Uplift and MyUplift Terms of Use

(Updated ??)

This document provides a concise policy regarding terms of use of Uplift and MyUplift.

1. Introduction

1.1 The Website is owned and operated by Uplift, A People-Powered Community. These Terms of Use and Privacy Statement outline the terms and conditions you consent to when using the Uplift website including creating and signing campaigns.

1.2 Uplift is independent of all political parties and upholds the values of social justice, equality, deepening democracy and sustainability. We reserve the right to remove any campaigns or comments that do not reflect these values. All decisions in this regard will be made at the sole discretion of Uplift.

1.3 The Terms and information contained in this statement may change at any time and without notice.

1.4 If you have any questions about the Terms or the Privacy Statement, please contact [email protected]. Uplift, A People-Powered Community is a limited company registered in Ireland under company number 544851. Our registered office is located at 13 North Main Street, Cork, T12 Y6W0.

1.5 The Terms of Use policy should be read in conjunction with Upift’s data protection policy.

2. Creating a petition or campaign actions

2.1 You can use the website to create one or more campaigns to advocate a cause that does not promote: hatred, violence, discrimination, defamation, disinformation or stereotypes based ethnicity including membership of a minority community, marital status, gender, religion, nationality, disability, sexual orientation, or age and that promotes Uplift’s core values.

2.2 Any campaign actions are subject to moderation and/or approval before and after they become available for public access or signing.

2.3 Where there is a concern about alignment of a campaign with Uplift values and these Terms of Use it will be reviewed by the Staff team or the Member Review Panel. If a decision is made that your campaign is not consistent with the purposes in clause 1.2 and 2.1 your campaign will not be approved.

2.4 Our website is nonpartisan and cannot be used by or on behalf of a political party or to promote businesses or commercial purpose. Campaigns may not explicitly promote political parties.

• If you are a politician or part of a local political party you are welcome to start a petition. However we reserve the right to edit or remove a petition if we judge its main purpose is to promote or oppose a political party, or candidate.
• Petitions should be set up by individuals and not under a party name.
• Petitions should focus on policy alone and not internal party politics.
• Please inform the Uplift team if you are an elected official or candidate so that we can mark your petition appropriately.

2.5 Creating a petition or campaign action is subject to creation of an account with Uplift. You must provide information about yourself that is true, current and complete.

2.6 As the creator of a campaign, you do not have automatic access to the names, phone numbers and other personal information of individuals supporting your petition. You may be provided this information if it is provided for the purpose of participation in a specified action ie survey and may not be used for any purpose other than intended.

2.7 Where an action is a petition and is intended to be submitted to the action target(s) named in the petition, the signature records attached to the action may only be given to the target(s) named in the petition or to a direct representative of the named target(s).

2.8 We may provide the option for you to send email correspondence to your petition supporters. Where this function is provided it is subject to limits as well as moderation or approval by Uplift staff team.

2.9 You must immediately stop sending messages (including by email, SMS and MMS or other electronic correspondence) to anyone who asks to be unsubscribed from your communications.

2.10 You acknowledge that Uplift has no control over the messages sent to you by the individuals or organisations who sign your campaign.

2.11 You release and forever discharge us from any liability, action, claim, loss or damage you suffer or incur relating to, or in connection with, any campaign you create on the Website and any messages you receive from other users of the Website.

3. Events

3.1 Where a user generated event appears in connection with an Uplift campaign, the event is not endorsed or otherwise verified by us. You will use your judgement and accept personal liability for risks involved in attending or signing up to attend any events you may encounter either directly or indirectly through your use of Uplift.

3.2 Uplift does not support any commercial use of our platform, including events with fees.

4. Partnerships and groups

4.1 Partnership and cooperatively run campaigns using the MyUplift platform tools will be governed by these terms.

4.2 Personal information of campaign participants may not be shared between us and our campaign organisers unless this is explicitly accepted by the campaign participants and is subject to our discretion thereafter.

4.3 Personal information of campaign participants may not be shared between campaign organisers and any third party partners unless this is explicitly accepted ie an opt in tick box, by the campaign participants.

4.4 Any partnership arrangement resulting in access to contact details for campaign participants, subject to 1.2 and 2.1 above, must guarantee fair and reasonable management of such information in line with Irish privacy laws and provide for campaign participants to unsubscribe from further contact with minimal intervention, i.e. in email unsubscribe links.

5. Accessing the website

5.1 We reserve the right to withdraw or change the service provided without notice. We do not guarantee that our website, or any content on it, will always be available or be uninterrupted. We are not liable if, for any reason, the Uplift website and MyUplift platform is unavailable for any period of time.

5.2 From time to time, we may restrict access to some parts of the website, or the entire website, to users who have registered with us.

5.3 If you are provided with a user identification code, password, or any other piece of information as part of our security procedures, you must treat such information as confidential, and you must not disclose it to any third party.

5.4 We have the right to disable any user identification code or password, whether chosen by you or allocated by us, at any time, if in our opinion you have failed to comply with any of the provisions of the Terms.

5.5 You are also responsible for ensuring that all persons who access the Website through your internet connection are aware of the Terms, and that they comply with them.

5.6 You must use our website in accordance with these Terms of Service only for lawful purposes and in a way which does not infringe the rights of anyone or restrict or inhibit anyone’s use of our website.

6. Intellectual property rights

6.1 We are the owner or the licensee of all intellectual property rights on the website, and in the material published on it (except where content is specifically identified as third party content). Those works are protected by applicable intellectual property and other laws around the world. All such rights are reserved.

6.2 In submitting or posting content that you are the owner of, you grant to us a worldwide, irrevocable, non-exclusive, royalty free licence to use, reproduce, adapt, publish, translate, and distribute such content in any media. You also grant us the right to sub-license such rights solely for the purposes provided on the website.

6.3 You may print off and download extracts, of any page(s) from our website for your personal reference. You may draw the attention of others within your organisation to material posted on the website.

