EN / FR

 

Privacy Policy

Last Updated: February 1, 2026

Purpose

Public Outreach Group (“Public Outreach,” “we,” “us,” or “our”) is committed to protecting personal information and handling it in a responsible, transparent, and secure manner.

This Privacy Policy explains how we collect, use, disclose, retain, and safeguard personal information when individuals interact with our services, including our website, donation platforms, and internal systems.

This policy applies to donors, clients, website visitors, employees, contractors, and job applicants.

Public Outreach complies with applicable privacy and data protection laws, including:

  • Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA)
  • Applicable provincial privacy legislation
  • UK GDPR and the UK Data Protection Act 2018, where applicable
  • Relevant U.S. state privacy laws, where applicable

Information We Collect

Donors

When you make a charitable donation through our PO Donate platform, we may collect:

  • Name and contact information (email address, phone number, mailing address)
  • Payment information (credit card or bank account details, processed securely)
  • Donation amount, frequency, and transaction details
  • Communication and consent preferences
  • Technical information (IP address, browser type, device information)

Clients and Website Visitors

  • Business contact information
  • Communications and correspondence
  • Website usage data and analytics
  • Cookie and tracking technology data

Employees and Job Applicants

  • Personal identification and contact information
  • Employment history, qualifications, and references
  • Payroll, tax, and benefits information
  • Emergency contact details
  • Performance, evaluation, and training records

How We Use Personal Information

We collect and use personal information only for purposes that are reasonable and identified at the time of collection.

Donors

  • Processing charitable donations on behalf of partner organizations
  • Issuing donation confirmations and tax receipts
  • Sharing donor information with the designated charitable organization
  • Improving services and reporting using anonymized or aggregated data

Clients

  • Delivering and managing services
  • Communicating about projects and service delivery
  • Invoicing and payment processing
  • Improving operational efficiency and service quality

Employees

  • Managing employment and contractual relationships
  • Processing payroll, benefits, and reimbursements
  • Meeting legal, regulatory, and contractual obligations
  • Supporting internal business operations

Legal Basis for Processing

Personal information is processed based on one or more of the following legal grounds, as applicable:

  • Consent: Provided at the time of donation, service engagement, or employment
  • Contract: Processing required to meet contractual obligations
  • Legal Obligation: Compliance with tax, employment, and regulatory requirements
  • Legitimate Interests: Business operations, fraud prevention, system security, and service improvement (where permitted by law)

Information Sharing and Disclosure

Donor Information

Donor information is shared only with the specific charitable organization selected during the donation process. This sharing is disclosed at the time of donation and confirmed via email.

Public Outreach does not sell, trade, or rent donor personal information to third parties.

Service Providers

We use trusted third-party service providers to support our operations, including:

  • SignNow – Digital signatures and onboarding
  • ADP – Payroll and employee information management
  • Egnyte – Secure file storage and sharing

These providers are contractually required to protect personal information, apply appropriate security safeguards, and use information only for authorized purposes.

Legal and Regulatory Requirements

We may disclose personal information where required or permitted by law, court order, or government authority, or where necessary to protect legal rights, safety, or security.

Data Retention and Destruction

PO Donate Platform

Full donor records are retained for two (2) years.

After two years, personally identifiable information (PII) and sensitive financial data are removed, while anonymized data is retained for reporting and analysis.

Retained (Anonymized):

  • Unique identifier (GUID)
  • First name only
  • Gift type and amount
  • Payment type (card or bank, without account details)
  • Marketing attribution data

Deleted After Two Years:

  • Full contact details
  • Payment card or bank account information
  • Historic records containing sensitive data
  • Client dispatch files
  • BCC copies of donation confirmation emails

Backup Retention

Deleted data may remain in secure backup systems for up to six (6) months, after which it becomes permanently unrecoverable.

Other Data

Client and employee records are retained for the duration of the relationship plus legally required retention periods (typically seven (7) years).

Data Security

We implement administrative, technical, and physical safeguards appropriate to the sensitivity of the information, including:

  • Encryption of data in transit and at rest
  • Secure server infrastructure hosted in Canada
  • Role-based access controls
  • Regular security assessments and updates
  • Secure backup and disaster recovery procedures
  • Ongoing employee privacy and security training

While we take reasonable measures to protect personal information, no system can be guaranteed to be completely secure.

Individual Privacy Rights

Subject to applicable law, individuals have the right to:

  • Access their personal information
  • Request corrections
  • Request deletion (subject to legal retention obligations)
  • Withdraw consent for non-essential processing
  • Receive their information in a usable format
  • Object to certain processing activities
  • File a complaint with a privacy regulator

Requests can be made by contacting our Privacy Officer at privacy@publicoutreachgroup.com.

Cookies and Tracking Technologies

Our website uses cookies and similar technologies to:

  • Enable essential website functionality
  • Remember user preferences
  • Analyze website usage
  • Improve performance and user experience

Users can manage cookie preferences through browser settings. For more information, please see our Cookie Policy.

International Data Transfers

Public Outreach’s servers are located in Canada. Some service providers may process information outside Canada.

When international transfers occur, we use appropriate safeguards, including contractual protections and compliance frameworks, to ensure equivalent levels of data protection.

Children’s Privacy

Our services are not intended for individuals under 18 years of age. We do not knowingly collect personal information from children.

Privacy Breach Notification

If a privacy breach poses a real risk of significant harm, we will:

  • Contain and assess the breach
  • Notify affected individuals as required by law
  • Report to the Office of the Privacy Commissioner of Canada
  • Document the incident and corrective actions

Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated through appropriate channels and, where required, fresh consent will be obtained.

Contact Information

Privacy Officer

Email: privacy@publicoutreachgroup.com

Address: 203-260 Spadina Street, Toronto, ON M5T 2E4

Phone: (888) 326-5535

Regulatory Authority

Office of the Privacy Commissioner of Canada

30 Victoria Street, Gatineau, QC K1A 1H3

1-800-282-1376 | www.priv.gc.ca

Acknowledgment

By using Public Outreach Group’s services, you acknowledge that you have read and understood this Privacy Policy.

Client logo

Let’s make
something happen.

Connect With Our Team