Privacy and Information Security Policies | Regional Revitalization Partnership -- Center For Regional Strategies

Privacy Policy

Effective Date: March 26, 2025
Last Updated: March 26, 2025

1. Who We Are

This website is owned and operated by Center for Regional Strategies, a 501(c)(3) not-for-profit organization based in Buffalo, NY. We are committed to protecting the privacy and personal information of our visitors and users. If you have any questions, you can contact us at info@centerforregionalstrategies.org.

2. What Personal Data We Collect

We may collect the following types of personal data when you interact with our site:

Your name and contact details (such as email or phone number)
Information you provide via contact forms or inquiries
Technical information such as your IP address and browser type

3. How We Use Your Information

We use your personal data to:

Respond to your messages or inquiries
Provide services or information you request
Improve the functionality, security, and performance of our website
Comply with legal obligations

4. Legal Basis for Processing

We process your data based on one or more of the following legal grounds:

Your consent (e.g., submitting a form)
Our legitimate interest in running and improving our website
Compliance with legal obligations

5. How We Protect Your Data

We take data security seriously and implement appropriate technical and organizational measures.
Data is stored securely and access is limited to authorized individuals.
We work with trusted service providers who follow high standards of data protection.

6. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes described in this policy, or as required by law. Inquiries and contact form submissions are typically deleted within 12 months.

7. Sharing Your Data

We do not sell or rent your personal information. We may share data with:

Service providers (like our web hosting or analytics providers)
Contractors assisting with technical or administrative tasks
Authorities if required by law

All third parties we work with are required to maintain strict confidentiality and comply with data protection regulations.

8. Your Rights

You have the right to:

Access the personal data we hold about you
Request corrections or deletion of your data
Withdraw your consent at any time
Lodge a complaint with a data protection authority if you believe your data rights are being violated

9. Cookies

Our website may use cookies to enhance your browsing experience and collect usage statistics. You can manage cookie preferences through your browser settings.

10. Updates to This Policy

We may update this Privacy Policy from time to time. Any changes will be posted on this page with a new ‘Last Updated’ date.

_______________________

Information Security Policy

At Center for Regional Strategies, we take data protection and information security seriously.

We follow recognized industry standards and best practices, including those outlined in:

ISO/IEC 27001, 27005, and 27035 for information security management, risk assessment, and incident response
GDPR for data privacy and user rights
New York State and Federal Cybersecurity regulations

We use secure servers, encrypted communications (HTTPS), strong access controls, and reputable third-party services to help ensure the confidentiality, integrity, and availability of your information.

If you have questions about our security practices or need to report a concern, please contact us at info@centerforregionalstratgies.org.