Local Futures is committed to keeping your personal information secure and to being transparent about how we collect and use your Personal Data. The purpose of this Policy is to help you understand what Personal Data Local Futures collects, how we use it and what your rights are. We take care to ensure that we use your information in accordance with all applicable laws concerning the protection of personal information. We do not share, sell or rent your Personal Data to third parties for their commercial purposes. We are compliant with the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).
Please read the following Policy to understand how your Personal Data will be treated. It may change from time to time, so please check back periodically.
- Who we are
- When we collect your Personal Data
- What Personal Data do we collect
- How do we use your Personal Data
- Personal Data protection principles
- What rights do you have regarding your Personal Data
- How we secure your Personal Data
- Who else has access to your Personal Data
- Website, cookies and other technologies we use
- Contact information
Who we are
This policy applies to: International Society of Ecology and Culture (ISEC): California corporation number C-1516491, US federal EIN 94-3128274. The International Society of Ecology and Culture is referred to as Local Futures in this document.
Our postal addresses are:
– PO Box 36, East Hardwick, VT 05836, USA.
– PO Box 239, TQ9 9DP, Totnes, UK.
Our website address is https://www.localfutures.org. This policy applies to all the pages hosted on this site and other services Local Futures runs. It also applies to the following websites:
– World Localization Day program: website address is https://www.worldlocalizationday.org.
– Localization Action Guide: website address is https://actionguide.localfutures.org.
– Any other website set up and managed by Local Futures to promote any of our conferences, programs and/or events.
It does not apply to other organisations to which we may link and whose Privacy Policies may differ.
Personal Data – any information relating to an identified or identifiable natural person including anonymous website activity logs with or without involving IP addresses.
Processing – any operation or set of operations which is performed on Personal Data or on sets of Personal Data.
Data Subject – a natural person whose Personal Data is being Processed.
Child – a natural person under 16 years of age.
We/us (either capitalized or not) – Local Futures.
When we collect your Personal Data
Local Futures collects Personal Data about you in the following ways.
When you support us by:
- Making a donation to Local Futures and/or to World Localization Day;
- Making a purchase in our online store;
- Engaging with our social media and digital advertising;
- Joining our volunteer communities.
As well as:
- When you visit our website;
- When you sign up as individual or organization for the International Alliance for Localization and the IAL Listserv;
- When you sign up for our Email Update and Blogs;
- When you fill in our contact form or add a comment to our Blogs;
- When you sign up for or participate in our events;
- When you sign up for our Work in Ladakh projects;
- When you request permission to host a film screening or other event;
- When you request materials for the DIY Economics of Happiness Workshop and Toolkit, and Roots of Change Study Circle;
- When you download any material from our website.
To comply with UK and USA data protection rules, Local Futures will always ensure we have legal justification for collecting and using your Personal Data. The legal basis that we rely on will depend upon the circumstances in which we collect and use your Personal Data.
In almost all cases, our Processing of your Personal Data will fall into one of the following categories:
- Where you have provided your consent to allow us to use your Personal Data in a certain way;
- Where it is necessary for us to Process your Personal Data in order to comply with a legal obligation;
- Where it is in our legitimate interest to contact you in order to raise funds and achieve our campaign objectives. Where we rely on a legitimate interest to use your Personal Data, we will always ensure that this is done in a way so as not to be intrusive or cause distress, and that respects your rights;
- Where it is necessary for us to Process your Personal Data in order to carry out the performance of a contract with you.
What Personal Data we collect
Information you have provided us with:
This might be your email address, name, billing address, home address, payment information, etc. – mainly information that is necessary for delivering you a product or to enhance your customer experience with us. We save the information you provide us with in order for you to comment or perform other activities on the website. This information includes, for example, your name and email address.
Information automatically collected about you:
This includes information that is automatically stored by cookies and other session tools. This may include information such as your device’s internet protocol address (IP address), browser type, browser version, the pages of our service that you visit, the time and date of your visit, the time spent on those pages, unique device identifiers, and other diagnostic data. This information is used to improve your experience with our website. When you use our services or look at the contents of our website, your activities may be logged.