• You must not, in any way, modify the paper copies you have printed off, or digital copies you have downloaded.
• You must acknowledge our status as the authors of material on the website (and that of any identified contributors).
• You must not use any part of the content on the website for commercial purposes.

7. Reliance on information posted

7.1 It is your sole responsibility to ensure that your content is based on reliable factual information and that all claims made can be fully substantiated. You agree to provide Uplift with evidence to support your content if concerns are raised about its accuracy.

7.2 The content and commentary on the website are not advice. You should not treat them as advice or rely on them as such. We are not liable or responsible for anyone relying on the content or treating it as advice, whether they are a visitor to the Website or are otherwise informed of its contents.

8. Use by minors and user identity

8.1 Before using the website, minors under the age of 16 must have the consent of their parent or guardian. We advise parents, guardians, or other responsible adults who permit children to use the Internet, that it is important that they communicate with children about their safety online.

8.2 It is impossible for us to determine with any degree of certainty whether a user is the person they claim to be. We are not liable for the actual identity of any user. You are solely responsible for verifying the actual identity of other users.

9. Our website changes regularly

9.1 We aim to update the website regularly, and may change the content at any time. If the need arises, we may suspend access to our site, or close it indefinitely. The content on the Website may be out-of-date at any given time, and we are under no obligation to update such content.

9.2 Each time you use our website including adding content, you will be bound by the then current Terms, and Uplift’s Data Protection and Privacy Statement. You should review these each time you access and use our website, to satisfy that you are happy with them.

10. Our liability

10.1 The content displayed on the website is provided without any guarantees, conditions, or warranties as to its accuracy.

10.2 To the extent permitted by law, we, and third parties connected to us, hereby expressly exclude:

• all conditions, warranties, and other terms, which might otherwise be implied by statute, common law or the law of equity;
• any liability for loss or damage incurred by any user in connection with the use, inability to use, or results of the use of our website, any websites linked to it and any material posted on it; and
• any liability for any direct, special, indirect, or consequential loss or damage incurred by any user in connection with the website or in connection with the use, inability to use, or results of the use of the website, any websites linked to it and any materials posted on it, including, without limitation any liability for:
  • loss of income or revenue;
  • loss of business;
  • loss of profits or contracts;
  • loss of anticipated savings;
  • loss of data;
  • loss of goodwill;
  • wasted management or office time; and
  • for any other loss or damage of any kind, however arising, and whether caused by tort (including negligence), breach of contract or otherwise, even if foreseeable.

10.3 Nothing in this section affects our liability for death or personal injury arising from our negligence, nor our liability for fraudulent misrepresentation or misrepresentation as to a fundamental matter, nor any other liability which cannot be excluded or limited under applicable law.

11. Information about you and your visits to the website

11.1 We process information about you in accordance with our Data Protection and Privacy Policy. In using the website, you guarantee that all information you provide is accurate. You also guarantee that, where you have disclosed another’s personal data, they have agreed to such processing.

12. Restricted uses

12.1 You may use our website for lawful purposes only. You may not use our website:

• In any way that breaches any applicable local, national, or international law or regulation.
• In any way that is unlawful or fraudulent, or has any unlawful or fraudulent purpose or effect.
• For the purpose of harming or attempting to harm minors in any way.
• To send, knowingly receive, upload, download, use, or re-use any content which does not comply with our Content Standards (see Section 13 below).
• To transmit, or procure the sending of, any unsolicited or unauthorised advertising or promotional material, or any other form of similar solicitation (spam).
• To transmit any data, send, or upload any material that contains viruses, Trojan horses, worms, time-bombs, keystroke loggers, spyware, adware, or any other harmful programs or similar computer code designed to adversely affect the operation of any computer software or hardware.

12.2 You also agree:

• Not to reproduce, duplicate, copy or re-sell any part of our website in contravention of the provisions of these Terms.
• Not to access without authority, interfere with, damage, or disrupt:
• any part of our website;
• any equipment or network on which our website is stored;
• any software used in the provision of our website; or
• any equipment, network, or software owned or used by any third party.

12.3 The site may not be used to garner votes for any political party or candidate.

12.4 You may report another user’s activities, which violate applicable laws and/or these Terms, by emailing [email protected]

13. Content Standards

13.1 The following content standards apply to any and all content you contribute to our website, and to any associated services. You must comply with the spirit, as well as the letter, of the following standards. The standards apply to each part of a contribution as well as to its whole.

13.2 Contributions must:

• Be accurate (where they state facts);
• Be genuinely held (where they state opinions); and
• Comply with the applicable law in any country from which they are posted.
• Adhere to Uplift’s values of equality, social justice, democracy and sustainability.

13.3 Contributions must not:

• Contain any material which is defamatory of any other person;
• Breach the data protection or privacy rights of any person;
• Contain any material which is obscene, offensive, hateful, or inflammatory;
• Promote sexually explicit material;
• Promote violence;
• Promote discrimination based on ethnicity including membership of a minority community, marital status, gender, religion, nationality, disability, sexual orientation, or age;
• Infringe any patent, copyright, database right, trademark, or other intellectual property right of any other person;
• Be likely to deceive any other person;
• Jeopardise Uplift’s political independence;
• Be made in breach of any legal duty owed to a third party, such as contractual duty or a duty of confidence;
• Promote any illegal activity;
• Be threatening, abusive, or invade another’s privacy, or cause annoyance, inconvenience, or needless anxiety;
• Be likely to harass, embarrass, alarm, any other person;
• Be used to impersonate any person, or to misrepresent your identity or affiliation with any person;
• Give the impression that they emanate from uplift, if this is not the case;
• Advocate, promote, or assist any unlawful act such as (by way of example only) copyright infringement or computer misuse.
• Contribute to the spread of disinformation; or
• Conflict with Uplift’s core values as stated above

14. Uploading and contributing material to our site

14.1 When you upload content to the website or make contact with other users of the website, you must comply with all applicable laws and the Content Standards set out in Section 13. You guarantee that your contribution complies with applicable laws and our Content Standards, and you indemnify us for any breach of that warranty.

