The Midwest Renewable Energy Association (MREA) takes user privacy very seriously. This privacy policy has been compiled to better serve those who are concerned with how their personal data is being used online. Please read our privacy policy carefully to learn how we collect, use, protect or otherwise handle your personal information.
This privacy policy applies to the MREA and its initiatives and events: Grow Solar, Rise Up Midwest and The Energy Fair. This policy does not necessarily apply to our partners or members.
What data we collect:
The MREA and its programs do not automatically collect personal data about visitors to our sites. However, the MREA may collect personal information from you when you subscribe to a newsletter, register for a webinar, enter information on our site or in a survey, join or renew as a member or make a donation.
We may use the information we collect from you when you register, make a purchase, make a donation, sign up for our newsletter, respond to a survey or marketing communication to send periodic emails regarding information related to the MREA, The Energy Fair, Grow Solar, Rise Up and our educational programs.
If you fill out a form, register for a webinar, make a purchase, make a donation, join or renew as a member, sign up for a newsletter or respond to a survey or marketing communication from the MREA, we may collect the following information:
- First and last names, email addresses, phone numbers, and billing and/or home addresses
The MREA uses PayPal Pro for payment processing related to joining or renewing as a member, making a purchase from our store, enrolling in a training course or making a donation. The MREA does not collect or store credit/debit card information. Instead, this information is passed to the payment processor directly via a secure connection. Read more about PayPal’s security practices below.
It’s important to note that the MREA does not store personal financial information such as credit/debit card numbers entered into MREA websites; rather, these credentials are processed and stored through our payment processors. MREA staff members do not have access to full credit card information.
We use cookies to track and store information about the use of our site. You can choose to have your computer warn you each time a cookie is being sent, or you can choose to turn off all cookies. You do this through your browser (like Chrome or Firefox) settings. Each browser is a little different, so look at your browser’s Help menu to learn the correct way to modify your cookies. If you turn cookies off, some features will be disabled that make your site experience more efficient and some of our services may not function properly.
The MREA may use Google Analytics for insights about how visitors use our services, such as the date and time of visits, the pages viewed, time spent at our site, and the websites visited just before and just after our own. This Privacy Policy covers use of cookies by the MREA and its affiliates only, and not use of cookies by third parties.
Who we share data with:
The initiatives and events of the MREA may share non-financial data with program partners, vendors, installers and other third parties, as described in the sections below. It’s important to note that while the MREA may share information with select external organizations for specific program-oriented purposes, the MREA does not sell or trade personal information to outside parties.
Grow Solar
In Grow Solar programs, the MREA may share participant information with program partners on a need-to-know basis, primarily for the purposes of conducting site assessments and cost estimates.
Personal information collected by Grow Solar may be shared via Google Workspace applications with affiliates at the MREA, as well as with program partners, such as solar installers and partnering entities like municipalities and/or counties.
Grow Solar uses Google Forms to collect data. Access to these forms is controlled by Grow Solar, and is limited to program partners on a need-to-know basis. Grow Solar also uses Zoom to collect registration information from webinar registrants. Access to registrant information is limited to program partners on a need-to-know basis.
The Energy Fair
Exhibitor, Sponsor, Food Vendor, and Workshop Presenter information is collected by the MREA Staff. This information (excluding payment type) may be handled by select volunteers during Energy Fair prep and the event itself, and is handled confidentially.
For Energy Fair data collection, registrants (Exhibitors, Sponsors, Food Vendors, Workshop Presenters, Campers, etc.) provide contact information, requested descriptions, and billing information through Gravity Forms on the WordPress website and through Cvent software. This information will be filed using FileMaker and internal documents. As noted in said registration forms, this information will also be shared in publications such as The Pre-fair Guide and The Energy Fair Program Guide. Records of payee address and purchase info is maintained in QuickBooks.
Information collected is never sold or shared outside of the MREA aside from Energy Fair publications. Registrant payment data such as credit/debit information is handled through PayPal Pro, and The Energy Fair and the MREA do not store or access this information.
Volunteer Program
Volunteer data is collected and filed by MREA staff. Volunteers are required to fill out and sign a waiver, providing information including: name, email, street address, phone number, emergency contact information (same as above), and signing the liability & photographic release that is included. The information is collected by MREA staff and filed using FileMaker. The information is used by the MREA Staff, particularly the MCHS AmeriCorps Member overseeing volunteers, to record attendance and track volunteers, per AmeriCorps requirements. The emails provided by volunteers on this form are used by MREA Staff to invite individuals to return for future volunteer days, or to send out a volunteer survey after an event.
Information collected regarding MREA volunteers is never sold or shared outside of the MREA.
Renewable Energy Training
Registration for the MREA’s training courses may require the collection of certain information, including registrant name, billing address and email address. This contact information may be stored in Filemaker, while purchase records and payee addresses may be stored in Quickbooks. Actual online payments are handled through PayPal Pro, and the MREA does not store or access credit/debit card information of training course registrants.
