practices of IMAST Inc. (“IMAST,” “we,” “us,” and “our”) with respect to your use of IMAST mobile application, microdonation service, tools, promotions, and any other services that reference this Policy (collectively, the “Services”).
Before you use or submit any information through or in connection with the Services, please carefully review this Policy. By using any part of the Services, regardless of how you access the Services, you consent to the collection, use, and disclosure of your information as further outlined in this Policy. IF YOU DO NOT AGREE TO THIS POLICY, PLEASE DO NOT USE THE SERVICES. We will continue to evaluate this Policy as we update and expand the Services and our offerings, and we may make changes to the Policy accordingly. Any changes will be posted here and you should check this page periodically for updates. If we make material changes to this Policy, we will provide you with notice as required by law. Your continued use of the Services will signify acceptance of the terms of the updated Policy.
Undefined capitalized terms used herein shall have the definitions as set forth in our Terms of Use.
1. Information We Collect
We collect information in multiple ways, including when you provide information directly to us, and when we passively collect information from you, such as from your browser or device.
1.1 Information You Provide Directly To Us
We may collect information from you in a variety of ways, such as when you:
Register for an account;
Complete your Member profile;
Donate to a Campaign or Charity;
Create a Campaign;
Fill out a survey or provide us with Feedback;
Request certain features (e.g., newsletters, updates, and other products);
Use certain features that require your information to function (e.g., portions of our Services that require log-in to participate);
Communicate with us; or
Post User Content, including comments, to or on any of our Services.
The information you provide directly to us may include, but is not limited to: (i) name; (ii) email address; (iii) mailing address; (iv) phone number; (v) birthdate; (vi) workplace information; (vi) photographs and audio/video content; and (vii) financial information, including information needed to verify your identity. If you are a Campaign Organizer, you may also provide us with a registered non-governmental organization number or other organizational number, along with other information related to your organization.
Our Services may include Campaign boards, chat rooms, forums, message boards, news groups and other community tools that are publicly visible to other Members and users. Please be considerate and respectful of others while using the community to share your opinions. We reserve the right, but do not have the obligation, to review and monitor such postings or any other content on our Services, and to remove postings or content that may be viewed as inappropriate or offensive to others.
1.2 Information that is Passively or Automatically Collected
Device/Usage Information
We may automatically collect certain information about the computer or devices (including mobile devices or tablets) you use to access the Services. As described further below, we may collect and analyze information such as (a) IP addresses, geolocation information, unique device identifiers, IMEI and TCP/IP address, and other information about your computer or device(s), browser types, browser language, operating system, mobile device carrier information, the state or country from which you accessed the Services; and (b) information related to the ways in which you interact with the Services, such as: referring and exit web pages and URLs, platform type, the number of clicks, domain names, landing pages, pages and content viewed and the order of those pages, statistical information about the use of the Services, the amount of time spent on particular pages, the date and time you used the Services, the frequency of your use of the Services, error logs, and other similar information. As described further below, we may use third-party analytics providers and technologies, including cookies and similar tools, to assist in collecting this information.
Cookies and Other Electronic Technologies
We may also collect data about your use of the Services through the use of Internet server logs, cookies and/or tracking pixels. A web server log is a file where website activity is stored. A cookie is a small text file that is placed on your computer when you visit a website, that enables us to: (i) recognize your computer; (ii) store your preferences and settings; (iii) understand the web pages of the Services you have visited; (iv), enhance your user experience by delivering content and advertisements specific to your inferred interests; (v) perform searches and analytics; and (vi) assist with security administrative functions. Some cookies are placed in your browser cache while those associated with Flash technologies are stored with your Adobe Flash Player files. Tracking pixels (sometimes referred to as web beacons or clear GIFs) are tiny electronic tags with a unique identifier embedded in websites, online ads and/or email, and that are designed to provide usage information like ad impressions or clicks, measure popularity of the Services and associated advertising, and to access user cookies. We also may include Web beacons in email messages, newsletters and other electronic communications to determine whether the message has been opened and for other analytics, personalization and advertising. As we adopt additional technologies, we may also gather additional information through other methods.