14.2 Any content you upload to our website is considered non-confidential and non-proprietary. We have the right to use, copy, distribute, and disclose to third parties, any such content, for any purpose. We also have the right to disclose your identity to any third party who claims that any content posted or uploaded by you to the website constitutes a violation of their intellectual property rights, or of their right to privacy.

14.3 We are not responsible, or liable to any third party, for the content or accuracy of any materials posted by you or any other user of the website.

14.4 We have the right to remove any content or posting you make on the Website if, in our opinion, such content does not comply with the Content Standards (see Section 13 above).

14.5 You understand and agree that we may, in our sole discretion and without notice, edit and/or remove any content you have created on our website.

15. Viruses, hacking and other offences

15.1 You must not misuse the website by knowingly introducing viruses, trojans, worms, logic bombs, keystroke loggers, spyware, adware, or any other material which is malicious or technologically harmful.

15.2 You must not introduce similar computer codes designed to adversely affect the operation of any computer software or hardware.

15.3 You must not attempt to gain unauthorised access to the website, the server on which the website is stored, or any server, computer, or database connected to the website.

15.4 You must not attack the website using a denial-of-service attack or a distributed denial-of service attack.

15.5 By breaching this provision, you may be committing a criminal offence under the Criminal Justice (Theft and Fraud Offences) Act 2001, the Criminal Damage Act 1991, and the Criminal Justice Act 2011, or other applicable legislation.

15.6 We will report any such breach to the relevant law enforcement authorities and we will cooperate with those authorities by disclosing your identity to them. In the event of such a breach, your right to use the website will cease immediately.

15.7 We are not liable for any loss or damage caused by a distributed denial-of-service attack, viruses, or other technologically harmful material that may infect your computer equipment, computer programs, data, or other proprietary material due to your use of the Website or to your downloading of any material posted on it, or on any website linked to it.

15.8 You must not harvest or collect email addresses, mobile phone numbers or other personal information about other users of our website for the purpose of sending unsolicited commercial messages or for any other purpose other than your campaign.

16. Suspension and termination

16.1 We will determine, in our discretion, whether there has been a breach of the Terms through your use of our website. If a breach of the Terms has occurred, we may take such action as we deem appropriate. Failure to comply with the Terms constitutes a material breach of the terms upon which you are permitted to use our website, and may result in our taking all or any of the following actions:

• Immediate, temporary or permanent withdrawal of your right to use our website.
• Refusal to publish or post, or immediate, temporary or permanent removal of any posting or material uploaded by you to our website.
• Issuing a warning to you.
• Issuing legal proceedings against you for reimbursement of all costs on an indemnity basis (including, but not limited to, reasonable administrative and legal costs) resulting from the breach.
• Taking further legal action against you.
• Disclosure of such information to law enforcement authorities as we reasonably feel is necessary.
• Limiting or restricting access to features or content

16.2 We exclude liability for actions taken in response to breaches of the Terms. The responses described in the Terms are not limited, and we may take any other action we reasonably deem appropriate with or without notification.

17. Indemnity

17.1 You agree to indemnify us and keep us indemnified (including our directors, agents, volunteers and employees) against all losses, costs, charges, demands, proceedings, damages, actions, expenses, and claims howsoever incurred by us as a result of your use of this website or a breach by you of any of these Terms.

17.2 In the event that your contributions infringe any rights of any third party, you shall, at your own expense and at your discretion, either obtain the right to use such contribution or render such contribution free of any infringement.

18. Linking to and from the website

18.1 If you wish to make any use of material on the website other than that set out above, please address your request to [email protected].

18.2 The links from the website to other sites and resources provided by third parties are provided for your information only. We have no control over the contents of those sites or resources, and accept no responsibility for them, or for any loss or damage that may arise from using them.

19. Waiver

19.1 If we fail to insist upon strict performance of any of our obligations under any of these Terms, or if we fail to exercise any of the rights or remedies to which we are entitled under these Terms, this shall not constitute a waiver of these rights or remedies and shall not relieve you from compliance with such obligations.

19.2 A waiver by us of any default shall not constitute a waiver of any subsequent default. No waiver by us of any of your obligations under these Terms shall be effective unless it is expressly stated to be a waiver and is communicated to you in writing.

19.3 Campaigns on our website are not endorsed or authorised by Uplift

20. Jurisdiction and applicable law

20.1 The Irish courts will have exclusive jurisdiction over any claim arising from, or related to, a visit to the website. We retain the right to bring proceedings against you for breach of these conditions in your country of residence or in any other relevant country.

20.2 These terms of use, and any dispute or claim arising out of or in connection with them or their subject matter or formation (including non-contractual disputes or claims), shall be governed by, and construed in accordance with, the laws of Ireland.

21. Closing your account and unsubscribing

21.1 If you signed up to Uplift including MyUplift with a username and password you may close an account at any time by signing in using your account details to close your account. Uplift cannot be held responsible for any information or content that is lost in this process.

21.2 If you wish to stop receiving emails from Uplift you may do so at any time by clicking an “unsubscribe” link, included toward the bottom of all email correspondence Uplift sends and on the website.

21.3 If you wish to obtain a copy of any of the data held about the information held about you by Uplift please submit a request here.

21.4 If you wish to have all your data permanently deleted please you can do this by emailing [email protected].

22. Participation in a campaign action

22.1 Uplift provides petitions and other signable campaign actions. If you would like to sign any action on the website, you must provide us with information about yourself that is true, current and complete. You do not need to set up an account to sign an action.

