In line with the General Data Protection Act that came into effect May 25th 2018 FRIDA | The Young Feminist Fund has modified and improved our users privacy and digital rights in relation to FRIDA’s systems and data collection.
(We may modify this policy from time to time so we encourage you to check this page intermittently and when revisiting our website)
Yes, we do – and we comply with the law when we do so. We use the information in ways that you have agreed to or are lawful – to provide you with relevant communications from us, fundraise and share any news relevant to the FRIDA community
FRIDA will ask you if you want to receive our newsletter in your inbox when you come to our website, attend a meeting or apply to any of our grants, programs or job posts.
We collect personal information when you give it to us directly, such as when you take the following actions:
- When you register to become a supporter on our Website;
- When you make a donation to us;
- When you contact us via phone, email or by messaging us on our social media channels or use a contact form on our Website;
- When you apply to a fellowship, consultancy, job post, etc.
- When you attend one of our events and we ask for your email address to stay in touch;
- When you contact us directly asking us to sign you up to our newsletter in person, via email or text;
- When you fill out a survey we send to you about your experience with us or to find out what you think about social issues
- When you make a donation via our website
We might also collect personal information about you indirectly, such as when:
- You follow and/or interact with our social media channels;
- Third parties share information with us – for example, organisations we work with, search information and payment providers;
- The information is available publicly – your personal information may be available to us from external publicly available sources. For example, depending on your privacy settings for social media services, we may access information from those accounts or services (for example when you choose to interact with us through platforms such as Facebook, LinkedIn or Twitter).
- You visit our Website.
3.1. We automatically collect the following types of your personal information when you visit the Website:
- Technical information, including the internet protocol (IP) address used to connect your device to the internet, browser type and version, time zone setting and operating systems and platforms.
- Information about your visit to the websites, including the uniform resource locator (URL) clickstream to, through and from the website (including date and time), services you viewed or searched for, page response times, download errors, length of visits to certain pages, referral sources, page interaction information (such as scrolling and clicks) and methods used to browse away from the page.
We also collect and use your personal information by using cookies on our Website. However, if you wish to restrict or block the cookies which are set by FRIDA website, or indeed any other website, you can do this through your browser settings. The Help function within your browser should tell you how. In general, we may combine your personal information from these different sources for the purposes set out in this Policy.
We might collect, store and otherwise use the following kinds of personal information about you:
- Your name and contact information, including your physical address, email address and telephone number (when you provide such information to us)
- Any volunteered information when you fill out a survey we send you, which might ask for your experiences with us or your views on certain social and political issues
- Your financial information when you provide it;
- The actions you have taken with us, such as attending events and/or making a donation to us;
- The amount and frequency of any donations made to us;
- Information you have volunteered when you contact us via phone, email, by messaging us on our social media channels or using contact form on our website
- The language you receive content in
- Web browser and browsing data: browser type, device type, IP address, referral source, the fact that you are visiting our Website or clicking on our content, length of website visit, number of page views
- Social media profile information where it is available to us
- Any other type of information shared with / obtained by us as listed in the ‘where do you get information about me from’ section of this notice.
4.1. Special categories of personal information
Under EU Data Protection law (the GDPR), the law recognises some types of personal information as being sensitive and requiring additional protection. These are known as ‘special categories’ of personal information and include information about health, ethnicity, and political opinions.
We do not seek to collect, store or otherwise process your sensitive personal information (i.e. about race or ethnicity, political opinions, religious or philosophical beliefs, etc.). When we do, it will only be in circumstances where there is a valid reason to collect/use that information and we are allowed to do so under the law.
5.1. Overview of how we use your information
We will use your personal information, for the purposes set out in this notice. In particular, we may use your personal information:
- To provide you with content, where possible, in the language that you wish to receive content in;
- To process a donation you make to us or refund a donation (if applicable) you make to us;
- To provide you with communications about our work, campaigns, services, activities, and fundraising drives (where you have provided your consent to receive such information) that we think will be of interest to you;
- To analyse, measure and report on the effectiveness of our work, campaigns, services, fundraising and information, including our Website and social media channels;
- To operate our Website, keep the Website safe and secure and ensure that content is presented in the most effective manner for you and your device
- To audit and administer our systems and databases;
- To satisfy legal obligations which are binding on us, for example in relation to regulatory, government and/or law enforcement bodies with whom we may work (for example requirements relating to the payment of tax or anti-money laundering);
- For the prevention of fraud or misuse of our services; and/or
- For the establishment, defence and/or enforcement of legal claims.
- Processing donations and credit card information
5.2. Cookies and Data Tracking
We may use third-party services such as Google Analytics. This helps us understand traffic patterns and know if there are problems with our Website.
The information generated by a cookie about your use of our Website (including your IP address) is transmitted to and stored by Google on servers in the United States. Google may also transfer this information to third parties where Google is legally required, or where such third parties process the information on Google’s behalf. Google can combine your IP address with any other data held by Google. By using this Website, you consent to the processing of data by Google in the manner and for the purposes set out above.
URLs contained in emails may contain an ID that enables us to correctly identify the person who takes an action using a web page. We use these URLs to simplify the process of signing petitions and filling out surveys. We may occasionally present a shortened URL that references a longer URL which you can see in the browser’s address bar when you access the page.
