Privacy Statement

Last updated: June 4, 2021

Thank you for choosing to be part of our community at Shift.Org Inc. (“Shift”, “we”, “us”, or “our”). We are committed to protecting your Personal Information and your right to privacy. If you have any questions or concerns about our statement, or our practices with regards to your Personal Information, please contact us at info@shift.org. This privacy statement is incorporated by reference into the Terms of Service (the “Terms of Service”) When you visit our website ("the Website") and use our services, you trust us with your Personal Information. In this privacy statement, we seek to explain to you in the clearest way possible what information we collect, how we use it and what rights you have in relation to it. If there are any terms in this privacy statement that you do not agree with, please discontinue the use of our Website or our services. By using the Website, you authorize Shift to process Personal Information, and collect, use and disclose information as described in this privacy statement. For purposes of this statement, Personal Information means any information relating to an individual from which that person is or can be directly or indirectly identified ("Personal Information").

Personal Information We Collect

We collect different types of information that may contain your Personal Information, such as:

  • first and last name, job title or position, physical mailing or delivery address, business, personal, or military email address, phone or fax, area of responsibility, and other similar data that is provided to us;
  • personal military information such as rank, military occupational specialty code, air force specialty code, stationed military base, military email address, expiration term of service date, branch, and duty status;
  • usernames and passwords, and any security information used to authenticate access to our Website or services; your preferences related to receiving updates or communications from us, including your individual marketing preferences;
  • current and historical information about how you use our Website or services, which may include technical information about your devices used to access our Website or services, such as operating system or IP address, as well as other information collected by us automatically, such as individual usage details and clickstream data, and other browsing actions and patterns; and
  • any other correspondence you submit to us through our Website that contain your Personal Information.

By using our Website, you consent to the collection of categories of Personal Information specified above. If we determine to use your Personal Information for any other reason not specified above, we will either ask you directly for your expressed consent, or provide you with an opportunity to say no. At any time, you may withdraw your consent for us to contact you, for the continued collection, use or disclosure of your information by contacting us at info@shift.org or mailing us at: Shift.org Inc., 660 4th Street, #700, San Francisco, CA, 94107, United States.

How We Collect Personal Information

Customer Support. The Website may collect Personal Information through your communications with a Shift support team member.

Location and Device Information from Your Mobile Device. Shift collects and stores your location and device information, including persistent identifiers, such as device identification numbers and/or your Internet Protocol (IP) address, which is the number automatically assigned to your smartphone/computer whenever you access the Internet and that can sometimes be used to derive your general geographic area. Shift will also collect your geo-location. This data is derived from location services on your phone. We use this information for the legitimate purpose of improving the Website and our services by improving the Shift platform by refining device information related to the collection of data for your experiments, and developing product features, optimizations, and enhancements. We also use this information to provide you with customized offers from us.

Cookies, Automatic Data Collection, and Related Technologies. The Website collects and stores information that is generated automatically as you use it, including your preferences and anonymous usage statistics.

When you use the Website, we and our third-party service providers may receive and record information on our server logs from your browser, including your IP address, and from cookies and similar technology. Cookies are small text files placed in a user’s computer browser to store the user’s preferences. Most browsers allow you to block and delete cookies. However, if you do that, the service may not work properly. You can usually find out information about how to delete cookies on your browser through a “help” menu.

Below is a list of cookies that we currently use. In the event you'd like to opt-out, please email us at info@shift.org

  • _session_id, unique token, sessional, which allow us to store information about your session (referrer, landing page, etc).
  • _secure_session_id, unique token, sessional

Analytics Services. Shift may use third-party tools to collect and aggregate anonymous information about how users interact with the Website by their use of cookies, web beacons, and other technologies, and we use this aggregated information to adapt, modify and/or improve the Website for the benefit of our users and partners. If you do not wish to have these tools collect anonymous information about your activities on the Website then you should not use the Website.

Social Sign-On. The Website collects Personal Information from social media websites when you opt in to use that social media website’s credentials to log into the Website. For example, when you log in with your Facebook credentials, Shift collects the Personal Information you have made publicly available in Facebook, such as your name, and email address.

How We Use Your Information

Shift uses Personal Information to:

  • facilitate and improve the Website;
  • provide you with notices that pertain to your use of the services;
  • respond to correspondence that we receive from you;
  • provide marketing and advertising; and
  • communicate with you.