22.2 When you provide Uplift with your email address and, at your option, your mobile phone number, you will be requested to provide consent to receiving transactional messages (including by email, SMS and/or MMS) or messages of specific importance to our service, in line with our obligations under GDPR and as laid out in Uplift’s data protection and privacy policy.\

22.3 Campaign actions also include an option to receive campaign related messages from Uplift. Agreeing to receive these messages will permit messages to be sent to you from:

• Uplift, in relation to the campaign you participated in and other issues of concern to the Uplift community,
• the petition creator in relation to the campaign you participated in.

22.4 You can unsubscribe from messages sent by us and/or our related bodies and trusted partners at any time by clicking on the “unsubscribe” link at the bottom of our emails.

22.5 You may request details of all activity in relation to your participation with Uplift actions and campaigns.

22.6 You acknowledge that:

• Where explicit consent has been granted by you that when you sign a campaign on our website, your name, eir/postcode and (if you have supplied it) your mobile phone number may be made available to the creator of the campaign;
• the creator of a campaign may export the campaign, together with any information you have provided on our website, subject to consent being granted by you, in connection with the campaign (including your name, post code, phone number and comments), and issue a copy of this information to the individual or organisation being petitioned and/or otherwise publish, broadcast, communicate and display publicly your involvement in the campaign; and
• we are not in control over messages sent to you by the creator of the campaign.
• you release and forever discharge us from any liability, action, claim, loss or damage you suffer or incur relating to, or in connection with your involvement in any campaign you sign on our website (including any messages you receive from the creator of a campaign) and any messages you receive from other users of our website.

23. Using the website with a third-party identity provider

23.1 If an option to access Uplift features using a third party identity service is provided (such as Facebook, Google or OpenID), choosing such an option will grant Uplift permission to access some of your profile information from the service for the purpose of enabling our features. This is limited to basic profile information, contact details and a user id and may be stored or merged with existing user profiles you have created on the website.

24. Severability

24.1 If any of these Terms are determined by any competent authority to be invalid, unlawful, or unenforceable to any extent, such terms, conditions, or provisions will be removed from the remaining terms, conditions, and provisions which continue to be valid to the fullest extent permitted by law.

Uplift Data Protection & Privacy Policy

(Updated 28th May 2021)

This document provides a concise policy regarding the data protection obligations of Uplift and is part of our commitment to data protection by design and default.

Uplift is a data controller with reference to the personal data which it manages, processes and stores.

Uplift commitment to data protection

Transparency and accountability are core principles at Uplift, which is why we respect your rights to privacy and data control. Participants and members can expect full compliance with both the General Data Protection Regulation (GDPR) and Ireland’s own data protection laws.

Purpose of this Policy

As a data controller, Uplift and its staff (hereafter referred-to collectively as Uplift) must comply with the data protection Principles set out in the relevant Irish and EU legislation.

This Policy applies to all personal data collected, processed and stored by Uplift in the course of its activities. This Policy is designed to ensure Uplift’s compliance with the following legislation:

• The European General Data Protection Regulation (GDPR)
• The EU Electronic Communications “ePrivacy” Regulations (2011)

The GDPR confers rights on individuals as well as additional responsibilities on those persons and organisations processing personal data and Uplift will ensure that all policies and activities are done in compliance with this legislation.

1. Why does Uplift collect and process personal data?

Uplift, as a data controller, collects, processes and stores personal data on an ongoing basis – only when a member permits us to do so. Uplift collects data about its staff, volunteers, donors, partners and members who come into contact with the organisation through our work. We process personal data for the following reasons:

• The collection and management of petition signatures;
• The collection and management of survey results;
• The facilitation of communication between Uplift members and individuals (e.g., politicians and CEOs) related to campaigns;
• The facilitation of community events;
• The facilitation of sharable community content for social media;
• The notification of members, regarding relevant activities, via instant messaging services (SMS, WhatsApp or similar) and by phone;
• Communication between members of the public, staff, and volunteers;
• The collection and management of donations;
• The operation, monitoring and evaluation of our work;
• The recruitment, management and payment of staff;
• Ensuring the security of staff and premises;
• Compliance with statutory obligations;
• For fundraising purposes,

This Policy applies to all data collected, both manually and automated, held by Uplift. This includes electronic and paper records.

2. What data does Uplift collect and process?

In order to provide you with an optimal web experience, build community power and positive change in Ireland, we need to collect and process your personal data.

The following table gives a summary of the personal data we collect from you, how we process it, and according to personal data protection regulations, what is the legal basis for the processing of your personal data.

Lawful processing

We are required to have one or more lawful grounds to process your personal information. Only 3 of these are relevant to us:

• Personal information is processed on the basis of a person’s consent
• Personal information is processed on the basis of a contractual relationship
• Personal information is processed on the basis of legitimate interests

2.1 Consent

We will ask for your consent to use your information for the following purposes:
to send you electronic communications such as emails, surveys, newsletters and fundraising emails
to collect and analyse sensitive personal information in the form of survey responses

2.2 Contractual relationships

Most of our interactions with subscribers and website users are voluntary and not contractual. However, sometimes it will be necessary to process personal information so that we can enter contractual relationships with people. For example, if you apply for a paid position, role or to volunteer with us.

2.3 Legitimate interests

Applicable law allows personal information to be collected and used if it is reasonably necessary for our legitimate activities (as long as its use is fair, balanced and does not unduly impact individuals’ rights).

We will rely on this ground to process your personal data when it is not practical or appropriate to ask for consent.

Achieving our purposes

These include (but are not limited to) pursuing campaigns in line with our values:

• Social justice is about the fair distribution of wealth, resources and privileges within society. Uplift members believe in the right of people to realise their full potential. This includes taking a stand on the rights of low paid workers, progressive taxation, challenging exploitation, access to quality accommodation, health care, and public services.
• Uplift members believe that discrimination and prejudice need to be challenged so that everyone can participate fully and equally. This includes taking a stand against racism, sexism, classism, transphobia, ableism, homophobia and biphobia. It also means taking a stand for the rights of communities experiencing economic, social, and political exclusion.
• Our planet is in extreme danger and Uplift members stand up for protecting our natural resources, including our woodlands, by fighting policies and practices that cause climate change and environmental destruction.

