Approved by the Board of Directors on October 3, 2023
Centraide Richelieu-Yamaska (“Centraide”) respects and protects your privacy. The information you share with us is kept securely and is not sold or disclosed to third parties, except as provided by this policy. By using our digital applications (as defined below), you consent to the use and processing of your Data (as defined below) in accordance with this policy.
This Privacy Policy (“Policy”) outlines how Centraide collects, stores, uses, protects, and transfers Personal Information and Confidential Information. This Policy also provides information about our use of cookies and similar tracking technologies.
This Policy applies both to our digital applications and services offered.
Centraide ensures that all necessary measures are implemented to protect the confidentiality and security of the transmitted Personal Information and Confidential Information, including limiting access to the Data only to authorized personnel who need it. Human, organizational, and technological measures are used.
The organization acknowledges the confidential nature of the Data and commits to taking all reasonable measures to protect its confidentiality.
The organization recognizes the confidential nature of the Data and is committed to taking all reasonable measures to protect its confidentiality.
Information that relates to and identifies an individual, directly or indirectly. This may include, but is not limited to, their name, mailing address, email address, banking information, and phone number.
Information related to a person or entity (e.g., a business or organization) that the owner or a reasonable person in similar circumstances would consider confidential. This may include financial, commercial, or strategic information, such as financial statements and projections.
An online service provided by Centraide, such as the website (https://www.centraidery.org/), online donation form, event participation form, digital products like Clicdon, social media, newsletters, emails, or any other digital medium.
A person using a digital application or service.
A digital application used to manage fundraising campaigns and collect donations.
Collectively refers to Personal Information and Confidential Information.
Data is collected in various ways, including when a User uses a Centraide Digital Application, communicates with Centraide by phone, by mail, or through paper forms. Centraide only collects the Personal Information necessary to provide you with its services and to allow you to interact with them. Whenever possible, required fields and optional fields are indicated.
Depending on the activity, Centraide may collect and retain the following Data.
1 As of September 15, 2023, gender is no longer collected but retained.
When making a donation in the form of stocks, the following information is collected and retained: broker, brokerage account number, and number of shares.
When making a monthly donation by check, a check specimen is required.
When making a donation by credit card, the following information is collected:
Name on the credit card, Credit card number, CVC code and Expiration date.
When making an online donation by credit card (either one-time or monthly), Centraide does not have access to credit card numbers and does not store them on its servers. The payment is handled by recognized third-party providers. In the case of a credit card donation, the digital application does not store sensitive credit card information. You can refer to section 4.5 of this Policy for more details on the protection of your Data processed by third parties.
Clicdon stores additional information related to the User’s workplace:
This information is necessary for the functioning of the digital application.
Some Users must use a password to log in to Clicdon. This information is stored and used to provide secure access to your account.
With the User’s consent, additional Personal Information may be collected and stored, such as communication preferences and interests. Information regarding the source of the Data (e.g., participation in an activity) may also be collected and stored for analysis purposes.
Certain technical information is collected when using a digital application. This information includes, but is not limited to: device, operating system, browser, IP address, geolocation, browsing behavior (pages viewed, interactions, etc.), links clicked, referring source (domain name from which the link to the digital application was established), form data and downloads, duration of visits, and other data; all through cookies or similar technologies (such as web beacons, invisible pixels, mobile device identifiers, and tracking URLs). Third parties may also collect this data on our behalf. This information allows us to measure and improve the digital applications.
Digital communications sent by Centraide (emails, newsletters, etc.) may contain web beacons, invisible pixels, and URLs that track interactions for measurement and improvement purposes. When using Clicdon, interaction in digital communications is associated with the user.
Cookies allow for the storage of certain information related to the use of a digital application. By remembering the user’s interests and preferences, for example, cookies help Centraide improve its digital applications and enhance the customer experience. Other cookies are used to assess the performance of our digital applications, improve and enrich their content, evaluate the performance of our advertisements, and monitor and analyze User activity to better understand their interests and needs, offering a more personalized experience.
Cookies are also required for security or technical reasons to ensure the proper functioning of the digital applications. They cannot be used to extract Personal Information.
Modern browsers allow the deletion or blocking of cookies. Users who refuse cookies may still access the digital applications, but some services may not function properly.
To reconnect with Users who have already visited or interacted with a Centraide digital application, a “remarketing” strategy, offered by third parties, may be used. This strategy targets Users with new advertising based on their previous actions. This strategy is made possible through a cookie placed in the User’s browser or via invisible pixels.
Centraide may use technologies that allow for User identification and profiling, particularly for “remarketing” and tracking interactions with the digital applications described above. However, these technologies are not activated by default, and we will inform you on how to enable them.
The information is used for the following purposes:
Your Personal Information may also be used for other purposes by Centraide with your consent, or as permitted by law.
Centraide shares Personal Information with third-party service providers (such as credit card processors, hosting partners, marketing companies, and other technology service providers) to the extent that they need it to provide the hardware, software, networking, storage, and other services necessary to operate the service and maintain a high-quality user experience. Apart from the aforementioned uses, Centraide does not sell or share the information collected with third parties.
