Privacy Policy
Our mission is to empower people and organizations everywhere on the planet to launch and promote campaigns they care about the most. We want to build the best possible service to show you relevant petitions that you can help win, and also protect your privacy and security online. Our Privacy Policy outlines how we obtain information from you and what we do with it.
1. Information we collect
When you sign or create a petition via our platform, we collect a few data and create and account.
All of your activities are then tied to this account. Below, we’ve detailed the information we may collect about you, depending on your activities on the platform.
Your name: we ask you to provide a chosen name when you create an account or start a petition.
Your email address: we ask you to provide an email address when you create an account or start a petition.
Your password: we ask you to enter a password when you create an account.
I.P. Address: An IP Address may be identified and logged automatically in our server log files whenever you use our platform and services, along with the time of your visit and the specific page(s) that you visited.
Your Postal Code: we ask you to provide a postal code when you sign a petition, just to make the petition signatures count more effective, because we are a global platform hosting geo-localized petitions.
Your Country: as mentioned above, we are a global platform hosting geo-localized petitions, so we ask you to provide your country when you sign a petition, just to make the petition signatures count more effective.
Information inferred about the issues you care about: As part of our efforts to connect people to causes that they care about the most, petitions you sign are categorized by our users or by us as particular cause areas. For example, a petition may be categorized in “human rights” or “health”. If you sign one petition categorized in a particular cause area, we may infer that you would be interested in other petitions categorized in the same way. We may also send you petitions that are relevant to your general geographic area.
Our services are not directed to people under the age of sixteen (16), and we do not knowingly collect personal information from them.
2. How we use your information
We may use your information for our legitimate business interests in providing a petition platform that enables people to connect with the causes they care about the most. Our legitimate business interests are explained below, alongside examples of how your information may be used for these purposes.
Providing the functionality of our platform. We engage in these activities to manage our contractual relationship with you.
To send administrative information to you, for example, information regarding our services and changes to our terms, conditions, and policies.
To ensure that our site function properly and is optimized for your computer or device and to store your preferences and settings.
To fulfill your specific requests through the platform. We engage in these activities to manage our contractual relationship with you.
To allow you to create petitions, sign petitions, and to follow their progress.
To allow you to send email messages that you choose to send to your email contacts through our platform, such as to share a petition. By using this feature, you guarantee that you have the right to use and provide us the names and email addresses you submit.
To facilitate the social sharing functionality that you choose to use, such as sharing content and petitions through the platform and other social media platforms like Facebook and Twitter.
Accomplishing our business purposes. We engage in these activities to manage our contractual relationship with you, to comply with a legal obligation, because we have a legitimate interest, and/or with your consent.
For data analysis, for example, to improve the efficiency of our services.
For audits, to verify that our internal processes function as intended and are compliant with legal, regulatory, or contractual requirements.
For fraud and security monitoring purposes, for example, to detect and prevent cyber-attacks or attempts to commit identity theft.
For developing new products, features and services.
For enhancing, improving or modifying our platform.
For identifying usage trends, for example, understanding which parts of our platform are of most interest to users.
For determining the effectiveness of campaigns.
For operating and expanding our business activities, for example, understanding which parts of our platform are of most interest to our users so we can focus our energies on meeting our users’ interests.
For legal compliance. In rare circumstances, we may have to use and disclose information we have about our users in order to exercise or protect legal rights or defend against legal claims under applicable law.
Analysis of personal information for business reporting and providing personalized services. We provide personalized services either with your consent or because we have a legitimate interest.
To personalize your experience by presenting petitions, campaigns and offers tailored to you based on information we have collected from you.
We may anonymize, de-identify and/or aggregate information and use such information to better understand and serve our users or for optimization of our marketing and targeting efforts. For example, we may compile statistics like the percentage of our users in a state or country who care about LGBT rights, or to analyze the performance of particular emails.
To share marketing communications that we believe may be of interest to you. We engage in this activity with your consent, or to manage our contractual relationship with you.
Communications related to petitions you’ve signed, other petitions that may be of interest, or petitions relevant to your location.
Editorial communications about specific issues or about Actionable.
Communications about contributions to causes for a specific petition.
To allow you to participate in events and similar promotions and to administer these activities. Some of these activities have additional rules, which could contain additional information about how we use and disclose information about you, so we suggest that you read these rules carefully.
Most marketing communications will be sent via email and sometimes via social media.