3. Who has access to your data?

Uplift staff have access to your data and they process it in line with the purposes and practices outlined in this document.

Petition starters can access a limited subset of data related to their campaign. They can see your full name and county so that they can deliver the list of signatures to the target of the petition. Petition starters are bound by our terms and conditions and required to use your data only for the purpose of petition delivery.

Campaign targets receive a subset of your data, depending on the action:

• Petitions: petition deliveries include your full name
• Emails: when Uplift facilitates sending an email to a campaign target with a template, your email address, name, postal address and any other data you include in the email body is shared
• Phone calls: when Uplift facilitates making a phone call to a campaign target, the target receives your phone number (via caller ID)
• Surveys: where specified survey answers or summary results are shared to persuade campaign targets or the public. We will always indicate when a survey is intended to be shared

3.1 The use of third-party data processors

In the course of its role as data controller, Uplift engages third-party service providers, or data processors, to process personal data on its behalf.

In each case, a formal, written contract is in place with the processor, outlining their obligations in relation to the personal data, the security measures that they must have in place to protect the data, the specific purpose or purposes for which they are engaged, and the understanding that they will only process the data

• as instructed by Uplift, and
• in compliance with the European General Data Protection Regulation and the EU Electronic Communications Regulations.

The contract will also include reference to the fact that the data controller is entitled, from time to time, to audit or inspect the data management activities of the data processor, and to ensure that they remain compliant with the relevant legislation, and with the terms of the contract.

Regular audit trail monitoring will be carried out to ensure compliance with this Agreement by any third-party entity which processes personal data on behalf of Uplift.

Failure of a data processor to manage Uplift’s data in a compliant manner will be viewed as a breach of contract, and will be pursued through the courts if necessary.

4. How is your data protected?

Uplift will ensure that the personal data it collects will be protected against unauthorised or unlawful processing and against accidental loss, destruction or damage. To this end, Uplift will employ high standards of security in order to protect the personal data under its care. Uplift’s Password Policy and Data Retention & Destruction Policies guarantee protection against unauthorised access to, or alteration, destruction or disclosure of any personal data held by Uplift in its capacity as data controller.

In the event of a data breach likely to result in a risk to the rights and freedoms of the data subject or other persons, Uplift will notify the Irish Data Protection Commissioner without undue delay and, where feasible, within 72 hours after having become aware of the breach, in line with Article 33 of the GDPR.

5. How is your data processed?

Uplift processes data in a variety of ways in order to run effective campaigns. Most often, this involves emailing members or reviewing survey data.

5.1 Why are we sending you emails?

Uplift sends or facilitates the sending of emails in several ways:

• Emails from Uplift staff team about campaign updates, opportunities for action and fundraisers. You only get these emails if you took action with us at some point in the past and selected “Yes, tell me how I can support people powered change”, and you can opt out any time by clicking the unsubscribe link in any of these emails
• Emails confirming your action or “Thank you” emails. Everyone gets these emails so that we can be sure the real owner of the email address took this action, and to give you the opportunity to correct the record if necessary
• Emails from petition starters via MyUplift. Petition starters are able to email anyone who signed their petition and selected “Yes, tell me how I can support people powered change”, with some moderation by the Uplift staff team. You can opt out any time by clicking the unsubscribe link in any of these emails
• Direct responses – when you get in touch by responding to one of our emails or sending a message to [email protected], a volunteer or member of the staff team will respond to you directly
• Emails to individuals (politicians, public figures such as CEOs) from Uplift members. Uplift facilitates these messages with templates and tips for email writing, but they are sent by individual members (as reflected in the “from” address).
• Emails to journalists. We will occasionally send press releases with information we feel is newsworthy or otherwise relevant to journalists.

5.2 Member surveys and research

We may use your personal information to undertake research.

We may combine this information with other personal information you have given us in the past, or which we collect via member surveys (see section 6 below) for this purpose. And we may collect demographic and attitudinal information for this analysis.

This may include creating member ‘personas’ and profiles of your interests. This helps us to get a better understanding of your background, interests and preferences in order to improve our communications and/or interactions with you, to help ensure they are targeted to be relevant and appropriate, and to provide information (sometimes through third parties) about campaigns and other aspects of our services which we consider may be of interest to you. It also allows us to better understand our members and ensure your member experience is tailored to your needs.

Additionally it allows us to (i) focus our resources on issues of interest to our members, and (ii) send out communications through mediums (for example, we might focus on advertising in publications where most of our members get their news), that are of interest to our members.

We may analyse this information in anonymous/ aggregated form (so that it does not identify you) and share that analysis with key decision makers – for example, to tell TDs that hundreds of Uplift members in their constituency are nurses.

We rely on our legitimate interests to undertake data processing for these purposes. If we use your special category data for these purposes, we will obtain your explicit consent where necessary or rely on other conditions under applicable data protection law.

We may use third parties, such as data analysts, to assist us with undertaking this type of research and profiling.

5.3 Pixel tracking

We use ‘pixel trackers’ (including trackers provided by SendGrid) to provide us with insights about the way you interact with our emails, so we can learn about the effectiveness of our communications. For example, these tools tell us when and if you open an email from Uplift and whether you click on a link within the email. This is useful because it allows us to decide what kind of content you and our other members are interested in receiving.

We may then change the type of emails we send to you and our membership, or stop sending you emails at all if it seems you are no longer interested to hear from us.

These tools also protect our communications from being incorrectly flagged as ‘spam’ by email providers.

If you use an email client that allows it, you can ‘block’ pixels by changing your settings to block images being loaded by default.