Please note that you can change your settings to notify you when a cookie is being set or updated, or to block cookies altogether. Please consult the "Help" section of your browser for more information (e.g., Internet Explorer; Google Chrome; Mozilla Firefox; or Apple Safari). You can also manage the use of Flash technologies, including cookies and local storage objects with the Flash management tools available at Adobe's website. Please note that by blocking any or all cookies, you may not have access to certain features or offerings of the Services. Location Information
We may collect different types of information about your location, including general information (e.g., IP address, zip code) and more specific information (e.g., GPS-based functionality on mobile devices used to access the Services), and may use that information to customize the Services with location-based information and features. We may use such information to improve the Services, including providing you with location-based features (e.g. to identify Campaigns that may interest you). To deliver customized content and advertising, we may share your location information with our agents, vendors, or advertisers. If you access the Services through a mobile device and you do not want your device to provide us with location-tracking information, you can disable the GPS or other location-tracking functions on your device, provided your device allows you to do this. See your device manufacturer’s instructions for further details. If you disable certain functions, you may be unable to use certain parts of the Services.
Information from Social Networking Sites and Other Third Parties
We may collect information about you or others through our affiliates or through non-affiliated third parties. For example, you may be able to access the Services through a social networking account, such as Facebook. If you access the Services through your Services account, you may allow us to have access to certain information in your Services profile. This may include your name, profile picture, gender, networks, user IDs, list of friends, location, date of birth, email address, photos, videos, people you follow and/or who follow you, and/or your posts or "likes." Social networking sites, such as Facebook, have their own policies for handling your information. For a description of how these sites may use and disclose your information, including any information you make public, please consult the sites' privacy policies. We have no control over how any third-party site uses or discloses the personal information it collects about you.
We may also collect information about you or others through non-affiliated third parties. For example, to the extent permitted by law, we may, in our sole discretion, ask for and collect supplemental information from third parties, such as information about your organization’s history, information to verify your identity or trustworthiness, or for other fraud or safety protection purposes. We may combine information that we collect from you through the Services with information that we obtain from such third parties and information derived from any other products or services we provide.
1.3 Collection of information across personal devices
Sometimes we (or our service providers) may use the information we collect - for instance, log-in credentials, IP addresses, hashed email addresses, and unique mobile device identifiers - to locate or try to locate the same unique users across multiple browsers or devices (such as smartphones, tablets, or computers), or work with providers that do this, in order to better tailor content, features, and advertising, and provide you with a seamless experience across the devices you use to access the Services.
2. How We Use Your Information
We may use the information we collect from and about you for the following purposes:
For the purposes for which you provided it;
To recognize and authenticate you on the Services;
To initiate or to provide the features, services and products available through the Services;
To send you information about your relationship or transactions with us, account alerts, or other communications, such as newsletters to which you have subscribed;
With your consent, to contact you with information, surveys, or Campaigns that we believe may be of interest to you both regarding our products and Services and those of third parties;
To process and respond to your inquiries or to request your Feedback;
For internal research and reporting;
To improve the content and features of the Services or develop new Services;
To personalize the content and advertising that you see on the Services or on other websites;
For internal recruiting purposes;
With your consent, to call or send you SMS messages regarding your relationship with us or offers or services that may interest you;
To enforce the legal terms that govern your use of the Services; and
To administer and troubleshoot the Services.
Please note that we may combine information that we collect from you and about you (including automatically-collected information) with information we obtain about you from our affiliates and/or non-affiliated third parties, and use such combined information in accordance with this Policy.
We may aggregate and/or de-identify information collected through the Services. We may use de-identified and/or aggregated data for any purpose, including without limitation for research and marketing purposes, and may also share such data with any third parties, including advertisers, promotional partners, Campaign Organizers, and/or others.
3. When We Disclose Your Information
We may disclose and/or share your information to or with any non-affiliated third parties under the following circumstances:
Consent. We may disclose your information to any third parties based on your consent to do so.
