MIGHTY NPO PRIVACY STATEMENT
At Mighty NPO, a product by Wow Digital Inc. (as follows, “we” or “us”), we are committed to protecting your privacy and safeguarding your personal information. The purpose of this Privacy Statement is to inform you about the types of Personal Information we collect, use and disclose when you use the services on our website(s) (the “Services”). It explains how we use and disclose that information, the choices you have regarding such use and disclosure, and how you may correct that information.
Your privacy is one of our priorities. We are proud to demonstrate our commitment to your privacy by complying with the laws and regulations under applicable privacy laws, including the General Data Protection Regulation (“GDPR”) (EU) 2016/679. Specifically, as we are a Canadian organization, this Privacy Statement is designed to meet the standards prescribed by the Personal Information Protection and Electronic Documents Act and the regulations thereunder (“PIPEDA”) as well as applicable provincial privacy legislation and regulations, including, the Personal Information Protection Act (Alberta), the Personal Information Protection Act (British Columbia), and An Act respecting the protection of personal information in the private sector (Quebec) (collectively “Canadian Privacy Laws”).
From time to time, we may make changes to this Privacy Statement. The Privacy Statement is current as of the “last revised” date which appears at the top of this page. Your continued use of the Services constitutes your agreement to the revised terms. We will treat Personal Information in a manner consistent with the Privacy Statement under which it was collected unless we have your consent to treat it differently. This Privacy Statement applies to any information we collect or receive about you, from any source.
The Service may contain features or links to websites and services provided by third parties. Any information you provide on third-party sites or services is provided directly to the operators of such services and is subject to those operators’ policies, if any, governing privacy and security, even if accessed through the Service. We are not responsible for the content or privacy and security practices and policies of third-party sites or services to which links or access are provided through the Service. We encourage you to learn about third parties privacy and security policies before providing them with information.
The following topics will be covered in this Privacy Statement:
- To which companies does this Privacy Statement apply?
- What is Personal Information?
- How do we collect your Personal Information?
- How do we use your Personal Information?
- To whom do we provide your Personal Information?
- When and how do we obtain your consent?
- How long will we utilize, disclose or retain your Personal Information?
- What are your rights regarding your Personal Information?
- What safeguards have we implemented to protect your Personal Information?
- How do you contact us regarding access to your Personal Information or our privacy practices?
1. To which companies does this Privacy Statement apply?
This Privacy Statement applies to the collection, use and disclosure of Personal Information by Mighty NPO.
2. What is Personal Information?
“Personal Information” is any information that is identifiable with you, as an individual. This information may include but is not limited to your name, company, mailing address, e-mail address, billing address and credit card information. Under Canadian Privacy Laws, Personal Information, however, does not include your business title, business address or business telephone number in your capacity as an employee of an organization.
3. How do we collect your Personal Information?
We will always collect your Personal Information by fair and lawful means (for example, when you register with us). We may collect Personal Information from you directly and/or from third parties, where we have obtained your consent to do so or as otherwise required or permitted by law. The legal bases for our processing of Personal Information are primarily that the processing is necessary for providing the Service and that the processing is carried out in our legitimate interests, which are further explained in the “How do we use your Personal Information?” section. We may also process Personal Information upon your consent, asking for it as appropriate.
We may collect standard internet log information about how and when you use our Service. This information may include but, not be limited to, your IP address and location data, weblogs, time, date, browser used, referring web addresses, other communication data, searches conducted, and/or pages visited.
4. How do we use your Personal Information?
We identify the purposes for which we use your Personal Information at the time we collect such information from you and (if applicable) obtain your consent, in any case, prior to such use. We generally use your Personal Information for the following purposes (the “Purposes”):
- to provide you with the requested Services;
- to develop and maintain strong business relationships with customers, partners and potential customers and partners;
- to manage your use of the Service;
- to respond to questions, comments or concerns regarding Mighty NPO or the Service;
- to provide you with information about conferences and events;
- to allow for more meaningful and useful sales and marketing initiatives, for example, your physical location while using the Service may be used to provide you with personalized offers, rewards, and suggestions about new shops or other information in your area;
- to collect opinions and comments in regard to Mighty NPO’s and the Service’s operations;
- to perform demographic analysis for planning purposes (but only on an aggregate and anonymous basis);
- to recruit for positions at Mighty NPO and for other employment-related tasks;
- to investigate legal claims;
- such purposes for which Mighty NPO may obtain consent from time to time; and
- such other uses as may be permitted or required by applicable law.
5. To whom do we provide your Personal Information?
We identify to whom, and for what Purposes, we disclose your Personal Information, at the time we collect such information from you and (if applicable) obtain your consent to such disclosure.
We may disclose your Personal Information to third party service providers with whom we have a contractual agreement that includes appropriate privacy standards, where such third parties are assisting us with the Purposes – such as service providers that provide telephone support, data storage or processing, or hosting. When we disclose your Personal Information to third parties, we take reasonable measures to ensure that the rules set forth in this Privacy Statement are complied with and these third parties provide sufficient guarantees to implement appropriate technical and organizational measures.
