This Privacy Statement was last updated on December 14, 2021.
- Through donations made online, by mail, or any other method
- Through our social media pages and apps located at:
(collectively, our “Social Media Pages”),
- Through your submission of information to us in connection with grant applications
- Through offline interactions with you.
Collectively, we refer to the above as the “Activities.”
This Privacy Statement (“Statement”) contains details about how WRA collects, uses, and shares with third parties Personal Data (defined below) that we obtain from and about you.
Applicability: This Statement covers the Activities identified above as well as information that you may provide us by other means or related to other WRA offerings or activities. This Statement does not address or apply to third-party websites or online services, including those that we link to and third-party websites or services that WRA co-brands. We do not control them or their privacy practices and data collection policies, and they may have their own privacy statements, which you should consult. This Statement does not apply to current or former job applicants, employees, consultants, or interns.
Whenever you interact with WRA or Activities on behalf of another individual or entity, such as by providing or accessing Personal Data about another individual, you represent that you have the authority to do so. You shall have sole responsibility for any violation of privacy laws as a result of a failure to obtain any necessary consent from such individual/entity.
What Information Do We Collect?
Personal Data is any information relating to an identified or identifiable natural person.
The types of information that you provide us can include but is not limited to:
- Contact information, such as your first name, last name, e-mail address, phone number, address, and social media identifiers (e.g., Twitter handle, Instagram name, etc.).
- Your photograph
- Demographic information, such as your age and gender.
- Transaction related information such as your credit card information when you make a donation
- Technical information gathered when you interact with the Site, such as your IP address, browser information, geographic location, device type, duration of browsing session, and how you arrived at the Site.
- Internet or other electronic network activity information, such as your browsing history and information regarding your interactions with and use of the Site.
- Employment information, such as your job title, organization, and classification of employment (e.g., government).
- Inferences drawn from any of the information we collect to create a profile about you reflecting your preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.
How do we collect personal information?
We and our service providers collect Personal Information in a variety of ways, including:
- Information you provide to us directly. We collect Personal Information through the Activities, for example, when you sign up for a newsletter, register an account to access the Activities, contribute content, take a survey, or make a donation or purchase.
- Information collected Offline. We collect Personal Information from you offline, e.g., when you attend one of our events or provide us with Personal Information over the phone.
- Information collected about you from Other Sources. We receive your Personal Information from other sources, for example: publicly available databases, joint promotional partners, when they share the information with us, third party analytics providers which we use to track web site visitors’ activity.
How do we use your personal information?
We may use Personal Information in a number of ways including:
- To provide the activities. To provide the Activities’ functionality to you, such as to register for an event; respond to your inquiries; communicate with you about the Activities and WRA; and to send you promotional related emails with information and events we believe may be of interest to you. We will engage in this activity with your consent or where we have a legitimate interest.
- To complete your transactions, especially your donations, and provide you with related customer service. We will not sell, share, or trade our donors’ personally identifiable information with any other entity, except as described below. In addition, we will not send mailings to our donors on behalf of other organizations.
- For our own internal purposes, such as to evaluate or audit the usage and performance and safety of our Site; evaluate and improve the quality of our Site and Activities and design new ones; operate the Site and customize the content; or maintain internal records.
- For legal, safety or security reasons, such as to comply with legal requirements; protect the safety, property, or rights of the WRA; grant applications; and detect, prevent, and respond to security incidents or other malicious, deceptive, fraudulent, or illegal activity.
- In an anonymous or aggregated format. We may also use your information in an anonymized or aggregate manner for any purpose.
Disclosure of Personal Information
We disclose Personal Information:
- You can consult the list and location of our affiliates here.
- The White Ribbon Alliance ® is the party responsible for the management of jointly used Personal Information.
- To our third-party service providers, to facilitate services they provide to us.
- These can include providers of services such as website hosting, data analysis, payment processing, order fulfilment, infrastructure provision, IT services, customer service, e-mail delivery services, credit card processing, and other services.
- By using the Services, you may elect to disclose Personal Information
- On message boards, chat, profile pages, blogs, and other services to which you are able to post information and content (including, without limitation, our Social Media Pages). Please note that any information you post or disclose through these services will become public and may be available to other users and the general public.
Other Uses and Disclosures
We also use and disclose your Personal Information as necessary or appropriate, especially when we have a legal obligation or legitimate interest to do so:
- To comply with applicable law and regulations.
- This can include laws outside your country of residence.
- To cooperate public and government authorities.
- To respond to a request or to provide information we believe is important
- These can include authorities outside your country of residence.
- To cooperate with law enforcement.
- For example, when we respond to law enforcement requests and orders or provide information, we believe is important.
- For other legal reasons.
- To enforce our terms and conditions; and
- To protect our rights, privacy, safety, or property, and/or that of our affiliates, you, or others.
- In connection with a sale or business transaction.
- We have a legitimate interest in disclosing or transferring your Personal Information to a third party in the event of any reorganization, merger, sale, joint venture, assignment, transfer or other disposition of all or any portion of our organization or its assets (including in connection with any bankruptcy or similar proceedings). Such third parties may include, for example, an acquiring entity and its advisors.
“Other Information” is any information that does not reveal your specific identity or does not directly relate to an identifiable individual
- Browser and device information
- Information collected through cookies, pixel tags and other technologies
- Demographic information and other information provided by you that does not reveal your specific identity
- Information that has been aggregated in a manner such that it no longer reveals your specific identity
If we are required to treat Other Information as Personal Information under applicable law, then we may use and disclose it for the purposes for which we use and disclose Personal Information as detailed in this Policy.