Service Providers. We may provide access to or share your information with select third parties who perform services on our behalf, including without limitation marketing, market research, customer support, data storage, analysis and processing, and legal services.
Campaign Organizers or Charities. When you donate to a Campaign or Charity, we disclose only the necessary information with regards to processing your gift aid or tax deductible donation to the Campaign Organizer or Charity.
Protection of IMAST and Others. You acknowledge, consent, and agree that IMAST may access, preserve, and disclose your information and/or any User Content you submit or make available for inclusion on the Services, if required to do so by law or in a good faith belief that such access, preservation, or disclosure is permitted by IMAST’s Privacy Policy or reasonably necessary or appropriate for any of the following reasons: (1) to comply with legal process; (2) to enforce these Terms, our Policy, or other contracts with you, including investigation of potential violations thereof; (3) to respond to claims that any content violates the rights of third parties; (4) to respond to your requests for customer service; and/or (5) to protect the rights, property, or personal safety of IMAST, its agents and affiliates, its users, and the public. This includes exchanging information with other companies and organizations for fraud protection, and spam/malware prevention, and similar purposes.
Business Transfers. As we continue to develop our business, we may buy, merge or partner with other companies. In such transactions, (including in contemplation of such transactions, e.g., due diligence) user information may be among the transferred assets. If a portion or all of IMAST’s assets are sold or transferred to a third-party, customer information (including your email address) would likely be one of the transferred business assets.
Campaigns and Public Forums. Campaigns on our Services may be publicly-accessible. We may also offer community forums. You should be aware that any information you provide in these areas may be read, collected, and used by others who access them. Please also remember that if you choose to provide information on such features of the Services, individuals reading such information may use or disclose it to other individuals or entities without our control and without your knowledge, and search engines may index that information. We therefore urge you to think carefully about what you choose to disclose through such forums and make sure it’s information you want to share publicly.
4. Online Analytics and Advertising
We may use third-party web analytics services (such as those of Google Analytics) on our Services to collect and analyze the information discussed above, and to engage in auditing, research or reporting. The information (including your IP address) collected by various analytics technologies described in the “Cookies and Similar Technologies” section will be disclosed to or collected directly by these service providers, who use the information to evaluate your use of the Services, including by noting the third-party website from which you arrive, analyzing usage trends, assisting with fraud prevention, and providing certain features to you. To prevent Google Analytics from using your information for analytics, you may install the Google Analytics Opt-out Browser Add-on by clicking here. We may also use Adobe Analytics to analyze and optimize the performance of our websites, advertising, and content. To learn more about Adobe’s privacy practices and to make choices regarding Adobe’s tracking activities, please click here. If you receive email from us, we may use certain analytics tools, such as clear GIFs to capture data such as when you open our message or click on any links or banners our email contains. This data allows us to gauge the effectiveness of our communications and marketing campaigns.
5. Notice Concerning Do-Not-Track Signals
Do Not Track (“DNT”) is a privacy preference that users can set in certain web browsers. We do not recognize or respond to browser-initiated DNT signals, as the Internet industry is currently still working toward defining exactly what DNT means, what it means to comply with DNT, and a common approach to responding to DNT. To learn more about Do Not Track, you can do so here.
6. Accessing and Controlling Your Data
In order to ensure that the information we maintain is accurate, you may access certain parts of your information and delete, change, or modify that information in accordance with applicable laws by editing your user profile. You must promptly update your user profile if it changes or is inaccurate. Donors may also be provided with an option of anonymizing certain aspects of their information in connection with a donation, such that the information is not publicly available. Please be advised, however, that Donor information will remain visible to IMAST and to the relevant Campaign Organizers and/or Charities.
Upon your request, we will close your Campaign, Charity or Donor account and remove your Campaign or profile information from view as soon as reasonably possible. Please contact IMAST at info@imast.am to request closure of your account. Please be advised that we may retain information from closed accounts to comply with the law, prevent fraud, collect any fees owed, resolve disputes, troubleshoot problems, assist with any investigations of any Member or user, enforce our Terms of Use, and/or for any other purposes otherwise permitted by law that we deem necessary in our sole discretion. Once you transmit User Content through the Services, you may not be able to change or remove it.
