Vituity Cares Foundation Point of Collection Notice

California Consumer Privacy Act of 2018 – Point of Collection Notice

The California Consumer Privacy Act of 2018 (the “CCPA”) provides California residents certain rights regarding their Personal Information (as defined below) that we, Vituity Cares Foundation (the “Foundation”), collects about you or the Consumer (as defined below).

For the purposes of the CCPA and this Point of Collection Notice (the “Notice”), a Consumer is defined as an individual residing in the State of California who is acting as a volunteer, donor, programming participant, job applicant, employee, owner, director, officer, or contractor of Vituity Cares Foundation (the “Consumer”).

The CCPA defines Personal Information as information that identifies, describes, or could reasonably be linked with the Consumer (“Personal Information”).  The Foundation is committed to safeguarding the privacy of our Consumers and this Notice serves to inform you of the categories of Personal Information that we collect and the purposes for which those categories of Personal Information are used.

The CCPA does not apply to the following categories of information:

  • Medical information governed by:
    • Confidentiality of Medical Information Act (CMIA)
    • Health Insurance Portability and Accountability Act (HIPAA)
    • Health Information Technology for Economic and Clinical Health Act (HITECH)
    • Genetic Information Nondiscrimination Act (GINA)
  • Privacy data covered by other regulations including:
    • US Gramm-Leach-Bliley Act
    • US Driver’s Privacy Protection Act
    • California Financial Information Privacy Act
  • Information collected by government entities

Categories of Personal Information Collected by the Foundation

The categories of Personal Information collected by the Foundation within the past 12 months may include:

Category Examples Collected? Yes / No
A.      Identifiers A real name, alias, postal address, unique personal identifier, online identifier, internet protocol address, email address, account name, social security number, driver’s license number, passport number, or other similar identifiers. Yes
B.      Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)). Any information that identifies, relates to, describes, or is capable of being associated with, a particular individual, including, but not limited to, his or her name, signature, social security number, physical characteristics or description, address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information. “Personal information” does not include publicly available information that is lawfully made available to the general public from federal, state, or local government records. Yes
C.      Characteristics of protected Classification under California or federal law Race, color, religion (includes religious dress and grooming practices), sex/gender (includes pregnancy, childbirth, breastfeeding and/or related medical conditions), gender identity, gender expression, sexual orientation, marital status, medical condition, military or veteran status, national origin, ancestry, disability, genetic information, request for family care leave, request for leave for an employee’s own serious health condition, request for Pregnancy Disability Leave, Retaliation for reporting patient abuse in tax-supporting institutions, Age (40 or older). Yes
D.      Commercial information Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies. No
E.       Biometric information An individual’s physiological, biological, or behavioral characteristics, including an individual’s deoxyribonucleic acid (DNA), that can be used, singly or in combination with each other or with other identifying data, to establish individual identity. Biometric information includes, but is not limited to, imagery of the iris, retina, fingerprint, face, hand, palm, vein patterns, and voice recordings, from which an identifier template, such as a faceprint, a minutiae template, or a voiceprint, can be extracted, and keystroke patterns or rhythms, gait patterns or rhythms, and sleep, health, or exercise data that contain identifying information. Yes
F.      Internet or other electronic network activity Activity including, but not limited to, browsing history, search history, and information regarding a consumer’s interaction with an internet website, application, or advertisement. Yes
G.     Geolocation data Physical location or movements Yes
H.     Sensory data Audio, electronic, visual, thermal, olfactory, or similar information No
I.       Professional or employment-related information that is not publicly available. Current or past job history or performance evaluations. Yes
J.       Education Information Information that is not publicly available personally identifiable information as defined in the Family Educational Rights and Privacy Act (20 U.S.C. Sec. 1232g; 34 C.F.R. Part 99). Yes
K.      Inferences Information drawn from any of the personal information categories referenced above to create a profile about a consumer reflecting the consumer’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes. Yes

 

Purposes for Collecting Personal Information

The Foundation collects your Personal Information for volunteer background screening purposes, for programming purposes, recruitment, employment, personnel related purposes, fundraising and other business purposes.   Some of the federal laws that impact the screening of our volunteers include the National Child Protection Act of 1993, Volunteers for Children Act of 1998, and the Fair Credit Reporting Act.  In addition to these federal statute laws, laws in many states require background checks for volunteers who work with children.

How the Foundation Obtains Personal Information

The Foundation may obtain Personal Information either directly from you (forms you complete through our website or through other online communications with the Foundation), or indirectly from you (by tracking actions you take on our website).  We may also obtain Personal Information from third-party vendors who perform business services on our behalf or third-parties for whom we are providing programming services.

Sharing Personal Information

The Foundation may disclose your Personal Information to third-parties, with your consent when required by federal and state law,  including third-party agencies for criminal and commercial background checks, service providers with whom the Consumer directs us to share such Personal Information, and service providers that fulfill a specific business purpose (i.e. payroll companies, health/benefits/wellness providers, human resource consultants, staffing agencies, etc.).

Rules Regarding Minors

The Foundation does not knowingly collect Personal Information from minors under the age of 13.  If a child under the age of 13 has provided us with Personal Information online, we ask that a parent or guardian contact the Foundation at the number below and we will delete this information.

The Foundation may collect Personal Information from minors older than 13 years of age if the individuals are involved with Vituity Cares Foundation activities and programming.  We limit our collection of personal information from children to no more than is reasonably necessary to participate in Vituity Cares Foundation programming to fulfill programming objectives.

Parents, guardians and/or others with legal responsibility for minors have the right to review, opt-out or request the deletion of their child’s information.  You may also exercise rights to prevent the further collection of the information.  Please note that some of the Personal Information we collect from minors who participate in Foundation programming is necessary for us to run our programming.

In accordance with applicable law, and our practices, we may obtain consent from parents for the collection of Personal Information from their children, or for sending information about our programming directly to Vituity Cares Foundation programming participants.

To verify a parent or guardian’s identity – we may ask you to:

  • Sign a consent form under penalty of perjury
  • Call a toll-free number or make a video call
  • Provide government-issued ID (we will promptly delete any copy of the ID from our records after the verification is complete).

Non-Discrimination

The Foundation will not discriminate against you for exercising any of your CCPA rights

Right to Amend Point of Collection Notice

This Notice supplements the information contained in the Vituity Cares Foundation CCPA Privacy Policy.  Vituity Cares Foundation may update this Notice from time to time.  When we do, we will post the Notice and revise the date at the bottom of this page.  We encourage you to frequently check this page to stay informed about how we are helping to protect the Personal Information we collect.  You acknowledge and agree that it is your responsibility to review this Point of Collection Notice periodically and become aware of any modifications.

If you have any questions about this Notice, please contact us at:

Vituity Cares Foundation
2100 Powell Street
Suite 400
Emeryville, CA 94608
1-855-550-0007
compliance@vituity.com

Last updated:  December 16, 2020