When you access the service by or through a mobile device, we may collect certain information automatically, including, but not limited to, the type of mobile device you use, your mobile device’s unique ID, the IP address of your mobile device, your mobile operating system, the type of mobile internet browser you use, unique device identifiers, and other diagnostic data.
Publicly available information:
We might gather information about you that is publicly available, for example, when you participate in one of our events.
We do not intend to collect or knowingly collect information from Children. We do not target Children with our services. We do not knowingly collect Personal Data from anyone under the age of 16. If you are a parent or guardian and you are aware that your child has provided us with Personal Data, please contact us. If we become aware that we have collected Personal Data from anyone under the age of 16 without verification of parental consent, we take steps to remove that information from our servers.
How we use your Personal Data
We use your Personal Data in order to:
- Provide you with information or products that you have requested from us.
- Provide you with information that is relevant to your interests.
- Process donations received from you.
- Make enquiries or inform you about your interactions with us (e.g. resolving issues with your order, payment, or informing you of changes to events).
- Respond to any complaints from you.
- Offer you ways to fund our work.
- Invite you to campaign with us.
- Keep you updated on our campaigning work.
- Inform you of volunteer opportunities.
- Invite you to participate in surveys or research.
- Analyze and refine our advertising, campaigning and other operations to increase our effectiveness.
- Monitor your information to prevent fraud.
- Work with authorities in cases of fraud or criminal investigations.
We Process your Personal Data in order to fulfill obligations required by law, and/or use your Personal Data for options provided by law. We reserve the right to anonymize Personal Data gathered and to use any such data. We will use Personal Data outside the scope of this Policy only when it is anonymized. We save your billing information and other information gathered about you for as long as needed for accounting purposes or other obligations deriving from law.
We will also retain Personal Data for internal analysis purposes. Personal Data is generally retained for a shorter period of time, except when this data is used to strengthen the security or to improve the functionality of our service, or when we are legally obligated to retain this data for longer time periods.
Personal Data protection principles
We promise to follow the following Personal Data protection principles:
- Processing is lawful, fair, and transparent. Our Processing activities have lawful grounds. We always consider your rights before Processing Personal Data. We will provide you information regarding Processing upon request.
- Processing is limited to the purpose. Our Processing activities fit the purpose for which Personal Data was gathered.
- Processing is done with minimal data. We only gather and Process the minimal amount of Personal Data required for any purpose.
- Processing has a limited time period. We will not store your personal data for longer than needed.
- We will do our best to ensure the accuracy of the data.
- We will do our best to ensure the integrity and confidentiality of the data.
What rights you have regarding your Personal Data
The Data Subject has the following rights:
- Right to information – you have to right to know whether your Personal Data is being Processed; what Personal Data is gathered, from where it is obtained and why and by whom it is Processed.
- Right to access – you have the right to access the Personal Data collected from or about you. This includes your right to request and obtain a copy of your Personal Data gathered.
- Right to rectification – you have the right to request rectification or erasure of any of your Personal Data that is inaccurate or incomplete.
- Right to erasure – in certain circumstances you can request your Personal Data to be erased from our records.
- Right to restrict Processing – where certain conditions apply, you have the right to restrict the Processing of your Personal Data.
- Right to object to Processing – in certain cases you have the right to object to Processing of your Personal Data, for example in the case of direct marketing.
- Right to object to automated Processing – you have the right to object to automated Processing, including profiling; and not to be subject to a decision based solely on automated Processing. You may exercise this right whenever there is an outcome of the profiling that produces legal effects concerning or significantly affecting you.
- Right to data portability – you have the right to obtain your Personal Data in a machine-readable format or, if it is feasible, as a direct transfer from one Processor to another.
- Right to lodge a complaint – in the event that we refuse your request under the Rights of Access, we will provide you with a reason as to why. If you are not satisfied with the way your request has been handled, please contact us.