In all situations where Centraide discloses Personal Information to third parties, service providers, or others, Centraide requires the recipient to protect and use the Personal Information only in accordance with this Policy. Without limiting the generality of the foregoing, Centraide will impose contractual obligations on these third parties to ensure that your Personal Information receives the same level of protection as provided by this Policy. Centraide does not allow its service providers to use Personal Information for marketing purposes unless required by Centraide.
As mentioned in section 4.3, third-party analysis tools are used to measure traffic, usage trends of the digital applications, and for marketing purposes. These tools collect the information sent by the User’s browser during the use of Centraide’s digital applications.
| Name | Use | Country | Personal data |
|---|---|---|---|
|
Microsoft 365 |
Emails, office suite |
Canada |
Contact information |
|
Microsoft Azure |
Cloud infrastructure |
Canada |
Contact information |
|
Prodon |
Processing of donations |
Canada |
Contact and payment information (no credit card) |
|
Simple accountant |
Processing of donations |
Canada |
Contact and payment information (no credit card) |
|
Moneris2 |
Processing credit card donations |
Canada |
Payment information |
|
Api2PDF3 |
Generation of tax receipts |
United states |
Contact information |
|
Stackify4 |
Event logs |
United states |
Technical information |
|
Sendgrid5 |
Customer communication |
United states |
Contact information |
|
HotJar6 |
User behavior analysis |
United states |
Technical information |
|
Paysafe |
Processing credit card donations |
United states |
Payment information |
|
Global Payments |
Processing credit card donations |
United states |
Payment information |
|
MailChimp |
Customer communication |
United states |
Contact information |
|
Group Health |
Centraide employee information |
Canada |
Contact and banking information |
|
Google Analytics |
User behavior analysis |
United states |
Technical information |
2 Clicdon Digital Application Only
3 Personal information is transmitted for the purpose of generating receipts and then immediately destroyed (Clicdon Digital Application Only)
4 No personal information is transmitted (Clicdon Digital Application Only)
5 Except for the first name and previous donation amount, if applicable, no personal information is transmitted. Anonymous technical information is collected.
6 Clicdon Digital Application Only
We implement appropriate physical, technical, and organizational measures to protect your Data from accidental or unlawful destruction, loss, alteration, or damage, including the use of firewalls and encryption technologies. All personal or confidential information we collect is stored on our secure servers or on the secure servers of third-party providers. The Data collected, both digitally and physically (on a paper form, for example), is kept in secure environments. Multi-factor authentication is activated, where offered, in the various digital applications.
All electronic transactions conducted through our digital applications are protected by SSL encryption technology.
If we need to transfer your Personal Information outside of Quebec, we will do so in accordance with applicable laws and will ensure that our service providers outside of Quebec do the same.
We will also establish contractual clauses to ensure the protection of personal information. By using our digital applications, you consent to such a transfer of your Personal Information, where applicable.
Centraide takes reasonable steps to ensure that only employees who genuinely need access to your Data can do so.
Centraide employees, volunteers, collaborators, and agents are required to respect the confidentiality of Data and comply with the internal policy on the use of information technologies.
The devices used by employees are protected. Security and access management measures are implemented so that only those who need access to the information for their role can do so. Regular monitoring of access management is conducted.
In accordance with the law, the User may request that their Personal Information be corrected, destroyed, or no longer used, unless there are legal obligations, or to obtain a copy. They may also withdraw their consent to the collection and use of their Personal Information. If this is your case, Centraide will inform you of the impact your decision may have on your use of the digital applications. Before responding to your request, Centraide may also ask for information to identify you.
Centraide retains the Personal Information collected for the time reasonably necessary to fulfill the purpose for which it was collected or to comply with legal requirements. After this period, it is destroyed in accordance with legal requirements.
For electronic marketing or promotional communications, the user can unsubscribe by using the unsubscribe link in the communications or by contacting Centraide.
The User must ensure that the equipment used to receive or transmit Data to/from Centraide is secure. Centraide cannot be held responsible for unauthorized access to Data resulting from a vulnerability or negligence on the User’s equipment.
The User has a role to play in protecting their Data. The User is responsible for protecting their username and password, if applicable. This information can be used to access, for example, Clicdon. If the User believes their password has been compromised, it is their responsibility to change it and notify Centraide as soon as possible.
Centraide’s digital applications may contain links to other sites and content. Centraide is not responsible for their content and cannot be held liable for any damages, of any kind, resulting from browsing and using these sites.
This Policy is reviewed periodically and submitted to Centraide’s Board of Directors. By continuing to provide your Data and use Centraide’s digital applications after a modification to the Policy, you agree to the updated terms.
The Executive Director of Centraide is responsible for implementing this Policy, and the Board of Directors delegates the authority to take any necessary actions to ensure compliance. The Executive Director may be assisted by any member of Centraide’s staff as needed.
For any questions, concerns, or complaints regarding the application of this Policy and the handling of your Data, please contact the Privacy Officer:
Caroline Lippé
Executive Director
450 773-6679 poste 212
Email: caroline.lippe@centraidery.org
