Welcome to the Fluxx Labs Inc. (“Fluxx”) Privacy Policy (“Privacy Policy”) and Cookie Statement Page. Fluxx respects your privacy and is committed to protecting your Personal Data (defined below). It is important that you read this Privacy Policy and Cookie Statement so that you are fully aware of how and why we are using your Personal Data. This page contains the following:

 

Fluxx Privacy Policy

The Privacy Policy also tells you about your privacy rights and how the law protects you. If you have any questions, or would like to exercise your privacy rights, please follow the instructions in the Privacy Policy.
Contact Fluxx About Privacy

The Privacy Policy contains the following information:

  1. Our Platform
  2. Personal Data that We Collect About You
  3. Minors
  4. How We Use Your Personal Data
  5. Information We Share
  6. Cookies (and Related Technologies)
  7. Advertising, Marketing and Your Communication Preferences
  8. Social Plugins on Our Platform
  9. International Transfers
  10. Legal Bases for Processing Personal Data
  11. Data Security
  12. Data Retention
  13. EEA Rights: Staying In Control of Your Information
  14. Updates to this Privacy Policy

 

1. Our Platform

Fluxx provides secure cloud-based business solutions to the philanthropic community. Our products support education, collaboration, clarity, and organization amongst management of the grantmaking and grant submission process for foundations as well as for nonprofits and other giving individuals or organizations. This Privacy Policy tells you how Fluxx uses your Personal Data when you visit our website at https://fluxx.io (“Site”) and interact with our platform, which also includes the Grantmaker web application (“Grantmaker App”), Grantseeker web application found at grantseeker.fluxx.io (“Grantseeker App”), our mobile applications, and office plugins (collectively with the Site, the “Platform”).

When we mention “FLUXX”, “we”, “us” or “our” in this Privacy Policy, we are referring to Fluxx Labs Inc. data collection practices through the Site, as well as what we collect through our Grantmaker App and Grantseeker App. However, our Grantmakers and Grantseekers may each collect additional information from you and use that information for purposes other than those set forth below.

2. Personal Data that We Collect About You

“Personal Data” (or personal information) means any information about an individual from which that person can be identified. For instance, it may include your name, telephone number, email address, or payment information, and in some places like the European Economic Area (“EEA”) even your IP address. However, it does not include anonymous data – where any identifiers connected to an individual have been permanently removed.

We collect a variety of Personal Data about our customers and visitors to the Platform in different ways.

Categories of Personal Data that We Collect

The Personal Data that we collect falls into these general categories (with some overlap in some instances):

  • Identity Data: such as title, first name, last name, username or similar identifier and an encrypted version of your login/password. If you interact with us through social media, this may include your social media username.
  • Contact Data: includes billing address, delivery address, email address and telephone numbers.
  • Profile Data: includes your username and password, preferences, feedback and survey responses, as well as any profile data which we have added (for example, using analytics and profiling).
  • Financial Data: such as payment card details, and tax ID numbers.
  • Transaction Data: includes details about purchases and payments to and from you and other details relating to your activity on the Platform.
  • Technical Data: such as internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access the Platform.
  • Usage Data: includes information about how you use our Platform, products and services.
  • Tracking Data: this is information we or others collect about you from cookies and similar tracking technologies, such as web beacons, pixels, and mobile identifiers that capture certain identifiers when you browse our Site or click on third-party links.
  • Marketing and Communications Data: includes your preferences in receiving direct marketing from us and our third parties, as well as your communication preferences.

We also collect, use and share Aggregated Data such as statistical or demographic data for any purpose. Aggregated Data may be derived from your Personal Data but is not considered Personal Data in law as this data does not directly or indirectly reveal your identity. For example, we may aggregate your Usage Data to calculate the percentage of users accessing a specific feature on the Site. However, if we combine or connect Aggregated Data with your Personal Data so that it can directly or indirectly identify you, we treat the combined data as Personal Data which will be used in accordance with this Privacy Policy. We do not – and do not wish to – collect any special categories of Personal Data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data and criminal convictions and offences). Know that if you choose not to share certain Personal Data with us, or refuse certain contact permissions, we might not be able to provide the services you need. This is especially true of Identity Data, which is necessary for us to enable your use of the Platform, or of Financial Data, which we need to collect and retain in order to validate and record any financial transactions on the Platform.

