We collect the following personal information from you:
We also collect the following information from you:
When you download and use our Services, we automatically collect information on the type of device you use, operating system version, and the device identifier (or "UDID"). We do not collect your location-based information.
We do not and will not sell or rent your personal information to anyone, for any reason, at any time. Only the organizations and candidates you Round Up for will receive your contact information, including your name, address, email, and for political contributions, any other information required by law (i.e. occupation, employer, and place of business). MyChange uses and discloses your personal information only as follows:
We may also disclose your personal information as required by law, such as to comply with regulatory inquiries or government requests, a subpoena, or similar legal process and when we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, or to investigate fraud.
If the personal information on file for you changes, or if you no longer desire our service, you may correct, update, amend, delete/remove, or deactivate it by making the change on our user information page or by emailing us.
We will retain your personal information for as long as your account is active or as needed to provide you Services. We will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
We use both session ID cookies and persistent cookies. A session ID cookie expires when you close your browser. A persistent cookie remains on your hard drive for an extended period of time. You can remove persistent cookies by following directions provided in your Internet browser’s “help” directory.
If you reject cookies, you may still use our site, but your ability to use some areas of our site, such as contests or surveys, will be limited.
We employ [or our third party advertising partner employs] a software technology called clear gifs (a.k.a. Web Beacons/Web Bugs), that help us better manage content on our site by informing us what content is effective. Clear gifs are tiny graphics with a unique identifier, similar in function to cookies, and are used to track the online movements of Web users. In contrast to cookies, which are stored on a user’s computer hard drive, clear gifs are embedded invisibly on Web pages and are about the size of the period at the end of this sentence. We do not tie the information gathered by clear gifs to our customers’ personally identifiable information.
225 Broadway, Suite 2625
New York, NY 10007
Last updated August 25, 2017
MyChange takes your security seriously. MyChange is built with America’s most trusted financial technologies.
MyChange utilizes “bank grade” security programs and is built with America’s most trusted financial technology, working with all of the largest banks, 9,000 smaller financial institutions and millions of consumers. Our financial partner meets the highest standards in data security, privacy, and regulatory compliance and maintains comprehensive security procedures, policies, controls, and reviews across every aspect of their technology.
We do not typically receive any information from data providers that is considered personally identifiable information (PII) under the relevant regulations. As a precaution, all sensitive information is encrypted, and decryption is only possible with dedicated hardware in our private network. Private keys are split and stored securely via both hardware and software encryption on a set of physical devices held by a small group of key custodians. A strict rotation schedule is maintained for all encryption keys.
Separate access controls are utilized for each security layer, and multi-factor authentication is required for any and all access to the financial infrastructure. Access to servers and infrastructure is logged and audited regularly with immediate alerts for changes in access patterns or file modifications. Strict control of inbound and outbound access is applied at all levels of the network. All infrastructure is scanned and patched regularly to reduce the risk of known vulnerabilities.
We are proud to work with Stripe, trusted by thousands of companies worldwide. Stripe is certified to PCI Service Provider Level 1, the most stringent level of certification.
Together, our financial technology partners are trusted by the following clients:
If you suspect that there has been any unauthorized activity on your account, please contact us immediately at firstname.lastname@example.org. We will contact you about unusual account activity for protection against fraud.