Privacy Policy
This policy applies to information collected through our website as well as information collected in connection with our programs, partnerships, events, and organizational activities.
Information collected via this website is intended strictly for internal use and will not be sold, rented, or released in any manner to any individual, group, corporation, or agency.
Our policy is to respect and protect the privacy of visitors to our website. The purpose of this privacy policy is to provide you with a description of the type of information we collect and how we use that information.
What personal data we collect and why we collect it
Contact and sign-up forms
If you sign up to the website as a member, customer or website user, we will collect your name and contact information so we can get in touch with you and so you can maintain your account. We do not share these details with anyone except as described below.
Donations
When you donate to CoAction Global, your payment is processed securely through third-party payment processors such as Stripe and Donorbox. CoAction Global does not store full credit card information. We use donor information to process contributions, issue tax receipts, maintain donor records, communicate updates about our work, and meet legal and reporting requirements. We do not sell donor information.
Program participants, applicants, and advisors
If you apply to or participate in CoAction Global programs, fellowships, advisory activities, or partnerships, we may collect professional and contact information necessary to administer those activities. Where appropriate, limited information may be shared with trusted service providers supporting program delivery, including travel coordination, insurance, or safety services.
Comments
When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.
Cookies
Like most websites, this website uses ‘cookies.’ These are small data files which are stored on your device in order to improve the functionality and management of the site. If you do not wish cookies to be installed on your device, we recommend disabling cookies in your browser.
- Accessibility toolbar — cookies remember your customization settings. These do not provide personal visitor information to ourselves or other services.
- Comments — if you leave a comment you may opt-in to saving your name, email address and website in cookies, for your convenience. These last for one year.
- Logins — login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks.
- Google Analytics — we use Google Analytics to record anonymised data about how this website is used, to help us improve the website and report to funders. It does not allow us to view individual user details.
Embedded content from other websites
Our site may contain links to and from the websites of our partner networks and affiliates. These websites have their own privacy policies, and we do not accept any responsibility or liability for these policies. Articles on this site may include embedded content (e.g. videos, images, articles), which behaves in the exact same way as if the visitor has visited the other website.
Website development and hosting
This website is designed, developed, and maintained on our behalf by MiraiDesign (operated by MiraiWorks OÜ, an Estonian private limited company), acting as our website services provider under a Website-as-a-Service subscription. MiraiWorks OÜ hosts the site on third-party cloud infrastructure, such as Cloudflare, and may access technical and usage data — but not donor payment details — solely to build, host, secure, and maintain the site on our instructions. MiraiWorks OÜ does not use this data for its own purposes and does not sell or share it further, except with the infrastructure sub-processors strictly necessary to deliver hosting.
Who we share your data with
We use the personal information you provide us to ensure that any services or information you have requested can be fulfilled. We do not sell personal information. We may share personal information with trusted service providers that support our operations, including:
- Payment processors, such as Stripe and Donorbox.
- Our website developer and hosting provider, MiraiDesign / MiraiWorks OÜ, and its underlying infrastructure sub-processors.
- IT and communications platforms.
- Accountants and auditors.
- Legal advisors.
- Human resources service providers.
- Travel and security support providers.
- Program implementation partners, where necessary.
These providers receive only the information required to perform their services.
Because CoAction Global works with partners, participants, and service providers globally — including our website provider, which is based in the European Union — personal information may be processed outside your country of residence, including in the United States and within the European Union (Estonia). We take reasonable steps to ensure such transfers are handled securely and in accordance with applicable laws, including appropriate contractual safeguards with our processors.
How long we retain your data
If you leave a comment, the comment and its metadata are retained indefinitely, so we can recognize and approve any follow-up comments automatically. For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time.
What rights you have over your data
Data protection laws provide you with the right to:
- Request access to your personal information (a “data subject access request”).
- Request correction of the personal information that we hold about you.
- Request erasure of your personal information.
- Request the restriction of processing of your personal information.
- Request a copy of your personal information in a structured, commonly used and machine-readable format.
- Object to the processing of your personal information, including for direct marketing purposes.
Where we rely on your consent to process your personal data, you have the right to withdraw your consent at any time. Requests related to personal information may be submitted to info@coactionglobal.org.
How we protect your data
Your data is secured by encryption, firewalls, and Secure Socket Layer (SSL) technology. We use reasonable administrative, technical, and organizational safeguards to protect personal information from unauthorized access, disclosure, or misuse, including safeguards implemented by our website hosting provider. Access to personal information is limited to personnel and service providers who require it for legitimate operational purposes.
What data breach procedures we have in place
Data breaches are rare, but should one occur we will pinpoint the exact details of the breach including the time, where it happened on the system, the cause of the breach, and the extent of the damage. Additional security measures are monitored by our hosting and infrastructure providers.
Children’s information
Our website and programs are not directed to children under the age of 13, and we do not knowingly collect personal information from children.
