Privacy policy

Charity Rocket, a nonprofit dedicated to empowering other nonprofits, has a mission to strengthen their digital capabilities and help them build a better world. We collect, use and disclose information on a daily basis for the purposes of our mission.

This Privacy Policy is intended to help you understand our practices regarding the collection, use, disclosure and retention of personal information. By providing us with personal information, for example through our websites, by completing a form, by e-mail, in person or by telephone, you agree to the processing of your personal information as set out in this policy, and you authorize Charity Rocket, propulseur d’OSBL, its partners and suppliers to use your personal information for the purposes set out below.

This policy does not apply to third-party websites that may be accessed through links on our websites, and Charity Rocket, propulsor d’OSBL makes no representations whatsoever about third-party websites. In other words, this policy does not apply to third-party Web sites, even if you access them through our Web sites.

We may collect and process various types of personal information in the course of our business and provision of services, including:

• Professional and/or personal contact information, such as first name, last name, address(es), email address(es), and phone number(s);
• Information related to marketing and communication preferences, as well as related data such as comments or survey responses;
• Information related to contribution history, participation in organizational events, billing details, and financial information, such as a billing address, bank account details, or payment data;
• Information related to services, such as details about services we have provided to you;
• Information about website usage and other technical data, such as details about visits to our websites, your interactions with our advertising and online content, or information collected through cookies and other tracking technologies;
• Any other personal information you provide. Please note that if you provide us with personal information about other individuals (such as your clients, directors, officers, shareholders, or beneficial owners), you must ensure that they have been properly informed that you are providing their information to us and that you have obtained their consent for such disclosure.
• When applicable, we collect proof of the consent you have provided to us (date, time, method), in situations where such consent is required for the processing of personal information.

We collect your personal information directly from you and through our interactions with you, including the following:

• When you complete our forms
• When you subscribe to our newsletters
• When you participate in our surveys or studies
• When you download our guides, lists, or studies
• When you exchange with us by mail, email, or phone
• When you make a transaction with us

We also collect publicly available information, including from public platforms and from our website.

We may use personal information in any of the ways described below, with your consent or, where applicable, on another legal basis. In each case, we specify the purposes for which we use your personal information:

• To provide our services and to conduct our business, to manage and carry out our activities, including fulfilling our obligations under any agreement between you and us;
• To facilitate the use of our websites and ensure that our content is relevant and displayed in the most effective way for you and your device;
• For marketing and business development purposes — to share information about our new activities, updates related to our organization and our sector, and invitations to seminars or events, if you have chosen to receive such communications;
• For research and development purposes (including security-related R&D) — to conduct analyses that help us better understand our clients’ service and marketing needs, as well as improve our organization, services, and offerings;
• For recruitment purposes — to process job applications and assess whether a candidate meets the requirements of a position for which they may apply within our organization;
• To meet our legal, regulatory, or risk-management obligations.
• To prevent fraud and/or conduct background checks that may be required at any time under applicable laws, regulations, or best practices (if false or inaccurate information is provided, or if fraud is detected or suspected, information may be shared with fraud-prevention organizations and may be recorded by us or such organizations).
• To enforce our rights, to comply with our legal or regulatory obligations regarding information disclosure, or to protect the rights of third parties.
• To ensure we are paid — to recover payments owed to us and, if necessary, to enforce such recoveries by using collection agencies or taking other legal steps (including initiating legal proceedings).
• To reorganize or modify our organization — if we undertake a reorganization (for example, through a merger, consolidation, or the transfer of part of our mission), we may need to transfer some or all personal information to a third party (or its advisors) as part of any due diligence process or transfer related to that reorganization. Any such transfer would be made for the same purposes described in this policy or for the analysis of any proposed reorganization. In these situations, we will take all reasonable steps to ensure the protection and security of personal information.

We may share personal information with certain third parties, including the following:

• Third-party service providers, including those who provide us with donation solicitation services, database analysis, website services, application development, hosting, maintenance, and other support services. These third parties may have access to personal information or may process it in connection with the services they provide to us. We limit the information we provide to these service providers to what is reasonably necessary for them to perform their functions;
• Government authorities and law enforcement agencies when required by applicable laws. Specifically, we may disclose personal information and other data if we are legally required to do so, including under tax laws, or if we believe in good faith that such disclosure is necessary to comply with applicable laws, in response to a court order, subpoena, government search warrant, or to otherwise cooperate with government authorities or law enforcement agencies;
• A purchaser, successor, or assignee as part of any merger, acquisition, financing, asset sale, or similar transaction, as well as in the event of insolvency, bankruptcy, or receivership, where personal information may be transferred to one or more third parties as part of such transaction.

