Privacy Policy

The SecDev Foundation (“The Foundation”) takes data security and privacy seriously; it’s core to our mission. We commit to collect, use, and disclose personal information in compliance with applicable laws and in such a manner that a reasonable person would consider appropriate in the circumstances.

Definitions

Cookies: tiny text files stored on an individual’s computer, containing information that is used to help make sites work. Only the Foundation can access the cookies created by the Foundation’s website. Users can control and remove their cookies at the browser level. The Foundation uses cookies and/or similar technologies to analyze visitor behaviour, administer the website, track users’ movements, and to collect non-personally-identifying information about users. This is done in order to better understand how The SecDev Foundation’s visitors use its website.

Embedded Content: Articles on a site may include embedded content (e.g. videos and images). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website. These websites may collect data about the user, use cookies, embed additional third-party tracking, and monitor the user’s interaction with that embedded content, including tracing the user’s interaction with the embedded content if they have an account and are logged in to that website.

Express Consent: Is given explicitly, either orally, in writing, or through a specific online action, such as clicking on “I agree”.

Implied Consent: Reasonably inferred consent from the action or inaction of the individual.

Personal Information: Includes any factual or subjective information, recorded or not, about an identifiable individual.

Privacy Principles

The Foundation stores and maintains personal information in conformity with the principles of PIPEDA, GDPR, and CASL. These principles are as follows:

1. Accountability

The Foundation takes responsibility for all personal information under its control. An individual has been designated to be responsible for the day-to-day care and control of personal information, in compliance with the terms of this Privacy Policy (the “Privacy Officer”), who can be contacted through the following email: [email protected].

2. Identifying Purposes

The Foundation will identify the purposes for which it collects personal information at or before the time the information is collected from individuals. The Foundation may choose to identify such purposes orally or in writing. Written notification will be used whenever practical to do so. Common purposes for collection may include, but are not limited to:

  • Administration of Foundation websites:
    • Cookie use (see definition)
    • Email addresses (only collected via our contact form)
    • Embedded content (see definition)
    • Website statistics: We collect the date, time and length of your visit, browser identification and IP address for internal use and analysis of website traffic. This information is anonymized and used for statistical analysis only. Otherwise, the Foundation does not collect IP addresses and associated hostnames except for specific purposes of security and fraud prevention.
  • Administration of Foundation newsletters:
    • The Foundation collects emails for an opt-in subscription newsletter. In accordance with Canada’s Anti-Spam Legislation, a trusted third-party mailing service is used with a simplified opt-out option at the bottom of every email. Email addresses are never shared externally.
  • Operating, monitoring, and improving our programs.
  • Communicating with beneficiaries to provide updates on our programs and ask for feedback.

3. Consent

The Foundation will obtain the appropriate consent from individuals for the collection, use, or disclosure of their personal information, except where the law provides an exemption. We don’t collect your information without your permission and we won’t ever use your information without your permission.

4. Limiting Collection

Any personal information that the Foundation collects will be limited to that which is necessary for the purposes the Foundation has identified. The Foundation will only collect personal information for specific, legitimate purposes/interests, and will not collect personal information indiscriminately. The Foundation will only collect information by fair and lawful means and not by misleading or deceiving individuals about the purpose for which information is being collected.

5. Limiting Use, Disclosure, and Retention

The Foundation does not use personal information for purposes other than those for which it was originally collected unless consent is obtained prior to that. Personal information is retained only for as long as it is needed and for the fulfillment of the purposes for which it was originally collected. This may include retaining personal information for a set length of time in fulfillment of contractual, grant, or legal responsibilities. We never sell or rent your information.

6. Accuracy

The Foundation is committed to maintaining accurate, complete and up-to-date personal information.

7. Safeguards

The Foundation will safeguard personal information under its control in a manner that is appropriate to the sensitivity of the information. Personal information, regardless of the format in which it is held, will be safeguarded against loss or theft, and against unauthorized access, disclosure, copying, use, or modification. The Foundation takes this seriously and uses best practices in digital and physical data security measures.

8. Openness

The Foundation will make readily available to individuals specific information about the policies and procedures relating to the management of personal information which is under the Foundation’s control. Any data breach will be reported to the appropriate authorities and any personal data breach will be communicated to the data subject.

9. Individual Access

Individuals can request access to their personal information held by the Foundation. For security purposes the Foundation reserves the right to confirm the identity of the person seeking access to personal information before complying with any access requests. If you want to access your information or ask us to delete personal information about you that we have stored in our systems, please write to [email protected].

If you feel that this site is not following its stated user policy, you may contact [email protected].