5.4 Donations

Financial transactions carried out on our website are usually handled through Stripe, Inc. (“Stripe”), a third party payment services provider. We recommend that you read Stripe’s privacy policy (available at https://stripe.com/en-ie/privacy) prior to effecting any transactions with us. We will provide your personal data to Stripe only to the extent necessary for the purposes of processing payments for transactions you enter into with us. We do not store your financial details.

You may also donate to us using PayPal. If you donate using PayPal, your personal information will be provided to PayPal so they can process your donation. Please see their privacy notice for more information about how they use and retain your personal information: https://www.paypal.com/uk/webapps/mpp/ua/privacy-full.

Alternatively if you set up a direct debit, we will use a provider called GoCardless to process your regular direct debit payments.

5.5 Public contact data

In the pursuit of our campaign goals, Uplift may collect and categorize publicly available contact information (emails, phone numbers and social media handles). For this specific category, we engage in the following practices:

• We record the public source of the data and when it was collected
• We audit the data at least annually and remove any data which is no longer publicly available

6. Your Rights

Where we rely on your consent to use your personal information, you have the right to withdraw that consent at any time. This includes the right to ask us to stop using your personal information for direct marketing purposes or to be unsubscribed from our email list at any time. You also have the following rights:

6.1 Right to be informed

You have the right to be told how your personal information will be used. This Policy and other policies and statements used on our website and in our communications are intended to provide you with a clear and transparent description of how your personal information may be used.

6.2 Right of access

You can write to us to ask for confirmation of what information we hold about you and to request a copy of that information. Provided we are satisfied that you are entitled to see the information requested and we have successfully confirmed your identity, we will provide you with your data. The simplest way to access your data is to use the form on this page: LINK HERE GDPR BOOKMARK

6.3 Right of erasure

You can ask us for your personal information to be deleted from our records. In many cases we would propose to suppress further communications with you, rather than delete it. The simplest way to ask for your data to be erased is by sending an email to [email protected]

6.4 Right of rectification

If you believe our records of your personal information are inaccurate, you have the right to ask for those records to be updated.

6.5 Right to restrict processing

You have the right to ask for processing of your personal data to be restricted if there is disagreement about its accuracy or legitimate usage.

6.6 Right to data portability

To the extent required by applicable data protection laws, where we are processing your personal information (i) under your consent, (ii) because such processing is necessary for the performance of a contract to which you are party or to take steps at your request prior to entering into a contact or (iii) by automated means, you may ask us to provide it to you – or another service provider – in a machine-readable format.

To exercise these rights, please send a description of the personal information in question using the contact details in section 9 below. We also have specific pages to unsubscribe from our email list (https://id.uplift.ie/subscriptions/unsubscribe?subscription=1). Where we consider that the information with which you have provided us does not enable us to identify the personal information in question, we reserve the right to ask for (i) personal identification and/or (ii) further information.

Please note that some of these rights only apply in limited circumstances. For more information, we suggest that you consult the Data Protection Commission (“DPC”) guidance – or please contact us using the details in section 9 below.

You are further entitled to make a complaint including about the way we have processed your data to the DPC. For further information on how to exercise this right, please see the guidance at https://www.dataprotection.ie/en/individuals/raising-concern-commission.

7. Data retention

Uplift will ensure that personal data is not kept for longer than what is strictly necessary for the purpose for which the data is processed, in line with the principles laid down in Article 5 of the GDPR.

To fulfil this commitment, Uplift has developed a Data Retention and Destruction Policy and associated schedule to ensure Uplift fulfils its obligation in regards to retention periods for all categories of personal data processed by the organisation.

Once the respective retention period has elapsed, Uplift undertakes to destroy, erase or otherwise put this data beyond use, in line with its Data Retention and Destruction Policy.

8. Review

This Policy will be reviewed at least annually by the Board of Directors to ensure alignment to appropriate risk management requirements and its continued relevance to current and planned operations, or legal developments and legislative obligations.

9. Contact

We are not required by law to have a “Data Protection Officer” – however we have a Data Protection Manager.

Please let us know if you have any queries or concerns whatsoever about the way in which your data is being processed by either emailing the Data Protection Manager at [email protected] and/or our wider team at [email protected]

10. Supervisory authority

Uplift’s headquarters is in Ireland. Should you wish to contact the relevant supervisory authority in relation to a data protection issue involving Uplift, you should contact:

The Irish Data Protection Commissioner

Uplift Data Retention and Destruction Policy

(Updated September 2020)

The purpose of this Policy is to ensure that necessary records, data, and documents of Uplift are adequately protected and maintained and to ensure that records that are no longer needed by Uplift or are of no value are discarded at the proper time.

This Policy is also for the purpose of aiding employees of Uplift in understanding their obligations in retaining electronic documents – including emails, Google Drive files, hard and soft copy documents, sound and movie files, PDF documents, and all Microsoft Office or other formatted files.

1. Principle

Uplift keeps personal data only for as long as is necessary for a specific organisational purpose and ensures it is securely disposed of. Any personal data is only to be kept where there is an organisational or legal need to do so and where the relevant purpose is communicated to the individual either by Uplift’s data protection policy or personally. All personal data is disposed of in a secure manner.

2. Practice and administration

Uplift retains data on members for 5 years after a user’s last interaction with Uplift campaigns. An interaction is inclusive of but not limited to signing a petition, sending an email through Uplift technology, attending an Uplift event, and opening an Uplift email.

The Data Protection Manager is responsible for ensuring that the is processes and procedures are in place and implemented to ensure that the Policy is followed.

Attached as Appendix A is a Data Retention Schedule that is approved as the initial maintenance, retention and disposal schedule for physical records of Uplift and the retention and disposal of electronic documents.

The Administrator is also authorised to: make modifications to the Record Retention Schedule from time to time to ensure that it is in compliance with local, national and international laws and includes the appropriate document and record categories for Uplift; monitor all laws affecting record retention; annually review the record retention and disposal program; and monitor compliance with this Policy.

