Created: March 2021
Owner: CEO
Next Review: March 2022
Nexus Data Protection and Privacy Statement
Nexus is a global network of alumni networks focused on social change (the “Network”). This Network is designed to enable its members to (1) share and access knowledge about network-building, (2) find motivation and support, (3) boost the recognition of alumni networks as drivers of social change, and (4) increase the impact of their networks.
In empowering our members to achieve the above objectives, we will need to collect, store, and use some personal data. This data will be needed to admit new members, invite members to various events and opportunities, connect members to each other, and document stories of impact on our members and their alumni networks. In this process, it is also important to maintain the trust of our members as custodians of their data. This document details our philosophy and privacy policy as they pertain to our data processing.
Our Principles
In collecting, storing, and using personal data, we are guided by the following principles:
- Lawfulness: we protect our stakeholders’ privacy in compliance with the General Data Protection Regulation (GDPR) and other applicable laws and regulations.
- Transparency: we are transparent about what data we are collecting about the Network members, how we’re collecting it, and how and why we use it.
- Dignity: we respect the human dignity of all members and will not process personal data in a way that undermines that dignity.
- Purpose limitation and data minimisation: we identify the purpose of the collection of personal data before processing, and we do not engage in any processing inconsistent with that purpose to minimise data collected.
- Confidentiality: we do not disclose personal data to unauthorised persons, whether inside or outside the Network.
Use of Personal Data
We use personal data in connection with activities that are integral to the purpose of the Network, including for admissions processes, fundraising, member engagement, impact measurement and evaluation, and sharing our collective story with the world. With respect to all personal data we process, we identify its purpose before processing and do not engage in any processing inconsistent with that purpose.
Personal Data Collected
While the specific data collected may vary depending on the member and the purpose of the collection, we primarily process the following kinds of personal data:
- Basic biographic/contact information – including names, contact addresses (if applicable), phone numbers, email addresses, and social media contact information (e.g., links to your social media presence on LinkedIn, Twitter, website or blog)
- Demographic information – including gender, photograph, language, citizenship, and race or ethnicity (only with explicit consent or when required by law).
- Educational and employment information – including education history, professional qualifications, company names, job titles, and industry information.
- Information about your use of Network resources – including records of your personal interactions with us (e.g., correspondence, notes of meetings or conversations), programs and initiatives in which you have participated, and services that we have provided you.
- Information about your participation in the Network – including your connections to other members, event attendance, organisation affiliations, and committee participation.
Sensitive Personal Data
- We do not seek to obtain the following categories of information from you: religious beliefs, sexual orientation, political opinions, or trade union status.
- We only process data related to race or ethnicity with your explicit consent (e.g., for the purposes of facilitating opportunities targeted to specific demographic groups) or when required to by law.
How We Collect Personal Data
You directly provide to us a significant portion of the personal data we collect through:
- your initial engagement with us (e.g., by submitting an application to join the Network),
- your direct participation in our engagement offers and ongoing interactions with us (e.g., by corresponding with Network staff),
- your registration to attend an event.
We also collect your information when you have provided us consent to do so (e.g., your consent to the use of your name, image, and likeness in our impact stories and reports).
In some cases, we may supplement the information that you provide to us directly with publicly available information, which we obtain from various sources, including:
- Your organization’s website.
- Public records, including those related to property and donations.
- Social media sites, such as LinkedIn.
Sharing of Your Personal Data
Internally
To perform the functions within the Network’s mandate, it may be necessary to share your personal data with other Network members, and the Network’s Steering Committee.
Externally
Generally, when sharing data externally, we will share only anonymized or aggregated data that is not identifiable to any individual. Most commonly, we share anonymised or aggregated data to measure and evaluate our success in fulfilling the Network’s mission – e.g., when communicating to donors about the impact of their donations or sharing with the world our story. In limited instances, we may share your personal data:
- When you provide us with your express consent;
- When you participate in events or programming that is open to broader audiences, we may provide personal information, and otherwise use personal information, to facilitate contact with other participants, unless you have expressly requested that we not publish that information.
How We Keep Your Personal Data Secure
We always process your personal data securely, minimise its collection, and limit its use to the purposes for which it was collected. We use administrative, technological, and physical security measures to protect your personal data, including role-based access requirements and other safeguards.
How Long We Keep Your Personal Data
We consider our relationship with our members to be life-long. This means that we will maintain a record for you until such time as you tell us that you no longer wish us to keep in touch. We store personal data only as long as necessary for its purpose.
Upon a request to delete your information, we will maintain a limited subset of personal data to ensure we do not contact you inadvertently in the future, as well as any information necessary for our archival or legal purposes.
Individual Access and Control
You have the right to access or amend your personal data; request that the Network restrict its processing of your personal data; object or unsubscribe to communications; or ask for the transfer of your personal data electronically to a third party. You have the right to withdraw your consent to our processing of your personal data at any time by notifying us at the contact information below. You also have the right to the erasure of your information, provided there is no legitimate reason for the Network to continue to process or retain the information.
Further Information
If you have any concerns or questions about the above policy, please contact Kamini Paul, CEO, at kamini@inhiveglobal.org.