- Right for the help of a supervisory authority – meaning you have the right for the help of a supervisory authority and the right for other legal remedies such as claiming damages.
- Right to withdraw consent – you have the right withdraw any given consent for Processing of your Personal Data.
How we secure your Personal Data
We do our best to keep your Personal Data safe. We use safe protocols for communication and transferring data, such as HTTPS. We use anonymizing and pseudonymizing where suitable. We monitor our systems for possible vulnerabilities and attacks. Even though we try our best, we cannot guarantee the security of information. However, we promise to notify suitable authorities of data breaches. We will also notify you if there is a threat to your rights or interests. We will do everything we reasonably can to prevent security breaches and to assist authorities should any breaches occur.
Who else can access your Personal Data
We do not share, sell or rent your Personal Data with third parties for their commercial purposes. Personal Data about you is in some cases provided to our trusted partners in order to either make the service to you possible or to enhance your customer experience. We only work with Processing partners who are able to ensure adequate level of protection to your Personal Data. See our list of trusted partners below. We disclose your Personal Data to third parties or public officials when we are legally obliged to do so. We might disclose your Personal Data to third parties if you have consented to it or if there are other legal grounds for it.
Website, cookies and other technologies we use
– Necessary cookies – these cookies are required for you to be able to use some important features on our website, such as logging in. These cookies don’t collect any personal information.
– Functionality cookies – these cookies provide functionality that makes using our service more convenient and makes providing more personalised features possible. For example, they might remember your name and email in comment forms so you don’t have to re-enter this information the next time you post a comment.
– Analytics cookies – these cookies are used to track the use and performance of our website and services.
You can remove cookies stored in your computer via your browser settings. Alternatively, you can control some third party cookies by using a privacy enhancement platform such as optout.aboutads.info or youronlinechoices.com. For more information about cookies, visit allaboutcookies.org.
The trusted partners we work with are:
We use Action Network for donations made through our online secure donate form on our website. If you provide us financial data to make a donation by post or by phone, we will never enter or store that information on our own system.
We also use Action Network to manage signups for the International Alliance of Localization (IAL). If your wish to unsubscribe from the IAL, please fill in this form: https://actionnetwork.org/forms/would-you-like-to-leave-the-ial/.
If you leave a comment, the comment and its metadata are retained indefinitely. This enables us to recognize and approve any follow-up comments automatically instead of holding them in a moderation queue. Comments may be checked through an automated spam detection service.
For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (with the exception that they cannot change their username). Website administrators can also see and edit that information.
If you have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
We collect information about visitors who comment on Sites that use our Akismet anti-spam service. The information we collect depends on how the User sets up Akismet for the Site, but typically includes the commenter’s IP address, user agent, referrer, and Site URL (along with other information directly provided by the commenter such as their name, username, email address, and the comment itself).
Embedded content from other websites:
‘Ecwid collects, stores, processes and shares personal data based on GDPR guidelines and complies with GDPR requirements in the following ways:
- We assigned a Data Protection Officer who is in charge of the Ecwid Data Protection Policy;
- We started to deliver GDPR-focused training to our key teams and personnel;
- We implemented a detailed procedure to deal with all Data Subject access requests, deletion requests and government access requests;
- We work only with subprocessors who provide an adequate protection of the personal data through robust technical and organizational measures;
- We developed a reliable method to detect, report and investigate a personal data breach;
- We established the necessary records of data processing activities;
- We are certified under the EU – U.S. and Swiss – U.S. Privacy Shield frameworks; this arrangement calls for certified organisations to guarantee a level of security in line with EU data protection law regarding the transfer of personal data from the EEA and Switzerland to the U.S.’
We also use payment card processors to process credit and debit card payments and store payment information, including Square and PayPal.
We make use of certain APIs (Application Programming Interfaces) in order to provide specific features. These APIs may include the following third party services: Google Maps (API key), Meetup (OAuth token), PayPal (email, Client ID, Client Secret), Eventbrite (API key, auth URL, Client Secret), and Zoom (email, Client ID, Client Secret).