PRIVACY POLICY
Mission
Friends of the Earth Canada provides a voice for the environment, nationally and internationally, working with others to inspire the renewal of our communities and the earth, through research, education and advocacy. We challenge the causes leading to the triple planetary crisis of climate destruction, biodiversity loss and pollution and seek ways and means to resolve them. We stand in solidarity with vulnerable people and communities to confront the impacts of climate change and toxic pollution.
Protecting Your Privacy
Friends of the Earth follows the highest ethical standards and therefore, protecting your privacy is very important to us. We value the trust of those we deal with and recognize that maintaining this trust requires that we be transparent and accountable in how we treat the information that is shared with us.
To carry out our mission, it’s important to communicate with you and while doing so, we frequently gather personal information. Anyone from whom we collect such information can expect that we will carefully protect it and use it for the purposes for which it is collected.
Defining Personal Information
“Personal information” is any information that can be used to identify (or infer the identity of) a specific person, including, for example, your name, address, birth date, gender, etc. In some cases, your computer’s IP address can be considered personal information, as it may give some indication of your geographic location.
Here’s why we might ask you for this information, including: to process a donation or registration; to fulfil your subscription to an e-newsletter; to allow you to send letters or sign a petition via our online action platforms; to invite you to events; or to provide other information about Friends of the Earth which might interest you. When you make a donation, we’re required by law to take your full name and mailing address in order to send you a tax-creditable receipt.
Exceptions to this privacy policy include business contact information and publicly available information such as name, address, and telephone numbers as published in telephone directories.
Where an individual uses his or her home contact information as business contact information as well, we consider such information not to be subject to protection as personal information.
Privacy Practices
Personal information gathered by us will be treated with respect. Our staff is authorized to access personal information based only on their need to deal with the information for the reasons for which it was obtained. Safeguards are in place and continue to be enhanced to ensure that information is not disclosed or shared more widely than is necessary to achieve the purpose for which it was gathered. We also take measures to ensure the integrity of this information is maintained.
We collect, use and disclose personal information only for purposes that a reasonable person would consider appropriate in light of the circumstances. We routinely offer individuals we deal with the opportunity to opt not to have their information shared for purposes beyond those for which it was explicitly collected.
Third-party Data Processors:
we use third-party data processors (like CanadaHelps, MailChimp, Moneris, RBC) that comply with privacy regulations
The databases we use that contain donor information are:
CanadaHelps DMS database (first & name, address (if given), email, donation info, donor record number;
MailChimp email provider (first & last name, email address, actions taken e.g. signed a petition, signed up to receive updates, etc);
Moneris, credit card processing – Card numbers are encrypted through the Moneris system; and
RBC ARCH PAP – first & last name, chequing account #, bank #, transit #, donation amount. The file is processed through RBC encrypted server.
We use the Google Maps API(s) on our web site and in our mobile application(s). Review the Google Privacy Policy.
Cookie Usage:
We and our partners use cookies and similar technologies to gather information about your use of our website. This helps us create reports and statistics on the website’s performance. Analytics cookies like Google Analytics collect data such as your IP address, device type, operating system, referring URLs, location, and page visits. If you don’t want Google Analytics to be used in your browser, you can install the “Google Analytics Opt-Out Browser Add-On” provided by Google.
For a complete description of our use of cookies, please refer to our plugin’s description / cookie-notice.
International Data Transfer:
The databases we use that contain donor information are primarily located in Canada. In some instances, to achieve our stated purposes, it may be necessary to transfer personal information internationally. In such cases, Friends of the Earth follows mechanisms and safeguards to ensure compliance with data protection regulations applicable to international data transfers. These mechanisms may include the use of standard contractual clauses, data processing agreements, or other appropriate legal instruments to protect the privacy and security of your personal information during international transfers. Rest assured, we take these measures to uphold the highest standards of data protection, consistent with the requirements of the GDPR and other relevant data protection laws.
Privacy Assurance and Collaboration Transparency
We do not sell or exchange email addresses with other organizations. In some instances, we may promote actions or petitions on our websites in partnership with other non-profit organizations. In these cases, we give you the clear option of whether you want us to share your email with them.
Data Security and Breach Notification:
Friends of the Earth takes the security of your personal information seriously. In the unfortunate event of a data breach that may compromise the confidentiality, integrity, or availability of your personal data, we have established a comprehensive data breach response plan.
In the event of a data breach:
Identification and Containment: We promptly identify and contain the breach to prevent further unauthorized access or disclosure.
Assessment: We conduct a thorough assessment to understand the nature and scope of the breach, evaluating the potential impact on individuals’ privacy.
Notification: If required by applicable data protection laws, including GDPR, and if the breach poses a risk to your rights and freedoms, we will notify affected individuals and relevant regulatory authorities without undue delay. Notifications will include details of the breach, the types of data affected, and recommended steps for individuals to mitigate potential risks.
Mitigation: We take appropriate measures to mitigate the effects of the breach and prevent similar incidents in the future.
Friends of the Earth adheres to these privacy principles
Principle 1 — Accountability
Friends of the Earth is responsible for personal information under its control and has designated a Privacy Director who is accountable for the organization’s compliance with this Privacy Policy.
Principle 2 — Identifying purposes
Friends of the Earth will identify the purposes for which personal information is collected at or before the time the information is collected.
Principle 3 — Consent
Friends of the Earth will obtain the consent of individuals before or when it collects, uses or discloses personal information, except where authorized by law.
Principle 4 — Limiting collection
Friends of the Earth will limit the collection of personal information to that which is necessary for the purposes identified by Friends of the Earth. Personal information shall be collected by fair and lawful means.
We follow the principle of data minimization, which means that we collect, use, and disclose only what is essential and avoid gathering unnecessary or excessive information. Our commitment to this principle reflects our dedication to protecting your privacy, and it aligns with the GDPR’s emphasis on minimizing data processing to the extent required for specific purposes.
Principle 5 — Limiting use, disclosure and retention
Friends of the Earth will not use, disclose or retain personal information other than for the purposes for which it was collected, except with the consent of the individual, or as permitted or required by law.
Principle 6 — Accuracy
Friends of the Earth will keep personal information as accurate, complete and current as is necessary for the purposes for which it is to be used.
Principle 7 — Safeguarding information
Friends of the Earth will protect personal information with security safeguards appropriate to the sensitivity of the information.
Principle 8 — Openness
Friends of the Earth will make readily available to any individual specific information about access and procedures relating to the management of their personal information.
Principle 9 — Individual access
Upon written request, and subject to exemptions stipulated by law, Friends of the Earth will inform an individual of the existence, use and disclosure of their personal information and will provide access to that information. An individual may challenge the accuracy and completeness of the information and have it amended as appropriate.
Principle 10 — Handling concerns and suggestions
Individuals can address any concerns or questions in regards to compliance with the above principles to the Privacy Director at beatrice@foecanada.org.
This document is available to the public and explains how we collect, use and disclose information, in accordance with this policy, the Personal Information and Electronic Documents Act, the Personal Information Protection Act and other relevant legislation.
Further information on privacy and individual rights in regard to personal information may be found on the website of the Privacy Commissioner of Canada at www.priv.gc.ca
This policy may change from time to time. Please check for updates on the website periodically.
You may also be asked to provide your consent through an opt-in mechanism or other suitable means when using our services after the changes have been communicated.
Last updated: February 12, 2024