Global Citizen (the "Platform") is a platform run by Global Poverty Project, Inc. d/b/a Global Citizen ("GC", “we”, or “us”). We take privacy and data protection issues seriously.
By accessing and using the Platform, you agree that you have read and understand this Policy and you accept and consent to the privacy practices (and any uses and disclosures of information) that are described in this Policy.
This policy sets out GC’s personal information management practices. It covers the following areas:
- application of policy;
- personal information collected;
- your rights
- use and disclosure of personal information;
- use of the Platform;
- accessing and updating personal information;
- security of personal information;
- data tracking;
- external links;
- contact details.
Application of Policy
This policy applies to all our personnel, including volunteers and other individuals with whom we do business.
Responsibilities of Personnel
It is the responsibility of all personnel to:
- be familiar with this policy; and
- comply with this policy.
Personal Information Collected
GC only collects personal information that is necessary for the Platform's functions and activities. This includes personal information collected when you sign up for the Platform via third party websites. This information will only be collected with the consent of the individual or otherwise in accordance with the law.
As with many other websites, the web servers used to operate the Platform may collect certain non-personal data pertaining to users of the Platform and the equipment and communications method that they use to access the Internet and the Platform. Without combining this data with other sources of information, they do not readily or personally identify individuals. They may reveal such things as the Internet protocol ("IP") address assigned to an individual's computer, specific pages that an individual accessed on the Platform or immediately prior to visiting the Platform, and the length of time spent in a visit to the Platform. The purposes for which this information is collected and used include facilitating Platform operation and system administration, the generating of aggregate, non-identifiable statistical information, monitoring and analyzing Platform traffic and usage patterns, and improving the content and content delivery with regard to the Platform and the content, materials, opportunities, and services that we describe or make available on the Platform.
You may receive regular updates from GC on actions to take. If at any time you would like to unsubscribe from our email list, you may do so by clicking the unsubscribe link in the email.
We may also use "cookies" (small text files stored on users' computers) to help track and customize access and use of the Platform. Cookies store and retain information that helps us recognize individuals when they return to the Platform following a previous visit. Most popular Internet browser packages allow one to configure the browser so as not to accept cookies. However, setting your browser to reject cookies may, in certain instances, prevent you from taking full advantage of the Platform and the materials, products, and services that we make available on the Platform.
Your rights and preferences
In line with the European Union’s General Data Protection Regulation ("GDPR"), GDPR gives certain rights to individuals in relation to their personal data and as we have made available a number of tools for you to exercise these rights. As available and except as limited under applicable law, the rights afforded to individuals are:
- Right of Access - the right to be informed of and request access to the personal data we process about you;
- Right to Rectification - the right to request that we amend or update your personal data where it is inaccurate or incomplete;
- Right to Erasure - the right to request that we delete your personal data (commonly know as the "Right to be Forgotten");
- Right to Restrict - the right to request that we temporarily or permanently stop processing all or some of your personal data;
- Right to Object - the right to object to your personal data being processed for direct marketing purposes;
- Right to Data Portability - the right to request a copy of your personal data in electronic format and the right to transmit that personal data for use in another party’s service; and
- Right not to be subject to Automated Decision-making - the right to not be subject to a decision based solely on automated decision making, including profiling, where the decision would have a legal effect on you or produce a similarly significant effect.
You are able to exercise your rights through your account settings page when logged in to the site which gives you options to update your personal information, contact preferences, data processing preferences and to suspend your account. You can request a copy of your data by emailing us at email@example.com.
Storage and processing of your personal data
The data that we collect from you may be transferred to, and stored at, a destination outside the European Economic Area (”EEA”), the country in which you reside, or the country from which you are accessing the Platform. We take reasonable steps to ensure that cross-border data transfers comply with existing data protection laws, such as working with third party processors certified in the EU-US Privacy Shield framework or with those that use standard contractual clauses that bind parties to protect the privacy and security of data.
Use and Disclosure of Personal Information
We will generally use and disclose personal information for purposes related to the main purpose for which the information was collected, or where the individual has consented to the use or disclosure. We may also use personal information to send you email communications promoting messages, content or actions on behalf of other organizations. These emails will always come from the Platform's email address. In addition, we may disclose personal information to third party service providers who assist us in providing our services. These may include companies which assist with data processing and analysis, research, mail services or maintenance. These third parties may also include organizations that cross-check the information you provide to us with information about you in other databases, which we will include in our records. We obtain this data with assurance from these providers that you have consented to the collecting and sharing of this data. We do not actively collect sensitive personal data such as medical data.
Personal information will only be disclosed to those third party service providers on a confidential basis so that the service provider can effectively provide those services.
In addition, with your explicit permission, we pass along certain of your information to the following groups:
- World leaders, news publications and other targets when you choose to use our email tool to send them messages.
- World leaders, news publications, and the general public when you sign petitions or complete surveys.
Under circumstances where we determine that members may be misusing our systems for malicious purposes (for example, using the numbers we provide to make harassing phone calls), such activities may be reported to law enforcement agencies. In such cases, we may release personally identifiable information, including name and address, to those agencies.
We may transfer your personal information to a third party if we or any of our company affiliates are involved in a corporate restructuring (e.g., a sale, merger, or other transfer of assets).
