Privacy Policy

WELCOME TO GRAFTED!

Welcome to Grafted, a community development platform that engages with institutions to bring students, alumni and employers together for the purpose of personal and professional development.  

From the onset, we’ve been intentional to design our platform in a way that respects the data privacy of both institutions and its members (e.g.students, alumni and university professionals). Ensuring you are ultimately in control of your data is at the foundation of everything we do.

 Here is a quick summary for how we handle data privacy for both Members and Community Customer:

 Members

·     Members are in complete control of whether or not their information is viewable within the community.

·     Member data is not publicly viewable within the Services until that Member opts-in and completes the onboarding process.

·     Members can delete their Member Profile at anytime.

CommunityCustomers

·     Community Customers receive administrative access to all data, including Member Accounts and Employer Customer Accounts.

·     Community Customers control what data is automatically shared with Grafted in order to generate Member Accounts.

·     Community Customers approve Member Accounts aspart of the Member Profile creation process, before such Member Profiles are made public within the Services.

·     Community Customers grant access to EmployerCustomers.

This privacy policy (“Privacy Policy”) explains the privacy practices of Grafted mobile applications, the www.getgrafted.com website, and other associated Grafted services (the “Services”).This Privacy Policy also governs your relationship with Parallel LLC dba Grafted, a North Carolina limited liability company (“Grafted,” “we,” “us,” or “our”). Please read this Privacy Policy in full before using the Services. By using our Services, you are consenting to our use of your data as explained in this Privacy Policy. If you do not agree to this Privacy Policy, please do not access or use any of the Services.

Grafted will update this PrivacyPolicy over time, and the “Last Updated” date at the top of the Privacy Policy will list the last date we updated this Privacy Policy. In the event we make minor changes that do not materially affect your rights, we will post the updatedPrivacy Policy on the website. If we make a change that materially affects your rights, we will notify you by email  and through the Grafted Services, and by requiring you to review and accept updated PrivacyPolicy before continuing to use the Services.

WHAT WE COLLECT

 We get information about Members in a variety of ways.

 Information You Give Us. We collect your‎ name, email address, username, password as well as other information you directly give us on our Services as part of creating a Member Profile during the onboarding process or your responses to surveys.

Information We Get From Others. We may get some information about you from other sources such as your Community Customer. If a Community Customer shares data governed by FERPA, such information will be protected as required by applicable laws.

Information Automatically Collected. We automatically log information about you and your computer. For example, when you use the Services, we log your computer operating system type, browser type, browser language, IP address, the website you visited before browsing to our website, pages you viewed, how long you spent on a page, access times and information about your use of and actions on our Site.

How We Use Your Personal Data

 Grafted processes, stores, and uses your personal information to serve you through its Services. Here are some common ways in which we use your personal information:

·     Providing services such as allowing you to join live Q&A broadcasts, conduct video calls or appear in recommended connections with other Members in the community

·     Delivering communications from other Members(e.g. alumni and other students) or potential employers by in-app messaging in accordance with your account settings

·     Allowing you to contact employers

·     Personalizing the Service. For example, we will recommend other Members as connections based on your job interests, graduation year and/or sport

·     Operating, maintaining and improving our sites, applications, and services.

·     Responding to comments and questions with regard to customer service.

·     Researching new ways to improve the Grafted Services

 When We May Share Your Personal Data

 We will only share your personal data with third parties under the following circumstances.

·     We may share personal information with your consent. For example, you may let us share personal information with others for purposes of career development.

·     We may share personal information when we do a business deal, or negotiate a business deal, involving the sale or transfer of all or a part of our business or assets. These deals can include any merger, financing, acquisition, or bankruptcy transaction or proceeding. If we share personal information for these purposes, the promises in this Privacy Policy will continue to apply to your data as part of a transfer to a new entity.

·     We may share personal information for legal, protection, and safety purposes.

o  We may share information to comply with laws.

o  We may share information to respond to lawful requests and legal processes.

o  We may share information to protect the rights and property of Grafted, our agents, customers, and others. This includes enforcing our agreements, policies, and terms of use.

o  We may share information in response to lawful requests and legal processes. This includes protecting the safety of our employees and agents, our customers, or any person. We will notify you of the request to share information.

·     We may share information with those who need it to do work for us, such as cloud service providers. These service providers are contractually obligated to take appropriate data security measures to keep your data safe.

SHARING OF AGGREGATED DATA

 We may also share aggregated and/or anonymized data for a variety of purposes such as research, reporting, and other analytical purposes. Such aggregated data cannot reasonably be linked back to any individual. 

INFORMATION CHOICES AND CHANGES

 Our marketing emails tell you how to “opt-out.” If you opt out, we may still send you non-marketing emails.Non-marketing emails include emails about your accounts and our business dealings with you.

DELETING YOUR MEMBER PROFILE

You may delete your member profile at any time if you no longer wish for your information to be viewable within Grafted. In this way, you may opt out participating and we will delete the data you submitted as part of the onboarding process. Please note that if you choose to participate in the future, you will need to re-enter all information as part of re-creating your Member Profile.