EU Data Protection law sets out a number of ‘bases’ or grounds which controllers (in this case FRIDA) can rely on to lawfully collect and use personal information. The grounds that we rely on to use your personal information are as follows:(a) Where you have provided your consent for us to use your personal information in a certain way (for example, we will ask for your consent to use your personal information to send you newsletters or fundraising material by email).(b) Where necessary so that we can comply with a legal obligation to which we are subject (for example, where we are obliged to share your personal information with regulatory bodies which govern our work and services).(c) Where it is in your/someone else’s vital interests (for example, if during the course of communication with you, we became aware that there was a medical emergency)(d) Where there is a “legitimate interest” in us doing so (see below)
EU Data Protection Law allows us to collect and use your personal information if it is reasonably necessary to achieve our or others’ ‘legitimate interests’, i.e. where there is a benefit or need for us or others to do something with your information. We can only use your information for our or others’ legitimate interests when our use is fair, balanced and does not unduly impact your rights.
When we process your personal information it is only to achieve FRIDA’s mission and vision, we consider and balance any potential impact on you, and your rights under data protection laws. We’re committed to protecting your privacy.
Where we rely on your consent to use your personal information, you have the right to withdraw that consent at any time. This includes the right to ask us to stop using your personal information for any communication purposes or to unsubscribe from our email list at any time.
Right of access: you can write to us to ask for confirmation of what personal information we hold on you and to request a copy of that personal information. Provided we are satisfied that you are entitled to see the personal information requested and we have successfully confirmed your identity, we will provide you with your personal information subject to any exemptions that applyRight of erasure: at your request we will delete your personal information from our records as far as we are required to do so.Right of rectification: if you believe our records of your personal information are inaccurate, you have the right to ask for those records to be updated. You can also ask us to check the personal information we hold about you if you are unsure whether it is accurate / up to date.Right to restrict processing: you have the right to ask for processing of your personal information to be restricted in some circumstances such as if there is disagreement about its accuracy or legitimate usage – for example, you might tell us that you think we hold some information about you that is inaccurate. Whilst we take steps to check this and ensure it is accurate, you have the right to ask us not to use your personal information.Right to object: you have the right to object to processing where we are (i) processing your personal information on the basis of the legitimate interests ground, (ii) using your personal information for direct marketing or (iii) using your information for statistical purposes.Right to data portability: to the extent required by the GDPR, where we are processing your personal information (that you have provided to us) either (i) by relying on your consent or (ii) because such processing is necessary for the performance of a contract to which you are party or to take steps at your request prior to entering into a contract, and in either case we are processing using automated means (i.e. with no human involvement), you may ask us to provide the personal information to you – or another service provider – in a machine-readable formatRight to define guidelines regarding the processing of your personal data after your death: You may provide us with instructions regarding the manner in which we may continue to store, erase and share your information after your death, and where applicable, the person you have designated to exercise these rights after your death.
We are sorry if you no longer wish to receive communications from us – if you would like to discuss this you can contact us at email@example.com. If you wish to opt-out of communications from us where you have previously provided us with your consent then you can do so at any time via the following methods:Clicking the unsubscribe link at the bottom of any newsletter email we have sent to you
Going to this link which will unsubscribe you from our mailing list.
FRIDA is committed to keeping your personal information safe and secure and we have appropriate and proportionate security policies and organisational and technical measures in place to help protect your information. For example, your personal information is only accessible by appropriately trained staff, volunteers and contractors, and stored on secure servers with features enacted to prevent unauthorised access.
Because we are a Canadian organisation, the personal information that we collect from you will be stored at a destination outside the European Economic Area (EEA).
We do not share, sell or rent your personal information to third parties for marketing purposes. We may disclose your personal information to selected third parties in order to achieve the purposes set out in this Notice. We require our third party providers to comply with the highest standards of data privacy, including GDPR.
Non-exhaustively, those parties may include:Partner organisations (where you have consented to your personal information being shared with that partner organisation);Suppliers and sub-contractors for the performance of any contract we enter into with them, for example IT service providers such as website hosts, database providers, server hosts or cloud storage providers;Financial companies such as Network for Good that collect or process donations on our behalf;
Social media platforms.
We may need to disclose your personal information upon request to regulatory and government bodies as well as law enforcement agencies. Please note that FRIDA will challenge any attempt to gain access to the information you give us by government agencies or private organisations. In the unlikely event that we are required by law to disclose any of your information we will do our best to contact you first so that you may have the opportunity to object to the disclosure. We will also independently object to any requests for access to information about users of our Site that we believe to be improper.
We may also partner with other organisations and, in so doing, acquire or transfer personal information but your personal information would continue to be used for the purposes set out above.
In general, unless still required in connection with the purpose(s) for which it was collected and/or processed, we remove your personal information from our records no more than six years after the date it was collected. However, if before that date (i) your personal information is no longer required in connection with such purpose(s), (ii) we are no longer lawfully entitled to process it or (iii) you validly exercise your right of erasure, we will remove it from our records at the relevant time.
Please note that, if you request to receive no further contact from us, we will keep some basic information about you on our do not contact list in order to comply with your request and avoid sending you unwanted materials in the future.
We link our website directly to other sites. This notice does not cover external websites and we are not responsible for the privacy practices or content of those sites. We encourage you to read the privacy notices of any external websites you visit via links on our website.Changes to this privacy notice
We may update this notice from time to time so please check back periodically. We will notify you of significant changes, such as the implementation of the GDPR, by contacting you directly where reasonably possible for us to do so and by placing a notice on our website. This Notice came to effect on May 25th, 2018.