For India Residents Only: We may share your personal information with our partners operating in India for purposes aligned with the purposes for which the information was originally collected by us and such partners may contact you from time to time in connection with said purposes.
Disclosure When Required by Law
We may otherwise use or disclose personal information where required or authorized by law, which may include emergency situations and assisting law enforcement agencies.
Disclosure to Partner NGOs
From time to time we will feature actions including, but not limited to petitions and email campaigns, supplied by partner organizations on the Platform. These actions may be subject to data sharing agreements between us and these partner organizations. Where such agreements are in place, this will be clearly noted on the pages associated with the action. You will be provided with an express opt-in before we share your information with the partner organization(s). You acknowledge that GC has no control over the content, frequency and/or any other aspect of such communications.
From time to time we will feature rewards, supplied by partner organizations on the Platform. These actions may be subject to data sharing agreements between us and these partner organizations. Where such agreements are in place, this will be clearly noted on the pages associated with the reward and at the point of entry. By entering the reward, you are agreeing to further contact from the partner organization(s) associated with that reward. You acknowledge that GC has no control over the content, frequency and/or any other aspect of such communications.
Access to Database/Mailing Lists
We will not allow access to our database or mailing lists to any organization or individual, except as expressly permitted by the user. However, if the material another organization or individual wishes to circulate through our database aligns with our core values and is within the use anticipated by those on the mailing list, we will take responsibility for the circulation and will ask that the organization/individual provide us with a letter explaining their request.
Credit Card Security
On the Platform, GC may use PayPal or another third party to process and accept transactions. We do not store any credit card information.
PayPal adheres to international PCI (payment card industry) compliance standards for data security. Payment Card Industry Data Security Standard (PCI DSS) is a set of 12 requirements that all businesses who handle credit or debit card payments must comply with. The PCI Security Standards require all merchants, regardless of size or number of transactions, who accept, store, transmit or process any cardholder data to comply with PCI DSS. You can find out more about PCI here. PayPal's PCI Compliance can be validated here.
Petitions and Surveys
For petitions and surveys you've signed or completed, we treat your name, city, state, and comments as public information—for example, we may provide compilations of petitions, with your comments, to world leaders and other targets, or to the press. We will not make your street address publicly available, but we may transmit it to the designated target as part of a petition. This is a standard industry practice in such situations. In no such case will we disclose your email address or phone number, without your permission. We may also make your comments, along with your first name, city and state available to the press and public online. We are not responsible for the content of use of your email address by campaign targets.
Sending Emails via the Platform
In certain cases, we enable you to send individual e-mails to world leaders as well as Letters-to-the-Editor to various news publications, through our website. These messages are sent in your name, with your e-mail address as the return address and your full name and contact information is provided as part of the submission. These messages will only be sent out under your name as you approve them on an individual basis using our email tool. You are solely responsible for the specific message(s) you send using our email tool. We take no responsibility for the content of use of your email address by campaign targets.
Accessing and Updating Your Personal Information
We take reasonable steps to make sure that the personal information collected, used and disclosed is accurate, complete and up-to-date. Individuals who need to access or correct any personal information held by us about them are asked to send a request to firstname.lastname@example.org. As much detail as possible should be provided by the individual about the particular information sought, in order to enable us to retrieve it. In certain circumstances, we may not be required by law to provide the individual with access to, or to correct, personal information. If this is the case, reasons will be given for that decision.
Security of Personal Information
We take reasonable steps to protect all of the personal information GC holds from misuse and loss and from unauthorized access, modification or disclosure. This protection applies in relation to information stored in both electronic and hard copy form.
We use firewalls and other industry standard security technology, as well as industry standard security practices, to protect personal and confidential information that we receive and to prevent that information from being accessed by unauthorized persons. For example, we work to protect the security of information submitted through the Platform during transmission by using Secure Sockets Layer (SSL) software, which encrypts information. The information that you submit through the Platform is gathered on computers, and stored in a data center, protected by industry standard security practices. The number of employees that have physical access to our data center, and to the computer on which personal information is stored, is limited.
Unfortunately, no data transmission over the Internet can be guaranteed to be 100% secure. As a result, while we strive to protect your personal information, we cannot ensure or warrant the security of any information you transmit to us, and you do so at your own risk. Once we receive your transmission, we make our best effort to ensure its security on our systems.
URLs contained in emails may contain an ID that enables us to correctly identify the person who takes an action using a web page. We use these URLs to simplify the process of signing petitions and filling out surveys. We may occasionally present a shortened URL that references a longer URL which contains an ID—we do this to simplify the display, to prevent links from becoming broken when copied, and to ensure compatibility with email programs which do not handle long URLs. When a shortened URL is displayed in an email, you will see the full URL in the browser's address bar when you access the page.
Links to Other Websites
We may revise or amend this policy at any time at our sole discretion. If we make any substantive changes in the way we collect or use personally identifying information provided by users, we will post a prominent announcement on the Platform's home page and post the changes on this page. We will never change our policies and practices to make them less protective of user information collected prior to the effective date of any changes without the consent of affected users. We encourage users to visit this page periodically to review our current policy.
If you have any questions about this privacy statement, your personal information, or the practices of the Platform, you can contact us via email at email@example.com or by writing to us at
New York, NY 10012
Global Poverty Project, Inc. is the data controller for the purposes of the personal data processed under this Policy.