How and When We Collect Your Personal Data

We use different methods to collect Personal Data from and about you:

Direct interaction with the Platform. You may provide us your Identity, Contact and Financial Data by registering on the Platform (including via the Grantmaker App or Grantseeker App) or by corresponding with us, mostly by email or through social media. This includes Personal Data you provide when you:

  • create an account on the Site;
  • register for the Grantmaker App or Grantseeker App;
  • make inquiries or request information be sent to you;
  • engage with us on social media;
  • contact customer services; or
  • leave comments or reviews

Automated technologies or interactions. As you interact with us, such as browsing our Site, we may automatically collect Technical Data about your equipment, browsing actions and patterns. We may also collect Tracking Data when you use our Site, or the Grantmaker App and Grantseeker App, or when you click on one of our advertisements (including those shown on third-party websites such as Linkedin or Facebook).

Third parties or publicly available sources. We may receive Personal Data about you from various types of third parties, including:

  • Technical Data and/or Tracking Data from analytics providers, advertising networks and partners, and search information providers (such as Google);
  • Identity and Contact Data from data partners; and
  • Data from any third parties who are permitted by law or have your permission to share your Personal Data with us, such as via social media or review sites, including Facebook or other social media.

3. Minors

Fluxx recognizes the privacy interests of children and we encourage parents and guardians to take an active role in their children’s online activities and interests.

Our Platform and services are not intended for minors and Fluxx does not target any of its services to minors. FLUXX does not knowingly collect Personal Data from minors. If you are under the age of 18, please do not register and do not provide us with any Personal Data.

4. How We Use Your Personal Data

We will only use your Personal Data as allowed by law. In general, we will use your Personal Data in the following circumstances:

  • Where we need to perform the contract we are about to enter into or have entered into with you. For example, when you register with the Grantseeker App in order to access and use the production level product featureset, or if you provide information when you become an employee of Fluxx, both are considered contracts with Fluxx.
  • Where it is necessary for our legitimate interests, which may include our business interests, but only where your interests and fundamental rights do not override those interests. For example, when we analyze issues that users encounter, or when we analyze system performance.
  • Where we need to comply with a legal or regulatory obligation. For example, keeping Financial and Transactional Data for tax compliance.

Generally, we do not rely on consent as a legal basis for processing your Personal Data other than where the law requires it, for example in relation to sending certain direct marketing communications. Where our legal basis is consent, you have the right to withdraw consent any time.

For our EEA users and visitors, see Legal Bases for Processing Personal Data to find out more about the lawful bases that we will rely on to process your Personal Data.

5. Information We Share

Fluxx does not sell, rent, or trade your Personal Data with third parties other than as disclosed within this Privacy Policy. We may share your Personal Data with the categories of third parties listed below, or for certain specific purposes.

GrantMakers and Grantseekers

As a software platform designed to connect grantmakers and grantseekers, Grantseekers are able to access their data on the Grantmaker Platform to manage their grant application and grant management activity.

Agents and contractors

Fluxx may share Personal Data with our third party agents, contractors, or service providers who are hired to perform services on Fluxx’s behalf. These providers may operate or support certain functions of the Platform, or process Personal Data on our behalf in order to assist us with certain functions. Below is an illustrative list of functions for which we may use third-party service providers and the names of the providers we may use to perform these functions:

  • Analytics services (e.g., Google Inc.)
  • Email marketing outsourcing (e.g., Sendgrid)
  • User feedback (e.g., Doorbell)
  • Auditors and professional advisers like bankers, lawyers, accountants and insurers
  • Advertising services (e.g., AppsFlyer)
  • Customer support services (e.g., Salesforce or Zendesk)
  • Hosting and content delivery network services (e.g., Amazon Web Services)
  • Social Media plug-ins (e.g., Linkedin)
  • Mouse flow analytics (e.g., Hotjar) 

These agents and contractors are only allowed to use the information shared with them for the specific tasks we have requested them to do and consistent with this Privacy Policy, and for no other purposes. Fluxx takes steps to ensure that all service providers with access to Personal Data are capable of protecting the information we share with them.

