Effective: May 25, 2018
We believe in a new mode of operation for business and society, based on the following core values—and we partner with people and organizations who share them.
These values are at the heart of everything we do, including how we collect, manage, protect and use the information we collect from our Subscribers, and on behalf of our Subscribers.
Our values shape this privacy notice in the following ways:
Subscribers and the individuals they employ and serve should be able to know exactly what information New/Mode collects about them, how it is used, how it is protected, how it can be accessed, and how it can be controlled.
New/Mode works in a collaborative technical ecosystem with partners and customers to make its core services as effective as possible, and to make it easier for customers to achieve their important social missions. This means data is shared with 3rd party sub-processors under contract with New/Mode, and 3rd party processors under contract with customers.
We build rapidly based on what our customers are telling us about what they need to be more effective and efficient in their advocacy and engagement campaigns. As a result, our policies may change as new products, services and features are developed. When this is the case, customers will be notified and engaged to ensure policies meet their expectations.
New/Mode develops features, products and services to put relationships with your community of supporters and community impact first. Our privacy policies reflect this priority.
New/Mode develops features, products and services to build and focus democratic economic and social power for those who have the least economic and social power under existing structures. We believe it is especially important to protect the privacy of the people and organizations engaged in this work.
This Privacy Notice explains how New Mode Consulting Inc. (“New/Mode” or “we”) collect, use, and disclose personal data online and offline in connection with our Website and the services we provide (“Services”). We refer to the individuals whose Personal Data (as defined below) we process as “you” in this Notice.
This Privacy Notice is intended to help you understand:
“Personal Data” is information that identifies an individual or relates to an identifiable individual. Examples of Personal Data we collect include:
Details represented on your social media profiles from third-party services
We need to collect and process Personal Data in order to provide the requested Services. If we do not receive the information that we request, we may not be able to provide the requested Services.
We collect Personal Data from you in the following ways:
When we collect information from you, we provide you notice of our privacy and other data protection policies. Given your notice of our policies, we understand your provision of any requested information as a consent to our use of this information as we describe in these policies.
We take the security of your Personal Data seriously. We have implemented measures designed to secure this information from accidental loss and from unauthorized access, use, alteration, and disclosure. For example, we store the information you provide us in a secure third-party cloud-based application that is compliant with data protection and security requirements under the high standards of Europe’s General Data Protection Regulation (“GDPR”).
Unfortunately, the transmission of information via the internet is not completely secure. Although we do our best to protect your Personal Data, we cannot guarantee its security. If you have reason to believe that your interaction with us is no longer secure, please immediately notify us by emailing firstname.lastname@example.org.
We recognize that there are additional risks that countries, such as those in the EU, associate with transferring Personal Data internationally. As a Canadian-based company who engages service providers (some of whom are located outside of Canada and in the United States), we rely on a number of frameworks to mitigate those risks and provide our clients adequate protections under the GDPR. We rely in part on the EU’s decision that Canadian-based companies are recognized as affording adequate privacy protections under Article 45 of Regulation (EU) 2016/679. Additionally, we take care to use third-party services that either operate in countries who require adequate privacy protections or who are certified under frameworks such as the EU-U.S. and Swiss-U.S. Privacy Shields.
For transparency, we have included a list of these services below as well as reference to the relevant adequacy decisions or certifications. We are, however, ultimately not responsible for the privacy or other practices of any third parties.
Personal Data may be disclosed to third parties in connection with the Services we are providing. The recipients of any such information will depend on the Services that are being provided and in what country we are providing these Services. Such disclosures may include:
Disclosure of Personal Data which we make to our third-party service providers will be made subject to what we consider appropriate to the specific circumstances of each such disclosure, specifically taking into account data protection, security, and your rights to your Personal Data.
We may also use and disclose Personal Data as we believe to be necessary or appropriate: (a) to comply with applicable law including treaties or agreements with or between foreign or domestic governments, which may include laws outside the country you are located in, to respond to requests from public and government authorities, which may include authorities outside your country, to cooperate with law enforcement, governmental, regulatory, or other agencies or authorities to which we or our affiliates are subject to who may transfer the Personal Data to equivalent agencies or authorities in other countries; (b) to courts, litigation counterparties and others, pursuant to subpoena or other court order or process or otherwise as reasonably necessary, including in the context of litigation, arbitration, and similar proceedings to enforce our terms and conditions, and as reasonably necessary to prepare for or conduct any litigation, arbitration and/or similar proceedings; and (d) to protect our rights, privacy, safety, or property, and/or that of our affiliates, you, or others.
In addition, we may use, disclose or transfer Personal Data to a third party (i) in the event of any reorganization, merger, sale, joint venture, assignment, transfer or other disposition of all or any portion of our business, assets, or stock (including in connection with any bankruptcy or similar proceedings) and/or (ii) to third parties, as requested by clients or their representatives.
We will retain Personal Data for as long as needed or permitted in light of the purpose(s) for which it was obtained. The criteria used to determine our retention periods include: (i) whether we continue to provide our Services to you; and (ii) whether there is a legal obligation to which we are subject.
