The SecDev Foundation (“The Foundation”) takes data security and privacy seriously; it’s core to our mission. We commit to collect, use, and disclose personal information in compliance with applicable laws and in such a manner that a reasonable person would consider appropriate in the circumstances.
Express Consent: Is given explicitly, either orally, in writing, or through a specific online action, such as clicking on “I agree”.
Implied Consent: Reasonably inferred consent from the action or inaction of the individual.
Personal Information: Includes any factual or subjective information, recorded or not, about an identifiable individual.
The Foundation stores and maintains personal information in conformity with the principles of PIPEDA, GDPR, and CASL. These principles are as follows:
2. Identifying Purposes
The Foundation will identify the purposes for which it collects personal information at or before the time the information is collected from individuals. The Foundation may choose to identify such purposes orally or in writing. Written notification will be used whenever practical to do so. Common purposes for collection may include, but are not limited to:
- Administration of Foundation websites:
- Cookie use (see definition)
- Email addresses (only collected via our contact form)
- Embedded content (see definition)
- Website statistics: We collect the date, time and length of your visit, browser identification and IP address for internal use and analysis of website traffic. This information is anonymized and used for statistical analysis only. Otherwise, the Foundation does not collect IP addresses and associated hostnames except for specific purposes of security and fraud prevention.
- Administration of Foundation newsletters:
- The Foundation collects emails for an opt-in subscription newsletter. In accordance with Canada’s Anti-Spam Legislation, a trusted third-party mailing service is used with a simplified opt-out option at the bottom of every email. Email addresses are never shared externally.
- Operating, monitoring, and improving our programs.
- Communicating with beneficiaries to provide updates on our programs and ask for feedback.
The Foundation will obtain the appropriate consent from individuals for the collection, use, or disclosure of their personal information, except where the law provides an exemption. We don’t collect your information without your permission and we won’t ever use your information without your permission.
4. Limiting Collection
Any personal information that the Foundation collects will be limited to that which is necessary for the purposes the Foundation has identified. The Foundation will only collect personal information for specific, legitimate purposes/interests, and will not collect personal information indiscriminately. The Foundation will only collect information by fair and lawful means and not by misleading or deceiving individuals about the purpose for which information is being collected.
5. Limiting Use, Disclosure, and Retention
The Foundation does not use personal information for purposes other than those for which it was originally collected unless consent is obtained prior to that. Personal information is retained only for as long as it is needed and for the fulfillment of the purposes for which it was originally collected. This may include retaining personal information for a set length of time in fulfillment of contractual, grant, or legal responsibilities. We never sell or rent your information.
The Foundation is committed to maintaining accurate, complete and up-to-date personal information.
The Foundation will safeguard personal information under its control in a manner that is appropriate to the sensitivity of the information. Personal information, regardless of the format in which it is held, will be safeguarded against loss or theft, and against unauthorized access, disclosure, copying, use, or modification. The Foundation takes this seriously and uses best practices in digital and physical data security measures.
The Foundation will make readily available to individuals specific information about the policies and procedures relating to the management of personal information which is under the Foundation’s control. Any data breach will be reported to the appropriate authorities and any personal data breach will be communicated to the data subject.
9. Individual Access
Individuals can request access to their personal information held by the Foundation. For security purposes the Foundation reserves the right to confirm the identity of the person seeking access to personal information before complying with any access requests. If you want to access your information or ask us to delete personal information about you that we have stored in our systems, please write to [email protected].
If you feel that this site is not following its stated user policy, you may contact [email protected].