Public forums and community areas

We offer users the ability to use forums and similar means of public discussion. If you use any messaging, posting or chat functions on Fluxx, you should be aware that any Personal Data submitted there will be available to anyone who has access to that content, including other users, and can be read, collected, or used by other users of these forums, and could be used to send unsolicited messages. We are not responsible for how other individuals use the information posted in this manner.

Legal disclosures

We may disclose Personal Data about you as required or permitted by law and/or to comply with a judicial proceeding, court order, or legal process. To the extent permitted by applicable law, we also may disclose Personal Data about you in response to a request from law enforcement agencies, regulators or other public agencies (including schools or children services), or if we believe such disclosure may prevent a crime, facilitate an investigation related to public safety or fraud, protect the security or integrity of our Platform, or enable us to take precautions against liability or to protect our rights.

Business transfers

We may disclose or otherwise transfer information about our users, including Personal Data, to an acquirer, successor, or assignee as part of any merger, acquisition, sale of assets, or similar transaction, or in the event of an insolvency, bankruptcy, or receivership in which information is transferred to one or more third parties as one of our business assets.

Information via Cookies

We also share data with third parties connected to advertising, retargeting and analytics. Please see Cookies below, including the cookie list, for more information about who those third parties are.

Anonymized Information

We share aggregated, automatically-collected or otherwise non-personal information with third parties for various purposes, including (i) compliance with reporting obligations; (ii) for business or marketing purposes; (iii) to assist us and other parties in understanding our users’ interests, habits and usage patterns for certain programs, content, services, advertisements, promotions and/or functionality available through the Platform. We do not share personal information about you in this case.

6. Cookies (and Related Technologies)

A cookie is a small text file that is stored on a user’s computer for record-keeping purposes. When you visit or access the Platform, we may by means of cookies, beacons, tags, scripts, and/or similar technologies automatically collect technical information about the devices and software you use to access the Platform, such as the type of Internet browser or mobile device you use, the website or source that linked or referred you to the Platform, your IP address or device ID (or other persistent identifier that uniquely identifies your computer or mobile device on the Internet), the operating system of your computer or mobile device, and other similar technical information.

You can see more information about the cookies we use including who they belong to, their ID and why they are used. We’ve also included links to the third-party websites where you can go to find out more.

Technical, analytics, and usage information

We use both session ID cookies and persistent cookies. Fluxx tracks users use of the Platform.

These same technologies (or a combination of them) may also be used to help us:

  • Capture and store users’ preferences, account settings, and certain login information (mainly for convenience, user verification, and account security) – this is designed to make your experience with the Platform as easy as possible. For instance, this allows you to switch between devices and know where you left off.
  • Compile statistics and analytics about your use of and interaction with the Platform, including details about how and where our Platform is accessed, how often you visit or use the Platform, the date and time of your visits, your actions on the Platform, and other similar traffic, usage, and trend data. These analytic tools allow us to better understand the functionality of our mobile software on your device and gain insights about how mobile software is used in order to improve your experience;
  • Gather important functionality, testing, and performance data about our Platform, including performance data related to our mobile application, such as networking activity, CPU load, and resource usage;
  • Moderate user behavior on the Platform, for security and auditing purposes; and
  • Gather demographic information about our user base.

We may use third party tools and technologies to help us gather this information discussed above. For instance, we use Google analytics to collect and process certain analytics data with technologies such as tracking pixels. Typically, all technical, analytics, and usage information is gathered by FLUXX in anonymous form and does not identify you personally.

