Please read this Policy carefully to understand how we handle your information. By using the Services, you acknowledge that you have read and understand this Policy and that we collect, use, and share your information as set forth below.
1. About the Services
OfColor provides a financial wellness platform that Employers can offer as a benefit to their Employees (the “Platform”). Our mission is to help employees of color make and keep more money. Employees who create accounts have access to tools through our Site, the Platform, and our mobile software applications (the “App”), including analytics about their finances, financial education materials, one-on-one financial coaching from financial coaches and advisors (“Advisors”), and a discussion forum where Employees can interact with each other (“Discussion Forum”). Employers using our Platform have access to an online interface where they can view aggregate information about their Employees’ engagement with the Services, but Employers cannot view financial information pertaining to specific Employees (“Employer Dashboard”). Collectively, together with the Site, the Platform, and the App, these functionalities and services comprise the “Services”.
2. Information we collect
a. Information you provide to us
We collect information that Users provide to us, including any information Users provide via the forms on our Site or when interacting with us via email, a phone call, social media, or otherwise, or when obtaining coaching from an Advisor. Some of this information is personal information regarding the User, including name, email address, and phone number.
We also collect information that Employers provide to us when setting up our Platform, including information about the Employer, such as business name, business contact information (including email, physical address, and phone number), and type of employer; and information about Employees, such as payroll information and Employees’ names, email addresses, and identification. The Employer chooses the method of Employee identification, which may be by name or a random number. Some Employers use Social Security Numbers as Employee identification, and while we discourage this, we may receive such information if an Employer enters it into the Platform.
We collect information that Employees provide to us when creating an account, using the Services, or otherwise interacting with us. This information may include name, email address, phone number, survey responses, and certain demographic information, including date of birth, income, homeownership status, employment information, and the number and ages of an Employee’s children. We also collect financial information that Employees choose to share with us by connecting their accounts at financial institutions to the Services. This information may include transactional data associated with the Employee’s bank account(s) and credit card(s) and information about the Employee’s loans, such as historical payment data.
Employees and Employers also provide login credentials (username and password) that are managed by a third-party authentication service provider, so OfColor does not collect or store this information. When Employees and Employers enter login credentials, they are interacting with the third-party authentication service provider, not OfColor.
You can choose not to provide us with certain information, but you may not be able to register with us or take advantage of all of the functionality of our Services.
b. Information collected automatically
When you interact with the Services, we (and third parties) may collect technical information from your browser and device and about your use of the Services by automated means, including cookies, pixels/web beacons, local storage, Application Programming Interfaces (APIs), and other similar technologies. We may also collect this kind of information when you interact with email messages or other communications we send you. Some of these technologies (such as cookies) involve storing unique identifiers or other information on your browser or device for later use. As we and our service providers adopt other technologies, we may also gather information using other methods.
Information about your browser or device. We may automatically collect certain information about your browser or device when you use the Services, such as:
Information about how you use our Services. We collect information regarding your use of the Services, such as:
Information about your internet connection. When you interact with the Services from an internet-connected device (for example, when you use our mobile app or Platform), we collect information about your Internet connection including MAC address, Internet protocol (IP) address, Internet service provider, and mobile carrier.
Location Information. We may collect location information, including your approximate location derived through IP Address when you use the Services, as well as your precise or approximate location as determined by your device’s location services, subject to your device settings.
c. Information collected from third parties
We may collect information about you from other sources, including business partners, marketers, and data compilers. If you are an Employee, we may also collect information provided to us by your Employer, such as payroll information, in order to provide the Services and for other purposes listed below.
3. How we use information
We will only use your information consistent with applicable law. We use the information we collect for various purposes, depending on the type of information and the Services you use, including:
We may combine information that we collect from and about you through the Services (including automatically generated information) with information that we obtain about you from third parties and use such combined information in accordance with this Policy.
Aggregate/De-identified/Anonymous data. We may aggregate, de-identify and/or anonymize any information collected through the Services so that such information is no longer linked to any User, Employee, or Employer. We may use aggregated and anonymized information for any purpose, including for research and marketing purposes, and we may also share such information with third parties, at our discretion. As noted above, information about Employees viewable by Employers in the Employer Dashboard is aggregated, de-identified, and/or anonymized – such information does not identify specific Employees or their personal financial information. The Employer Dashboard states information such as the total number of Employees using the Platform, median financial wellness score among Employees, total number of hours that Employees have engaged with Advisors, most popular Discussion Forum discussion topics, and most viewed financial literacy articles and videos.
4. How we share and disclose information
We share the information described above as follows:
We take reasonable physical, administrative, and technical steps to help safeguard the information we collect from and about you. While we take efforts to protect the integrity and security of our network and systems, no security measures are perfect, and we cannot guarantee that our security measures will work perfectly.
You should take steps to protect against unauthorized access to your password and devices by, among other things, signing off after using a shared computer, choosing a complex and unique password for accessing our Services that nobody else knows or can easily guess, and keeping your login credentials private. You are responsible for activity that occurs on your account. We are not responsible for any lost, stolen, or compromised passwords or for any unauthorized account activity.
6. Data retention
We retain and delete the data we collect from and about you in accordance with the provisions of applicable law.
7. Your data rights
The laws in your jurisdiction may give you the right to make certain requests of us regarding information we collect from and about you. This may include the right to request access to your information, to opt-out of our sharing of certain personal information with others, to update your information, and to have your information deleted.
