Privacy Policy

Effective date: August 11, 2025
Applies to: thecivicseal.com, thecivicseal.org, related subdomains, forms, portals, emails, SMS, and any tools or pages we add later (collectively, the “Services”).

Plain-English note: This policy is designed to cover current features and future add-ons (donations, payments, forms, portals, SMS, analytics, etc.). It’s a template, not legal advice—please review with counsel for your jurisdiction.
 

Civic Seal (“Civic Seal,” “we,” “us,” or “our”) provides tools that help residents submit issues and help public offices organize, route, and track those issues. Depending on how the Services are used, we may act as:

• a controller (e.g., running our public websites, processing donations, marketing, account management), and/or
   
• a processor/service provider to a Member Office (e.g., when we host intake forms and case records on that office’s behalf).
   

Contact: info@thecivicseal.com
Mail: Civic Seal, Attn: Privacy, 225 7th Street, Parkersburg, WV 26101

We collect information from you, from Member Offices, and automatically:

1. You provide directly
    
   • Account info (name, email, password), profile photo.
      
   • Submissions/constituent issues (text, attachments, location, category, preferred contact method).
      
   • Contact details for updates (email, phone for SMS).
      
   • Payment/donation details (amount, method, billing name & address, tax receipt info).
      
   • Communications (support tickets, calls, emails, meeting notes).
      
   • Survey responses and feedback.
      

1. Provided by Member Offices or partners
    
   • Case IDs, status updates, internal notes, routing assignments, service level targets, closure outcomes.
      
   • Official directory info (titles, departments, office emails/phones).
      

1. Collected automatically
    
   • Device and log data (IP, browser, pages viewed, timestamps, referrer).
      
   • Cookies/SDKs and similar tech (session cookies, analytics identifiers).
      
   • Approximate location (based on IP) for abuse prevention and language defaults.
      

1. Sensitive or special categories (only if you choose to provide and where permitted by law)
    
   • Example: health, disability access needs, immigration, or other sensitive context within a case. Only include what’s necessary. If a Member Office requests it, they should provide a lawful basis and any required notices.
      

We use information to:

• Provide and improve the Services (create tickets, route issues, track status, send confirmations/updates, show dashboards and reports).
   
• Operate accounts and portals (authentication, access controls, audit logs).
   
• Process payments and donations (via third-party processors; see “Payments & Donations”).
   
• Communicate (issue updates, receipts, service notices, security alerts, newsletters if you opt in).
   
• Personalize (remember preferences, recently viewed items).
   
• Analyze & secure (metrics, debugging, fraud/spam detection, rate limiting).
   
• Comply with law and enforce terms, defend legal claims, and prevent misuse.
   

Legal bases (EEA/UK/Switzerland): performance of a contract, legitimate interests (product improvement, security), consent (marketing/SMS where required), legal obligation, and processing as a processor on behalf of Member Offices.

For intake forms and case workflows operated for a Member Office, we process personal data only on their instructions and for their purposes. That Member Office is usually the controller (or equivalent under your law). Public records laws may apply to your submission. For these uses:

• We follow the office’s retention settings and access rules.
   
• We do not “sell” or use the data for our own marketing.
   
• On request from the office, we assist with data access, export, correction, or deletion where legally permitted.
   

Member Offices may request a Data Processing Addendum (DPA). Contact info@thecivicseal.com.

We use PCI-compliant third-party processors (e.g., Stripe/PayPal/Square, as applicable) to handle payments and donations. We do not store full card numbers. Processors may collect your name, email, billing address, and payment method to complete the transaction and provide tax receipts (for donations). See the processor’s privacy policy for details.

We keep transaction metadata (amount, date, last4, method, receipt ID) for accounting, fraud prevention, and legal compliance.

If you opt in to SMS:

• You consent to receive texts about submissions, status updates, reminders, or announcements.
   
• Message frequency varies. Msg & data rates may apply.
   
• Reply STOP to opt out, HELP for help.
   
• We may use a third-party SMS provider to send and receive messages.
   

We use cookies and similar tech to run the site, keep you logged in, remember settings, and measure performance. We may use analytics providers (e.g., Google Analytics, privacy-focused alternatives) to understand aggregate usage and improve the Service.

Where required, we present a consent banner and honor your choices. You can adjust browser settings to block cookies, but the Services may not function properly without them.