We only use personal information for the sole purpose of fulfilling our mission, which is to strengthen the digital capacities of nonprofits so they can help create a better world, and for purposes compatible with this goal.

Our organization uses the services of third-party sites, such as Google, Facebook, Instagram and LinkedIn, to promote its content and offers. When you visit our website, these third parties may use cookies, invisible pixels, or similar technologies to collect or receive information about your navigation on our websites and elsewhere on the web. These technologies make it possible to deliver relevant and targeted advertising based on your interests. You can consult the cookies and destroy them if you wish. You therefore have full control. We recommend adjusting your browser settings to make the appropriate changes.

For more information, we invite you to consult our Cookie Policy.

We retain personal information for as long as necessary to fulfill the purposes outlined in this policy and to comply with our legal and regulatory obligations. To learn more about the duration for which we keep personal information, please contact us using the information provided under the “How to Contact Us” section. “How to Contact Us” section.

Our data is stored in the cloud by various service providers, including Ninja Forms and HubSpot. These organizations have their own personal data processing policies, and their servers may be located outside Quebec. Some personal information is stored at our head office in Quebec, Canada.

We follow industry-accepted standards to protect the personal information submitted to us, both during transmission and once received. We maintain appropriate physical, technical, and administrative safeguards to protect personal information against accidental or unlawful destruction, accidental loss, unauthorized access, misuse, modification, disclosure, or any other unlawful form of processing. We have implemented measures to ensure that only staff members who need access to your personal information—or whose role reasonably requires such access—can access it.

However, no method of Internet transmission or electronic storage is 100% secure. We therefore cannot guarantee the absolute security of any information you transmit or provide to us; you do so at your own risk. We also cannot guarantee that such information will not be accessed, obtained, disclosed, modified, or destroyed following a breach of our physical, technical, or administrative safeguards. If you have reason to believe your personal information has been compromised, please contact us using the information under “How to Contact Us.” If a privacy incident affecting your personal information occurs, we commit to notifying you as soon as possible once we become aware of the incident. We will take reasonable steps to reduce the risks that harm may result and to prevent similar incidents from occurring again.

Under certain circumstances and depending on applicable privacy laws, individuals have the following rights:

• Access: the right to ask whether we process personal information and, if so, the right to request access. Subject to applicable law and, where required, payment of a fee, an individual may receive a copy of the personal information we hold about them and certain related data.
• Accuracy: we must take reasonable steps to ensure that personal information in our possession is accurate, complete, not misleading, and up to date.
• Rectification: the right to request correction of incomplete or inaccurate personal information we hold.
• De-indexing: the right to request that we stop disseminating their personal information or de-index any hyperlink attached to their name that provides access to such information, if that dissemination causes harm or violates the law or a court order (right to erasure or “right to be forgotten”).
• Anonymization: the right for our organization to anonymize personal information instead of destroying it, but only for serious and legitimate purposes (e.g., retaining information required for potential tax audits).
• The right to be informed when a decision is based exclusively on automated processing.
• The right to be informed when identification, location, or profiling technologies are used, as well as the means available to activate or deactivate such technologies.
• Finally, individuals may also file a complaint with a data protection supervisory authority, particularly in the country, province, or state in which they reside, where we are located, or where an alleged violation of data protection laws has occurred.

To exercise any of these rights, please contact us as indicated in the “How to Contact Us” section.

For detailed information about the cookies we use, please refer to our Cookie Policy.

If you have questions, comments, or complaints about this policy or personal information, wish to exercise your rights, file a complaint, or obtain information about our practices regarding foreign service providers, please contact our Privacy Officer: LUCA SOLE, CHARITY ROCKET. 2124 rue Plessis, Montréal, Québec, Canada, H2L 2Y3 Luca@CharityRocket.com

We may modify our website content and our cookie usage practices without notice; as a result, this policy and our Cookie Policy may be updated from time to time. We encourage you to review them regularly when visiting our website to stay informed about how we handle personal information.

This policy was last updated on November 3, 2025.