What data we collect:
The MREA and its programs do not automatically collect personal data about visitors to our sites. However, the MREA may collect personal information from you when you subscribe to a newsletter, register for a webinar, enter information on our site or in a survey, join or renew as a member or make a donation.
We may use the information we collect from you when you register, make a purchase, make a donation, sign up for our newsletter, respond to a survey or marketing communication to send periodic emails regarding information related to the MREA, The Energy Fair, Grow Solar, Rise Up and our educational programs.
If you fill out a form, register for a webinar, make a purchase, make a donation, join or renew as a member, sign up for a newsletter or respond to a survey or marketing communication from the MREA, we may collect the following information:
First and last names, email addresses, phone numbers, and billing and/or home addresses
The MREA uses PayPal Pro for payment processing related to joining or renewing as a member, making a purchase from our store, enrolling in a training course or making a donation. The MREA does not collect or store credit/debit card information. Instead, this information is passed to the payment processor directly via a secure connection. Read more about PayPal’s security practices below.
It’s important to note that the MREA does not store personal financial information such as credit/debit card numbers entered into MREA websites; rather, these credentials are processed and stored through our payment processors. MREA staff members do not have access to full credit card information.
Who we share data with:
The initiatives and events of the MREA may share non-financial data with program partners, vendors, installers and other third parties, as described in the sections below. It’s important to note that while the MREA may share information with select external organizations for specific program-oriented purposes, the MREA does not sell or trade personal information to outside parties.
In Grow Solar programs, the MREA may share participant information with program partners on a need-to-know basis, primarily for the purposes of conducting site assessments and cost estimates.
Personal information collected by Grow Solar may be shared via Google Workspace applications with affiliates at the MREA, as well as with program partners, such as solar installers and partnering entities like municipalities and/or counties.
Grow Solar uses Google Forms to collect data. Access to these forms is controlled by Grow Solar, and is limited to program partners on a need-to-know basis. Grow Solar also uses Zoom to collect registration information from webinar registrants. Access to registrant information is limited to program partners on a need-to-know basis.
The Energy Fair
Exhibitor, Sponsor, Food Vendor, and Workshop Presenter information is collected by the MREA Staff. This information (excluding payment type) may be handled by select volunteers during Energy Fair prep and the event itself, and is handled confidentially.
For Energy Fair data collection, registrants (Exhibitors, Sponsors, Food Vendors, Workshop Presenters, Campers, etc.) provide contact information, requested descriptions, and billing information through Gravity Forms on the WordPress website. This information will be filed using FileMaker and internal documents. As noted in said registration forms, this information will also be shared in publications such as The Pre-fair Guide and The Energy Fair Program Guide. Records of payee address and purchase info is maintained in QuickBooks.
Information collected is never sold or shared outside of the MREA aside from Energy Fair publications. Registrant payment data such as credit/debit information is handled through PayPal Pro, and The Energy Fair and the MREA do not store or access this information.
Volunteer data is collected and filed by MREA staff. Volunteers are required to fill out and sign a waiver, providing information including: name, email, street address, phone number, emergency contact information (same as above), and signing the liability & photographic release that is included. The information is collected by MREA staff and filed using FileMaker. The information is used by the MREA Staff, particularly the MCHS AmeriCorps Member overseeing volunteers, to record attendance and track volunteers, per AmeriCorps requirements. The emails provided by volunteers on this form are used by MREA Staff to invite individuals to return for future volunteer days, or to send out a volunteer survey after an event.
Information collected regarding MREA volunteers is never sold or shared outside of the MREA.
Renewable Energy Training
Registration for the MREA’s training courses may require the collection of certain information, including registrant name, billing address and email address. This contact information may be stored in Filemaker, while purchase records and payee addresses may be stored in Quickbooks. Actual online payments are handled through PayPal Pro, and the MREA does not store or access credit/debit card information of training course registrants.
In cases in which a third-party organization has contracted with the MREA to provide training, information about training program participants (such as course progress or absences) may be shared with the contacting organization.
The MREA’s Renewable Energy Training initiative does not share personal data collected from course registrations with other third parties beyond those already described in this policy.