7. Consent to Transfer
Our computer systems are currently based in the North America and Europe so your personal data will be processed by us in one or more of those jurisdictions. The data protection and privacy regulations in each of these jurisdictions may not offer the same level of protection as in other parts of the world. By using the Services, you agree to this Policy and you consent to the transfer of all such information to the jurisdictions identified above, which may not offer a level of protection equivalent to that required in the jurisdiction in which you reside, and to the processing of that information as described in this Policy.
8. Children’s Privacy
Our Services are not designed for use by individuals under the age of 13 (or 16 for children located in Europe). If you are under the age of 13 (or 16 for children located in Europe), please do not use the Services and/or submit any information through the Services. If you have reason to believe that a child under the age of 13(or 16 for children located in Europe) has provided personal information to IMAST through the Services, please contact us at info@imast.am, and we will delete that information from our databases to the extent required by law.
9. Security
We have implemented administrative, technical, and physical security measures to protect against the loss, misuse and/or alteration of your information. These safeguards vary based on the sensitivity of the information that we collect and store. However, we cannot and do not guarantee that these measures will prevent every unauthorized attempt to access, use, or disclose your information since despite our efforts, no Internet and/or other electronic transmissions can be completely secure. Therefore, you should take special care in deciding what information you send to us via email. Please keep this in mind when disclosing any information to IMAST via the Internet.
You may be provided with a password upon creation of your account. We recommend that you immediately change this password and otherwise change your passwords periodically. You are responsible for maintaining the security of your applicable account usernames and passwords. If you believe that your account username and/or password have been stolen or been made known to others, you must contact us immediately at info@imast.am and change your password immediately. We are not responsible if someone else accesses your account(s) through information that they have obtained from you.
10. Financial data and information
We work with Stripe, Inc. (“Payment Processor”) for payment processing services. This platform will request you to disclose them sensitive personal data (e.g. credit card number, account username and password) in order to complete purchases and operations related to our Services. Such third-party payment processing platform is governed by its own safety standards, policies and terms of use. We shall not be liable for its operation, safety or otherwise its functioning. We strongly advise our users to engage in online safety measures in order to protect their financial information, here on this site and elsewhere.
11. Amendments
IMAST may change this Policy from time to time as laws, regulations, industry standards and/or our business evolves. We will post the changes to this page and encourage you to review our Policy periodically to stay informed. If we make changes that materially alter your privacy rights, IMAST will provide additional notice, such as via email or through the Services. If you disagree with the changes to this Policy, you should deactivate your account. Contact info@imast.am if you wish to request the removal of your personal data under our control.
12. Third-Party Links and Services
The Services may contain links to or “frame” third-party websites, applications and other services (e.g., including websites related to Campaigns, their Campaign Organizers and Charities). Please be aware that we are not responsible for the privacy practices of such other sites and services. We encourage our users to be aware when they leave our Services and to read the privacy statements of each and every site they visit that collects their information.
13. Payment Processor
Financial transactions relating to IMAST are handled by Payment Processor. We will share transaction data with the Payment Processor only to the extent necessary for the purposes of processing your payments, refunding such payments and dealing with complaints and queries relating to such payments and refunds. Please note that Payment Processor may collect some personal data from you, which allows them to process your payments (e.g., your email address, address, credit card details, and bank account number). Payment Processor handles all the steps in the payment process through its systems, including data collection and data processing. We do not store your payment details in our systems, unless it is necessary for accounting and administrative purposes.
14. Your EEA Privacy Rights
We are required to state the lawful basis under which we process the personal data of our users from the European Economic Area (“EEA”). Accordingly, the lawful bases upon which we process your personal information are as follows:
Where it is necessary to obtain your prior consent to the processing concerned in order for us to be allowed to do it, we will obtain and rely on your consent in relation to the processing concerned;
Otherwise, we will process your personal data only where the processing is necessary for compliance with a legal obligation to which we are a subject; or
For the purposes of the legitimate interests pursued by us in promoting our business, providing Services to Members pursuant to or legal agreements with them, and in ensuring the security, accessibility and improvement of our Services.
We are the data controller in respect of personal information of our users based in the EEA.
EEA individuals have rights in relation to their personal data, which is processed by IMAST. If you are an EEA data subject, you may, by emailing us at info@imast.am:
Request access to the personal data concerned;
Request that any incorrect personal data about you that we are processing be rectified;
Request that we erase the personal data concerned;
Withdraw your consent at any time where we are processing personal data relating to you on the basis of your prior consent to that processing, after which we shall stop the processing concerned; and
Lodge a formal compliant with your local EEA supervisory authority if you have a complaint about any processing of your personal data being conducted by us.
15. Your California Privacy Rights
15.1 State of California
“Controller” refers to the entity that has certain legal rights to determine the purposes for which personal information will be processed and the means by which that processing will happen. As used in this Privacy Policy, the term also includes entities considered to be “Businesses” under the California Consumer Privacy Act (“CCPA”).
“Processor” refers to an entity that processes personal information solely on behalf of its customer, and not for its own business or legal compliance purposes. As used in this Privacy Policy, the term also includes entities considered to be “Service Providers” under the CCPA.
If you are a California resident, California law requires us to provide you with some additional information regarding how we collect, use, and share your “personal information” (as defined in the CCPA). This section applies only to personal information for which IMAST acts as a Controller or “business”; it does not apply to personal information for which we act as a Processor or “service provider” on behalf of another entity.
15.2 Categories of information collected
Throughout this Privacy Policy, we discuss in detail the specific pieces of personal information we collect. Under the CCPA, we are also required to provide you with the “categories” of personal information we collect. The categories we collect are: identifiers (such as name, address, email address and other contact information); internet or other network or device activity, such as device and usage information; geolocation information; other information that identifies or can be reasonably associated with you, and inferences drawn from any of the above.
15.3 Use and sharing of information
IMAST shall use the personal information as follows:
To respond to questions, concerns, or customer service inquiries, and to otherwise fulfill individuals’ requests;
To send information about our current and future services,
To analyze and improve our website;
To enforce the legal terms that govern our business and online properties;
To comply with law and legal process and protect rights, safety and property; and
For other purposes requested or permitted by you or by others acting on your behalf as part of your requested Services.
15.4 “Sale” of information
State of California residents may opt out of the “sale” of their personal information. We do not “sell” personal information within the meaning of California law.
15.5 California Privacy Rights
If you are a California resident, California law may permit you to request that we:
Inform you of the categories of personal information we have collected about you in the last twelve months; the categories of sources of such information; the categories of personal information that we sold or disclosed about you for a business purpose; the business or commercial purpose for collecting or selling your personal information; and the categories of third parties to whom we have “sold” or otherwise disclosed personal information for a business purpose.
Provide access to and/or a copy of certain information we hold about you.
Delete certain information we have about you.
Certain information is exempt from such requests under applicable law. You also may have the right to receive information about the financial incentives that we offer to you (if any). You also have certain rights under the CCPA not to be discriminated against for exercising CCPA rights. We will take steps to verify your identity before responding to your request, which may include requesting that you respond to an email that we send to you, or otherwise verifying your name, email address or other information that will help us to confirm your identity.
If you are an agent making a request on behalf of a consumer, you must verify that you are authorized to make that request, which may include requiring you to provide us with written proof that satisfies CCPA requirements, such as an appropriate letter signed by the consumer or a power of attorney. We also may require the consumer to verify their identity directly with us.
15.6 California Shine the Light Disclosure
California Civil Code Section § 1798.83 permits users of our Services that are California residents to request certain information regarding our disclosure of personal information to third parties for their direct marketing purpose. We do not share your personal information with third parties for their own direct marketing purposes.
16. Questions About this Policy
If you have any questions about our Policy, you can contact us by emailing us at info@imast.am, Address: IMAST Inc., 701 Tillery Street Unit 12, 1584, Austin, TX, 78702, United States.