Internal and Website-Related Usage. We use information, including Personal Information, for the legitimate purpose of improving the Website. For example, if you create a Shift account, we may store and use the information you provide during that process, such as your full name, email address, zip code, physical address, and other information you may provide with your account, such as your phone number, preferred location(s) for opportunities. We may disclose your first name and last name, as well as other content you submit through the registration process, as part of your account profile and to our business partners which only pertain to relevant opportunities for you. You can modify some of the information associated with your account through your profile and account settings. If you believe that someone has created an unauthorized account depicting you or your likeness, you can request its removal by emailing us at info@shift.org.

We may also store information about your use of the service, such as the pages you view, the date and time of your visit, opportunities you are interested in, and transactions you make through the service. We may also store information that your computer or mobile device may provide to us in connection with your use of the service, such as your browser type, type of computer or mobile device, browser language, IP address, advertising identifier, and location. You may be able to limit or disallow our use of certain location data through your device or browser settings, for example by adjusting the "Location Services" settings on your device.

Communications. We will communicate with you by email using the email address you provide to us to verify your account and for informational and operational purposes, such as account management, and system maintenance.

If you provide your cell phone number, communications also include text messages. We will communicate with you by text message to provide you updates on your application, alerts about relevant opportunities, promotions, and reminders from Shift.org. Message frequency varies.

Text messages may be sent using an automatic telephone dialing system or other technology. Consent to receive marketing text messages is not required as a condition of using the Website or our services. You may opt out at any time.

Marketing. We use information, including Personal Information, for the legitimate purpose of providing you advertising and marketing via the Website.

You may opt out of receiving certain marketing materials from Shift by sending an email to info@shift.org.

How We Share Your Personal Information

We may share your information:

  • with service providers for the purpose of providing you with the services;
  • to comply with legal obligations;
  • to protect and defend our rights and property or the safety of other users; and
  • with your permission.

Vendors and Service Providers. We share information with our vendors and service providers who provide administrative and technological support for our services. Those vendors and service providers are under contractual obligations to us maintain the confidentiality of your Personal Information that we disclose to them and only use the Personal Information at our direction.

In general, the third-party providers used by us will only collect, use and disclose your information to the extent necessary to allow them to perform the services they provide to us. However, certain third-party service providers, such as payment gateways and other payment transaction processors, have their own privacy policies in respect to the information we are required to provide to them for your purchase-related transactions. For these providers, we recommend that you read their privacy policies so you can understand the manner in which your Personal Information will be handled by these providers.

In particular, remember that certain providers may be located in or have facilities that are located in a different jurisdiction than either you or us. So if you elect to proceed with a transaction that involves the services of a third-party service provider, then your information may become subject to the laws of the jurisdiction(s) in which that service provider or its facilities are located.

As an example, if you are located in Canada and your transaction is processed by a payment gateway located in the United States, then your Personal Information used in completing that transaction may be subject to disclosure under United States legislation, including the Patriot Act.

Once you leave our store’s website or are redirected to a third-party website or application, you are no longer governed by this privacy statement or our website’s Terms of Service.

Marketing. We do not rent, sell, or share your Personal Information with other people or nonaffiliated companies for their direct marketing purposes without your consent. We may, however, allow access to other data collected by the Website to enable the delivery of online advertising on and through the Website, or otherwise facilitate transmittal of information that may be useful, relevant, valuable or otherwise of interest to you. For example, we may target advertising towards you based upon your Personal Information without sharing your Personal Information with a third party. If you respond to such advertising, then the third party may deduce that you meet certain characteristics (e.g., you are a woman between the ages of X and Y). In all cases, Shift may market our services to you directly, and such third party advertisers may also market their services to you directly. Information collected through the Website shall be available to us and to such third parties subject to this privacy statement.

As Required By Law and Similar Disclosures. We may access, preserve, and disclose your Personal Information, other account information, and content if we believe doing so is required or appropriate to: comply with law enforcement requests and legal process, such as a court order or subpoena; respond to your requests; or protect yours’, ours’ or others’ rights, property, or safety.

Merger, Sale, or Other Asset Transfers. If Shift is involved in a change in control, merger, acquisition, financing due diligence, or reorganization, bankruptcy, receivership, sale assets, your information may be sold or transferred as part of such a transaction as permitted by law and/or contract. We cannot control how such entities may use or disclose such information.

We may also disclose your Personal Information with your permission and to fulfill your requests.