Advertising and Marketing

As further described in Advertising, Marketing and Your Communication Preferences below, FLUXX partners with third party advertisers, ad server companies, and ad networks (collectively, “External Partners”) that use cookies, beacons, tags, tracking pixels and scripts and other tracking technologies in order to collect data such as IP address, device ID, and other information about your computer or the device from which you are accessing the Platform, including information about your activities on the Platform.

What does this mean? When you click on a link to an External Partners on our Site, that External Partner will drop a cookie (or similar tracking technologies) and likely capture and collect your device ID or IP address, as well as information about your device, operating system, the geographical location of the device (i.e. Usage, Technical and/or Tracking Data primarily) so that it can track your activity on the Site and when you visit other sites, unless you blocked cookies as described below.

These External Partners may also download non-personally identifiable cookies to your computer, or use other technologies such as “web beacons” to measure the effectiveness of their ads and to personalize advertising content. Their use of your Personal Data will be governed by the terms of their privacy policies and their privacy policies may explain the way in which you can “opt-out” of certain tracking by their advertisements.

Your choices

Most web and mobile device browsers automatically accept cookies, but if you prefer, you can set your browser to refuse cookies or to notify you each time a cookie is set. You can learn more about cookies by visiting www.allaboutcookies.org, which includes additional useful information on cookies and how to block cookies using different types of browsers or mobile devices.

If you disable or refuse cookies, please note that some parts of this Site may become inaccessible or not function properly.

Fluxx does not process or respond to web browsers’ “do not track” signals or other similar transmissions that indicate a request to disable online tracking of users who visit or use our Platform.

7. Advertising, Marketing and Your Communications Preferences

We may use your Identity, Contact, Technical, Tracking, Usage and Profile Data to better tailor our services or provide you with more relative information about what may be of interest to you. This is what we call direct marketing.

We may carry out direct marketing by email if you are a registered user. For example, you might receive our newsletter, which will always contain a link to unsubscribe that you can click on if you no longer wish to receive the newsletter.

External Partners

Tracking Data, and in particular cookies, help us to deliver website and social advertising that we believe is most relevant to you and to potential new customers of FLUXX. The cookies used for this purpose are often placed on our website by our External Partners. This includes retargeting.

If you want more information about Tracking Data, in particular cookies, see Cookies above.

Almost all the cookies that relate to advertising are part of third party online advertising networks via our External Partners. Certain advertisements that appear on the Platform are sometimes delivered (or “served”) directly to users by our External Partners. Some of these External Partners automatically receive certain of your Personal Data through your interaction with an advertisement, as described above in Cookies.

Some of our External Partners are members of the Network Advertising Initiative or the Digital Advertising Alliance, which you can learn more about at these links:

http://www.networkadvertising.org
http://www.networkadvertising.org/choices
http://www.aboutads.info

If you do not wish to receive our personalized ads, please visit their opt-out pages at the above links to learn about how you may opt out of receiving personalized ads from member companies. On the Grantmaker App and Grantseeker App, you can change your privacy settings in your device settings and implement Apple iOS Limit Ad Tracking.

8. Social Plugins on Our Platform

We may use social plugins on our Platform and may include icons that allow you to interact with third party social networks. For example, you may sign in using your Facebook account. If you use any social plugins, the relevant third party may set a cookie when your browser creates a connection to the servers of such social networks and the plugin may transmit your data to the social networks.

Your use of these social plugins is subject to the privacy policies of the third party social networks. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our website, we encourage you to read the Privacy Policy of every website you visit.

9. International Transfers

Fluxx is based in the United States. The Personal Data that we collect is sent to and stored on secure servers located in the United States. Such storage is necessary in order to process the information.

In addition, Fluxx operates globally, and works with Grantmakers and Grantseekers throughout the world. As such, Fluxx may transfer Personal Data collected through or from Grantmakers and Grantseekers to its servers in the United States. We may also process or transfer your Personal Data to the third parties mentioned in the circumstances described above (see Information We Share), which are also likely to be situated outside of your country or regional area. In particular, information provided to us or collected by us likely will be transferred to and processed in the United States by us or our agents and contractors.