Your Personal Information may be stored and processed in any country where we have facilities or in which we engage third-party service providers. By using the Service, you consent to the transfer of information to countries outside your country of residence, which may have different data protection rules than in your country. While such information is outside of Canada, it is subject to the laws of the country in which it is held and may be subject to disclosure to the governments, courts or law enforcement or regulatory agencies of such other country, pursuant to the laws of such country. However, our practices regarding your Personal Information will at all times continue to be governed by this Privacy Statement and, if applicable, we will comply with the GDPR requirements providing adequate protection for the transfer of Personal Information from the EU/EEA to a third country. For written information about our policies and practices regarding service providers outside of Canada, contact our Privacy Information Officer (see question 10 below).
6. When and how do we obtain your consent?
Under Canadian Privacy Laws, we generally obtain your consent prior to collecting, and in any case, prior to using or disclosing your Personal Information for any Purpose. You may provide your consent to us either orally, electronically or in writing. Under Canadian Privacy Laws, the form of consent that we seek, including whether it is express or implied, will largely depend on the sensitivity of the Personal Information and the reasonable expectations you might have in the circumstances.
7. How long will we utilize, disclose or retain your Personal Information?
We may keep a record of your Personal Information, correspondence or comments, in a file specific to you. We will utilize, disclose or retain your Personal Information for as long as necessary to fulfill the Purposes for which that Personal Information was collected and as permitted or required by law. If you would like further information regarding the periods for which your Personal Information will be kept, contact our Privacy Information Officer (see question 10 below).
8. What are your rights regarding your Personal Information?
On written request and subject to proof of identity, you may access the Personal Information that we hold, used or communicated and ask that any necessary corrections be made, where applicable, as authorized or required by law. However, to make sure that the Personal Information we maintain about you is accurate and up to date, please inform us immediately of any change in your Personal Information by mail or e-mail.
Under the GDPR, you may be entitled to additional rights, including: (i) the right to withdraw consent to processing where consent is the basis of processing; (ii) the right to access your Personal Information and certain other supplementary information, under certain conditions; (iii) the right to object to unlawful data processing, under certain conditions; (iv) the right to erasure of Personal Information about you, under certain conditions; (v) the right to demand that we restrict processing of your Personal Information, under certain conditions, if you believe we have exceeded the legitimate basis for processing, processing is no longer necessary, or believe your Personal Information is inaccurate; (vi) the right to data portability of your Personal Information that you provided us in a structured, commonly used, and machine-readable format, under certain conditions; (vii) the right to object to decisions being taken by automated means which produce legal effects concerning you or similarly significantly affect you, under certain conditions; and (viii) the right to lodge a complaint with data protection authorities. If you want to learn more about your rights under the GDPR, you can visit the European Commission’s page on Data Protection at: <http://ec.europa.eu/justice/data-protection/index_en.htm>. Please note that the term Personal Information used in this Privacy Statement is equivalent to the term “personal data” under the GDPR and other applicable European data protection laws.
The Service is not directed to children under the age of 16, and we do not knowingly collect Personal Information from children under the age of 16 without obtaining parental consent. If you are under 16 years of age, then please do not use or access the Service at any time or in any manner. If we learn that Personal Information has been collected on the Service from persons under 16 years of age and without verifiable parental consent, then we will take the appropriate steps to delete this information. If you are a parent or guardian and discover that your child under 16 years of age has provided Personal Information, then you may alert us as set forth in question 10 and request that we delete that child’s Personal Information from our systems.
9. What safeguards have we implemented to protect your Personal Information?
The only employees who are granted access to your Personal Information are those with a business ‘need-to-know’ or whose duties reasonably require such information. We have implemented physical, organizational, contractual and technological security measures to protect your Personal Information from loss or theft, unauthorized access, disclosure, copying, use or modification. However, no method of transmission over the Internet, or method of electronic storage, is 100% secure. We cannot ensure or warrant the security of any information you transmit to us or store on the Service, and you do so at your own risk. We also cannot guarantee that such information may not be accessed, disclosed, altered, or destroyed by breach of any of our physical, technical, or administrative safeguards. If you believe your Personal Information has been compromised, please contact us as set forth in question 10. If we learn of a security systems breach, we will inform you and the authorities of the occurrence of the breach in accordance with applicable law.
10. How do you contact us regarding access to your Personal Information or our privacy practices?
If you have any questions or comments about this Privacy Statement or your Personal Information, to make an access or correction request, to exercise any applicable rights, to make a complaint, or to obtain information about our policies and practices with respect to any service providers outside Canada, our Privacy Information Officer can be reached by mail or email using the following contact information:
Attn: Privacy Information Officer
Mighty NPO c/o Wow Digital Inc.
22 Cedar Springs Grove