We may have a lot of lawyers on our staff, but that doesn’t mean you need to go to law school to understand what we do with the personal data we collect on our website. Here are the details, in plain English.
Does ERI send spam?
No! We make every effort to comply with the U.S. CAN-SPAM Act of 2003 and anti-spam regulations in other countries. Perhaps more importantly, we strictly observe the following best practices regarding collection of email addresses:
- We never buy or sell email addresses or other contact information.
- Our mailing list is opt-in only and we honor all opt-out and unsubscribe requests.
- The only time we will share your email address with another organization is if you participated in an e-advocacy action (such as a petition) which was co-organized with that other organization AND if we had clearly advertised that your information would be shared with our partners at the time you participated.
- Any variation from these best practices is due to human error by our staff, and we’ll make every effort to correct the mistake.
Does ERI track information about visitors to earthrights.org?
Yes, but we promise we don’t do anything shady with the details we collect. Our web server stores a log containing information about our website visitors, including their IP addresses, limited details about their computers and browsers, and a list of the pages they visited. This information is deleted automatically after about 3 months. We only review the server logs occasionally, in order to diagnose problems with our website and to deter misuse of our website, including abusive comments. We reserve the right to block specific users from our website, but as long as you aren’t being a blatant jerk we won’t block you.
What about cookies?
Our site does encourage your web browser to store small amounts of data, known as cookies, on your computer, but only to help our administrators stay logged in, to help donors donate again, and to help repeat site visitors avoid content they’ve already seen. We don’t extract any personal information from the cookies we store, and you can disable cookies in your browser settings without adversely affecting the behavior of our website.
Does ERI store credit card information?
No! When you make a donation via our website, your credit card information is relayed to our credit card processor immediately. We do collect some of your basic contact information, so we can keep you informed about our work and contact you occasionally during advocacy efforts or fundraising drives, but your credit card details are never stored on our server.
How does ERI protect the privacy of its donors?
ERI maintains the highest level of respect for the privacy of its donors. ERI does NOT sell, trade, rent, or share its donor list or the personal information of its donors with any other organization. This policy applies to all information received by ERI from donors, both online and offline, as well as any electronic, written, or oral communications with donors. Unless indicated by the donor, gifts to the ERI will be publicly acknowledged.
Is ERI’s server secure?
We do our best! When processing user logins and credit card transactions, our site uses a 128-bit SSL certificate to provide end-to-end encryption. This is the same encryption standard used by many of the Internet’s leaders in secure transactions, including Paypal, Amazon.com, and Wells Fargo.
What about 3rd party tools?
Many Internet users are rightly concerned about the ways that large Internet corporations are collecting data about individual users, particularly through the use of 3rd party tools embedded on other websites. We are reluctantly complicit in this problem. We experiment regularly with different technologies, including staples like Facebook and Twitter widgets and Google Analytics, but also unusual fare like Crazy Egg and Giv.to. When you load a page on our website, you are most likely loading a number of embedded widgets or code snippets from these 3rd party services. Each of these tools has their own privacy policies, and may store their own cookies, and we encourage our visitors to read the privacy policies of these external services. When possible, however, we choose configuration options that share as little information as possible with 3rd party service providers, out of respect for your privacy. Ultimately, however, we can’t take any responsibility for data collected or analysis performed by these providers. If you want to minimize how 3rd parties can track you, on all websites, you can disable 3rd party cookies in your browser settings and enable the “Do Not Track” setting. Note that honoring the Do Not Track setting is optional, and many websites ignore it.
Where can I learn more about secure and private internet browsing?
Our friends at the Electronic Frontier Foundation are global leaders on digital privacy, and have many resources available on their website.
Will these policies change?