In cases in which a third-party organization has contracted with the MREA to provide training, information about training program participants (such as course progress or absences) may be shared with the contacting organization.
The MREA’s Renewable Energy Training initiative does not share personal data collected from course registrations with other third parties beyond those already described in this policy.
Rise Up Midwest
Rise Up Midwest does not share personal data collected by riseupmidwest.org with other third parties beyond those already described in this policy.
How we protect data:
The MREA uses standard digital security practices to safeguard internal data and customer information. The MREA uses cloud computing platforms including Google Workspace and Microsoft 365 for data transmission and storage.
Both Google Workspace and Microsoft Office 365 utilize advanced encryption and constant monitoring to protect information stored in secure data centers. Learn more about Google’s data security practices here and Microsoft’s security practices here.
The MREA uses Emma digital marketing software for email outreach. Learn more about Emma’s data security practices here. The MREA also utilizes the FileMaker relational database application. Read more about FileMaker’s security features here.
The MREA uses Zoom for video conferencing. Zoom may collect registrant and attendee information. Learn more about Zoom’s data security practices here. For some training programs, the MREA uses GlobalMeet video conferencing software, which is created by PGi. Read about the security features of GlobalMeet here.
The MREA’s training programs use the Moodle learning management platform to build course websites, which are then hosted by Moonami Learning Solutions. Moodle’s security features can be reviewed here, and Moonami’s security practices here.
The MREA uses Intuit’s Quickbooks accounting software. Find more information about Intuit’s security practices here. Midwestrenew.org and affiliate sites use DreamHost as their web hosting provider. DreamHost’s security practices are outlined here.
The MREA uses PayPal Pro for web payment processing. PayPal is a PCI DSS compliant online payments system; PayPal’s security practices can be found here. For events that require efficient mobile payment processing, the MREA uses Square: Square’s security practices can be found here.
The security of personal data is important to the MREA, but it’s important to acknowledge that no method of Internet communication or storage is 100% secure. While the MREA follows appropriate practices for protecting personal data, they cannot guarantee absolute security.
Users’ rights over their data:
The MREA provides users the opportunity to opt-out of receiving communications from us and our partners by reading the unsubscribe instructions located at the bottom of any email they receive from us at any time.
The Fair Information Practices Principles form the backbone of privacy law in the United States, and the concepts they include have played a significant role in the development of data protection laws around the globe. In order to be in line with Fair Information Practices Principles, we will take the following responsive action, should a data breach occur:
- We will notify the users via email within 7 business days
We also agree to the individual redress principle, which requires that individuals have a right to pursue legally enforceable rights against data collectors and processors who fail to adhere to the law. This principle requires not only that individuals have enforceable rights against data users, but also that individuals have recourse to courts or a government agency to investigate and/or prosecute non-compliance by data processors.
Intellectual property rights
All content, software and intellectual property located on this website shall remain the sole property of the MREA. The use of content and intellectual property is forbidden without the express written consent from the MREA. You must not:
- Republish material from our website without prior written consent.
- Sell or rent material from our website.
- Reproduce, duplicate, create derivative, copy or otherwise exploit material on our website for any purpose.
- Redistribute any content from our website, including onto another website.
Acceptable Use:
Visitors to midwestrenew.org (and its affiliate sites: growsolar.org, riseupmidwest.org theenergyfair.org) agree to use the website only for lawful purposes, and in a way that does not infringe the rights of, restrict or inhibit anyone else’s use and enjoyment of the website. Visitors must not use the website to send unsolicited commercial communications, and must not use the content on this website for any marketing related purpose without our express written consent.
COPPA (Children Online Privacy Protection Act)
When it comes to the collection of personal information from children under 13, the Children’s Online Privacy Protection Act (COPPA) puts parents in control. The Federal Trade Commission enforces the COPPA Rule, which spells out what operators of websites and online services must do to protect children’s privacy and safety online.
We do not specifically market to children under 13.
CAN-SPAM Compliance
All email sent from our organization will clearly state who the email is from and provide clear information on how to contact the sender. In addition, all e-mail messages will also contain concise information on how to remove yourself from our mailing list so that you receive no further e-mail communication from us.
California Online Privacy Protection Act
CalOPPA is the first state law in the nation to require commercial websites and online services to post a privacy policy. The law’s reach stretches well beyond California to require a person or company in the United States that operates websites collecting personally identifiable information from California consumers to post a conspicuous privacy policy on its website stating exactly the information being collected and those individuals with whom it is being shared, and to comply with this policy. Read more about CalOPPA here.
According to CalOPPA we agree to the following:
- Users can visit our site anonymously
- All of our webpages will include a link to our privacy policy.
- Users will be notified of any privacy policy changes on our Privacy Policy page
- Users are able to change their personal information by emailing us
Contact:
If you have any questions regarding this policy, or your dealings with our website, please contact us here: info@midwestrenew.org
Midwest Renewable Energy Association
7558 Deer Road, Custer, WI 54423
715-592-6595