If you reside in a jurisdiction whose laws grant these rights to you, you may email us at email@example.com to make a request. Please explain the type of request you are making and the data with respect to which you want to make a request.
We will consider all requests and provide our response within the time period required by applicable law. Please note, however, that certain information may be exempt from such requests in some circumstances, which may include if we need to keep processing your information to comply with a legal obligation. Your local laws may permit you to submit additional requests.
In addition, Employees and Employers can manage certain information through their account. Please see your account or email us at firstname.lastname@example.org for more details.
8. Your choices
We provide several ways for you to exercise control over how we use information about you and how we communicate with you, described below.
a. Email and telephone communications
You may use the unsubscribe link found at the bottom of emails we send to you to opt out of receiving future marketing emails. Note that you may continue to receive transaction-related emails regarding Services you have requested or engage with. We may also send you certain non-promotional communications regarding us and our Services and using the unsubscribe link will not halt those communications (for example, communications regarding our Services or updates to this Policy). We process requests to be placed on do-not-mail, do-not-phone, and do-not-contact lists as required by applicable law.
In addition, we may send you push notifications through our App. You may control how and whether you receive push notifications by changing our App’s permissions through your mobile device settings.
b. “Do Not Track”
Do Not Track (“DNT”) is a setting that can be enabled in certain web browsers. DNT signals do not have a commonly agreed up meaning and we do not currently recognize or respond to DNT signals.
c. Tailored advertising
The information we collect in connection with the Services may be used by us and by third parties to tailor the advertising you see online. You have choices about how information about you is used for this purpose.
To learn more about tailored advertising or to opt out of participating companies (including certain of our advertising partners), please visit the Digital Advertising Alliance’s (DAA) opt-out program at https://www.aboutads.info or the Network Advertising Initiative’s (NAI) opt-out page at https://optout.networkadvertising.org. We make no representation about the accuracy or effectiveness of these opt out mechanisms.
Some tailored advertising is carried out using cookies. You may be able to set your browser to refuse certain types of cookies or alert you when they are being used. Some browsers offer similar settings for HTML5 local storage and other technologies. Please see the "Help" section of your browser for more information. However, if you block or otherwise reject cookies or other similar technologies, certain features of the Services may not function as expected.
Mobile devices often include settings to help you manage how your device collects and shares information for advertising purposes. For more information on how to manage those devices settings, please visit the Network Advertising Initiative’s mobile choice page at https://www.networkadvertising.org/mobile-choice.
Modifying your mobile device or browser settings, or opting out of tailored advertising via your web browser, may have different results depending on the type of device or web browser you use and the version of your device operating system. Opting out of tailored advertising does not prevent you from seeing ads online; instead, the ads you see are less likely to be customized to your interests. Opting out is generally effective only on a device-by-device, or browser-bybrowser basis. If you use more than one browser or device, the effect of any opt-out mechanism may be limited to the device on which you used the mechanism.
9. Third-party links and content
The Services may have links to third-party websites, apps, or other communities that may have privacy policies that differ from ours. We are not responsible for the practices of such sites, apps, or communities. You should check their privacy policies to understand how they may handle your information. Likewise, the Services may have third-party content – for example, in posts to the Discussion Forum by Discussion Forum participants. We do not make any representations concerning the accuracy of such information and are not responsible in any way for third-party content on our Services. You interact with third-party content at your own risk.
10. Supplemental notice for non-United States residents
Please note that OfColor is located in the United States. If you are located outside of the United States, you should be aware that the personal data you provide to us is being transmitted to us and processed in the United States. Your information will be protected subject to this Policy and United States laws, which may not be as protective as the laws in your country. To understand your rights with regard to your data, please visit the website of the appropriate data protection authority for your region.
11. Children’s privacy
The Services are not intended for minors or children under the age of 13, and we do not knowingly collect any personal information (as that term is defined in the Children’s Online Privacy Protection Act (COPPA)) from such minors or children on the Services. If we discover that an individual under 13 has provided us with personal information via the Services, we will delete the personal information to the extent required by COPPA.
12. Additional notices for California and Nevada residents
California Residents: The California “Shine the Light” law gives residents of California the right under certain circumstances to request information from us regarding the manner in which we share certain categories of personal information (as defined in the Shine the Light law) with third parties for their direct marketing purposes. We do not share your personal information with third parties for their own direct marketing purposes.
Nevada Residents: Under Nevada law, certain Nevada consumers may opt out of the sale of their “personally identifiable information” for monetary consideration to another person. We do not engage in such activity. However, if you are a Nevada resident who has purchased services from us, you may submit a request to opt out of any potential future sales under Nevada law by emailing email@example.com with the subject line “Nevada Sale Opt-Out.” Please note we may take reasonable steps to verify your identity and the authenticity of the request. Once verified, we will maintain your request in the event our practices change.
13. Changes to this Policy
We may change this Policy from time to time. If we make any changes, we will change the Last Updated date above. We encourage you to read this Policy carefully and regularly check for changes. You acknowledge that your continued use of the Services after we publish changes to this Policy means that the collection, use, and sharing of your information is subject to the updated Policy.
14. Contact information
If you have questions about this Policy or wish to close your account, please contact us at firstname.lastname@example.org.