Privacy Policy

Last Updated: November 11, 2021

I. Introduction

This Privacy Policy (“Policy”) describes how RiseImpact Capital, LLC (“RiseImpact” or “we” or “us”) handle information that we collect about you or other individuals, and the privacy protection we accord to personally identifiable information (“PII”). For purposes of this Policy, PII about you means information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with you or your household.

We may change the terms of the Policy from time to time. When we make changes, we will post the amended policy on our websites, including https://www.riseimpact.com/ and https://ims.riseimpact.com/login, as well as any other Site that links to this Policy (the “Sites”). If the changes are material, we will post a notice on the Sites alerting you to the change. Any changes to the Policy will become effective immediately upon our posting of the Policy, so please be sure to review the current Policy before providing us with PII.

II. How Does RiseImpact Collect Your PII and What Types of PII Does It Collect?

RiseImpact collects PII about you when you actively provide it to us, such as by sending us a message through the Sites’ “Contact Us” pages, responding to a request for information, preparing forms to invest in our funds, signing up to receive communications from us, sending us an email or letter, or applying for a job with us. We also may collect PII about you from other sources, such as our business partners; the Internet, including social media websites; the press or other print media; and other organizations or individuals as permitted under applicable law.

Listed below are the types of PII that we may have collected about you within the past 12 months. Some of these types of information may not be PII, depending on other information we have access to about you. Each type of information listed below is PII only if the information identifies, relates to, describes, references, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with you or your household.

  • Identifiers such as: your name, postal address, online identifier, Internet Protocol (IP) address, email address, Social Security number, driver’s license number, or other similar identifiers.
  • “Customer Records” information (some of which may be identifiers or professional/employment-related information as well), such as your name, signature, Social Security number, physical characteristics or description, address, telephone number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information.
  • Commercial information, such as records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.
  • Internet or other similar network activity, such as browsing history, search history, information on your interaction with our website, mobile application(s), or an advertisement. This may include hardware and browser information of your computer or other online device.
  • Geolocation data, such as the physical location of the device you use to connect with us online.
  • Biometric information, such as fingerprints or voiceprints.
  • Sensory data, such as audio, electronic, visual, or similar information.
  • Professional or employment-related information, such as your current or past job history.
  • Personal characteristics that are related to classifications legally protected from discrimination, such as race, national origin, ethnicity, marital status, age and gender.
  • Inferences drawn from other PII, such as a summary we might make based on your apparent personal preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities and aptitudes.

We use Google Analytics to help us understand traffic on and patterns of visits to our Sites. When you visit any of the Sites, Google Analytics will, through cookies, collect the following information from your computer or other online device:

  • technical information, including the internet protocol (IP) address used to connect your computer to the internet, your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform; and
  • information about your visit, including the full Uniform Resource Locators (URL), clickstream to, through and from the Site (including date and time), products you viewed or searched for, page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page.

For further information about the collection and use of data through Google Analytics, see http://www.google.com/policies/privacy/partners/. Google offers the ability to opt out from tracking through Google Analytics cookies; to learn about this, visit: http://tools.google.com/dlpage/gaoptout.

By using any of the Sites, you are deemed to unambiguously agree to its use of any cookies that you do not disable.

Our Sites currently do not respond to a user’s Do-Not-Track request.

III. Our Business Purposes for Collecting PII; How We Use the Information

We may use the PII we collect from you for a variety of purposes permitted by law, including:

  • To communicate with you, including in response to your inquiries and to fulfill your requests;
  • To provide you with information about our funds, projects, and the investment opportunities we offer, and to facilitate your involvement in our projects;
  • To prevent fraud, including by confirming your identity;
  • To maintain and upgrade the security of any data or information we collect;
  • For compliance and risk management purposes; and
  • For other legally permissible or everyday business purposes, including data analysis, product development, and compliance with law enforcement and other legal processes.

IV. How We May Share PII

We may share the PII we collect as follows:

  • With our service providers, whom we engage to assist us with technology support, operational support and other forms of assistance, and whom we bind by contract to protect the confidentiality and security of the PII we share with them;
  • To our affiliated entities within the RiseImpact corporate family;
  • In the event of a proposed or actual reorganization, merger, sale, joint venture, assignment, transfer or other disposition of all or any portion of our company or its assets, to a proposed or the actual acquiring party or assignee;
  • As we believe to be appropriate (i) when required by applicable law, including laws outside your country of residence; (ii) to comply with legal process (iii) to respond to requests from public and government authorities; (iv) to enforce the terms and conditions for use of the Sites, including this Policy; (v) to protect and defend our rights and property; (vi) to protect the interests of RiseImpact or others; and (vii) to permit us to pursue available remedies or limit the damages that we may sustain.

We do not sell PII and we do not share PII with non-affiliated entities for them to use for their own marketing purposes.

