Privacy Policy

Details regarding the PTO Exchange privacy policy

negative

Privacy Policy

 

PTO Inc. (PTO) takes your privacy very seriously. We only pass on your name, email address and mailing address to the nonprofit you are fundraising for, registering for an event with, or donating to, so that they can acknowledge your efforts. Please note that by visiting or registering with ptoexchange.com, you are agreeing to the practices detailed below so please read on to find out how information relating to you will be treated as you use our site.

 

The Information We Collect From You As A Site Visitor

PTO collects information about the Internet Protocol (IP) addresses of all visitors to our site. An IP address is a number assigned to your computer automatically when you use the internet. This information is only collected in aggregate and helps us monitor site traffic patterns in order to improve our service.

We collect data through the following methods: 

  • Direct input — data collected directly from users or business partners, such as sign-up forms, contracts, and subscriptions.
  • Automated systems — data collected through automated means, such as system logs, cookies, or through use of our services. This site uses cookies for some interactive features. A cookie is a small amount of data sent to your browser from a website and stored on your computer's hard drive. Most browsers will automatically accept cookies. You can set your browser to reject cookies, but some parts of the website may not function properly if cookies are rejected.
  • Third-party services — data obtained from third-party sources relevant to our operations.
  • Service providers may only access data for the purposes specified in their contract with us.
  • All third-party service providers must adhere to data protection requirements consistent with this policy.
  • Service providers are verified for compliance with applicable data protection laws and industry standards through security audits, security questionnaires, or confirmed industry certifications such as SOC 2, ISO 27001, PCI DSS, or GDPR equivalents.

The Information We Collect From You As An Employee, Employer, Fundraiser, Donor, Or Event Registrant

When you create a secure personal account on PTO for the purpose of creating a fundraising page or event registration, we collect your title, name, email address, mailing address, your password, and occasionally information required by the nonprofit. We will automatically pass on your name and email and home addresses to the nonprofit that will benefit from the donations you are collecting. In all other instances, we will not pass on this information to any third party unless you give us your express consent.

 

The Information We Collect From You When You Donate

If you donate on PTO, we collect your first and last name, manager's name and email, credit or debit card details (including card type, card number, and expiration date), and billing address. We will only use your payment details for the purpose of processing your donation via our payment partners. To find out more about the security of your payments, We will automatically pass on your name and email and home addresses to the nonprofit that will benefit from your donation.

 

Email Newsletters From PTO

We will send you email newsletters; however you can opt-out at any time as all newsletters from PTO include the option to unsubscribe.

 

Nonprofits Use Of Your Personal Information

PTO passes along personal information to the nonprofit you have fundraised for, registered for an event with, or donated to. If you wish to stop receiving further communications from a nonprofit, please contact them directly.

 

Security Precautions To Protect Your Information

The transfer of online transaction data to and from the web site is protected by the implementation of a Secure Sockets Layer protocol. Our Google Trust Services secure certificate (PKCS #1 SHA-256 With RSA Encryption) allows web browsers to verify the authenticity of our secure ptoexchange.com domain and to communicate with our site securely, protecting confidential information from interception and hacking. It is your responsibility to keep your password secure at all times to avoid unauthorized use of your PTO account.

 

Disclosure To Service Providers and Legal Obligations 

We may share your data with third-party service providers under the following conditions:

In the event of a law enforcement request, PTO Exchange will scrutinize any such request for legality. Data may be disclosed only when the request follows due process and is in accordance with applicable laws and regulations. Confidentiality will be maintained throughout the process, in line with our legal obligations.

 

Acceptance of Our Privacy Notice

Use of the PTO website and associated services implies acceptance of this Privacy Notice. If you are not satisfied with any aspect of it please do not continue to use the website and services. This notice may change from time to time and you are deemed to have accepted the current version each time you use ptoexchange.com or any site powered by us. If you have any questions about our Privacy Notice please contact us via email at support@ptoexchange.com.

 

Your Data Rights and How to Submit a Request

Depending on your location and applicable law, including the California Privacy Rights Act (CPRA) and other US state privacy laws, you may have the following rights regarding your personal data:

 

Right to Access and Correction

You have the right to request access to the personal data we hold about you and to request that any inaccurate or outdated information be corrected. Requests will be processed within a reasonable timeframe in accordance with applicable legal requirements.

 

Right to Erasure

You have the right to request deletion of your personal data under certain circumstances. Data will be deleted unless there is a compelling reason for its continued processing. Where deletion is carried out, all relevant internal departments and third-party service providers will be notified.

 

Right to Object

You have the right to object to the processing of your personal data for specific purposes. We will evaluate whether your rights override our legitimate interests in processing the data and will inform you of the outcome. We will attempt to respond to objection requests within 30 days.

 

Right to Data Portability

You have the right to obtain and reuse your personal data across different services where technically feasible.

 

Automated Decision-Making

You have the right not to be subject to a decision based solely on automated processing, including profiling, that produces legal or similarly significant effects concerning you.

 

How to Submit a Request

To exercise any of the rights above, please contact us using the support email address listed on this page. Please include your name, contact information, and a description of your request so we can process it promptly. We will acknowledge receipt of your request and respond within a reasonable timeframe, not to exceed 30 days from receipt.

 

 

Last modified April 19th, 2026