Your personal data will be used to process your donation, support your experience throughout this website, and for other purposes described in our privacy policy.
Privacy Policy
Hibah Hope Relief (“Hibah Hope Relief”, “we”, “us”, “our”) respects your privacy. This Privacy Policy explains how we collect, use, disclose, store, and protect personal information when you visit our website, apply for support, donate, volunteer, or contact us.
1) What this policy covers
This policy applies to personal information we collect through:
-
Our website (including forms and donations)
-
Microgrant applications and follow-up communications
-
Donations and supporter communications
-
Volunteer, sponsor, and partner communications
-
Email, phone, and other direct contact with us
2) Definitions
Personal information means information about an identifiable individual (for example, name, address, email, phone number, financial hardship details, or documents you provide).
Sensitive personal information includes information that requires extra care (for example, financial hardship details, copies of bills/notices, and other supporting documents).
3) The information we collect
A) If you apply for a microgrant
Depending on the form and your situation, we may collect:
-
Identity and contact info: name, email, phone, address, city/province/postal code
-
Household info: basic household details relevant to eligibility (for example, number of dependents)
-
Hardship details: description of circumstances and the type of support requested
-
Supporting documents: proof-of-need (for example, rent arrears notices, utility bills, overdue invoices, letters)
-
Vendor/payment details: landlord name, utility provider, account numbers, payment instructions, and other details required to complete a vendor-first payment (if applicable)
We aim to collect only what is reasonably necessary to assess eligibility, prevent misuse, and deliver support.
B) If you donate
We may collect:
-
Name and contact details (email, phone)
-
Mailing address (if required for acknowledgements or record-keeping)
-
Donation details (amount, date, campaign designation)
-
Payment confirmation details from your payment provider (we generally do not store full payment card numbers)
Tax receipts: If we are not a registered charity at the time of your donation, donations are generally not tax-receiptable. If/when our status changes, we will update our donation pages accordingly.
C) If you volunteer, sponsor, or partner with us
We may collect:
-
Name, contact info, organization and role (if applicable)
-
Coordination details (availability, interests, sponsorship details)
D) Website usage data
We may collect limited technical information such as:
-
IP address, browser/device type
-
Pages visited and approximate location derived from IP
-
Cookies and analytics data (see Section 12)
4) How we collect information
We collect information when you:
-
Complete forms using tools like WPForms (contact forms, application forms) and similar services
-
Donate using tools like GiveWP and payment processors (e.g., Stripe/PayPal, depending on what you configure)
-
Email, call, or message us
-
Browse our website (cookies/analytics)
5) How we use your information
A) Microgrant applications and support delivery
We use applicant information to:
-
Review and assess your request
-
Communicate with you about your application
-
Confirm the details needed to deliver assistance
-
Reduce fraud and protect program integrity
-
Deliver support (including vendor-first payments where appropriate)
B) Donor and supporter relations
We use donor information to:
-
Process donations and send confirmations
-
Respond to donor questions and provide updates (if you opt in)
-
Maintain financial records for accountability and compliance
C) Operations and safety
We use information to:
-
Operate and secure our website
-
Maintain internal records, improve processes, and measure impact (often using aggregated or anonymized data)
-
Comply with legal and regulatory obligations
We do not sell your personal information.
6) Consent
By submitting information to us (for example, a microgrant application or donation), you consent to our collection, use, and disclosure of that information as described in this policy. If we need to use your information for a new purpose not covered here, we will seek additional consent unless permitted or required by law.
7) Who we share your information with
We share personal information only when necessary and only to the extent required.
A) Service providers (technology and operations)
We may share information with third-party providers who help us operate, such as:
-
Website hosting, backups, and security tools
-
Form tools (e.g., WPForms) and related storage within our website database
-
Donation tools (e.g., GiveWP)
-
Payment processors (e.g., Stripe, PayPal) used to process donations or payments
-
Email/communications services used to send notifications and respond to inquiries
These providers may process information on our behalf to deliver their services and are expected to protect that information.
B) Vendors you provide (vendor-first payments)
If your microgrant is paid directly to a landlord, utility provider, or other vendor, we may share the minimum necessary information to complete payment—such as:
-
Your name (or account holder name)
-
Address (if required by the vendor)
-
Account/reference number
-
Amount being paid and what it relates to
We do this to deliver assistance efficiently and reduce misuse. This sharing is a core part of vendor-first support where applicable.
