Privacy and CPFP
If there are changes in our personal information practices we will update this policy and provide notice on the CPFP site that the policy has been updated.
WHAT INFORMATION WE COLLECT WHEN YOU USE THE CANADA PRESS FREEDOM PROJECT SITE
CPFP uses your personal information to offer and provide you services. They include:
- to fulfill your request for access to our site;
- to make improvements to our site and if we develop new related sites;
- to communicate with you;
- to maintain and improve the security of our sites and to detect and prevent fraud;
- to facilitate the general management and administration of the CPFP site, including to meet relevant regulatory, legal, insurance, audit, security and processing requirements.
If you provide your express consent, some devices can transmit your location data. If you choose to share location data with CPFP you will be able to turn off such data collection at any time through the privacy or location settings on your mobile device.
For more information about Google Analytics or to prevent the storage and processing of this data (including your IP address) by Google, you can download and install its opt-out browser plug-in. Additional information about Google Analytics’ data privacy and security is available on Google’s privacy and terms page.
MORE INFORMATION ABOUT COOKIES AND OTHER SIMILAR TECHNOLOGIES
Most browsers are initially set up to accept cookies, but offer a number of ways to control cookie preferences should you wish to withdraw your consent or limit the collection of your information by disabling cookies. Typically, users can: disable all cookies (not recommended), require approval each time a site attempts to place a cookie, remove cookies manually or have them deleted automatically after a certain period. For step-by-step instructions on how to modify cookie preferences, please consult your browser’s support documentation. You can find instructions for commonly used browsers here:
CPFP does not require you to accept cookies but disabling cookies on your browser may reduce the functionality of elements of our site.
If you navigate away from our site, for example, by clicking on a link in a story on the CPFP site, other parties may also place a cookie in your browser. The use of such cookies is governed by the privacy policies of those other parties. CPFP does not control, nor is responsible for the activities or practices of such other parties.
DONATIONS TO J-SOURCE
Financial donations to the Canada Press Freedom Project are made through the websites of Carleton University and Toronto Metropolitan University. Privacy conditions related to donations are covered by the policies of Carleton University and Toronto Metropolitan University.
SECURITY AND STORAGE
CPFP has in place measures to protect the information we collect from loss, theft, and unauthorized access, disclosure, copying, use, or modification.
CPFP uses Google software and tools to collect and store data and to drive its aggregation on our website. All data collected by CPFP remains the property of CPFP. It is not sold to third parties.
While in transit data is encrypted at several levels. Google forces HTTPS (Hypertext Transfer Protocol Secure) for all transmissions between users and Google Workspace services and uses Perfect Forward Secrecy (PFS) for all its services. Google also encrypts message transmissions with other mail servers using 256-bit Transport Layer Security (TLS) and utilizes 2048 RSA encryption keys for the validation and key exchange phases. This protects message communications when client users send and receive emails with external parties also using TLS. PFS requires that the private keys for a connection are not kept in persistent storage. Anyone who breaks a single key can no longer decrypt months’ worth of connections; in fact, not even the server operator is able to retroactively decrypt HTTPS sessions.
This ensures that messages are safe not only when they move between CPFP and Google’s servers, but also as they move between Google’s data centres. Data that is deleted by CPFP is removed from Google servers.
Customer data that is uploaded or created in Google Workspace services is encrypted at rest. Google has also enabled HTTPS for all of Google Workspace services so that your data is encrypted when traveling from CPFP to Google and also while in transit between Google data centres. This includes:
- Gmail—Messages and attachments
- Drive—Files in Drive and all file metadata (e.g. titles and comments)
- Docs—Content authored by the owner or collaborators of the document
- Sheets (including Forms)—Content authored by the owner or collaborators of the spreadsheets
LEGAL REQUESTS AND DISCLOSURES
We will challenge any requests for site user information we consider illegitimate. Should third parties solicit the disclosure of your personal information, we will do everything in our power to protect it. If we are required by law to respond to a request to provide information you submit to us, we will make every effort to contact you by email to let you know we have received a request and seek your advice and assistance in responding. Should you decide not to challenge such a request, we may be required by law to provide it to the requesting third party.
If Google receives a government data request for Cloud customer data, it is Google’s policy to direct the government to request such data directly from the Cloud customer. Google has a process for evaluating and responding to government requests, including CLOUD Act data requests issued pursuant to a CLOUD Act executive agreement. It has a team that reviews and evaluates each request it receives to make sure it satisfies legal requirements. When compelled to produce data, Google notifies enterprise customers before any information is disclosed, unless such notification is prohibited by law or except in emergency situations involving a threat to life. Google will, to the extent allowed by law and by the terms of the request, comply with a customer’s reasonable requests regarding its efforts to oppose a request.
The CPFP is hosted by United States-based Pagely Inc. Personal information on the CPFP site hosted through Pagely is stored in Canada. All requests to Pagely for personal information from the CPFP site are forwarded to CPFP for response. Pagely does not respond to requests for information.
HOW TO CONTACT J-SOURCE
If you have any questions or concerns about this privacy notice or our privacy practices, you may contact CPFP at firstname.lastname@example.org