V. Data Retention; Security

We will retain PII about you for the period necessary to fulfill the purposes outlined in this Policy. We endeavor to use reasonable organizational, technical, and administrative measures to protect the PII we maintain within our organization.

VI. Updates to Your PII

If you would like to update PII that you have provided to us, you may contact us through one of the means listed in the “How to Contact Us” section below.

VII. Site Use Limitations and International Data Transfers

Our Sites are not directed to users under the age of 13 and we do not knowingly collect PII online from any person we know to be under the age of 13.

Our Sites are designed for users from, and are controlled and operated by us from, the United States. By using our Sites, you consent to the collection of your information in the United States, which may have different data protection rules than those of your country.

VIII. Links to Other Websites

Our Sites may provide links to third-party websites. When you click on one of these links, you will be accessing content that is not subject to this Policy. We are not responsible for the information-collection practices of the other websites that you visit and advise you to review their privacy policies before you provide them with any PII.

IX. California Residents’ Privacy Rights

If you are a resident of California, you have certain privacy rights under the California Consumer Privacy Act (“CCPA”). We honor those rights, as described below, and we are prohibited by law from discriminating against you for exercising any of those rights.

A. Right to Know

If you are a California resident, you have the right to know what PII we have collected about you, why we collected it, and the categories of third parties (excluding service providers) with whom we have shared the PII during the past 12 months. (See below on “How to Submit a Request.”) You may request that we provide a description of the categories of PII we have collected (a “Categories Request”) or a request for access to the specific pieces of PII we have collected (a “Specific Pieces Request.”)

If you make a Categories Request, and you do not have any type of account with us, we will need you to provide us with at least two data elements specific to you, such as your cell phone number or driver’s license number (depending on the data elements we already maintain about you), so that we can verify your identity. After we confirm that your request is a verifiable consumer request, we will disclose to you:

  • The categories of PII we collected about you.
  • The categories of sources for the PII we collected about you (e.g., social media websites, government records available to the public, etc.).
  • Our business or commercial purpose for collecting that PII.
  • The categories of third parties other than service providers (if any) with whom we shared the PII.

If you make a Specific Pieces Request, we need to be sure we have verified your identity with great certainty to safeguard the privacy of the PII we have collected. If you do not have any type of account with us, you will need to provide to us at least three data elements specific to you, together with a signed declaration under penalty of perjury that you are the individual to whom the PII you are requesting pertains. After we confirm that your request is a verifiable consumer request, we will, consistent with the CCPA, disclose to you the specific pieces of PII we collected about you that you requested.

B. Right to Request Deletion

You have the right to request that we delete any of your PII that we maintain. However, we are not obligated to comply with your request if we have a legal basis to retain the PII. We will not delete any PII pursuant to your request unless we are able to verify that you are the individual to whom that PII pertains.

If you make a request for us to delete PII, and you do not have any type of account with us, we may need you to provide us with at least two data elements specific to you so that we can verify your identity. Once we receive and confirm that your request is a verifiable consumer request (see below on “How to Submit a Request”), we will inform you whether we have deleted (and have directed our service providers to delete) your PII from our records, or whether we are declining to grant your request to delete due to a legal basis for us to retain the PII.

C. Exceptions to CCPA Rights

The CCPA has certain exceptions to the rights it grants to residents of California. Under one such exception, if you are working for or seeking to work for RiseImpact, the CCPA currently does not provide you with a “right to know” or “right to request deletion” until January 1, 2021. Similarly, if you are an employee or other representative of a business or other organization that is exploring or engaging in a business-to-business transaction with RiseImpact, the CCPA currently does not provide you with a “right to know” or “right to request deletion” until January 1, 2021.

D. How to Submit a Request

To request access to or deletion of your PII as described above, please submit a verifiable consumer request to us by either:

You may make a request on your own behalf, and if you are the parent or guardian of a minor child, you also may make a request related to your child’s PII. If you wish to designate an authorized agent to make a request on your behalf, please provide us with a signed declaration stating that your intent is to permit that individual to act on your behalf and include such individual’s full name, address, email address, and phone number. That way we will be sure you have fully authorized us to act in accordance with the requests of that individual.

As indicated above, in order to protect your PII from unauthorized disclosure or deletion at the request of someone other than you or your legal representative, RiseImpact requires identification verification before granting any request to provide copies of, know more about, or delete your PII. We take special precautions to help ensure this. We cannot respond to your request or provide you with PII if we cannot verify your identity or authority to make the request and confirm that the PII relates to you. We will only use PII collected in connection with a verifiable consumer request to verify the requestor’s identity or authority to make the request.

We endeavor to respond to a verifiable consumer request within forty-five (45) days of its receipt. If we require more time (up to 45 additional days), we will inform you of the reason and extension period in writing.

X. How to Contact Us

If you have any questions regarding this Policy, please call us at 504.777.3043, or email us at contact@riseimpact.com.