You are advised that the United States uses a sectoral model of privacy protection that relies on a mix of legislation, governmental regulation, and self-regulation. The European Union’s General Data Protection Regulation (“GDPR”) allows for transfer of Personal Data from the European Union to a third country in certain situations. By agreeing to the terms of use and this Privacy Policy, you agree and consent to the transfer to the United States of America, which may not offer an equivalent level of protection to that required in other countries, particularly the EEA, including the processing (as described in this Privacy Policy) of your Personal Data by Fluxx (as well as its agents or third-party processors) on servers located in the United States. Fluxx will take reasonable steps to ensure that your privacy rights continue to be protected, including, in our discretion, adopting other means, such as entering into Model Contract Clauses (as defined in the GDPR), or enter into different certification programs such as the Privacy Shield under applicable law for ensuring adequate safeguards.

10. Legal Bases for Processing Personal Data

The table below shows the different ways that we use Personal Data, and which of the legal bases we rely on to do so.

Purpose/Activity Type of Personal Data (non-exhaustive list) Lawful basis for processing

To sign you up and register you as a new customer, or to register for the Grantseeker App or Grantmaker App

  • Identity Data
  • Contact Data

Performance of a contract with you – i.e., to enable your use of the Platform

To track payment processing information including:

(a) Manage payments, fees and charges;

(b) Collect and recover money owed to us or our partners

  • Identity
  • Contact
  • Financial
  • Transaction

 

Performance of a contract with you – i.e., in order to enable you to track payments.

Necessary for our legitimate interests – i.e., to enable a variety of services on the Platform, and to recover debts due to us

To manage our relationship with you which will include:

(a) Notifying you about changes to our terms or Privacy Policy;

(b) Asking you to leave a review or take a survey

  • Identity
  • Contact
  • Profile
  • Marketing and Communications

 

Performance of a contract with you – i.e., to ensure that you are up-to-date on any changes to your settings and our services

Necessary to comply with a legal obligation – i.e., to inform you of any changes to our terms of use or this Privacy Policy

Necessary for our legitimate interests – i.e., to keep our records updated and to study how customers use our Platform and services
 

 To deliver direct marketing to you

  • Identity
  • Contact
  • Profile
  • Usage
  • Marketing and Communications
  • Tracking
  • Technical

For most direct marketing communications where you have signed up on the Platform, it is in our legitimate interests to use your Personal Data in this way 

To administer and protect the Platform, including: hosting of data, troubleshooting and bug fixes, analysis, testing, maintenance, and reporting

  • Identity
  • Contact
  • Technical
  • Tracking

Performance of a contract with you – i.e., to enable your use of the Platform

Necessary for our legitimate interests – i.e., to run our business and provide a functional and secure Platform, to provide administration and IT services, for network security, to prevent fraud

Necessary to comply with a legal obligation – i.e., if there are any specific security issues with the Platform
 

To deliver relevant website content and advertisements to you and measure or understand the effectiveness of the advertising we serve to you

  • Identity
  • Contact
  • Profile
  • Usage
  • Marketing and Communications
  • Technical
  • Tracking

Necessary for our legitimate interests - i.e., to understand how customers use our products/services, to develop new features and enhance existing ones, to grow our business, to inform our marketing strategy

To improve our Platform, services, user experience and marketing strategy by using data analytics

  • Technical
  • Tracking
  • Usage

 

Necessary for our legitimate interests – i.e., to best connect users to our services, to keep our Platform updated and relevant, to develop our business and to inform our marketing strategy, and to attract new foundations and grantseekers 

To make suggestions and recommendations to you about additional features or services that may be of interest to you

  • Identity
  • Contact
  • Profile
  • Usage
  • Technical

Necessary for our legitimate interests – i.e., to enhance our current offerings, develop new features, increase our business and user base 

To detect, prevent and report unlawful acts, including fraud and bad actors

  • Identity
  • Contact
  • Financial
  • Transaction
  • Technical
  • Tracking

Necessary for our legitimate interests – i.e., to protect our users and business from bad actors, fraudulent or unlawful activities

Necessary to comply with a legal or contractual obligation – i.e., to report bad actors or unlawful acts, to share Personal Data for the purposes of law enforcement

In order to resolving legal claims (including existing claims/litigation and potential disputes) involving you or Fluxx

  • All Personal Data 

Necessary for our legitimate interests – i.e., to defend our business in the event of a dispute or assist users where their legal claims against a third party stem from their activity on our Platform

Necessary to bring or defend a claim
 

Note that we may process your Personal Data for more than one lawful ground depending on the specific purpose for which we are using your data.

