Privacy Policy

International Development Foundation • EIN: 88-4120354

Last Updated: December 12, 2025

Back to Home

International Development Foundation ("we", "our", or "IDF") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and protect your personal information when you use our website and services. By using our services, you agree to the practices described in this policy.

This policy complies with the European Union's General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and other applicable data protection laws.

1. Information We Collect

We collect several types of information to provide and improve our services:

A. Personal Identification Information

  • Full name
  • Email address
  • Phone number (optional)
  • Country of residence
  • Organization or ministry
  • Professional title
  • Date of birth (if necessary for visas)
  • Gender (optional)

B. Travel Information and Documents

  • Passport number and expiration date
  • Passport issue date
  • Visa status and visa information
  • Arrival and departure dates
  • Flight numbers and transportation information
  • Lodging preferences
  • Dietary restrictions
  • Accessibility needs
  • Uploaded documents (passport, supporting letters, etc.)

C. Financial Information

  • Payment information (processed by secure third-party payment processors)
  • Transaction history
  • Amounts paid and payment dates
  • Payment methods used
  • Payment references

We do not store complete credit card numbers. Payments are processed by PCI-DSS compliant third-party payment processors.

D. Technical and Usage Information

  • IP address
  • Browser type and version
  • Operating system
  • Pages visited and time spent on site
  • Referring links
  • Device identifiers
  • Cookies and similar technologies
  • Location data (if permitted)

E. Communication Preferences

  • Preferred language (English/French)
  • Email communication preferences
  • Communication history
  • Notification preferences

2. How We Collect Your Information

We collect information in several ways:

  • Directly from you when you fill out forms, register for events, or communicate with us
  • Automatically when you use our website (cookies, server logs, etc.)
  • Through third-party service providers (payment processors, hosting services)
  • When you upload documents or submit information through our services
  • When you interact with our email communications

3. Legal Basis for Processing (GDPR)

In accordance with GDPR, we process your personal data on the following legal bases:

  • Consent: You have given explicit consent to the processing of your data for specific purposes
  • Contract Performance: Processing is necessary to perform a contract to which you are a party or to take steps at your request before entering into a contract
  • Legal Obligation: Processing is necessary to comply with a legal obligation
  • Legitimate Interests: Processing is necessary for our legitimate interests or those of a third party, except where such interests are overridden by your interests or fundamental rights

4. How We Use Your Information

We use your personal information for the following purposes:

  • Manage your registration, pre-registration, and participation in conferences and events
  • Process payments and manage financial transactions
  • Facilitate visa requests and issue official invitation letters
  • Send you important communications regarding events (confirmations, reminders, updates)
  • Provide customer support and respond to your inquiries
  • Improve our services, personalize your experience, and develop new features
  • Analyze usage of our services and conduct research
  • Comply with our legal and regulatory obligations
  • Detect, prevent, and address technical issues, fraud, or illegal activities
  • Send marketing communications (with your consent, which you can withdraw at any time)

5. Information Sharing

We never sell your personal data. We may share your information only in the following circumstances:

A. Service Providers

We share information with trusted service providers who help us operate our platform:

  • Cloud hosting (Cloudflare)
  • Payment processing (secure payment processors)
  • Email services (Resend)
  • Authentication (Clerk)
  • File storage (Cloudflare R2)
  • Analytics and tracking (privacy-compliant)

These providers are contractually required to protect your information and may only use it to provide services on our behalf.

B. Legal Obligations

We may disclose your information if required by law or if we believe in good faith that such disclosure is necessary to:

  • Comply with a court order, subpoena, or other legal request
  • Protect and defend our rights or property
  • Prevent or investigate fraudulent or illegal activities
  • Protect the personal safety of users of our services or the public

C. With Your Consent

We may share your information with your explicit consent or as directed by you.

D. Business Transfers

In the event of a merger, acquisition, reorganization, bankruptcy, or sale of assets, your information may be transferred as part of such transaction. We will notify you of any change in ownership or use of your personal information.

6. International Data Transfers

Your information may be transferred to and stored in countries other than your own, including the United States, where our servers are located.

  • We implement appropriate safeguards to protect your data during international transfers
  • For EU residents, we rely on appropriate transfer mechanisms, including the European Commission's Standard Contractual Clauses
  • By using our services, you consent to the transfer of your information to the United States and other countries where we operate

7. Data Security

We implement appropriate technical, administrative, and physical security measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. These measures include:

  • Encryption of data in transit (HTTPS/TLS)
  • Encryption of data at rest
  • Strict access controls and authentication
  • Intrusion monitoring and detection
  • Regular backups and disaster recovery plans
  • Staff training on data security
  • Regular security audits

No method of transmission over the Internet or electronic storage is completely secure. While we strive to use commercially acceptable means to protect your information, we cannot guarantee absolute security.

