Privacy Policy
Effective Date: 2026-06-01
ADAVICO respects the privacy of its customers, authorized users, website visitors, business partners, and prospects. This Privacy Policy describes how ADAVICO collects, uses, stores, protects, retains, and discloses personal information and customer Service Data in connection with ADAVICO websites, applications, professional services, support services, and related offerings.
ADAVICO provides software, reporting, implementation, support, and related professional services for educational, nonprofit, and institutional organizations. Customers retain ownership of their data. ADAVICO processes customer data only as necessary to provide, secure, support, maintain, and improve the ADAVICO Service, or as otherwise authorized by the customer.
This Privacy Policy should be read together with ADAVICO's Security Policy, Subservice Organizations Policy, and applicable service agreement or terms of service.
Jump to section
Information We Collect
ADAVICO collects information necessary to provide, secure, support, maintain, and improve the ADAVICO Service. The types of information collected depend on how customers, authorized users, website visitors, and business contacts interact with ADAVICO.
Account and User Information
When a customer or authorized user uses the ADAVICO Service, we may collect information such as name, business email address, phone number, organization name, role, department, account credentials, and other information needed to create, manage, authenticate, and support user accounts.
Customer Service Data
Customers and authorized users may submit, upload, generate, or maintain data within the ADAVICO Service. This may include institutional, financial, reporting, donor, fund, scholarship, endowment, accounting, or administrative data, depending on the customer's use of the Service.
Billing and Business Information
ADAVICO may collect billing contact information, business address, payment-related information, contract information, and related administrative records needed for invoicing, payment processing, account administration, and business operations. ADAVICO does not store, process, or transmit cardholder data directly when a third-party payment processor is used.
Log, Usage, and Security Information
ADAVICO may collect log and usage information such as IP address, browser type, operating system, device information, authentication activity, date and time of access, actions taken within the Service, and security-relevant events. This information is used to administer, secure, monitor, troubleshoot, and improve the Service.
Communications Information
ADAVICO may collect information submitted through email, support requests, meetings, forms, implementation discussions, customer communications, or other interactions with ADAVICO personnel.
Website Information
When visitors access ADAVICO websites, ADAVICO may collect information such as IP address, browser type, device information, referring pages, pages visited, date and time of visit, and similar website usage information.
How We Use Information
ADAVICO uses personal information and customer Service Data for limited business, operational, security, and service-related purposes.
Providing and Supporting the Service
We use information to provide the ADAVICO Service, authenticate users, manage customer accounts, deliver functionality, provide support, troubleshoot issues, perform implementation work, and communicate with customers and authorized users.
Security, Monitoring, and Fraud Prevention
We use information to protect the ADAVICO Service, monitor for suspicious activity, investigate potential security events, maintain logs, detect unauthorized access attempts, prevent misuse, and support incident response activities.
Billing and Business Administration
We use information for billing, collections, account administration, contract management, customer relationship management, financial reporting, and other ordinary business purposes.
Improving the Service
We may use usage information, support trends, customer feedback, and operational data to improve reliability, usability, performance, features, support, security, and customer experience.
Legal and Compliance Purposes
We may use information to comply with legal obligations, enforce agreements, maintain records, respond to lawful requests, protect rights and safety, support audits, and meet regulatory or contractual requirements.
Customer Data Ownership
Customers retain ownership of all customer data submitted to, processed by, stored within, or generated through the ADAVICO Service.
ADAVICO does not sell customer data and does not use customer Service Data for advertising, profiling, marketing, resale, data mining, or any purpose unrelated to providing, securing, supporting, maintaining, or improving the ADAVICO Service.
ADAVICO accesses customer Service Data only as necessary to provide the Service, secure the Service, support customers, troubleshoot issues, perform authorized implementation or professional services, prevent or address technical or security problems, comply with law, or as otherwise authorized by the customer.
Sharing Information
ADAVICO does not sell, rent, loan, or monetize personal information or customer Service Data. ADAVICO may disclose limited personal information or Service Data only as necessary to provide, secure, support, maintain, or improve the Service, or as otherwise described below.
With Service Providers
ADAVICO may use third-party service providers to deliver, secure, support, monitor, and maintain the Service. These providers may include cloud infrastructure providers, security and traffic protection services, communication tools, collaboration platforms, software development systems, business operations platforms, and other operational services.
