MAPR staff, management, and volunteers uphold strict internal policies against unauthorized disclosure or use of personal information.
We will never share your information with parties outside the MAPR, unless we have explicitly made you aware that we will before you give it to us. We use services for payment processing, which requires sharing the transaction information with them over a secure connection, under legal agreement that appropriately controls its use and retention. We may establish similar arrangements with other formally contracted service providers, but always use privacy and security as key criteria when selecting them, and only share the data required for the service to function. As an organization with an ideological commitment to self-hosting nearly everything, the number of such providers is and will be very small.
Information You Make Public
The MAPR maintains services such as wikis, email discussion lists, forums, and software distribution Web sites where users may submit information to be published publicly. You are creating a permanent, public record of information added, removed, and/or altered by you, including information which may identify you. For example, emails to public discussion lists are publicly available in their entirety, including your email address. Please think carefully about your desired level of anonymity before you disclose personal information.
Customer Information
All information related to financial transactions and member logins is handled through a secure connection.
The MAPR does not store complete credit card numbers on our servers. We retain only the last 4 digits of the card.
Sales
Contact information is requested at the time of a sale in order to complete the sale and deliver the products. It is also used to verify the credit card transaction when a credit card is used. Customer lists are not sold or distributed to third parties. The MAPR uses these customer lists to send occasional solicitations and its biannual newsletter. Customers can opt out of all contact or specify only print or email contact by emailing mapr@makeapullrequest.com.
Donations
Contact information is requested at the time of a donation. This information is used to verify the initial credit card transaction. Donor lists are not sold or distributed to third parties. The MAPR uses these donor lists to send occasional solicitations and its biannual newsletter.
Membership
Contact information is requested at the time of a membership sign-up. This information is used to verify the initial credit card transaction and future transactions if the member signs up for monthly deductions. Member lists are not sold or distributed to third parties. The MAPR uses this member list to send a membership packet, occasional solicitations, and its biannual newsletter. Members can opt out of receiving the newsletter when they sign up. Members can opt out of all contact or specify only print or email contact by emailing mapr@makeapullrequest.com.
User Registration
The MAPR uses registration lists to send news updates, occasional solicitations and its biannual newsletter. You can be removed by writing to mapr@makeapullrequest.com.
General Data Protection Regulation
The MAPR has the right to process personal data of EU residents (i) due to their provided consent to MAPR or (ii) in order to conclude an agreement with them and to fulfill it. The legal basis for the processing of personal data is Article 6 (1) (a)-(b) of the General Data Protection Regulation. EU residents under the age of 16 should not submit their personal data for subscribing to our email solicitations and we will delete any such data if we become aware of it. The personal data recipients may be data processors who provide ancillary services to the MAPR. The MAPR will store personal data during the term of the agreement and during the limitation period as defined by applicable law or until the consent for direct marketing is revoked. The MAPR undertakes to handle personal data in compliance with the applicable data protection law, to ensure the security of the data processed, and to implement the appropriate technical and organizational measures for the protection of personal data against unlawful destruction, accidental change, disclosure and any unlawful handling. The data subjects are entitled to (i) request that the MAPR allows them to access and correct personal data submitted by them to the MAPR; (ii) request that the MAPR erase or limit the processing of personal data submitted by them and disagree with the processing of data if such requests are compatible with the performance of the agreement and applicable law; (iii) data portability; (iv) submit a complaint regarding the processing of personal data to the competent EU data protection authority. You have the right to contact the MAPR for all matters relating to the processing of your personal data by email to mapr@makeapullrequest.com.
