Plastic Bank Foundation (Canada) is committed to fully complying with the EU’s General Data Protection Regulation (GDPR).
Plastic Bank Foundation (Canada) is committed to full compliance with the EU’s General Data Protection Regulation (GDPR) in all aspects of business. Plastic Bank Foundation (Canada) operates with Data Protection by Design and by Default as a philosophy while maintaining a robust GDPR compliance system and internal data security auditing process.
- Lawfulness, fairness, and transparency
- Purpose limitation
- Data minimization
- Storage limitations
- Integrity and confidentiality
- Plastic Bank Foundation (Canada) only uses physical opt-in, consent-based data capture for legitimate business reasons.
- We maintain a robust GDPR compliance system and an internal auditing process. The proper GDPR policies and documentation are in place along with the proper GDPR security and data protection measures. This includes state-of-the-art blockchain encryption, Hyperledger Fabric smart contracts, IBM server and multi-cloud storage, and a custom-designed resilience system with multiple servers on multiple continents.
- Age of consent is appropriately verified through special tools built into our website and application that automatically adjust the required age based on each user's country. Our school programs utilize in-app, family accounts, with the consent of a parental guardian.
- We utilize Data Protection Impact Assessments and Legitimate Interest Assessments to document the risk mitigation steps and reasonings to compliantly collect, store, and utilize data.
- We maintain an updated GDPR compliant cookie protocol only used to optimize the user experience of new and returning visitors to our website.
- We have a storage limitation and retention period policy to anonymize data after 5 years since the last date of user activity or upon request from a discontinued user.
Shaun Frankson, has been appointed as our Data Protection Officer, to proactively oversee Plastic Bank Foundation (Canada)’s GDPR compliance. We utilize a GDPR committee consisting of Shaun Frankson, as well as other invited internal and external guests, to conduct an annual GDPR audit with quarterly GDPR compliance update meetings.
- An Updated Data Privacy Agreement accessible through all data collection points
- Official GDPR Policy
- GDPR Compliance Audit Logs
- Historical Data Privacy Archives
- Updated Cookies Policy
- Data Flow Chart
- Data Asset Registry
- GDPR Meeting Tracker
- Data Security Strategy
- Data Protection by Design Outline
- Age of Consent List and System Tracker
- PIPEDA Breach Reporting Criteria
- (DPO) Data Protection Officer Responsibilities
- Legitimate Interest Assessment Forms
- Data Protection Impact Assessment Forms
- Data Subject Access Request Log
- Data Processor Compliance Agreement
This policy explains how our organization uses and protects the personal data we collect from you when you use our website.
Plastic Bank Foundation (Canada) is a registered charity in Canada.
We only collect data submitted through our contact form and data transmitted through donations made with Charitable Impact, CHIMP Foundation, and PayPal.
You directly provide us with most of the data we collect. We collect and process data when you:
- Make a donation with Charitable Impact, CHIMP Foundation, or PayPal
- Submit an inquiry through our contact form
- Use or view our website via your browser's cookies
We use your data for two main purposes: Within our website platform, to email subscribed users with updates, localize the information you see, and to improve your user experience. When processing your donation, we may also use the resulting information form and send your data to credit reference agencies to prevent fraudulent donations.
We would like to send you information about products and services of ours that we think you might like. If you have agreed to receive marketing communications, you may always opt-out at a later date. You have the right to - at any time - stop us from contacting you for marketing purposes or giving your data to other members of our company group.
We would like to make sure you are fully aware of all of your data protection rights. Every user is entitled to the following:
- The right to access - You have the right to request us for copies of your personal data. We may charge you a small fee for this service.
- The right to rectification - You have the right to request that we correct any information you believe is either inaccurate or incorrect.
To improve your user experience on this site, occasionally we will place small data files called cookies on your device.
Cookies are small data files that we occasionally save to your device when you visit our website. It allows us to remember your actions and preferences (such as login, language, font size and other display preferences, etc.) over a period of time so you don't have to re-enter them whenever you visit or traverse our site.
The cookie-related information is not used to identify you and the pattern data is under our complete control. These cookies are not used for any purpose other than those described herein.
- Whether or not you have replied to a survey pop-up that asks you about the helpfulness of a page's content
Cookies are also stored within Google Analytics so we can monitor how our message is spreading. Enabling these cookies is not strictly necessary for the site to function, however, it will provide you with an improved browsing experience. You are able to delete or block these cookies at any time, but some features may not work as intended.
You can control and/or delete any cookies at any time. For more details, please refer to aboutcookies.org. You can delete any cookies already on your device, as well as prevent sites from placing them within your browser settings. If you choose to do this, you may have to manually adjust some preferences every time you visit a site and some services or functions may not work as intended.