We might remind you about particular petitions, if you have have not completed starting or signing or joining.
We do not monitor, verify, or perform any background check on campaign starters, petition signers, or other users of Change.org.
3. Our business entities and service providers
Our suppliers, subcontractors and business partners (“service providers”): We may share information about you with our service providers who process information to provide services to us or on our behalf. We have contracts with our service providers that prohibit them from sharing the information about you that they collect or receive with anyone else or from using such information for other purposes.
4. Accessing or deleting your information
If you would like to request to review, correct, update, suppress, or delete personal information that has been previously provided to us by you, you may log in to your account, click on “Edit Profile” and update your profile information. You can also contact our Help Center via our contact form here and ask us to specify what personal information we have about you and to delete certain personal information about you from our records, or request to receive an electronic copy of your personal information for purposes of transmitting it to another company (to the extent this right to data portability is provided to you by applicable law). Please let us know what information you would like us to remove from our databases or otherwise let us know what limitations you would like to put on our use of your personal information. For your protection, we may only implement requests with respect to the personal information associated with the particular email address that you use to send us your request, and we may need to verify your identity before implementing your request. We will respond to your requests consistent with applicable law, and we will try to comply with your request as soon as reasonably practicable. Please note that we may need to retain certain information for record keeping purposes and/or to complete any transactions that you began prior to your request. There may also be residual information that will remain within our databases and other records, but such residual information will no longer be tied to your identity. For example, if you created a petition, we will have records that other Change.org users signed your petition. If you subsequently ask us to delete your information from our platform and databases, information related to those other users’ signatures cannot be removed and will remain in our records.
5. Data retention & security
We seek to use reasonable organizational, technical, and administrative measures to protect your personal information within our organization from loss, misuse, unauthorized access or disclosure, alteration and/or destruction. Unfortunately, no data transmission or storage system can be guaranteed to be 100% secure. If you have reason to believe that your interaction with us is no longer secure (for example, if you feel that the security of any account you might have with us has been compromised), please immediately notify our Data Protection Team using the contact details listed at the end of this Privacy Policy.
We will retain your Personal Information for as long as needed or permitted in light of the purposes for which it was obtained. The criteria used to determine our retention periods include the length of time we have an ongoing relationship with you and provide our services to you, our legal obligations or whether retention is advisable in light of our legal position (such as in regard to applicable statutes of limitations, litigation or regulatory investigations).
6. Cross-border transfers
Your personal information may be stored and processed in any country where we have facilities or in which we engage service providers, and by using the platform you consent to the transfer of your personal information to countries outside of your country of residence, including the United States, which may have different data protection rules from those of your country. In certain circumstances, courts, law enforcement agencies, regulatory agencies, or security authorities in those other countries may be entitled to access your personal information.
Some of the non-European Economic Area (“EEA”) countries are recognized by the European Commission as providing an adequate level of data protection according to EEA standards, and the full list of these countries is available here. For transfers from the EEA to countries not considered adequate by the European Commission, we have put in place adequate measures, such as standard contractual clauses adopted by the European Commission to protect your personal information. You may obtain a copy of these measures by contacting our Data Protection Team using the contact details listed at the end of this Privacy Policy.
7. Third-Party Services
We’re not responsible for the privacy practices of third parties linked to from our Platform.
This Privacy Policy does not address, and we are not responsible for, the privacy, information, or other practices of any third parties, including any third party operating any site or service to which our services link. Our inclusion of a link on our services does not imply our endorsement of the linked site or service.
8. Policy updates & contacting us
This policy may change over time. We’ve included here our contact information, but the best way to get in touch with us is through our Contact Us Page.
We may change this Privacy Policy. The “Effective Date” legend at the bottom of this Privacy Policy indicates when it was last revised. Any changes will become effective when we post the revised Privacy Policy on our platform.
We welcome questions, concerns, and feedback about this policy. If you have any suggestions for us, feel free to let us know by contacting us here.
You can contact us for any data deletion or access requests.
Miscellaneous
Comments
When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.
An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.
Media
If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.
Cookies
If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.
Embedded content from other websites
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.
Cookie Policy
You can find a detail of our Cookie Policy here.
Effective date: 07/04/2020
This platform is a property of :
Giorgio Marandola – Consulenza e Formazione.
Via Emilio Gino Segrè 4, 27012, Certosa di Pavia (PV) – Italy.
VAT – 14806071008