We do not carry out any automated decision making.

Please contact us if you have any questions.

11. Data Security

We have implemented – and continually improve – a number of security measures to protect your Personal Data from being accidentally lost, used or accessed in an unauthorized way, altered or disclosed. For instance, we may use firewalls, password protection, secure socket layer, database encryption, and other security measures to help prevent unauthorized access to your personal data.

In addition, we limit access to your Personal Data to our employees, agents, contractors and other third parties who have a business need to know. They will only process your Personal Data on our instructions and they are subject to a duty of confidentiality.

We have implemented procedures to handle any suspected Personal Data breach (or unauthorized access) and will notify you and any applicable regulator of a breach as legally required.

12. Data Retention

We will only keep your Personal Data for as long as necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. In some circumstances you can ask us to delete your data; see EEA Rights: Staying in Control of Your Information: Your Legal Rights below for further information.

General Retention Periods

Subject to exceptions as required or permitted by applicable law, we retain Personal Data that is necessary for your use of the Platform as long as you are a user of the Platform. Given the nature of our services and tax-related matters, we retain certain Financial Data and related information for as long as required by law.

Meta data on the Platform which is needed for the purposes of IT security and maintaining the Platform in general, can be retained for the prevention of fraud and abuse, and therefore will be retained for such purpose for a period of up to two years. This includes (for instance) IP address and MAC Address.

Exceptions

There are exceptions from static retention periods that have to be taken into consideration. For instance, we cannot delete Personal Data when there are legal obligations to retain the Personal Data (e.g. arising from tax or commercial law). This is particularly true of data Financial Data and payment information.

Additionally, we cannot delete Personal Data when it is needed for the establishment, exercise or defense of legal claims (“litigation hold”). In this case, the Personal Data can be retained as long as needed for exercising respective potential legal claims.

Time frame of deletion

If Personal Data can no longer be retained it will be erased without undue delay, generally within one month, unless exceptions apply.

Anonymization

In some instances, we may choose to anonymize your Personal Data instead of deleting it, for statistical use, for instance. When we choose to anonymize, we make sure that there is no way that the Personal Data can be linked back to you or any specific user.

13. EEA Rights: Staying in Control of Your information

If the General Data Protection Regulation applies to you because you are in the EEA, you have specific rights in relation to your Personal Data, beginning with a right to be informed, which is an obligation on us to inform you how we use your Personal Data (and that’s what we’re doing in this Privacy Policy).

With respect to all of the rights listed below, please click in order to exercise your rights.

  • Your right to rectification
    You have a right to rectify, update or complete any inaccurate Personal Data, pending verification of your identification. To request a review or rectification of personal data, please contact us.
  • Your right of access
    You have the right to obtain a copy of all Personal Data that Fluxx holds about you, such as personal details, correspondence, marketing preferences, consent information, complaints, queries and payment history, generally, within a 30 day time limit and free of charge. You may limit the amount of data that you would like to obtain if you do not wish to access all of the records.
  • Your right to move your data (portability)
    Under certain circumstances you can request that a data collector move your data to another service provider. This is not an automatic right.
  • Your right to object to processing
    You have to right to request that FLUXX stop certain data processing activities that involve processing your Personal Data. This isn’t an automatic right, and FLUXX’s ability to restrict processing will depend on the type of data that for which you are making this request.
  • Your right to request deletion
    You have a right to request that FLUXX delete your Personal Data that it holds. This isn’t an automatic right, and what FLUXX is able to delete will depend on the type of data that FLUXX holds about you, whether it was obtained via consent, what purpose it serves, and whether FLUXX has an obligation to keep the data, among other things.
    Note that unless you request deletion, and such request is determined to be appropriate, while you remain a user, we’ll process and retain your data as described in this Privacy Policy in order to enable you to use the Platform. Once you stop being a user, we will hold your data as described in the data retention section.