“Other Information” is any information that does not reveal a person’s specific identity or does not directly relate to an identifiable individual, such as:
If we are required to treat Other Information as Personal Data under applicable law, then we may use and disclose it for the purposes for which we use and disclose Personal Data as detailed in this Privacy Notice.
We collect this information:
As you navigate through and interact with our Website, we may use automatic data collection technologies to collect certain information about your equipment, browsing actions, and patterns, including:
The information we collect automatically helps us to improve our Website and deliver a better and more personalized service, including by enabling us to:
The technologies we use for this automatic data collection may include:
We give you choices regarding our use and disclosure of your Personal Data for marketing purposes. You may opt-out from receiving electronic communications from us by emailing email@example.com. We will try to comply with your request(s) as soon as reasonably practicable for us. We may still send you important administrative, Service, or transaction-related messages.
If you would like to request to review, correct, update, suppress, restrict or delete Personal Data that you have previously provided to us, you may contact us at firstname.lastname@example.org. You may also choose to revoke your consent for us to process your Personal Data by emailing the same address. We will respond to these request(s) as soon as reasonably practicable for us. Please note that if you choose to use our Services to publish or otherwise transmit your Personal Data to any third parties, we no longer control this information and will be unable to respond to your requests to review, correct, update, suppress, restrict, or delete it as we would under our control. Please note that we may need to retain certain information for recordkeeping purposes and/or to complete any transactions that you began prior to requesting a change or deletion. There may also be residual information that will remain within our databases and other records, which will not be removed.
Our Website and Services are not directed to individuals under the age of eighteen (18), and we do not knowingly collect Personal Data from individuals under 18.
We typically do not collect sensitive Personal Data in connection with our Website and Services. This information consists of information related to racial or ethnic origin, political opinions, religious or philosophical beliefs, health, biometric or genetic characteristics, criminal background or trade union membership (“Special Data”). Because of the nature of our Services and their relation to political advocacy, we recognize that such information may be important to your advocacy for a particular issue. We do not solicit such information from you and if you choose to publish this information, you do so of your own accord, at your own risk, and consent to our use of it as Personal Data as described herein.
As noted above, you may request to review, correct, update, suppress, restrict or delete Personal Data that you have previously provided to us by contacting email@example.com. Please note that if you choose to use our Services to publish or otherwise transmit your Personal Data to any third parties, we no longer control this information and will be unable to respond to your requests to review, correct, update, suppress, restrict, or delete it as we would under our control.
California Civil Code Section § 1798.83 permits users of our Website that are California residents to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes. To make such a request, please send an email to firstname.lastname@example.org.
We may change this Privacy Notice from time to time. When we do, we will notify you about these updates. Each updated Privacy notice will indicate the date of its most recent update at the top of the document. Any changes will become effective when we post the revised Privacy Notice. Following these changes, your continued use of the Services or provision of Personal Data to us signifies that you accept these changes.
New Mode Consulting, Inc. controls your information under this Notice. If you have questions or concerns regarding how we collect and process your information, please contact us at:
New Mode Consulting Inc.
312 Main Street
Vancouver, BC Canada
Individuals using our Services in Europe or the greater European Economic Area may also file a complaint with a supervisory authority in their country or region.
Current as of May 25, 2018
3rd Party Service / Vendor
Assurance of Adequate Data Protection
|Amazon Web Services||Application & database servers||Canada||https://aws.amazon.com|
|Chargebee||Payments & account management||USA||https://www.chargebee.com|
|Digital Ocean||Storage of encrypted database backups||Canada||https://www.digitalocean.com||Adequate as a business operating in Canada under Article 45 of Regulation (EU) 2016/679.|
|Provider (once permission has been granted by user) of personally identifiable data used to prepopulate forms||USA||https://www.facebook.com|
|Genderize||Provide a suggested gender and accuracy rating for a given first name||USA||https://genderize.io||Analyzes information in such a way that cannot identify a specific individual.|
|Google Civic API||Civic Information API receives user’s American address and returns available political representatives||USA||https://developers.google.com/civic-information||Analyzes information in such a way that cannot identify a specific individual.|
|Google Analytics||Google Analytics used to track on site browsing activity||USA||https://www.google.com/analytics|
|My Society||Mapit API receives user’s UK postal code and returns available political districts||UK||https://mapit.mysociety.org||Analyzes information in such a way that cannot identify a specific individual.|
|Open Australia||API receives user’s Australian postal code and returns available political districts||Australia||https://www.openaustralia.org/au||Analyzes information in such a way that cannot identify a specific individual.|
|OpenNorth||Receives user’s Canadian address or postal code and returns available political representatives||Canada||https://represent.opennorth.ca||Analyzes information in such a way that cannot identify a specific individual.|
|Sendgrid||Email service provider||USA||https://sendgrid.com|
|Share Progress||Tally system for social sharing||USA||https://www.shareprogress.org||Analyzes information in such a way that cannot identify a specific individual.|
|Twilio||Voice and SMS communications technology service provider||USA||https://www.twilio.com|
|Post tweets (once permission has been granted by user) on user’s behalf. Retrieves a user’s twitter handle||USA||https://twitter.com|
|Zendesk||Help desk and knowledge base||USA||https://www.zendesk.com|