We do not rent or sell your personal identifying information to other companies or individuals, unless you provide your consent. If your consent is provided, information may be shared in any of the following limited circumstances:
- We understand that we are required to have a good faith belief that access, preservation or disclosure of such information is reasonably necessary to protect the rights, property or safety of CauseConnect, its clients, or the public.
We may share aggregated information with others.
We take appropriate security measures to protect against unauthorized access to or unauthorized alteration, disclosure or destruction of data.
Data Protection Policy
Our data protection policy sets out our commitment to protecting client data and how we implement that commitment with regards to the collection and use of client data.
CauseConnect is committed to:
- Ensuring that we comply with the data protection principles, as listed below.
- Ensuring that data is collected and used fairly and lawfully.
- Processing client data only in order to meet our operational needs or fulfill legal and contractual requirements.
- Establishing appropriate retention periods for client data.
- Ensuring that data subjects’ rights can be appropriately exercised.
- Providing adequate security measures to protect client data.
- Ensuring that all staff members are made aware of standard practice for data protection.
- Ensuring that queries about data protection, internal and external to the organization, is dealt with effectively and promptly.
- Regularly reviewing data protection procedures and guidelines within the organization.
Our data protection principles:
- Client data shall be processed fairly and lawfully.
- Client data shall be obtained with the purpose of completing our contractual obligation to the client, and is not further processed in any manner incompatible with that purpose.
- Client data (processed or unprocessed) shall not be kept for longer than is necessary to complete our contractual obligation to the client. As such, all client data is deleted automatically by our internal data security system 90 days after the client’s project has been completed.
- Appropriate technical and organizational measures shall be taken against the unauthorized processing of client data, and against the accidental loss, destruction, or damage to client data. To this end, client data is stored on our servers and protected with 128-bit encryption. Each file is protected with a unique password, which is held only by staff assigned to the client’s project.