These rights are subject to certain rules around when you can exercise them. You can see a lot more information on them, if you are interested, on the UK Information Commissioner’s Office website, for instance.

For all requests mentioned above, we may need to request specific information from you to help us confirm your identity and ensure your right to access your Personal Data (or to exercise any of your other rights). This is a security measure to ensure that Personal Data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.

You will not have to pay a fee to access your Personal Data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.

We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.

In addition:

  • You have a right to lodge a complaint with a Supervisory Authority
    If you feel that FLUXX is not processing your Personal Data in a manner that complies with the GDPR, you have a right to lodge a complaint with the supervisory authority of your country of residence. Of course, we would appreciate the chance to deal with your concerns before you approach a supervisory authority, so please contact us in the first instance
  • You have a right to withdraw your consent
    For activities where you have provided consent to FLUXX, you have a right to withdraw your consent at any time.
  • Your rights in relation to automated decision making and profiling
    That’s a right you have for us to be transparent about any profiling we do, or any automated decision making.

If you are an individual in the EEA and wish to exercise any of the rights set out above, please contact us (Also see How to Contact Fluxx About Privacy).

14. Updates to this Privacy Policy

Fluxx may update this Privacy Policy from time to time. If we decide to change our Privacy Policy, we will post those changes to this Privacy Policy on the home page, and other places we deem appropriate, along with a change notice where we feel that it is necessary so that you are aware of what information we collect, how we use it, and under what circumstances, if any, we disclose it. We may also elect to send users a notice of any changes via email. If any modification is unacceptable to you, you should stop using the Platform. Also, the GDPR is very recent, and new guidance on how organizations such as ours should apply it is likely to be issued on a piecemeal basis, so you may see small updates to our Privacy Policy as this evolves. We recommend to all of our users and visitors to check in on occasion and review this Privacy Policy, as well as those of the different partners discussed above.

Fluxx Cookie Statement

As we explain in the Privacy Policy, a cookie is a small text file that is stored on a user’s computer for record-keeping purposes. When you visit or access the Site, the Grantmaker App or the Grantseeker App, we (or certain third parties) may, by means of cookies, beacons, tags, scripts, and/or similar technologies, automatically collect technical information about the devices and software you use to access the Platform. This includes the type of Internet browser or mobile device you use, the website or source that linked or referred you to the Site or application, your IP address or device ID (or other persistent identifier that uniquely identifies your computer or mobile device on the Internet), the operating system of your computer or mobile device, and other similar technical information.

Why cookies? By definition, a web server has no memory. Cookies help fill this void by telling the server what it knows so that the user doesn't have to remember or start navigating the site all over again each time he or she visits it. For this to happen, a hosted website you are visiting, such as our Site, transfers a cookie file of the browser on your computer’s hard drive in order to enable the website to remember who you are and your preferences. This message exchange allows the server to use this information to present you with customized pages. So, for example, instead of seeing just a generic welcome page you might see a welcome page with your name on it.

Cookies serve different purposes: some are necessary to ensure optimal performance of the Platform (i.e., ‘session’ or ‘strictly necessary’ cookies), while others provide information about the Platform so that we may perform analytics or suggest additional features (i.e., ‘analytics’ or ‘tracking’ cookies).

First and foremost, as explained above, cookies help our Site, the Grantmaker App and the Grantseeker App work better so that you can have a flawless experience – like logging in easily, and moving from page to page, or from device to device, and basically allowing you to easily pick up where they left off.

Other cookies collect information about how visitors use our Platform – for instance which pages visitors go to most often, and if they get error messages from web pages. These cookies don't collect information that identifies a visitor. All of the data that these cookies collect is aggregated and used to improve our Platform.