Rise Up Midwest
Rise Up Midwest does not share personal data collected by riseupmidwest.org with other third parties beyond those already described in this policy.
How we protect data:
The MREA uses standard digital security practices to safeguard internal data and customer information. The MREA uses cloud computing platforms including Google Workspace and Microsoft 365 for data transmission and storage.
Both Google Workspace and Microsoft Office 365 utilize advanced encryption and constant monitoring to protect information stored in secure data centers. Learn more about Google’s data security practices here and Microsoft’s security practices here.
The MREA uses Emma digital marketing software for email outreach. Learn more about Emma’s data security practices here. The MREA also utilizes the FileMaker relational database application. Read more about FileMaker’s security features here.
The MREA uses Zoom for video conferencing. Zoom may collect registrant and attendee information. Learn more about Zoom’s data security practices here. For some training programs, the MREA uses GlobalMeet video conferencing software, which is created by PGi. Read about the security features of GlobalMeet here.
The MREA’s training programs use the Moodle learning management platform to build course websites, which are then hosted by Moonami Learning Solutions. Moodle’s security features can be reviewed here, and Moonami’s security practices here.
The MREA uses Intuit’s Quickbooks accounting software. Find more information about Intuit’s security practices here. Midwestrenew.org and affiliate sites use DreamHost as their web hosting provider. DreamHost’s security practices are outlined here.
The MREA uses PayPal Pro for web payment processing. PayPal is a PCI DSS compliant online payments system; PayPal’s security practices can be found here. For events that require efficient mobile payment processing, the MREA uses Square: Square’s security practices can be found here.
The security of personal data is important to the MREA, but it’s important to acknowledge that no method of Internet communication or storage is 100% secure. While the MREA follows appropriate practices for protecting personal data, they cannot guarantee absolute security.
Users’ rights over their data:
The MREA provides users the opportunity to opt-out of receiving communications from us and our partners by reading the unsubscribe instructions located at the bottom of any email they receive from us at any time.
The Fair Information Practices Principles form the backbone of privacy law in the United States, and the concepts they include have played a significant role in the development of data protection laws around the globe. In order to be in line with Fair Information Practices Principles, we will take the following responsive action, should a data breach occur:
- We will notify the users via email within 7 business days
We also agree to the individual redress principle, which requires that individuals have a right to pursue legally enforceable rights against data collectors and processors who fail to adhere to the law. This principle requires not only that individuals have enforceable rights against data users, but also that individuals have recourse to courts or a government agency to investigate and/or prosecute non-compliance by data processors.
Intellectual property rights
All content, software and intellectual property located on this website shall remain the sole property of the MREA. The use of content and intellectual property is forbidden without the express written consent from the MREA. You must not:
- Republish material from our website without prior written consent.
- Sell or rent material from our website.
- Reproduce, duplicate, create derivative, copy or otherwise exploit material on our website for any purpose.
- Redistribute any content from our website, including onto another website.
Visitors to midwestrenew.org (and its affiliate sites: growsolar.org, riseupmidwest.org theenergyfair.org) agree to use the website only for lawful purposes, and in a way that does not infringe the rights of, restrict or inhibit anyone else’s use and enjoyment of the website. Visitors must not use the website to send unsolicited commercial communications, and must not use the content on this website for any marketing related purpose without our express written consent.
COPPA (Children Online Privacy Protection Act)
When it comes to the collection of personal information from children under 13, the Children’s Online Privacy Protection Act (COPPA) puts parents in control. The Federal Trade Commission enforces the COPPA Rule, which spells out what operators of websites and online services must do to protect children’s privacy and safety online.
We do not specifically market to children under 13.
All email sent from our organization will clearly state who the email is from and provide clear information on how to contact the sender. In addition, all e-mail messages will also contain concise information on how to remove yourself from our mailing list so that you receive no further e-mail communication from us.
California Online Privacy Protection Act
According to CalOPPA we agree to the following:
- Users can visit our site anonymously
- Users are able to change their personal information by emailing us
If you have any questions regarding this policy, or your dealings with our website, please contact us here: firstname.lastname@example.org
Midwest Renewable Energy Association
7558 Deer Road, Custer, WI 54423