8. Data Retention

We retain your personal information for as long as necessary to:

  • Provide our services and maintain your account
  • Comply with our legal, regulatory, and contractual obligations
  • Resolve disputes and enforce our agreements
  • For legitimate business purposes, such as fraud prevention and service improvement

Specific Retention Periods:

  • Active account data: For the duration of your account plus 3 years after last activity
  • Financial data: 7 years in accordance with accounting and tax requirements
  • Visa and passport documents: 5 years after event end or as required by law
  • Marketing data: Until you unsubscribe or withdraw consent
  • Logs and technical data: Maximum 12-24 months

You may request deletion of your data at any time, subject to our legal retention obligations.

9. Your Data Protection Rights

Depending on your location, you may have the following rights regarding your personal information:

A. GDPR Rights (EU Residents)

  • Right of Access: You have the right to access your personal data
  • Right to Rectification: You can correct inaccurate or incomplete information
  • Right to Erasure ("Right to be Forgotten"): You can request deletion of your data
  • Right to Restrict Processing: You can request restriction of processing of your data
  • Right to Data Portability: You can receive your data in a structured, commonly used format
  • Right to Object: You can object to processing of your data for legitimate reasons
  • Right to Withdraw Consent: You can withdraw your consent at any time

B. CCPA Rights (California Residents)

  • Right to Know: You have the right to know what personal information we collect, use, disclose, and sell
  • Right to Delete: You can request deletion of your personal information
  • Right to Opt-Out of Sale: You have the right to opt-out of the sale of your personal information (we do not sell your data)
  • Right to Non-Discrimination: We will not discriminate against you for exercising your CCPA rights

C. General Rights

  • Right to unsubscribe from marketing communications
  • Right to file a complaint with a data protection authority
  • Right to request a copy of your data
  • Right to correct inaccurate information

To Exercise Your Rights

To exercise any of these rights, please contact us at [email protected]. We will respond to your request within 30 days (or within the timeframe required by applicable law). We may ask you to verify your identity before processing your request.

10. Cookies and Similar Technologies

We use cookies and similar technologies to enhance your experience, analyze site usage, and personalize content.

Essential Cookies

Necessary for the website to function (authentication, security, language preferences). These cookies cannot be disabled.

Analytics Cookies

We use Cloudflare Web Analytics to understand how visitors use our site. This data is aggregated and anonymized.

Functional Cookies

Enhance functionality and personalization (remembering preferences, language).

Cookie Management

You can manage your cookie preferences through your browser settings. Note that disabling certain cookies may affect site functionality.

11. Children's Privacy

Our services are not intended for individuals under the age of 18. We do not knowingly collect personal information from children under 18 years of age.

  • If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately
  • If we discover that we have collected information from a child under 18 without verified parental consent, we will delete such information from our servers

12. Data Breach Notification

In the event of a data breach that is likely to result in a high risk to your rights and freedoms, we will notify you within 72 hours of discovering the breach, in accordance with applicable legal requirements.

  • We will notify you by email to the address associated with your account
  • The notification will include a description of the breach, the types of information involved, and the measures we are taking to address the issue
  • We will also report the breach to the relevant data protection authorities if required by law

13. Do Not Track Signals

Some web browsers transmit "Do Not Track" signals to websites. Currently, we do not respond to "Do Not Track" signals from browsers, but we respect your choices regarding cookies and tracking through your browser settings.

14. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons.

  • We will post the updated version on this page with a new "Last Updated" date
  • For material changes, we will notify you by email (to the address associated with your account) or through a notice on our website
  • Your continued use of our services after changes are posted constitutes your acceptance of the revised policy
  • If you do not agree to the changes, you must stop using our services and may request deletion of your data

15. Contact Us

For any questions, concerns, or requests regarding this Privacy Policy or to exercise your data protection rights, please contact us:

We strive to respond to all requests within 30 days of receipt.

16. Additional Information for California Residents

In accordance with the California Consumer Privacy Act (CCPA), here is additional information:

  • Categories of information collected: See Section 1 above
  • Categories of sources: You, our service providers, and automated technologies
  • Business purposes: Event management, payment processing, communications, service improvement
  • Categories of third parties with whom we share: Service providers (see Section 5)
  • We do not sell your personal information and have not sold personal information in the past 12 months
Back to Conference