C) Community partners you authorize
If you ask us to coordinate with a case worker, community organization, or support person, we may share information only with your consent or clear instruction from you.
D) Canada Revenue Agency (CRA) and other lawful authorities
We may share information with the CRA (and/or other government or regulatory bodies) when required or permitted by law, including:
-
If we are required to demonstrate compliance, maintain adequate books and records, or respond to lawful requests
-
In connection with charity registration processes, filings, reviews, or audits
-
When we must produce records within a reasonable time for inspection, audit, or examination.
We will limit disclosure to what is reasonably necessary and lawful.
E) Legal requirements and protection
We may disclose information to comply with legal process, protect rights/safety, investigate suspected fraud, or enforce our policies.
8) Where your information is stored (Canada and cross-border)
Our systems and service providers may store or process information in Canada or other countries, depending on the tools we use (hosting, email, donation/payment platforms). If information is processed outside Canada, it may be subject to the laws of that jurisdiction.
If we are required to keep certain books and records in Canada (or make them accessible in Canada), we will take reasonable steps to meet those obligations.
9) How we protect your information
We use safeguards appropriate to the sensitivity of the information, which may include:
-
Need-to-know access controls (only authorized reviewers/staff)
-
Strong passwords and multi-factor authentication where available
-
HTTPS encryption in transit and secure hosting/security monitoring
-
Minimizing collection of sensitive information
-
Secure storage and secure deletion/disposal procedures
No method of transmission or storage is 100% secure, but we work to reduce risk and respond appropriately if issues arise.
10) How long we keep your information (record retention)
We keep personal information only as long as needed for the purposes described here, unless longer retention is required by law. Canadian privacy guidance supports disposing of personal information once it is no longer necessary, unless legally required to retain it.
A) CRA-aligned retention (books and records)
Where CRA recordkeeping rules apply, certain charity records have specific retention requirements. CRA guidance includes retention periods such as:
-
Copies of official donation receipts: generally two years from the end of the calendar year received (with related rules for cancelled/reissued receipts)
-
Many financial and operational records (ledgers, source documents, financial statements, T3010 returns, etc.): generally six years
-
Some governance records (e.g., governing documents/bylaws, meeting minutes): may require indefinite retention
CRA also indicates written permission may be required to destroy certain records early.
B) Practical retention approach (typical)
Unless a longer legal requirement applies, we generally retain:
-
Microgrant applications and supporting documents: long enough to review the request, deliver assistance, manage follow-up questions, and protect program integrity; then securely delete or anonymize when no longer needed.
-
Microgrant payment and accounting records: typically retained in line with legal/CRA-aligned financial record retention expectations (often six years from the relevant fiscal period end).
-
Donation and finance records: typically retained in line with legal/CRA-aligned financial record retention expectations (often six years).
-
General inquiries: retained as long as needed to respond and for reasonable administrative follow-up.
If you want a copy of our retention approach, contact us (Section 15).
11) Your rights: access, correction, and withdrawal
You may request:
-
Access to the personal information we hold about you
-
Corrections to inaccurate or incomplete information
-
Withdrawal of consent (where consent is the basis for processing)
Important: Even if you withdraw consent, we may still need to keep certain records for legal, financial, or compliance reasons (for example, payment records or required accounting documents).
12) Cookies and analytics
We may use cookies or similar technologies to:
You can control cookies through your browser settings. Disabling cookies may affect site functionality.
13) Children’s information
Our microgrant support may involve families with children. We do not knowingly collect personal information directly from children for marketing purposes. If you include information about dependents in an application, we use it only for eligibility assessment and support delivery.
14) Third-party links
Our site may link to third-party websites (social platforms, payment processors, partner sites). Their privacy practices are governed by their own policies. We encourage you to review them.
15) Contact us (Privacy)
For privacy questions or requests:
Privacy Contact / Administrator
Hibah Hope Relief
Email: info@hibahhoperelief.com
16) Changes to this policy
We may update this policy from time to time. The latest version will be posted on this page with the “Last updated” date.
