Members of The Helen Brown Group LLC adhere to the standards of ethics set by Apra (formerly the Association of Professional Researchers for Advancement) and the Association of Fundraising Professionals (AFP).
We use only industry-standard, publicly-available information in the course of our work.
Information provided by a client to HBG will not be shared with any individual or group outside of the client organization without the client’s permission or directive.
We apply strict measures for the security of collection, storage and transfer of client data in adherence with Massachusetts General Law chapter 93H, the European Union General Data Protection Regulation (GDPR), the UK Data Protection Act (DPA), the Health Insurance Portability and Accountability Act (HIPAA) and the Family Educational Rights and Privacy Act (FERPA) requirements. The Helen Brown Group is a “data processor” for the purposes of GDPR. We do not collect or store personal information in the form of a database. We delete all research on EU/UK residents six months after delivery to our clients, regardless of client location.
The Helen Brown Group LLC (HBG) does not regularly hold or process personal information outside of the following: name; address; family and career information; corporate, philanthropic, and civic associations; and/or philanthropic and political giving. We do not have access to social security numbers, bank account numbers, government ID numbers, or any other information not in the public realm.
All members and subcontractors of HBG have signed confidentiality agreements and have agreed to abide by the Statement of Ethics and Donor Bill of Rights as set forth by the Association of Professional Researchers for Advancement and the Association of Fundraising Professionals. We abide by GDPR, FERPA, HIPAA, and Massachusetts privacy laws. We take reasonable, industry-standard precaution to secure data we use and are insured to cover loss and/or theft.
HBG utilizes a variety of databases and search engines in the course of our work, which may include but not be limited to Lexis Nexis for Development Professionals; LexisNexis Mosaic; Accurint; ResearchPoint; iWave PRO; Zillow; Google; Bing; and other search engines. A complete and up-to-date list of these databases may be requested at any time.
EU residents have the right to access personal data about them and to request the correction, amendment, removal and/or limitation of the use and disclosure of their personal data processed by HBG. Anyone may also request that we do not conduct prospect research on them on behalf of specific clients.
HBG is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC) with respect to its compliance with the EU-U.S. Privacy Shield Framework. If you live in the EU, any complaints or questions regarding HBG’s compliance with the Privacy Shield Program should be sent to the email or postal address provided herein. HBG will respond within 60 days.
If you do not receive acknowledgment of your complaint within 60 days, or if you cannot resolve your complaint directly with HBG, you may contact the International Centre for Dispute Resolution, the international division of the American Arbitration Association (ICDR/AAA), by visiting its web site at http://info.adr.org/safeharbor to pursue binding arbitration.
HBG may be required to disclose personal data in response to a lawful request by public authorities, including to meet national security or law enforcement requests.
Data Protection Officer
The Helen Brown Group LLC
489 Mt. Auburn Street, Suite 4
Watertown, MA 02472
HBG has further committed to refer unresolved Privacy Shield complaints to JAMS Mediation an alternative dispute resolution provider located in the United States. If you do not receive timely acknowledgment of your complaint from us, or if we have not addressed your complaint to your satisfaction, please contact or visit www.jamsadr.com for more information or to file a complaint. The services of JAMS Mediation are provided at no cost to you.
HBG is responsible for the processing of personal data it receives, under the Privacy Shield Framework, and subsequently transfers to a third party acting as an agent on its behalf. HBG complies with the Privacy Shield Principles for all onward transfers of personal data from the EU, including the onward transfer liability provisions.
With respect to personal data received or transferred pursuant to the Privacy Shield Framework, HBG is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. In certain situations, HBG may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
Under certain conditions, more fully described on the Privacy Shield website, a complainant may invoke binding arbitration when other dispute resolution procedures have been exhausted.