There are cookies that collect information about your browsing habits in order to make advertising delivered to you more relevant to you and your interests. These are what we often call ‘tracking’ cookies. They are usually dropped by advertising networks with our permission. They remember that you have visited our Site (and others) and this information is shared with other organizations such as advertisers.

Lastly, you should also know that when you use our Platform, your device or browser may be sent cookies from third parties, for example when using embedded content and social network links. It's important for you to know that we have no access to or control over cookies used by these companies or third-party websites. We suggest you check the third-party websites for more information about their cookies and how to manage them.

Cookie List & Table

This Cookie Page consists of a table that specifically tells you the who, what and why of third-party cookies, including vendor name, cookie ID, purpose of the cookie and where available, a link to the vendor’s privacy practices. To the extent possible, we update this table on a yearly basis.

Vendor Cookie ID Purpose More information

 LinkedIn

 BizoID, lang, UserMatchHistory, lidc, bcookie, bscookie

Advertising purposes. These cookies identify you on LinkedIn so we can target prospective customers more effectively. They are used by LinkedIn and us for advertising retargeting purposes.

https://www.linkedin.com/
legal/privacy-policy

 Hubspot

__hs*, hubspotutk, hsPagesViewedThisSession, hsfirstvisit 

Cookies set by HubSpot to keep track of visitors on fluxx.io. 

https://knowledge.hubspot.com/
articles/kcs_article/reports/what-cookies-does-hubspot-set-in-a-visitor-s-browser

 SendGrid

 

Cookies tracking clicks and opens of email content sent to users on grantseeker.fluxx.io

https://sendgrid.com/policies/
privacy/services-privacy-policy/
 

Greenhouse

__utma, __utmz, __zlcmid

For Fluxx candidate recruiting management purposes.

https://www.greenhouse.io/
privacy-policy

Optimizely

optimizely*

Cookies set by Optimizely to run tests on grantseeker.fluxx.io

https://www.optimizely.com/
privacy/

Google Analytics

_ga, gtag.js, analytics.js, ga.js

Google Analytics cookie, used to distinguish users and review website traffic on fluxx.io and grantseeker.fluxx.io

https://developers.google.com/
analytics/devguides/collection/
analyticsjs/cookie-usage

Amplitude

deviceId, userid

Amplitude tracks Device ID and User ID to track unique site visitors.

https://amplitude.com/privacy

Google Adwords

conversion.js

These cookies are used to make advertising messages more relevant to You.

https://adssettings.google.com/
authenticated?hl=en#display_optout

Facebook

c_user, presence, datr, xs, dpr, fr, sb, wd, act

These cookies are used to make advertising messages more relevant to You.

https://www.facebook.com/
policies/cookies/

Hotjar

mp_*

Cookies set by Mixpanel to run track usage for product development and improvement for grantseeker.fluxx.io

https://www.hotjar.com/legal/
policies/cookie-information

Doubleclick

_ym_uid, C3UID, C3UID-112, DSID, IDE

These cookies are used to make advertising messages more relevant to You.

https://support.google.com/
ds/answer/2839090?hl=en

Cloudflare

__cfduid, _biz*, trwv.uid

Cloudflare cookies for hosted resources (required to build site frontend)

https://www.cloudflare.com/
cookie-policy/

 

Controlling Cookies

Most web and mobile device browsers automatically accept cookies, but if you prefer, you can set your browser to refuse cookies or to notify you each time a cookie is set. You can learn more about cookies by visiting www.allaboutcookies.org, which includes additional useful information on cookies and how to block cookies using different types of browsers or mobile devices.

If you disable or refuse cookies, please note that some parts of this Site may become inaccessible or not function properly.

Fluxx Contact Information

If you have any questions about this Privacy Policy, or would like to exercise any of your rights, please email us or write to us with your letter addressed to: Data Privacy Manager, 77 Maiden Lane, Fl 4, San Francisco, CA 94108

If you need help about our products and services, or this Site generally, please contact us.