3. Suspension of Record Disposal In Event of Litigation or Claims

In the event Uplift is served with any legal writ or request for documents or any employee becomes aware of a governmental investigation or audit concerning Uplift or the commencement of any litigation against or concerning Uplift, such employee shall inform the Data Protection Manager and any further disposal of documents shall be suspended until such time as the DPM with the advice of counsel, determines otherwise. The DPM shall take such steps as is necessary to promptly inform all staff of any suspension in the further disposal of documents.

4. Contact

We are not required by law to have a “Data Protection Officer” – however we have a Data Protection Manager. Please let us know if you have any queries or concerns whatsoever about the way in which your data is being processed by either emailing the Data Protection Manager at [email protected] and/or our wider team at [email protected]

5. Applicability

This Policy applies to all physical and digital records generated in the course of Uplift’s operation, including both original documents and reproductions.

This Policy was approved by the Board of Directors of Uplift on 22 September 2020.

Appendix A – Data Retention Schedule

Uplift Cookie Policy

(Updated June 2020)

This Cookie Policy explains how Uplift uses cookies and other tracking technologies through our website https://www.uplift.ie/ and all public facing subdomains (https://action.uplift.ie/ and https://my.uplift.ie/). This Cookie Policy should be read alongside the Uplift Data Protection and Privacy Policy which explains how Uplift uses personal data.

If you do not accept our use of cookies please disable them following our guidance below.

What is a cookie?

Web cookies are small files that are placed on your computer or mobile device by a website when you visit it. They can contain details of your browsing history on that website and distinguish you from other users. Cookies send data back to the originating website on each subsequent visit or allow another website to recognise the cookie. Cookies are useful because they allow a website to recognise a user’s device and, for instance, remember your preferences and generally improve your online user experience. Like most websites, Uplift uses cookies.

You can find out more about cookies at www.allaboutcookies.org.

1. Why do Uplift use cookies?

We use cookies for five main purposes:

• To let you do things on our website – for example, while you are signing a petition or making a donation, cookies remember your details and where you are in the process from page to page.
• To improve your experience of our website – for example, to hide a form if you’ve already seen it, or to prevent you having to re-enter your details when you have already done so.
• To collect anonymous statistics – the information collected by cookies enables us to improve the website through usage figures and patterns. For example, it’s really useful for us to be able to see which campaigns are the most popular and how people are interacting with them.
• Social media – if you use Twitter or Facebook, cookies can help smooth the sharing process between our site and your online feeds.
• Measuring how cost-effective our advertising is – as a non-profit organisation, we need to watch our advertising spend carefully. Cookies are used to help us see how many people who click our adverts go on to do something further (for example, signing a petition or making a donation).

2. Type of cookies and reasoning

The table below provides more information about the cookies we use and why.

3. Session Cookies

The contract will also include reference to the fact that the data controller is entitled, from time to time, to audit or inspect the data management activities of the data processor, and to ensure that they remain compliant with the relevant legislation, and with the terms of the contract.

4. Pre-filling forms

In order to save you time, we aim to remember and pre-fill your details in forms as much as possible. We do this in two ways:

• Using session cookies, if you sign one petition and then continue on our site to a second petition, we fill in the same details as you used on the first
• Setting a unique identifier cookie when you click on links in emails we send you. This way, when we email you about an opportunity to take action, you don’t need to remind us of your email when you click through. However, this does mean you should not forward our emails to your friends, because this will mean your friends get the wrong pre-filled details if they click through.

5. Website cookie acceptance

By viewing our cookie notice when you first visited the website you consent to our use of essential cookies as updated from time to time. In particular, you consent to essential cookies being stored on your computer and/or mobile device

6. Turning cookies off

Internet browsers normally accept cookies by default. However, most browsers let you turn off either all or third-party cookies. What you are able to do depends on which browser you are using. However, please be aware that this may impair or limit your ability to use our website. The option to do this is usually found in the options, settings or preferences menus of your browser or mobile device.

You may opt-out of Google’s analytics cookies by visiting Google’s opt-out page – https://tools.google.com/dlpage/gaoptout

Click on the links below to find out how to change your cookie settings in:

7. Updating our cookie policy

We may update our use of cookies from time to time and consequently we may update this policy, so we recommend that you check this policy regularly.

Last updated: June 2020.

If you wish to see the June 2020 version, you can use this permanent link: XXXX while the current version of the policy will always be visible through https://www.uplift.ie/cookie-policy  

You can write to us to ask for confirmation of what information we hold about you and to request a copy of that information. Provided we are satisfied that you are entitled to see the information requested and we have successfully confirmed your identity, we will provide you with your data. The simplest way to access your data is to use the form on this page: LINK HERE GDPR BOOKMARK

Uplift Donation Policy

(Updated November 2015)

Uplift is an independent member based organisation. Your support is vital to every aspect of Uplift’s work. We rely upon donations and grants and do not take money from government, political parties or big business.

1. How we use donations

To run effective campaigns members are asked to help fund campaigns and to donate to the ongoing work of Uplift. Donations are generally small and usually are in response to a call to support a specific action; i.e buying an advert, organising an event, funding materials for a campaign.

Members also support Uplift with one-off and regular donations that are used to support the day-to-day running costs of Uplift. Uplift is committed to keeping its running costs low. We believe that being nimble and cost efficient will help achieve the change we collectively want.

If we’ve asked for donations for a very specific purpose (eg. to pay for an advert), and then aren’t able to do the thing we’ve specified or something very similar, we’ll get in touch to explain why. If you donated to fund a particular tactic you will be informed about how the money has been spent.

If you make a one-off donation to a specific campaign the money will be spent on that campaign. In cases where this is not possible (e.g because the campaign has already been won) the money will be spent on the same issue. Otherwise, the money will be put into general funds to support Uplift’s work. Included in the estimated cost of an action is overheads and staff time. This will vary depending on the amount of time allocated to the campaign ie 3 days, a week, longer.