Security

Shift has administrative and technological measures in place to protect information, including Personal Information in our care. We use various safeguards such as SSL, data encryption, obfuscation of personal identifiable information (such as email address, IP Address, etc.), internal and external data security processes and procedures to protect the personal information submitted to us, both during transmission and once we receive it. However, no method of transmission over the Internet or via mobile device, or method of electronic storage, is 100% secure. Therefore, while we strive to use commercially acceptable means to protect your personal information, we cannot guarantee its absolute security.

Our payment solution is hosted with Stripe. They provide us with the online e-commerce platform that allows us to sell our products and services to you. Your data is stored through Stripe's data storage, databases and the general Stripe application. They store your data on a secure server behind a firewall.

If you choose a direct payment gateway to complete your purchase, then Stripe stores your credit card data. It is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS). Your purchase transaction data is stored only as long as is necessary to complete your purchase transaction. After that is complete, your purchase transaction information is deleted.

All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover.

PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.

For more insight, you may also want to read the Terms of Service here or privacy statement here.

Retention

We will retain Personal Information while you maintain an account with us. Should you delete your account, we will retain your Personal Information only as necessary to protect our legal rights, and the rights of other users.

Children

We do not knowingly solicit or receive information from children under the age of 16. Please contact us promptly if you believe we might have collected any information from a child under the applicable age of consent in your country, so that we may appropriately investigate and address the issue.

Linked Websites

We may provide hyperlinks to other sites for your convenience that are not covered by this statement. If you click on any such hyperlink, we recommend that you read the relevant privacy notice to make sure you are comfortable with the applicable privacy and data security practices that govern, which may be different than as described in this statement.

International Users

By using the Website, you will transfer data to the United States.

By choosing to visit the Website or otherwise provide information to us, you agree that any dispute over privacy or the terms contained in this privacy statement will be governed by the law of the State of California and the dispute resolution provisions set forth in the Terms of Service.

If you are visiting from the European Union or other regions with laws governing data collection and use, please note that you are agreeing to the transfer of your information to the United States and processing globally. By providing your information you consent to any transfer and processing in accordance with this privacy statement.

If you wish to withdraw your consent for the use and sharing of your Personal Information pursuant to this privacy statement, then you will need to terminate your account and cease all use of the Website. You can deactivate your account by sending an e-mail to info@shift.org or mailing us at: Shift.org Inc. 660 4th St, #700, San Francisco, CA, 94107, United States.

If you reside in the European Union, you have certain rights under the EU General Data Protection Regulation in regards to your Personal Information. These include the following rights:

  • The right to access. You have the right to access and receive a copy of the Personal Information that we have about you,
  • The right to rectification. You have the right to correct any inaccuracies in our records. You lasso have the right to request to complete information you believe is incomplete.
  • The right to erasure. Under certain conditions, you have the right to request us to delete or remove your Personal Information from our records. In the event that you request that we delete your Personal Information, we will delete your account and remove from our records any Personal Information that is not necessary to (1) ensure that we do not contact you in the future, (2) protect our legal rights and the rights of other users, or (3) to the extent required by law. In addition, while we will make every effort to remove your data from our system, we do not have control over personal data that you publish to others, including posts made to social media.
  • The right to restrict processing. You have the rights to request that we restrict the processing of your Personal Information, under certain conditions. The right to object to processing. You have the right to object to our processing of your Personal Information, under certain conditions.
  • The right to data portability. You have the right to request that we transfer he data that we have collected to another organization, or directly to you, under certain conditions.

If you wish to exercise these rights, please email us at info@shift.org. If you make a request, we have one month to respond to you.

Your California Privacy Rights

Under the California “Shine The Light” law, California residents may opt out of our disclosure of Personal Information to third parties for their direct marketing purposes. You may choose to opt out of this sharing at any time by submitting a request to info@shift.org. This opt out does not prohibit disclosures made for non-marketing purposes or for marketing by Shift.

Changes to Our Privacy Statement

We reserve the right to modify this privacy statement at any time, so please review it frequently. Changes and clarifications will take effect immediately upon their posting on the website. If we make material changes to this statement, we will notify you here that it has been updated, so that you are aware of what information we collect, how we use it, and under what circumstances, if any, we use and/or disclose it. You agree to be bound by such modifications or revisions. Nothing in this privacy statement shall be deemed to confer any third-party rights or benefits.

If our company is acquired or merged with another company, your information may be transferred to the new owners so that we may continue to sell products to you.

Questions and Contact Information

If you would like to: access, correct, amend or delete any Personal Information we have about you, register a complaint, or simply want more information contact our Privacy Compliance Officer at info@shift.org or by mail at Shift.org Inc. 660 4th St, #700, San Francisco, CA, 94107, United States