THIRD PARTY SITES AND LINKS

 The Services may contain links to third party sites. Grafted is not responsible for the privacy policies or practices of third-party sites, and we strongly encourage you to read the privacy policies of third-party sites to understand those policies and make an informed decision as to whether to share your information with those sites.Your interactions with third party sites, including social media sites, are governed by the privacy policies of each of those sites.

DO NOT TRACK

We are currently unable to recognize or honor Do Not Track (DNT) signals.

COOKIES AND SIMILAR TECHNOLOGIES

Like many other Services, we may use cookies and other similar technologies such as web beacons to collect information.Cookies are data stored on a hard drive that help us improve your use of our site and enhance our ability to track and enhance user experiences on our site.You have the right and ability to change the settings on your browser to refuse cookies, but note that if you do so, you may not be able to access our Services with full functionality.

PROTECTING YOUR INFORMATION

 We maintain security measures that are commercially reasonable in the industry. We take protecting your information very seriously, but please note that no method of storing or transmitting information on the internet is completely secure, and therefore we cannot guarantee or warrant the security of information you share with us. Despite taking reasonable precautions, it is impossible to protect all information from a breach, also referred to as a data breach or security breach. 

CHILDREN 

Individuals under 16 are not permitted to use the Services without the express written consent of the both the Community Customer and parental consent. Such consent gives minors permission to use the services and is an agreement to be bound by these Terms.

We do not knowingly collect information from individuals under 13. If you believe we have unintentionally collected personal information from a minor under 13, please contact us immediately at support@getfrafted.com so that we can quickly delete such information. 

CALIFORNIA PRIVACY RIGHTS

 If you are a resident of California, the California Consumer Privacy Act(CCPA) gives you rights concerning your personal information. Here’s a summary of those rights:

Right to Know

·     The right to know what information we have collected and disclosed in the last 12months

·     What specific information we have collected

·     The categories and sources of such personal information

·     The categories of personal information and types of recipients to which that information was disclosed

·     The categories of personal information and types of recipients to whom the information was sold

·     The typeof business or purpose for collecting and selling the personal information

Deletion: You have the right to request that we delete certain personal information we have collected from you.

Opting out of Sales: You have the right to tell us not to sell your personal information to third parties.

Non-discrimination: We cannot discriminate against you for exercising these rights. Note that if you restrict certain personal information processing that we may not be able to provide the Services as intended.

If you are a California resident and would like to exercise any of the rights provided for by the CCPA, please submit a request at support@getfrafted.com with the subject line, “CCPA Request.”

PRIVACY SHIELD

Grafted complies with the EU-US Privacy Shield Framework provided by theUS Department of Commerce for the collection, use, and retention of personal information from residents of European Union member countries. The FederalTrade Commission has investigatory and enforcement powers over Grafted as part of our participation in Privacy Shield. If you would like to learn more aboutPrivacy Shield program, you may visit: http://www.privacyshield.gov  

Grafted collects personal information and processes that information in away that is appropriate and relevant to the purposes for which such information was collected or authorized by individuals. In instances where we receive personal information from institutions or community organizations, those institutions or community organizations determine those purposes.

EEA and UK individuals have the right to reasonable access to the personal information about you that we hold. On request, we will also take reasonable steps to correct, update, amend or delete any information that is demonstrated to be inaccurate, except where the burden or expense of doing so would be disproportionate to the risks to your privacy in the case in question or where the rights of third parties would be violated. Where we process personal information on behalf of an Institution, we will direct any individual requests for access or to limit use or disclosure to the Institution, and we will work with such Institution in complying with such requests in accordance with applicable law and our obligations under Privacy Shield.

Grafted may transfer personal information to certain third parties as described within this Privacy Policy. When we transfer personal information, we will take reasonable steps to ensure that the third party has access to and process such information for limited and specified purposes consistent with this Privacy Policy and Grafted’s Privacy Shield obligations. In some instances, Grafted remains accountable for personal data Grafted transfers to third parties. Grafted may also release personal date of EU individuals in response to legal requests from public authorities, including for purposes of national security or complying with law enforcement requirements.

If our response to a complaint does not satisfy your concerns, you may submit your complaint to AAA, Grafted’s designated Privacy Shield dispute resolution provider, here: https://go.adr.org/privacyshield.html

If you have any questions about the information that we collect from youin reliance on Privacy Shield, please contact us at support@getgrafted.com. 

GDPR

 If you are located in the European Union, and some other jurisdictions, you have certain rights regarding your personal information pursuant to GDPRand other legislation. For example, you may have the right to request access to your information, the right to update your information, and the right to have use rase personal information we have stored about you.

In many instances, you will be able to access, update, and delete some of your information by logging into your account. By deleting your Grafted MemberProfile, you will be deleting the information that you have provided to us.However, if you cannot access, update, or delete the information yourself, you should first contact your institution or community organizer and we will cooperate with that institution or community organizer to support your request.Otherwise, you can email us directly as support@getgrafted.com to exercise your rights and we will work with you in achieving the desired outcome as required by law.

CONTACT INFORMATION

We welcome your comments or questions about this privacy policy. You may email us at support@getgrafted.com. You may also contact us at our address:

PARALLEL LLC

Attn: Privacy

2108 South Blvd.

Suite 107

Charlotte, NC 28203