2. Our annual accounts

Uplift incorporated as a limited company with guarantee in July 2014. Our first audited accounts will be submitted to the Company Registration Office in December 2015. They will then be published on the Uplift website. We believe it is important to be transparent and accountable about how we are funded and how we spend your donations.

3. Income we receive

Since setting up in May 2014, Uplift has raised funding to support the development of our campaigning infrastructure and putting in place a small team.

Uplift aims to be eventually funded mainly through members supporting specific campaigns and actions as well as regular donations that help pay for overheads and staff costs.

No amount is too small and every part of your donation goes towards making Uplift a stronger people powered organisation.

4. What things cost Uplift money?

Uplift is a lean operation. A small staff team is supported by volunteers, a website with significant back end data processing capacities, servers, as well as multiple social media platform. From day to day, campaign actions will cost varying amounts e.g. newspaper adverts, hire of equipment, printing.

5. Security of donations

128 bit SSL technology is used to secure your donation, just like a bank does. This means that all the details are encrypted. The payment gateway used to process donations for one-off and regular donations including credit and debit payments is Stripe. Stripe is the market leader of online bank transactions. Uplift does not have access to your credit or debit card details but our payment gateway may maintain details for recurring payments.

6. Refunds

Uplift has a refund policy in case a donation is made in error. If you contact the staff team within 7 days of making the donation we will return it to you within 30 days without charge.

Any questions?

Transparency and accountability about how your money is spent is very important. If you have any questions, or suggestions on how this can be improved please contact the Director of Uplift, Síobhan O’ Donoghue at [email protected]

Uplift Subject Access Request Policy

(Updated 23 August 2023)

The purpose of this document is to outline Uplift’s policy in relation to the management of subject access requests which are submitted by individuals (data subjects). A subject access request enables a data subject to gain access to any personal information held about them by Uplift. It promotes the right of data subjects to submit a subject access request in order to obtain a copy of such information held about them, in electronic or hard copy form, by Uplift, as the data controller. It also outlines the procedure to be followed by data subjects when submitting a data access request to Uplift.

1. Scope of this policy

This policy outlines how Uplift will meet its legal obligations under the European Union’s General Data Protection Regulation (GDPR) upon receipt of a data access request.

2. Ownership

The Subject Access Request Policy is maintained by Brian Cuthbert, Uplift’s Data Protection Officer (DPO), who is responsible for dealing with all subject access requests received by the organisation, and is approved by the Senior Leadership Team. All questions or comments related to this policy or a specific subject access request should be directed to the DPO. Any material changes to this policy will require approval by Uplift’s Board.

3. What is personal information?

Personal information is any data, in both physical and electronic form, related to an identified or identifiable person. It includes anything that can be used to identify a person, directly or indirectly, by means of his or her physical, physiological, mental, economic, cultural, or social identity.

4. What is a subject access request?

A subject access request is a written request for personal information (known as personal data) held about you by Uplift. Under article 15 of the GDPR you have, as the data subject, the right to see if Uplift is processing your personal data and receive a copy of the data itself. In particular you have the right to the following information:

1. The data itself in a permanent and intelligible format;
2. The purposes of the processing (what are we using your data for?);
3. The categories of personal data concerned (categories such as: name, address, email address, date of birth etc);
4. The recipients or categories of recipient to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organisations; (are we sharing you information with anyone else?)
5. Where possible, the envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period (how long are we keeping your data?);
6. The existence of the right to request from the controller rectification or erasure of personal data or restriction of processing of personal data concerning the data subject or to object to such processing (the right to object to having your data processed, and to have data erased or corrected upon request);
7. The right to lodge a complaint with a supervisory authority (the Irish Data Protection Commissioner);
8. Where the personal data is not collected from the data subject, any available information as to their source (if we didn’t collect the data from you, where did we get it?);
9. The existence of automated decision-making, including profiling, and meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the data subject.

5. How do you make a subject access request? 

In order to respond effectively and efficiently to any subject access request we ask you to:

• Visit the Subject Access Request form online at LINK GDPR DATA REQUEST.
• Complete the form.
• When you receive our confirmation email, please reply to it and be specific as possible about the
  information you wish to access. Please attach a photocopy of your proof of identity and address.
• If you cannot use the online Access Request Form, please write to us requesting a form from [email protected] and a copy will be sent to you.

Use of the Access Request Form is not mandatory. However, completing the Access Request Form should enable us to process your subject access request more efficiently.

6. What does Uplift do upon receiving a valid subject access request?

We will first check that we have enough information to be sure of your identity. Often we will have no reason to doubt a person’s identity. However, in rare cases we may request additional evidence we reasonably need to confirm your identity. We do this to ensure that we only disclose information about personal data to the data subject.

We will then check that we have enough information to find the records you requested. If we feel we need more information, then we will promptly ask you for this.

We will then conduct a full search of all our relevant databases and filing systems and collect all data relevant to the subject access request. Provided that none of the restrictions specified in Article 23 of the GDPR apply, we will then share with you the data and the additional information that you are entitled to. The default position is that you will get a hard copy of the information in a permanent and intelligible format unless the supply of such a copy is not possible or would involve a disproportionate effort, or you have agreed otherwise. Any terms which are not intelligible without an explanation will be accompanied by an explanation.

The copy of the requested material will be emailed to you, and we will seek timely confirmation from you, as the data subject on receipt of the material.

7. Are there any fees payable?

No. The information provided under a subject access request will be provided free of charge (for the first copy – any subsequent copies may incur a reasonable fee based on administrative costs).

8. How soon will my subject access request be dealt with? 

All valid subject access requests, accompanied by valid proof of identity, received by Uplift will be dealt with within 30 days of receipt of the request.

9. Review

This policy will be reviewed at least annually by the Data Protection Officer to ensure alignment to appropriate risk management requirements and its continued relevance to current and planned operations, or legal developments and legislative obligations.