Service providers are permitted to process, transmit, host, store, or otherwise handle personal information or Service Data only as necessary to provide contracted services to ADAVICO. ADAVICO does not permit service providers to use personal information or Service Data for advertising, marketing, profiling, resale, data mining, or unrelated business purposes.
With Customer Organizations
Where appropriate, ADAVICO may share information with the customer organization responsible for the account, including user account information, authorized user activity, support-related information, or other information needed to administer, secure, support, or maintain the customer's use of the Service.
For Legal, Compliance, or Safety Purposes
ADAVICO may disclose information if required by law, subpoena, court order, legal process, or governmental request, or when we believe disclosure is necessary to protect ADAVICO, customers, users, the public, the security of the Service, or the rights and safety of others.
In Connection with a Business Transaction
If ADAVICO is involved in a merger, acquisition, financing, reorganization, sale of assets, bankruptcy, or similar transaction, information may be disclosed or transferred as part of that transaction, subject to appropriate confidentiality and data protection obligations.
Aggregated or De-Identified Information
ADAVICO may use aggregated or de-identified information to understand usage trends, improve the Service, evaluate performance, and support business planning. ADAVICO does not use aggregated or de-identified information in a way that is intended to identify an individual or customer without authorization.
Service Providers and Subprocessors
ADAVICO uses carefully selected third-party service providers to help deliver, secure, monitor, support, and improve the ADAVICO Service. These providers are reviewed based on security, privacy, operational, contractual, and service requirements.
Additional information regarding ADAVICO's current subprocessors and vendor management practices is available in the Subservice Organizations Policy.
Data Security
ADAVICO maintains administrative, technical, and physical safeguards designed to protect personal information and customer Service Data from unauthorized access, disclosure, alteration, destruction, loss, misuse, or exfiltration.
Customer data is encrypted in transit using TLS and encrypted at rest within production servers, storage volumes, object storage, and backups. ADAVICO also uses access controls, multifactor authentication for administrative and privileged internal access, vulnerability management, centralized logging, monitoring, Security Information and Event Management (SIEM) capabilities, backup testing, and incident response processes to support the confidentiality, integrity, and availability of customer data.
No electronic transmission or digital storage mechanism is completely secure or error free. Additional information regarding ADAVICO's security controls is available in the Security Policy.
Data Retention
ADAVICO retains personal information and customer Service Data only as long as necessary to fulfill contractual, operational, legal, and regulatory obligations, and according to customer instructions where applicable.
Upon termination, ADAVICO will return, delete, or securely dispose of customer data according to contract requirements and applicable law. Secure deletion may be subject to backup retention cycles.
Data Hosting and Residency
Unless otherwise agreed, ADAVICO primarily hosts and processes customer data in the United States. ADAVICO may use third-party service providers located in, or operating from, the United States or other jurisdictions as necessary to provide, secure, support, or maintain the Service.
Customers with specific geographic hosting requirements should contact ADAVICO before implementation.
Cookies and Analytics
ADAVICO may use cookies, session technologies, analytics tools, and similar technologies to operate websites and applications, maintain user sessions, secure access, remember user selections, analyze website usage, and improve the Service.
Some cookies are necessary for the Service to function. Users may manage cookie preferences through their browser settings, but disabling certain cookies may limit functionality.
ADAVICO does not use customer Service Data for third-party advertising or behavioral advertising.
Your Rights and Choices
Customers and authorized users may request access to, correction of, deletion of, or return of personal information or customer Service Data as permitted by contract, applicable law, and the customer's administrative controls.
Authorized users should first contact their customer organization administrator for account-level requests, role changes, data access, or data deletion requests related to the customer's use of the Service.
Requests submitted directly to ADAVICO will be reviewed and handled within a reasonable period, generally within 30 days where practical and legally permissible.
Privacy Policy Changes
ADAVICO may update this Privacy Policy from time to time to reflect changes in our practices, services, legal obligations, or security and privacy programs. The effective date at the top of this page indicates when the policy was last updated.
Continued use of the ADAVICO Service after the effective date of an updated policy constitutes acknowledgment of the updated policy, unless a separate agreement provides otherwise.
Questions?
If you have questions about ADAVICO's Privacy Policy, data practices, or security practices, please contact us at: