YourCause Platform Terms of Service
EU-US Privacy Shield
YourCause has certified that it adheres to the Privacy Shield Principles of Notice, Choice, Accountability for Onward Transfer, Security, Data Integrity and Purpose Limitation, Access, and Correction, Enforcement and Dispute Resolution.
To minimize any risk of our customers’ data, we conduct all vulnerability testing on a quarterly basis by using independent security researchers. Keeping our customers’ data secure is our number-one priority and any possibility of potential violations are reported to us.
Intrusion Detection System
To protect our network, data and system’s integrity, YourCause uses Alert Logic Threat Manager to assess any possible vulnerabilities and/or threats of intrusion. In this age, you cannot always protect data from outside intruders with just a password and firewall, so we amp our security measurements by using an Intrusion Detection System to locate and terminate any malicious activity.
Information Security Policy
Our security policy protects people and information by setting the rules for expected behavior from our users, system administrators, management and security personnel. That being said, each employee of YourCause has signed and agreed to the following policy to help minimize risk and track compliance with regulations and legislation.
Information Sensitivity Policy
The Information Sensitivity Policy helps YourCause employees determine what information is allowed to be disclosed to non-employees, as well as the relative sensitivity of information that should not be disclosed outside of YourCause without proper authorization.
The YourCause Ethics Policy reflects the high standard of business conduct that represents the hallmark of our organization. Our Ethics Policy affirms our commitment to not merely obeying the law, but also to conduct our business with integrity and without deception.
YourCause and GDPR – YourCause ensures that it will comply with all Data Processor requirements under the GDPR by May 25, 2018 by implementing appropriate security measures to protect the sensitivity of each person’s data, providing a system to seek the consent of data subjects, creating procedures to notify our clients of any security breaches, updating our contracts and policies, and appointing a Data Protection Officer (DPO).
YourCause will ensure that it allows the erasure or deletion of specific personal data and puts in place measures to fully implement any erasure or deletion request within the timeframe required by the Data Controller and applicable law. Upon termination for any reason of the provision of services, YourCause will immediately cease processing the personal data. At the Data Controller’s request, YourCause will either return or delete the personal data from our system.
In the event of a data breach, YourCause will notify the relevant Data Controller of any breach without undue delay once we learn of any breach.
As a Data Processor, YourCause uses a standard GDPR Agreement. You can download this agreement here. This agreement is posted as of May 18, 2018, and last updated on May 18, 2018.