Collection of Other Information
We and our service providers may collect Other Information in a variety of ways, including:
- Through your browser or device
- Certain information is collected by most browsers or automatically through your device, such as your Media Access Control (MAC) address, computer type (Windows or Mac), screen resolution, operating system name and version, device manufacturer and model, language, Internet browser type and version and the name and version of the Services you are using. We use this information to ensure that the Activities function properly.
- Using cookies
- Using pixel tags and other similar technologies
- Pixel tags (also known as web beacons and clear GIFs) may be used to, among other things, track the actions of users of the Activities (including email recipients), measure the success of our promotional campaigns, and compile statistics about usage of the Activities and response rates.
- IP Address
- Your IP address is automatically assigned to your computer by your Internet Service Provider. An IP address may be identified and logged automatically in our server log files whenever a user accesses the Activities, along with the time of the visit and the page(s) that were visited. Collecting IP addresses is standard practice and is done automatically by many websites, applications, and other services. We use IP addresses for purposes such as calculating usage levels, diagnosing server problems, and administering the Activities. We may also derive your approximate location from your IP address.
Uses and Disclosures of Other Information
We may use and disclose Other Information for any purpose, except where we are required to do otherwise under applicable law. In some instances, we may combine Other Information with Personal Information. If we do, we will treat the combined information as Personal Information as long as it is combined.
We seek to use reasonable organizational, technical, and administrative measures to protect Personal Information within our organization. Unfortunately, no data transmission or storage system can be guaranteed to be 100% secure. If you have reason to believe that your interaction with us is no longer secure, please immediately notify us in accordance with the “Contacting Us” section below.
CHOICES AND ACCESS
Your choices regarding our use and disclosure of your Personal Information
We give you choices regarding our use and disclosure of your Personal Information for promotional purposes. You may opt-out from:
- Receiving electronic communications from us: If you no longer want to receive promotional emails from us on a going-forward basis, you may opt-out by following the instructions in each email, or by emailing us at firstname.lastname@example.org.
- You may opt out of having your Personal Information shared by us and following the process described below.
We will try to comply with your request(s) as soon as reasonably practicable. Please note that if you opt-out of receiving promotional emails from us, we may still send you important administrative messages, from which you cannot opt-out.
How you can access, change, or delete your Personal Information
If you would like to request to review, correct, update, suppress, restrict, or delete Personal Information that you have previously provided to us, or if you would like to request to receive an electronic copy of your Personal Information for purposes of transmitting it to another organization (to the extent this right to data portability is provided to you by applicable law), you may contact us by emailing us at email@example.com. We will respond to your request consistent with applicable law.
In your request, please make clear what Personal Information you would like to have changed, whether you would like to have your Personal Information suppressed from our database or otherwise let us know what limitations you would like to put on our use of your Personal Information. For your protection, we may only implement requests with respect to the Personal Information associated with the particular email address that you use to send us your request, and we may need to verify your identity before implementing your request. We will try to comply with your request as soon as reasonably practicable.
Please note that we may need to retain certain information for recordkeeping purposes and/or to complete any transactions that you began prior to requesting a change or deletion (e.g., when you make a donation, you may not be able to change or delete the Personal Information provided until after the completion of such donation). Finally, we are not responsible for removing or suppressing information from the databases of third parties with whom we have already shared your Personal Information or limiting their use of your Personal Information.
We retain Personal Information for as long as needed or permitted in light of the purpose(s) for which it was obtained and consistent with applicable law.
The criteria used to determine our retention periods include:
- The length of time we have an ongoing relationship with you and provide the Activities to you (for example, for as long as you have an account with us or keep using the Activities);
- Whether there is a legal obligation to which we are subject (for example, certain laws require us to keep records of your transactions for a certain period of time before we can delete them); or
- Whether retention is advisable in light of our legal position (such as in regard to applicable statutes of limitations, litigation, or regulatory investigations).
THIRD PARTY SERVICES
In addition, we are not responsible for the information collection, use, disclosure or security policies or practices of other organizations, such as Facebook, Apple, Google, Microsoft, RIM or any other app developer, social media platform provider, operating system provider, wireless service provider or device manufacturer, including with respect to any Personal Information you disclose to other organizations through or in connection with our Social Media Pages.
USE OF ACTIVITIES BY MINORS
The Services are not directed to individuals under the age of sixteen (16). If you are under the age of 16, please do not provide your information to use via the Activities.
JURISDICTION AND CROSS-BORDER TRANSFER
Your Personal Information may be stored and processed in any country where we have facilities or in which we engage service providers, and by using the Services you understand that your information will be transferred to countries outside of your country of residence, including the United States, which may have data protection rules that are different from those of your country. In certain circumstances, courts, law enforcement agencies, regulatory agencies or security authorities in those other countries may be entitled to access your Personal Information.
If you are located in the EEA: Some of the non-EEA countries are recognized by the European Commission as providing an adequate level of data protection according to EEA standards (the full list of these countries is available here [hyperlink to EU Commission’s adequacy list online: https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/adequacy-protection-personal-data-non-eu-countries_en]. For transfers from the EEA to countries not considered adequate by the European Commission, we have put in place adequate measures, such as standard contractual clauses adopted by the European Commission to protect your Personal Information. You may obtain a copy of these measures by contacting us in accordance with the “Contacting Us” section below or by following this link: https://www.whiteribbonalliance.org/contact-us/
THIRD PARTY PAYMENT SERVICE
The White Ribbon Alliance ®
1100 17th Street NW, Suite 800
Washington, DC 20036
Because email communications are not always secure, please do not include credit card or other sensitive information in your emails to us.
ADDITIONAL INFORMATION FOR INDIVIDUALS IN THE EEA
If you are located in the EEA, you also may:
- Lodge a complaint with a data protection authority for your country or region or where an alleged infringement of applicable data protection law occurs. A list of data protection authorities is available at http://ec.europa.eu/newsroom/article29/item-detail.cfm?item_id=612080.