If you submit an issue addressed to a government office, your submission (including attachments) may be subject to public records laws. Member Offices control what becomes public, what is redacted, and how long records are retained. Avoid including unnecessary sensitive data.

We share information with:

• Member Offices to route and process your submissions.
   
• Service providers under contract (hosting, storage, analytics, communications, payment/SMS, customer support).
   
• Integration partners you or a Member Office enable (e.g., email, spreadsheets, chat tools).
   
• Legal and safety: to comply with law, court orders, public records requests applicable to a Member Office, enforce terms, or protect rights, safety, and property.
   
• Business transfers: in connection with a merger, financing, or acquisition (we’ll notify you where required).
   

We do not sell personal information. We do not share personal information for cross-context behavioral advertising where prohibited without proper notice/choice.

• Account & billing: kept while your account is active and for up to 7 years thereafter for tax, audit, and legal purposes.
   
• Cases/issue data: kept according to Member Office settings or, if Civic Seal is the controller, generally 24 months after closure unless law requires longer or you request deletion where applicable.
   
• Logs & analytics: typically 12–24 months in aggregate form.
  We may retain data to comply with legal obligations, resolve disputes, or enforce agreements.
   

Your rights depend on where you live and how the data is processed.

• Access, correction, deletion, portability, restriction (EEA/UK/Switzerland and similar jurisdictions).
   
• California (CCPA/CPRA): know/access, correct, delete, opt out of sale/sharing, limit use of sensitive information, non-discrimination.
   
• Colorado/Virginia/Connecticut/Utah and others: similar rights to access, correct, delete, and opt out of targeted advertising or profiling.
   

How to exercise:
Email info@thecivicseal.com. If your data was submitted to a Member Office, we may redirect your request to that office and assist them in responding.

To opt out of marketing emails, use the unsubscribe link in the email. To opt out of SMS, reply STOP.

If we deny your request where permitted, you may appeal by replying to our decision email. You may also contact your local data protection authority.

We use reasonable administrative, technical, and physical safeguards (encryption in transit, access controls, least-privilege, monitoring). No method is 100% secure. If we believe your information was affected by a breach, we’ll notify you and regulators as required by law.

We may transfer, store, and process information in the United States and other countries with different data protection laws. Where required, we use approved transfer mechanisms (e.g., Standard Contractual Clauses).

Our Services are not intended for children under 13 (or older where local law requires). We do not knowingly collect personal information from children without verifiable parental consent. If you believe a child provided personal information, contact info@thecivicseal.com for deletion.

Do not upload illegal content or others’ personal information without permission. Avoid including unnecessary sensitive data (e.g., Social Security numbers, health records) unless requested by a Member Office and permitted by law. We may remove content that violates our terms or the law.

Our sites may link to third-party websites or services. Their privacy practices are their own. Review their policies before providing information.

Our Services do not currently respond to Do Not Track signals. Where required, we honor browser-based Global Privacy Control (GPC) signals for opt-out choices tied to “sale” or “sharing.”

We may update this policy from time to time. We’ll change the “Effective date” above and, for material changes, provide a prominent notice or email. Your continued use of the Services after an update means you accept the revised policy.

Email: info@thecivicseal.com
Mail: Civic Seal, Attn: Privacy, [Your Mailing Address]
“Do Not Sell or Share My Personal Information” requests (where applicable): email subject line “Do Not Sell/Share Request.”

California Residents (CCPA/CPRA):

• Categories collected: identifiers, contact details, internet/network activity, geolocation (approx.), user content, limited payment metadata, inferences (only for product improvement, not ads).
   
• No sale of personal information. No sharing for cross-context ads without required notices/choices.
   
• You can request access, correction, deletion, and limit use of sensitive information; opt out of sale/sharing (if any); and appeal decisions.
   
• We verify requests (email and/or additional steps). Authorized agents may submit requests with proof of authority.
   

Virginia/Colorado/Connecticut/Utah:

• Rights to access, correct (where applicable), delete, portability, and opt out of targeted advertising or profiling where we conduct those activities.
   
• You may appeal a decision by replying to the result of your request.
   

• Civic Seal as Controller: website visitors, donors/payers, newsletter subscribers, account admins, general support.
   
• Civic Seal as Processor/Service Provider: constituent submissions and case data collected for a specific Member Office via Civic Seal forms/portals. For those, contact the relevant office to exercise rights; we will assist them as required.